PHP  
 PHP: Test and Code Coverage Analysis
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

LCOV - code coverage report
Current view: top level - Zend - zend_vm_execute.h (source / functions) Hit Total Coverage
Test: PHP Code Coverage Lines: 6688 14258 46.9 %
Date: 2014-07-23 Functions: 578 1083 53.4 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :    +----------------------------------------------------------------------+
       3             :    | Zend Engine                                                          |
       4             :    +----------------------------------------------------------------------+
       5             :    | Copyright (c) 1998-2013 Zend Technologies Ltd. (http://www.zend.com) |
       6             :    +----------------------------------------------------------------------+
       7             :    | This source file is subject to version 2.00 of the Zend license,     |
       8             :    | that is bundled with this package in the file LICENSE, and is        |
       9             :    | available through the world-wide-web at the following url:           |
      10             :    | http://www.zend.com/license/2_00.txt.                                |
      11             :    | If you did not receive a copy of the Zend license and are unable to  |
      12             :    | obtain it through the world-wide-web, please send a note to          |
      13             :    | license@zend.com so we can mail you a copy immediately.              |
      14             :    +----------------------------------------------------------------------+
      15             :    | Authors: Andi Gutmans <andi@zend.com>                                |
      16             :    |          Zeev Suraski <zeev@zend.com>                                |
      17             :    |          Dmitry Stogov <dmitry@zend.com>                             |
      18             :    +----------------------------------------------------------------------+
      19             : */
      20             : 
      21             : #ifdef ZEND_WIN32
      22             : # pragma warning(once : 4101)
      23             : #endif
      24             : static user_opcode_handler_t zend_user_opcode_handlers[256] = {(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL,(user_opcode_handler_t)NULL};
      25             : 
      26             : static zend_uchar zend_user_opcodes[256] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255};
      27             : 
      28             : static opcode_handler_t zend_vm_get_opcode_handler(zend_uchar opcode, zend_op* op);
      29             : 
      30             : 
      31             : #define ZEND_VM_CONTINUE()   return 0
      32             : #define ZEND_VM_RETURN()     return 1
      33             : #define ZEND_VM_ENTER()      return 2
      34             : #define ZEND_VM_LEAVE()      return 3
      35             : #define ZEND_VM_DISPATCH(opcode, opline) return zend_vm_get_opcode_handler(opcode, opline)(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
      36             : 
      37             : #define ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL execute_data TSRMLS_CC
      38             : #undef EX
      39             : #define EX(element) execute_data->element
      40             : 
      41             : 
      42      453121 : ZEND_API void execute(zend_op_array *op_array TSRMLS_DC)
      43             : {
      44             :         zend_execute_data *execute_data;
      45      453121 :         zend_bool nested = 0;
      46      453121 :         zend_bool original_in_execution = EG(in_execution);
      47             : 
      48             : 
      49      453121 :         if (EG(exception)) {
      50           1 :                 return;
      51             :         }
      52             : 
      53      453120 :         EG(in_execution) = 1;
      54             : 
      55             : zend_vm_enter:
      56             :         /* Initialize execute_data */
      57     1815124 :         execute_data = (zend_execute_data *)zend_vm_stack_alloc(
      58             :                 ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data)) +
      59     1815124 :                 ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2)) +
      60     1815124 :                 ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * op_array->T TSRMLS_CC);
      61             : 
      62     1815124 :         EX(CVs) = (zval***)((char*)execute_data + ZEND_MM_ALIGNED_SIZE(sizeof(zend_execute_data)));
      63     1815124 :         memset(EX(CVs), 0, sizeof(zval**) * op_array->last_var);
      64     1815124 :         EX(Ts) = (temp_variable *)(((char*)EX(CVs)) + ZEND_MM_ALIGNED_SIZE(sizeof(zval**) * op_array->last_var * (EG(active_symbol_table) ? 1 : 2)));
      65     1815124 :         EX(fbc) = NULL;
      66     1815124 :         EX(called_scope) = NULL;
      67     1815124 :         EX(object) = NULL;
      68     1815124 :         EX(old_error_reporting) = NULL;
      69     1815124 :         EX(op_array) = op_array;
      70     1815124 :         EX(symbol_table) = EG(active_symbol_table);
      71     1815124 :         EX(prev_execute_data) = EG(current_execute_data);
      72     1815124 :         EG(current_execute_data) = execute_data;
      73     1815124 :         EX(nested) = nested;
      74     1815124 :         nested = 1;
      75             : 
      76     1815124 :         if (op_array->start_op) {
      77           0 :                 ZEND_VM_SET_OPCODE(op_array->start_op);
      78             :         } else {
      79     1815124 :                 ZEND_VM_SET_OPCODE(op_array->opcodes);
      80             :         }
      81             : 
      82     1815124 :         if (op_array->this_var != -1 && EG(This)) {
      83       87891 :                 Z_ADDREF_P(EG(This)); /* For $this pointer */
      84       87891 :                 if (!EG(active_symbol_table)) {
      85       87891 :                         EX(CVs)[op_array->this_var] = (zval**)EX(CVs) + (op_array->last_var + op_array->this_var);
      86       87891 :                         *EX(CVs)[op_array->this_var] = EG(This);
      87             :                 } else {
      88           0 :                         if (zend_hash_add(EG(active_symbol_table), "this", sizeof("this"), &EG(This), sizeof(zval *), (void**)&EX(CVs)[op_array->this_var])==FAILURE) {
      89           0 :                                 Z_DELREF_P(EG(This));
      90             :                         }
      91             :                 }
      92             :         }
      93             : 
      94     1815124 :         EG(opline_ptr) = &EX(opline);
      95             : 
      96     1815124 :         EX(function_state).function = (zend_function *) op_array;
      97     1815124 :         EX(function_state).arguments = NULL;
      98             :         
      99             :         while (1) {
     100             :         int ret;
     101             : #ifdef ZEND_WIN32
     102             :                 if (EG(timed_out)) {
     103             :                         zend_timeout(0);
     104             :                 }
     105             : #endif
     106             : 
     107   176424204 :                 if ((ret = EX(opline)->handler(execute_data TSRMLS_CC)) > 0) {
     108     3175704 :                         switch (ret) {
     109             :                                 case 1:
     110      451856 :                                         EG(in_execution) = original_in_execution;
     111      451856 :                                         return;
     112             :                                 case 2:
     113     1362004 :                                         op_array = EG(active_op_array);
     114     1362004 :                                         goto zend_vm_enter;
     115             :                                 case 3:
     116     1361844 :                                         execute_data = EG(current_execute_data);
     117             :                                 default:
     118             :                                         break;
     119             :                         }
     120             :                 }
     121             : 
     122   174609080 :         }
     123             :         zend_error_noreturn(E_ERROR, "Arrived at end of main loop which shouldn't happen");
     124             : }
     125             : 
     126    16363254 : static int ZEND_FASTCALL  ZEND_JMP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     127             : {
     128             : #if DEBUG_ZEND>=2
     129             :         printf("Jumping to %d\n", EX(opline)->op1.u.opline_num);
     130             : #endif
     131    16363254 :         ZEND_VM_SET_OPCODE(EX(opline)->op1.u.jmp_addr);
     132    16363254 :         ZEND_VM_CONTINUE(); /* CHECK_ME */
     133             : }
     134             : 
     135           0 : static int ZEND_FASTCALL  ZEND_INIT_STRING_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     136             : {
     137           0 :         zval *tmp = &EX_T(EX(opline)->result.u.var).tmp_var;
     138             : 
     139           0 :         tmp->value.str.val = emalloc(1);
     140           0 :         tmp->value.str.val[0] = 0;
     141           0 :         tmp->value.str.len = 0;
     142             :         Z_SET_REFCOUNT_P(tmp, 1);
     143           0 :         tmp->type = IS_STRING;
     144             :         Z_UNSET_ISREF_P(tmp);
     145           0 :         ZEND_VM_NEXT_OPCODE();
     146             : }
     147             : 
     148     1813700 : static int ZEND_FASTCALL zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)
     149             : {
     150             :         zend_bool nested;
     151     1813700 :         zend_op_array *op_array = EX(op_array);
     152             : 
     153     1813700 :         EG(current_execute_data) = EX(prev_execute_data);
     154     1813700 :         EG(opline_ptr) = NULL;
     155     1813700 :         if (!EG(active_symbol_table)) {
     156     1752282 :                 zval ***cv = EX(CVs);
     157     1752282 :                 zval ***end = cv + EX(op_array)->last_var;
     158    11502700 :                 while (cv != end) {
     159     7998136 :                         if (*cv) {
     160     6631016 :                                 zval_ptr_dtor(*cv);
     161             :                         }
     162     7998136 :                         cv++;
     163             :                 }
     164             :         }
     165             : 
     166     1813700 :         if ((op_array->fn_flags & ZEND_ACC_CLOSURE) && op_array->prototype) {
     167           1 :                 zval_ptr_dtor((zval**)&op_array->prototype);
     168             :         }
     169             : 
     170     1813700 :         nested = EX(nested);
     171             : 
     172     1813700 :         zend_vm_stack_free(execute_data TSRMLS_CC);
     173             : 
     174     1813700 :         if (nested) {
     175     1361844 :                 execute_data = EG(current_execute_data);
     176             : 
     177     1361844 :                 if (EX(call_opline)->opcode == ZEND_INCLUDE_OR_EVAL) {
     178             : 
     179       10093 :                         EX(function_state).function = (zend_function *) EX(op_array);
     180       10093 :                         EX(function_state).arguments = NULL;
     181       10093 :                         EX(object) = EX(current_object);
     182             : 
     183       10093 :                         if (RETURN_VALUE_USED(EX(call_opline))) {
     184         511 :                                 if (!EX_T(EX(call_opline)->result.u.var).var.ptr) { /* there was no return statement */
     185           0 :                                         ALLOC_ZVAL(EX_T(EX(call_opline)->result.u.var).var.ptr);
     186           0 :                                         INIT_PZVAL(EX_T(EX(call_opline)->result.u.var).var.ptr);
     187           0 :                                         Z_LVAL_P(EX_T(EX(call_opline)->result.u.var).var.ptr) = 1;
     188           0 :                                         Z_TYPE_P(EX_T(EX(call_opline)->result.u.var).var.ptr) = IS_BOOL;
     189             :                                 }
     190             :                         }
     191             : 
     192       10093 :                         EG(opline_ptr) = &EX(opline);
     193       10093 :                         EG(active_op_array) = EX(op_array);
     194       10093 :                         EG(return_value_ptr_ptr) = EX(original_return_value);
     195       10093 :                         destroy_op_array(op_array TSRMLS_CC);
     196       10093 :                         efree(op_array);
     197       10093 :                         if (EG(exception)) {
     198          21 :                                 zend_throw_exception_internal(NULL TSRMLS_CC);
     199             :                         }
     200             : 
     201       10093 :                         EX(opline)++;
     202       10093 :                         ZEND_VM_LEAVE();
     203             :                 } else {
     204             : 
     205     1351751 :                         EG(opline_ptr) = &EX(opline);
     206     1351751 :                         EG(active_op_array) = EX(op_array);
     207     1351751 :                         EG(return_value_ptr_ptr) = EX(original_return_value);
     208     1351751 :                         if (EG(active_symbol_table)) {
     209       33136 :                                 if (EG(symtable_cache_ptr)>=EG(symtable_cache_limit)) {
     210           0 :                                         zend_hash_destroy(EG(active_symbol_table));
     211           0 :                                         FREE_HASHTABLE(EG(active_symbol_table));
     212             :                                 } else {
     213             :                                         /* clean before putting into the cache, since clean
     214             :                                            could call dtors, which could use cached hash */
     215       33136 :                                         zend_hash_clean(EG(active_symbol_table));
     216       33136 :                                         *(++EG(symtable_cache_ptr)) = EG(active_symbol_table);
     217             :                                 }
     218             :                         }
     219     1351751 :                         EG(active_symbol_table) = EX(symbol_table);
     220             : 
     221     1351751 :                         EX(function_state).function = (zend_function *) EX(op_array);
     222     1351751 :                         EX(function_state).arguments = NULL;
     223             : 
     224     1351751 :                         if (EG(This)) {
     225       90205 :                                 if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) {
     226          22 :                                         if (IS_CTOR_USED(EX(called_scope))) {
     227          19 :                                                 Z_DELREF_P(EG(This));
     228             :                                         }
     229          44 :                                         if (Z_REFCOUNT_P(EG(This)) == 1) {
     230          21 :                                                 zend_object_store_ctor_failed(EG(This) TSRMLS_CC);
     231             :                                         }
     232             :                                 }
     233       90205 :                                 zval_ptr_dtor(&EG(This));
     234             :                         }
     235     1351751 :                         EG(This) = EX(current_this);
     236     1351751 :                         EG(scope) = EX(current_scope);
     237     1351751 :                         EG(called_scope) = EX(current_called_scope);
     238             : 
     239     1351751 :                         EX(object) = EX(current_object);
     240     1351751 :                         EX(called_scope) = DECODE_CTOR(EX(called_scope));
     241             : 
     242     1351751 :                         zend_vm_stack_clear_multiple(TSRMLS_C);
     243             : 
     244     1351751 :                         if (EG(exception)) {
     245         141 :                                 zend_throw_exception_internal(NULL TSRMLS_CC);
     246         141 :                                 if (RETURN_VALUE_USED(EX(call_opline)) && EX_T(EX(call_opline)->result.u.var).var.ptr) {
     247           0 :                                         zval_ptr_dtor(&EX_T(EX(call_opline)->result.u.var).var.ptr);
     248             :                                 }
     249             :                         }
     250             : 
     251     1351751 :                         EX(opline)++;
     252     1351751 :                         ZEND_VM_LEAVE();
     253             :                 }
     254             :         }
     255      451856 :         ZEND_VM_RETURN();
     256             : }
     257             : 
     258    18881338 : static int ZEND_FASTCALL zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)
     259             : {
     260    18881338 :         zend_op *opline = EX(opline);
     261    18881338 :         zend_bool should_change_scope = 0;
     262             : 
     263    18881338 :         if (EX(function_state).function->common.fn_flags & (ZEND_ACC_ABSTRACT|ZEND_ACC_DEPRECATED)) {
     264         945 :                 if (EX(function_state).function->common.fn_flags & ZEND_ACC_ABSTRACT) {
     265           2 :                         zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name);
     266             :                         ZEND_VM_NEXT_OPCODE(); /* Never reached */
     267             :                 }
     268         943 :                 if (EX(function_state).function->common.fn_flags & ZEND_ACC_DEPRECATED) {
     269        2829 :                         zend_error(E_DEPRECATED, "Function %s%s%s() is deprecated",
     270         943 :                                 EX(function_state).function->common.scope ? EX(function_state).function->common.scope->name : "",
     271         943 :                                 EX(function_state).function->common.scope ? "::" : "",
     272         943 :                                 EX(function_state).function->common.function_name);
     273             :                 }
     274             :         }
     275    20608938 :         if (EX(function_state).function->common.scope &&
     276      866749 :                 !(EX(function_state).function->common.fn_flags & ZEND_ACC_STATIC) &&
     277      860853 :                 !EX(object)) {
     278             : 
     279          31 :                 if (EX(function_state).function->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
     280             :                         /* FIXME: output identifiers properly */
     281          22 :                         zend_error(E_STRICT, "Non-static method %s::%s() should not be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name);
     282             :                 } else {
     283             :                         /* FIXME: output identifiers properly */
     284             :                         /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
     285           9 :                         zend_error_noreturn(E_ERROR, "Non-static method %s::%s() cannot be called statically", EX(function_state).function->common.scope->name, EX(function_state).function->common.function_name);
     286             :                 }
     287             :         }
     288             : 
     289    36410805 :         if (EX(function_state).function->type == ZEND_USER_FUNCTION ||
     290    17529478 :             EX(function_state).function->common.scope) {
     291     2125413 :                 should_change_scope = 1;
     292     2125413 :                 EX(current_this) = EG(This);
     293     2125413 :                 EX(current_scope) = EG(scope);
     294     2125413 :                 EX(current_called_scope) = EG(called_scope);
     295     2125413 :                 EG(This) = EX(object);
     296     2125413 :                 EG(scope) = (EX(function_state).function->type == ZEND_USER_FUNCTION || !EX(object)) ? EX(function_state).function->common.scope : NULL;
     297     2125413 :                 EG(called_scope) = EX(called_scope);
     298             :         }
     299             : 
     300    18881327 :         zend_arg_types_stack_3_pop(&EG(arg_types_stack), &EX(called_scope), &EX(current_object), &EX(fbc));
     301    18881327 :         EX(function_state).arguments = zend_vm_stack_push_args(opline->extended_value TSRMLS_CC);
     302             : 
     303    18881327 :         if (EX(function_state).function->type == ZEND_INTERNAL_FUNCTION) {
     304    17529478 :                 if (EX(function_state).function->common.arg_info) {
     305    17527071 :                         zend_uint i=0;
     306    17527071 :                         zval **p = (zval**)EX(function_state).arguments;
     307    17527071 :                         ulong arg_count = opline->extended_value;
     308             : 
     309    64638768 :                         while (arg_count>0) {
     310    29584630 :                                 zend_verify_arg_type(EX(function_state).function, ++i, *(p-arg_count), 0 TSRMLS_CC);
     311    29584626 :                                 arg_count--;
     312             :                         }
     313             :                 }
     314             : 
     315    17529474 :                 if (EXPECTED(EG(exception) == NULL)) {
     316    17529473 :                         ALLOC_INIT_ZVAL(EX_T(opline->result.u.var).var.ptr);
     317    17529473 :                         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
     318    17529473 :                         EX_T(opline->result.u.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference;
     319             : 
     320    17529473 :                         if (!zend_execute_internal) {
     321             :                                 /* saves one function call if zend_execute_internal is not used */
     322    17529473 :                                 ((zend_internal_function *) EX(function_state).function)->handler(opline->extended_value, EX_T(opline->result.u.var).var.ptr, EX(function_state).function->common.return_reference?&EX_T(opline->result.u.var).var.ptr:NULL, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC);
     323             :                         } else {
     324           0 :                                 zend_execute_internal(execute_data, RETURN_VALUE_USED(opline) TSRMLS_CC);
     325             :                         }
     326             : 
     327    17529318 :                         if (!RETURN_VALUE_USED(opline)) {
     328     1587981 :                                 zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
     329             :                         }
     330           1 :                 } else if (RETURN_VALUE_USED(opline)) {
     331           1 :                         EX_T(opline->result.u.var).var.ptr = NULL;
     332             :                 }
     333     1351849 :         } else if (EX(function_state).function->type == ZEND_USER_FUNCTION) {
     334     1351849 :                 EX(original_return_value) = EG(return_value_ptr_ptr);
     335     1351849 :                 EG(active_symbol_table) = NULL;
     336     1351849 :                 EG(active_op_array) = &EX(function_state).function->op_array;
     337     1351849 :                 EG(return_value_ptr_ptr) = NULL;
     338     1351849 :                 if (RETURN_VALUE_USED(opline)) {
     339     1083485 :                         EG(return_value_ptr_ptr) = &EX_T(opline->result.u.var).var.ptr;
     340     1083485 :                         EX_T(opline->result.u.var).var.ptr = NULL;
     341     1083485 :                         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
     342     1083485 :                         EX_T(opline->result.u.var).var.fcall_returned_reference = EX(function_state).function->common.return_reference;
     343             :                 }
     344             : 
     345     1351849 :                 if (zend_execute == execute && !EG(exception)) {
     346     1351848 :                         EX(call_opline) = opline;
     347     1351848 :                         ZEND_VM_ENTER();
     348             :                 } else {
     349           1 :                         zend_execute(EG(active_op_array) TSRMLS_CC);
     350             :                 }
     351             : 
     352           1 :                 EG(opline_ptr) = &EX(opline);
     353           1 :                 EG(active_op_array) = EX(op_array);
     354           1 :                 EG(return_value_ptr_ptr) = EX(original_return_value);
     355           1 :                 if (EG(active_symbol_table)) {
     356           0 :                         if (EG(symtable_cache_ptr)>=EG(symtable_cache_limit)) {
     357           0 :                                 zend_hash_destroy(EG(active_symbol_table));
     358           0 :                                 FREE_HASHTABLE(EG(active_symbol_table));
     359             :                         } else {
     360             :                                 /* clean before putting into the cache, since clean
     361             :                                    could call dtors, which could use cached hash */
     362           0 :                                 zend_hash_clean(EG(active_symbol_table));
     363           0 :                                 *(++EG(symtable_cache_ptr)) = EG(active_symbol_table);
     364             :                         }
     365             :                 }
     366           1 :                 EG(active_symbol_table) = EX(symbol_table);
     367             :         } else { /* ZEND_OVERLOADED_FUNCTION */
     368           0 :                 ALLOC_INIT_ZVAL(EX_T(opline->result.u.var).var.ptr);
     369             : 
     370             :                         /* Not sure what should be done here if it's a static method */
     371           0 :                 if (EX(object)) {
     372           0 :                         Z_OBJ_HT_P(EX(object))->call_method(EX(function_state).function->common.function_name, opline->extended_value, EX_T(opline->result.u.var).var.ptr, &EX_T(opline->result.u.var).var.ptr, EX(object), RETURN_VALUE_USED(opline) TSRMLS_CC);
     373             :                 } else {
     374           0 :                         zend_error_noreturn(E_ERROR, "Cannot call overloaded function for non-object");
     375             :                 }
     376             : 
     377           0 :                 if (EX(function_state).function->type == ZEND_OVERLOADED_FUNCTION_TEMPORARY) {
     378           0 :                         efree(EX(function_state).function->common.function_name);
     379             :                 }
     380           0 :                 efree(EX(function_state).function);
     381             : 
     382           0 :                 if (!RETURN_VALUE_USED(opline)) {
     383           0 :                         zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
     384             :                 } else {
     385           0 :                         Z_UNSET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
     386           0 :                         Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
     387           0 :                         EX_T(opline->result.u.var).var.fcall_returned_reference = 0;
     388           0 :                         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
     389             :                 }
     390             :         }
     391             : 
     392    17529320 :         EX(function_state).function = (zend_function *) EX(op_array);
     393    17529320 :         EX(function_state).arguments = NULL;
     394             : 
     395    17529320 :         if (should_change_scope) {
     396      773415 :                 if (EG(This)) {
     397      770524 :                         if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) {
     398         283 :                                 if (IS_CTOR_USED(EX(called_scope))) {
     399         221 :                                         Z_DELREF_P(EG(This));
     400             :                                 }
     401         566 :                                 if (Z_REFCOUNT_P(EG(This)) == 1) {
     402         283 :                                         zend_object_store_ctor_failed(EG(This) TSRMLS_CC);
     403             :                                 }
     404             :                         }
     405      770524 :                         zval_ptr_dtor(&EG(This));
     406             :                 }
     407      773415 :                 EG(This) = EX(current_this);
     408      773415 :                 EG(scope) = EX(current_scope);
     409      773415 :                 EG(called_scope) = EX(current_called_scope);
     410             :         }
     411             : 
     412    17529320 :         EX(object) = EX(current_object);
     413    17529320 :         EX(called_scope) = DECODE_CTOR(EX(called_scope));
     414             : 
     415    17529320 :         zend_vm_stack_clear_multiple(TSRMLS_C);
     416             : 
     417    17529320 :         if (EG(exception)) {
     418         929 :                 zend_throw_exception_internal(NULL TSRMLS_CC);
     419         929 :                 if (RETURN_VALUE_USED(opline) && EX_T(opline->result.u.var).var.ptr) {
     420         259 :                         zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
     421             :                 }
     422             :         }
     423             : 
     424    17529320 :         ZEND_VM_NEXT_OPCODE();
     425             : }
     426             : 
     427     1275609 : static int ZEND_FASTCALL  ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     428             : {
     429     1275609 :         EX(function_state).function = EX(fbc);
     430     1275609 :         return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
     431             : }
     432             : 
     433     4698920 : static int ZEND_FASTCALL  ZEND_RECV_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     434             : {
     435     4698920 :         zend_op *opline = EX(opline);
     436     4698920 :         zend_uint arg_num = Z_LVAL(opline->op1.u.constant);
     437     4698920 :         zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC);
     438             : 
     439     4698920 :         if (param == NULL) {
     440             :                 char *space;
     441          71 :                 char *class_name = get_active_class_name(&space TSRMLS_CC);
     442          71 :                 zend_execute_data *ptr = EX(prev_execute_data);
     443             : 
     444          71 :                 if (zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, NULL, opline->extended_value TSRMLS_CC)) {
     445          79 :                         if(ptr && ptr->op_array) {
     446          12 :                                 zend_error(E_WARNING, "Missing argument %ld for %s%s%s(), called in %s on line %d and defined", opline->op1.u.constant.value.lval, class_name, space, get_active_function_name(TSRMLS_C), ptr->op_array->filename, ptr->opline->lineno);
     447             :                         } else {
     448          55 :                                 zend_error(E_WARNING, "Missing argument %ld for %s%s%s()", opline->op1.u.constant.value.lval, class_name, space, get_active_function_name(TSRMLS_C));
     449             :                         }
     450             :                 }
     451          68 :                 if (opline->result.op_type == IS_VAR) {
     452           0 :                         PZVAL_UNLOCK_FREE(*EX_T(opline->result.u.var).var.ptr_ptr);
     453             :                 }
     454             :         } else {
     455             :                 zend_free_op free_res;
     456             :                 zval **var_ptr;
     457             : 
     458     4698849 :                 zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, *param, opline->extended_value TSRMLS_CC);
     459     4698836 :                 var_ptr = get_zval_ptr_ptr(&opline->result, EX(Ts), &free_res, BP_VAR_W);
     460     4698836 :                 Z_DELREF_PP(var_ptr);
     461     4698836 :                 *var_ptr = *param;
     462     4698836 :                 Z_ADDREF_PP(var_ptr);
     463             :         }
     464             : 
     465     4698904 :         ZEND_VM_NEXT_OPCODE();
     466             : }
     467             : 
     468      448301 : static int ZEND_FASTCALL  ZEND_NEW_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     469             : {
     470      448301 :         zend_op *opline = EX(opline);
     471             :         zval *object_zval;
     472             :         zend_function *constructor;
     473             : 
     474      448301 :         if (EX_T(opline->op1.u.var).class_entry->ce_flags & (ZEND_ACC_INTERFACE|ZEND_ACC_IMPLICIT_ABSTRACT_CLASS|ZEND_ACC_EXPLICIT_ABSTRACT_CLASS)) {
     475             :                 char *class_type;
     476             : 
     477           6 :                 if (EX_T(opline->op1.u.var).class_entry->ce_flags & ZEND_ACC_INTERFACE) {
     478           2 :                         class_type = "interface";
     479             :                 } else {
     480           4 :                         class_type = "abstract class";
     481             :                 }
     482           6 :                 zend_error_noreturn(E_ERROR, "Cannot instantiate %s %s", class_type,  EX_T(opline->op1.u.var).class_entry->name);
     483             :         }
     484      448295 :         ALLOC_ZVAL(object_zval);
     485      448295 :         object_init_ex(object_zval, EX_T(opline->op1.u.var).class_entry);
     486      448294 :         INIT_PZVAL(object_zval);
     487             : 
     488      448294 :         constructor = Z_OBJ_HT_P(object_zval)->get_constructor(object_zval TSRMLS_CC);
     489             : 
     490      448288 :         if (constructor == NULL) {
     491      173021 :                 if (RETURN_VALUE_USED(opline)) {
     492      173010 :                         AI_SET_PTR(EX_T(opline->result.u.var).var, object_zval);
     493             :                 } else {
     494          11 :                         zval_ptr_dtor(&object_zval);
     495             :                 }
     496      173021 :                 ZEND_VM_JMP(EX(op_array)->opcodes + opline->op2.u.opline_num);
     497             :         } else {
     498      275267 :                 if (RETURN_VALUE_USED(opline)) {
     499      275117 :                         AI_SET_PTR(EX_T(opline->result.u.var).var, object_zval);
     500      275117 :                         PZVAL_LOCK(object_zval);
     501             :                 }
     502             : 
     503      275267 :                 zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), ENCODE_CTOR(EX(called_scope), RETURN_VALUE_USED(opline)));
     504             : 
     505             :                 /* We are not handling overloaded classes right now */
     506      275267 :                 EX(object) = object_zval;
     507      275267 :                 EX(fbc) = constructor;
     508      275267 :                 EX(called_scope) = EX_T(opline->op1.u.var).class_entry;
     509             : 
     510      275267 :                 ZEND_VM_NEXT_OPCODE();
     511             :         }
     512             : }
     513             : 
     514     1295529 : static int ZEND_FASTCALL  ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     515             : {
     516     1295529 :         zend_op *opline = EX(opline);
     517             : 
     518     1295529 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = EG(error_reporting);
     519     1295529 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;  /* shouldn't be necessary */
     520     1295529 :         if (EX(old_error_reporting) == NULL) {
     521     1295516 :                 EX(old_error_reporting) = &EX_T(opline->result.u.var).tmp_var;
     522             :         }
     523             : 
     524     1295529 :         if (EG(error_reporting)) {
     525     1028147 :                 zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), "0", 1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC);
     526             :         }
     527     1295529 :         ZEND_VM_NEXT_OPCODE();
     528             : }
     529             : 
     530           0 : static int ZEND_FASTCALL  ZEND_RAISE_ABSTRACT_ERROR_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     531             : {
     532           0 :         zend_error_noreturn(E_ERROR, "Cannot call abstract method %s::%s()", EG(scope)->name, EX(op_array)->function_name);
     533             :         ZEND_VM_NEXT_OPCODE(); /* Never reached */
     534             : }
     535             : 
     536           0 : static int ZEND_FASTCALL  ZEND_EXT_STMT_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     537             : {
     538           0 :         if (!EG(no_extensions)) {
     539           0 :                 zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_statement_handler, EX(op_array) TSRMLS_CC);
     540             :         }
     541           0 :         ZEND_VM_NEXT_OPCODE();
     542             : }
     543             : 
     544           0 : static int ZEND_FASTCALL  ZEND_EXT_FCALL_BEGIN_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     545             : {
     546           0 :         if (!EG(no_extensions)) {
     547           0 :                 zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_begin_handler, EX(op_array) TSRMLS_CC);
     548             :         }
     549           0 :         ZEND_VM_NEXT_OPCODE();
     550             : }
     551             : 
     552           0 : static int ZEND_FASTCALL  ZEND_EXT_FCALL_END_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     553             : {
     554           0 :         if (!EG(no_extensions)) {
     555           0 :                 zend_llist_apply_with_argument(&zend_extensions, (llist_apply_with_arg_func_t) zend_extension_fcall_end_handler, EX(op_array) TSRMLS_CC);
     556             :         }
     557           0 :         ZEND_VM_NEXT_OPCODE();
     558             : }
     559             : 
     560         251 : static int ZEND_FASTCALL  ZEND_DECLARE_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     561             : {
     562         251 :         zend_op *opline = EX(opline);
     563             : 
     564         251 :         EX_T(opline->result.u.var).class_entry = do_bind_class(opline, EG(class_table), 0 TSRMLS_CC);
     565         249 :         ZEND_VM_NEXT_OPCODE();
     566             : }
     567             : 
     568        1203 : static int ZEND_FASTCALL  ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     569             : {
     570        1203 :         zend_op *opline = EX(opline);
     571             : 
     572        1203 :         EX_T(opline->result.u.var).class_entry = do_bind_inherited_class(opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC);
     573        1201 :         ZEND_VM_NEXT_OPCODE();
     574             : }
     575             : 
     576           0 : static int ZEND_FASTCALL  ZEND_DECLARE_INHERITED_CLASS_DELAYED_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     577             : {
     578           0 :         zend_op *opline = EX(opline);
     579             :         zend_class_entry **pce, **pce_orig;
     580             : 
     581           0 :         if (zend_hash_find(EG(class_table), Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant)+1, (void**)&pce) == FAILURE ||
     582           0 :             (zend_hash_find(EG(class_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), (void**)&pce_orig) == SUCCESS &&
     583           0 :              *pce != *pce_orig)) {
     584           0 :                 do_bind_inherited_class(opline, EG(class_table), EX_T(opline->extended_value).class_entry, 0 TSRMLS_CC);
     585             :         }
     586           0 :         ZEND_VM_NEXT_OPCODE();
     587             : }
     588             : 
     589        4343 : static int ZEND_FASTCALL  ZEND_DECLARE_FUNCTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     590             : {
     591        4343 :         do_bind_function(EX(opline), EG(function_table), 0);
     592        4343 :         ZEND_VM_NEXT_OPCODE();
     593             : }
     594             : 
     595           0 : static int ZEND_FASTCALL  ZEND_EXT_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     596             : {
     597           0 :         ZEND_VM_NEXT_OPCODE();
     598             : }
     599             : 
     600       19480 : static int ZEND_FASTCALL  ZEND_NOP_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     601             : {
     602       19480 :         ZEND_VM_NEXT_OPCODE();
     603             : }
     604             : 
     605        1432 : static int ZEND_FASTCALL  ZEND_HANDLE_EXCEPTION_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     606             : {
     607        1432 :         zend_uint op_num = EG(opline_before_exception)-EG(active_op_array)->opcodes;
     608             :         int i;
     609             :         zend_uint catch_op_num;
     610        1432 :         int catched = 0;
     611             :         zval restored_error_reporting;
     612             : 
     613        2864 :         void **stack_frame = (void**)(((char*)EX(Ts)) +
     614        2864 :                 (ZEND_MM_ALIGNED_SIZE(sizeof(temp_variable)) * EX(op_array)->T));
     615             : 
     616        2926 :         while (zend_vm_stack_top(TSRMLS_C) != stack_frame) {
     617          62 :                 zval *stack_zval_p = zend_vm_stack_pop(TSRMLS_C);
     618          62 :                 zval_ptr_dtor(&stack_zval_p);
     619             :         }
     620             : 
     621        3888 :         for (i=0; i<EG(active_op_array)->last_try_catch; i++) {
     622        2837 :                 if (EG(active_op_array)->try_catch_array[i].try_op > op_num) {
     623             :                         /* further blocks will not be relevant... */
     624         381 :                         break;
     625             :                 }
     626        7368 :                 if (op_num >= EG(active_op_array)->try_catch_array[i].try_op
     627        4912 :                         && op_num < EG(active_op_array)->try_catch_array[i].catch_op) {
     628        1031 :                         catch_op_num = EX(op_array)->try_catch_array[i].catch_op;
     629        1031 :                         catched = 1;
     630             :                 }
     631             :         }
     632             : 
     633        2884 :         while (EX(fbc)) {
     634          20 :                 EX(called_scope) = (zend_class_entry*)zend_ptr_stack_pop(&EG(arg_types_stack));
     635          20 :                 if (EX(object)) {
     636          11 :                         if (IS_CTOR_CALL(EX(called_scope))) {
     637           4 :                                 if (IS_CTOR_USED(EX(called_scope))) {
     638           3 :                                         Z_DELREF_P(EX(object));
     639             :                                 }
     640           8 :                                 if (Z_REFCOUNT_P(EX(object)) == 1) {
     641           4 :                                         zend_object_store_ctor_failed(EX(object) TSRMLS_CC);
     642             :                                 }
     643             :                         }
     644          11 :                         zval_ptr_dtor(&EX(object));
     645             :                 }
     646          20 :                 EX(called_scope) = DECODE_CTOR(EX(called_scope));
     647          20 :                 zend_arg_types_stack_2_pop(&EG(arg_types_stack), &EX(object), &EX(fbc));
     648             :         }
     649             : 
     650        1864 :         for (i=0; i<EX(op_array)->last_brk_cont; i++) {
     651         508 :                 if (EX(op_array)->brk_cont_array[i].start < 0) {
     652          79 :                         continue;
     653         429 :                 } else if (EX(op_array)->brk_cont_array[i].start > op_num) {
     654             :                         /* further blocks will not be relevant... */
     655          76 :                         break;
     656         353 :                 } else if (op_num < EX(op_array)->brk_cont_array[i].brk) {
     657         448 :                         if (!catched ||
     658         222 :                             catch_op_num >= EX(op_array)->brk_cont_array[i].brk) {
     659           8 :                                 zend_op *brk_opline = &EX(op_array)->opcodes[EX(op_array)->brk_cont_array[i].brk];
     660             : 
     661           8 :                                 switch (brk_opline->opcode) {
     662             :                                         case ZEND_SWITCH_FREE:
     663           7 :                                                 if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
     664           7 :                                                         zend_switch_free(&EX_T(brk_opline->op1.u.var), brk_opline->extended_value TSRMLS_CC);
     665             :                                                 }
     666           7 :                                                 break;
     667             :                                         case ZEND_FREE:
     668           0 :                                                 if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
     669           0 :                                                         zendi_zval_dtor(EX_T(brk_opline->op1.u.var).tmp_var);
     670             :                                                 }
     671             :                                                 break;
     672             :                                 }
     673             :                         }
     674             :                 }
     675             :         }
     676             : 
     677             :         /* restore previous error_reporting value */
     678        1432 :         if (!EG(error_reporting) && EX(old_error_reporting) != NULL && Z_LVAL_P(EX(old_error_reporting)) != 0) {
     679          14 :                 Z_TYPE(restored_error_reporting) = IS_LONG;
     680          14 :                 Z_LVAL(restored_error_reporting) = Z_LVAL_P(EX(old_error_reporting));
     681          14 :                 convert_to_string(&restored_error_reporting);
     682          14 :                 zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), Z_STRVAL(restored_error_reporting), Z_STRLEN(restored_error_reporting), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC);
     683          14 :                 zendi_zval_dtor(restored_error_reporting);
     684             :         }
     685        1432 :         EX(old_error_reporting) = NULL;
     686             : 
     687        1432 :         if (!catched) {
     688         418 :                 return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
     689             :         } else {
     690        1014 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[catch_op_num]);
     691        1014 :                 ZEND_VM_CONTINUE();
     692             :         }
     693             : }
     694             : 
     695         237 : static int ZEND_FASTCALL  ZEND_VERIFY_ABSTRACT_CLASS_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     696             : {
     697         237 :         zend_verify_abstract_class(EX_T(EX(opline)->op1.u.var).class_entry TSRMLS_CC);
     698         232 :         ZEND_VM_NEXT_OPCODE();
     699             : }
     700             : 
     701           0 : static int ZEND_FASTCALL  ZEND_USER_OPCODE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     702             : {
     703           0 :         int ret = zend_user_opcode_handlers[EX(opline)->opcode](ZEND_OPCODE_HANDLER_ARGS_PASSTHRU_INTERNAL);
     704             : 
     705           0 :         switch (ret) {
     706             :                 case ZEND_USER_OPCODE_CONTINUE:
     707           0 :                         ZEND_VM_CONTINUE();
     708             :                 case ZEND_USER_OPCODE_RETURN:
     709           0 :                         return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
     710             :                 case ZEND_USER_OPCODE_ENTER:
     711           0 :                         ZEND_VM_ENTER();
     712             :                 case ZEND_USER_OPCODE_LEAVE:
     713           0 :                         ZEND_VM_LEAVE();
     714             :                 case ZEND_USER_OPCODE_DISPATCH:
     715           0 :                         ZEND_VM_DISPATCH(EX(opline)->opcode, EX(opline));
     716             :                 default:
     717           0 :                         ZEND_VM_DISPATCH((zend_uchar)(ret & 0xff), EX(opline));
     718             :         }
     719             : }
     720             : 
     721      449624 : static int ZEND_FASTCALL  ZEND_FETCH_CLASS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     722             : {
     723      449624 :         zend_op *opline = EX(opline);
     724             : 
     725             : 
     726      449624 :         if (IS_CONST == IS_UNUSED) {
     727             :                 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
     728             :                 ZEND_VM_NEXT_OPCODE();
     729             :         } else {
     730             : 
     731      449624 :                 zval *class_name = &opline->op2.u.constant;
     732             : 
     733      449624 :                 if (IS_CONST != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
     734             :                         EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
     735      449624 :                 } else if (Z_TYPE_P(class_name) == IS_STRING) {
     736      449624 :                         EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
     737             :                 } else {
     738           0 :                         zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
     739             :                 }
     740             : 
     741      449612 :                 ZEND_VM_NEXT_OPCODE();
     742             :         }
     743             : }
     744             : 
     745      395286 : static int ZEND_FASTCALL  ZEND_INIT_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     746             : {
     747      395286 :         zend_op *opline = EX(opline);
     748             :         zval *function_name;
     749             :         char *function_name_strval, *lcname;
     750             :         int function_name_strlen;
     751             : 
     752             : 
     753      395286 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
     754             : 
     755             :         if (IS_CONST == IS_CONST) {
     756      395286 :                 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
     757          15 :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
     758             :                 }
     759             :         } else {
     760             :                 function_name = &opline->op2.u.constant;
     761             : 
     762             :                 if (IS_CONST != IS_CONST && IS_CONST != IS_TMP_VAR &&
     763             :                     Z_TYPE_P(function_name) == IS_OBJECT &&
     764             :                         Z_OBJ_HANDLER_P(function_name, get_closure) &&
     765             :                         Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
     766             :                         if (EX(object)) {
     767             :                                 Z_ADDREF_P(EX(object));
     768             :                         }
     769             :                         if (IS_CONST == IS_VAR && 0 &&
     770             :                             EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
     771             :                                 /* Delay closure destruction until its invocation */
     772             :                                 EX(fbc)->common.prototype = (zend_function*)function_name;
     773             :                         } else {
     774             : 
     775             :                         }
     776             :                         ZEND_VM_NEXT_OPCODE();
     777             :                 }
     778             : 
     779             :                 if (Z_TYPE_P(function_name) != IS_STRING) {
     780             :                         zend_error_noreturn(E_ERROR, "Function name must be a string");
     781             :                 }
     782             :                 function_name_strval = Z_STRVAL_P(function_name);
     783             :                 function_name_strlen = Z_STRLEN_P(function_name);
     784             :                 if (function_name_strval[0] == '\\') {
     785             : 
     786             :                     function_name_strlen -= 1;
     787             :                         lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
     788             :                 } else {
     789             :                         lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
     790             :                 }
     791             :                 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
     792             :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
     793             :                 }
     794             :                 efree(lcname);
     795             : 
     796             :         }
     797             : 
     798      395271 :         EX(object) = NULL;
     799      395271 :         ZEND_VM_NEXT_OPCODE();
     800             : }
     801             : 
     802             : 
     803         274 : static int ZEND_FASTCALL  ZEND_INIT_NS_FCALL_BY_NAME_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     804             : {
     805         274 :         zend_op *opline = EX(opline);
     806         274 :         zend_op *op_data = opline + 1;
     807             : 
     808         274 :         ZEND_VM_INC_OPCODE();
     809         274 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
     810             : 
     811         274 :         if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc))==FAILURE) {
     812         225 :                 char *short_name = Z_STRVAL(opline->op1.u.constant)+Z_LVAL(op_data->op1.u.constant);
     813         225 :                 if (zend_hash_quick_find(EG(function_table), short_name, Z_STRLEN(opline->op1.u.constant)-Z_LVAL(op_data->op1.u.constant)+1, op_data->extended_value, (void **) &EX(fbc))==FAILURE) {
     814           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
     815             :                 }
     816             :         }
     817             : 
     818         274 :         EX(object) = NULL;
     819         274 :         ZEND_VM_NEXT_OPCODE();
     820             : }
     821             : 
     822      270959 : static int ZEND_FASTCALL  ZEND_RECV_INIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     823             : {
     824      270959 :         zend_op *opline = EX(opline);
     825             :         zval *assignment_value;
     826      270959 :         zend_uint arg_num = Z_LVAL(opline->op1.u.constant);
     827             :         zend_free_op free_res;
     828      270959 :         zval **param = zend_vm_stack_get_arg(arg_num TSRMLS_CC);
     829             :         zval **var_ptr;
     830             : 
     831      270959 :         if (param == NULL) {
     832       83940 :                 ALLOC_ZVAL(assignment_value);
     833       83940 :                 *assignment_value = opline->op2.u.constant;
     834       84048 :                 if ((Z_TYPE(opline->op2.u.constant) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE(opline->op2.u.constant)==IS_CONSTANT_ARRAY) {
     835         128 :                         Z_SET_REFCOUNT_P(assignment_value, 1);
     836         128 :                         zval_update_constant(&assignment_value, 0 TSRMLS_CC);
     837             :                 } else {
     838       83812 :                         zval_copy_ctor(assignment_value);
     839             :                 }
     840       83920 :                 INIT_PZVAL(assignment_value);
     841             :         } else {
     842      187019 :                 assignment_value = *param;
     843      187019 :                 Z_ADDREF_P(assignment_value);
     844             :         }
     845             : 
     846      270939 :         zend_verify_arg_type((zend_function *) EG(active_op_array), arg_num, assignment_value, opline->extended_value TSRMLS_CC);
     847      270937 :         var_ptr = get_zval_ptr_ptr(&opline->result, EX(Ts), &free_res, BP_VAR_W);
     848      270937 :         Z_DELREF_PP(var_ptr);
     849      270937 :         *var_ptr = assignment_value;
     850             : 
     851      270937 :         ZEND_VM_NEXT_OPCODE();
     852             : }
     853             : 
     854       31553 : static int ZEND_FASTCALL  ZEND_BRK_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     855             : {
     856       31553 :         zend_op *opline = EX(opline);
     857             : 
     858             :         zend_brk_cont_element *el;
     859             : 
     860       31553 :         el = zend_brk_cont(&opline->op2.u.constant, opline->op1.u.opline_num,
     861       31553 :                            EX(op_array), EX(Ts) TSRMLS_CC);
     862             : 
     863       31553 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
     864             : }
     865             : 
     866       38887 : static int ZEND_FASTCALL  ZEND_CONT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     867             : {
     868       38887 :         zend_op *opline = EX(opline);
     869             : 
     870             :         zend_brk_cont_element *el;
     871             : 
     872       38887 :         el = zend_brk_cont(&opline->op2.u.constant, opline->op1.u.opline_num,
     873       38887 :                            EX(op_array), EX(Ts) TSRMLS_CC);
     874             : 
     875       38887 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
     876             : }
     877             : 
     878           2 : static int ZEND_FASTCALL  ZEND_GOTO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     879             : {
     880             :         zend_op *brk_opline;
     881           2 :         zend_op *opline = EX(opline);
     882             :         zend_brk_cont_element *el;
     883             : 
     884           2 :         el = zend_brk_cont(&opline->op2.u.constant, opline->extended_value,
     885           2 :                            EX(op_array), EX(Ts) TSRMLS_CC);
     886             : 
     887           2 :         brk_opline = EX(op_array)->opcodes + el->brk;
     888             : 
     889           2 :         switch (brk_opline->opcode) {
     890             :                 case ZEND_SWITCH_FREE:
     891           1 :                         if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
     892           1 :                                 zend_switch_free(&EX_T(brk_opline->op1.u.var), brk_opline->extended_value TSRMLS_CC);
     893             :                         }
     894           1 :                         break;
     895             :                 case ZEND_FREE:
     896           0 :                         if (brk_opline->op1.u.EA.type != EXT_TYPE_FREE_ON_RETURN) {
     897           0 :                                 zendi_zval_dtor(EX_T(brk_opline->op1.u.var).tmp_var);
     898             :                         }
     899             :                         break;
     900             :         }
     901           2 :         ZEND_VM_JMP(opline->op1.u.jmp_addr);
     902             : }
     903             : 
     904         334 : static int ZEND_FASTCALL  ZEND_ADD_INTERFACE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     905             : {
     906         334 :         zend_op *opline = EX(opline);
     907         334 :         zend_class_entry *ce = EX_T(opline->op1.u.var).class_entry;
     908         334 :         zend_class_entry *iface = zend_fetch_class(Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant), opline->extended_value TSRMLS_CC);
     909             : 
     910         332 :         if (iface) {
     911         331 :                 if (!(iface->ce_flags & ZEND_ACC_INTERFACE)) {
     912           3 :                         zend_error_noreturn(E_ERROR, "%s cannot implement %s - it is not an interface", ce->name, iface->name);
     913             :                 }
     914         328 :                 zend_do_implement_interface(ce, iface TSRMLS_CC);
     915             :         }
     916             : 
     917         313 :         ZEND_VM_NEXT_OPCODE();
     918             : }
     919             : 
     920           0 : static int ZEND_FASTCALL  ZEND_FETCH_CLASS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     921             : {
     922           0 :         zend_op *opline = EX(opline);
     923             : 
     924             : 
     925           0 :         if (IS_TMP_VAR == IS_UNUSED) {
     926             :                 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
     927             :                 ZEND_VM_NEXT_OPCODE();
     928             :         } else {
     929             :                 zend_free_op free_op2;
     930           0 :                 zval *class_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
     931             : 
     932           0 :                 if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
     933           0 :                         EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
     934           0 :                 } else if (Z_TYPE_P(class_name) == IS_STRING) {
     935           0 :                         EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
     936             :                 } else {
     937           0 :                         zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
     938             :                 }
     939             : 
     940           0 :                 zval_dtor(free_op2.var);
     941           0 :                 ZEND_VM_NEXT_OPCODE();
     942             :         }
     943             : }
     944             : 
     945           0 : static int ZEND_FASTCALL  ZEND_INIT_FCALL_BY_NAME_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
     946             : {
     947           0 :         zend_op *opline = EX(opline);
     948             :         zval *function_name;
     949             :         char *function_name_strval, *lcname;
     950             :         int function_name_strlen;
     951             :         zend_free_op free_op2;
     952             : 
     953           0 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
     954             : 
     955           0 :         if (IS_TMP_VAR == IS_CONST) {
     956             :                 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
     957             :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
     958             :                 }
     959             :         } else {
     960           0 :                 function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
     961             : 
     962           0 :                 if (IS_TMP_VAR != IS_CONST && IS_TMP_VAR != IS_TMP_VAR &&
     963             :                     Z_TYPE_P(function_name) == IS_OBJECT &&
     964             :                         Z_OBJ_HANDLER_P(function_name, get_closure) &&
     965             :                         Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
     966             :                         if (EX(object)) {
     967             :                                 Z_ADDREF_P(EX(object));
     968             :                         }
     969             :                         if (IS_TMP_VAR == IS_VAR && 1 &&
     970             :                             EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
     971             :                                 /* Delay closure destruction until its invocation */
     972             :                                 EX(fbc)->common.prototype = (zend_function*)function_name;
     973             :                         } else {
     974             :                                 zval_dtor(free_op2.var);
     975             :                         }
     976             :                         ZEND_VM_NEXT_OPCODE();
     977             :                 }
     978             : 
     979           0 :                 if (Z_TYPE_P(function_name) != IS_STRING) {
     980           0 :                         zend_error_noreturn(E_ERROR, "Function name must be a string");
     981             :                 }
     982           0 :                 function_name_strval = Z_STRVAL_P(function_name);
     983           0 :                 function_name_strlen = Z_STRLEN_P(function_name);
     984           0 :                 if (function_name_strval[0] == '\\') {
     985             : 
     986           0 :                     function_name_strlen -= 1;
     987           0 :                         lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
     988             :                 } else {
     989           0 :                         lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
     990             :                 }
     991           0 :                 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
     992           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
     993             :                 }
     994           0 :                 efree(lcname);
     995           0 :                 zval_dtor(free_op2.var);
     996             :         }
     997             : 
     998           0 :         EX(object) = NULL;
     999           0 :         ZEND_VM_NEXT_OPCODE();
    1000             : }
    1001             : 
    1002             : 
    1003           0 : static int ZEND_FASTCALL  ZEND_BRK_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1004             : {
    1005           0 :         zend_op *opline = EX(opline);
    1006             :         zend_free_op free_op2;
    1007             :         zend_brk_cont_element *el;
    1008             : 
    1009           0 :         el = zend_brk_cont(_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
    1010           0 :                            EX(op_array), EX(Ts) TSRMLS_CC);
    1011           0 :         zval_dtor(free_op2.var);
    1012           0 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
    1013             : }
    1014             : 
    1015           0 : static int ZEND_FASTCALL  ZEND_CONT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1016             : {
    1017           0 :         zend_op *opline = EX(opline);
    1018             :         zend_free_op free_op2;
    1019             :         zend_brk_cont_element *el;
    1020             : 
    1021           0 :         el = zend_brk_cont(_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
    1022           0 :                            EX(op_array), EX(Ts) TSRMLS_CC);
    1023           0 :         zval_dtor(free_op2.var);
    1024           0 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
    1025             : }
    1026             : 
    1027           7 : static int ZEND_FASTCALL  ZEND_FETCH_CLASS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1028             : {
    1029           7 :         zend_op *opline = EX(opline);
    1030             : 
    1031             : 
    1032           7 :         if (IS_VAR == IS_UNUSED) {
    1033             :                 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
    1034             :                 ZEND_VM_NEXT_OPCODE();
    1035             :         } else {
    1036             :                 zend_free_op free_op2;
    1037          14 :                 zval *class_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    1038             : 
    1039           7 :                 if (IS_VAR != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
    1040           2 :                         EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
    1041           5 :                 } else if (Z_TYPE_P(class_name) == IS_STRING) {
    1042           5 :                         EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
    1043             :                 } else {
    1044           0 :                         zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
    1045             :                 }
    1046             : 
    1047           7 :                 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    1048           7 :                 ZEND_VM_NEXT_OPCODE();
    1049             :         }
    1050             : }
    1051             : 
    1052          22 : static int ZEND_FASTCALL  ZEND_INIT_FCALL_BY_NAME_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1053             : {
    1054          22 :         zend_op *opline = EX(opline);
    1055             :         zval *function_name;
    1056             :         char *function_name_strval, *lcname;
    1057             :         int function_name_strlen;
    1058             :         zend_free_op free_op2;
    1059             : 
    1060          22 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    1061             : 
    1062          22 :         if (IS_VAR == IS_CONST) {
    1063             :                 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
    1064             :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
    1065             :                 }
    1066             :         } else {
    1067          44 :                 function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    1068             : 
    1069          36 :                 if (IS_VAR != IS_CONST && IS_VAR != IS_TMP_VAR &&
    1070          22 :                     Z_TYPE_P(function_name) == IS_OBJECT &&
    1071           7 :                         Z_OBJ_HANDLER_P(function_name, get_closure) &&
    1072           7 :                         Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
    1073           7 :                         if (EX(object)) {
    1074           0 :                                 Z_ADDREF_P(EX(object));
    1075             :                         }
    1076           9 :                         if (IS_VAR == IS_VAR && (free_op2.var != NULL) &&
    1077           1 :                             EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
    1078             :                                 /* Delay closure destruction until its invocation */
    1079           1 :                                 EX(fbc)->common.prototype = (zend_function*)function_name;
    1080             :                         } else {
    1081           6 :                                 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    1082             :                         }
    1083           7 :                         ZEND_VM_NEXT_OPCODE();
    1084             :                 }
    1085             : 
    1086          15 :                 if (Z_TYPE_P(function_name) != IS_STRING) {
    1087           1 :                         zend_error_noreturn(E_ERROR, "Function name must be a string");
    1088             :                 }
    1089          14 :                 function_name_strval = Z_STRVAL_P(function_name);
    1090          14 :                 function_name_strlen = Z_STRLEN_P(function_name);
    1091          14 :                 if (function_name_strval[0] == '\\') {
    1092             : 
    1093           0 :                     function_name_strlen -= 1;
    1094           0 :                         lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
    1095             :                 } else {
    1096          14 :                         lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
    1097             :                 }
    1098          14 :                 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
    1099           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
    1100             :                 }
    1101          14 :                 efree(lcname);
    1102          14 :                 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    1103             :         }
    1104             : 
    1105          14 :         EX(object) = NULL;
    1106          14 :         ZEND_VM_NEXT_OPCODE();
    1107             : }
    1108             : 
    1109             : 
    1110           0 : static int ZEND_FASTCALL  ZEND_BRK_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1111             : {
    1112           0 :         zend_op *opline = EX(opline);
    1113             :         zend_free_op free_op2;
    1114             :         zend_brk_cont_element *el;
    1115             : 
    1116           0 :         el = zend_brk_cont(_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
    1117           0 :                            EX(op_array), EX(Ts) TSRMLS_CC);
    1118           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    1119           0 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
    1120             : }
    1121             : 
    1122           0 : static int ZEND_FASTCALL  ZEND_CONT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1123             : {
    1124           0 :         zend_op *opline = EX(opline);
    1125             :         zend_free_op free_op2;
    1126             :         zend_brk_cont_element *el;
    1127             : 
    1128           0 :         el = zend_brk_cont(_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC), opline->op1.u.opline_num,
    1129           0 :                            EX(op_array), EX(Ts) TSRMLS_CC);
    1130           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    1131           0 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
    1132             : }
    1133             : 
    1134        2473 : static int ZEND_FASTCALL  ZEND_FETCH_CLASS_SPEC_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1135             : {
    1136        2473 :         zend_op *opline = EX(opline);
    1137             : 
    1138             : 
    1139             :         if (IS_UNUSED == IS_UNUSED) {
    1140        2473 :                 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
    1141        2473 :                 ZEND_VM_NEXT_OPCODE();
    1142             :         } else {
    1143             : 
    1144             :                 zval *class_name = NULL;
    1145             : 
    1146             :                 if (IS_UNUSED != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
    1147             :                         EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
    1148             :                 } else if (Z_TYPE_P(class_name) == IS_STRING) {
    1149             :                         EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
    1150             :                 } else {
    1151             :                         zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
    1152             :                 }
    1153             : 
    1154             :                 ZEND_VM_NEXT_OPCODE();
    1155             :         }
    1156             : }
    1157             : 
    1158        1318 : static int ZEND_FASTCALL  ZEND_FETCH_CLASS_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1159             : {
    1160        1318 :         zend_op *opline = EX(opline);
    1161             : 
    1162             : 
    1163        1318 :         if (IS_CV == IS_UNUSED) {
    1164             :                 EX_T(opline->result.u.var).class_entry = zend_fetch_class(NULL, 0, opline->extended_value TSRMLS_CC);
    1165             :                 ZEND_VM_NEXT_OPCODE();
    1166             :         } else {
    1167             : 
    1168        2636 :                 zval *class_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    1169             : 
    1170        1318 :                 if (IS_CV != IS_CONST && Z_TYPE_P(class_name) == IS_OBJECT) {
    1171          17 :                         EX_T(opline->result.u.var).class_entry = Z_OBJCE_P(class_name);
    1172        1301 :                 } else if (Z_TYPE_P(class_name) == IS_STRING) {
    1173        1300 :                         EX_T(opline->result.u.var).class_entry = zend_fetch_class(Z_STRVAL_P(class_name), Z_STRLEN_P(class_name), opline->extended_value TSRMLS_CC);
    1174             :                 } else {
    1175           1 :                         zend_error_noreturn(E_ERROR, "Class name must be a valid object or a string");
    1176             :                 }
    1177             : 
    1178        1313 :                 ZEND_VM_NEXT_OPCODE();
    1179             :         }
    1180             : }
    1181             : 
    1182       13315 : static int ZEND_FASTCALL  ZEND_INIT_FCALL_BY_NAME_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1183             : {
    1184       13315 :         zend_op *opline = EX(opline);
    1185             :         zval *function_name;
    1186             :         char *function_name_strval, *lcname;
    1187             :         int function_name_strlen;
    1188             : 
    1189             : 
    1190       13315 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    1191             : 
    1192       13315 :         if (IS_CV == IS_CONST) {
    1193             :                 if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant)+1, opline->extended_value, (void **) &EX(fbc)) == FAILURE) {
    1194             :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", Z_STRVAL(opline->op2.u.constant));
    1195             :                 }
    1196             :         } else {
    1197       26630 :                 function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    1198             : 
    1199       13529 :                 if (IS_CV != IS_CONST && IS_CV != IS_TMP_VAR &&
    1200       13315 :                     Z_TYPE_P(function_name) == IS_OBJECT &&
    1201         107 :                         Z_OBJ_HANDLER_P(function_name, get_closure) &&
    1202         107 :                         Z_OBJ_HANDLER_P(function_name, get_closure)(function_name, &EX(called_scope), &EX(fbc), &EX(object) TSRMLS_CC) == SUCCESS) {
    1203         107 :                         if (EX(object)) {
    1204           7 :                                 Z_ADDREF_P(EX(object));
    1205             :                         }
    1206         107 :                         if (IS_CV == IS_VAR && 0 &&
    1207             :                             EX(fbc)->common.fn_flags & ZEND_ACC_CLOSURE) {
    1208             :                                 /* Delay closure destruction until its invocation */
    1209             :                                 EX(fbc)->common.prototype = (zend_function*)function_name;
    1210             :                         } else {
    1211             : 
    1212             :                         }
    1213         107 :                         ZEND_VM_NEXT_OPCODE();
    1214             :                 }
    1215             : 
    1216       13208 :                 if (Z_TYPE_P(function_name) != IS_STRING) {
    1217           1 :                         zend_error_noreturn(E_ERROR, "Function name must be a string");
    1218             :                 }
    1219       13207 :                 function_name_strval = Z_STRVAL_P(function_name);
    1220       13207 :                 function_name_strlen = Z_STRLEN_P(function_name);
    1221       13207 :                 if (function_name_strval[0] == '\\') {
    1222             : 
    1223           1 :                     function_name_strlen -= 1;
    1224           1 :                         lcname = zend_str_tolower_dup(function_name_strval + 1, function_name_strlen);
    1225             :                 } else {
    1226       13206 :                         lcname = zend_str_tolower_dup(function_name_strval, function_name_strlen);
    1227             :                 }
    1228       13207 :                 if (zend_hash_find(EG(function_table), lcname, function_name_strlen+1, (void **) &EX(fbc)) == FAILURE) {
    1229           1 :                         zend_error_noreturn(E_ERROR, "Call to undefined function %s()", function_name_strval);
    1230             :                 }
    1231       13206 :                 efree(lcname);
    1232             : 
    1233             :         }
    1234             : 
    1235       13206 :         EX(object) = NULL;
    1236       13206 :         ZEND_VM_NEXT_OPCODE();
    1237             : }
    1238             : 
    1239             : 
    1240        1016 : static int ZEND_FASTCALL  ZEND_CATCH_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1241             : {
    1242        1016 :         zend_op *opline = EX(opline);
    1243             :         zend_class_entry *ce;
    1244             : 
    1245             :         /* Check whether an exception has been thrown, if not, jump over code */
    1246        1016 :         zend_exception_restore(TSRMLS_C);
    1247        1016 :         if (EG(exception) == NULL) {
    1248           0 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
    1249           0 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    1250             :         }
    1251        1016 :         ce = Z_OBJCE_P(EG(exception));
    1252        1016 :         if (ce != EX_T(opline->op1.u.var).class_entry) {
    1253         499 :                 if (!instanceof_function(ce, EX_T(opline->op1.u.var).class_entry TSRMLS_CC)) {
    1254           2 :                         if (opline->op1.u.EA.type) {
    1255           0 :                                 zend_throw_exception_internal(NULL TSRMLS_CC);
    1256           0 :                                 ZEND_VM_NEXT_OPCODE();
    1257             :                         }
    1258           2 :                         ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
    1259           2 :                         ZEND_VM_CONTINUE(); /* CHECK_ME */
    1260             :                 }
    1261             :         }
    1262             : 
    1263        1014 :         if (!EG(active_symbol_table)) {
    1264         146 :                 if (EX(CVs)[opline->op2.u.var]) {
    1265          32 :                         zval_ptr_dtor(EX(CVs)[opline->op2.u.var]);
    1266             :                 }
    1267         146 :                 EX(CVs)[opline->op2.u.var] = (zval**)EX(CVs) + (EX(op_array)->last_var + opline->op2.u.var);
    1268         146 :                 *EX(CVs)[opline->op2.u.var] = EG(exception);
    1269             :         } else {
    1270         868 :                 zend_compiled_variable *cv = &CV_DEF_OF(opline->op2.u.var);
    1271         868 :                 zend_hash_quick_update(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value,
    1272             :                     &EG(exception), sizeof(zval *), (void**)&EX(CVs)[opline->op2.u.var]);
    1273             :         }
    1274        1014 :         EG(exception) = NULL;
    1275        1014 :         ZEND_VM_NEXT_OPCODE();
    1276             : }
    1277             : 
    1278           0 : static int ZEND_FASTCALL  ZEND_BRK_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1279             : {
    1280           0 :         zend_op *opline = EX(opline);
    1281             : 
    1282             :         zend_brk_cont_element *el;
    1283             : 
    1284           0 :         el = zend_brk_cont(_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC), opline->op1.u.opline_num,
    1285           0 :                            EX(op_array), EX(Ts) TSRMLS_CC);
    1286             : 
    1287           0 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->brk);
    1288             : }
    1289             : 
    1290           0 : static int ZEND_FASTCALL  ZEND_CONT_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1291             : {
    1292           0 :         zend_op *opline = EX(opline);
    1293             : 
    1294             :         zend_brk_cont_element *el;
    1295             : 
    1296           0 :         el = zend_brk_cont(_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC), opline->op1.u.opline_num,
    1297           0 :                            EX(op_array), EX(Ts) TSRMLS_CC);
    1298             : 
    1299           0 :         ZEND_VM_JMP(EX(op_array)->opcodes + el->cont);
    1300             : }
    1301             : 
    1302          79 : static int ZEND_FASTCALL  ZEND_BW_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1303             : {
    1304          79 :         zend_op *opline = EX(opline);
    1305             : 
    1306             : 
    1307          79 :         bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
    1308             :                 &opline->op1.u.constant TSRMLS_CC);
    1309             : 
    1310          79 :         ZEND_VM_NEXT_OPCODE();
    1311             : }
    1312             : 
    1313       20035 : static int ZEND_FASTCALL  ZEND_BOOL_NOT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1314             : {
    1315       20035 :         zend_op *opline = EX(opline);
    1316             : 
    1317             : 
    1318       20035 :         boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
    1319             :                 &opline->op1.u.constant TSRMLS_CC);
    1320             : 
    1321       20035 :         ZEND_VM_NEXT_OPCODE();
    1322             : }
    1323             : 
    1324       44141 : static int ZEND_FASTCALL  ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1325             : {
    1326       44141 :         zend_op *opline = EX(opline);
    1327             : 
    1328       44141 :         zval *z = &opline->op1.u.constant;
    1329             : 
    1330       44141 :         if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
    1331             :                 INIT_PZVAL(z);
    1332             :         }
    1333       44141 :         zend_print_variable(z);
    1334             : 
    1335       44140 :         ZEND_VM_NEXT_OPCODE();
    1336             : }
    1337             : 
    1338        1514 : static int ZEND_FASTCALL  ZEND_PRINT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1339             : {
    1340        1514 :         zend_op *opline = EX(opline);
    1341             : 
    1342        1514 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
    1343        1514 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
    1344             : 
    1345        1514 :         return ZEND_ECHO_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1346             : }
    1347             : 
    1348     1759808 : static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_CONST(int type, ZEND_OPCODE_HANDLER_ARGS)
    1349             : {
    1350     1759808 :         zend_op *opline = EX(opline);
    1351             :         zend_free_op free_op1;
    1352     1759808 :         zval *varname = &opline->op1.u.constant;
    1353             :         zval **retval;
    1354             :         zval tmp_varname;
    1355             :         HashTable *target_symbol_table;
    1356             : 
    1357     1759808 :         if (IS_CONST != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
    1358             :                 tmp_varname = *varname;
    1359             :                 zval_copy_ctor(&tmp_varname);
    1360             :                 convert_to_string(&tmp_varname);
    1361             :                 varname = &tmp_varname;
    1362             :         }
    1363             : 
    1364     1759808 :         if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    1365         751 :                 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
    1366             : 
    1367             :         } else {
    1368     1759057 :                 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
    1369             : /*
    1370             :                 if (!target_symbol_table) {
    1371             :                         ZEND_VM_NEXT_OPCODE();
    1372             :                 }
    1373             : */
    1374     1759057 :                 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
    1375        1818 :                         switch (type) {
    1376             :                                 case BP_VAR_R:
    1377             :                                 case BP_VAR_UNSET:
    1378        1545 :                                         zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
    1379             :                                         /* break missing intentionally */
    1380             :                                 case BP_VAR_IS:
    1381        1545 :                                         retval = &EG(uninitialized_zval_ptr);
    1382        1545 :                                         break;
    1383             :                                 case BP_VAR_RW:
    1384           0 :                                         zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
    1385             :                                         /* break missing intentionally */
    1386             :                                 case BP_VAR_W: {
    1387         273 :                                                 zval *new_zval = &EG(uninitialized_zval);
    1388             : 
    1389         273 :                                                 Z_ADDREF_P(new_zval);
    1390         273 :                                                 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
    1391             :                                         }
    1392             :                                         break;
    1393             :                                 EMPTY_SWITCH_DEFAULT_CASE()
    1394             :                         }
    1395             :                 }
    1396     1759057 :                 switch (opline->op2.u.EA.type) {
    1397             :                         case ZEND_FETCH_GLOBAL:
    1398             :                                 if (IS_CONST != IS_TMP_VAR) {
    1399             : 
    1400             :                                 }
    1401       13339 :                                 break;
    1402             :                         case ZEND_FETCH_LOCAL:
    1403             : 
    1404     1026935 :                                 break;
    1405             :                         case ZEND_FETCH_STATIC:
    1406        1496 :                                 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
    1407        1496 :                                 break;
    1408             :                         case ZEND_FETCH_GLOBAL_LOCK:
    1409      717287 :                                 if (IS_CONST == IS_VAR && !free_op1.var) {
    1410             :                                         PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
    1411             :                                 }
    1412             :                                 break;
    1413             :                 }
    1414             :         }
    1415             : 
    1416             : 
    1417     1759797 :         if (IS_CONST != IS_CONST && varname == &tmp_varname) {
    1418             :                 zval_dtor(varname);
    1419             :         }
    1420     1759797 :         if (!RETURN_VALUE_UNUSED(&opline->result)) {
    1421     1759793 :                 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
    1422           8 :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
    1423             :                 }
    1424     1759793 :                 PZVAL_LOCK(*retval);
    1425     1759793 :                 switch (type) {
    1426             :                         case BP_VAR_R:
    1427             :                         case BP_VAR_IS:
    1428      342369 :                                 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
    1429      342369 :                                 break;
    1430             :                         case BP_VAR_UNSET: {
    1431             :                                 zend_free_op free_res;
    1432             : 
    1433          34 :                                 EX_T(opline->result.u.var).var.ptr_ptr = retval;
    1434          34 :                                 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
    1435          34 :                                 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
    1436         104 :                                         SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
    1437             :                                 }
    1438          34 :                                 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
    1439          34 :                                 FREE_OP_VAR_PTR(free_res);
    1440          34 :                                 break;
    1441             :                         default:
    1442     1417390 :                                 EX_T(opline->result.u.var).var.ptr_ptr = retval;
    1443             :                                 break;
    1444             :                         }
    1445             :                 }
    1446             :         }
    1447     1759797 :         ZEND_VM_NEXT_OPCODE();
    1448             : }
    1449             : 
    1450      342309 : static int ZEND_FASTCALL  ZEND_FETCH_R_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1451             : {
    1452      342309 :         return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1453             : }
    1454             : 
    1455     1417329 : static int ZEND_FASTCALL  ZEND_FETCH_W_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1456             : {
    1457     1417329 :         return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1458             : }
    1459             : 
    1460          67 : static int ZEND_FASTCALL  ZEND_FETCH_RW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1461             : {
    1462          67 :         return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1463             : }
    1464             : 
    1465          46 : static int ZEND_FASTCALL  ZEND_FETCH_FUNC_ARG_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1466             : {
    1467          46 :         return zend_fetch_var_address_helper_SPEC_CONST(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1468             : }
    1469             : 
    1470          34 : static int ZEND_FASTCALL  ZEND_FETCH_UNSET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1471             : {
    1472          34 :         return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1473             : }
    1474             : 
    1475          23 : static int ZEND_FASTCALL  ZEND_FETCH_IS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1476             : {
    1477          23 :         return zend_fetch_var_address_helper_SPEC_CONST(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1478             : }
    1479             : 
    1480      760131 : static int ZEND_FASTCALL  ZEND_JMPZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1481             : {
    1482      760131 :         zend_op *opline = EX(opline);
    1483             : 
    1484      760131 :         zval *val = &opline->op1.u.constant;
    1485             :         int ret;
    1486             : 
    1487      760131 :         if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    1488             :                 ret = Z_LVAL_P(val);
    1489             :         } else {
    1490      760131 :                 ret = i_zend_is_true(val);
    1491             : 
    1492      760131 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    1493           0 :                         ZEND_VM_CONTINUE();
    1494             :                 }
    1495             :         }
    1496      760131 :         if (!ret) {
    1497             : #if DEBUG_ZEND>=2
    1498             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    1499             : #endif
    1500         107 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    1501         107 :                 ZEND_VM_CONTINUE();
    1502             :         }
    1503             : 
    1504      760024 :         ZEND_VM_NEXT_OPCODE();
    1505             : }
    1506             : 
    1507          12 : static int ZEND_FASTCALL  ZEND_JMPNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1508             : {
    1509          12 :         zend_op *opline = EX(opline);
    1510             : 
    1511          12 :         zval *val = &opline->op1.u.constant;
    1512             :         int ret;
    1513             : 
    1514          12 :         if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    1515             :                 ret = Z_LVAL_P(val);
    1516             :         } else {
    1517          12 :                 ret = i_zend_is_true(val);
    1518             : 
    1519          12 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    1520           0 :                         ZEND_VM_CONTINUE();
    1521             :                 }
    1522             :         }
    1523          12 :         if (ret) {
    1524             : #if DEBUG_ZEND>=2
    1525             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    1526             : #endif
    1527           8 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    1528           8 :                 ZEND_VM_CONTINUE();
    1529             :         }
    1530             : 
    1531           4 :         ZEND_VM_NEXT_OPCODE();
    1532             : }
    1533             : 
    1534      627135 : static int ZEND_FASTCALL  ZEND_JMPZNZ_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1535             : {
    1536      627135 :         zend_op *opline = EX(opline);
    1537             : 
    1538      627135 :         zval *val = &opline->op1.u.constant;
    1539             :         int retval;
    1540             : 
    1541      627135 :         if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    1542             :                 retval = Z_LVAL_P(val);
    1543             :         } else {
    1544      627135 :                 retval = i_zend_is_true(val);
    1545             : 
    1546      627134 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    1547           0 :                         ZEND_VM_CONTINUE();
    1548             :                 }
    1549             :         }
    1550      627134 :         if (EXPECTED(retval != 0)) {
    1551             : #if DEBUG_ZEND>=2
    1552             :                 printf("Conditional jmp on true to %d\n", opline->extended_value);
    1553             : #endif
    1554      627134 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
    1555      627134 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    1556             :         } else {
    1557             : #if DEBUG_ZEND>=2
    1558             :                 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
    1559             : #endif
    1560           0 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
    1561           0 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    1562             :         }
    1563             : }
    1564             : 
    1565           1 : static int ZEND_FASTCALL  ZEND_JMPZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1566             : {
    1567           1 :         zend_op *opline = EX(opline);
    1568             : 
    1569           1 :         zval *val = &opline->op1.u.constant;
    1570             :         int retval;
    1571             : 
    1572           1 :         if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    1573             :                 retval = Z_LVAL_P(val);
    1574             :         } else {
    1575           1 :                 retval = i_zend_is_true(val);
    1576             : 
    1577           1 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    1578           0 :                         ZEND_VM_CONTINUE();
    1579             :                 }
    1580             :         }
    1581           1 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
    1582           1 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    1583           1 :         if (!retval) {
    1584             : #if DEBUG_ZEND>=2
    1585             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    1586             : #endif
    1587           1 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    1588           1 :                 ZEND_VM_CONTINUE();
    1589             :         }
    1590           0 :         ZEND_VM_NEXT_OPCODE();
    1591             : }
    1592             : 
    1593           0 : static int ZEND_FASTCALL  ZEND_JMPNZ_EX_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1594             : {
    1595           0 :         zend_op *opline = EX(opline);
    1596             : 
    1597           0 :         zval *val = &opline->op1.u.constant;
    1598             :         int retval;
    1599             : 
    1600           0 :         if (IS_CONST == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    1601             :                 retval = Z_LVAL_P(val);
    1602             :         } else {
    1603           0 :                 retval = i_zend_is_true(val);
    1604             : 
    1605           0 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    1606           0 :                         ZEND_VM_CONTINUE();
    1607             :                 }
    1608             :         }
    1609           0 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
    1610           0 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    1611           0 :         if (retval) {
    1612             : #if DEBUG_ZEND>=2
    1613             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    1614             : #endif
    1615           0 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    1616           0 :                 ZEND_VM_CONTINUE();
    1617             :         }
    1618           0 :         ZEND_VM_NEXT_OPCODE();
    1619             : }
    1620             : 
    1621    17605730 : static int ZEND_FASTCALL  ZEND_DO_FCALL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1622             : {
    1623    17605730 :         zend_op *opline = EX(opline);
    1624             : 
    1625    17605730 :         zval *fname = &opline->op1.u.constant;
    1626             : 
    1627    17605730 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    1628             : 
    1629    17605729 :         if (zend_hash_quick_find(EG(function_table), fname->value.str.val, fname->value.str.len+1, Z_LVAL(opline->op2.u.constant), (void **) &EX(function_state).function)==FAILURE) {
    1630           0 :                 zend_error_noreturn(E_ERROR, "Call to undefined function %s()", fname->value.str.val);
    1631             :         }
    1632    17605729 :         EX(object) = NULL;
    1633             : 
    1634    17605729 :         return zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1635             : }
    1636             : 
    1637      514372 : static int ZEND_FASTCALL  ZEND_RETURN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1638             : {
    1639      514372 :         zend_op *opline = EX(opline);
    1640             :         zval *retval_ptr;
    1641             :         zval **retval_ptr_ptr;
    1642             : 
    1643             : 
    1644      514372 :         if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
    1645             : 
    1646             :                 if (IS_CONST == IS_CONST || IS_CONST == IS_TMP_VAR) {
    1647             :                         /* Not supposed to happen, but we'll allow it */
    1648           6 :                         zend_error(E_NOTICE, "Only variable references should be returned by reference");
    1649           6 :                         goto return_by_value;
    1650             :                 }
    1651             : 
    1652             :                 retval_ptr_ptr = NULL;
    1653             : 
    1654             :                 if (IS_CONST == IS_VAR && !retval_ptr_ptr) {
    1655             :                         zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
    1656             :                 }
    1657             : 
    1658             :                 if (IS_CONST == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
    1659             :                         if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
    1660             :                             EX_T(opline->op1.u.var).var.fcall_returned_reference) {
    1661             :                         } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
    1662             :                                 if (IS_CONST == IS_VAR && !0) {
    1663             :                                         PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
    1664             :                                 }
    1665             :                                 zend_error(E_NOTICE, "Only variable references should be returned by reference");
    1666             :                                 goto return_by_value;
    1667             :                         }
    1668             :                 }
    1669             : 
    1670             :                 if (EG(return_value_ptr_ptr)) {
    1671             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
    1672             :                         Z_ADDREF_PP(retval_ptr_ptr);
    1673             : 
    1674             :                         (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
    1675             :                 }
    1676             :         } else {
    1677             : return_by_value:
    1678             : 
    1679      514372 :                 retval_ptr = &opline->op1.u.constant;
    1680             : 
    1681      514372 :                 if (!EG(return_value_ptr_ptr)) {
    1682             :                         if (IS_CONST == IS_TMP_VAR) {
    1683             : 
    1684             :                         }
    1685             :                 } else if (!0) { /* Not a temp var */
    1686             :                         if (IS_CONST == IS_CONST ||
    1687             :                             EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
    1688             :                             (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
    1689             :                                 zval *ret;
    1690             : 
    1691      220983 :                                 ALLOC_ZVAL(ret);
    1692      220983 :                                 INIT_PZVAL_COPY(ret, retval_ptr);
    1693      220983 :                                 zval_copy_ctor(ret);
    1694      220983 :                                 *EG(return_value_ptr_ptr) = ret;
    1695             :                         } else if ((IS_CONST == IS_CV || IS_CONST == IS_VAR) &&
    1696             :                                    retval_ptr == &EG(uninitialized_zval)) {
    1697             :                                 zval *ret;
    1698             : 
    1699             :                                 ALLOC_INIT_ZVAL(ret);
    1700             :                                 *EG(return_value_ptr_ptr) = ret;
    1701             :                         } else {
    1702             :                                 *EG(return_value_ptr_ptr) = retval_ptr;
    1703             :                                 Z_ADDREF_P(retval_ptr);
    1704             :                         }
    1705             :                 } else {
    1706             :                         zval *ret;
    1707             : 
    1708             :                         ALLOC_ZVAL(ret);
    1709             :                         INIT_PZVAL_COPY(ret, retval_ptr);
    1710             :                         *EG(return_value_ptr_ptr) = ret;
    1711             :                 }
    1712             :         }
    1713             : 
    1714      514372 :         return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    1715             : }
    1716             : 
    1717           2 : static int ZEND_FASTCALL  ZEND_THROW_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1718             : {
    1719           2 :         zend_op *opline = EX(opline);
    1720             :         zval *value;
    1721             :         zval *exception;
    1722             : 
    1723             : 
    1724           2 :         value = &opline->op1.u.constant;
    1725             : 
    1726             :         if (IS_CONST == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
    1727           2 :                 zend_error_noreturn(E_ERROR, "Can only throw objects");
    1728             :         }
    1729             :         zend_exception_save(TSRMLS_C);
    1730             :         /* Not sure if a complete copy is what we want here */
    1731             :         ALLOC_ZVAL(exception);
    1732             :         INIT_PZVAL_COPY(exception, value);
    1733             :         if (!0) {
    1734             :                 zval_copy_ctor(exception);
    1735             :         }
    1736             : 
    1737             :         zend_throw_exception_object(exception TSRMLS_CC);
    1738             :         zend_exception_restore(TSRMLS_C);
    1739             : 
    1740             :         ZEND_VM_NEXT_OPCODE();
    1741             : }
    1742             : 
    1743     8845357 : static int ZEND_FASTCALL  ZEND_SEND_VAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1744             : {
    1745     8845357 :         zend_op *opline = EX(opline);
    1746     9807177 :         if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
    1747     9807177 :                 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    1748           2 :                         zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
    1749             :         }
    1750             :         {
    1751             :                 zval *valptr;
    1752             :                 zval *value;
    1753             : 
    1754             : 
    1755     8845355 :                 value = &opline->op1.u.constant;
    1756             : 
    1757     8845355 :                 ALLOC_ZVAL(valptr);
    1758     8845355 :                 INIT_PZVAL_COPY(valptr, value);
    1759             :                 if (!0) {
    1760     8845355 :                         zval_copy_ctor(valptr);
    1761             :                 }
    1762     8845355 :                 zend_vm_stack_push(valptr TSRMLS_CC);
    1763             : 
    1764             :         }
    1765     8845355 :         ZEND_VM_NEXT_OPCODE();
    1766             : }
    1767             : 
    1768           1 : static int ZEND_FASTCALL  ZEND_BOOL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1769             : {
    1770           1 :         zend_op *opline = EX(opline);
    1771             : 
    1772             : 
    1773             :         /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
    1774           1 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(&opline->op1.u.constant);
    1775           1 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    1776             : 
    1777           1 :         ZEND_VM_NEXT_OPCODE();
    1778             : }
    1779             : 
    1780           2 : static int ZEND_FASTCALL  ZEND_CLONE_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1781             : {
    1782           2 :         zend_op *opline = EX(opline);
    1783             : 
    1784           2 :         zval *obj = &opline->op1.u.constant;
    1785             :         zend_class_entry *ce;
    1786             :         zend_function *clone;
    1787             :         zend_object_clone_obj_t clone_call;
    1788             : 
    1789             :         if (IS_CONST == IS_CONST ||
    1790             :             (IS_CONST == IS_VAR && !obj) ||
    1791             :             Z_TYPE_P(obj) != IS_OBJECT) {
    1792           2 :                 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
    1793             :         }
    1794             : 
    1795             :         ce = Z_OBJCE_P(obj);
    1796             :         clone = ce ? ce->clone : NULL;
    1797             :         clone_call =  Z_OBJ_HT_P(obj)->clone_obj;
    1798             :         if (!clone_call) {
    1799             :                 if (ce) {
    1800             :                         zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
    1801             :                 } else {
    1802             :                         zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
    1803             :                 }
    1804             :         }
    1805             : 
    1806             :         if (ce && clone) {
    1807             :                 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
    1808             :                         /* Ensure that if we're calling a private function, we're allowed to do so.
    1809             :                          */
    1810             :                         if (ce != EG(scope)) {
    1811             :                                 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
    1812             :                         }
    1813             :                 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
    1814             :                         /* Ensure that if we're calling a protected function, we're allowed to do so.
    1815             :                          */
    1816             :                         if (!zend_check_protected(clone->common.scope, EG(scope))) {
    1817             :                                 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
    1818             :                         }
    1819             :                 }
    1820             :         }
    1821             : 
    1822             :         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
    1823             :         if (!EG(exception)) {
    1824             :                 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    1825             :                 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
    1826             :                 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
    1827             :                 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
    1828             :                 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
    1829             :                 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
    1830             :                         zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
    1831             :                 }
    1832             :         }
    1833             : 
    1834             :         ZEND_VM_NEXT_OPCODE();
    1835             : }
    1836             : 
    1837         228 : static int ZEND_FASTCALL  ZEND_CAST_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1838             : {
    1839         228 :         zend_op *opline = EX(opline);
    1840             : 
    1841         228 :         zval *expr = &opline->op1.u.constant;
    1842         228 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    1843             : 
    1844         228 :         if (opline->extended_value != IS_STRING) {
    1845          24 :                 *result = *expr;
    1846             :                 if (!0) {
    1847          24 :                         zendi_zval_copy_ctor(*result);
    1848             :                 }
    1849             :         }
    1850         228 :         switch (opline->extended_value) {
    1851             :                 case IS_NULL:
    1852           0 :                         convert_to_null(result);
    1853           0 :                         break;
    1854             :                 case IS_BOOL:
    1855           2 :                         convert_to_boolean(result);
    1856           2 :                         break;
    1857             :                 case IS_LONG:
    1858           6 :                         convert_to_long(result);
    1859           6 :                         break;
    1860             :                 case IS_DOUBLE:
    1861           6 :                         convert_to_double(result);
    1862           6 :                         break;
    1863             :                 case IS_STRING: {
    1864             :                         zval var_copy;
    1865             :                         int use_copy;
    1866             : 
    1867         204 :                         zend_make_printable_zval(expr, &var_copy, &use_copy);
    1868         204 :                         if (use_copy) {
    1869           8 :                                 *result = var_copy;
    1870             :                                 if (0) {
    1871             : 
    1872             :                                 }
    1873             :                         } else {
    1874         196 :                                 *result = *expr;
    1875             :                                 if (!0) {
    1876         196 :                                         zendi_zval_copy_ctor(*result);
    1877             :                                 }
    1878             :                         }
    1879         204 :                         break;
    1880             :                 }
    1881             :                 case IS_ARRAY:
    1882           5 :                         convert_to_array(result);
    1883           5 :                         break;
    1884             :                 case IS_OBJECT:
    1885           5 :                         convert_to_object(result);
    1886             :                         break;
    1887             :         }
    1888             : 
    1889         228 :         ZEND_VM_NEXT_OPCODE();
    1890             : }
    1891             : 
    1892        6596 : static int ZEND_FASTCALL  ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    1893             : {
    1894        6596 :         zend_op *opline = EX(opline);
    1895        6596 :         zend_op_array *new_op_array=NULL;
    1896             :         int return_value_used;
    1897             : 
    1898        6596 :         zval *inc_filename = &opline->op1.u.constant;
    1899        6596 :         zval *tmp_inc_filename = NULL;
    1900        6596 :         zend_bool failure_retval=0;
    1901             : 
    1902        6596 :         if (inc_filename->type!=IS_STRING) {
    1903           0 :                 MAKE_STD_ZVAL(tmp_inc_filename);
    1904           0 :                 *tmp_inc_filename = *inc_filename;
    1905           0 :                 zval_copy_ctor(tmp_inc_filename);
    1906           0 :                 convert_to_string(tmp_inc_filename);
    1907           0 :                 inc_filename = tmp_inc_filename;
    1908             :         }
    1909             : 
    1910        6596 :         return_value_used = RETURN_VALUE_USED(opline);
    1911             : 
    1912        6596 :         if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
    1913           0 :                 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
    1914           0 :                         zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    1915             :                 } else {
    1916           0 :                         zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    1917             :                 }
    1918             :         } else {
    1919        6596 :                 switch (Z_LVAL(opline->op2.u.constant)) {
    1920             :                         case ZEND_INCLUDE_ONCE:
    1921             :                         case ZEND_REQUIRE_ONCE: {
    1922             :                                         zend_file_handle file_handle;
    1923             :                                         char *resolved_path;
    1924             : 
    1925        4216 :                                         resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
    1926        4216 :                                         if (resolved_path) {
    1927        4212 :                                                 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
    1928             :                                         } else {
    1929           4 :                                                 resolved_path = Z_STRVAL_P(inc_filename);
    1930             :                                         }
    1931             : 
    1932        4216 :                                         if (failure_retval) {
    1933             :                                                 /* do nothing, file already included */
    1934        3570 :                                         } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
    1935             : 
    1936        3568 :                                                 if (!file_handle.opened_path) {
    1937           4 :                                                         file_handle.opened_path = estrdup(resolved_path);
    1938             :                                                 }
    1939             : 
    1940        3568 :                                                 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
    1941        3567 :                                                         new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
    1942        3567 :                                                         zend_destroy_file_handle(&file_handle TSRMLS_CC);
    1943             :                                                 } else {
    1944           1 :                                                         zend_file_handle_dtor(&file_handle TSRMLS_CC);
    1945           1 :                                                         failure_retval=1;
    1946             :                                                 }
    1947             :                                         } else {
    1948           2 :                                                 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
    1949           0 :                                                         zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    1950             :                                                 } else {
    1951           2 :                                                         zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    1952             :                                                 }
    1953             :                                         }
    1954        4214 :                                         if (resolved_path != Z_STRVAL_P(inc_filename)) {
    1955        4212 :                                                 efree(resolved_path);
    1956             :                                         }
    1957             :                                 }
    1958        4214 :                                 break;
    1959             :                         case ZEND_INCLUDE:
    1960             :                         case ZEND_REQUIRE:
    1961        2334 :                                 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
    1962        2332 :                                 break;
    1963             :                         case ZEND_EVAL: {
    1964          46 :                                         char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
    1965             : 
    1966          46 :                                         new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
    1967          44 :                                         efree(eval_desc);
    1968             :                                 }
    1969             :                                 break;
    1970             :                         EMPTY_SWITCH_DEFAULT_CASE()
    1971             :                 }
    1972             :         }
    1973        6590 :         if (tmp_inc_filename) {
    1974           0 :                 zval_ptr_dtor(&tmp_inc_filename);
    1975             :         }
    1976             : 
    1977        6590 :         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
    1978        6590 :         if (new_op_array && !EG(exception)) {
    1979        5932 :                 EX(original_return_value) = EG(return_value_ptr_ptr);
    1980        5932 :                 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
    1981        5932 :                 EG(active_op_array) = new_op_array;
    1982        5932 :                 EX_T(opline->result.u.var).var.ptr = NULL;
    1983             : 
    1984        5932 :                 EX(current_object) = EX(object);
    1985             : 
    1986        5932 :                 EX(function_state).function = (zend_function *) new_op_array;
    1987        5932 :                 EX(object) = NULL;
    1988             : 
    1989        5932 :                 if (!EG(active_symbol_table)) {
    1990          18 :                         zend_rebuild_symbol_table(TSRMLS_C);
    1991             :                 }
    1992             : 
    1993        5932 :                 if (zend_execute == execute) {
    1994        5932 :                         EX(call_opline) = opline;
    1995        5932 :                         ZEND_VM_ENTER();
    1996             :                 } else {
    1997           0 :                         zend_execute(new_op_array TSRMLS_CC);
    1998             :                 }
    1999             : 
    2000           0 :                 EX(function_state).function = (zend_function *) EX(op_array);
    2001           0 :                 EX(object) = EX(current_object);
    2002             : 
    2003           0 :                 if (return_value_used) {
    2004           0 :                         if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
    2005           0 :                                 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    2006           0 :                                 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
    2007           0 :                                 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
    2008           0 :                                 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
    2009             :                         }
    2010             :                 }
    2011             : 
    2012           0 :                 EG(opline_ptr) = &EX(opline);
    2013           0 :                 EG(active_op_array) = EX(op_array);
    2014           0 :                 EG(return_value_ptr_ptr) = EX(original_return_value);
    2015           0 :                 destroy_op_array(new_op_array TSRMLS_CC);
    2016           0 :                 efree(new_op_array);
    2017           0 :                 if (EG(exception)) {
    2018           0 :                         zend_throw_exception_internal(NULL TSRMLS_CC);
    2019             :                 }
    2020             :         } else {
    2021         658 :                 if (return_value_used) {
    2022           0 :                         ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    2023           0 :                         INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
    2024           0 :                         Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
    2025           0 :                         Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
    2026             :                 }
    2027             :         }
    2028         658 :         ZEND_VM_NEXT_OPCODE();
    2029             : }
    2030             : 
    2031           4 : static int ZEND_FASTCALL  ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2032             : {
    2033           4 :         zend_op *opline = EX(opline);
    2034             :         zval tmp, *varname;
    2035             :         HashTable *target_symbol_table;
    2036             : 
    2037             : 
    2038           4 :         if (IS_CONST == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
    2039             :                 if (EG(active_symbol_table)) {
    2040             :                         zend_execute_data *ex = EX(prev_execute_data);
    2041             :                         zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
    2042             : 
    2043             :                         if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
    2044             :                                 while (ex && ex->symbol_table == EG(active_symbol_table)) {
    2045             :                                         int i;
    2046             : 
    2047             :                                         if (ex->op_array) {
    2048             :                                                 for (i = 0; i < ex->op_array->last_var; i++) {
    2049             :                                                         if (ex->op_array->vars[i].hash_value == cv->hash_value &&
    2050             :                                                                 ex->op_array->vars[i].name_len == cv->name_len &&
    2051             :                                                                 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
    2052             :                                                                 ex->CVs[i] = NULL;
    2053             :                                                                 break;
    2054             :                                                         }
    2055             :                                                 }
    2056             :                                         }
    2057             :                                         ex = ex->prev_execute_data;
    2058             :                                 }
    2059             :                         }
    2060             :                         EX(CVs)[opline->op1.u.var] = NULL;
    2061             :                 } else if (EX(CVs)[opline->op1.u.var]) {
    2062             :                         zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
    2063             :                         EX(CVs)[opline->op1.u.var] = NULL;
    2064             :                 }
    2065             :                 ZEND_VM_NEXT_OPCODE();
    2066             :         }
    2067             : 
    2068           4 :         varname = &opline->op1.u.constant;
    2069             : 
    2070           4 :         if (Z_TYPE_P(varname) != IS_STRING) {
    2071           0 :                 tmp = *varname;
    2072           0 :                 zval_copy_ctor(&tmp);
    2073           0 :                 convert_to_string(&tmp);
    2074           0 :                 varname = &tmp;
    2075           4 :         } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) {
    2076             :                 Z_ADDREF_P(varname);
    2077             :         }
    2078             : 
    2079           4 :         if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    2080           0 :                 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
    2081             :         } else {
    2082           4 :                 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
    2083             : 
    2084           4 :                 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
    2085           4 :                 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
    2086           4 :                         zend_execute_data *ex = execute_data;
    2087             : 
    2088             :                         do {
    2089             :                                 int i;
    2090             : 
    2091           6 :                                 if (ex->op_array) {
    2092           6 :                                         for (i = 0; i < ex->op_array->last_var; i++) {
    2093           0 :                                                 if (ex->op_array->vars[i].hash_value == hash_value &&
    2094           0 :                                                         ex->op_array->vars[i].name_len == varname->value.str.len &&
    2095           0 :                                                         !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
    2096           0 :                                                         ex->CVs[i] = NULL;
    2097           0 :                                                         break;
    2098             :                                                 }
    2099             :                                         }
    2100             :                                 }
    2101           6 :                                 ex = ex->prev_execute_data;
    2102           6 :                         } while (ex && ex->symbol_table == target_symbol_table);
    2103             :                 }
    2104             :         }
    2105             : 
    2106           4 :         if (varname == &tmp) {
    2107           0 :                 zval_dtor(&tmp);
    2108           4 :         } else if (IS_CONST == IS_VAR || IS_CONST == IS_CV) {
    2109             :                 zval_ptr_dtor(&varname);
    2110             :         }
    2111             : 
    2112           4 :         ZEND_VM_NEXT_OPCODE();
    2113             : }
    2114             : 
    2115           0 : static int ZEND_FASTCALL  ZEND_FE_RESET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2116             : {
    2117           0 :         zend_op *opline = EX(opline);
    2118             : 
    2119             :         zval *array_ptr, **array_ptr_ptr;
    2120             :         HashTable *fe_ht;
    2121           0 :         zend_object_iterator *iter = NULL;
    2122           0 :         zend_class_entry *ce = NULL;
    2123           0 :         zend_bool is_empty = 0;
    2124             : 
    2125           0 :         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    2126           0 :                 array_ptr_ptr = NULL;
    2127           0 :                 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
    2128           0 :                         ALLOC_INIT_ZVAL(array_ptr);
    2129           0 :                 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
    2130           0 :                         if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
    2131           0 :                                 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
    2132           0 :                                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    2133             :                         }
    2134             : 
    2135           0 :                         ce = Z_OBJCE_PP(array_ptr_ptr);
    2136           0 :                         if (!ce || ce->get_iterator == NULL) {
    2137           0 :                                 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
    2138           0 :                                 Z_ADDREF_PP(array_ptr_ptr);
    2139             :                         }
    2140           0 :                         array_ptr = *array_ptr_ptr;
    2141             :                 } else {
    2142           0 :                         if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
    2143           0 :                                 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
    2144           0 :                                 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
    2145           0 :                                         Z_SET_ISREF_PP(array_ptr_ptr);
    2146             :                                 }
    2147             :                         }
    2148           0 :                         array_ptr = *array_ptr_ptr;
    2149           0 :                         Z_ADDREF_P(array_ptr);
    2150             :                 }
    2151             :         } else {
    2152           0 :                 array_ptr = &opline->op1.u.constant;
    2153           0 :                 if (0) { /* IS_TMP_VAR */
    2154             :                         zval *tmp;
    2155             : 
    2156             :                         ALLOC_ZVAL(tmp);
    2157             :                         INIT_PZVAL_COPY(tmp, array_ptr);
    2158             :                         array_ptr = tmp;
    2159             :                         if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
    2160             :                                 ce = Z_OBJCE_P(array_ptr);
    2161             :                                 if (ce && ce->get_iterator) {
    2162             :                                         Z_DELREF_P(array_ptr);
    2163             :                                 }
    2164             :                         }
    2165           0 :                 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
    2166           0 :                         ce = Z_OBJCE_P(array_ptr);
    2167           0 :                         if (!ce || !ce->get_iterator) {
    2168           0 :                                 Z_ADDREF_P(array_ptr);
    2169             :                         }
    2170             :                 } else if (IS_CONST == IS_CONST ||
    2171             :                            ((IS_CONST == IS_CV || IS_CONST == IS_VAR) &&
    2172             :                             !Z_ISREF_P(array_ptr) &&
    2173             :                             Z_REFCOUNT_P(array_ptr) > 1)) {
    2174             :                         zval *tmp;
    2175             : 
    2176           0 :                         ALLOC_ZVAL(tmp);
    2177           0 :                         INIT_PZVAL_COPY(tmp, array_ptr);
    2178           0 :                         zval_copy_ctor(tmp);
    2179           0 :                         array_ptr = tmp;
    2180             :                 } else {
    2181             :                         Z_ADDREF_P(array_ptr);
    2182             :                 }
    2183             :         }
    2184             : 
    2185           0 :         if (ce && ce->get_iterator) {
    2186           0 :                 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
    2187             : 
    2188           0 :                 if (iter && !EG(exception)) {
    2189           0 :                         array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
    2190             :                 } else {
    2191           0 :                         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    2192             : 
    2193             :                         } else {
    2194             : 
    2195             :                         }
    2196           0 :                         if (!EG(exception)) {
    2197           0 :                                 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
    2198             :                         }
    2199           0 :                         zend_throw_exception_internal(NULL TSRMLS_CC);
    2200           0 :                         ZEND_VM_NEXT_OPCODE();
    2201             :                 }
    2202             :         }
    2203             : 
    2204           0 :         AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
    2205           0 :         PZVAL_LOCK(array_ptr);
    2206             : 
    2207           0 :         if (iter) {
    2208           0 :                 iter->index = 0;
    2209           0 :                 if (iter->funcs->rewind) {
    2210           0 :                         iter->funcs->rewind(iter TSRMLS_CC);
    2211           0 :                         if (EG(exception)) {
    2212           0 :                                 Z_DELREF_P(array_ptr);
    2213           0 :                                 zval_ptr_dtor(&array_ptr);
    2214           0 :                                 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    2215             : 
    2216             :                                 } else {
    2217             : 
    2218             :                                 }
    2219           0 :                                 ZEND_VM_NEXT_OPCODE();
    2220             :                         }
    2221             :                 }
    2222           0 :                 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
    2223           0 :                 if (EG(exception)) {
    2224           0 :                         Z_DELREF_P(array_ptr);
    2225           0 :                         zval_ptr_dtor(&array_ptr);
    2226           0 :                         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    2227             : 
    2228             :                         } else {
    2229             : 
    2230             :                         }
    2231           0 :                         ZEND_VM_NEXT_OPCODE();
    2232             :                 }
    2233           0 :                 iter->index = -1; /* will be set to 0 before using next handler */
    2234           0 :         } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
    2235           0 :                 zend_hash_internal_pointer_reset(fe_ht);
    2236           0 :                 if (ce) {
    2237           0 :                         zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
    2238           0 :                         while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
    2239             :                                 char *str_key;
    2240             :                                 uint str_key_len;
    2241             :                                 ulong int_key;
    2242             :                                 zend_uchar key_type;
    2243             : 
    2244           0 :                                 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
    2245           0 :                                 if (key_type != HASH_KEY_NON_EXISTANT &&
    2246             :                                         (key_type == HASH_KEY_IS_LONG ||
    2247           0 :                                      zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
    2248             :                                         break;
    2249             :                                 }
    2250           0 :                                 zend_hash_move_forward(fe_ht);
    2251             :                         }
    2252             :                 }
    2253           0 :                 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
    2254           0 :                 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
    2255             :         } else {
    2256           0 :                 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
    2257           0 :                 is_empty = 1;
    2258             :         }
    2259             : 
    2260           0 :         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    2261             : 
    2262             :         } else {
    2263             : 
    2264             :         }
    2265           0 :         if (is_empty) {
    2266           0 :                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    2267             :         } else {
    2268           0 :                 ZEND_VM_NEXT_OPCODE();
    2269             :         }
    2270             : }
    2271             : 
    2272          15 : static int ZEND_FASTCALL  ZEND_ISSET_ISEMPTY_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2273             : {
    2274          15 :         zend_op *opline = EX(opline);
    2275             :         zval **value;
    2276          15 :         zend_bool isset = 1;
    2277             : 
    2278          15 :         if (IS_CONST == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
    2279             :                 if (EX(CVs)[opline->op1.u.var]) {
    2280             :                         value = EX(CVs)[opline->op1.u.var];
    2281             :                 } else if (EG(active_symbol_table)) {
    2282             :                         zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
    2283             : 
    2284             :                         if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
    2285             :                                 isset = 0;
    2286             :                         }
    2287             :                 } else {
    2288             :                         isset = 0;
    2289             :                 }
    2290             :         } else {
    2291             :                 HashTable *target_symbol_table;
    2292             : 
    2293          15 :                 zval tmp, *varname = &opline->op1.u.constant;
    2294             : 
    2295          15 :                 if (Z_TYPE_P(varname) != IS_STRING) {
    2296           0 :                         tmp = *varname;
    2297           0 :                         zval_copy_ctor(&tmp);
    2298           0 :                         convert_to_string(&tmp);
    2299           0 :                         varname = &tmp;
    2300             :                 }
    2301             : 
    2302          15 :                 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    2303           5 :                         value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
    2304           5 :                         if (!value) {
    2305           1 :                                 isset = 0;
    2306             :                         }
    2307             :                 } else {
    2308          10 :                         target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
    2309          10 :                         if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
    2310           0 :                                 isset = 0;
    2311             :                         }
    2312             :                 }
    2313             : 
    2314          15 :                 if (varname == &tmp) {
    2315           0 :                         zval_dtor(&tmp);
    2316             :                 }
    2317             : 
    2318             :         }
    2319             : 
    2320          15 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    2321             : 
    2322          15 :         switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
    2323             :                 case ZEND_ISSET:
    2324          13 :                         if (isset && Z_TYPE_PP(value) == IS_NULL) {
    2325           2 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
    2326             :                         } else {
    2327           9 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
    2328             :                         }
    2329          11 :                         break;
    2330             :                 case ZEND_ISEMPTY:
    2331           4 :                         if (!isset || !i_zend_is_true(*value)) {
    2332           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
    2333             :                         } else {
    2334           4 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
    2335             :                         }
    2336             :                         break;
    2337             :         }
    2338             : 
    2339          15 :         ZEND_VM_NEXT_OPCODE();
    2340             : }
    2341             : 
    2342         674 : static int ZEND_FASTCALL  ZEND_EXIT_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2343             : {
    2344             : #if 0 || (IS_CONST != IS_UNUSED)
    2345         674 :         zend_op *opline = EX(opline);
    2346             :         if (IS_CONST != IS_UNUSED) {
    2347             : 
    2348         674 :                 zval *ptr = &opline->op1.u.constant;
    2349             : 
    2350         674 :                 if (Z_TYPE_P(ptr) == IS_LONG) {
    2351          33 :                         EG(exit_status) = Z_LVAL_P(ptr);
    2352             :                 } else {
    2353         641 :                         zend_print_variable(ptr);
    2354             :                 }
    2355             : 
    2356             :         }
    2357             : #endif
    2358         674 :         zend_bailout();
    2359           0 :         ZEND_VM_NEXT_OPCODE();
    2360             : }
    2361             : 
    2362           5 : static int ZEND_FASTCALL  ZEND_JMP_SET_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2363             : {
    2364           5 :         zend_op *opline = EX(opline);
    2365             : 
    2366           5 :         zval *value = &opline->op1.u.constant;
    2367             : 
    2368           5 :         if (i_zend_is_true(value)) {
    2369           3 :                 EX_T(opline->result.u.var).tmp_var = *value;
    2370           3 :                 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
    2371             : 
    2372             : #if DEBUG_ZEND>=2
    2373             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    2374             : #endif
    2375           3 :                 ZEND_VM_JMP(opline->op2.u.jmp_addr);
    2376             :         }
    2377             : 
    2378           2 :         ZEND_VM_NEXT_OPCODE();
    2379             : }
    2380             : 
    2381      578281 : static int ZEND_FASTCALL  ZEND_QM_ASSIGN_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2382             : {
    2383      578281 :         zend_op *opline = EX(opline);
    2384             : 
    2385      578281 :         zval *value = &opline->op1.u.constant;
    2386             : 
    2387      578281 :         EX_T(opline->result.u.var).tmp_var = *value;
    2388             :         if (!0) {
    2389      578281 :                 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
    2390             :         }
    2391             : 
    2392      578281 :         ZEND_VM_NEXT_OPCODE();
    2393             : }
    2394             : 
    2395          38 : static int ZEND_FASTCALL  ZEND_TICKS_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2396             : {
    2397          38 :         zend_op *opline = EX(opline);
    2398             : 
    2399          38 :         if (++EG(ticks_count)>=Z_LVAL(opline->op1.u.constant)) {
    2400          38 :                 EG(ticks_count)=0;
    2401          38 :                 if (zend_ticks_function) {
    2402          38 :                         zend_ticks_function(Z_LVAL(opline->op1.u.constant));
    2403             :                 }
    2404             :         }
    2405          38 :         ZEND_VM_NEXT_OPCODE();
    2406             : }
    2407             : 
    2408      101279 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2409             : {
    2410      101279 :         zend_op *opline = EX(opline);
    2411             : 
    2412             : 
    2413      101279 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    2414             :                 &opline->op1.u.constant,
    2415             :                 &opline->op2.u.constant TSRMLS_CC);
    2416             : 
    2417             : 
    2418      101279 :         ZEND_VM_NEXT_OPCODE();
    2419             : }
    2420             : 
    2421         222 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2422             : {
    2423         222 :         zend_op *opline = EX(opline);
    2424             : 
    2425             : 
    2426         222 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    2427             :                 &opline->op1.u.constant,
    2428             :                 &opline->op2.u.constant TSRMLS_CC);
    2429             : 
    2430             : 
    2431         222 :         ZEND_VM_NEXT_OPCODE();
    2432             : }
    2433             : 
    2434        8238 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2435             : {
    2436        8238 :         zend_op *opline = EX(opline);
    2437             : 
    2438             : 
    2439        8238 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    2440             :                 &opline->op1.u.constant,
    2441             :                 &opline->op2.u.constant TSRMLS_CC);
    2442             : 
    2443             : 
    2444        8238 :         ZEND_VM_NEXT_OPCODE();
    2445             : }
    2446             : 
    2447          36 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2448             : {
    2449          36 :         zend_op *opline = EX(opline);
    2450             : 
    2451             : 
    2452          36 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    2453             :                 &opline->op1.u.constant,
    2454             :                 &opline->op2.u.constant TSRMLS_CC);
    2455             : 
    2456             : 
    2457          36 :         ZEND_VM_NEXT_OPCODE();
    2458             : }
    2459             : 
    2460           4 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2461             : {
    2462           4 :         zend_op *opline = EX(opline);
    2463             : 
    2464             : 
    2465           4 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    2466             :                 &opline->op1.u.constant,
    2467             :                 &opline->op2.u.constant TSRMLS_CC);
    2468             : 
    2469             : 
    2470           4 :         ZEND_VM_NEXT_OPCODE();
    2471             : }
    2472             : 
    2473          21 : static int ZEND_FASTCALL  ZEND_SL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2474             : {
    2475          21 :         zend_op *opline = EX(opline);
    2476             : 
    2477             : 
    2478          21 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    2479             :                 &opline->op1.u.constant,
    2480             :                 &opline->op2.u.constant TSRMLS_CC);
    2481             : 
    2482             : 
    2483          21 :         ZEND_VM_NEXT_OPCODE();
    2484             : }
    2485             : 
    2486           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2487             : {
    2488           0 :         zend_op *opline = EX(opline);
    2489             : 
    2490             : 
    2491           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    2492             :                 &opline->op1.u.constant,
    2493             :                 &opline->op2.u.constant TSRMLS_CC);
    2494             : 
    2495             : 
    2496           0 :         ZEND_VM_NEXT_OPCODE();
    2497             : }
    2498             : 
    2499       21777 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2500             : {
    2501       21777 :         zend_op *opline = EX(opline);
    2502             : 
    2503             : 
    2504       21777 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    2505             :                 &opline->op1.u.constant,
    2506             :                 &opline->op2.u.constant TSRMLS_CC);
    2507             : 
    2508             : 
    2509       21777 :         ZEND_VM_NEXT_OPCODE();
    2510             : }
    2511             : 
    2512           0 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2513             : {
    2514           0 :         zend_op *opline = EX(opline);
    2515             : 
    2516             : 
    2517           0 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    2518             :                 &opline->op1.u.constant,
    2519             :                 &opline->op2.u.constant TSRMLS_CC);
    2520             : 
    2521             : 
    2522           0 :         ZEND_VM_NEXT_OPCODE();
    2523             : }
    2524             : 
    2525           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2526             : {
    2527           0 :         zend_op *opline = EX(opline);
    2528             : 
    2529           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    2530             : 
    2531           0 :         is_identical_function(result,
    2532             :                 &opline->op1.u.constant,
    2533             :                 &opline->op2.u.constant TSRMLS_CC);
    2534           0 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    2535             : 
    2536             : 
    2537           0 :         ZEND_VM_NEXT_OPCODE();
    2538             : }
    2539             : 
    2540          91 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2541             : {
    2542          91 :         zend_op *opline = EX(opline);
    2543             : 
    2544          91 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    2545             : 
    2546          91 :         compare_function(result,
    2547             :                 &opline->op1.u.constant,
    2548             :                 &opline->op2.u.constant TSRMLS_CC);
    2549          91 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    2550             : 
    2551             : 
    2552          91 :         ZEND_VM_NEXT_OPCODE();
    2553             : }
    2554             : 
    2555         305 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2556             : {
    2557         305 :         zend_op *opline = EX(opline);
    2558             : 
    2559         305 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    2560             : 
    2561         305 :         compare_function(result,
    2562             :                 &opline->op1.u.constant,
    2563             :                 &opline->op2.u.constant TSRMLS_CC);
    2564         305 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    2565             : 
    2566             : 
    2567         305 :         ZEND_VM_NEXT_OPCODE();
    2568             : }
    2569             : 
    2570          26 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2571             : {
    2572          26 :         zend_op *opline = EX(opline);
    2573             : 
    2574          26 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    2575             : 
    2576          26 :         compare_function(result,
    2577             :                 &opline->op1.u.constant,
    2578             :                 &opline->op2.u.constant TSRMLS_CC);
    2579          26 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    2580             : 
    2581             : 
    2582          26 :         ZEND_VM_NEXT_OPCODE();
    2583             : }
    2584             : 
    2585           0 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2586             : {
    2587           0 :         zend_op *opline = EX(opline);
    2588             : 
    2589           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    2590             : 
    2591           0 :         compare_function(result,
    2592             :                 &opline->op1.u.constant,
    2593             :                 &opline->op2.u.constant TSRMLS_CC);
    2594           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    2595             : 
    2596             : 
    2597           0 :         ZEND_VM_NEXT_OPCODE();
    2598             : }
    2599             : 
    2600         609 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2601             : {
    2602         609 :         zend_op *opline = EX(opline);
    2603             : 
    2604             : 
    2605         609 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    2606             :                 &opline->op1.u.constant,
    2607             :                 &opline->op2.u.constant TSRMLS_CC);
    2608             : 
    2609             : 
    2610         609 :         ZEND_VM_NEXT_OPCODE();
    2611             : }
    2612             : 
    2613           0 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2614             : {
    2615           0 :         zend_op *opline = EX(opline);
    2616             : 
    2617             : 
    2618           0 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    2619             :                 &opline->op1.u.constant,
    2620             :                 &opline->op2.u.constant TSRMLS_CC);
    2621             : 
    2622             : 
    2623           0 :         ZEND_VM_NEXT_OPCODE();
    2624             : }
    2625             : 
    2626           9 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2627             : {
    2628           9 :         zend_op *opline = EX(opline);
    2629             : 
    2630             : 
    2631           9 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    2632             :                 &opline->op1.u.constant,
    2633             :                 &opline->op2.u.constant TSRMLS_CC);
    2634             : 
    2635             : 
    2636           9 :         ZEND_VM_NEXT_OPCODE();
    2637             : }
    2638             : 
    2639           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2640             : {
    2641           0 :         zend_op *opline = EX(opline);
    2642             : 
    2643             : 
    2644           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    2645             :                 &opline->op1.u.constant,
    2646             :                 &opline->op2.u.constant TSRMLS_CC);
    2647             : 
    2648             : 
    2649           0 :         ZEND_VM_NEXT_OPCODE();
    2650             : }
    2651             : 
    2652           6 : static int ZEND_FASTCALL  ZEND_FETCH_DIM_TMP_VAR_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2653             : {
    2654           6 :         zend_op *opline = EX(opline);
    2655             : 
    2656           6 :         zval *container = &opline->op1.u.constant;
    2657             : 
    2658           6 :         if (Z_TYPE_P(container) != IS_ARRAY) {
    2659           6 :                 if (!RETURN_VALUE_UNUSED(&opline->result)) {
    2660           6 :                         AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
    2661           6 :                         PZVAL_LOCK(EG(uninitialized_zval_ptr));
    2662             :                 }
    2663             :         } else {
    2664             : 
    2665           0 :                 zval *dim = &opline->op2.u.constant;
    2666             : 
    2667           0 :                 AI_SET_PTR(EX_T(opline->result.u.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, BP_VAR_R TSRMLS_CC));
    2668           0 :                 SELECTIVE_PZVAL_LOCK(EX_T(opline->result.u.var).var.ptr, &opline->result);
    2669             : 
    2670             :         }
    2671           6 :         ZEND_VM_NEXT_OPCODE();
    2672             : }
    2673             : 
    2674        5390 : static int ZEND_FASTCALL  ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2675             : {
    2676        5390 :         zend_op *opline = EX(opline);
    2677             :         zval *function_name;
    2678             :         zend_class_entry *ce;
    2679             : 
    2680        5390 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    2681             : 
    2682             :         if (IS_CONST == IS_CONST) {
    2683             :                 /* no function found. try a static method in class */
    2684        5390 :                 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
    2685        5390 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    2686           1 :                         ZEND_VM_CONTINUE();
    2687             :                 }
    2688        5389 :                 if (!ce) {
    2689           0 :                         zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
    2690             :                 }
    2691        5389 :                 EX(called_scope) = ce;
    2692             :         } else {
    2693             :                 ce = EX_T(opline->op1.u.var).class_entry;
    2694             : 
    2695             :                 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
    2696             :                         EX(called_scope) = EG(called_scope);
    2697             :                 } else {
    2698             :                         EX(called_scope) = ce;
    2699             :                 }
    2700             :         }
    2701             :         if(IS_CONST != IS_UNUSED) {
    2702        5389 :                 char *function_name_strval = NULL;
    2703        5389 :                 int function_name_strlen = 0;
    2704             : 
    2705             : 
    2706             :                 if (IS_CONST == IS_CONST) {
    2707        5389 :                         function_name_strval = Z_STRVAL(opline->op2.u.constant);
    2708        5389 :                         function_name_strlen = Z_STRLEN(opline->op2.u.constant);
    2709             :                 } else {
    2710             :                         function_name = &opline->op2.u.constant;
    2711             : 
    2712             :                         if (Z_TYPE_P(function_name) != IS_STRING) {
    2713             :                                 zend_error_noreturn(E_ERROR, "Function name must be a string");
    2714             :                         } else {
    2715             :                                 function_name_strval = Z_STRVAL_P(function_name);
    2716             :                                 function_name_strlen = Z_STRLEN_P(function_name);
    2717             :                         }
    2718             :                 }
    2719             : 
    2720        5389 :                 if (function_name_strval) {
    2721        5389 :                         if (ce->get_static_method) {
    2722           0 :                                 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    2723             :                         } else {
    2724        5389 :                                 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    2725             :                         }
    2726        5382 :                         if (!EX(fbc)) {
    2727           3 :                                 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
    2728             :                         }
    2729             :                 }
    2730             : 
    2731             :                 if (IS_CONST != IS_CONST) {
    2732             : 
    2733             :                 }
    2734             :         } else {
    2735             :                 if(!ce->constructor) {
    2736             :                         zend_error_noreturn(E_ERROR, "Cannot call constructor");
    2737             :                 }
    2738             :                 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
    2739             :                         zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
    2740             :                 }
    2741             :                 EX(fbc) = ce->constructor;
    2742             :         }
    2743             : 
    2744        5379 :         if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
    2745        5293 :                 EX(object) = NULL;
    2746             :         } else {
    2747         212 :                 if (EG(This) &&
    2748          63 :                     Z_OBJ_HT_P(EG(This))->get_class_entry &&
    2749          63 :                     !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
    2750             :                     /* We are calling method of the other (incompatible) class,
    2751             :                        but passing $this. This is done for compatibility with php-4. */
    2752             :                         int severity;
    2753             :                         char *verb;
    2754           1 :                         if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
    2755           0 :                                 severity = E_STRICT;
    2756           0 :                                 verb = "should not";
    2757             :                         } else {
    2758             :                                 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
    2759           1 :                                 severity = E_ERROR;
    2760           1 :                                 verb = "cannot";
    2761             :                         }
    2762           1 :                         zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
    2763             : 
    2764             :                 }
    2765          85 :                 if ((EX(object) = EG(This))) {
    2766          62 :                         Z_ADDREF_P(EX(object));
    2767          62 :                         EX(called_scope) = Z_OBJCE_P(EX(object));
    2768             :                 }
    2769             :         }
    2770             : 
    2771        5378 :         ZEND_VM_NEXT_OPCODE();
    2772             : }
    2773             : 
    2774          12 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2775             : {
    2776          12 :         zend_op *opline = EX(opline);
    2777          12 :         int switch_expr_is_overloaded=0;
    2778             : 
    2779             : 
    2780          12 :         if (IS_CONST==IS_VAR) {
    2781             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    2782             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    2783             :                 } else {
    2784             :                         switch_expr_is_overloaded = 1;
    2785             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    2786             :                 }
    2787             :         }
    2788          12 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    2789             :                                  &opline->op1.u.constant,
    2790             :                                  &opline->op2.u.constant TSRMLS_CC);
    2791             : 
    2792          12 :         if (switch_expr_is_overloaded) {
    2793             :                 /* We only free op1 if this is a string offset,
    2794             :                  * Since if it is a TMP_VAR, it'll be reused by
    2795             :                  * other CASE opcodes (whereas string offsets
    2796             :                  * are allocated at each get_zval_ptr())
    2797             :                  */
    2798             : 
    2799           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    2800           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    2801             :         }
    2802          12 :         ZEND_VM_NEXT_OPCODE();
    2803             : }
    2804             : 
    2805       10389 : static int ZEND_FASTCALL  ZEND_FETCH_CONSTANT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2806             : {
    2807       10389 :         zend_op *opline = EX(opline);
    2808             : 
    2809       10389 :         if (IS_CONST == IS_UNUSED) {
    2810             :                 /* namespaced constant */
    2811             :                 if (!zend_get_constant_ex(Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant), &EX_T(opline->result.u.var).tmp_var, NULL, opline->extended_value TSRMLS_CC)) {
    2812             :                         if ((opline->extended_value & IS_CONSTANT_UNQUALIFIED) != 0) {
    2813             :                                 char *actual = (char *)zend_memrchr(Z_STRVAL(opline->op2.u.constant), '\\', Z_STRLEN(opline->op2.u.constant));
    2814             :                                 if(!actual) {
    2815             :                                         actual = Z_STRVAL(opline->op2.u.constant);
    2816             :                                 } else {
    2817             :                                         actual++;
    2818             :                                 }
    2819             :                                 /* non-qualified constant - allow text substitution */
    2820             :                                 zend_error(E_NOTICE, "Use of undefined constant %s - assumed '%s'", actual, actual);
    2821             :                                 ZVAL_STRINGL(&EX_T(opline->result.u.var).tmp_var, actual, Z_STRLEN(opline->op2.u.constant)-(actual - Z_STRVAL(opline->op2.u.constant)), 1);
    2822             :                         } else {
    2823             :                                 zend_error_noreturn(E_ERROR, "Undefined constant '%s'",
    2824             :                                                         Z_STRVAL(opline->op2.u.constant), Z_STRVAL(opline->op2.u.constant));
    2825             :                         }
    2826             :                 }
    2827             :                 ZEND_VM_NEXT_OPCODE();
    2828             :         } else {
    2829             :                 /* class constant */
    2830             :                 zend_class_entry *ce;
    2831             :                 zval **value;
    2832             : 
    2833             :                 if (IS_CONST == IS_CONST) {
    2834             : 
    2835       10389 :                         ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
    2836       10388 :                         if (UNEXPECTED(EG(exception) != NULL)) {
    2837           1 :                                 ZEND_VM_CONTINUE();
    2838             :                         }
    2839       10387 :                         if (!ce) {
    2840           0 :                                 zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
    2841             :                         }
    2842             :                 } else {
    2843             :                         ce = EX_T(opline->op1.u.var).class_entry;
    2844             :                 }
    2845             : 
    2846       10387 :                 if (zend_hash_find(&ce->constants_table, Z_STRVAL(opline->op2.u.constant), Z_STRLEN(opline->op2.u.constant)+1, (void **) &value) == SUCCESS) {
    2847       20770 :                         if (Z_TYPE_PP(value) == IS_CONSTANT_ARRAY ||
    2848       10385 :                             (Z_TYPE_PP(value) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT) {
    2849          25 :                                 zend_class_entry *old_scope = EG(scope);
    2850             : 
    2851          25 :                                 EG(scope) = ce;
    2852          25 :                                 zval_update_constant(value, (void *) 1 TSRMLS_CC);
    2853          23 :                                 EG(scope) = old_scope;
    2854             :                         }
    2855       10383 :                         EX_T(opline->result.u.var).tmp_var = **value;
    2856       10383 :                         zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
    2857             :                 } else {
    2858           2 :                         zend_error_noreturn(E_ERROR, "Undefined class constant '%s'", Z_STRVAL(opline->op2.u.constant));
    2859             :                 }
    2860             : 
    2861       10383 :                 ZEND_VM_NEXT_OPCODE();
    2862             :         }
    2863             : }
    2864             : 
    2865       71595 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2866             : {
    2867       71595 :         zend_op *opline = EX(opline);
    2868             : 
    2869       71595 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    2870             :         zval *expr_ptr;
    2871       71595 :         zval *offset=&opline->op2.u.constant;
    2872             : 
    2873             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    2874             :         zval **expr_ptr_ptr = NULL;
    2875             : 
    2876             :         if (opline->extended_value) {
    2877             :                 expr_ptr_ptr=NULL;
    2878             :                 expr_ptr = *expr_ptr_ptr;
    2879             :         } else {
    2880             :                 expr_ptr=&opline->op1.u.constant;
    2881             :         }
    2882             : #else
    2883       71595 :         expr_ptr=&opline->op1.u.constant;
    2884             : #endif
    2885             : 
    2886       71595 :         if (0) { /* temporary variable */
    2887             :                 zval *new_expr;
    2888             : 
    2889             :                 ALLOC_ZVAL(new_expr);
    2890             :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    2891             :                 expr_ptr = new_expr;
    2892             :         } else {
    2893             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    2894             :                 if (opline->extended_value) {
    2895             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    2896             :                         expr_ptr = *expr_ptr_ptr;
    2897             :                         Z_ADDREF_P(expr_ptr);
    2898             :                 } else
    2899             : #endif
    2900             :                 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    2901             :                         zval *new_expr;
    2902             : 
    2903       71595 :                         ALLOC_ZVAL(new_expr);
    2904       71595 :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    2905       71595 :                         expr_ptr = new_expr;
    2906       71595 :                         zendi_zval_copy_ctor(*expr_ptr);
    2907             :                 } else {
    2908             :                         Z_ADDREF_P(expr_ptr);
    2909             :                 }
    2910             :         }
    2911       71595 :         if (offset) {
    2912       71595 :                 switch (Z_TYPE_P(offset)) {
    2913             :                         case IS_DOUBLE:
    2914         546 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    2915         273 :                                 break;
    2916             :                         case IS_LONG:
    2917             :                         case IS_BOOL:
    2918        2472 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    2919        2472 :                                 break;
    2920             :                         case IS_STRING:
    2921       68727 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    2922       68727 :                                 break;
    2923             :                         case IS_NULL:
    2924         123 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    2925         123 :                                 break;
    2926             :                         default:
    2927           0 :                                 zend_error(E_WARNING, "Illegal offset type");
    2928           0 :                                 zval_ptr_dtor(&expr_ptr);
    2929             :                                 /* do nothing */
    2930             :                                 break;
    2931             :                 }
    2932             : 
    2933             :         } else {
    2934           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    2935             :         }
    2936       71595 :         if (opline->extended_value) {
    2937             : 
    2938             :         } else {
    2939             : 
    2940             :         }
    2941       71595 :         ZEND_VM_NEXT_OPCODE();
    2942             : }
    2943             : 
    2944       37286 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2945             : {
    2946       37286 :         zend_op *opline = EX(opline);
    2947             : 
    2948       37286 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    2949       37286 :         if (IS_CONST == IS_UNUSED) {
    2950             :                 ZEND_VM_NEXT_OPCODE();
    2951             : #if 0 || IS_CONST != IS_UNUSED
    2952             :         } else {
    2953       37286 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    2954             : #endif
    2955             :         }
    2956             : }
    2957             : 
    2958          32 : static int ZEND_FASTCALL  ZEND_DECLARE_CONST_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2959             : {
    2960          32 :         zend_op *opline = EX(opline);
    2961             : 
    2962          32 :         zval *name  = &opline->op1.u.constant;
    2963          32 :         zval *val   = &opline->op2.u.constant;
    2964             :         zend_constant c;
    2965             : 
    2966          34 :         if ((Z_TYPE_P(val) & IS_CONSTANT_TYPE_MASK) == IS_CONSTANT || Z_TYPE_P(val) == IS_CONSTANT_ARRAY) {
    2967           2 :                 zval tmp = *val;
    2968           2 :                 zval *tmp_ptr = &tmp;
    2969             : 
    2970           2 :                 if (Z_TYPE_P(val) == IS_CONSTANT_ARRAY) {
    2971           0 :                         zval_copy_ctor(&tmp);
    2972             :                 }
    2973           2 :                 INIT_PZVAL(&tmp);
    2974           2 :                 zval_update_constant(&tmp_ptr, NULL TSRMLS_CC);
    2975           2 :                 c.value = *tmp_ptr;
    2976             :         } else {
    2977          30 :                 c.value = *val;
    2978          30 :                 zval_copy_ctor(&c.value);
    2979             :         }
    2980          32 :         c.flags = CONST_CS; /* non persistent, case sensetive */
    2981          32 :         c.name = zend_strndup(Z_STRVAL_P(name), Z_STRLEN_P(name));
    2982          32 :         c.name_len = Z_STRLEN_P(name)+1;
    2983          32 :         c.module_number = PHP_USER_CONSTANT;
    2984             : 
    2985          32 :         if (zend_register_constant(&c TSRMLS_CC) == FAILURE) {
    2986             :         }
    2987             : 
    2988             : 
    2989          32 :         ZEND_VM_NEXT_OPCODE();
    2990             : }
    2991             : 
    2992         169 : static int ZEND_FASTCALL  ZEND_DECLARE_LAMBDA_FUNCTION_SPEC_CONST_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    2993             : {
    2994         169 :         zend_op *opline = EX(opline);
    2995             :         zend_function *op_array;
    2996             : 
    2997         338 :         if (zend_hash_quick_find(EG(function_table), Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), Z_LVAL(opline->op2.u.constant), (void *) &op_array) == FAILURE ||
    2998         169 :             op_array->type != ZEND_USER_FUNCTION) {
    2999           0 :                 zend_error_noreturn(E_ERROR, "Base lambda function for closure not found");
    3000             :         }
    3001             : 
    3002         169 :         zend_create_closure(&EX_T(opline->result.u.var).tmp_var, op_array TSRMLS_CC);
    3003             : 
    3004         169 :         ZEND_VM_NEXT_OPCODE();
    3005             : }
    3006             : 
    3007       70102 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3008             : {
    3009       70102 :         zend_op *opline = EX(opline);
    3010             :         zend_free_op free_op2;
    3011             : 
    3012       70102 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    3013             :                 &opline->op1.u.constant,
    3014       70102 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3015             : 
    3016       70102 :         zval_dtor(free_op2.var);
    3017       70102 :         ZEND_VM_NEXT_OPCODE();
    3018             : }
    3019             : 
    3020          43 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3021             : {
    3022          43 :         zend_op *opline = EX(opline);
    3023             :         zend_free_op free_op2;
    3024             : 
    3025          43 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    3026             :                 &opline->op1.u.constant,
    3027          43 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3028             : 
    3029          43 :         zval_dtor(free_op2.var);
    3030          43 :         ZEND_VM_NEXT_OPCODE();
    3031             : }
    3032             : 
    3033           2 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3034             : {
    3035           2 :         zend_op *opline = EX(opline);
    3036             :         zend_free_op free_op2;
    3037             : 
    3038           2 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    3039             :                 &opline->op1.u.constant,
    3040           2 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3041             : 
    3042           2 :         zval_dtor(free_op2.var);
    3043           2 :         ZEND_VM_NEXT_OPCODE();
    3044             : }
    3045             : 
    3046           0 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3047             : {
    3048           0 :         zend_op *opline = EX(opline);
    3049             :         zend_free_op free_op2;
    3050             : 
    3051           0 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    3052             :                 &opline->op1.u.constant,
    3053           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3054             : 
    3055           0 :         zval_dtor(free_op2.var);
    3056           0 :         ZEND_VM_NEXT_OPCODE();
    3057             : }
    3058             : 
    3059           0 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3060             : {
    3061           0 :         zend_op *opline = EX(opline);
    3062             :         zend_free_op free_op2;
    3063             : 
    3064           0 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    3065             :                 &opline->op1.u.constant,
    3066           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3067             : 
    3068           0 :         zval_dtor(free_op2.var);
    3069           0 :         ZEND_VM_NEXT_OPCODE();
    3070             : }
    3071             : 
    3072           0 : static int ZEND_FASTCALL  ZEND_SL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3073             : {
    3074           0 :         zend_op *opline = EX(opline);
    3075             :         zend_free_op free_op2;
    3076             : 
    3077           0 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    3078             :                 &opline->op1.u.constant,
    3079           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3080             : 
    3081           0 :         zval_dtor(free_op2.var);
    3082           0 :         ZEND_VM_NEXT_OPCODE();
    3083             : }
    3084             : 
    3085           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3086             : {
    3087           0 :         zend_op *opline = EX(opline);
    3088             :         zend_free_op free_op2;
    3089             : 
    3090           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    3091             :                 &opline->op1.u.constant,
    3092           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3093             : 
    3094           0 :         zval_dtor(free_op2.var);
    3095           0 :         ZEND_VM_NEXT_OPCODE();
    3096             : }
    3097             : 
    3098        1842 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3099             : {
    3100        1842 :         zend_op *opline = EX(opline);
    3101             :         zend_free_op free_op2;
    3102             : 
    3103        1842 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    3104             :                 &opline->op1.u.constant,
    3105        1842 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3106             : 
    3107        1842 :         zval_dtor(free_op2.var);
    3108        1842 :         ZEND_VM_NEXT_OPCODE();
    3109             : }
    3110             : 
    3111           0 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3112             : {
    3113           0 :         zend_op *opline = EX(opline);
    3114             :         zend_free_op free_op2;
    3115             : 
    3116           0 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    3117             :                 &opline->op1.u.constant,
    3118           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3119             : 
    3120           0 :         zval_dtor(free_op2.var);
    3121           0 :         ZEND_VM_NEXT_OPCODE();
    3122             : }
    3123             : 
    3124           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3125             : {
    3126           0 :         zend_op *opline = EX(opline);
    3127             :         zend_free_op free_op2;
    3128           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3129             : 
    3130           0 :         is_identical_function(result,
    3131             :                 &opline->op1.u.constant,
    3132           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3133           0 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    3134             : 
    3135           0 :         zval_dtor(free_op2.var);
    3136           0 :         ZEND_VM_NEXT_OPCODE();
    3137             : }
    3138             : 
    3139          12 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3140             : {
    3141          12 :         zend_op *opline = EX(opline);
    3142             :         zend_free_op free_op2;
    3143          12 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3144             : 
    3145          12 :         compare_function(result,
    3146             :                 &opline->op1.u.constant,
    3147          12 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3148          12 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    3149             : 
    3150          12 :         zval_dtor(free_op2.var);
    3151          12 :         ZEND_VM_NEXT_OPCODE();
    3152             : }
    3153             : 
    3154           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3155             : {
    3156           0 :         zend_op *opline = EX(opline);
    3157             :         zend_free_op free_op2;
    3158           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3159             : 
    3160           0 :         compare_function(result,
    3161             :                 &opline->op1.u.constant,
    3162           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3163           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    3164             : 
    3165           0 :         zval_dtor(free_op2.var);
    3166           0 :         ZEND_VM_NEXT_OPCODE();
    3167             : }
    3168             : 
    3169      460477 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3170             : {
    3171      460477 :         zend_op *opline = EX(opline);
    3172             :         zend_free_op free_op2;
    3173      460477 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3174             : 
    3175      460477 :         compare_function(result,
    3176             :                 &opline->op1.u.constant,
    3177      460477 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3178      460477 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    3179             : 
    3180      460477 :         zval_dtor(free_op2.var);
    3181      460477 :         ZEND_VM_NEXT_OPCODE();
    3182             : }
    3183             : 
    3184       18309 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3185             : {
    3186       18309 :         zend_op *opline = EX(opline);
    3187             :         zend_free_op free_op2;
    3188       18309 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3189             : 
    3190       18309 :         compare_function(result,
    3191             :                 &opline->op1.u.constant,
    3192       18309 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3193       18309 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    3194             : 
    3195       18309 :         zval_dtor(free_op2.var);
    3196       18309 :         ZEND_VM_NEXT_OPCODE();
    3197             : }
    3198             : 
    3199       33885 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3200             : {
    3201       33885 :         zend_op *opline = EX(opline);
    3202             :         zend_free_op free_op2;
    3203             : 
    3204       33885 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    3205             :                 &opline->op1.u.constant,
    3206       33885 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3207             : 
    3208       33885 :         zval_dtor(free_op2.var);
    3209       33885 :         ZEND_VM_NEXT_OPCODE();
    3210             : }
    3211             : 
    3212          77 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3213             : {
    3214          77 :         zend_op *opline = EX(opline);
    3215             :         zend_free_op free_op2;
    3216             : 
    3217          77 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    3218             :                 &opline->op1.u.constant,
    3219          77 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3220             : 
    3221          77 :         zval_dtor(free_op2.var);
    3222          77 :         ZEND_VM_NEXT_OPCODE();
    3223             : }
    3224             : 
    3225           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3226             : {
    3227           0 :         zend_op *opline = EX(opline);
    3228             :         zend_free_op free_op2;
    3229             : 
    3230           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    3231             :                 &opline->op1.u.constant,
    3232           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3233             : 
    3234           0 :         zval_dtor(free_op2.var);
    3235           0 :         ZEND_VM_NEXT_OPCODE();
    3236             : }
    3237             : 
    3238           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3239             : {
    3240           0 :         zend_op *opline = EX(opline);
    3241             :         zend_free_op free_op2;
    3242             : 
    3243           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    3244             :                 &opline->op1.u.constant,
    3245           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3246             : 
    3247           0 :         zval_dtor(free_op2.var);
    3248           0 :         ZEND_VM_NEXT_OPCODE();
    3249             : }
    3250             : 
    3251           0 : static int ZEND_FASTCALL  ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3252             : {
    3253           0 :         zend_op *opline = EX(opline);
    3254             :         zval *function_name;
    3255             :         zend_class_entry *ce;
    3256             : 
    3257           0 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    3258             : 
    3259             :         if (IS_CONST == IS_CONST) {
    3260             :                 /* no function found. try a static method in class */
    3261           0 :                 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
    3262           0 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    3263           0 :                         ZEND_VM_CONTINUE();
    3264             :                 }
    3265           0 :                 if (!ce) {
    3266           0 :                         zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
    3267             :                 }
    3268           0 :                 EX(called_scope) = ce;
    3269             :         } else {
    3270             :                 ce = EX_T(opline->op1.u.var).class_entry;
    3271             : 
    3272             :                 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
    3273             :                         EX(called_scope) = EG(called_scope);
    3274             :                 } else {
    3275             :                         EX(called_scope) = ce;
    3276             :                 }
    3277             :         }
    3278             :         if(IS_TMP_VAR != IS_UNUSED) {
    3279           0 :                 char *function_name_strval = NULL;
    3280           0 :                 int function_name_strlen = 0;
    3281             :                 zend_free_op free_op2;
    3282             : 
    3283           0 :                 if (IS_TMP_VAR == IS_CONST) {
    3284             :                         function_name_strval = Z_STRVAL(opline->op2.u.constant);
    3285             :                         function_name_strlen = Z_STRLEN(opline->op2.u.constant);
    3286             :                 } else {
    3287           0 :                         function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    3288             : 
    3289           0 :                         if (Z_TYPE_P(function_name) != IS_STRING) {
    3290           0 :                                 zend_error_noreturn(E_ERROR, "Function name must be a string");
    3291             :                         } else {
    3292           0 :                                 function_name_strval = Z_STRVAL_P(function_name);
    3293           0 :                                 function_name_strlen = Z_STRLEN_P(function_name);
    3294             :                         }
    3295             :                 }
    3296             : 
    3297           0 :                 if (function_name_strval) {
    3298           0 :                         if (ce->get_static_method) {
    3299           0 :                                 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    3300             :                         } else {
    3301           0 :                                 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    3302             :                         }
    3303           0 :                         if (!EX(fbc)) {
    3304           0 :                                 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
    3305             :                         }
    3306             :                 }
    3307             : 
    3308             :                 if (IS_TMP_VAR != IS_CONST) {
    3309           0 :                         zval_dtor(free_op2.var);
    3310             :                 }
    3311             :         } else {
    3312             :                 if(!ce->constructor) {
    3313             :                         zend_error_noreturn(E_ERROR, "Cannot call constructor");
    3314             :                 }
    3315             :                 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
    3316             :                         zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
    3317             :                 }
    3318             :                 EX(fbc) = ce->constructor;
    3319             :         }
    3320             : 
    3321           0 :         if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
    3322           0 :                 EX(object) = NULL;
    3323             :         } else {
    3324           0 :                 if (EG(This) &&
    3325           0 :                     Z_OBJ_HT_P(EG(This))->get_class_entry &&
    3326           0 :                     !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
    3327             :                     /* We are calling method of the other (incompatible) class,
    3328             :                        but passing $this. This is done for compatibility with php-4. */
    3329             :                         int severity;
    3330             :                         char *verb;
    3331           0 :                         if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
    3332           0 :                                 severity = E_STRICT;
    3333           0 :                                 verb = "should not";
    3334             :                         } else {
    3335             :                                 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
    3336           0 :                                 severity = E_ERROR;
    3337           0 :                                 verb = "cannot";
    3338             :                         }
    3339           0 :                         zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
    3340             : 
    3341             :                 }
    3342           0 :                 if ((EX(object) = EG(This))) {
    3343           0 :                         Z_ADDREF_P(EX(object));
    3344           0 :                         EX(called_scope) = Z_OBJCE_P(EX(object));
    3345             :                 }
    3346             :         }
    3347             : 
    3348           0 :         ZEND_VM_NEXT_OPCODE();
    3349             : }
    3350             : 
    3351          66 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3352             : {
    3353          66 :         zend_op *opline = EX(opline);
    3354          66 :         int switch_expr_is_overloaded=0;
    3355             :         zend_free_op free_op2;
    3356             : 
    3357          66 :         if (IS_CONST==IS_VAR) {
    3358             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    3359             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    3360             :                 } else {
    3361             :                         switch_expr_is_overloaded = 1;
    3362             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    3363             :                 }
    3364             :         }
    3365          66 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    3366             :                                  &opline->op1.u.constant,
    3367          66 :                                  _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3368             : 
    3369          66 :         zval_dtor(free_op2.var);
    3370          66 :         if (switch_expr_is_overloaded) {
    3371             :                 /* We only free op1 if this is a string offset,
    3372             :                  * Since if it is a TMP_VAR, it'll be reused by
    3373             :                  * other CASE opcodes (whereas string offsets
    3374             :                  * are allocated at each get_zval_ptr())
    3375             :                  */
    3376             : 
    3377           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    3378           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    3379             :         }
    3380          66 :         ZEND_VM_NEXT_OPCODE();
    3381             : }
    3382             : 
    3383         209 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3384             : {
    3385         209 :         zend_op *opline = EX(opline);
    3386             :         zend_free_op free_op2;
    3387         209 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    3388             :         zval *expr_ptr;
    3389         418 :         zval *offset=_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    3390             : 
    3391             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    3392             :         zval **expr_ptr_ptr = NULL;
    3393             : 
    3394             :         if (opline->extended_value) {
    3395             :                 expr_ptr_ptr=NULL;
    3396             :                 expr_ptr = *expr_ptr_ptr;
    3397             :         } else {
    3398             :                 expr_ptr=&opline->op1.u.constant;
    3399             :         }
    3400             : #else
    3401         209 :         expr_ptr=&opline->op1.u.constant;
    3402             : #endif
    3403             : 
    3404         209 :         if (0) { /* temporary variable */
    3405             :                 zval *new_expr;
    3406             : 
    3407             :                 ALLOC_ZVAL(new_expr);
    3408             :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    3409             :                 expr_ptr = new_expr;
    3410             :         } else {
    3411             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    3412             :                 if (opline->extended_value) {
    3413             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    3414             :                         expr_ptr = *expr_ptr_ptr;
    3415             :                         Z_ADDREF_P(expr_ptr);
    3416             :                 } else
    3417             : #endif
    3418             :                 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    3419             :                         zval *new_expr;
    3420             : 
    3421         209 :                         ALLOC_ZVAL(new_expr);
    3422         209 :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    3423         209 :                         expr_ptr = new_expr;
    3424         209 :                         zendi_zval_copy_ctor(*expr_ptr);
    3425             :                 } else {
    3426             :                         Z_ADDREF_P(expr_ptr);
    3427             :                 }
    3428             :         }
    3429         209 :         if (offset) {
    3430         209 :                 switch (Z_TYPE_P(offset)) {
    3431             :                         case IS_DOUBLE:
    3432           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    3433           0 :                                 break;
    3434             :                         case IS_LONG:
    3435             :                         case IS_BOOL:
    3436         137 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    3437         137 :                                 break;
    3438             :                         case IS_STRING:
    3439          71 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    3440          71 :                                 break;
    3441             :                         case IS_NULL:
    3442           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    3443           0 :                                 break;
    3444             :                         default:
    3445           1 :                                 zend_error(E_WARNING, "Illegal offset type");
    3446           1 :                                 zval_ptr_dtor(&expr_ptr);
    3447             :                                 /* do nothing */
    3448             :                                 break;
    3449             :                 }
    3450         209 :                 zval_dtor(free_op2.var);
    3451             :         } else {
    3452           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    3453             :         }
    3454         209 :         if (opline->extended_value) {
    3455             : 
    3456             :         } else {
    3457             : 
    3458             :         }
    3459         209 :         ZEND_VM_NEXT_OPCODE();
    3460             : }
    3461             : 
    3462         104 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3463             : {
    3464         104 :         zend_op *opline = EX(opline);
    3465             : 
    3466         104 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    3467         104 :         if (IS_CONST == IS_UNUSED) {
    3468             :                 ZEND_VM_NEXT_OPCODE();
    3469             : #if 0 || IS_CONST != IS_UNUSED
    3470             :         } else {
    3471         104 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    3472             : #endif
    3473             :         }
    3474             : }
    3475             : 
    3476           1 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3477             : {
    3478           1 :         zend_op *opline = EX(opline);
    3479             :         zend_free_op free_op2;
    3480             : 
    3481           1 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    3482             :                 &opline->op1.u.constant,
    3483           1 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3484             : 
    3485           1 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3486           1 :         ZEND_VM_NEXT_OPCODE();
    3487             : }
    3488             : 
    3489        2182 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3490             : {
    3491        2182 :         zend_op *opline = EX(opline);
    3492             :         zend_free_op free_op2;
    3493             : 
    3494        2182 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    3495             :                 &opline->op1.u.constant,
    3496        2182 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3497             : 
    3498        2182 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3499        2182 :         ZEND_VM_NEXT_OPCODE();
    3500             : }
    3501             : 
    3502         626 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3503             : {
    3504         626 :         zend_op *opline = EX(opline);
    3505             :         zend_free_op free_op2;
    3506             : 
    3507         626 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    3508             :                 &opline->op1.u.constant,
    3509         626 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3510             : 
    3511         626 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3512         626 :         ZEND_VM_NEXT_OPCODE();
    3513             : }
    3514             : 
    3515           0 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3516             : {
    3517           0 :         zend_op *opline = EX(opline);
    3518             :         zend_free_op free_op2;
    3519             : 
    3520           0 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    3521             :                 &opline->op1.u.constant,
    3522           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3523             : 
    3524           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3525           0 :         ZEND_VM_NEXT_OPCODE();
    3526             : }
    3527             : 
    3528           0 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3529             : {
    3530           0 :         zend_op *opline = EX(opline);
    3531             :         zend_free_op free_op2;
    3532             : 
    3533           0 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    3534             :                 &opline->op1.u.constant,
    3535           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3536             : 
    3537           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3538           0 :         ZEND_VM_NEXT_OPCODE();
    3539             : }
    3540             : 
    3541           0 : static int ZEND_FASTCALL  ZEND_SL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3542             : {
    3543           0 :         zend_op *opline = EX(opline);
    3544             :         zend_free_op free_op2;
    3545             : 
    3546           0 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    3547             :                 &opline->op1.u.constant,
    3548           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3549             : 
    3550           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3551           0 :         ZEND_VM_NEXT_OPCODE();
    3552             : }
    3553             : 
    3554           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3555             : {
    3556           0 :         zend_op *opline = EX(opline);
    3557             :         zend_free_op free_op2;
    3558             : 
    3559           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    3560             :                 &opline->op1.u.constant,
    3561           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3562             : 
    3563           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3564           0 :         ZEND_VM_NEXT_OPCODE();
    3565             : }
    3566             : 
    3567      148273 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3568             : {
    3569      148273 :         zend_op *opline = EX(opline);
    3570             :         zend_free_op free_op2;
    3571             : 
    3572      148273 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    3573             :                 &opline->op1.u.constant,
    3574      148273 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3575             : 
    3576      148273 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3577      148273 :         ZEND_VM_NEXT_OPCODE();
    3578             : }
    3579             : 
    3580         131 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3581             : {
    3582         131 :         zend_op *opline = EX(opline);
    3583             :         zend_free_op free_op2;
    3584             : 
    3585         131 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    3586             :                 &opline->op1.u.constant,
    3587         131 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3588             : 
    3589         131 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3590         131 :         ZEND_VM_NEXT_OPCODE();
    3591             : }
    3592             : 
    3593        7545 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3594             : {
    3595        7545 :         zend_op *opline = EX(opline);
    3596             :         zend_free_op free_op2;
    3597        7545 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3598             : 
    3599        7545 :         is_identical_function(result,
    3600             :                 &opline->op1.u.constant,
    3601        7545 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3602        7545 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    3603             : 
    3604        7545 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3605        7545 :         ZEND_VM_NEXT_OPCODE();
    3606             : }
    3607             : 
    3608        1998 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3609             : {
    3610        1998 :         zend_op *opline = EX(opline);
    3611             :         zend_free_op free_op2;
    3612        1998 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3613             : 
    3614        1998 :         compare_function(result,
    3615             :                 &opline->op1.u.constant,
    3616        1998 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3617        1998 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    3618             : 
    3619        1998 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3620        1998 :         ZEND_VM_NEXT_OPCODE();
    3621             : }
    3622             : 
    3623         105 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3624             : {
    3625         105 :         zend_op *opline = EX(opline);
    3626             :         zend_free_op free_op2;
    3627         105 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3628             : 
    3629         105 :         compare_function(result,
    3630             :                 &opline->op1.u.constant,
    3631         105 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3632         105 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    3633             : 
    3634         105 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3635         105 :         ZEND_VM_NEXT_OPCODE();
    3636             : }
    3637             : 
    3638      292373 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3639             : {
    3640      292373 :         zend_op *opline = EX(opline);
    3641             :         zend_free_op free_op2;
    3642      292373 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3643             : 
    3644      292373 :         compare_function(result,
    3645             :                 &opline->op1.u.constant,
    3646      292373 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3647      292373 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    3648             : 
    3649      292373 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3650      292373 :         ZEND_VM_NEXT_OPCODE();
    3651             : }
    3652             : 
    3653          49 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3654             : {
    3655          49 :         zend_op *opline = EX(opline);
    3656             :         zend_free_op free_op2;
    3657          49 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    3658             : 
    3659          49 :         compare_function(result,
    3660             :                 &opline->op1.u.constant,
    3661          49 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3662          49 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    3663             : 
    3664          49 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3665          49 :         ZEND_VM_NEXT_OPCODE();
    3666             : }
    3667             : 
    3668           0 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3669             : {
    3670           0 :         zend_op *opline = EX(opline);
    3671             :         zend_free_op free_op2;
    3672             : 
    3673           0 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    3674             :                 &opline->op1.u.constant,
    3675           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3676             : 
    3677           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3678           0 :         ZEND_VM_NEXT_OPCODE();
    3679             : }
    3680             : 
    3681           1 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3682             : {
    3683           1 :         zend_op *opline = EX(opline);
    3684             :         zend_free_op free_op2;
    3685             : 
    3686           1 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    3687             :                 &opline->op1.u.constant,
    3688           1 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3689             : 
    3690           1 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3691           1 :         ZEND_VM_NEXT_OPCODE();
    3692             : }
    3693             : 
    3694           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3695             : {
    3696           0 :         zend_op *opline = EX(opline);
    3697             :         zend_free_op free_op2;
    3698             : 
    3699           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    3700             :                 &opline->op1.u.constant,
    3701           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3702             : 
    3703           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3704           0 :         ZEND_VM_NEXT_OPCODE();
    3705             : }
    3706             : 
    3707           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3708             : {
    3709           0 :         zend_op *opline = EX(opline);
    3710             :         zend_free_op free_op2;
    3711             : 
    3712           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    3713             :                 &opline->op1.u.constant,
    3714           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3715             : 
    3716           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3717           0 :         ZEND_VM_NEXT_OPCODE();
    3718             : }
    3719             : 
    3720           2 : static int ZEND_FASTCALL  ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3721             : {
    3722           2 :         zend_op *opline = EX(opline);
    3723             :         zval *function_name;
    3724             :         zend_class_entry *ce;
    3725             : 
    3726           2 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    3727             : 
    3728             :         if (IS_CONST == IS_CONST) {
    3729             :                 /* no function found. try a static method in class */
    3730           2 :                 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
    3731           2 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    3732           0 :                         ZEND_VM_CONTINUE();
    3733             :                 }
    3734           2 :                 if (!ce) {
    3735           0 :                         zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
    3736             :                 }
    3737           2 :                 EX(called_scope) = ce;
    3738             :         } else {
    3739             :                 ce = EX_T(opline->op1.u.var).class_entry;
    3740             : 
    3741             :                 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
    3742             :                         EX(called_scope) = EG(called_scope);
    3743             :                 } else {
    3744             :                         EX(called_scope) = ce;
    3745             :                 }
    3746             :         }
    3747             :         if(IS_VAR != IS_UNUSED) {
    3748           2 :                 char *function_name_strval = NULL;
    3749           2 :                 int function_name_strlen = 0;
    3750             :                 zend_free_op free_op2;
    3751             : 
    3752           2 :                 if (IS_VAR == IS_CONST) {
    3753             :                         function_name_strval = Z_STRVAL(opline->op2.u.constant);
    3754             :                         function_name_strlen = Z_STRLEN(opline->op2.u.constant);
    3755             :                 } else {
    3756           4 :                         function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    3757             : 
    3758           2 :                         if (Z_TYPE_P(function_name) != IS_STRING) {
    3759           0 :                                 zend_error_noreturn(E_ERROR, "Function name must be a string");
    3760             :                         } else {
    3761           2 :                                 function_name_strval = Z_STRVAL_P(function_name);
    3762           2 :                                 function_name_strlen = Z_STRLEN_P(function_name);
    3763             :                         }
    3764             :                 }
    3765             : 
    3766           2 :                 if (function_name_strval) {
    3767           2 :                         if (ce->get_static_method) {
    3768           0 :                                 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    3769             :                         } else {
    3770           2 :                                 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    3771             :                         }
    3772           2 :                         if (!EX(fbc)) {
    3773           0 :                                 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
    3774             :                         }
    3775             :                 }
    3776             : 
    3777             :                 if (IS_VAR != IS_CONST) {
    3778           2 :                         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3779             :                 }
    3780             :         } else {
    3781             :                 if(!ce->constructor) {
    3782             :                         zend_error_noreturn(E_ERROR, "Cannot call constructor");
    3783             :                 }
    3784             :                 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
    3785             :                         zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
    3786             :                 }
    3787             :                 EX(fbc) = ce->constructor;
    3788             :         }
    3789             : 
    3790           2 :         if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
    3791           1 :                 EX(object) = NULL;
    3792             :         } else {
    3793           1 :                 if (EG(This) &&
    3794           0 :                     Z_OBJ_HT_P(EG(This))->get_class_entry &&
    3795           0 :                     !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
    3796             :                     /* We are calling method of the other (incompatible) class,
    3797             :                        but passing $this. This is done for compatibility with php-4. */
    3798             :                         int severity;
    3799             :                         char *verb;
    3800           0 :                         if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
    3801           0 :                                 severity = E_STRICT;
    3802           0 :                                 verb = "should not";
    3803             :                         } else {
    3804             :                                 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
    3805           0 :                                 severity = E_ERROR;
    3806           0 :                                 verb = "cannot";
    3807             :                         }
    3808           0 :                         zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
    3809             : 
    3810             :                 }
    3811           1 :                 if ((EX(object) = EG(This))) {
    3812           0 :                         Z_ADDREF_P(EX(object));
    3813           0 :                         EX(called_scope) = Z_OBJCE_P(EX(object));
    3814             :                 }
    3815             :         }
    3816             : 
    3817           2 :         ZEND_VM_NEXT_OPCODE();
    3818             : }
    3819             : 
    3820           0 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3821             : {
    3822           0 :         zend_op *opline = EX(opline);
    3823           0 :         int switch_expr_is_overloaded=0;
    3824             :         zend_free_op free_op2;
    3825             : 
    3826           0 :         if (IS_CONST==IS_VAR) {
    3827             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    3828             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    3829             :                 } else {
    3830             :                         switch_expr_is_overloaded = 1;
    3831             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    3832             :                 }
    3833             :         }
    3834           0 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    3835             :                                  &opline->op1.u.constant,
    3836           0 :                                  _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    3837             : 
    3838           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3839           0 :         if (switch_expr_is_overloaded) {
    3840             :                 /* We only free op1 if this is a string offset,
    3841             :                  * Since if it is a TMP_VAR, it'll be reused by
    3842             :                  * other CASE opcodes (whereas string offsets
    3843             :                  * are allocated at each get_zval_ptr())
    3844             :                  */
    3845             : 
    3846           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    3847           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    3848             :         }
    3849           0 :         ZEND_VM_NEXT_OPCODE();
    3850             : }
    3851             : 
    3852          56 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3853             : {
    3854          56 :         zend_op *opline = EX(opline);
    3855             :         zend_free_op free_op2;
    3856          56 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    3857             :         zval *expr_ptr;
    3858         112 :         zval *offset=_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    3859             : 
    3860             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    3861             :         zval **expr_ptr_ptr = NULL;
    3862             : 
    3863             :         if (opline->extended_value) {
    3864             :                 expr_ptr_ptr=NULL;
    3865             :                 expr_ptr = *expr_ptr_ptr;
    3866             :         } else {
    3867             :                 expr_ptr=&opline->op1.u.constant;
    3868             :         }
    3869             : #else
    3870          56 :         expr_ptr=&opline->op1.u.constant;
    3871             : #endif
    3872             : 
    3873          56 :         if (0) { /* temporary variable */
    3874             :                 zval *new_expr;
    3875             : 
    3876             :                 ALLOC_ZVAL(new_expr);
    3877             :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    3878             :                 expr_ptr = new_expr;
    3879             :         } else {
    3880             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    3881             :                 if (opline->extended_value) {
    3882             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    3883             :                         expr_ptr = *expr_ptr_ptr;
    3884             :                         Z_ADDREF_P(expr_ptr);
    3885             :                 } else
    3886             : #endif
    3887             :                 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    3888             :                         zval *new_expr;
    3889             : 
    3890          56 :                         ALLOC_ZVAL(new_expr);
    3891          56 :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    3892          56 :                         expr_ptr = new_expr;
    3893          56 :                         zendi_zval_copy_ctor(*expr_ptr);
    3894             :                 } else {
    3895             :                         Z_ADDREF_P(expr_ptr);
    3896             :                 }
    3897             :         }
    3898          56 :         if (offset) {
    3899          56 :                 switch (Z_TYPE_P(offset)) {
    3900             :                         case IS_DOUBLE:
    3901           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    3902           0 :                                 break;
    3903             :                         case IS_LONG:
    3904             :                         case IS_BOOL:
    3905           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    3906           0 :                                 break;
    3907             :                         case IS_STRING:
    3908           0 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    3909           0 :                                 break;
    3910             :                         case IS_NULL:
    3911          45 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    3912          45 :                                 break;
    3913             :                         default:
    3914          11 :                                 zend_error(E_WARNING, "Illegal offset type");
    3915          11 :                                 zval_ptr_dtor(&expr_ptr);
    3916             :                                 /* do nothing */
    3917             :                                 break;
    3918             :                 }
    3919          56 :                 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    3920             :         } else {
    3921           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    3922             :         }
    3923          56 :         if (opline->extended_value) {
    3924             : 
    3925             :         } else {
    3926             : 
    3927             :         }
    3928          56 :         ZEND_VM_NEXT_OPCODE();
    3929             : }
    3930             : 
    3931          38 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3932             : {
    3933          38 :         zend_op *opline = EX(opline);
    3934             : 
    3935          38 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    3936          38 :         if (IS_CONST == IS_UNUSED) {
    3937             :                 ZEND_VM_NEXT_OPCODE();
    3938             : #if 0 || IS_CONST != IS_UNUSED
    3939             :         } else {
    3940          38 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    3941             : #endif
    3942             :         }
    3943             : }
    3944             : 
    3945           2 : static int ZEND_FASTCALL  ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    3946             : {
    3947           2 :         zend_op *opline = EX(opline);
    3948             :         zval *function_name;
    3949             :         zend_class_entry *ce;
    3950             : 
    3951           2 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    3952             : 
    3953             :         if (IS_CONST == IS_CONST) {
    3954             :                 /* no function found. try a static method in class */
    3955           2 :                 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
    3956           2 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    3957           0 :                         ZEND_VM_CONTINUE();
    3958             :                 }
    3959           2 :                 if (!ce) {
    3960           0 :                         zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
    3961             :                 }
    3962           2 :                 EX(called_scope) = ce;
    3963             :         } else {
    3964             :                 ce = EX_T(opline->op1.u.var).class_entry;
    3965             : 
    3966             :                 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
    3967             :                         EX(called_scope) = EG(called_scope);
    3968             :                 } else {
    3969             :                         EX(called_scope) = ce;
    3970             :                 }
    3971             :         }
    3972           2 :         if(IS_UNUSED != IS_UNUSED) {
    3973             :                 char *function_name_strval = NULL;
    3974             :                 int function_name_strlen = 0;
    3975             : 
    3976             : 
    3977             :                 if (IS_UNUSED == IS_CONST) {
    3978             :                         function_name_strval = Z_STRVAL(opline->op2.u.constant);
    3979             :                         function_name_strlen = Z_STRLEN(opline->op2.u.constant);
    3980             :                 } else {
    3981             :                         function_name = NULL;
    3982             : 
    3983             :                         if (Z_TYPE_P(function_name) != IS_STRING) {
    3984             :                                 zend_error_noreturn(E_ERROR, "Function name must be a string");
    3985             :                         } else {
    3986             :                                 function_name_strval = Z_STRVAL_P(function_name);
    3987             :                                 function_name_strlen = Z_STRLEN_P(function_name);
    3988             :                         }
    3989             :                 }
    3990             : 
    3991             :                 if (function_name_strval) {
    3992             :                         if (ce->get_static_method) {
    3993             :                                 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    3994             :                         } else {
    3995             :                                 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    3996             :                         }
    3997             :                         if (!EX(fbc)) {
    3998             :                                 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
    3999             :                         }
    4000             :                 }
    4001             : 
    4002             :                 if (IS_UNUSED != IS_CONST) {
    4003             : 
    4004             :                 }
    4005             :         } else {
    4006           2 :                 if(!ce->constructor) {
    4007           1 :                         zend_error_noreturn(E_ERROR, "Cannot call constructor");
    4008             :                 }
    4009           1 :                 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
    4010           0 :                         zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
    4011             :                 }
    4012           1 :                 EX(fbc) = ce->constructor;
    4013             :         }
    4014             : 
    4015           1 :         if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
    4016           0 :                 EX(object) = NULL;
    4017             :         } else {
    4018           3 :                 if (EG(This) &&
    4019           1 :                     Z_OBJ_HT_P(EG(This))->get_class_entry &&
    4020           1 :                     !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
    4021             :                     /* We are calling method of the other (incompatible) class,
    4022             :                        but passing $this. This is done for compatibility with php-4. */
    4023             :                         int severity;
    4024             :                         char *verb;
    4025           0 :                         if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
    4026           0 :                                 severity = E_STRICT;
    4027           0 :                                 verb = "should not";
    4028             :                         } else {
    4029             :                                 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
    4030           0 :                                 severity = E_ERROR;
    4031           0 :                                 verb = "cannot";
    4032             :                         }
    4033           0 :                         zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
    4034             : 
    4035             :                 }
    4036           1 :                 if ((EX(object) = EG(This))) {
    4037           1 :                         Z_ADDREF_P(EX(object));
    4038           1 :                         EX(called_scope) = Z_OBJCE_P(EX(object));
    4039             :                 }
    4040             :         }
    4041             : 
    4042           1 :         ZEND_VM_NEXT_OPCODE();
    4043             : }
    4044             : 
    4045      319812 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4046             : {
    4047      319812 :         zend_op *opline = EX(opline);
    4048             : 
    4049      319812 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    4050             :         zval *expr_ptr;
    4051      319812 :         zval *offset=NULL;
    4052             : 
    4053             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    4054             :         zval **expr_ptr_ptr = NULL;
    4055             : 
    4056             :         if (opline->extended_value) {
    4057             :                 expr_ptr_ptr=NULL;
    4058             :                 expr_ptr = *expr_ptr_ptr;
    4059             :         } else {
    4060             :                 expr_ptr=&opline->op1.u.constant;
    4061             :         }
    4062             : #else
    4063      319812 :         expr_ptr=&opline->op1.u.constant;
    4064             : #endif
    4065             : 
    4066      319812 :         if (0) { /* temporary variable */
    4067             :                 zval *new_expr;
    4068             : 
    4069             :                 ALLOC_ZVAL(new_expr);
    4070             :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    4071             :                 expr_ptr = new_expr;
    4072             :         } else {
    4073             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    4074             :                 if (opline->extended_value) {
    4075             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    4076             :                         expr_ptr = *expr_ptr_ptr;
    4077             :                         Z_ADDREF_P(expr_ptr);
    4078             :                 } else
    4079             : #endif
    4080             :                 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    4081             :                         zval *new_expr;
    4082             : 
    4083      319812 :                         ALLOC_ZVAL(new_expr);
    4084      319812 :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    4085      319812 :                         expr_ptr = new_expr;
    4086      319812 :                         zendi_zval_copy_ctor(*expr_ptr);
    4087             :                 } else {
    4088             :                         Z_ADDREF_P(expr_ptr);
    4089             :                 }
    4090             :         }
    4091      319812 :         if (offset) {
    4092           0 :                 switch (Z_TYPE_P(offset)) {
    4093             :                         case IS_DOUBLE:
    4094           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    4095           0 :                                 break;
    4096             :                         case IS_LONG:
    4097             :                         case IS_BOOL:
    4098           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    4099           0 :                                 break;
    4100             :                         case IS_STRING:
    4101           0 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    4102           0 :                                 break;
    4103             :                         case IS_NULL:
    4104           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    4105           0 :                                 break;
    4106             :                         default:
    4107           0 :                                 zend_error(E_WARNING, "Illegal offset type");
    4108           0 :                                 zval_ptr_dtor(&expr_ptr);
    4109             :                                 /* do nothing */
    4110             :                                 break;
    4111             :                 }
    4112             : 
    4113             :         } else {
    4114      319812 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    4115             :         }
    4116      319812 :         if (opline->extended_value) {
    4117             : 
    4118             :         } else {
    4119             : 
    4120             :         }
    4121      319812 :         ZEND_VM_NEXT_OPCODE();
    4122             : }
    4123             : 
    4124      205369 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4125             : {
    4126      205369 :         zend_op *opline = EX(opline);
    4127             : 
    4128      205369 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    4129      205369 :         if (IS_CONST == IS_UNUSED) {
    4130             :                 ZEND_VM_NEXT_OPCODE();
    4131             : #if 0 || IS_CONST != IS_UNUSED
    4132             :         } else {
    4133      205369 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4134             : #endif
    4135             :         }
    4136             : }
    4137             : 
    4138          52 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4139             : {
    4140          52 :         zend_op *opline = EX(opline);
    4141             : 
    4142             : 
    4143          52 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    4144             :                 &opline->op1.u.constant,
    4145          52 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4146             : 
    4147             : 
    4148          52 :         ZEND_VM_NEXT_OPCODE();
    4149             : }
    4150             : 
    4151         119 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4152             : {
    4153         119 :         zend_op *opline = EX(opline);
    4154             : 
    4155             : 
    4156         119 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    4157             :                 &opline->op1.u.constant,
    4158         119 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4159             : 
    4160             : 
    4161         119 :         ZEND_VM_NEXT_OPCODE();
    4162             : }
    4163             : 
    4164        2115 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4165             : {
    4166        2115 :         zend_op *opline = EX(opline);
    4167             : 
    4168             : 
    4169        2115 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    4170             :                 &opline->op1.u.constant,
    4171        2115 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4172             : 
    4173             : 
    4174        2115 :         ZEND_VM_NEXT_OPCODE();
    4175             : }
    4176             : 
    4177           0 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4178             : {
    4179           0 :         zend_op *opline = EX(opline);
    4180             : 
    4181             : 
    4182           0 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    4183             :                 &opline->op1.u.constant,
    4184           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4185             : 
    4186             : 
    4187           0 :         ZEND_VM_NEXT_OPCODE();
    4188             : }
    4189             : 
    4190           0 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4191             : {
    4192           0 :         zend_op *opline = EX(opline);
    4193             : 
    4194             : 
    4195           0 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    4196             :                 &opline->op1.u.constant,
    4197           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4198             : 
    4199             : 
    4200           0 :         ZEND_VM_NEXT_OPCODE();
    4201             : }
    4202             : 
    4203           0 : static int ZEND_FASTCALL  ZEND_SL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4204             : {
    4205           0 :         zend_op *opline = EX(opline);
    4206             : 
    4207             : 
    4208           0 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    4209             :                 &opline->op1.u.constant,
    4210           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4211             : 
    4212             : 
    4213           0 :         ZEND_VM_NEXT_OPCODE();
    4214             : }
    4215             : 
    4216           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4217             : {
    4218           0 :         zend_op *opline = EX(opline);
    4219             : 
    4220             : 
    4221           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    4222             :                 &opline->op1.u.constant,
    4223           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4224             : 
    4225             : 
    4226           0 :         ZEND_VM_NEXT_OPCODE();
    4227             : }
    4228             : 
    4229      144579 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4230             : {
    4231      144579 :         zend_op *opline = EX(opline);
    4232             : 
    4233             : 
    4234      144579 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    4235             :                 &opline->op1.u.constant,
    4236      144579 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4237             : 
    4238             : 
    4239      144579 :         ZEND_VM_NEXT_OPCODE();
    4240             : }
    4241             : 
    4242          49 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4243             : {
    4244          49 :         zend_op *opline = EX(opline);
    4245             : 
    4246             : 
    4247          49 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    4248             :                 &opline->op1.u.constant,
    4249          49 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4250             : 
    4251             : 
    4252          49 :         ZEND_VM_NEXT_OPCODE();
    4253             : }
    4254             : 
    4255         134 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4256             : {
    4257         134 :         zend_op *opline = EX(opline);
    4258             : 
    4259         134 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    4260             : 
    4261         134 :         is_identical_function(result,
    4262             :                 &opline->op1.u.constant,
    4263         134 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4264         134 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    4265             : 
    4266             : 
    4267         134 :         ZEND_VM_NEXT_OPCODE();
    4268             : }
    4269             : 
    4270        3246 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4271             : {
    4272        3246 :         zend_op *opline = EX(opline);
    4273             : 
    4274        3246 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    4275             : 
    4276        3246 :         compare_function(result,
    4277             :                 &opline->op1.u.constant,
    4278        3246 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4279        3246 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    4280             : 
    4281             : 
    4282        3246 :         ZEND_VM_NEXT_OPCODE();
    4283             : }
    4284             : 
    4285         135 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4286             : {
    4287         135 :         zend_op *opline = EX(opline);
    4288             : 
    4289         135 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    4290             : 
    4291         135 :         compare_function(result,
    4292             :                 &opline->op1.u.constant,
    4293         135 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4294         135 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    4295             : 
    4296             : 
    4297         135 :         ZEND_VM_NEXT_OPCODE();
    4298             : }
    4299             : 
    4300      842997 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4301             : {
    4302      842997 :         zend_op *opline = EX(opline);
    4303             : 
    4304      842997 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    4305             : 
    4306      842997 :         compare_function(result,
    4307             :                 &opline->op1.u.constant,
    4308      842997 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4309      842997 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    4310             : 
    4311             : 
    4312      842997 :         ZEND_VM_NEXT_OPCODE();
    4313             : }
    4314             : 
    4315       46951 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4316             : {
    4317       46951 :         zend_op *opline = EX(opline);
    4318             : 
    4319       46951 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    4320             : 
    4321       46951 :         compare_function(result,
    4322             :                 &opline->op1.u.constant,
    4323       46951 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4324       46951 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    4325             : 
    4326             : 
    4327       46951 :         ZEND_VM_NEXT_OPCODE();
    4328             : }
    4329             : 
    4330           0 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4331             : {
    4332           0 :         zend_op *opline = EX(opline);
    4333             : 
    4334             : 
    4335           0 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    4336             :                 &opline->op1.u.constant,
    4337           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4338             : 
    4339             : 
    4340           0 :         ZEND_VM_NEXT_OPCODE();
    4341             : }
    4342             : 
    4343           0 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4344             : {
    4345           0 :         zend_op *opline = EX(opline);
    4346             : 
    4347             : 
    4348           0 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    4349             :                 &opline->op1.u.constant,
    4350           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4351             : 
    4352             : 
    4353           0 :         ZEND_VM_NEXT_OPCODE();
    4354             : }
    4355             : 
    4356           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4357             : {
    4358           0 :         zend_op *opline = EX(opline);
    4359             : 
    4360             : 
    4361           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    4362             :                 &opline->op1.u.constant,
    4363           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4364             : 
    4365             : 
    4366           0 :         ZEND_VM_NEXT_OPCODE();
    4367             : }
    4368             : 
    4369           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4370             : {
    4371           0 :         zend_op *opline = EX(opline);
    4372             : 
    4373             : 
    4374           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    4375             :                 &opline->op1.u.constant,
    4376           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4377             : 
    4378             : 
    4379           0 :         ZEND_VM_NEXT_OPCODE();
    4380             : }
    4381             : 
    4382           8 : static int ZEND_FASTCALL  ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4383             : {
    4384           8 :         zend_op *opline = EX(opline);
    4385             :         zval *function_name;
    4386             :         zend_class_entry *ce;
    4387             : 
    4388           8 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    4389             : 
    4390             :         if (IS_CONST == IS_CONST) {
    4391             :                 /* no function found. try a static method in class */
    4392           8 :                 ce = zend_fetch_class(Z_STRVAL(opline->op1.u.constant), Z_STRLEN(opline->op1.u.constant), opline->extended_value TSRMLS_CC);
    4393           8 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    4394           0 :                         ZEND_VM_CONTINUE();
    4395             :                 }
    4396           8 :                 if (!ce) {
    4397           0 :                         zend_error_noreturn(E_ERROR, "Class '%s' not found", Z_STRVAL(opline->op1.u.constant));
    4398             :                 }
    4399           8 :                 EX(called_scope) = ce;
    4400             :         } else {
    4401             :                 ce = EX_T(opline->op1.u.var).class_entry;
    4402             : 
    4403             :                 if (opline->op1.u.EA.type == ZEND_FETCH_CLASS_PARENT || opline->op1.u.EA.type == ZEND_FETCH_CLASS_SELF) {
    4404             :                         EX(called_scope) = EG(called_scope);
    4405             :                 } else {
    4406             :                         EX(called_scope) = ce;
    4407             :                 }
    4408             :         }
    4409             :         if(IS_CV != IS_UNUSED) {
    4410           8 :                 char *function_name_strval = NULL;
    4411           8 :                 int function_name_strlen = 0;
    4412             : 
    4413             : 
    4414           8 :                 if (IS_CV == IS_CONST) {
    4415             :                         function_name_strval = Z_STRVAL(opline->op2.u.constant);
    4416             :                         function_name_strlen = Z_STRLEN(opline->op2.u.constant);
    4417             :                 } else {
    4418          16 :                         function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    4419             : 
    4420           8 :                         if (Z_TYPE_P(function_name) != IS_STRING) {
    4421           1 :                                 zend_error_noreturn(E_ERROR, "Function name must be a string");
    4422             :                         } else {
    4423           7 :                                 function_name_strval = Z_STRVAL_P(function_name);
    4424           7 :                                 function_name_strlen = Z_STRLEN_P(function_name);
    4425             :                         }
    4426             :                 }
    4427             : 
    4428           7 :                 if (function_name_strval) {
    4429           7 :                         if (ce->get_static_method) {
    4430           0 :                                 EX(fbc) = ce->get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    4431             :                         } else {
    4432           7 :                                 EX(fbc) = zend_std_get_static_method(ce, function_name_strval, function_name_strlen TSRMLS_CC);
    4433             :                         }
    4434           7 :                         if (!EX(fbc)) {
    4435           0 :                                 zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", ce->name, function_name_strval);
    4436             :                         }
    4437             :                 }
    4438             : 
    4439             :                 if (IS_CV != IS_CONST) {
    4440             : 
    4441             :                 }
    4442             :         } else {
    4443             :                 if(!ce->constructor) {
    4444             :                         zend_error_noreturn(E_ERROR, "Cannot call constructor");
    4445             :                 }
    4446             :                 if (EG(This) && Z_OBJCE_P(EG(This)) != ce->constructor->common.scope && (ce->constructor->common.fn_flags & ZEND_ACC_PRIVATE)) {
    4447             :                         zend_error(E_COMPILE_ERROR, "Cannot call private %s::__construct()", ce->name);
    4448             :                 }
    4449             :                 EX(fbc) = ce->constructor;
    4450             :         }
    4451             : 
    4452           7 :         if (EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) {
    4453           6 :                 EX(object) = NULL;
    4454             :         } else {
    4455           1 :                 if (EG(This) &&
    4456           0 :                     Z_OBJ_HT_P(EG(This))->get_class_entry &&
    4457           0 :                     !instanceof_function(Z_OBJCE_P(EG(This)), ce TSRMLS_CC)) {
    4458             :                     /* We are calling method of the other (incompatible) class,
    4459             :                        but passing $this. This is done for compatibility with php-4. */
    4460             :                         int severity;
    4461             :                         char *verb;
    4462           0 :                         if (EX(fbc)->common.fn_flags & ZEND_ACC_ALLOW_STATIC) {
    4463           0 :                                 severity = E_STRICT;
    4464           0 :                                 verb = "should not";
    4465             :                         } else {
    4466             :                                 /* An internal function assumes $this is present and won't check that. So PHP would crash by allowing the call. */
    4467           0 :                                 severity = E_ERROR;
    4468           0 :                                 verb = "cannot";
    4469             :                         }
    4470           0 :                         zend_error(severity, "Non-static method %s::%s() %s be called statically, assuming $this from incompatible context", EX(fbc)->common.scope->name, EX(fbc)->common.function_name, verb);
    4471             : 
    4472             :                 }
    4473           1 :                 if ((EX(object) = EG(This))) {
    4474           0 :                         Z_ADDREF_P(EX(object));
    4475           0 :                         EX(called_scope) = Z_OBJCE_P(EX(object));
    4476             :                 }
    4477             :         }
    4478             : 
    4479           7 :         ZEND_VM_NEXT_OPCODE();
    4480             : }
    4481             : 
    4482           0 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4483             : {
    4484           0 :         zend_op *opline = EX(opline);
    4485           0 :         int switch_expr_is_overloaded=0;
    4486             : 
    4487             : 
    4488           0 :         if (IS_CONST==IS_VAR) {
    4489             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    4490             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    4491             :                 } else {
    4492             :                         switch_expr_is_overloaded = 1;
    4493             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    4494             :                 }
    4495             :         }
    4496           0 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    4497             :                                  &opline->op1.u.constant,
    4498           0 :                                  _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    4499             : 
    4500           0 :         if (switch_expr_is_overloaded) {
    4501             :                 /* We only free op1 if this is a string offset,
    4502             :                  * Since if it is a TMP_VAR, it'll be reused by
    4503             :                  * other CASE opcodes (whereas string offsets
    4504             :                  * are allocated at each get_zval_ptr())
    4505             :                  */
    4506             : 
    4507           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    4508           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    4509             :         }
    4510           0 :         ZEND_VM_NEXT_OPCODE();
    4511             : }
    4512             : 
    4513          66 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4514             : {
    4515          66 :         zend_op *opline = EX(opline);
    4516             : 
    4517          66 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    4518             :         zval *expr_ptr;
    4519         132 :         zval *offset=_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    4520             : 
    4521             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    4522             :         zval **expr_ptr_ptr = NULL;
    4523             : 
    4524             :         if (opline->extended_value) {
    4525             :                 expr_ptr_ptr=NULL;
    4526             :                 expr_ptr = *expr_ptr_ptr;
    4527             :         } else {
    4528             :                 expr_ptr=&opline->op1.u.constant;
    4529             :         }
    4530             : #else
    4531          66 :         expr_ptr=&opline->op1.u.constant;
    4532             : #endif
    4533             : 
    4534          66 :         if (0) { /* temporary variable */
    4535             :                 zval *new_expr;
    4536             : 
    4537             :                 ALLOC_ZVAL(new_expr);
    4538             :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    4539             :                 expr_ptr = new_expr;
    4540             :         } else {
    4541             : #if 0 || IS_CONST == IS_VAR || IS_CONST == IS_CV
    4542             :                 if (opline->extended_value) {
    4543             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    4544             :                         expr_ptr = *expr_ptr_ptr;
    4545             :                         Z_ADDREF_P(expr_ptr);
    4546             :                 } else
    4547             : #endif
    4548             :                 if (IS_CONST == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    4549             :                         zval *new_expr;
    4550             : 
    4551          66 :                         ALLOC_ZVAL(new_expr);
    4552          66 :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    4553          66 :                         expr_ptr = new_expr;
    4554          66 :                         zendi_zval_copy_ctor(*expr_ptr);
    4555             :                 } else {
    4556             :                         Z_ADDREF_P(expr_ptr);
    4557             :                 }
    4558             :         }
    4559          66 :         if (offset) {
    4560          66 :                 switch (Z_TYPE_P(offset)) {
    4561             :                         case IS_DOUBLE:
    4562           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    4563           0 :                                 break;
    4564             :                         case IS_LONG:
    4565             :                         case IS_BOOL:
    4566           1 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    4567           1 :                                 break;
    4568             :                         case IS_STRING:
    4569          55 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    4570          55 :                                 break;
    4571             :                         case IS_NULL:
    4572           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    4573           0 :                                 break;
    4574             :                         default:
    4575          10 :                                 zend_error(E_WARNING, "Illegal offset type");
    4576          10 :                                 zval_ptr_dtor(&expr_ptr);
    4577             :                                 /* do nothing */
    4578             :                                 break;
    4579             :                 }
    4580             : 
    4581             :         } else {
    4582           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    4583             :         }
    4584          66 :         if (opline->extended_value) {
    4585             : 
    4586             :         } else {
    4587             : 
    4588             :         }
    4589          66 :         ZEND_VM_NEXT_OPCODE();
    4590             : }
    4591             : 
    4592           6 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4593             : {
    4594           6 :         zend_op *opline = EX(opline);
    4595             : 
    4596           6 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    4597           6 :         if (IS_CONST == IS_UNUSED) {
    4598             :                 ZEND_VM_NEXT_OPCODE();
    4599             : #if 0 || IS_CONST != IS_UNUSED
    4600             :         } else {
    4601           6 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4602             : #endif
    4603             :         }
    4604             : }
    4605             : 
    4606           0 : static int ZEND_FASTCALL  ZEND_BW_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4607             : {
    4608           0 :         zend_op *opline = EX(opline);
    4609             :         zend_free_op free_op1;
    4610             : 
    4611           0 :         bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
    4612           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
    4613           0 :         zval_dtor(free_op1.var);
    4614           0 :         ZEND_VM_NEXT_OPCODE();
    4615             : }
    4616             : 
    4617      164842 : static int ZEND_FASTCALL  ZEND_BOOL_NOT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4618             : {
    4619      164842 :         zend_op *opline = EX(opline);
    4620             :         zend_free_op free_op1;
    4621             : 
    4622      164842 :         boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
    4623      164842 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
    4624      164842 :         zval_dtor(free_op1.var);
    4625      164842 :         ZEND_VM_NEXT_OPCODE();
    4626             : }
    4627             : 
    4628      105735 : static int ZEND_FASTCALL  ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4629             : {
    4630      105735 :         zend_op *opline = EX(opline);
    4631             :         zend_free_op free_op1;
    4632      211470 :         zval *z = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4633             : 
    4634      105735 :         if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
    4635           1 :                 INIT_PZVAL(z);
    4636             :         }
    4637      105735 :         zend_print_variable(z);
    4638             : 
    4639      105735 :         zval_dtor(free_op1.var);
    4640      105735 :         ZEND_VM_NEXT_OPCODE();
    4641             : }
    4642             : 
    4643        8412 : static int ZEND_FASTCALL  ZEND_PRINT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4644             : {
    4645        8412 :         zend_op *opline = EX(opline);
    4646             : 
    4647        8412 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
    4648        8412 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
    4649             : 
    4650        8412 :         return ZEND_ECHO_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4651             : }
    4652             : 
    4653        2760 : static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_TMP(int type, ZEND_OPCODE_HANDLER_ARGS)
    4654             : {
    4655        2760 :         zend_op *opline = EX(opline);
    4656             :         zend_free_op free_op1;
    4657        5520 :         zval *varname = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4658             :         zval **retval;
    4659             :         zval tmp_varname;
    4660             :         HashTable *target_symbol_table;
    4661             : 
    4662        2760 :         if (IS_TMP_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
    4663           0 :                 tmp_varname = *varname;
    4664           0 :                 zval_copy_ctor(&tmp_varname);
    4665           0 :                 convert_to_string(&tmp_varname);
    4666           0 :                 varname = &tmp_varname;
    4667             :         }
    4668             : 
    4669        2760 :         if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    4670           0 :                 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
    4671           0 :                 zval_dtor(free_op1.var);
    4672             :         } else {
    4673        2760 :                 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
    4674             : /*
    4675             :                 if (!target_symbol_table) {
    4676             :                         ZEND_VM_NEXT_OPCODE();
    4677             :                 }
    4678             : */
    4679        2760 :                 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
    4680          24 :                         switch (type) {
    4681             :                                 case BP_VAR_R:
    4682             :                                 case BP_VAR_UNSET:
    4683           0 :                                         zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
    4684             :                                         /* break missing intentionally */
    4685             :                                 case BP_VAR_IS:
    4686           0 :                                         retval = &EG(uninitialized_zval_ptr);
    4687           0 :                                         break;
    4688             :                                 case BP_VAR_RW:
    4689           0 :                                         zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
    4690             :                                         /* break missing intentionally */
    4691             :                                 case BP_VAR_W: {
    4692          24 :                                                 zval *new_zval = &EG(uninitialized_zval);
    4693             : 
    4694          24 :                                                 Z_ADDREF_P(new_zval);
    4695          24 :                                                 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
    4696             :                                         }
    4697             :                                         break;
    4698             :                                 EMPTY_SWITCH_DEFAULT_CASE()
    4699             :                         }
    4700             :                 }
    4701        2760 :                 switch (opline->op2.u.EA.type) {
    4702             :                         case ZEND_FETCH_GLOBAL:
    4703           0 :                                 if (IS_TMP_VAR != IS_TMP_VAR) {
    4704             :                                         zval_dtor(free_op1.var);
    4705             :                                 }
    4706           0 :                                 break;
    4707             :                         case ZEND_FETCH_LOCAL:
    4708        2760 :                                 zval_dtor(free_op1.var);
    4709        2760 :                                 break;
    4710             :                         case ZEND_FETCH_STATIC:
    4711           0 :                                 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
    4712           0 :                                 break;
    4713             :                         case ZEND_FETCH_GLOBAL_LOCK:
    4714           0 :                                 if (IS_TMP_VAR == IS_VAR && !free_op1.var) {
    4715             :                                         PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
    4716             :                                 }
    4717             :                                 break;
    4718             :                 }
    4719             :         }
    4720             : 
    4721             : 
    4722        2760 :         if (IS_TMP_VAR != IS_CONST && varname == &tmp_varname) {
    4723           0 :                 zval_dtor(varname);
    4724             :         }
    4725        2760 :         if (!RETURN_VALUE_UNUSED(&opline->result)) {
    4726        2760 :                 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
    4727           0 :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
    4728             :                 }
    4729        2760 :                 PZVAL_LOCK(*retval);
    4730        2760 :                 switch (type) {
    4731             :                         case BP_VAR_R:
    4732             :                         case BP_VAR_IS:
    4733        1377 :                                 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
    4734        1377 :                                 break;
    4735             :                         case BP_VAR_UNSET: {
    4736             :                                 zend_free_op free_res;
    4737             : 
    4738           0 :                                 EX_T(opline->result.u.var).var.ptr_ptr = retval;
    4739           0 :                                 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
    4740           0 :                                 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
    4741           0 :                                         SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
    4742             :                                 }
    4743           0 :                                 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
    4744           0 :                                 FREE_OP_VAR_PTR(free_res);
    4745           0 :                                 break;
    4746             :                         default:
    4747        1383 :                                 EX_T(opline->result.u.var).var.ptr_ptr = retval;
    4748             :                                 break;
    4749             :                         }
    4750             :                 }
    4751             :         }
    4752        2760 :         ZEND_VM_NEXT_OPCODE();
    4753             : }
    4754             : 
    4755        1377 : static int ZEND_FASTCALL  ZEND_FETCH_R_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4756             : {
    4757        1377 :         return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4758             : }
    4759             : 
    4760        1383 : static int ZEND_FASTCALL  ZEND_FETCH_W_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4761             : {
    4762        1383 :         return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4763             : }
    4764             : 
    4765           0 : static int ZEND_FASTCALL  ZEND_FETCH_RW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4766             : {
    4767           0 :         return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4768             : }
    4769             : 
    4770           0 : static int ZEND_FASTCALL  ZEND_FETCH_FUNC_ARG_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4771             : {
    4772           0 :         return zend_fetch_var_address_helper_SPEC_TMP(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4773             : }
    4774             : 
    4775           0 : static int ZEND_FASTCALL  ZEND_FETCH_UNSET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4776             : {
    4777           0 :         return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4778             : }
    4779             : 
    4780           0 : static int ZEND_FASTCALL  ZEND_FETCH_IS_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4781             : {
    4782           0 :         return zend_fetch_var_address_helper_SPEC_TMP(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    4783             : }
    4784             : 
    4785    12748423 : static int ZEND_FASTCALL  ZEND_JMPZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4786             : {
    4787    12748423 :         zend_op *opline = EX(opline);
    4788             :         zend_free_op free_op1;
    4789    25496846 :         zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4790             :         int ret;
    4791             : 
    4792    12748423 :         if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    4793    12603020 :                 ret = Z_LVAL_P(val);
    4794             :         } else {
    4795      145403 :                 ret = i_zend_is_true(val);
    4796      145403 :                 zval_dtor(free_op1.var);
    4797      145403 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    4798           0 :                         ZEND_VM_CONTINUE();
    4799             :                 }
    4800             :         }
    4801    12748423 :         if (!ret) {
    4802             : #if DEBUG_ZEND>=2
    4803             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    4804             : #endif
    4805     8165317 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    4806     8165317 :                 ZEND_VM_CONTINUE();
    4807             :         }
    4808             : 
    4809     4583106 :         ZEND_VM_NEXT_OPCODE();
    4810             : }
    4811             : 
    4812       95647 : static int ZEND_FASTCALL  ZEND_JMPNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4813             : {
    4814       95647 :         zend_op *opline = EX(opline);
    4815             :         zend_free_op free_op1;
    4816      191294 :         zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4817             :         int ret;
    4818             : 
    4819       95647 :         if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    4820       95647 :                 ret = Z_LVAL_P(val);
    4821             :         } else {
    4822           0 :                 ret = i_zend_is_true(val);
    4823           0 :                 zval_dtor(free_op1.var);
    4824           0 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    4825           0 :                         ZEND_VM_CONTINUE();
    4826             :                 }
    4827             :         }
    4828       95647 :         if (ret) {
    4829             : #if DEBUG_ZEND>=2
    4830             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    4831             : #endif
    4832       95321 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    4833       95321 :                 ZEND_VM_CONTINUE();
    4834             :         }
    4835             : 
    4836         326 :         ZEND_VM_NEXT_OPCODE();
    4837             : }
    4838             : 
    4839     4068158 : static int ZEND_FASTCALL  ZEND_JMPZNZ_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4840             : {
    4841     4068158 :         zend_op *opline = EX(opline);
    4842             :         zend_free_op free_op1;
    4843     8136316 :         zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4844             :         int retval;
    4845             : 
    4846     4068158 :         if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    4847     4068158 :                 retval = Z_LVAL_P(val);
    4848             :         } else {
    4849           0 :                 retval = i_zend_is_true(val);
    4850           0 :                 zval_dtor(free_op1.var);
    4851           0 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    4852           0 :                         ZEND_VM_CONTINUE();
    4853             :                 }
    4854             :         }
    4855     4068158 :         if (EXPECTED(retval != 0)) {
    4856             : #if DEBUG_ZEND>=2
    4857             :                 printf("Conditional jmp on true to %d\n", opline->extended_value);
    4858             : #endif
    4859     3901646 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
    4860     3901646 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    4861             :         } else {
    4862             : #if DEBUG_ZEND>=2
    4863             :                 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
    4864             : #endif
    4865      166512 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
    4866      166512 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    4867             :         }
    4868             : }
    4869             : 
    4870     1998110 : static int ZEND_FASTCALL  ZEND_JMPZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4871             : {
    4872     1998110 :         zend_op *opline = EX(opline);
    4873             :         zend_free_op free_op1;
    4874     3996220 :         zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4875             :         int retval;
    4876             : 
    4877     1998110 :         if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    4878     1998101 :                 retval = Z_LVAL_P(val);
    4879             :         } else {
    4880           9 :                 retval = i_zend_is_true(val);
    4881           9 :                 zval_dtor(free_op1.var);
    4882           9 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    4883           0 :                         ZEND_VM_CONTINUE();
    4884             :                 }
    4885             :         }
    4886     1998110 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
    4887     1998110 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    4888     1998110 :         if (!retval) {
    4889             : #if DEBUG_ZEND>=2
    4890             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    4891             : #endif
    4892      793825 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    4893      793825 :                 ZEND_VM_CONTINUE();
    4894             :         }
    4895     1204285 :         ZEND_VM_NEXT_OPCODE();
    4896             : }
    4897             : 
    4898      340427 : static int ZEND_FASTCALL  ZEND_JMPNZ_EX_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4899             : {
    4900      340427 :         zend_op *opline = EX(opline);
    4901             :         zend_free_op free_op1;
    4902      680854 :         zval *val = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4903             :         int retval;
    4904             : 
    4905      340427 :         if (IS_TMP_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    4906      340427 :                 retval = Z_LVAL_P(val);
    4907             :         } else {
    4908           0 :                 retval = i_zend_is_true(val);
    4909           0 :                 zval_dtor(free_op1.var);
    4910           0 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    4911           0 :                         ZEND_VM_CONTINUE();
    4912             :                 }
    4913             :         }
    4914      340427 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
    4915      340427 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    4916      340427 :         if (retval) {
    4917             : #if DEBUG_ZEND>=2
    4918             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    4919             : #endif
    4920       47959 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    4921       47959 :                 ZEND_VM_CONTINUE();
    4922             :         }
    4923      292468 :         ZEND_VM_NEXT_OPCODE();
    4924             : }
    4925             : 
    4926     4348431 : static int ZEND_FASTCALL  ZEND_FREE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4927             : {
    4928     4348431 :         zendi_zval_dtor(EX_T(EX(opline)->op1.u.var).tmp_var);
    4929     4348431 :         ZEND_VM_NEXT_OPCODE();
    4930             : }
    4931             : 
    4932      293830 : static int ZEND_FASTCALL  ZEND_RETURN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    4933             : {
    4934      293830 :         zend_op *opline = EX(opline);
    4935             :         zval *retval_ptr;
    4936             :         zval **retval_ptr_ptr;
    4937             :         zend_free_op free_op1;
    4938             : 
    4939      293830 :         if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
    4940             : 
    4941             :                 if (IS_TMP_VAR == IS_CONST || IS_TMP_VAR == IS_TMP_VAR) {
    4942             :                         /* Not supposed to happen, but we'll allow it */
    4943           0 :                         zend_error(E_NOTICE, "Only variable references should be returned by reference");
    4944           0 :                         goto return_by_value;
    4945             :                 }
    4946             : 
    4947             :                 retval_ptr_ptr = NULL;
    4948             : 
    4949             :                 if (IS_TMP_VAR == IS_VAR && !retval_ptr_ptr) {
    4950             :                         zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
    4951             :                 }
    4952             : 
    4953             :                 if (IS_TMP_VAR == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
    4954             :                         if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
    4955             :                             EX_T(opline->op1.u.var).var.fcall_returned_reference) {
    4956             :                         } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
    4957             :                                 if (IS_TMP_VAR == IS_VAR && !1) {
    4958             :                                         PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
    4959             :                                 }
    4960             :                                 zend_error(E_NOTICE, "Only variable references should be returned by reference");
    4961             :                                 goto return_by_value;
    4962             :                         }
    4963             :                 }
    4964             : 
    4965             :                 if (EG(return_value_ptr_ptr)) {
    4966             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
    4967             :                         Z_ADDREF_PP(retval_ptr_ptr);
    4968             : 
    4969             :                         (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
    4970             :                 }
    4971             :         } else {
    4972             : return_by_value:
    4973             : 
    4974      587660 :                 retval_ptr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    4975             : 
    4976      293830 :                 if (!EG(return_value_ptr_ptr)) {
    4977             :                         if (IS_TMP_VAR == IS_TMP_VAR) {
    4978         137 :                                 zval_dtor(free_op1.var);
    4979             :                         }
    4980      293693 :                 } else if (!1) { /* Not a temp var */
    4981             :                         if (IS_TMP_VAR == IS_CONST ||
    4982             :                             EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
    4983             :                             (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
    4984             :                                 zval *ret;
    4985             : 
    4986             :                                 ALLOC_ZVAL(ret);
    4987             :                                 INIT_PZVAL_COPY(ret, retval_ptr);
    4988             :                                 zval_copy_ctor(ret);
    4989             :                                 *EG(return_value_ptr_ptr) = ret;
    4990             :                         } else if ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) &&
    4991             :                                    retval_ptr == &EG(uninitialized_zval)) {
    4992             :                                 zval *ret;
    4993             : 
    4994             :                                 ALLOC_INIT_ZVAL(ret);
    4995             :                                 *EG(return_value_ptr_ptr) = ret;
    4996             :                         } else {
    4997             :                                 *EG(return_value_ptr_ptr) = retval_ptr;
    4998             :                                 Z_ADDREF_P(retval_ptr);
    4999             :                         }
    5000             :                 } else {
    5001             :                         zval *ret;
    5002             : 
    5003      293693 :                         ALLOC_ZVAL(ret);
    5004      293693 :                         INIT_PZVAL_COPY(ret, retval_ptr);
    5005      293693 :                         *EG(return_value_ptr_ptr) = ret;
    5006             :                 }
    5007             :         }
    5008             : 
    5009      293830 :         return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    5010             : }
    5011             : 
    5012           0 : static int ZEND_FASTCALL  ZEND_THROW_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5013             : {
    5014           0 :         zend_op *opline = EX(opline);
    5015             :         zval *value;
    5016             :         zval *exception;
    5017             :         zend_free_op free_op1;
    5018             : 
    5019           0 :         value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5020             : 
    5021           0 :         if (IS_TMP_VAR == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
    5022           0 :                 zend_error_noreturn(E_ERROR, "Can only throw objects");
    5023             :         }
    5024           0 :         zend_exception_save(TSRMLS_C);
    5025             :         /* Not sure if a complete copy is what we want here */
    5026           0 :         ALLOC_ZVAL(exception);
    5027           0 :         INIT_PZVAL_COPY(exception, value);
    5028           0 :         if (!1) {
    5029             :                 zval_copy_ctor(exception);
    5030             :         }
    5031             : 
    5032           0 :         zend_throw_exception_object(exception TSRMLS_CC);
    5033           0 :         zend_exception_restore(TSRMLS_C);
    5034             : 
    5035           0 :         ZEND_VM_NEXT_OPCODE();
    5036             : }
    5037             : 
    5038     1284247 : static int ZEND_FASTCALL  ZEND_SEND_VAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5039             : {
    5040     1284247 :         zend_op *opline = EX(opline);
    5041     1416297 :         if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
    5042     1416297 :                 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    5043           0 :                         zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
    5044             :         }
    5045             :         {
    5046             :                 zval *valptr;
    5047             :                 zval *value;
    5048             :                 zend_free_op free_op1;
    5049             : 
    5050     2568494 :                 value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5051             : 
    5052     1284247 :                 ALLOC_ZVAL(valptr);
    5053     1284247 :                 INIT_PZVAL_COPY(valptr, value);
    5054     1284247 :                 if (!1) {
    5055             :                         zval_copy_ctor(valptr);
    5056             :                 }
    5057     1284247 :                 zend_vm_stack_push(valptr TSRMLS_CC);
    5058             : 
    5059             :         }
    5060     1284247 :         ZEND_VM_NEXT_OPCODE();
    5061             : }
    5062             : 
    5063     1220532 : static int ZEND_FASTCALL  ZEND_BOOL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5064             : {
    5065     1220532 :         zend_op *opline = EX(opline);
    5066             :         zend_free_op free_op1;
    5067             : 
    5068             :         /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
    5069     2441064 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC));
    5070     1220532 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    5071     1220532 :         zval_dtor(free_op1.var);
    5072             : 
    5073     1220532 :         ZEND_VM_NEXT_OPCODE();
    5074             : }
    5075             : 
    5076           3 : static int ZEND_FASTCALL  ZEND_CLONE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5077             : {
    5078           3 :         zend_op *opline = EX(opline);
    5079             :         zend_free_op free_op1;
    5080           6 :         zval *obj = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5081             :         zend_class_entry *ce;
    5082             :         zend_function *clone;
    5083             :         zend_object_clone_obj_t clone_call;
    5084             : 
    5085           3 :         if (IS_TMP_VAR == IS_CONST ||
    5086             :             (IS_TMP_VAR == IS_VAR && !obj) ||
    5087             :             Z_TYPE_P(obj) != IS_OBJECT) {
    5088           2 :                 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
    5089             :         }
    5090             : 
    5091           1 :         ce = Z_OBJCE_P(obj);
    5092           1 :         clone = ce ? ce->clone : NULL;
    5093           1 :         clone_call =  Z_OBJ_HT_P(obj)->clone_obj;
    5094           1 :         if (!clone_call) {
    5095           1 :                 if (ce) {
    5096           1 :                         zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
    5097             :                 } else {
    5098           0 :                         zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
    5099             :                 }
    5100             :         }
    5101             : 
    5102           0 :         if (ce && clone) {
    5103           0 :                 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
    5104             :                         /* Ensure that if we're calling a private function, we're allowed to do so.
    5105             :                          */
    5106           0 :                         if (ce != EG(scope)) {
    5107           0 :                                 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
    5108             :                         }
    5109           0 :                 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
    5110             :                         /* Ensure that if we're calling a protected function, we're allowed to do so.
    5111             :                          */
    5112           0 :                         if (!zend_check_protected(clone->common.scope, EG(scope))) {
    5113           0 :                                 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
    5114             :                         }
    5115             :                 }
    5116             :         }
    5117             : 
    5118           0 :         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
    5119           0 :         if (!EG(exception)) {
    5120           0 :                 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    5121           0 :                 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
    5122           0 :                 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
    5123           0 :                 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
    5124           0 :                 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
    5125           0 :                 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
    5126           0 :                         zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
    5127             :                 }
    5128             :         }
    5129             : 
    5130           0 :         ZEND_VM_NEXT_OPCODE();
    5131             : }
    5132             : 
    5133         213 : static int ZEND_FASTCALL  ZEND_CAST_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5134             : {
    5135         213 :         zend_op *opline = EX(opline);
    5136             :         zend_free_op free_op1;
    5137         426 :         zval *expr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5138         213 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    5139             : 
    5140         213 :         if (opline->extended_value != IS_STRING) {
    5141         100 :                 *result = *expr;
    5142         100 :                 if (!1) {
    5143             :                         zendi_zval_copy_ctor(*result);
    5144             :                 }
    5145             :         }
    5146         213 :         switch (opline->extended_value) {
    5147             :                 case IS_NULL:
    5148           0 :                         convert_to_null(result);
    5149           0 :                         break;
    5150             :                 case IS_BOOL:
    5151           1 :                         convert_to_boolean(result);
    5152           1 :                         break;
    5153             :                 case IS_LONG:
    5154          40 :                         convert_to_long(result);
    5155          40 :                         break;
    5156             :                 case IS_DOUBLE:
    5157           4 :                         convert_to_double(result);
    5158           4 :                         break;
    5159             :                 case IS_STRING: {
    5160             :                         zval var_copy;
    5161             :                         int use_copy;
    5162             : 
    5163         113 :                         zend_make_printable_zval(expr, &var_copy, &use_copy);
    5164         113 :                         if (use_copy) {
    5165          99 :                                 *result = var_copy;
    5166             :                                 if (1) {
    5167          99 :                                         zval_dtor(free_op1.var);
    5168             :                                 }
    5169             :                         } else {
    5170          14 :                                 *result = *expr;
    5171          14 :                                 if (!1) {
    5172             :                                         zendi_zval_copy_ctor(*result);
    5173             :                                 }
    5174             :                         }
    5175         113 :                         break;
    5176             :                 }
    5177             :                 case IS_ARRAY:
    5178           1 :                         convert_to_array(result);
    5179           1 :                         break;
    5180             :                 case IS_OBJECT:
    5181          54 :                         convert_to_object(result);
    5182             :                         break;
    5183             :         }
    5184             : 
    5185         213 :         ZEND_VM_NEXT_OPCODE();
    5186             : }
    5187             : 
    5188        3802 : static int ZEND_FASTCALL  ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5189             : {
    5190        3802 :         zend_op *opline = EX(opline);
    5191        3802 :         zend_op_array *new_op_array=NULL;
    5192             :         int return_value_used;
    5193             :         zend_free_op free_op1;
    5194        7604 :         zval *inc_filename = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5195        3802 :         zval *tmp_inc_filename = NULL;
    5196        3802 :         zend_bool failure_retval=0;
    5197             : 
    5198        3802 :         if (inc_filename->type!=IS_STRING) {
    5199           0 :                 MAKE_STD_ZVAL(tmp_inc_filename);
    5200           0 :                 *tmp_inc_filename = *inc_filename;
    5201           0 :                 zval_copy_ctor(tmp_inc_filename);
    5202           0 :                 convert_to_string(tmp_inc_filename);
    5203           0 :                 inc_filename = tmp_inc_filename;
    5204             :         }
    5205             : 
    5206        3802 :         return_value_used = RETURN_VALUE_USED(opline);
    5207             : 
    5208        3802 :         if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
    5209           0 :                 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
    5210           0 :                         zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    5211             :                 } else {
    5212           0 :                         zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    5213             :                 }
    5214             :         } else {
    5215        3802 :                 switch (Z_LVAL(opline->op2.u.constant)) {
    5216             :                         case ZEND_INCLUDE_ONCE:
    5217             :                         case ZEND_REQUIRE_ONCE: {
    5218             :                                         zend_file_handle file_handle;
    5219             :                                         char *resolved_path;
    5220             : 
    5221        1926 :                                         resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
    5222        1926 :                                         if (resolved_path) {
    5223        1926 :                                                 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
    5224             :                                         } else {
    5225           0 :                                                 resolved_path = Z_STRVAL_P(inc_filename);
    5226             :                                         }
    5227             : 
    5228        1926 :                                         if (failure_retval) {
    5229             :                                                 /* do nothing, file already included */
    5230        1921 :                                         } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
    5231             : 
    5232        1921 :                                                 if (!file_handle.opened_path) {
    5233           0 :                                                         file_handle.opened_path = estrdup(resolved_path);
    5234             :                                                 }
    5235             : 
    5236        1921 :                                                 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
    5237        1921 :                                                         new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
    5238        1921 :                                                         zend_destroy_file_handle(&file_handle TSRMLS_CC);
    5239             :                                                 } else {
    5240           0 :                                                         zend_file_handle_dtor(&file_handle TSRMLS_CC);
    5241           0 :                                                         failure_retval=1;
    5242             :                                                 }
    5243             :                                         } else {
    5244           0 :                                                 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
    5245           0 :                                                         zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    5246             :                                                 } else {
    5247           0 :                                                         zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    5248             :                                                 }
    5249             :                                         }
    5250        1926 :                                         if (resolved_path != Z_STRVAL_P(inc_filename)) {
    5251        1926 :                                                 efree(resolved_path);
    5252             :                                         }
    5253             :                                 }
    5254        1926 :                                 break;
    5255             :                         case ZEND_INCLUDE:
    5256             :                         case ZEND_REQUIRE:
    5257        1414 :                                 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
    5258        1413 :                                 break;
    5259             :                         case ZEND_EVAL: {
    5260         462 :                                         char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
    5261             : 
    5262         462 :                                         new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
    5263         462 :                                         efree(eval_desc);
    5264             :                                 }
    5265             :                                 break;
    5266             :                         EMPTY_SWITCH_DEFAULT_CASE()
    5267             :                 }
    5268             :         }
    5269        3801 :         if (tmp_inc_filename) {
    5270           0 :                 zval_ptr_dtor(&tmp_inc_filename);
    5271             :         }
    5272        3801 :         zval_dtor(free_op1.var);
    5273        3801 :         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
    5274        3801 :         if (new_op_array && !EG(exception)) {
    5275        3781 :                 EX(original_return_value) = EG(return_value_ptr_ptr);
    5276        3781 :                 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
    5277        3781 :                 EG(active_op_array) = new_op_array;
    5278        3781 :                 EX_T(opline->result.u.var).var.ptr = NULL;
    5279             : 
    5280        3781 :                 EX(current_object) = EX(object);
    5281             : 
    5282        3781 :                 EX(function_state).function = (zend_function *) new_op_array;
    5283        3781 :                 EX(object) = NULL;
    5284             : 
    5285        3781 :                 if (!EG(active_symbol_table)) {
    5286          52 :                         zend_rebuild_symbol_table(TSRMLS_C);
    5287             :                 }
    5288             : 
    5289        3781 :                 if (zend_execute == execute) {
    5290        3781 :                         EX(call_opline) = opline;
    5291        3781 :                         ZEND_VM_ENTER();
    5292             :                 } else {
    5293           0 :                         zend_execute(new_op_array TSRMLS_CC);
    5294             :                 }
    5295             : 
    5296           0 :                 EX(function_state).function = (zend_function *) EX(op_array);
    5297           0 :                 EX(object) = EX(current_object);
    5298             : 
    5299           0 :                 if (return_value_used) {
    5300           0 :                         if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
    5301           0 :                                 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    5302           0 :                                 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
    5303           0 :                                 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
    5304           0 :                                 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
    5305             :                         }
    5306             :                 }
    5307             : 
    5308           0 :                 EG(opline_ptr) = &EX(opline);
    5309           0 :                 EG(active_op_array) = EX(op_array);
    5310           0 :                 EG(return_value_ptr_ptr) = EX(original_return_value);
    5311           0 :                 destroy_op_array(new_op_array TSRMLS_CC);
    5312           0 :                 efree(new_op_array);
    5313           0 :                 if (EG(exception)) {
    5314           0 :                         zend_throw_exception_internal(NULL TSRMLS_CC);
    5315             :                 }
    5316             :         } else {
    5317          20 :                 if (return_value_used) {
    5318           0 :                         ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    5319           0 :                         INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
    5320           0 :                         Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
    5321           0 :                         Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
    5322             :                 }
    5323             :         }
    5324          20 :         ZEND_VM_NEXT_OPCODE();
    5325             : }
    5326             : 
    5327           0 : static int ZEND_FASTCALL  ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5328             : {
    5329           0 :         zend_op *opline = EX(opline);
    5330             :         zval tmp, *varname;
    5331             :         HashTable *target_symbol_table;
    5332             :         zend_free_op free_op1;
    5333             : 
    5334           0 :         if (IS_TMP_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
    5335             :                 if (EG(active_symbol_table)) {
    5336             :                         zend_execute_data *ex = EX(prev_execute_data);
    5337             :                         zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
    5338             : 
    5339             :                         if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
    5340             :                                 while (ex && ex->symbol_table == EG(active_symbol_table)) {
    5341             :                                         int i;
    5342             : 
    5343             :                                         if (ex->op_array) {
    5344             :                                                 for (i = 0; i < ex->op_array->last_var; i++) {
    5345             :                                                         if (ex->op_array->vars[i].hash_value == cv->hash_value &&
    5346             :                                                                 ex->op_array->vars[i].name_len == cv->name_len &&
    5347             :                                                                 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
    5348             :                                                                 ex->CVs[i] = NULL;
    5349             :                                                                 break;
    5350             :                                                         }
    5351             :                                                 }
    5352             :                                         }
    5353             :                                         ex = ex->prev_execute_data;
    5354             :                                 }
    5355             :                         }
    5356             :                         EX(CVs)[opline->op1.u.var] = NULL;
    5357             :                 } else if (EX(CVs)[opline->op1.u.var]) {
    5358             :                         zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
    5359             :                         EX(CVs)[opline->op1.u.var] = NULL;
    5360             :                 }
    5361             :                 ZEND_VM_NEXT_OPCODE();
    5362             :         }
    5363             : 
    5364           0 :         varname = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5365             : 
    5366           0 :         if (Z_TYPE_P(varname) != IS_STRING) {
    5367           0 :                 tmp = *varname;
    5368           0 :                 zval_copy_ctor(&tmp);
    5369           0 :                 convert_to_string(&tmp);
    5370           0 :                 varname = &tmp;
    5371           0 :         } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) {
    5372             :                 Z_ADDREF_P(varname);
    5373             :         }
    5374             : 
    5375           0 :         if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    5376           0 :                 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
    5377             :         } else {
    5378           0 :                 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
    5379             : 
    5380           0 :                 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
    5381           0 :                 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
    5382           0 :                         zend_execute_data *ex = execute_data;
    5383             : 
    5384             :                         do {
    5385             :                                 int i;
    5386             : 
    5387           0 :                                 if (ex->op_array) {
    5388           0 :                                         for (i = 0; i < ex->op_array->last_var; i++) {
    5389           0 :                                                 if (ex->op_array->vars[i].hash_value == hash_value &&
    5390           0 :                                                         ex->op_array->vars[i].name_len == varname->value.str.len &&
    5391           0 :                                                         !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
    5392           0 :                                                         ex->CVs[i] = NULL;
    5393           0 :                                                         break;
    5394             :                                                 }
    5395             :                                         }
    5396             :                                 }
    5397           0 :                                 ex = ex->prev_execute_data;
    5398           0 :                         } while (ex && ex->symbol_table == target_symbol_table);
    5399             :                 }
    5400             :         }
    5401             : 
    5402           0 :         if (varname == &tmp) {
    5403           0 :                 zval_dtor(&tmp);
    5404           0 :         } else if (IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV) {
    5405             :                 zval_ptr_dtor(&varname);
    5406             :         }
    5407           0 :         zval_dtor(free_op1.var);
    5408           0 :         ZEND_VM_NEXT_OPCODE();
    5409             : }
    5410             : 
    5411       19347 : static int ZEND_FASTCALL  ZEND_FE_RESET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5412             : {
    5413       19347 :         zend_op *opline = EX(opline);
    5414             :         zend_free_op free_op1;
    5415             :         zval *array_ptr, **array_ptr_ptr;
    5416             :         HashTable *fe_ht;
    5417       19347 :         zend_object_iterator *iter = NULL;
    5418       19347 :         zend_class_entry *ce = NULL;
    5419       19347 :         zend_bool is_empty = 0;
    5420             : 
    5421       19347 :         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    5422           0 :                 array_ptr_ptr = NULL;
    5423           0 :                 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
    5424           0 :                         ALLOC_INIT_ZVAL(array_ptr);
    5425           0 :                 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
    5426           0 :                         if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
    5427           0 :                                 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
    5428           0 :                                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    5429             :                         }
    5430             : 
    5431           0 :                         ce = Z_OBJCE_PP(array_ptr_ptr);
    5432           0 :                         if (!ce || ce->get_iterator == NULL) {
    5433           0 :                                 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
    5434           0 :                                 Z_ADDREF_PP(array_ptr_ptr);
    5435             :                         }
    5436           0 :                         array_ptr = *array_ptr_ptr;
    5437             :                 } else {
    5438           0 :                         if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
    5439           0 :                                 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
    5440           0 :                                 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
    5441           0 :                                         Z_SET_ISREF_PP(array_ptr_ptr);
    5442             :                                 }
    5443             :                         }
    5444           0 :                         array_ptr = *array_ptr_ptr;
    5445           0 :                         Z_ADDREF_P(array_ptr);
    5446             :                 }
    5447             :         } else {
    5448       38694 :                 array_ptr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5449             :                 if (1) { /* IS_TMP_VAR */
    5450             :                         zval *tmp;
    5451             : 
    5452       19347 :                         ALLOC_ZVAL(tmp);
    5453       19347 :                         INIT_PZVAL_COPY(tmp, array_ptr);
    5454       19347 :                         array_ptr = tmp;
    5455       19347 :                         if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
    5456           2 :                                 ce = Z_OBJCE_P(array_ptr);
    5457           2 :                                 if (ce && ce->get_iterator) {
    5458           1 :                                         Z_DELREF_P(array_ptr);
    5459             :                                 }
    5460             :                         }
    5461             :                 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
    5462             :                         ce = Z_OBJCE_P(array_ptr);
    5463             :                         if (!ce || !ce->get_iterator) {
    5464             :                                 Z_ADDREF_P(array_ptr);
    5465             :                         }
    5466             :                 } else if (IS_TMP_VAR == IS_CONST ||
    5467             :                            ((IS_TMP_VAR == IS_CV || IS_TMP_VAR == IS_VAR) &&
    5468             :                             !Z_ISREF_P(array_ptr) &&
    5469             :                             Z_REFCOUNT_P(array_ptr) > 1)) {
    5470             :                         zval *tmp;
    5471             : 
    5472             :                         ALLOC_ZVAL(tmp);
    5473             :                         INIT_PZVAL_COPY(tmp, array_ptr);
    5474             :                         zval_copy_ctor(tmp);
    5475             :                         array_ptr = tmp;
    5476             :                 } else {
    5477             :                         Z_ADDREF_P(array_ptr);
    5478             :                 }
    5479             :         }
    5480             : 
    5481       19347 :         if (ce && ce->get_iterator) {
    5482           1 :                 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
    5483             : 
    5484           2 :                 if (iter && !EG(exception)) {
    5485           1 :                         array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
    5486             :                 } else {
    5487           0 :                         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    5488             : 
    5489             :                         } else {
    5490             : 
    5491             :                         }
    5492           0 :                         if (!EG(exception)) {
    5493           0 :                                 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
    5494             :                         }
    5495           0 :                         zend_throw_exception_internal(NULL TSRMLS_CC);
    5496           0 :                         ZEND_VM_NEXT_OPCODE();
    5497             :                 }
    5498             :         }
    5499             : 
    5500       19347 :         AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
    5501       19347 :         PZVAL_LOCK(array_ptr);
    5502             : 
    5503       19347 :         if (iter) {
    5504           1 :                 iter->index = 0;
    5505           1 :                 if (iter->funcs->rewind) {
    5506           1 :                         iter->funcs->rewind(iter TSRMLS_CC);
    5507           1 :                         if (EG(exception)) {
    5508           0 :                                 Z_DELREF_P(array_ptr);
    5509           0 :                                 zval_ptr_dtor(&array_ptr);
    5510           0 :                                 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    5511             : 
    5512             :                                 } else {
    5513             : 
    5514             :                                 }
    5515           0 :                                 ZEND_VM_NEXT_OPCODE();
    5516             :                         }
    5517             :                 }
    5518           1 :                 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
    5519           1 :                 if (EG(exception)) {
    5520           0 :                         Z_DELREF_P(array_ptr);
    5521           0 :                         zval_ptr_dtor(&array_ptr);
    5522           0 :                         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    5523             : 
    5524             :                         } else {
    5525             : 
    5526             :                         }
    5527           0 :                         ZEND_VM_NEXT_OPCODE();
    5528             :                 }
    5529           1 :                 iter->index = -1; /* will be set to 0 before using next handler */
    5530       19346 :         } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
    5531       19346 :                 zend_hash_internal_pointer_reset(fe_ht);
    5532       19346 :                 if (ce) {
    5533           1 :                         zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
    5534           2 :                         while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
    5535             :                                 char *str_key;
    5536             :                                 uint str_key_len;
    5537             :                                 ulong int_key;
    5538             :                                 zend_uchar key_type;
    5539             : 
    5540           0 :                                 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
    5541           0 :                                 if (key_type != HASH_KEY_NON_EXISTANT &&
    5542             :                                         (key_type == HASH_KEY_IS_LONG ||
    5543           0 :                                      zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
    5544             :                                         break;
    5545             :                                 }
    5546           0 :                                 zend_hash_move_forward(fe_ht);
    5547             :                         }
    5548             :                 }
    5549       19346 :                 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
    5550       19346 :                 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
    5551             :         } else {
    5552           0 :                 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
    5553           0 :                 is_empty = 1;
    5554             :         }
    5555             : 
    5556       19347 :         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    5557             : 
    5558             :         } else {
    5559             : 
    5560             :         }
    5561       19347 :         if (is_empty) {
    5562           1 :                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    5563             :         } else {
    5564       19346 :                 ZEND_VM_NEXT_OPCODE();
    5565             :         }
    5566             : }
    5567             : 
    5568           0 : static int ZEND_FASTCALL  ZEND_ISSET_ISEMPTY_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5569             : {
    5570           0 :         zend_op *opline = EX(opline);
    5571             :         zval **value;
    5572           0 :         zend_bool isset = 1;
    5573             : 
    5574           0 :         if (IS_TMP_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
    5575             :                 if (EX(CVs)[opline->op1.u.var]) {
    5576             :                         value = EX(CVs)[opline->op1.u.var];
    5577             :                 } else if (EG(active_symbol_table)) {
    5578             :                         zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
    5579             : 
    5580             :                         if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
    5581             :                                 isset = 0;
    5582             :                         }
    5583             :                 } else {
    5584             :                         isset = 0;
    5585             :                 }
    5586             :         } else {
    5587             :                 HashTable *target_symbol_table;
    5588             :                 zend_free_op free_op1;
    5589           0 :                 zval tmp, *varname = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5590             : 
    5591           0 :                 if (Z_TYPE_P(varname) != IS_STRING) {
    5592           0 :                         tmp = *varname;
    5593           0 :                         zval_copy_ctor(&tmp);
    5594           0 :                         convert_to_string(&tmp);
    5595           0 :                         varname = &tmp;
    5596             :                 }
    5597             : 
    5598           0 :                 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    5599           0 :                         value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
    5600           0 :                         if (!value) {
    5601           0 :                                 isset = 0;
    5602             :                         }
    5603             :                 } else {
    5604           0 :                         target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
    5605           0 :                         if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
    5606           0 :                                 isset = 0;
    5607             :                         }
    5608             :                 }
    5609             : 
    5610           0 :                 if (varname == &tmp) {
    5611           0 :                         zval_dtor(&tmp);
    5612             :                 }
    5613           0 :                 zval_dtor(free_op1.var);
    5614             :         }
    5615             : 
    5616           0 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    5617             : 
    5618           0 :         switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
    5619             :                 case ZEND_ISSET:
    5620           0 :                         if (isset && Z_TYPE_PP(value) == IS_NULL) {
    5621           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
    5622             :                         } else {
    5623           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
    5624             :                         }
    5625           0 :                         break;
    5626             :                 case ZEND_ISEMPTY:
    5627           0 :                         if (!isset || !i_zend_is_true(*value)) {
    5628           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
    5629             :                         } else {
    5630           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
    5631             :                         }
    5632             :                         break;
    5633             :         }
    5634             : 
    5635           0 :         ZEND_VM_NEXT_OPCODE();
    5636             : }
    5637             : 
    5638          63 : static int ZEND_FASTCALL  ZEND_EXIT_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5639             : {
    5640             : #if 0 || (IS_TMP_VAR != IS_UNUSED)
    5641          63 :         zend_op *opline = EX(opline);
    5642             :         if (IS_TMP_VAR != IS_UNUSED) {
    5643             :                 zend_free_op free_op1;
    5644         126 :                 zval *ptr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5645             : 
    5646          63 :                 if (Z_TYPE_P(ptr) == IS_LONG) {
    5647           0 :                         EG(exit_status) = Z_LVAL_P(ptr);
    5648             :                 } else {
    5649          63 :                         zend_print_variable(ptr);
    5650             :                 }
    5651          63 :                 zval_dtor(free_op1.var);
    5652             :         }
    5653             : #endif
    5654          63 :         zend_bailout();
    5655           0 :         ZEND_VM_NEXT_OPCODE();
    5656             : }
    5657             : 
    5658     1295501 : static int ZEND_FASTCALL  ZEND_END_SILENCE_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5659             : {
    5660     1295501 :         zend_op *opline = EX(opline);
    5661             :         zval restored_error_reporting;
    5662             : 
    5663     1295501 :         if (!EG(error_reporting) && Z_LVAL(EX_T(opline->op1.u.var).tmp_var) != 0) {
    5664     1028127 :                 Z_TYPE(restored_error_reporting) = IS_LONG;
    5665     1028127 :                 Z_LVAL(restored_error_reporting) = Z_LVAL(EX_T(opline->op1.u.var).tmp_var);
    5666     1028127 :                 convert_to_string(&restored_error_reporting);
    5667     1028127 :                 zend_alter_ini_entry_ex("error_reporting", sizeof("error_reporting"), Z_STRVAL(restored_error_reporting), Z_STRLEN(restored_error_reporting), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME, 1 TSRMLS_CC);
    5668     1028127 :                 zendi_zval_dtor(restored_error_reporting);
    5669             :         }
    5670     1295501 :         if (EX(old_error_reporting) == &EX_T(opline->op1.u.var).tmp_var) {
    5671     1295498 :                 EX(old_error_reporting) = NULL;
    5672             :         }
    5673     1295501 :         ZEND_VM_NEXT_OPCODE();
    5674             : }
    5675             : 
    5676           0 : static int ZEND_FASTCALL  ZEND_JMP_SET_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5677             : {
    5678           0 :         zend_op *opline = EX(opline);
    5679             :         zend_free_op free_op1;
    5680           0 :         zval *value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5681             : 
    5682           0 :         if (i_zend_is_true(value)) {
    5683           0 :                 EX_T(opline->result.u.var).tmp_var = *value;
    5684           0 :                 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
    5685           0 :                 zval_dtor(free_op1.var);
    5686             : #if DEBUG_ZEND>=2
    5687             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    5688             : #endif
    5689           0 :                 ZEND_VM_JMP(opline->op2.u.jmp_addr);
    5690             :         }
    5691             : 
    5692           0 :         zval_dtor(free_op1.var);
    5693           0 :         ZEND_VM_NEXT_OPCODE();
    5694             : }
    5695             : 
    5696       25468 : static int ZEND_FASTCALL  ZEND_QM_ASSIGN_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5697             : {
    5698       25468 :         zend_op *opline = EX(opline);
    5699             :         zend_free_op free_op1;
    5700       50936 :         zval *value = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5701             : 
    5702       25468 :         EX_T(opline->result.u.var).tmp_var = *value;
    5703       25468 :         if (!1) {
    5704             :                 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
    5705             :         }
    5706             : 
    5707       25468 :         ZEND_VM_NEXT_OPCODE();
    5708             : }
    5709             : 
    5710           5 : static int ZEND_FASTCALL  ZEND_INSTANCEOF_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5711             : {
    5712           5 :         zend_op *opline = EX(opline);
    5713             :         zend_free_op free_op1;
    5714          10 :         zval *expr = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5715             :         zend_bool result;
    5716             : 
    5717          10 :         if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) {
    5718           5 :                 result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.u.var).class_entry TSRMLS_CC);
    5719             :         } else {
    5720           0 :                 result = 0;
    5721             :         }
    5722           5 :         ZVAL_BOOL(&EX_T(opline->result.u.var).tmp_var, result);
    5723           5 :         zval_dtor(free_op1.var);
    5724           5 :         ZEND_VM_NEXT_OPCODE();
    5725             : }
    5726             : 
    5727      143874 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5728             : {
    5729      143874 :         zend_op *opline = EX(opline);
    5730             :         zend_free_op free_op1;
    5731             : 
    5732      287748 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    5733      143874 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5734             :                 &opline->op2.u.constant TSRMLS_CC);
    5735      143874 :         zval_dtor(free_op1.var);
    5736             : 
    5737      143874 :         ZEND_VM_NEXT_OPCODE();
    5738             : }
    5739             : 
    5740         401 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5741             : {
    5742         401 :         zend_op *opline = EX(opline);
    5743             :         zend_free_op free_op1;
    5744             : 
    5745         802 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    5746         401 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5747             :                 &opline->op2.u.constant TSRMLS_CC);
    5748         401 :         zval_dtor(free_op1.var);
    5749             : 
    5750         401 :         ZEND_VM_NEXT_OPCODE();
    5751             : }
    5752             : 
    5753      176356 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5754             : {
    5755      176356 :         zend_op *opline = EX(opline);
    5756             :         zend_free_op free_op1;
    5757             : 
    5758      352712 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    5759      176356 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5760             :                 &opline->op2.u.constant TSRMLS_CC);
    5761      176356 :         zval_dtor(free_op1.var);
    5762             : 
    5763      176356 :         ZEND_VM_NEXT_OPCODE();
    5764             : }
    5765             : 
    5766          36 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5767             : {
    5768          36 :         zend_op *opline = EX(opline);
    5769             :         zend_free_op free_op1;
    5770             : 
    5771          72 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    5772          36 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5773             :                 &opline->op2.u.constant TSRMLS_CC);
    5774          36 :         zval_dtor(free_op1.var);
    5775             : 
    5776          36 :         ZEND_VM_NEXT_OPCODE();
    5777             : }
    5778             : 
    5779           6 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5780             : {
    5781           6 :         zend_op *opline = EX(opline);
    5782             :         zend_free_op free_op1;
    5783             : 
    5784          12 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    5785           6 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5786             :                 &opline->op2.u.constant TSRMLS_CC);
    5787           6 :         zval_dtor(free_op1.var);
    5788             : 
    5789           6 :         ZEND_VM_NEXT_OPCODE();
    5790             : }
    5791             : 
    5792          37 : static int ZEND_FASTCALL  ZEND_SL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5793             : {
    5794          37 :         zend_op *opline = EX(opline);
    5795             :         zend_free_op free_op1;
    5796             : 
    5797          74 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    5798          37 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5799             :                 &opline->op2.u.constant TSRMLS_CC);
    5800          37 :         zval_dtor(free_op1.var);
    5801             : 
    5802          37 :         ZEND_VM_NEXT_OPCODE();
    5803             : }
    5804             : 
    5805           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5806             : {
    5807           0 :         zend_op *opline = EX(opline);
    5808             :         zend_free_op free_op1;
    5809             : 
    5810           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    5811           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5812             :                 &opline->op2.u.constant TSRMLS_CC);
    5813           0 :         zval_dtor(free_op1.var);
    5814             : 
    5815           0 :         ZEND_VM_NEXT_OPCODE();
    5816             : }
    5817             : 
    5818      389934 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5819             : {
    5820      389934 :         zend_op *opline = EX(opline);
    5821             :         zend_free_op free_op1;
    5822             : 
    5823      779868 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    5824      389934 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5825             :                 &opline->op2.u.constant TSRMLS_CC);
    5826      389934 :         zval_dtor(free_op1.var);
    5827             : 
    5828      389934 :         ZEND_VM_NEXT_OPCODE();
    5829             : }
    5830             : 
    5831        3057 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5832             : {
    5833        3057 :         zend_op *opline = EX(opline);
    5834             :         zend_free_op free_op1;
    5835             : 
    5836        6114 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    5837        3057 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5838             :                 &opline->op2.u.constant TSRMLS_CC);
    5839        3057 :         zval_dtor(free_op1.var);
    5840             : 
    5841        3057 :         ZEND_VM_NEXT_OPCODE();
    5842             : }
    5843             : 
    5844           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5845             : {
    5846           0 :         zend_op *opline = EX(opline);
    5847             :         zend_free_op free_op1;
    5848           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    5849             : 
    5850           0 :         is_identical_function(result,
    5851           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5852             :                 &opline->op2.u.constant TSRMLS_CC);
    5853           0 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    5854           0 :         zval_dtor(free_op1.var);
    5855             : 
    5856           0 :         ZEND_VM_NEXT_OPCODE();
    5857             : }
    5858             : 
    5859        1025 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5860             : {
    5861        1025 :         zend_op *opline = EX(opline);
    5862             :         zend_free_op free_op1;
    5863        1025 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    5864             : 
    5865        2050 :         compare_function(result,
    5866        1025 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5867             :                 &opline->op2.u.constant TSRMLS_CC);
    5868        1025 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    5869        1025 :         zval_dtor(free_op1.var);
    5870             : 
    5871        1025 :         ZEND_VM_NEXT_OPCODE();
    5872             : }
    5873             : 
    5874       24398 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5875             : {
    5876       24398 :         zend_op *opline = EX(opline);
    5877             :         zend_free_op free_op1;
    5878       24398 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    5879             : 
    5880       48796 :         compare_function(result,
    5881       24398 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5882             :                 &opline->op2.u.constant TSRMLS_CC);
    5883       24398 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    5884       24398 :         zval_dtor(free_op1.var);
    5885             : 
    5886       24398 :         ZEND_VM_NEXT_OPCODE();
    5887             : }
    5888             : 
    5889      215033 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5890             : {
    5891      215033 :         zend_op *opline = EX(opline);
    5892             :         zend_free_op free_op1;
    5893      215033 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    5894             : 
    5895      430066 :         compare_function(result,
    5896      215033 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5897             :                 &opline->op2.u.constant TSRMLS_CC);
    5898      215033 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    5899      215033 :         zval_dtor(free_op1.var);
    5900             : 
    5901      215033 :         ZEND_VM_NEXT_OPCODE();
    5902             : }
    5903             : 
    5904           0 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5905             : {
    5906           0 :         zend_op *opline = EX(opline);
    5907             :         zend_free_op free_op1;
    5908           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    5909             : 
    5910           0 :         compare_function(result,
    5911           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5912             :                 &opline->op2.u.constant TSRMLS_CC);
    5913           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    5914           0 :         zval_dtor(free_op1.var);
    5915             : 
    5916           0 :         ZEND_VM_NEXT_OPCODE();
    5917             : }
    5918             : 
    5919          20 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5920             : {
    5921          20 :         zend_op *opline = EX(opline);
    5922             :         zend_free_op free_op1;
    5923             : 
    5924          40 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    5925          20 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5926             :                 &opline->op2.u.constant TSRMLS_CC);
    5927          20 :         zval_dtor(free_op1.var);
    5928             : 
    5929          20 :         ZEND_VM_NEXT_OPCODE();
    5930             : }
    5931             : 
    5932       34606 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5933             : {
    5934       34606 :         zend_op *opline = EX(opline);
    5935             :         zend_free_op free_op1;
    5936             : 
    5937       69212 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    5938       34606 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5939             :                 &opline->op2.u.constant TSRMLS_CC);
    5940       34606 :         zval_dtor(free_op1.var);
    5941             : 
    5942       34606 :         ZEND_VM_NEXT_OPCODE();
    5943             : }
    5944             : 
    5945           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5946             : {
    5947           0 :         zend_op *opline = EX(opline);
    5948             :         zend_free_op free_op1;
    5949             : 
    5950           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    5951           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5952             :                 &opline->op2.u.constant TSRMLS_CC);
    5953           0 :         zval_dtor(free_op1.var);
    5954             : 
    5955           0 :         ZEND_VM_NEXT_OPCODE();
    5956             : }
    5957             : 
    5958           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5959             : {
    5960           0 :         zend_op *opline = EX(opline);
    5961             :         zend_free_op free_op1;
    5962             : 
    5963           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    5964           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    5965             :                 &opline->op2.u.constant TSRMLS_CC);
    5966           0 :         zval_dtor(free_op1.var);
    5967             : 
    5968           0 :         ZEND_VM_NEXT_OPCODE();
    5969             : }
    5970             : 
    5971          24 : static int ZEND_FASTCALL  ZEND_FETCH_DIM_TMP_VAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5972             : {
    5973          24 :         zend_op *opline = EX(opline);
    5974             :         zend_free_op free_op1;
    5975          48 :         zval *container = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    5976             : 
    5977          24 :         if (Z_TYPE_P(container) != IS_ARRAY) {
    5978           3 :                 if (!RETURN_VALUE_UNUSED(&opline->result)) {
    5979           3 :                         AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
    5980           3 :                         PZVAL_LOCK(EG(uninitialized_zval_ptr));
    5981             :                 }
    5982             :         } else {
    5983             : 
    5984          21 :                 zval *dim = &opline->op2.u.constant;
    5985             : 
    5986          21 :                 AI_SET_PTR(EX_T(opline->result.u.var).var, *zend_fetch_dimension_address_inner(Z_ARRVAL_P(container), dim, BP_VAR_R TSRMLS_CC));
    5987          21 :                 SELECTIVE_PZVAL_LOCK(EX_T(opline->result.u.var).var.ptr, &opline->result);
    5988             : 
    5989             :         }
    5990          24 :         ZEND_VM_NEXT_OPCODE();
    5991             : }
    5992             : 
    5993      929604 : static int ZEND_FASTCALL  ZEND_ADD_CHAR_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    5994             : {
    5995      929604 :         zend_op *opline = EX(opline);
    5996      929604 :         zval *str = &EX_T(opline->result.u.var).tmp_var;
    5997             : 
    5998      929604 :         if (IS_TMP_VAR == IS_UNUSED) {
    5999             :                 /* Initialize for erealloc in add_char_to_string */
    6000             :                 Z_STRVAL_P(str) = NULL;
    6001             :                 Z_STRLEN_P(str) = 0;
    6002             :                 Z_TYPE_P(str) = IS_STRING;
    6003             : 
    6004             :                 INIT_PZVAL(str);
    6005             :         }
    6006             : 
    6007      929604 :         add_char_to_string(str, str, &opline->op2.u.constant);
    6008             : 
    6009             :         /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */
    6010      929604 :         ZEND_VM_NEXT_OPCODE();
    6011             : }
    6012             : 
    6013      598760 : static int ZEND_FASTCALL  ZEND_ADD_STRING_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6014             : {
    6015      598760 :         zend_op *opline = EX(opline);
    6016      598760 :         zval *str = &EX_T(opline->result.u.var).tmp_var;
    6017             : 
    6018      598760 :         if (IS_TMP_VAR == IS_UNUSED) {
    6019             :                 /* Initialize for erealloc in add_string_to_string */
    6020             :                 Z_STRVAL_P(str) = NULL;
    6021             :                 Z_STRLEN_P(str) = 0;
    6022             :                 Z_TYPE_P(str) = IS_STRING;
    6023             : 
    6024             :                 INIT_PZVAL(str);
    6025             :         }
    6026             : 
    6027      598760 :         add_string_to_string(str, str, &opline->op2.u.constant);
    6028             : 
    6029             :         /* FREE_OP is missing intentionally here - we're always working on the same temporary variable */
    6030      598760 :         ZEND_VM_NEXT_OPCODE();
    6031             : }
    6032             : 
    6033           0 : static int ZEND_FASTCALL  ZEND_INIT_METHOD_CALL_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6034             : {
    6035           0 :         zend_op *opline = EX(opline);
    6036             :         zval *function_name;
    6037             :         char *function_name_strval;
    6038             :         int function_name_strlen;
    6039             :         zend_free_op free_op1;
    6040             : 
    6041           0 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    6042             : 
    6043           0 :         function_name = &opline->op2.u.constant;
    6044             : 
    6045           0 :         if (Z_TYPE_P(function_name)!=IS_STRING) {
    6046           0 :                 zend_error_noreturn(E_ERROR, "Method name must be a string");
    6047             :         }
    6048             : 
    6049           0 :         function_name_strval = Z_STRVAL_P(function_name);
    6050           0 :         function_name_strlen = Z_STRLEN_P(function_name);
    6051             : 
    6052           0 :         EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6053             : 
    6054           0 :         if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
    6055           0 :                 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
    6056           0 :                         zend_error_noreturn(E_ERROR, "Object does not support method calls");
    6057             :                 }
    6058             : 
    6059             :                 /* First, locate the function. */
    6060           0 :                 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
    6061           0 :                 if (!EX(fbc)) {
    6062           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
    6063             :                 }
    6064             : 
    6065           0 :                 EX(called_scope) = Z_OBJCE_P(EX(object));
    6066             :         } else {
    6067           0 :                 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
    6068             :         }
    6069             : 
    6070           0 :         if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
    6071           0 :                 EX(object) = NULL;
    6072             :         } else {
    6073           0 :                 if (!PZVAL_IS_REF(EX(object))) {
    6074           0 :                         Z_ADDREF_P(EX(object)); /* For $this pointer */
    6075             :                 } else {
    6076             :                         zval *this_ptr;
    6077           0 :                         ALLOC_ZVAL(this_ptr);
    6078           0 :                         INIT_PZVAL_COPY(this_ptr, EX(object));
    6079           0 :                         zval_copy_ctor(this_ptr);
    6080           0 :                         EX(object) = this_ptr;
    6081             :                 }
    6082             :         }
    6083             : 
    6084             : 
    6085           0 :         ZEND_VM_NEXT_OPCODE();
    6086             : }
    6087             : 
    6088           0 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6089             : {
    6090           0 :         zend_op *opline = EX(opline);
    6091           0 :         int switch_expr_is_overloaded=0;
    6092             :         zend_free_op free_op1;
    6093             : 
    6094           0 :         if (IS_TMP_VAR==IS_VAR) {
    6095             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    6096             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    6097             :                 } else {
    6098             :                         switch_expr_is_overloaded = 1;
    6099             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    6100             :                 }
    6101             :         }
    6102           0 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    6103           0 :                                  _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6104             :                                  &opline->op2.u.constant TSRMLS_CC);
    6105             : 
    6106           0 :         if (switch_expr_is_overloaded) {
    6107             :                 /* We only free op1 if this is a string offset,
    6108             :                  * Since if it is a TMP_VAR, it'll be reused by
    6109             :                  * other CASE opcodes (whereas string offsets
    6110             :                  * are allocated at each get_zval_ptr())
    6111             :                  */
    6112           0 :                 zval_dtor(free_op1.var);
    6113           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    6114           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    6115             :         }
    6116           0 :         ZEND_VM_NEXT_OPCODE();
    6117             : }
    6118             : 
    6119       59846 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6120             : {
    6121       59846 :         zend_op *opline = EX(opline);
    6122             :         zend_free_op free_op1;
    6123       59846 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    6124             :         zval *expr_ptr;
    6125       59846 :         zval *offset=&opline->op2.u.constant;
    6126             : 
    6127             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    6128             :         zval **expr_ptr_ptr = NULL;
    6129             : 
    6130             :         if (opline->extended_value) {
    6131             :                 expr_ptr_ptr=NULL;
    6132             :                 expr_ptr = *expr_ptr_ptr;
    6133             :         } else {
    6134             :                 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6135             :         }
    6136             : #else
    6137      119692 :         expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6138             : #endif
    6139             : 
    6140             :         if (1) { /* temporary variable */
    6141             :                 zval *new_expr;
    6142             : 
    6143       59846 :                 ALLOC_ZVAL(new_expr);
    6144       59846 :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    6145       59846 :                 expr_ptr = new_expr;
    6146             :         } else {
    6147             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    6148             :                 if (opline->extended_value) {
    6149             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    6150             :                         expr_ptr = *expr_ptr_ptr;
    6151             :                         Z_ADDREF_P(expr_ptr);
    6152             :                 } else
    6153             : #endif
    6154             :                 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    6155             :                         zval *new_expr;
    6156             : 
    6157             :                         ALLOC_ZVAL(new_expr);
    6158             :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    6159             :                         expr_ptr = new_expr;
    6160             :                         zendi_zval_copy_ctor(*expr_ptr);
    6161             :                 } else {
    6162             :                         Z_ADDREF_P(expr_ptr);
    6163             :                 }
    6164             :         }
    6165       59846 :         if (offset) {
    6166       59846 :                 switch (Z_TYPE_P(offset)) {
    6167             :                         case IS_DOUBLE:
    6168           4 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    6169           2 :                                 break;
    6170             :                         case IS_LONG:
    6171             :                         case IS_BOOL:
    6172       57799 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    6173       57799 :                                 break;
    6174             :                         case IS_STRING:
    6175        2045 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    6176        2045 :                                 break;
    6177             :                         case IS_NULL:
    6178           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    6179           0 :                                 break;
    6180             :                         default:
    6181           0 :                                 zend_error(E_WARNING, "Illegal offset type");
    6182           0 :                                 zval_ptr_dtor(&expr_ptr);
    6183             :                                 /* do nothing */
    6184             :                                 break;
    6185             :                 }
    6186             : 
    6187             :         } else {
    6188           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    6189             :         }
    6190       59846 :         if (opline->extended_value) {
    6191             : 
    6192             :         } else {
    6193             : 
    6194             :         }
    6195       59846 :         ZEND_VM_NEXT_OPCODE();
    6196             : }
    6197             : 
    6198       20077 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6199             : {
    6200       20077 :         zend_op *opline = EX(opline);
    6201             : 
    6202       20077 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    6203       20077 :         if (IS_TMP_VAR == IS_UNUSED) {
    6204             :                 ZEND_VM_NEXT_OPCODE();
    6205             : #if 0 || IS_TMP_VAR != IS_UNUSED
    6206             :         } else {
    6207       20077 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    6208             : #endif
    6209             :         }
    6210             : }
    6211             : 
    6212        3272 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6213             : {
    6214        3272 :         zend_op *opline = EX(opline);
    6215             :         zend_free_op free_op1, free_op2;
    6216             : 
    6217        3272 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    6218        3272 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6219        3272 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6220        3272 :         zval_dtor(free_op1.var);
    6221        3272 :         zval_dtor(free_op2.var);
    6222        3272 :         ZEND_VM_NEXT_OPCODE();
    6223             : }
    6224             : 
    6225         137 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6226             : {
    6227         137 :         zend_op *opline = EX(opline);
    6228             :         zend_free_op free_op1, free_op2;
    6229             : 
    6230         137 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    6231         137 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6232         137 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6233         137 :         zval_dtor(free_op1.var);
    6234         137 :         zval_dtor(free_op2.var);
    6235         137 :         ZEND_VM_NEXT_OPCODE();
    6236             : }
    6237             : 
    6238           8 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6239             : {
    6240           8 :         zend_op *opline = EX(opline);
    6241             :         zend_free_op free_op1, free_op2;
    6242             : 
    6243           8 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    6244           8 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6245           8 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6246           8 :         zval_dtor(free_op1.var);
    6247           8 :         zval_dtor(free_op2.var);
    6248           8 :         ZEND_VM_NEXT_OPCODE();
    6249             : }
    6250             : 
    6251          10 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6252             : {
    6253          10 :         zend_op *opline = EX(opline);
    6254             :         zend_free_op free_op1, free_op2;
    6255             : 
    6256          10 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    6257          10 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6258          10 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6259          10 :         zval_dtor(free_op1.var);
    6260          10 :         zval_dtor(free_op2.var);
    6261          10 :         ZEND_VM_NEXT_OPCODE();
    6262             : }
    6263             : 
    6264           0 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6265             : {
    6266           0 :         zend_op *opline = EX(opline);
    6267             :         zend_free_op free_op1, free_op2;
    6268             : 
    6269           0 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    6270           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6271           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6272           0 :         zval_dtor(free_op1.var);
    6273           0 :         zval_dtor(free_op2.var);
    6274           0 :         ZEND_VM_NEXT_OPCODE();
    6275             : }
    6276             : 
    6277           0 : static int ZEND_FASTCALL  ZEND_SL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6278             : {
    6279           0 :         zend_op *opline = EX(opline);
    6280             :         zend_free_op free_op1, free_op2;
    6281             : 
    6282           0 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    6283           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6284           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6285           0 :         zval_dtor(free_op1.var);
    6286           0 :         zval_dtor(free_op2.var);
    6287           0 :         ZEND_VM_NEXT_OPCODE();
    6288             : }
    6289             : 
    6290           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6291             : {
    6292           0 :         zend_op *opline = EX(opline);
    6293             :         zend_free_op free_op1, free_op2;
    6294             : 
    6295           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    6296           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6297           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6298           0 :         zval_dtor(free_op1.var);
    6299           0 :         zval_dtor(free_op2.var);
    6300           0 :         ZEND_VM_NEXT_OPCODE();
    6301             : }
    6302             : 
    6303      133741 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6304             : {
    6305      133741 :         zend_op *opline = EX(opline);
    6306             :         zend_free_op free_op1, free_op2;
    6307             : 
    6308      133741 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    6309      133741 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6310      133741 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6311      133741 :         zval_dtor(free_op1.var);
    6312      133741 :         zval_dtor(free_op2.var);
    6313      133741 :         ZEND_VM_NEXT_OPCODE();
    6314             : }
    6315             : 
    6316           4 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6317             : {
    6318           4 :         zend_op *opline = EX(opline);
    6319             :         zend_free_op free_op1, free_op2;
    6320             : 
    6321           4 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    6322           4 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6323           4 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6324           4 :         zval_dtor(free_op1.var);
    6325           4 :         zval_dtor(free_op2.var);
    6326           4 :         ZEND_VM_NEXT_OPCODE();
    6327             : }
    6328             : 
    6329           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6330             : {
    6331           0 :         zend_op *opline = EX(opline);
    6332             :         zend_free_op free_op1, free_op2;
    6333           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6334             : 
    6335           0 :         is_identical_function(result,
    6336           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6337           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6338           0 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    6339           0 :         zval_dtor(free_op1.var);
    6340           0 :         zval_dtor(free_op2.var);
    6341           0 :         ZEND_VM_NEXT_OPCODE();
    6342             : }
    6343             : 
    6344        4923 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6345             : {
    6346        4923 :         zend_op *opline = EX(opline);
    6347             :         zend_free_op free_op1, free_op2;
    6348        4923 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6349             : 
    6350        4923 :         compare_function(result,
    6351        4923 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6352        4923 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6353        4923 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    6354        4923 :         zval_dtor(free_op1.var);
    6355        4923 :         zval_dtor(free_op2.var);
    6356        4923 :         ZEND_VM_NEXT_OPCODE();
    6357             : }
    6358             : 
    6359           8 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6360             : {
    6361           8 :         zend_op *opline = EX(opline);
    6362             :         zend_free_op free_op1, free_op2;
    6363           8 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6364             : 
    6365           8 :         compare_function(result,
    6366           8 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6367           8 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6368           8 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    6369           8 :         zval_dtor(free_op1.var);
    6370           8 :         zval_dtor(free_op2.var);
    6371           8 :         ZEND_VM_NEXT_OPCODE();
    6372             : }
    6373             : 
    6374           0 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6375             : {
    6376           0 :         zend_op *opline = EX(opline);
    6377             :         zend_free_op free_op1, free_op2;
    6378           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6379             : 
    6380           0 :         compare_function(result,
    6381           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6382           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6383           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    6384           0 :         zval_dtor(free_op1.var);
    6385           0 :         zval_dtor(free_op2.var);
    6386           0 :         ZEND_VM_NEXT_OPCODE();
    6387             : }
    6388             : 
    6389           0 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6390             : {
    6391           0 :         zend_op *opline = EX(opline);
    6392             :         zend_free_op free_op1, free_op2;
    6393           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6394             : 
    6395           0 :         compare_function(result,
    6396           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6397           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6398           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    6399           0 :         zval_dtor(free_op1.var);
    6400           0 :         zval_dtor(free_op2.var);
    6401           0 :         ZEND_VM_NEXT_OPCODE();
    6402             : }
    6403             : 
    6404         235 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6405             : {
    6406         235 :         zend_op *opline = EX(opline);
    6407             :         zend_free_op free_op1, free_op2;
    6408             : 
    6409         235 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    6410         235 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6411         235 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6412         235 :         zval_dtor(free_op1.var);
    6413         235 :         zval_dtor(free_op2.var);
    6414         235 :         ZEND_VM_NEXT_OPCODE();
    6415             : }
    6416             : 
    6417           1 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6418             : {
    6419           1 :         zend_op *opline = EX(opline);
    6420             :         zend_free_op free_op1, free_op2;
    6421             : 
    6422           1 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    6423           1 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6424           1 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6425           1 :         zval_dtor(free_op1.var);
    6426           1 :         zval_dtor(free_op2.var);
    6427           1 :         ZEND_VM_NEXT_OPCODE();
    6428             : }
    6429             : 
    6430           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6431             : {
    6432           0 :         zend_op *opline = EX(opline);
    6433             :         zend_free_op free_op1, free_op2;
    6434             : 
    6435           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    6436           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6437           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6438           0 :         zval_dtor(free_op1.var);
    6439           0 :         zval_dtor(free_op2.var);
    6440           0 :         ZEND_VM_NEXT_OPCODE();
    6441             : }
    6442             : 
    6443           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6444             : {
    6445           0 :         zend_op *opline = EX(opline);
    6446             :         zend_free_op free_op1, free_op2;
    6447             : 
    6448           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    6449           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6450           0 :                 _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6451           0 :         zval_dtor(free_op1.var);
    6452           0 :         zval_dtor(free_op2.var);
    6453           0 :         ZEND_VM_NEXT_OPCODE();
    6454             : }
    6455             : 
    6456           0 : static int ZEND_FASTCALL  ZEND_ADD_VAR_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6457             : {
    6458           0 :         zend_op *opline = EX(opline);
    6459             :         zend_free_op free_op2;
    6460           0 :         zval *str = &EX_T(opline->result.u.var).tmp_var;
    6461           0 :         zval *var = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    6462             :         zval var_copy;
    6463           0 :         int use_copy = 0;
    6464             : 
    6465           0 :         if (IS_TMP_VAR == IS_UNUSED) {
    6466             :                 /* Initialize for erealloc in add_string_to_string */
    6467             :                 Z_STRVAL_P(str) = NULL;
    6468             :                 Z_STRLEN_P(str) = 0;
    6469             :                 Z_TYPE_P(str) = IS_STRING;
    6470             : 
    6471             :                 INIT_PZVAL(str);
    6472             :         }
    6473             : 
    6474           0 :         if (Z_TYPE_P(var) != IS_STRING) {
    6475           0 :                 zend_make_printable_zval(var, &var_copy, &use_copy);
    6476             : 
    6477           0 :                 if (use_copy) {
    6478           0 :                         var = &var_copy;
    6479             :                 }
    6480             :         }
    6481           0 :         add_string_to_string(str, str, var);
    6482             : 
    6483           0 :         if (use_copy) {
    6484           0 :                 zval_dtor(var);
    6485             :         }
    6486             :         /* original comment, possibly problematic:
    6487             :          * FREE_OP is missing intentionally here - we're always working on the same temporary variable
    6488             :          * (Zeev):  I don't think it's problematic, we only use variables
    6489             :          * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
    6490             :          * string offsets or overloaded objects
    6491             :          */
    6492           0 :         zval_dtor(free_op2.var);
    6493             : 
    6494           0 :         ZEND_VM_NEXT_OPCODE();
    6495             : }
    6496             : 
    6497           0 : static int ZEND_FASTCALL  ZEND_INIT_METHOD_CALL_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6498             : {
    6499           0 :         zend_op *opline = EX(opline);
    6500             :         zval *function_name;
    6501             :         char *function_name_strval;
    6502             :         int function_name_strlen;
    6503             :         zend_free_op free_op1, free_op2;
    6504             : 
    6505           0 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    6506             : 
    6507           0 :         function_name = _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    6508             : 
    6509           0 :         if (Z_TYPE_P(function_name)!=IS_STRING) {
    6510           0 :                 zend_error_noreturn(E_ERROR, "Method name must be a string");
    6511             :         }
    6512             : 
    6513           0 :         function_name_strval = Z_STRVAL_P(function_name);
    6514           0 :         function_name_strlen = Z_STRLEN_P(function_name);
    6515             : 
    6516           0 :         EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6517             : 
    6518           0 :         if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
    6519           0 :                 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
    6520           0 :                         zend_error_noreturn(E_ERROR, "Object does not support method calls");
    6521             :                 }
    6522             : 
    6523             :                 /* First, locate the function. */
    6524           0 :                 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
    6525           0 :                 if (!EX(fbc)) {
    6526           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
    6527             :                 }
    6528             : 
    6529           0 :                 EX(called_scope) = Z_OBJCE_P(EX(object));
    6530             :         } else {
    6531           0 :                 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
    6532             :         }
    6533             : 
    6534           0 :         if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
    6535           0 :                 EX(object) = NULL;
    6536             :         } else {
    6537           0 :                 if (!PZVAL_IS_REF(EX(object))) {
    6538           0 :                         Z_ADDREF_P(EX(object)); /* For $this pointer */
    6539             :                 } else {
    6540             :                         zval *this_ptr;
    6541           0 :                         ALLOC_ZVAL(this_ptr);
    6542           0 :                         INIT_PZVAL_COPY(this_ptr, EX(object));
    6543           0 :                         zval_copy_ctor(this_ptr);
    6544           0 :                         EX(object) = this_ptr;
    6545             :                 }
    6546             :         }
    6547             : 
    6548           0 :         zval_dtor(free_op2.var);
    6549             : 
    6550           0 :         ZEND_VM_NEXT_OPCODE();
    6551             : }
    6552             : 
    6553         124 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6554             : {
    6555         124 :         zend_op *opline = EX(opline);
    6556         124 :         int switch_expr_is_overloaded=0;
    6557             :         zend_free_op free_op1, free_op2;
    6558             : 
    6559         124 :         if (IS_TMP_VAR==IS_VAR) {
    6560             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    6561             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    6562             :                 } else {
    6563             :                         switch_expr_is_overloaded = 1;
    6564             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    6565             :                 }
    6566             :         }
    6567         124 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    6568         124 :                                  _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6569         124 :                                  _get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6570             : 
    6571         124 :         zval_dtor(free_op2.var);
    6572         124 :         if (switch_expr_is_overloaded) {
    6573             :                 /* We only free op1 if this is a string offset,
    6574             :                  * Since if it is a TMP_VAR, it'll be reused by
    6575             :                  * other CASE opcodes (whereas string offsets
    6576             :                  * are allocated at each get_zval_ptr())
    6577             :                  */
    6578           0 :                 zval_dtor(free_op1.var);
    6579           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    6580           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    6581             :         }
    6582         124 :         ZEND_VM_NEXT_OPCODE();
    6583             : }
    6584             : 
    6585          69 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6586             : {
    6587          69 :         zend_op *opline = EX(opline);
    6588             :         zend_free_op free_op1, free_op2;
    6589          69 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    6590             :         zval *expr_ptr;
    6591         138 :         zval *offset=_get_zval_ptr_tmp(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    6592             : 
    6593             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    6594             :         zval **expr_ptr_ptr = NULL;
    6595             : 
    6596             :         if (opline->extended_value) {
    6597             :                 expr_ptr_ptr=NULL;
    6598             :                 expr_ptr = *expr_ptr_ptr;
    6599             :         } else {
    6600             :                 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6601             :         }
    6602             : #else
    6603         138 :         expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6604             : #endif
    6605             : 
    6606             :         if (1) { /* temporary variable */
    6607             :                 zval *new_expr;
    6608             : 
    6609          69 :                 ALLOC_ZVAL(new_expr);
    6610          69 :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    6611          69 :                 expr_ptr = new_expr;
    6612             :         } else {
    6613             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    6614             :                 if (opline->extended_value) {
    6615             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    6616             :                         expr_ptr = *expr_ptr_ptr;
    6617             :                         Z_ADDREF_P(expr_ptr);
    6618             :                 } else
    6619             : #endif
    6620             :                 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    6621             :                         zval *new_expr;
    6622             : 
    6623             :                         ALLOC_ZVAL(new_expr);
    6624             :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    6625             :                         expr_ptr = new_expr;
    6626             :                         zendi_zval_copy_ctor(*expr_ptr);
    6627             :                 } else {
    6628             :                         Z_ADDREF_P(expr_ptr);
    6629             :                 }
    6630             :         }
    6631          69 :         if (offset) {
    6632          69 :                 switch (Z_TYPE_P(offset)) {
    6633             :                         case IS_DOUBLE:
    6634           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    6635           0 :                                 break;
    6636             :                         case IS_LONG:
    6637             :                         case IS_BOOL:
    6638          58 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    6639          58 :                                 break;
    6640             :                         case IS_STRING:
    6641          10 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    6642          10 :                                 break;
    6643             :                         case IS_NULL:
    6644           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    6645           0 :                                 break;
    6646             :                         default:
    6647           1 :                                 zend_error(E_WARNING, "Illegal offset type");
    6648           1 :                                 zval_ptr_dtor(&expr_ptr);
    6649             :                                 /* do nothing */
    6650             :                                 break;
    6651             :                 }
    6652          69 :                 zval_dtor(free_op2.var);
    6653             :         } else {
    6654           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    6655             :         }
    6656          69 :         if (opline->extended_value) {
    6657             : 
    6658             :         } else {
    6659             : 
    6660             :         }
    6661          69 :         ZEND_VM_NEXT_OPCODE();
    6662             : }
    6663             : 
    6664          59 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6665             : {
    6666          59 :         zend_op *opline = EX(opline);
    6667             : 
    6668          59 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    6669          59 :         if (IS_TMP_VAR == IS_UNUSED) {
    6670             :                 ZEND_VM_NEXT_OPCODE();
    6671             : #if 0 || IS_TMP_VAR != IS_UNUSED
    6672             :         } else {
    6673          59 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    6674             : #endif
    6675             :         }
    6676             : }
    6677             : 
    6678       25861 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6679             : {
    6680       25861 :         zend_op *opline = EX(opline);
    6681             :         zend_free_op free_op1, free_op2;
    6682             : 
    6683       25861 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    6684       25861 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6685       25861 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6686       25861 :         zval_dtor(free_op1.var);
    6687       25861 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6688       25861 :         ZEND_VM_NEXT_OPCODE();
    6689             : }
    6690             : 
    6691           1 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6692             : {
    6693           1 :         zend_op *opline = EX(opline);
    6694             :         zend_free_op free_op1, free_op2;
    6695             : 
    6696           1 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    6697           1 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6698           1 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6699           1 :         zval_dtor(free_op1.var);
    6700           1 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6701           1 :         ZEND_VM_NEXT_OPCODE();
    6702             : }
    6703             : 
    6704           0 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6705             : {
    6706           0 :         zend_op *opline = EX(opline);
    6707             :         zend_free_op free_op1, free_op2;
    6708             : 
    6709           0 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    6710           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6711           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6712           0 :         zval_dtor(free_op1.var);
    6713           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6714           0 :         ZEND_VM_NEXT_OPCODE();
    6715             : }
    6716             : 
    6717           0 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6718             : {
    6719           0 :         zend_op *opline = EX(opline);
    6720             :         zend_free_op free_op1, free_op2;
    6721             : 
    6722           0 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    6723           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6724           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6725           0 :         zval_dtor(free_op1.var);
    6726           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6727           0 :         ZEND_VM_NEXT_OPCODE();
    6728             : }
    6729             : 
    6730           0 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6731             : {
    6732           0 :         zend_op *opline = EX(opline);
    6733             :         zend_free_op free_op1, free_op2;
    6734             : 
    6735           0 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    6736           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6737           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6738           0 :         zval_dtor(free_op1.var);
    6739           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6740           0 :         ZEND_VM_NEXT_OPCODE();
    6741             : }
    6742             : 
    6743           0 : static int ZEND_FASTCALL  ZEND_SL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6744             : {
    6745           0 :         zend_op *opline = EX(opline);
    6746             :         zend_free_op free_op1, free_op2;
    6747             : 
    6748           0 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    6749           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6750           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6751           0 :         zval_dtor(free_op1.var);
    6752           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6753           0 :         ZEND_VM_NEXT_OPCODE();
    6754             : }
    6755             : 
    6756           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6757             : {
    6758           0 :         zend_op *opline = EX(opline);
    6759             :         zend_free_op free_op1, free_op2;
    6760             : 
    6761           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    6762           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6763           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6764           0 :         zval_dtor(free_op1.var);
    6765           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6766           0 :         ZEND_VM_NEXT_OPCODE();
    6767             : }
    6768             : 
    6769       24201 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6770             : {
    6771       24201 :         zend_op *opline = EX(opline);
    6772             :         zend_free_op free_op1, free_op2;
    6773             : 
    6774       24201 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    6775       24201 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6776       24201 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6777       24201 :         zval_dtor(free_op1.var);
    6778       24201 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6779       24201 :         ZEND_VM_NEXT_OPCODE();
    6780             : }
    6781             : 
    6782       20009 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6783             : {
    6784       20009 :         zend_op *opline = EX(opline);
    6785             :         zend_free_op free_op1, free_op2;
    6786             : 
    6787       20009 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    6788       20009 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6789       20009 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6790       20009 :         zval_dtor(free_op1.var);
    6791       20009 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6792       20009 :         ZEND_VM_NEXT_OPCODE();
    6793             : }
    6794             : 
    6795           1 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6796             : {
    6797           1 :         zend_op *opline = EX(opline);
    6798             :         zend_free_op free_op1, free_op2;
    6799           1 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6800             : 
    6801           1 :         is_identical_function(result,
    6802           1 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6803           1 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6804           1 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    6805           1 :         zval_dtor(free_op1.var);
    6806           1 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6807           1 :         ZEND_VM_NEXT_OPCODE();
    6808             : }
    6809             : 
    6810           0 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6811             : {
    6812           0 :         zend_op *opline = EX(opline);
    6813             :         zend_free_op free_op1, free_op2;
    6814           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6815             : 
    6816           0 :         compare_function(result,
    6817           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6818           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6819           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    6820           0 :         zval_dtor(free_op1.var);
    6821           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6822           0 :         ZEND_VM_NEXT_OPCODE();
    6823             : }
    6824             : 
    6825           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6826             : {
    6827           0 :         zend_op *opline = EX(opline);
    6828             :         zend_free_op free_op1, free_op2;
    6829           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6830             : 
    6831           0 :         compare_function(result,
    6832           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6833           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6834           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    6835           0 :         zval_dtor(free_op1.var);
    6836           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6837           0 :         ZEND_VM_NEXT_OPCODE();
    6838             : }
    6839             : 
    6840           6 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6841             : {
    6842           6 :         zend_op *opline = EX(opline);
    6843             :         zend_free_op free_op1, free_op2;
    6844           6 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6845             : 
    6846           6 :         compare_function(result,
    6847           6 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6848           6 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6849           6 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    6850           6 :         zval_dtor(free_op1.var);
    6851           6 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6852           6 :         ZEND_VM_NEXT_OPCODE();
    6853             : }
    6854             : 
    6855           0 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6856             : {
    6857           0 :         zend_op *opline = EX(opline);
    6858             :         zend_free_op free_op1, free_op2;
    6859           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    6860             : 
    6861           0 :         compare_function(result,
    6862           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6863           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6864           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    6865           0 :         zval_dtor(free_op1.var);
    6866           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6867           0 :         ZEND_VM_NEXT_OPCODE();
    6868             : }
    6869             : 
    6870           0 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6871             : {
    6872           0 :         zend_op *opline = EX(opline);
    6873             :         zend_free_op free_op1, free_op2;
    6874             : 
    6875           0 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    6876           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6877           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6878           0 :         zval_dtor(free_op1.var);
    6879           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6880           0 :         ZEND_VM_NEXT_OPCODE();
    6881             : }
    6882             : 
    6883           0 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6884             : {
    6885           0 :         zend_op *opline = EX(opline);
    6886             :         zend_free_op free_op1, free_op2;
    6887             : 
    6888           0 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    6889           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6890           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6891           0 :         zval_dtor(free_op1.var);
    6892           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6893           0 :         ZEND_VM_NEXT_OPCODE();
    6894             : }
    6895             : 
    6896           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6897             : {
    6898           0 :         zend_op *opline = EX(opline);
    6899             :         zend_free_op free_op1, free_op2;
    6900             : 
    6901           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    6902           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6903           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6904           0 :         zval_dtor(free_op1.var);
    6905           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6906           0 :         ZEND_VM_NEXT_OPCODE();
    6907             : }
    6908             : 
    6909           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6910             : {
    6911           0 :         zend_op *opline = EX(opline);
    6912             :         zend_free_op free_op1, free_op2;
    6913             : 
    6914           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    6915           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    6916           0 :                 _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    6917           0 :         zval_dtor(free_op1.var);
    6918           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6919           0 :         ZEND_VM_NEXT_OPCODE();
    6920             : }
    6921             : 
    6922        9520 : static int ZEND_FASTCALL  ZEND_ADD_VAR_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6923             : {
    6924        9520 :         zend_op *opline = EX(opline);
    6925             :         zend_free_op free_op2;
    6926        9520 :         zval *str = &EX_T(opline->result.u.var).tmp_var;
    6927       19040 :         zval *var = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    6928             :         zval var_copy;
    6929        9520 :         int use_copy = 0;
    6930             : 
    6931        9520 :         if (IS_TMP_VAR == IS_UNUSED) {
    6932             :                 /* Initialize for erealloc in add_string_to_string */
    6933             :                 Z_STRVAL_P(str) = NULL;
    6934             :                 Z_STRLEN_P(str) = 0;
    6935             :                 Z_TYPE_P(str) = IS_STRING;
    6936             : 
    6937             :                 INIT_PZVAL(str);
    6938             :         }
    6939             : 
    6940        9520 :         if (Z_TYPE_P(var) != IS_STRING) {
    6941        1864 :                 zend_make_printable_zval(var, &var_copy, &use_copy);
    6942             : 
    6943        1864 :                 if (use_copy) {
    6944        1864 :                         var = &var_copy;
    6945             :                 }
    6946             :         }
    6947        9520 :         add_string_to_string(str, str, var);
    6948             : 
    6949        9520 :         if (use_copy) {
    6950        1864 :                 zval_dtor(var);
    6951             :         }
    6952             :         /* original comment, possibly problematic:
    6953             :          * FREE_OP is missing intentionally here - we're always working on the same temporary variable
    6954             :          * (Zeev):  I don't think it's problematic, we only use variables
    6955             :          * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
    6956             :          * string offsets or overloaded objects
    6957             :          */
    6958        9520 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    6959             : 
    6960        9520 :         ZEND_VM_NEXT_OPCODE();
    6961             : }
    6962             : 
    6963           0 : static int ZEND_FASTCALL  ZEND_INIT_METHOD_CALL_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    6964             : {
    6965           0 :         zend_op *opline = EX(opline);
    6966             :         zval *function_name;
    6967             :         char *function_name_strval;
    6968             :         int function_name_strlen;
    6969             :         zend_free_op free_op1, free_op2;
    6970             : 
    6971           0 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    6972             : 
    6973           0 :         function_name = _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    6974             : 
    6975           0 :         if (Z_TYPE_P(function_name)!=IS_STRING) {
    6976           0 :                 zend_error_noreturn(E_ERROR, "Method name must be a string");
    6977             :         }
    6978             : 
    6979           0 :         function_name_strval = Z_STRVAL_P(function_name);
    6980           0 :         function_name_strlen = Z_STRLEN_P(function_name);
    6981             : 
    6982           0 :         EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    6983             : 
    6984           0 :         if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
    6985           0 :                 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
    6986           0 :                         zend_error_noreturn(E_ERROR, "Object does not support method calls");
    6987             :                 }
    6988             : 
    6989             :                 /* First, locate the function. */
    6990           0 :                 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
    6991           0 :                 if (!EX(fbc)) {
    6992           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
    6993             :                 }
    6994             : 
    6995           0 :                 EX(called_scope) = Z_OBJCE_P(EX(object));
    6996             :         } else {
    6997           0 :                 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
    6998             :         }
    6999             : 
    7000           0 :         if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
    7001           0 :                 EX(object) = NULL;
    7002             :         } else {
    7003           0 :                 if (!PZVAL_IS_REF(EX(object))) {
    7004           0 :                         Z_ADDREF_P(EX(object)); /* For $this pointer */
    7005             :                 } else {
    7006             :                         zval *this_ptr;
    7007           0 :                         ALLOC_ZVAL(this_ptr);
    7008           0 :                         INIT_PZVAL_COPY(this_ptr, EX(object));
    7009           0 :                         zval_copy_ctor(this_ptr);
    7010           0 :                         EX(object) = this_ptr;
    7011             :                 }
    7012             :         }
    7013             : 
    7014           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    7015             : 
    7016           0 :         ZEND_VM_NEXT_OPCODE();
    7017             : }
    7018             : 
    7019           0 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7020             : {
    7021           0 :         zend_op *opline = EX(opline);
    7022           0 :         int switch_expr_is_overloaded=0;
    7023             :         zend_free_op free_op1, free_op2;
    7024             : 
    7025           0 :         if (IS_TMP_VAR==IS_VAR) {
    7026             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    7027             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    7028             :                 } else {
    7029             :                         switch_expr_is_overloaded = 1;
    7030             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    7031             :                 }
    7032             :         }
    7033           0 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    7034           0 :                                  _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7035           0 :                                  _get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC) TSRMLS_CC);
    7036             : 
    7037           0 :         if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    7038           0 :         if (switch_expr_is_overloaded) {
    7039             :                 /* We only free op1 if this is a string offset,
    7040             :                  * Since if it is a TMP_VAR, it'll be reused by
    7041             :                  * other CASE opcodes (whereas string offsets
    7042             :                  * are allocated at each get_zval_ptr())
    7043             :                  */
    7044           0 :                 zval_dtor(free_op1.var);
    7045           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    7046           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    7047             :         }
    7048           0 :         ZEND_VM_NEXT_OPCODE();
    7049             : }
    7050             : 
    7051           1 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7052             : {
    7053           1 :         zend_op *opline = EX(opline);
    7054             :         zend_free_op free_op1, free_op2;
    7055           1 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    7056             :         zval *expr_ptr;
    7057           2 :         zval *offset=_get_zval_ptr_var(&opline->op2, EX(Ts), &free_op2 TSRMLS_CC);
    7058             : 
    7059             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    7060             :         zval **expr_ptr_ptr = NULL;
    7061             : 
    7062             :         if (opline->extended_value) {
    7063             :                 expr_ptr_ptr=NULL;
    7064             :                 expr_ptr = *expr_ptr_ptr;
    7065             :         } else {
    7066             :                 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7067             :         }
    7068             : #else
    7069           2 :         expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7070             : #endif
    7071             : 
    7072             :         if (1) { /* temporary variable */
    7073             :                 zval *new_expr;
    7074             : 
    7075           1 :                 ALLOC_ZVAL(new_expr);
    7076           1 :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    7077           1 :                 expr_ptr = new_expr;
    7078             :         } else {
    7079             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    7080             :                 if (opline->extended_value) {
    7081             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    7082             :                         expr_ptr = *expr_ptr_ptr;
    7083             :                         Z_ADDREF_P(expr_ptr);
    7084             :                 } else
    7085             : #endif
    7086             :                 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    7087             :                         zval *new_expr;
    7088             : 
    7089             :                         ALLOC_ZVAL(new_expr);
    7090             :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    7091             :                         expr_ptr = new_expr;
    7092             :                         zendi_zval_copy_ctor(*expr_ptr);
    7093             :                 } else {
    7094             :                         Z_ADDREF_P(expr_ptr);
    7095             :                 }
    7096             :         }
    7097           1 :         if (offset) {
    7098           1 :                 switch (Z_TYPE_P(offset)) {
    7099             :                         case IS_DOUBLE:
    7100           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    7101           0 :                                 break;
    7102             :                         case IS_LONG:
    7103             :                         case IS_BOOL:
    7104           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    7105           0 :                                 break;
    7106             :                         case IS_STRING:
    7107           0 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    7108           0 :                                 break;
    7109             :                         case IS_NULL:
    7110           1 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    7111           1 :                                 break;
    7112             :                         default:
    7113           0 :                                 zend_error(E_WARNING, "Illegal offset type");
    7114           0 :                                 zval_ptr_dtor(&expr_ptr);
    7115             :                                 /* do nothing */
    7116             :                                 break;
    7117             :                 }
    7118           1 :                 if (free_op2.var) {zval_ptr_dtor(&free_op2.var);};
    7119             :         } else {
    7120           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    7121             :         }
    7122           1 :         if (opline->extended_value) {
    7123             : 
    7124             :         } else {
    7125             : 
    7126             :         }
    7127           1 :         ZEND_VM_NEXT_OPCODE();
    7128             : }
    7129             : 
    7130           0 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7131             : {
    7132           0 :         zend_op *opline = EX(opline);
    7133             : 
    7134           0 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    7135           0 :         if (IS_TMP_VAR == IS_UNUSED) {
    7136             :                 ZEND_VM_NEXT_OPCODE();
    7137             : #if 0 || IS_TMP_VAR != IS_UNUSED
    7138             :         } else {
    7139           0 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    7140             : #endif
    7141             :         }
    7142             : }
    7143             : 
    7144       28798 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7145             : {
    7146       28798 :         zend_op *opline = EX(opline);
    7147             :         zend_free_op free_op1;
    7148       28798 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    7149             :         zval *expr_ptr;
    7150       28798 :         zval *offset=NULL;
    7151             : 
    7152             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    7153             :         zval **expr_ptr_ptr = NULL;
    7154             : 
    7155             :         if (opline->extended_value) {
    7156             :                 expr_ptr_ptr=NULL;
    7157             :                 expr_ptr = *expr_ptr_ptr;
    7158             :         } else {
    7159             :                 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7160             :         }
    7161             : #else
    7162       57596 :         expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7163             : #endif
    7164             : 
    7165             :         if (1) { /* temporary variable */
    7166             :                 zval *new_expr;
    7167             : 
    7168       28798 :                 ALLOC_ZVAL(new_expr);
    7169       28798 :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    7170       28798 :                 expr_ptr = new_expr;
    7171             :         } else {
    7172             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    7173             :                 if (opline->extended_value) {
    7174             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    7175             :                         expr_ptr = *expr_ptr_ptr;
    7176             :                         Z_ADDREF_P(expr_ptr);
    7177             :                 } else
    7178             : #endif
    7179             :                 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    7180             :                         zval *new_expr;
    7181             : 
    7182             :                         ALLOC_ZVAL(new_expr);
    7183             :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    7184             :                         expr_ptr = new_expr;
    7185             :                         zendi_zval_copy_ctor(*expr_ptr);
    7186             :                 } else {
    7187             :                         Z_ADDREF_P(expr_ptr);
    7188             :                 }
    7189             :         }
    7190       28798 :         if (offset) {
    7191           0 :                 switch (Z_TYPE_P(offset)) {
    7192             :                         case IS_DOUBLE:
    7193           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    7194           0 :                                 break;
    7195             :                         case IS_LONG:
    7196             :                         case IS_BOOL:
    7197           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    7198           0 :                                 break;
    7199             :                         case IS_STRING:
    7200           0 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    7201           0 :                                 break;
    7202             :                         case IS_NULL:
    7203           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    7204           0 :                                 break;
    7205             :                         default:
    7206           0 :                                 zend_error(E_WARNING, "Illegal offset type");
    7207           0 :                                 zval_ptr_dtor(&expr_ptr);
    7208             :                                 /* do nothing */
    7209             :                                 break;
    7210             :                 }
    7211             : 
    7212             :         } else {
    7213       28798 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    7214             :         }
    7215       28798 :         if (opline->extended_value) {
    7216             : 
    7217             :         } else {
    7218             : 
    7219             :         }
    7220       28798 :         ZEND_VM_NEXT_OPCODE();
    7221             : }
    7222             : 
    7223       22191 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7224             : {
    7225       22191 :         zend_op *opline = EX(opline);
    7226             : 
    7227       22191 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    7228       22191 :         if (IS_TMP_VAR == IS_UNUSED) {
    7229             :                 ZEND_VM_NEXT_OPCODE();
    7230             : #if 0 || IS_TMP_VAR != IS_UNUSED
    7231             :         } else {
    7232       22191 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_UNUSED_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    7233             : #endif
    7234             :         }
    7235             : }
    7236             : 
    7237      244420 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7238             : {
    7239      244420 :         zend_op *opline = EX(opline);
    7240             :         zend_free_op free_op1;
    7241             : 
    7242      244420 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    7243      244420 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7244      244420 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7245      244420 :         zval_dtor(free_op1.var);
    7246             : 
    7247      244420 :         ZEND_VM_NEXT_OPCODE();
    7248             : }
    7249             : 
    7250           2 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7251             : {
    7252           2 :         zend_op *opline = EX(opline);
    7253             :         zend_free_op free_op1;
    7254             : 
    7255           2 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    7256           2 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7257           2 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7258           2 :         zval_dtor(free_op1.var);
    7259             : 
    7260           2 :         ZEND_VM_NEXT_OPCODE();
    7261             : }
    7262             : 
    7263        1001 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7264             : {
    7265        1001 :         zend_op *opline = EX(opline);
    7266             :         zend_free_op free_op1;
    7267             : 
    7268        1001 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    7269        1001 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7270        1001 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7271        1001 :         zval_dtor(free_op1.var);
    7272             : 
    7273        1001 :         ZEND_VM_NEXT_OPCODE();
    7274             : }
    7275             : 
    7276          43 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7277             : {
    7278          43 :         zend_op *opline = EX(opline);
    7279             :         zend_free_op free_op1;
    7280             : 
    7281          43 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    7282          43 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7283          43 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7284          43 :         zval_dtor(free_op1.var);
    7285             : 
    7286          43 :         ZEND_VM_NEXT_OPCODE();
    7287             : }
    7288             : 
    7289           0 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7290             : {
    7291           0 :         zend_op *opline = EX(opline);
    7292             :         zend_free_op free_op1;
    7293             : 
    7294           0 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    7295           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7296           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7297           0 :         zval_dtor(free_op1.var);
    7298             : 
    7299           0 :         ZEND_VM_NEXT_OPCODE();
    7300             : }
    7301             : 
    7302           0 : static int ZEND_FASTCALL  ZEND_SL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7303             : {
    7304           0 :         zend_op *opline = EX(opline);
    7305             :         zend_free_op free_op1;
    7306             : 
    7307           0 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    7308           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7309           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7310           0 :         zval_dtor(free_op1.var);
    7311             : 
    7312           0 :         ZEND_VM_NEXT_OPCODE();
    7313             : }
    7314             : 
    7315           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7316             : {
    7317           0 :         zend_op *opline = EX(opline);
    7318             :         zend_free_op free_op1;
    7319             : 
    7320           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    7321           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7322           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7323           0 :         zval_dtor(free_op1.var);
    7324             : 
    7325           0 :         ZEND_VM_NEXT_OPCODE();
    7326             : }
    7327             : 
    7328      171531 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7329             : {
    7330      171531 :         zend_op *opline = EX(opline);
    7331             :         zend_free_op free_op1;
    7332             : 
    7333      171531 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    7334      171531 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7335      171531 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7336      171531 :         zval_dtor(free_op1.var);
    7337             : 
    7338      171531 :         ZEND_VM_NEXT_OPCODE();
    7339             : }
    7340             : 
    7341           2 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7342             : {
    7343           2 :         zend_op *opline = EX(opline);
    7344             :         zend_free_op free_op1;
    7345             : 
    7346           2 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    7347           2 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7348           2 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7349           2 :         zval_dtor(free_op1.var);
    7350             : 
    7351           2 :         ZEND_VM_NEXT_OPCODE();
    7352             : }
    7353             : 
    7354           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7355             : {
    7356           0 :         zend_op *opline = EX(opline);
    7357             :         zend_free_op free_op1;
    7358           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    7359             : 
    7360           0 :         is_identical_function(result,
    7361           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7362           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7363           0 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    7364           0 :         zval_dtor(free_op1.var);
    7365             : 
    7366           0 :         ZEND_VM_NEXT_OPCODE();
    7367             : }
    7368             : 
    7369         256 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7370             : {
    7371         256 :         zend_op *opline = EX(opline);
    7372             :         zend_free_op free_op1;
    7373         256 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    7374             : 
    7375         256 :         compare_function(result,
    7376         256 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7377         256 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7378         256 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    7379         256 :         zval_dtor(free_op1.var);
    7380             : 
    7381         256 :         ZEND_VM_NEXT_OPCODE();
    7382             : }
    7383             : 
    7384           0 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7385             : {
    7386           0 :         zend_op *opline = EX(opline);
    7387             :         zend_free_op free_op1;
    7388           0 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    7389             : 
    7390           0 :         compare_function(result,
    7391           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7392           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7393           0 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    7394           0 :         zval_dtor(free_op1.var);
    7395             : 
    7396           0 :         ZEND_VM_NEXT_OPCODE();
    7397             : }
    7398             : 
    7399       14652 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7400             : {
    7401       14652 :         zend_op *opline = EX(opline);
    7402             :         zend_free_op free_op1;
    7403       14652 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    7404             : 
    7405       14652 :         compare_function(result,
    7406       14652 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7407       14652 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7408       14652 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    7409       14652 :         zval_dtor(free_op1.var);
    7410             : 
    7411       14652 :         ZEND_VM_NEXT_OPCODE();
    7412             : }
    7413             : 
    7414           1 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7415             : {
    7416           1 :         zend_op *opline = EX(opline);
    7417             :         zend_free_op free_op1;
    7418           1 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    7419             : 
    7420           1 :         compare_function(result,
    7421           1 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7422           1 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7423           1 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    7424           1 :         zval_dtor(free_op1.var);
    7425             : 
    7426           1 :         ZEND_VM_NEXT_OPCODE();
    7427             : }
    7428             : 
    7429           0 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7430             : {
    7431           0 :         zend_op *opline = EX(opline);
    7432             :         zend_free_op free_op1;
    7433             : 
    7434           0 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    7435           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7436           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7437           0 :         zval_dtor(free_op1.var);
    7438             : 
    7439           0 :         ZEND_VM_NEXT_OPCODE();
    7440             : }
    7441             : 
    7442           0 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7443             : {
    7444           0 :         zend_op *opline = EX(opline);
    7445             :         zend_free_op free_op1;
    7446             : 
    7447           0 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    7448           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7449           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7450           0 :         zval_dtor(free_op1.var);
    7451             : 
    7452           0 :         ZEND_VM_NEXT_OPCODE();
    7453             : }
    7454             : 
    7455           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7456             : {
    7457           0 :         zend_op *opline = EX(opline);
    7458             :         zend_free_op free_op1;
    7459             : 
    7460           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    7461           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7462           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7463           0 :         zval_dtor(free_op1.var);
    7464             : 
    7465           0 :         ZEND_VM_NEXT_OPCODE();
    7466             : }
    7467             : 
    7468           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7469             : {
    7470           0 :         zend_op *opline = EX(opline);
    7471             :         zend_free_op free_op1;
    7472             : 
    7473           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    7474           0 :                 _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7475           0 :                 _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7476           0 :         zval_dtor(free_op1.var);
    7477             : 
    7478           0 :         ZEND_VM_NEXT_OPCODE();
    7479             : }
    7480             : 
    7481     1090593 : static int ZEND_FASTCALL  ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7482             : {
    7483     1090593 :         zend_op *opline = EX(opline);
    7484             : 
    7485     1090593 :         zval *str = &EX_T(opline->result.u.var).tmp_var;
    7486     2181186 :         zval *var = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    7487             :         zval var_copy;
    7488     1090593 :         int use_copy = 0;
    7489             : 
    7490     1090593 :         if (IS_TMP_VAR == IS_UNUSED) {
    7491             :                 /* Initialize for erealloc in add_string_to_string */
    7492             :                 Z_STRVAL_P(str) = NULL;
    7493             :                 Z_STRLEN_P(str) = 0;
    7494             :                 Z_TYPE_P(str) = IS_STRING;
    7495             : 
    7496             :                 INIT_PZVAL(str);
    7497             :         }
    7498             : 
    7499     1090593 :         if (Z_TYPE_P(var) != IS_STRING) {
    7500       99258 :                 zend_make_printable_zval(var, &var_copy, &use_copy);
    7501             : 
    7502       99252 :                 if (use_copy) {
    7503       99252 :                         var = &var_copy;
    7504             :                 }
    7505             :         }
    7506     1090587 :         add_string_to_string(str, str, var);
    7507             : 
    7508     1090587 :         if (use_copy) {
    7509       99252 :                 zval_dtor(var);
    7510             :         }
    7511             :         /* original comment, possibly problematic:
    7512             :          * FREE_OP is missing intentionally here - we're always working on the same temporary variable
    7513             :          * (Zeev):  I don't think it's problematic, we only use variables
    7514             :          * which aren't affected by FREE_OP(Ts, )'s anyway, unless they're
    7515             :          * string offsets or overloaded objects
    7516             :          */
    7517             : 
    7518     1090587 :         ZEND_VM_NEXT_OPCODE();
    7519             : }
    7520             : 
    7521           0 : static int ZEND_FASTCALL  ZEND_INIT_METHOD_CALL_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7522             : {
    7523           0 :         zend_op *opline = EX(opline);
    7524             :         zval *function_name;
    7525             :         char *function_name_strval;
    7526             :         int function_name_strlen;
    7527             :         zend_free_op free_op1;
    7528             : 
    7529           0 :         zend_ptr_stack_3_push(&EG(arg_types_stack), EX(fbc), EX(object), EX(called_scope));
    7530             : 
    7531           0 :         function_name = _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    7532             : 
    7533           0 :         if (Z_TYPE_P(function_name)!=IS_STRING) {
    7534           0 :                 zend_error_noreturn(E_ERROR, "Method name must be a string");
    7535             :         }
    7536             : 
    7537           0 :         function_name_strval = Z_STRVAL_P(function_name);
    7538           0 :         function_name_strlen = Z_STRLEN_P(function_name);
    7539             : 
    7540           0 :         EX(object) = _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7541             : 
    7542           0 :         if (EX(object) && Z_TYPE_P(EX(object)) == IS_OBJECT) {
    7543           0 :                 if (Z_OBJ_HT_P(EX(object))->get_method == NULL) {
    7544           0 :                         zend_error_noreturn(E_ERROR, "Object does not support method calls");
    7545             :                 }
    7546             : 
    7547             :                 /* First, locate the function. */
    7548           0 :                 EX(fbc) = Z_OBJ_HT_P(EX(object))->get_method(&EX(object), function_name_strval, function_name_strlen TSRMLS_CC);
    7549           0 :                 if (!EX(fbc)) {
    7550           0 :                         zend_error_noreturn(E_ERROR, "Call to undefined method %s::%s()", Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
    7551             :                 }
    7552             : 
    7553           0 :                 EX(called_scope) = Z_OBJCE_P(EX(object));
    7554             :         } else {
    7555           0 :                 zend_error_noreturn(E_ERROR, "Call to a member function %s() on a non-object", function_name_strval);
    7556             :         }
    7557             : 
    7558           0 :         if ((EX(fbc)->common.fn_flags & ZEND_ACC_STATIC) != 0) {
    7559           0 :                 EX(object) = NULL;
    7560             :         } else {
    7561           0 :                 if (!PZVAL_IS_REF(EX(object))) {
    7562           0 :                         Z_ADDREF_P(EX(object)); /* For $this pointer */
    7563             :                 } else {
    7564             :                         zval *this_ptr;
    7565           0 :                         ALLOC_ZVAL(this_ptr);
    7566           0 :                         INIT_PZVAL_COPY(this_ptr, EX(object));
    7567           0 :                         zval_copy_ctor(this_ptr);
    7568           0 :                         EX(object) = this_ptr;
    7569             :                 }
    7570             :         }
    7571             : 
    7572             : 
    7573           0 :         ZEND_VM_NEXT_OPCODE();
    7574             : }
    7575             : 
    7576           0 : static int ZEND_FASTCALL  ZEND_CASE_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7577             : {
    7578           0 :         zend_op *opline = EX(opline);
    7579           0 :         int switch_expr_is_overloaded=0;
    7580             :         zend_free_op free_op1;
    7581             : 
    7582           0 :         if (IS_TMP_VAR==IS_VAR) {
    7583             :                 if (EX_T(opline->op1.u.var).var.ptr_ptr) {
    7584             :                         PZVAL_LOCK(EX_T(opline->op1.u.var).var.ptr);
    7585             :                 } else {
    7586             :                         switch_expr_is_overloaded = 1;
    7587             :                         Z_ADDREF_P(EX_T(opline->op1.u.var).str_offset.str);
    7588             :                 }
    7589             :         }
    7590           0 :         is_equal_function(&EX_T(opline->result.u.var).tmp_var,
    7591           0 :                                  _get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    7592           0 :                                  _get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC) TSRMLS_CC);
    7593             : 
    7594           0 :         if (switch_expr_is_overloaded) {
    7595             :                 /* We only free op1 if this is a string offset,
    7596             :                  * Since if it is a TMP_VAR, it'll be reused by
    7597             :                  * other CASE opcodes (whereas string offsets
    7598             :                  * are allocated at each get_zval_ptr())
    7599             :                  */
    7600           0 :                 zval_dtor(free_op1.var);
    7601           0 :                 EX_T(opline->op1.u.var).var.ptr_ptr = NULL;
    7602           0 :                 EX_T(opline->op1.u.var).var.ptr = NULL;
    7603             :         }
    7604           0 :         ZEND_VM_NEXT_OPCODE();
    7605             : }
    7606             : 
    7607           4 : static int ZEND_FASTCALL  ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7608             : {
    7609           4 :         zend_op *opline = EX(opline);
    7610             :         zend_free_op free_op1;
    7611           4 :         zval *array_ptr = &EX_T(opline->result.u.var).tmp_var;
    7612             :         zval *expr_ptr;
    7613           8 :         zval *offset=_get_zval_ptr_cv(&opline->op2, EX(Ts), BP_VAR_R TSRMLS_CC);
    7614             : 
    7615             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    7616             :         zval **expr_ptr_ptr = NULL;
    7617             : 
    7618             :         if (opline->extended_value) {
    7619             :                 expr_ptr_ptr=NULL;
    7620             :                 expr_ptr = *expr_ptr_ptr;
    7621             :         } else {
    7622             :                 expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7623             :         }
    7624             : #else
    7625           8 :         expr_ptr=_get_zval_ptr_tmp(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7626             : #endif
    7627             : 
    7628             :         if (1) { /* temporary variable */
    7629             :                 zval *new_expr;
    7630             : 
    7631           4 :                 ALLOC_ZVAL(new_expr);
    7632           4 :                 INIT_PZVAL_COPY(new_expr, expr_ptr);
    7633           4 :                 expr_ptr = new_expr;
    7634             :         } else {
    7635             : #if 0 || IS_TMP_VAR == IS_VAR || IS_TMP_VAR == IS_CV
    7636             :                 if (opline->extended_value) {
    7637             :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(expr_ptr_ptr);
    7638             :                         expr_ptr = *expr_ptr_ptr;
    7639             :                         Z_ADDREF_P(expr_ptr);
    7640             :                 } else
    7641             : #endif
    7642             :                 if (IS_TMP_VAR == IS_CONST || PZVAL_IS_REF(expr_ptr)) {
    7643             :                         zval *new_expr;
    7644             : 
    7645             :                         ALLOC_ZVAL(new_expr);
    7646             :                         INIT_PZVAL_COPY(new_expr, expr_ptr);
    7647             :                         expr_ptr = new_expr;
    7648             :                         zendi_zval_copy_ctor(*expr_ptr);
    7649             :                 } else {
    7650             :                         Z_ADDREF_P(expr_ptr);
    7651             :                 }
    7652             :         }
    7653           4 :         if (offset) {
    7654           4 :                 switch (Z_TYPE_P(offset)) {
    7655             :                         case IS_DOUBLE:
    7656           0 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), zend_dval_to_lval(Z_DVAL_P(offset)), &expr_ptr, sizeof(zval *), NULL);
    7657           0 :                                 break;
    7658             :                         case IS_LONG:
    7659             :                         case IS_BOOL:
    7660           3 :                                 zend_hash_index_update(Z_ARRVAL_P(array_ptr), Z_LVAL_P(offset), &expr_ptr, sizeof(zval *), NULL);
    7661           3 :                                 break;
    7662             :                         case IS_STRING:
    7663           1 :                                 zend_symtable_update(Z_ARRVAL_P(array_ptr), Z_STRVAL_P(offset), Z_STRLEN_P(offset)+1, &expr_ptr, sizeof(zval *), NULL);
    7664           1 :                                 break;
    7665             :                         case IS_NULL:
    7666           0 :                                 zend_hash_update(Z_ARRVAL_P(array_ptr), "", sizeof(""), &expr_ptr, sizeof(zval *), NULL);
    7667           0 :                                 break;
    7668             :                         default:
    7669           0 :                                 zend_error(E_WARNING, "Illegal offset type");
    7670           0 :                                 zval_ptr_dtor(&expr_ptr);
    7671             :                                 /* do nothing */
    7672             :                                 break;
    7673             :                 }
    7674             : 
    7675             :         } else {
    7676           0 :                 zend_hash_next_index_insert(Z_ARRVAL_P(array_ptr), &expr_ptr, sizeof(zval *), NULL);
    7677             :         }
    7678           4 :         if (opline->extended_value) {
    7679             : 
    7680             :         } else {
    7681             : 
    7682             :         }
    7683           4 :         ZEND_VM_NEXT_OPCODE();
    7684             : }
    7685             : 
    7686           0 : static int ZEND_FASTCALL  ZEND_INIT_ARRAY_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7687             : {
    7688           0 :         zend_op *opline = EX(opline);
    7689             : 
    7690           0 :         array_init(&EX_T(opline->result.u.var).tmp_var);
    7691           0 :         if (IS_TMP_VAR == IS_UNUSED) {
    7692             :                 ZEND_VM_NEXT_OPCODE();
    7693             : #if 0 || IS_TMP_VAR != IS_UNUSED
    7694             :         } else {
    7695           0 :                 return ZEND_ADD_ARRAY_ELEMENT_SPEC_TMP_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    7696             : #endif
    7697             :         }
    7698             : }
    7699             : 
    7700           0 : static int ZEND_FASTCALL  ZEND_BW_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7701             : {
    7702           0 :         zend_op *opline = EX(opline);
    7703             :         zend_free_op free_op1;
    7704             : 
    7705           0 :         bitwise_not_function(&EX_T(opline->result.u.var).tmp_var,
    7706           0 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
    7707           0 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7708           0 :         ZEND_VM_NEXT_OPCODE();
    7709             : }
    7710             : 
    7711     1554910 : static int ZEND_FASTCALL  ZEND_BOOL_NOT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7712             : {
    7713     1554910 :         zend_op *opline = EX(opline);
    7714             :         zend_free_op free_op1;
    7715             : 
    7716     1554910 :         boolean_not_function(&EX_T(opline->result.u.var).tmp_var,
    7717     1554910 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC) TSRMLS_CC);
    7718     1554910 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7719     1554910 :         ZEND_VM_NEXT_OPCODE();
    7720             : }
    7721             : 
    7722          14 : static int ZEND_FASTCALL  ZEND_PRE_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7723             : {
    7724          14 :         zend_op *opline = EX(opline);
    7725             :         zend_free_op free_op1;
    7726          28 :         zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7727             : 
    7728          14 :         if (IS_VAR == IS_VAR && !var_ptr) {
    7729           0 :                 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
    7730             :         }
    7731          14 :         if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
    7732           0 :                 if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7733           0 :                         AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
    7734           0 :                         PZVAL_LOCK(EG(uninitialized_zval_ptr));
    7735             :                 }
    7736           0 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7737           0 :                 ZEND_VM_NEXT_OPCODE();
    7738             :         }
    7739             : 
    7740          59 :         SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
    7741             : 
    7742          14 :         if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
    7743           0 :            && Z_OBJ_HANDLER_PP(var_ptr, set)) {
    7744             :                 /* proxy object */
    7745           0 :                 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
    7746           0 :                 Z_ADDREF_P(val);
    7747           0 :                 increment_function(val);
    7748           0 :                 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
    7749           0 :                 zval_ptr_dtor(&val);
    7750             :         } else {
    7751          14 :                 increment_function(*var_ptr);
    7752             :         }
    7753             : 
    7754          14 :         if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7755          13 :                 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
    7756          13 :                 PZVAL_LOCK(*var_ptr);
    7757             :         }
    7758             : 
    7759          14 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7760          14 :         ZEND_VM_NEXT_OPCODE();
    7761             : }
    7762             : 
    7763           0 : static int ZEND_FASTCALL  ZEND_PRE_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7764             : {
    7765           0 :         zend_op *opline = EX(opline);
    7766             :         zend_free_op free_op1;
    7767           0 :         zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7768             : 
    7769           0 :         if (IS_VAR == IS_VAR && !var_ptr) {
    7770           0 :                 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
    7771             :         }
    7772           0 :         if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
    7773           0 :                 if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7774           0 :                         AI_SET_PTR(EX_T(opline->result.u.var).var, EG(uninitialized_zval_ptr));
    7775           0 :                         PZVAL_LOCK(EG(uninitialized_zval_ptr));
    7776             :                 }
    7777           0 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7778           0 :                 ZEND_VM_NEXT_OPCODE();
    7779             :         }
    7780             : 
    7781           0 :         SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
    7782             : 
    7783           0 :         if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
    7784           0 :            && Z_OBJ_HANDLER_PP(var_ptr, set)) {
    7785             :                 /* proxy object */
    7786           0 :                 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
    7787           0 :                 Z_ADDREF_P(val);
    7788           0 :                 decrement_function(val);
    7789           0 :                 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
    7790           0 :                 zval_ptr_dtor(&val);
    7791             :         } else {
    7792           0 :                 decrement_function(*var_ptr);
    7793             :         }
    7794             : 
    7795           0 :         if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7796           0 :                 AI_SET_PTR(EX_T(opline->result.u.var).var, *var_ptr);
    7797           0 :                 PZVAL_LOCK(*var_ptr);
    7798             :         }
    7799             : 
    7800           0 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7801           0 :         ZEND_VM_NEXT_OPCODE();
    7802             : }
    7803             : 
    7804      194653 : static int ZEND_FASTCALL  ZEND_POST_INC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7805             : {
    7806      194653 :         zend_op *opline = EX(opline);
    7807             :         zend_free_op free_op1;
    7808      389306 :         zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7809             : 
    7810      194653 :         if (IS_VAR == IS_VAR && !var_ptr) {
    7811           0 :                 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
    7812             :         }
    7813      194653 :         if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
    7814           0 :                 if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7815           0 :                         EX_T(opline->result.u.var).tmp_var = *EG(uninitialized_zval_ptr);
    7816             :                 }
    7817           0 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7818           0 :                 ZEND_VM_NEXT_OPCODE();
    7819             :         }
    7820             : 
    7821      194653 :         EX_T(opline->result.u.var).tmp_var = **var_ptr;
    7822      194653 :         zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
    7823             : 
    7824      583996 :         SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
    7825             : 
    7826      194653 :         if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
    7827           0 :            && Z_OBJ_HANDLER_PP(var_ptr, set)) {
    7828             :                 /* proxy object */
    7829           0 :                 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
    7830           0 :                 Z_ADDREF_P(val);
    7831           0 :                 increment_function(val);
    7832           0 :                 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
    7833           0 :                 zval_ptr_dtor(&val);
    7834             :         } else {
    7835      194653 :                 increment_function(*var_ptr);
    7836             :         }
    7837             : 
    7838      194653 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7839      194653 :         ZEND_VM_NEXT_OPCODE();
    7840             : }
    7841             : 
    7842           1 : static int ZEND_FASTCALL  ZEND_POST_DEC_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7843             : {
    7844           1 :         zend_op *opline = EX(opline);
    7845             :         zend_free_op free_op1;
    7846           2 :         zval **var_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7847             : 
    7848           1 :         if (IS_VAR == IS_VAR && !var_ptr) {
    7849           0 :                 zend_error_noreturn(E_ERROR, "Cannot increment/decrement overloaded objects nor string offsets");
    7850             :         }
    7851           1 :         if (IS_VAR == IS_VAR && *var_ptr == EG(error_zval_ptr)) {
    7852           0 :                 if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7853           0 :                         EX_T(opline->result.u.var).tmp_var = *EG(uninitialized_zval_ptr);
    7854             :                 }
    7855           0 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7856           0 :                 ZEND_VM_NEXT_OPCODE();
    7857             :         }
    7858             : 
    7859           1 :         EX_T(opline->result.u.var).tmp_var = **var_ptr;
    7860           1 :         zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
    7861             : 
    7862           3 :         SEPARATE_ZVAL_IF_NOT_REF(var_ptr);
    7863             : 
    7864           1 :         if(Z_TYPE_PP(var_ptr) == IS_OBJECT && Z_OBJ_HANDLER_PP(var_ptr, get)
    7865           0 :            && Z_OBJ_HANDLER_PP(var_ptr, set)) {
    7866             :                 /* proxy object */
    7867           0 :                 zval *val = Z_OBJ_HANDLER_PP(var_ptr, get)(*var_ptr TSRMLS_CC);
    7868           0 :                 Z_ADDREF_P(val);
    7869           0 :                 decrement_function(val);
    7870           0 :                 Z_OBJ_HANDLER_PP(var_ptr, set)(var_ptr, val TSRMLS_CC);
    7871           0 :                 zval_ptr_dtor(&val);
    7872             :         } else {
    7873           1 :                 decrement_function(*var_ptr);
    7874             :         }
    7875             : 
    7876           1 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7877           1 :         ZEND_VM_NEXT_OPCODE();
    7878             : }
    7879             : 
    7880       50757 : static int ZEND_FASTCALL  ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7881             : {
    7882       50757 :         zend_op *opline = EX(opline);
    7883             :         zend_free_op free_op1;
    7884      101514 :         zval *z = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7885             : 
    7886       50757 :         if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(z) == IS_OBJECT) {
    7887             :                 INIT_PZVAL(z);
    7888             :         }
    7889       50757 :         zend_print_variable(z);
    7890             : 
    7891       50757 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7892       50757 :         ZEND_VM_NEXT_OPCODE();
    7893             : }
    7894             : 
    7895       40173 : static int ZEND_FASTCALL  ZEND_PRINT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    7896             : {
    7897       40173 :         zend_op *opline = EX(opline);
    7898             : 
    7899       40173 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
    7900       40173 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG;
    7901             : 
    7902       40173 :         return ZEND_ECHO_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    7903             : }
    7904             : 
    7905         225 : static int ZEND_FASTCALL zend_fetch_var_address_helper_SPEC_VAR(int type, ZEND_OPCODE_HANDLER_ARGS)
    7906             : {
    7907         225 :         zend_op *opline = EX(opline);
    7908             :         zend_free_op free_op1;
    7909         450 :         zval *varname = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    7910             :         zval **retval;
    7911             :         zval tmp_varname;
    7912             :         HashTable *target_symbol_table;
    7913             : 
    7914         225 :         if (IS_VAR != IS_CONST && Z_TYPE_P(varname) != IS_STRING) {
    7915           0 :                 tmp_varname = *varname;
    7916           0 :                 zval_copy_ctor(&tmp_varname);
    7917           0 :                 convert_to_string(&tmp_varname);
    7918           0 :                 varname = &tmp_varname;
    7919             :         }
    7920             : 
    7921         225 :         if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    7922           1 :                 retval = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 0 TSRMLS_CC);
    7923           1 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7924             :         } else {
    7925         224 :                 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), type, varname TSRMLS_CC);
    7926             : /*
    7927             :                 if (!target_symbol_table) {
    7928             :                         ZEND_VM_NEXT_OPCODE();
    7929             :                 }
    7930             : */
    7931         224 :                 if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &retval) == FAILURE) {
    7932           6 :                         switch (type) {
    7933             :                                 case BP_VAR_R:
    7934             :                                 case BP_VAR_UNSET:
    7935           0 :                                         zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
    7936             :                                         /* break missing intentionally */
    7937             :                                 case BP_VAR_IS:
    7938           0 :                                         retval = &EG(uninitialized_zval_ptr);
    7939           0 :                                         break;
    7940             :                                 case BP_VAR_RW:
    7941           0 :                                         zend_error(E_NOTICE,"Undefined variable: %s", Z_STRVAL_P(varname));
    7942             :                                         /* break missing intentionally */
    7943             :                                 case BP_VAR_W: {
    7944           6 :                                                 zval *new_zval = &EG(uninitialized_zval);
    7945             : 
    7946           6 :                                                 Z_ADDREF_P(new_zval);
    7947           6 :                                                 zend_hash_update(target_symbol_table, varname->value.str.val, varname->value.str.len+1, &new_zval, sizeof(zval *), (void **) &retval);
    7948             :                                         }
    7949             :                                         break;
    7950             :                                 EMPTY_SWITCH_DEFAULT_CASE()
    7951             :                         }
    7952             :                 }
    7953         224 :                 switch (opline->op2.u.EA.type) {
    7954             :                         case ZEND_FETCH_GLOBAL:
    7955             :                                 if (IS_VAR != IS_TMP_VAR) {
    7956           0 :                                         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7957             :                                 }
    7958           0 :                                 break;
    7959             :                         case ZEND_FETCH_LOCAL:
    7960         223 :                                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    7961         223 :                                 break;
    7962             :                         case ZEND_FETCH_STATIC:
    7963           0 :                                 zval_update_constant(retval, (void*) 1 TSRMLS_CC);
    7964           0 :                                 break;
    7965             :                         case ZEND_FETCH_GLOBAL_LOCK:
    7966           1 :                                 if (IS_VAR == IS_VAR && !free_op1.var) {
    7967           1 :                                         PZVAL_LOCK(*EX_T(opline->op1.u.var).var.ptr_ptr);
    7968             :                                 }
    7969             :                                 break;
    7970             :                 }
    7971             :         }
    7972             : 
    7973             : 
    7974         225 :         if (IS_VAR != IS_CONST && varname == &tmp_varname) {
    7975           0 :                 zval_dtor(varname);
    7976             :         }
    7977         225 :         if (!RETURN_VALUE_UNUSED(&opline->result)) {
    7978         225 :                 if (opline->extended_value & ZEND_FETCH_MAKE_REF) {
    7979           0 :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(retval);
    7980             :                 }
    7981         225 :                 PZVAL_LOCK(*retval);
    7982         225 :                 switch (type) {
    7983             :                         case BP_VAR_R:
    7984             :                         case BP_VAR_IS:
    7985         118 :                                 AI_SET_PTR(EX_T(opline->result.u.var).var, *retval);
    7986         118 :                                 break;
    7987             :                         case BP_VAR_UNSET: {
    7988             :                                 zend_free_op free_res;
    7989             : 
    7990           0 :                                 EX_T(opline->result.u.var).var.ptr_ptr = retval;
    7991           0 :                                 PZVAL_UNLOCK(*EX_T(opline->result.u.var).var.ptr_ptr, &free_res);
    7992           0 :                                 if (EX_T(opline->result.u.var).var.ptr_ptr != &EG(uninitialized_zval_ptr)) {
    7993           0 :                                         SEPARATE_ZVAL_IF_NOT_REF(EX_T(opline->result.u.var).var.ptr_ptr);
    7994             :                                 }
    7995           0 :                                 PZVAL_LOCK(*EX_T(opline->result.u.var).var.ptr_ptr);
    7996           0 :                                 FREE_OP_VAR_PTR(free_res);
    7997           0 :                                 break;
    7998             :                         default:
    7999         107 :                                 EX_T(opline->result.u.var).var.ptr_ptr = retval;
    8000             :                                 break;
    8001             :                         }
    8002             :                 }
    8003             :         }
    8004         225 :         ZEND_VM_NEXT_OPCODE();
    8005             : }
    8006             : 
    8007         118 : static int ZEND_FASTCALL  ZEND_FETCH_R_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8008             : {
    8009         118 :         return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8010             : }
    8011             : 
    8012         107 : static int ZEND_FASTCALL  ZEND_FETCH_W_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8013             : {
    8014         107 :         return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_W, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8015             : }
    8016             : 
    8017           0 : static int ZEND_FASTCALL  ZEND_FETCH_RW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8018             : {
    8019           0 :         return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_RW, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8020             : }
    8021             : 
    8022           0 : static int ZEND_FASTCALL  ZEND_FETCH_FUNC_ARG_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8023             : {
    8024           0 :         return zend_fetch_var_address_helper_SPEC_VAR(ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), EX(opline)->extended_value)?BP_VAR_W:BP_VAR_R, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8025             : }
    8026             : 
    8027           0 : static int ZEND_FASTCALL  ZEND_FETCH_UNSET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8028             : {
    8029           0 :         return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_UNSET, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8030             : }
    8031             : 
    8032           0 : static int ZEND_FASTCALL  ZEND_FETCH_IS_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8033             : {
    8034           0 :         return zend_fetch_var_address_helper_SPEC_VAR(BP_VAR_IS, ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8035             : }
    8036             : 
    8037     2310378 : static int ZEND_FASTCALL  ZEND_JMPZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8038             : {
    8039     2310378 :         zend_op *opline = EX(opline);
    8040             :         zend_free_op free_op1;
    8041     4620756 :         zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8042             :         int ret;
    8043             : 
    8044     2310378 :         if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    8045             :                 ret = Z_LVAL_P(val);
    8046             :         } else {
    8047     2310378 :                 ret = i_zend_is_true(val);
    8048     2310378 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8049     2310378 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    8050           0 :                         ZEND_VM_CONTINUE();
    8051             :                 }
    8052             :         }
    8053     2310378 :         if (!ret) {
    8054             : #if DEBUG_ZEND>=2
    8055             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    8056             : #endif
    8057     2008229 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    8058     2008229 :                 ZEND_VM_CONTINUE();
    8059             :         }
    8060             : 
    8061      302149 :         ZEND_VM_NEXT_OPCODE();
    8062             : }
    8063             : 
    8064          88 : static int ZEND_FASTCALL  ZEND_JMPNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8065             : {
    8066          88 :         zend_op *opline = EX(opline);
    8067             :         zend_free_op free_op1;
    8068         176 :         zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8069             :         int ret;
    8070             : 
    8071          88 :         if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    8072             :                 ret = Z_LVAL_P(val);
    8073             :         } else {
    8074          88 :                 ret = i_zend_is_true(val);
    8075          88 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8076          88 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    8077           0 :                         ZEND_VM_CONTINUE();
    8078             :                 }
    8079             :         }
    8080          88 :         if (ret) {
    8081             : #if DEBUG_ZEND>=2
    8082             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    8083             : #endif
    8084          27 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    8085          27 :                 ZEND_VM_CONTINUE();
    8086             :         }
    8087             : 
    8088          61 :         ZEND_VM_NEXT_OPCODE();
    8089             : }
    8090             : 
    8091          19 : static int ZEND_FASTCALL  ZEND_JMPZNZ_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8092             : {
    8093          19 :         zend_op *opline = EX(opline);
    8094             :         zend_free_op free_op1;
    8095          38 :         zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8096             :         int retval;
    8097             : 
    8098          19 :         if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    8099             :                 retval = Z_LVAL_P(val);
    8100             :         } else {
    8101          19 :                 retval = i_zend_is_true(val);
    8102          19 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8103          19 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    8104           0 :                         ZEND_VM_CONTINUE();
    8105             :                 }
    8106             :         }
    8107          19 :         if (EXPECTED(retval != 0)) {
    8108             : #if DEBUG_ZEND>=2
    8109             :                 printf("Conditional jmp on true to %d\n", opline->extended_value);
    8110             : #endif
    8111          14 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->extended_value]);
    8112          14 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    8113             :         } else {
    8114             : #if DEBUG_ZEND>=2
    8115             :                 printf("Conditional jmp on false to %d\n", opline->op2.u.opline_num);
    8116             : #endif
    8117           5 :                 ZEND_VM_SET_OPCODE(&EX(op_array)->opcodes[opline->op2.u.opline_num]);
    8118           5 :                 ZEND_VM_CONTINUE(); /* CHECK_ME */
    8119             :         }
    8120             : }
    8121             : 
    8122       96596 : static int ZEND_FASTCALL  ZEND_JMPZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8123             : {
    8124       96596 :         zend_op *opline = EX(opline);
    8125             :         zend_free_op free_op1;
    8126      193192 :         zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8127             :         int retval;
    8128             : 
    8129       96596 :         if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    8130             :                 retval = Z_LVAL_P(val);
    8131             :         } else {
    8132       96596 :                 retval = i_zend_is_true(val);
    8133       96596 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8134       96596 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    8135           0 :                         ZEND_VM_CONTINUE();
    8136             :                 }
    8137             :         }
    8138       96596 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
    8139       96596 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    8140       96596 :         if (!retval) {
    8141             : #if DEBUG_ZEND>=2
    8142             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    8143             : #endif
    8144       91036 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    8145       91036 :                 ZEND_VM_CONTINUE();
    8146             :         }
    8147        5560 :         ZEND_VM_NEXT_OPCODE();
    8148             : }
    8149             : 
    8150       25357 : static int ZEND_FASTCALL  ZEND_JMPNZ_EX_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8151             : {
    8152       25357 :         zend_op *opline = EX(opline);
    8153             :         zend_free_op free_op1;
    8154       50714 :         zval *val = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8155             :         int retval;
    8156             : 
    8157       25357 :         if (IS_VAR == IS_TMP_VAR && Z_TYPE_P(val) == IS_BOOL) {
    8158             :                 retval = Z_LVAL_P(val);
    8159             :         } else {
    8160       25357 :                 retval = i_zend_is_true(val);
    8161       25357 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8162       25357 :                 if (UNEXPECTED(EG(exception) != NULL)) {
    8163           0 :                         ZEND_VM_CONTINUE();
    8164             :                 }
    8165             :         }
    8166       25357 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = retval;
    8167       25357 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    8168       25357 :         if (retval) {
    8169             : #if DEBUG_ZEND>=2
    8170             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    8171             : #endif
    8172       13448 :                 ZEND_VM_SET_OPCODE(opline->op2.u.jmp_addr);
    8173       13448 :                 ZEND_VM_CONTINUE();
    8174             :         }
    8175       11909 :         ZEND_VM_NEXT_OPCODE();
    8176             : }
    8177             : 
    8178      319003 : static int ZEND_FASTCALL  ZEND_RETURN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8179             : {
    8180      319003 :         zend_op *opline = EX(opline);
    8181             :         zval *retval_ptr;
    8182             :         zval **retval_ptr_ptr;
    8183             :         zend_free_op free_op1;
    8184             : 
    8185      319003 :         if (EG(active_op_array)->return_reference == ZEND_RETURN_REF) {
    8186             : 
    8187          50 :                 if (IS_VAR == IS_CONST || IS_VAR == IS_TMP_VAR) {
    8188             :                         /* Not supposed to happen, but we'll allow it */
    8189             :                         zend_error(E_NOTICE, "Only variable references should be returned by reference");
    8190             :                         goto return_by_value;
    8191             :                 }
    8192             : 
    8193         100 :                 retval_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8194             : 
    8195          50 :                 if (IS_VAR == IS_VAR && !retval_ptr_ptr) {
    8196           0 :                         zend_error_noreturn(E_ERROR, "Cannot return string offsets by reference");
    8197             :                 }
    8198             : 
    8199         100 :                 if (IS_VAR == IS_VAR && !Z_ISREF_PP(retval_ptr_ptr)) {
    8200          55 :                         if (opline->extended_value == ZEND_RETURNS_FUNCTION &&
    8201          12 :                             EX_T(opline->op1.u.var).var.fcall_returned_reference) {
    8202          35 :                         } else if (EX_T(opline->op1.u.var).var.ptr_ptr == &EX_T(opline->op1.u.var).var.ptr) {
    8203           9 :                                 if (IS_VAR == IS_VAR && !(free_op1.var != NULL)) {
    8204           5 :                                         PZVAL_LOCK(*retval_ptr_ptr); /* undo the effect of get_zval_ptr_ptr() */
    8205             :                                 }
    8206           9 :                                 zend_error(E_NOTICE, "Only variable references should be returned by reference");
    8207           9 :                                 goto return_by_value;
    8208             :                         }
    8209             :                 }
    8210             : 
    8211          41 :                 if (EG(return_value_ptr_ptr)) {
    8212         146 :                         SEPARATE_ZVAL_TO_MAKE_IS_REF(retval_ptr_ptr);
    8213          39 :                         Z_ADDREF_PP(retval_ptr_ptr);
    8214             : 
    8215          39 :                         (*EG(return_value_ptr_ptr)) = (*retval_ptr_ptr);
    8216             :                 }
    8217             :         } else {
    8218             : return_by_value:
    8219             : 
    8220      637924 :                 retval_ptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8221             : 
    8222      318962 :                 if (!EG(return_value_ptr_ptr)) {
    8223          28 :                         if (IS_VAR == IS_TMP_VAR) {
    8224             :                                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8225             :                         }
    8226             :                 } else if (!0) { /* Not a temp var */
    8227      637904 :                         if (IS_VAR == IS_CONST ||
    8228      318934 :                             EG(active_op_array)->return_reference == ZEND_RETURN_REF ||
    8229             :                             (PZVAL_IS_REF(retval_ptr) && Z_REFCOUNT_P(retval_ptr) > 0)) {
    8230             :                                 zval *ret;
    8231             : 
    8232          23 :                                 ALLOC_ZVAL(ret);
    8233          23 :                                 INIT_PZVAL_COPY(ret, retval_ptr);
    8234          23 :                                 zval_copy_ctor(ret);
    8235          23 :                                 *EG(return_value_ptr_ptr) = ret;
    8236      318911 :                         } else if ((IS_VAR == IS_CV || IS_VAR == IS_VAR) &&
    8237             :                                    retval_ptr == &EG(uninitialized_zval)) {
    8238             :                                 zval *ret;
    8239             : 
    8240          22 :                                 ALLOC_INIT_ZVAL(ret);
    8241          22 :                                 *EG(return_value_ptr_ptr) = ret;
    8242             :                         } else {
    8243      318889 :                                 *EG(return_value_ptr_ptr) = retval_ptr;
    8244             :                                 Z_ADDREF_P(retval_ptr);
    8245             :                         }
    8246             :                 } else {
    8247             :                         zval *ret;
    8248             : 
    8249             :                         ALLOC_ZVAL(ret);
    8250             :                         INIT_PZVAL_COPY(ret, retval_ptr);
    8251             :                         *EG(return_value_ptr_ptr) = ret;
    8252             :                 }
    8253             :         }
    8254      319003 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8255      319003 :         return zend_leave_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8256             : }
    8257             : 
    8258         240 : static int ZEND_FASTCALL  ZEND_THROW_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8259             : {
    8260         240 :         zend_op *opline = EX(opline);
    8261             :         zval *value;
    8262             :         zval *exception;
    8263             :         zend_free_op free_op1;
    8264             : 
    8265         480 :         value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8266             : 
    8267         240 :         if (IS_VAR == IS_CONST || Z_TYPE_P(value) != IS_OBJECT) {
    8268           0 :                 zend_error_noreturn(E_ERROR, "Can only throw objects");
    8269             :         }
    8270         240 :         zend_exception_save(TSRMLS_C);
    8271             :         /* Not sure if a complete copy is what we want here */
    8272         240 :         ALLOC_ZVAL(exception);
    8273         240 :         INIT_PZVAL_COPY(exception, value);
    8274             :         if (!0) {
    8275         240 :                 zval_copy_ctor(exception);
    8276             :         }
    8277             : 
    8278         240 :         zend_throw_exception_object(exception TSRMLS_CC);
    8279         239 :         zend_exception_restore(TSRMLS_C);
    8280         239 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8281         239 :         ZEND_VM_NEXT_OPCODE();
    8282             : }
    8283             : 
    8284           0 : static int ZEND_FASTCALL  ZEND_SEND_VAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8285             : {
    8286           0 :         zend_op *opline = EX(opline);
    8287           0 :         if (opline->extended_value==ZEND_DO_FCALL_BY_NAME
    8288           0 :                 && ARG_MUST_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    8289           0 :                         zend_error_noreturn(E_ERROR, "Cannot pass parameter %d by reference", opline->op2.u.opline_num);
    8290             :         }
    8291             :         {
    8292             :                 zval *valptr;
    8293             :                 zval *value;
    8294             :                 zend_free_op free_op1;
    8295             : 
    8296           0 :                 value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8297             : 
    8298           0 :                 ALLOC_ZVAL(valptr);
    8299           0 :                 INIT_PZVAL_COPY(valptr, value);
    8300             :                 if (!0) {
    8301           0 :                         zval_copy_ctor(valptr);
    8302             :                 }
    8303           0 :                 zend_vm_stack_push(valptr TSRMLS_CC);
    8304           0 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8305             :         }
    8306           0 :         ZEND_VM_NEXT_OPCODE();
    8307             : }
    8308             : 
    8309     4432863 : static int ZEND_FASTCALL zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS)
    8310             : {
    8311     4432863 :         zend_op *opline = EX(opline);
    8312             :         zval *varptr;
    8313             :         zend_free_op free_op1;
    8314     8865726 :         varptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8315             : 
    8316     4432863 :         if (varptr == &EG(uninitialized_zval)) {
    8317      108549 :                 ALLOC_ZVAL(varptr);
    8318      108549 :                 INIT_ZVAL(*varptr);
    8319             :                 Z_SET_REFCOUNT_P(varptr, 0);
    8320     4324314 :         } else if (PZVAL_IS_REF(varptr)) {
    8321       26704 :                 zval *original_var = varptr;
    8322             : 
    8323       26704 :                 ALLOC_ZVAL(varptr);
    8324       26704 :                 *varptr = *original_var;
    8325             :                 Z_UNSET_ISREF_P(varptr);
    8326             :                 Z_SET_REFCOUNT_P(varptr, 0);
    8327       26704 :                 zval_copy_ctor(varptr);
    8328             :         }
    8329             :         Z_ADDREF_P(varptr);
    8330     4432863 :         zend_vm_stack_push(varptr TSRMLS_CC);
    8331     4432863 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};  /* for string offsets */
    8332             : 
    8333     4432863 :         ZEND_VM_NEXT_OPCODE();
    8334             : }
    8335             : 
    8336     1319313 : static int ZEND_FASTCALL  ZEND_SEND_VAR_NO_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8337             : {
    8338     1319313 :         zend_op *opline = EX(opline);
    8339             :         zend_free_op free_op1;
    8340             :         zval *varptr;
    8341             : 
    8342     1319313 :         if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) { /* Had function_ptr at compile_time */
    8343     1136904 :                 if (!(opline->extended_value & ZEND_ARG_SEND_BY_REF)) {
    8344     1136868 :                         return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8345             :                 }
    8346      182409 :         } else if (!ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    8347      182405 :                 return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8348             :         }
    8349             : 
    8350          90 :         if (IS_VAR == IS_VAR &&
    8351          40 :                 (opline->extended_value & ZEND_ARG_SEND_FUNCTION) &&
    8352          30 :                 EX_T(opline->op1.u.var).var.fcall_returned_reference &&
    8353          10 :                 EX_T(opline->op1.u.var).var.ptr) {
    8354          10 :                 varptr = EX_T(opline->op1.u.var).var.ptr;
    8355             :                 PZVAL_UNLOCK_EX(varptr, &free_op1, 0);
    8356             :         } else {
    8357          60 :                 varptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8358             :         }
    8359         123 :         if ((!(opline->extended_value & ZEND_ARG_SEND_FUNCTION) ||
    8360          30 :              EX_T(opline->op1.u.var).var.fcall_returned_reference) &&
    8361             :             varptr != &EG(uninitialized_zval) &&
    8362             :             (PZVAL_IS_REF(varptr) ||
    8363           8 :              (Z_REFCOUNT_P(varptr) == 1 && (IS_VAR == IS_CV || free_op1.var)))) {
    8364             :                 Z_SET_ISREF_P(varptr);
    8365             :                 Z_ADDREF_P(varptr);
    8366          16 :                 zend_vm_stack_push(varptr TSRMLS_CC);
    8367             :         } else {
    8368             :                 zval *valptr;
    8369             : 
    8370          51 :                 if ((opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) ?
    8371          23 :                         !(opline->extended_value & ZEND_ARG_SEND_SILENT) :
    8372           4 :                         !ARG_MAY_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    8373          18 :                         zend_error(E_STRICT, "Only variables should be passed by reference");
    8374             :                 }
    8375          24 :                 ALLOC_ZVAL(valptr);
    8376          24 :                 INIT_PZVAL_COPY(valptr, varptr);
    8377             :                 if (!0) {
    8378          24 :                         zval_copy_ctor(valptr);
    8379             :                 }
    8380          24 :                 zend_vm_stack_push(valptr TSRMLS_CC);
    8381             :         }
    8382          40 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8383          40 :         ZEND_VM_NEXT_OPCODE();
    8384             : }
    8385             : 
    8386      766346 : static int ZEND_FASTCALL  ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8387             : {
    8388      766346 :         zend_op *opline = EX(opline);
    8389             :         zend_free_op free_op1;
    8390             :         zval **varptr_ptr;
    8391             :         zval *varptr;
    8392     1532692 :         varptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8393             : 
    8394      766346 :         if (IS_VAR == IS_VAR && !varptr_ptr) {
    8395           0 :                 zend_error_noreturn(E_ERROR, "Only variables can be passed by reference");
    8396             :         }
    8397             : 
    8398      766346 :         if (IS_VAR == IS_VAR && *varptr_ptr == EG(error_zval_ptr)) {
    8399           2 :                 ALLOC_INIT_ZVAL(varptr);
    8400           2 :                 zend_vm_stack_push(varptr TSRMLS_CC);
    8401           2 :                 ZEND_VM_NEXT_OPCODE();
    8402             :         }
    8403             : 
    8404      766394 :         if (opline->extended_value == ZEND_DO_FCALL_BY_NAME &&
    8405          50 :             EX(function_state).function->type == ZEND_INTERNAL_FUNCTION &&
    8406           0 :             !ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    8407           0 :                 return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8408             :         }
    8409             : 
    8410     4331640 :         SEPARATE_ZVAL_TO_MAKE_IS_REF(varptr_ptr);
    8411      766344 :         varptr = *varptr_ptr;
    8412             :         Z_ADDREF_P(varptr);
    8413      766344 :         zend_vm_stack_push(varptr TSRMLS_CC);
    8414             : 
    8415      766344 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8416      766344 :         ZEND_VM_NEXT_OPCODE();
    8417             : }
    8418             : 
    8419     3113640 : static int ZEND_FASTCALL  ZEND_SEND_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8420             : {
    8421     3113640 :         zend_op *opline = EX(opline);
    8422             : 
    8423     3116683 :         if ((opline->extended_value == ZEND_DO_FCALL_BY_NAME)
    8424        3043 :                 && ARG_SHOULD_BE_SENT_BY_REF(EX(fbc), opline->op2.u.opline_num)) {
    8425          50 :                 return ZEND_SEND_REF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8426             :         }
    8427     3113590 :         return zend_send_by_var_helper_SPEC_VAR(ZEND_OPCODE_HANDLER_ARGS_PASSTHRU);
    8428             : }
    8429             : 
    8430      717164 : static int ZEND_FASTCALL  ZEND_BOOL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8431             : {
    8432      717164 :         zend_op *opline = EX(opline);
    8433             :         zend_free_op free_op1;
    8434             : 
    8435             :         /* PHP 3.0 returned "" for false and 1 for true, here we use 0 and 1 for now */
    8436     1434328 :         Z_LVAL(EX_T(opline->result.u.var).tmp_var) = i_zend_is_true(_get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC));
    8437      717164 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    8438      717164 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8439             : 
    8440      717164 :         ZEND_VM_NEXT_OPCODE();
    8441             : }
    8442             : 
    8443       68061 : static int ZEND_FASTCALL  ZEND_SWITCH_FREE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8444             : {
    8445       68061 :         zend_op *opline = EX(opline);
    8446             : 
    8447       68061 :         zend_switch_free(&EX_T(opline->op1.u.var), opline->extended_value TSRMLS_CC);
    8448       68061 :         ZEND_VM_NEXT_OPCODE();
    8449             : }
    8450             : 
    8451      172815 : static int ZEND_FASTCALL  ZEND_CLONE_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8452             : {
    8453      172815 :         zend_op *opline = EX(opline);
    8454             :         zend_free_op free_op1;
    8455      345630 :         zval *obj = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8456             :         zend_class_entry *ce;
    8457             :         zend_function *clone;
    8458             :         zend_object_clone_obj_t clone_call;
    8459             : 
    8460      345630 :         if (IS_VAR == IS_CONST ||
    8461             :             (IS_VAR == IS_VAR && !obj) ||
    8462      172815 :             Z_TYPE_P(obj) != IS_OBJECT) {
    8463           0 :                 zend_error_noreturn(E_ERROR, "__clone method called on non-object");
    8464             :         }
    8465             : 
    8466      172815 :         ce = Z_OBJCE_P(obj);
    8467      172815 :         clone = ce ? ce->clone : NULL;
    8468      172815 :         clone_call =  Z_OBJ_HT_P(obj)->clone_obj;
    8469      172815 :         if (!clone_call) {
    8470           0 :                 if (ce) {
    8471           0 :                         zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object of class %s", ce->name);
    8472             :                 } else {
    8473           0 :                         zend_error_noreturn(E_ERROR, "Trying to clone an uncloneable object");
    8474             :                 }
    8475             :         }
    8476             : 
    8477      172815 :         if (ce && clone) {
    8478           1 :                 if (clone->op_array.fn_flags & ZEND_ACC_PRIVATE) {
    8479             :                         /* Ensure that if we're calling a private function, we're allowed to do so.
    8480             :                          */
    8481           0 :                         if (ce != EG(scope)) {
    8482           0 :                                 zend_error_noreturn(E_ERROR, "Call to private %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
    8483             :                         }
    8484           1 :                 } else if ((clone->common.fn_flags & ZEND_ACC_PROTECTED)) {
    8485             :                         /* Ensure that if we're calling a protected function, we're allowed to do so.
    8486             :                          */
    8487           0 :                         if (!zend_check_protected(clone->common.scope, EG(scope))) {
    8488           0 :                                 zend_error_noreturn(E_ERROR, "Call to protected %s::__clone() from context '%s'", ce->name, EG(scope) ? EG(scope)->name : "");
    8489             :                         }
    8490             :                 }
    8491             :         }
    8492             : 
    8493      172815 :         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
    8494      172815 :         if (!EG(exception)) {
    8495      172815 :                 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    8496      172815 :                 Z_OBJVAL_P(EX_T(opline->result.u.var).var.ptr) = clone_call(obj TSRMLS_CC);
    8497      172815 :                 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_OBJECT;
    8498      172815 :                 Z_SET_REFCOUNT_P(EX_T(opline->result.u.var).var.ptr, 1);
    8499      172815 :                 Z_SET_ISREF_P(EX_T(opline->result.u.var).var.ptr);
    8500      172815 :                 if (!RETURN_VALUE_USED(opline) || EG(exception)) {
    8501           1 :                         zval_ptr_dtor(&EX_T(opline->result.u.var).var.ptr);
    8502             :                 }
    8503             :         }
    8504      172815 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8505      172815 :         ZEND_VM_NEXT_OPCODE();
    8506             : }
    8507             : 
    8508        7771 : static int ZEND_FASTCALL  ZEND_CAST_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8509             : {
    8510        7771 :         zend_op *opline = EX(opline);
    8511             :         zend_free_op free_op1;
    8512       15542 :         zval *expr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8513        7771 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    8514             : 
    8515        7771 :         if (opline->extended_value != IS_STRING) {
    8516        7650 :                 *result = *expr;
    8517             :                 if (!0) {
    8518        7650 :                         zendi_zval_copy_ctor(*result);
    8519             :                 }
    8520             :         }
    8521        7771 :         switch (opline->extended_value) {
    8522             :                 case IS_NULL:
    8523           0 :                         convert_to_null(result);
    8524           0 :                         break;
    8525             :                 case IS_BOOL:
    8526          40 :                         convert_to_boolean(result);
    8527          40 :                         break;
    8528             :                 case IS_LONG:
    8529        7561 :                         convert_to_long(result);
    8530        7561 :                         break;
    8531             :                 case IS_DOUBLE:
    8532          46 :                         convert_to_double(result);
    8533          46 :                         break;
    8534             :                 case IS_STRING: {
    8535             :                         zval var_copy;
    8536             :                         int use_copy;
    8537             : 
    8538         121 :                         zend_make_printable_zval(expr, &var_copy, &use_copy);
    8539         121 :                         if (use_copy) {
    8540          22 :                                 *result = var_copy;
    8541          22 :                                 if (0) {
    8542             :                                         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8543             :                                 }
    8544             :                         } else {
    8545          99 :                                 *result = *expr;
    8546             :                                 if (!0) {
    8547          99 :                                         zendi_zval_copy_ctor(*result);
    8548             :                                 }
    8549             :                         }
    8550         121 :                         break;
    8551             :                 }
    8552             :                 case IS_ARRAY:
    8553           2 :                         convert_to_array(result);
    8554           2 :                         break;
    8555             :                 case IS_OBJECT:
    8556           1 :                         convert_to_object(result);
    8557             :                         break;
    8558             :         }
    8559        7771 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8560        7771 :         ZEND_VM_NEXT_OPCODE();
    8561             : }
    8562             : 
    8563          11 : static int ZEND_FASTCALL  ZEND_INCLUDE_OR_EVAL_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8564             : {
    8565          11 :         zend_op *opline = EX(opline);
    8566          11 :         zend_op_array *new_op_array=NULL;
    8567             :         int return_value_used;
    8568             :         zend_free_op free_op1;
    8569          22 :         zval *inc_filename = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8570          11 :         zval *tmp_inc_filename = NULL;
    8571          11 :         zend_bool failure_retval=0;
    8572             : 
    8573          11 :         if (inc_filename->type!=IS_STRING) {
    8574           0 :                 MAKE_STD_ZVAL(tmp_inc_filename);
    8575           0 :                 *tmp_inc_filename = *inc_filename;
    8576           0 :                 zval_copy_ctor(tmp_inc_filename);
    8577           0 :                 convert_to_string(tmp_inc_filename);
    8578           0 :                 inc_filename = tmp_inc_filename;
    8579             :         }
    8580             : 
    8581          11 :         return_value_used = RETURN_VALUE_USED(opline);
    8582             : 
    8583          11 :         if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
    8584           0 :                 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
    8585           0 :                         zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    8586             :                 } else {
    8587           0 :                         zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    8588             :                 }
    8589             :         } else {
    8590          11 :                 switch (Z_LVAL(opline->op2.u.constant)) {
    8591             :                         case ZEND_INCLUDE_ONCE:
    8592             :                         case ZEND_REQUIRE_ONCE: {
    8593             :                                         zend_file_handle file_handle;
    8594             :                                         char *resolved_path;
    8595             : 
    8596           0 :                                         resolved_path = zend_resolve_path(Z_STRVAL_P(inc_filename), Z_STRLEN_P(inc_filename) TSRMLS_CC);
    8597           0 :                                         if (resolved_path) {
    8598           0 :                                                 failure_retval = zend_hash_exists(&EG(included_files), resolved_path, strlen(resolved_path)+1);
    8599             :                                         } else {
    8600           0 :                                                 resolved_path = Z_STRVAL_P(inc_filename);
    8601             :                                         }
    8602             : 
    8603           0 :                                         if (failure_retval) {
    8604             :                                                 /* do nothing, file already included */
    8605           0 :                                         } else if (SUCCESS == zend_stream_open(resolved_path, &file_handle TSRMLS_CC)) {
    8606             : 
    8607           0 :                                                 if (!file_handle.opened_path) {
    8608           0 :                                                         file_handle.opened_path = estrdup(resolved_path);
    8609             :                                                 }
    8610             : 
    8611           0 :                                                 if (zend_hash_add_empty_element(&EG(included_files), file_handle.opened_path, strlen(file_handle.opened_path)+1)==SUCCESS) {
    8612           0 :                                                         new_op_array = zend_compile_file(&file_handle, (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE?ZEND_INCLUDE:ZEND_REQUIRE) TSRMLS_CC);
    8613           0 :                                                         zend_destroy_file_handle(&file_handle TSRMLS_CC);
    8614             :                                                 } else {
    8615           0 :                                                         zend_file_handle_dtor(&file_handle TSRMLS_CC);
    8616           0 :                                                         failure_retval=1;
    8617             :                                                 }
    8618             :                                         } else {
    8619           0 :                                                 if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE) {
    8620           0 :                                                         zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    8621             :                                                 } else {
    8622           0 :                                                         zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
    8623             :                                                 }
    8624             :                                         }
    8625           0 :                                         if (resolved_path != Z_STRVAL_P(inc_filename)) {
    8626           0 :                                                 efree(resolved_path);
    8627             :                                         }
    8628             :                                 }
    8629           0 :                                 break;
    8630             :                         case ZEND_INCLUDE:
    8631             :                         case ZEND_REQUIRE:
    8632           4 :                                 new_op_array = compile_filename(Z_LVAL(opline->op2.u.constant), inc_filename TSRMLS_CC);
    8633           4 :                                 break;
    8634             :                         case ZEND_EVAL: {
    8635           7 :                                         char *eval_desc = zend_make_compiled_string_description("eval()'d code" TSRMLS_CC);
    8636             : 
    8637           7 :                                         new_op_array = zend_compile_string(inc_filename, eval_desc TSRMLS_CC);
    8638           7 :                                         efree(eval_desc);
    8639             :                                 }
    8640             :                                 break;
    8641             :                         EMPTY_SWITCH_DEFAULT_CASE()
    8642             :                 }
    8643             :         }
    8644          11 :         if (tmp_inc_filename) {
    8645           0 :                 zval_ptr_dtor(&tmp_inc_filename);
    8646             :         }
    8647          11 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8648          11 :         EX_T(opline->result.u.var).var.ptr_ptr = &EX_T(opline->result.u.var).var.ptr;
    8649          11 :         if (new_op_array && !EG(exception)) {
    8650          10 :                 EX(original_return_value) = EG(return_value_ptr_ptr);
    8651          10 :                 EG(return_value_ptr_ptr) = return_value_used ? EX_T(opline->result.u.var).var.ptr_ptr : NULL;
    8652          10 :                 EG(active_op_array) = new_op_array;
    8653          10 :                 EX_T(opline->result.u.var).var.ptr = NULL;
    8654             : 
    8655          10 :                 EX(current_object) = EX(object);
    8656             : 
    8657          10 :                 EX(function_state).function = (zend_function *) new_op_array;
    8658          10 :                 EX(object) = NULL;
    8659             : 
    8660          10 :                 if (!EG(active_symbol_table)) {
    8661           0 :                         zend_rebuild_symbol_table(TSRMLS_C);
    8662             :                 }
    8663             : 
    8664          10 :                 if (zend_execute == execute) {
    8665          10 :                         EX(call_opline) = opline;
    8666          10 :                         ZEND_VM_ENTER();
    8667             :                 } else {
    8668           0 :                         zend_execute(new_op_array TSRMLS_CC);
    8669             :                 }
    8670             : 
    8671           0 :                 EX(function_state).function = (zend_function *) EX(op_array);
    8672           0 :                 EX(object) = EX(current_object);
    8673             : 
    8674           0 :                 if (return_value_used) {
    8675           0 :                         if (!EX_T(opline->result.u.var).var.ptr) { /* there was no return statement */
    8676           0 :                                 ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    8677           0 :                                 INIT_PZVAL(EX_T(opline->result.u.var).var.ptr);
    8678           0 :                                 Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = 1;
    8679           0 :                                 Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
    8680             :                         }
    8681             :                 }
    8682             : 
    8683           0 :                 EG(opline_ptr) = &EX(opline);
    8684           0 :                 EG(active_op_array) = EX(op_array);
    8685           0 :                 EG(return_value_ptr_ptr) = EX(original_return_value);
    8686           0 :                 destroy_op_array(new_op_array TSRMLS_CC);
    8687           0 :                 efree(new_op_array);
    8688           0 :                 if (EG(exception)) {
    8689           0 :                         zend_throw_exception_internal(NULL TSRMLS_CC);
    8690             :                 }
    8691             :         } else {
    8692           1 :                 if (return_value_used) {
    8693           0 :                         ALLOC_ZVAL(EX_T(opline->result.u.var).var.ptr);
    8694           0 :                         INIT_ZVAL(*EX_T(opline->result.u.var).var.ptr);
    8695           0 :                         Z_LVAL_P(EX_T(opline->result.u.var).var.ptr) = failure_retval;
    8696           0 :                         Z_TYPE_P(EX_T(opline->result.u.var).var.ptr) = IS_BOOL;
    8697             :                 }
    8698             :         }
    8699           1 :         ZEND_VM_NEXT_OPCODE();
    8700             : }
    8701             : 
    8702           1 : static int ZEND_FASTCALL  ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8703             : {
    8704           1 :         zend_op *opline = EX(opline);
    8705             :         zval tmp, *varname;
    8706             :         HashTable *target_symbol_table;
    8707             :         zend_free_op free_op1;
    8708             : 
    8709           1 :         if (IS_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
    8710             :                 if (EG(active_symbol_table)) {
    8711             :                         zend_execute_data *ex = EX(prev_execute_data);
    8712             :                         zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
    8713             : 
    8714             :                         if (zend_hash_quick_del(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value) == SUCCESS) {
    8715             :                                 while (ex && ex->symbol_table == EG(active_symbol_table)) {
    8716             :                                         int i;
    8717             : 
    8718             :                                         if (ex->op_array) {
    8719             :                                                 for (i = 0; i < ex->op_array->last_var; i++) {
    8720             :                                                         if (ex->op_array->vars[i].hash_value == cv->hash_value &&
    8721             :                                                                 ex->op_array->vars[i].name_len == cv->name_len &&
    8722             :                                                                 !memcmp(ex->op_array->vars[i].name, cv->name, cv->name_len)) {
    8723             :                                                                 ex->CVs[i] = NULL;
    8724             :                                                                 break;
    8725             :                                                         }
    8726             :                                                 }
    8727             :                                         }
    8728             :                                         ex = ex->prev_execute_data;
    8729             :                                 }
    8730             :                         }
    8731             :                         EX(CVs)[opline->op1.u.var] = NULL;
    8732             :                 } else if (EX(CVs)[opline->op1.u.var]) {
    8733             :                         zval_ptr_dtor(EX(CVs)[opline->op1.u.var]);
    8734             :                         EX(CVs)[opline->op1.u.var] = NULL;
    8735             :                 }
    8736             :                 ZEND_VM_NEXT_OPCODE();
    8737             :         }
    8738             : 
    8739           2 :         varname = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8740             : 
    8741           1 :         if (Z_TYPE_P(varname) != IS_STRING) {
    8742           0 :                 tmp = *varname;
    8743           0 :                 zval_copy_ctor(&tmp);
    8744           0 :                 convert_to_string(&tmp);
    8745           0 :                 varname = &tmp;
    8746             :         } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) {
    8747           1 :                 Z_ADDREF_P(varname);
    8748             :         }
    8749             : 
    8750           1 :         if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    8751           0 :                 zend_std_unset_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname) TSRMLS_CC);
    8752             :         } else {
    8753           1 :                 ulong hash_value = zend_inline_hash_func(varname->value.str.val, varname->value.str.len+1);
    8754             : 
    8755           1 :                 target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
    8756           1 :                 if (zend_hash_quick_del(target_symbol_table, varname->value.str.val, varname->value.str.len+1, hash_value) == SUCCESS) {
    8757           0 :                         zend_execute_data *ex = execute_data;
    8758             : 
    8759             :                         do {
    8760             :                                 int i;
    8761             : 
    8762           0 :                                 if (ex->op_array) {
    8763           0 :                                         for (i = 0; i < ex->op_array->last_var; i++) {
    8764           0 :                                                 if (ex->op_array->vars[i].hash_value == hash_value &&
    8765           0 :                                                         ex->op_array->vars[i].name_len == varname->value.str.len &&
    8766           0 :                                                         !memcmp(ex->op_array->vars[i].name, varname->value.str.val, varname->value.str.len)) {
    8767           0 :                                                         ex->CVs[i] = NULL;
    8768           0 :                                                         break;
    8769             :                                                 }
    8770             :                                         }
    8771             :                                 }
    8772           0 :                                 ex = ex->prev_execute_data;
    8773           0 :                         } while (ex && ex->symbol_table == target_symbol_table);
    8774             :                 }
    8775             :         }
    8776             : 
    8777           1 :         if (varname == &tmp) {
    8778           0 :                 zval_dtor(&tmp);
    8779             :         } else if (IS_VAR == IS_VAR || IS_VAR == IS_CV) {
    8780           1 :                 zval_ptr_dtor(&varname);
    8781             :         }
    8782           1 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8783           1 :         ZEND_VM_NEXT_OPCODE();
    8784             : }
    8785             : 
    8786        1395 : static int ZEND_FASTCALL  ZEND_FE_RESET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8787             : {
    8788        1395 :         zend_op *opline = EX(opline);
    8789             :         zend_free_op free_op1;
    8790             :         zval *array_ptr, **array_ptr_ptr;
    8791             :         HashTable *fe_ht;
    8792        1395 :         zend_object_iterator *iter = NULL;
    8793        1395 :         zend_class_entry *ce = NULL;
    8794        1395 :         zend_bool is_empty = 0;
    8795             : 
    8796        1395 :         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    8797          24 :                 array_ptr_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8798          12 :                 if (array_ptr_ptr == NULL || array_ptr_ptr == &EG(uninitialized_zval_ptr)) {
    8799           0 :                         ALLOC_INIT_ZVAL(array_ptr);
    8800          12 :                 } else if (Z_TYPE_PP(array_ptr_ptr) == IS_OBJECT) {
    8801           1 :                         if(Z_OBJ_HT_PP(array_ptr_ptr)->get_class_entry == NULL) {
    8802           0 :                                 zend_error(E_WARNING, "foreach() cannot iterate over objects without PHP class");
    8803           0 :                                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    8804             :                         }
    8805             : 
    8806           1 :                         ce = Z_OBJCE_PP(array_ptr_ptr);
    8807           1 :                         if (!ce || ce->get_iterator == NULL) {
    8808           3 :                                 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
    8809           1 :                                 Z_ADDREF_PP(array_ptr_ptr);
    8810             :                         }
    8811           1 :                         array_ptr = *array_ptr_ptr;
    8812             :                 } else {
    8813          11 :                         if (Z_TYPE_PP(array_ptr_ptr) == IS_ARRAY) {
    8814          47 :                                 SEPARATE_ZVAL_IF_NOT_REF(array_ptr_ptr);
    8815          10 :                                 if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
    8816          10 :                                         Z_SET_ISREF_PP(array_ptr_ptr);
    8817             :                                 }
    8818             :                         }
    8819          11 :                         array_ptr = *array_ptr_ptr;
    8820          11 :                         Z_ADDREF_P(array_ptr);
    8821             :                 }
    8822             :         } else {
    8823        2766 :                 array_ptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    8824        1383 :                 if (0) { /* IS_TMP_VAR */
    8825             :                         zval *tmp;
    8826             : 
    8827             :                         ALLOC_ZVAL(tmp);
    8828             :                         INIT_PZVAL_COPY(tmp, array_ptr);
    8829             :                         array_ptr = tmp;
    8830             :                         if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
    8831             :                                 ce = Z_OBJCE_P(array_ptr);
    8832             :                                 if (ce && ce->get_iterator) {
    8833             :                                         Z_DELREF_P(array_ptr);
    8834             :                                 }
    8835             :                         }
    8836        1383 :                 } else if (Z_TYPE_P(array_ptr) == IS_OBJECT) {
    8837         244 :                         ce = Z_OBJCE_P(array_ptr);
    8838         244 :                         if (!ce || !ce->get_iterator) {
    8839           4 :                                 Z_ADDREF_P(array_ptr);
    8840             :                         }
    8841        2288 :                 } else if (IS_VAR == IS_CONST ||
    8842             :                            ((IS_VAR == IS_CV || IS_VAR == IS_VAR) &&
    8843        1139 :                             !Z_ISREF_P(array_ptr) &&
    8844        1134 :                             Z_REFCOUNT_P(array_ptr) > 1)) {
    8845             :                         zval *tmp;
    8846             : 
    8847          15 :                         ALLOC_ZVAL(tmp);
    8848          15 :                         INIT_PZVAL_COPY(tmp, array_ptr);
    8849          15 :                         zval_copy_ctor(tmp);
    8850          15 :                         array_ptr = tmp;
    8851             :                 } else {
    8852        1124 :                         Z_ADDREF_P(array_ptr);
    8853             :                 }
    8854             :         }
    8855             : 
    8856        1395 :         if (ce && ce->get_iterator) {
    8857         240 :                 iter = ce->get_iterator(ce, array_ptr, opline->extended_value & ZEND_FE_RESET_REFERENCE TSRMLS_CC);
    8858             : 
    8859         476 :                 if (iter && !EG(exception)) {
    8860         236 :                         array_ptr = zend_iterator_wrap(iter TSRMLS_CC);
    8861             :                 } else {
    8862           4 :                         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    8863           0 :                                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8864             :                         } else {
    8865           4 :                                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8866             :                         }
    8867           4 :                         if (!EG(exception)) {
    8868           0 :                                 zend_throw_exception_ex(NULL, 0 TSRMLS_CC, "Object of type %s did not create an Iterator", ce->name);
    8869             :                         }
    8870           4 :                         zend_throw_exception_internal(NULL TSRMLS_CC);
    8871           4 :                         ZEND_VM_NEXT_OPCODE();
    8872             :                 }
    8873             :         }
    8874             : 
    8875        1391 :         AI_SET_PTR(EX_T(opline->result.u.var).var, array_ptr);
    8876        1391 :         PZVAL_LOCK(array_ptr);
    8877             : 
    8878        1391 :         if (iter) {
    8879         236 :                 iter->index = 0;
    8880         236 :                 if (iter->funcs->rewind) {
    8881         174 :                         iter->funcs->rewind(iter TSRMLS_CC);
    8882         174 :                         if (EG(exception)) {
    8883           1 :                                 Z_DELREF_P(array_ptr);
    8884           1 :                                 zval_ptr_dtor(&array_ptr);
    8885           1 :                                 if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    8886           0 :                                         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8887             :                                 } else {
    8888           1 :                                         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8889             :                                 }
    8890           1 :                                 ZEND_VM_NEXT_OPCODE();
    8891             :                         }
    8892             :                 }
    8893         235 :                 is_empty = iter->funcs->valid(iter TSRMLS_CC) != SUCCESS;
    8894         235 :                 if (EG(exception)) {
    8895           0 :                         Z_DELREF_P(array_ptr);
    8896           0 :                         zval_ptr_dtor(&array_ptr);
    8897           0 :                         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    8898           0 :                                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8899             :                         } else {
    8900           0 :                                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8901             :                         }
    8902           0 :                         ZEND_VM_NEXT_OPCODE();
    8903             :                 }
    8904         235 :                 iter->index = -1; /* will be set to 0 before using next handler */
    8905        1155 :         } else if ((fe_ht = HASH_OF(array_ptr)) != NULL) {
    8906        1147 :                 zend_hash_internal_pointer_reset(fe_ht);
    8907        1147 :                 if (ce) {
    8908           5 :                         zend_object *zobj = zend_objects_get_address(array_ptr TSRMLS_CC);
    8909          10 :                         while (zend_hash_has_more_elements(fe_ht) == SUCCESS) {
    8910             :                                 char *str_key;
    8911             :                                 uint str_key_len;
    8912             :                                 ulong int_key;
    8913             :                                 zend_uchar key_type;
    8914             : 
    8915           4 :                                 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
    8916           8 :                                 if (key_type != HASH_KEY_NON_EXISTANT &&
    8917             :                                         (key_type == HASH_KEY_IS_LONG ||
    8918           4 :                                      zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) == SUCCESS)) {
    8919             :                                         break;
    8920             :                                 }
    8921           0 :                                 zend_hash_move_forward(fe_ht);
    8922             :                         }
    8923             :                 }
    8924        1147 :                 is_empty = zend_hash_has_more_elements(fe_ht) != SUCCESS;
    8925        1147 :                 zend_hash_get_pointer(fe_ht, &EX_T(opline->result.u.var).fe.fe_pos);
    8926             :         } else {
    8927           8 :                 zend_error(E_WARNING, "Invalid argument supplied for foreach()");
    8928           8 :                 is_empty = 1;
    8929             :         }
    8930             : 
    8931        1390 :         if (opline->extended_value & ZEND_FE_RESET_VARIABLE) {
    8932          12 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8933             :         } else {
    8934        1378 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    8935             :         }
    8936        1390 :         if (is_empty) {
    8937          58 :                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    8938             :         } else {
    8939        1332 :                 ZEND_VM_NEXT_OPCODE();
    8940             :         }
    8941             : }
    8942             : 
    8943     2035957 : static int ZEND_FASTCALL  ZEND_FE_FETCH_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    8944             : {
    8945     2035957 :         zend_op *opline = EX(opline);
    8946             : 
    8947     2035957 :         zval *array = EX_T(opline->op1.u.var).var.ptr;
    8948             :         zval **value;
    8949             :         char *str_key;
    8950             :         uint str_key_len;
    8951             :         ulong int_key;
    8952             :         HashTable *fe_ht;
    8953     2035957 :         zend_object_iterator *iter = NULL;
    8954     2035957 :         int key_type = 0;
    8955     2035957 :         zend_bool use_key = (zend_bool)(opline->extended_value & ZEND_FE_FETCH_WITH_KEY);
    8956             : 
    8957     2035957 :         switch (zend_iterator_unwrap(array, &iter TSRMLS_CC)) {
    8958             :                 default:
    8959             :                 case ZEND_ITER_INVALID:
    8960           2 :                         zend_error(E_WARNING, "Invalid argument supplied for foreach()");
    8961           2 :                         ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    8962             : 
    8963             :                 case ZEND_ITER_PLAIN_OBJECT: {
    8964             :                         char *class_name, *prop_name;
    8965         345 :                         zend_object *zobj = zend_objects_get_address(array TSRMLS_CC);
    8966             : 
    8967         345 :                         fe_ht = HASH_OF(array);
    8968         345 :                         zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
    8969             :                         do {
    8970         410 :                                 if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) {
    8971             :                                         /* reached end of iteration */
    8972          64 :                                         ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    8973             :                                 }
    8974         346 :                                 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 0, NULL);
    8975             : 
    8976         346 :                                 zend_hash_move_forward(fe_ht);
    8977             :                         } while (key_type == HASH_KEY_NON_EXISTANT ||
    8978             :                                  (key_type != HASH_KEY_IS_LONG &&
    8979         346 :                                   zend_check_property_access(zobj, str_key, str_key_len-1 TSRMLS_CC) != SUCCESS));
    8980         281 :                         zend_hash_get_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
    8981         281 :                         if (use_key && key_type != HASH_KEY_IS_LONG) {
    8982         215 :                                 zend_unmangle_property_name(str_key, str_key_len-1, &class_name, &prop_name);
    8983         215 :                                 str_key_len = strlen(prop_name);
    8984         215 :                                 str_key = estrndup(prop_name, str_key_len);
    8985         215 :                                 str_key_len++;
    8986             :                         }
    8987         281 :                         break;
    8988             :                 }
    8989             : 
    8990             :                 case ZEND_ITER_PLAIN_ARRAY:
    8991     2029428 :                         fe_ht = HASH_OF(array);
    8992     2029428 :                         zend_hash_set_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
    8993     2029428 :                         if (zend_hash_get_current_data(fe_ht, (void **) &value)==FAILURE) {
    8994             :                                 /* reached end of iteration */
    8995       61724 :                                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    8996             :                         }
    8997     1967704 :                         if (use_key) {
    8998     1437091 :                                 key_type = zend_hash_get_current_key_ex(fe_ht, &str_key, &str_key_len, &int_key, 1, NULL);
    8999             :                         }
    9000     1967704 :                         zend_hash_move_forward(fe_ht);
    9001     1967704 :                         zend_hash_get_pointer(fe_ht, &EX_T(opline->op1.u.var).fe.fe_pos);
    9002     1967704 :                         break;
    9003             : 
    9004             :                 case ZEND_ITER_OBJECT:
    9005             :                         /* !iter happens from exception */
    9006        6182 :                         if (iter && ++iter->index > 0) {
    9007             :                                 /* This could cause an endless loop if index becomes zero again.
    9008             :                                  * In case that ever happens we need an additional flag. */
    9009        5602 :                                 iter->funcs->move_forward(iter TSRMLS_CC);
    9010        5602 :                                 if (EG(exception)) {
    9011           4 :                                         Z_DELREF_P(array);
    9012           4 :                                         zval_ptr_dtor(&array);
    9013           4 :                                         ZEND_VM_NEXT_OPCODE();
    9014             :                                 }
    9015             :                         }
    9016             :                         /* If index is zero we come from FE_RESET and checked valid() already. */
    9017        6178 :                         if (!iter || (iter->index > 0 && iter->funcs->valid(iter TSRMLS_CC) == FAILURE)) {
    9018             :                                 /* reached end of iteration */
    9019         531 :                                 if (EG(exception)) {
    9020           1 :                                         Z_DELREF_P(array);
    9021           1 :                                         zval_ptr_dtor(&array);
    9022           1 :                                         ZEND_VM_NEXT_OPCODE();
    9023             :                                 }
    9024         530 :                                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    9025             :                         }
    9026        5647 :                         iter->funcs->get_current_data(iter, &value TSRMLS_CC);
    9027        5647 :                         if (EG(exception)) {
    9028           3 :                                 Z_DELREF_P(array);
    9029           3 :                                 zval_ptr_dtor(&array);
    9030           3 :                                 ZEND_VM_NEXT_OPCODE();
    9031             :                         }
    9032        5644 :                         if (!value) {
    9033             :                                 /* failure in get_current_data */
    9034           0 :                                 ZEND_VM_JMP(EX(op_array)->opcodes+opline->op2.u.opline_num);
    9035             :                         }
    9036        5644 :                         if (use_key) {
    9037        2839 :                                 if (iter->funcs->get_current_key) {
    9038        2839 :                                         key_type = iter->funcs->get_current_key(iter, &str_key, &str_key_len, &int_key TSRMLS_CC);
    9039        2839 :                                         if (EG(exception)) {
    9040           1 :                                                 Z_DELREF_P(array);
    9041           1 :                                                 zval_ptr_dtor(&array);
    9042           1 :                                                 ZEND_VM_NEXT_OPCODE();
    9043             :                                         }
    9044             :                                 } else {
    9045           0 :                                         key_type = HASH_KEY_IS_LONG;
    9046           0 :                                         int_key = iter->index;
    9047             :                                 }
    9048             :                         }
    9049             :                         break;
    9050             :         }
    9051             : 
    9052     1973628 :         if (opline->extended_value & ZEND_FE_FETCH_BYREF) {
    9053        2844 :                 SEPARATE_ZVAL_IF_NOT_REF(value);
    9054         876 :                 Z_SET_ISREF_PP(value);
    9055         876 :                 EX_T(opline->result.u.var).var.ptr_ptr = value;
    9056         876 :                 Z_ADDREF_PP(value);
    9057             :         } else {
    9058     1972752 :                 AI_SET_PTR(EX_T(opline->result.u.var).var, *value);
    9059     1972752 :                 PZVAL_LOCK(*value);
    9060             :         }
    9061             : 
    9062     1973628 :         if (use_key) {
    9063     1440145 :                 zend_op *op_data = opline+1;
    9064     1440145 :                 zval *key = &EX_T(op_data->result.u.var).tmp_var;
    9065             : 
    9066     1440145 :                 switch (key_type) {
    9067             :                         case HASH_KEY_IS_STRING:
    9068     1433946 :                                 Z_STRVAL_P(key) = str_key;
    9069     1433946 :                                 Z_STRLEN_P(key) = str_key_len-1;
    9070     1433946 :                                 Z_TYPE_P(key) = IS_STRING;
    9071     1433946 :                                 break;
    9072             :                         case HASH_KEY_IS_LONG:
    9073        6199 :                                 Z_LVAL_P(key) = int_key;
    9074        6199 :                                 Z_TYPE_P(key) = IS_LONG;
    9075        6199 :                                 break;
    9076             :                         default:
    9077             :                         case HASH_KEY_NON_EXISTANT:
    9078           0 :                                 ZVAL_NULL(key);
    9079             :                                 break;
    9080             :                 }
    9081             :         }
    9082             : 
    9083     1973628 :         ZEND_VM_INC_OPCODE();
    9084     1973628 :         ZEND_VM_NEXT_OPCODE();
    9085             : }
    9086             : 
    9087          59 : static int ZEND_FASTCALL  ZEND_ISSET_ISEMPTY_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9088             : {
    9089          59 :         zend_op *opline = EX(opline);
    9090             :         zval **value;
    9091          59 :         zend_bool isset = 1;
    9092             : 
    9093          59 :         if (IS_VAR == IS_CV && (opline->extended_value & ZEND_QUICK_SET)) {
    9094             :                 if (EX(CVs)[opline->op1.u.var]) {
    9095             :                         value = EX(CVs)[opline->op1.u.var];
    9096             :                 } else if (EG(active_symbol_table)) {
    9097             :                         zend_compiled_variable *cv = &CV_DEF_OF(opline->op1.u.var);
    9098             : 
    9099             :                         if (zend_hash_quick_find(EG(active_symbol_table), cv->name, cv->name_len+1, cv->hash_value, (void **) &value) == FAILURE) {
    9100             :                                 isset = 0;
    9101             :                         }
    9102             :                 } else {
    9103             :                         isset = 0;
    9104             :                 }
    9105             :         } else {
    9106             :                 HashTable *target_symbol_table;
    9107             :                 zend_free_op free_op1;
    9108         118 :                 zval tmp, *varname = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    9109             : 
    9110          59 :                 if (Z_TYPE_P(varname) != IS_STRING) {
    9111           0 :                         tmp = *varname;
    9112           0 :                         zval_copy_ctor(&tmp);
    9113           0 :                         convert_to_string(&tmp);
    9114           0 :                         varname = &tmp;
    9115             :                 }
    9116             : 
    9117          59 :                 if (opline->op2.u.EA.type == ZEND_FETCH_STATIC_MEMBER) {
    9118           0 :                         value = zend_std_get_static_property(EX_T(opline->op2.u.var).class_entry, Z_STRVAL_P(varname), Z_STRLEN_P(varname), 1 TSRMLS_CC);
    9119           0 :                         if (!value) {
    9120           0 :                                 isset = 0;
    9121             :                         }
    9122             :                 } else {
    9123          59 :                         target_symbol_table = zend_get_target_symbol_table(opline, EX(Ts), BP_VAR_IS, varname TSRMLS_CC);
    9124          59 :                         if (zend_hash_find(target_symbol_table, varname->value.str.val, varname->value.str.len+1, (void **) &value) == FAILURE) {
    9125           1 :                                 isset = 0;
    9126             :                         }
    9127             :                 }
    9128             : 
    9129          59 :                 if (varname == &tmp) {
    9130           0 :                         zval_dtor(&tmp);
    9131             :                 }
    9132          59 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9133             :         }
    9134             : 
    9135          59 :         Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_BOOL;
    9136             : 
    9137          59 :         switch (opline->extended_value & ZEND_ISSET_ISEMPTY_MASK) {
    9138             :                 case ZEND_ISSET:
    9139          59 :                         if (isset && Z_TYPE_PP(value) == IS_NULL) {
    9140           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
    9141             :                         } else {
    9142          59 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = isset;
    9143             :                         }
    9144          59 :                         break;
    9145             :                 case ZEND_ISEMPTY:
    9146           0 :                         if (!isset || !i_zend_is_true(*value)) {
    9147           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 1;
    9148             :                         } else {
    9149           0 :                                 Z_LVAL(EX_T(opline->result.u.var).tmp_var) = 0;
    9150             :                         }
    9151             :                         break;
    9152             :         }
    9153             : 
    9154          59 :         ZEND_VM_NEXT_OPCODE();
    9155             : }
    9156             : 
    9157           4 : static int ZEND_FASTCALL  ZEND_EXIT_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9158             : {
    9159             : #if 0 || (IS_VAR != IS_UNUSED)
    9160           4 :         zend_op *opline = EX(opline);
    9161             :         if (IS_VAR != IS_UNUSED) {
    9162             :                 zend_free_op free_op1;
    9163           8 :                 zval *ptr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    9164             : 
    9165           4 :                 if (Z_TYPE_P(ptr) == IS_LONG) {
    9166           0 :                         EG(exit_status) = Z_LVAL_P(ptr);
    9167             :                 } else {
    9168           4 :                         zend_print_variable(ptr);
    9169             :                 }
    9170           4 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9171             :         }
    9172             : #endif
    9173           4 :         zend_bailout();
    9174           0 :         ZEND_VM_NEXT_OPCODE();
    9175             : }
    9176             : 
    9177           1 : static int ZEND_FASTCALL  ZEND_JMP_SET_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9178             : {
    9179           1 :         zend_op *opline = EX(opline);
    9180             :         zend_free_op free_op1;
    9181           2 :         zval *value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    9182             : 
    9183           1 :         if (i_zend_is_true(value)) {
    9184           1 :                 EX_T(opline->result.u.var).tmp_var = *value;
    9185           1 :                 zendi_zval_copy_ctor(EX_T(opline->result.u.var).tmp_var);
    9186           1 :                 if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9187             : #if DEBUG_ZEND>=2
    9188             :                 printf("Conditional jmp to %d\n", opline->op2.u.opline_num);
    9189             : #endif
    9190           1 :                 ZEND_VM_JMP(opline->op2.u.jmp_addr);
    9191             :         }
    9192             : 
    9193           0 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9194           0 :         ZEND_VM_NEXT_OPCODE();
    9195             : }
    9196             : 
    9197       17799 : static int ZEND_FASTCALL  ZEND_QM_ASSIGN_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9198             : {
    9199       17799 :         zend_op *opline = EX(opline);
    9200             :         zend_free_op free_op1;
    9201       35598 :         zval *value = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    9202             : 
    9203       17799 :         EX_T(opline->result.u.var).tmp_var = *value;
    9204             :         if (!0) {
    9205       17799 :                 zval_copy_ctor(&EX_T(opline->result.u.var).tmp_var);
    9206             :         }
    9207       17799 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9208       17799 :         ZEND_VM_NEXT_OPCODE();
    9209             : }
    9210             : 
    9211          12 : static int ZEND_FASTCALL  ZEND_INSTANCEOF_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9212             : {
    9213          12 :         zend_op *opline = EX(opline);
    9214             :         zend_free_op free_op1;
    9215          24 :         zval *expr = _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    9216             :         zend_bool result;
    9217             : 
    9218          22 :         if (Z_TYPE_P(expr) == IS_OBJECT && Z_OBJ_HT_P(expr)->get_class_entry) {
    9219          10 :                 result = instanceof_function(Z_OBJCE_P(expr), EX_T(opline->op2.u.var).class_entry TSRMLS_CC);
    9220             :         } else {
    9221           2 :                 result = 0;
    9222             :         }
    9223          12 :         ZVAL_BOOL(&EX_T(opline->result.u.var).tmp_var, result);
    9224          12 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9225          12 :         ZEND_VM_NEXT_OPCODE();
    9226             : }
    9227             : 
    9228         606 : static int ZEND_FASTCALL  ZEND_ADD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9229             : {
    9230         606 :         zend_op *opline = EX(opline);
    9231             :         zend_free_op free_op1;
    9232             : 
    9233        1212 :         add_function(&EX_T(opline->result.u.var).tmp_var,
    9234         606 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9235             :                 &opline->op2.u.constant TSRMLS_CC);
    9236         606 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9237             : 
    9238         606 :         ZEND_VM_NEXT_OPCODE();
    9239             : }
    9240             : 
    9241         976 : static int ZEND_FASTCALL  ZEND_SUB_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9242             : {
    9243         976 :         zend_op *opline = EX(opline);
    9244             :         zend_free_op free_op1;
    9245             : 
    9246        1952 :         sub_function(&EX_T(opline->result.u.var).tmp_var,
    9247         976 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9248             :                 &opline->op2.u.constant TSRMLS_CC);
    9249         976 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9250             : 
    9251         976 :         ZEND_VM_NEXT_OPCODE();
    9252             : }
    9253             : 
    9254          27 : static int ZEND_FASTCALL  ZEND_MUL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9255             : {
    9256          27 :         zend_op *opline = EX(opline);
    9257             :         zend_free_op free_op1;
    9258             : 
    9259          54 :         mul_function(&EX_T(opline->result.u.var).tmp_var,
    9260          27 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9261             :                 &opline->op2.u.constant TSRMLS_CC);
    9262          27 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9263             : 
    9264          27 :         ZEND_VM_NEXT_OPCODE();
    9265             : }
    9266             : 
    9267         427 : static int ZEND_FASTCALL  ZEND_DIV_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9268             : {
    9269         427 :         zend_op *opline = EX(opline);
    9270             :         zend_free_op free_op1;
    9271             : 
    9272         854 :         div_function(&EX_T(opline->result.u.var).tmp_var,
    9273         427 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9274             :                 &opline->op2.u.constant TSRMLS_CC);
    9275         427 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9276             : 
    9277         427 :         ZEND_VM_NEXT_OPCODE();
    9278             : }
    9279             : 
    9280      139891 : static int ZEND_FASTCALL  ZEND_MOD_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9281             : {
    9282      139891 :         zend_op *opline = EX(opline);
    9283             :         zend_free_op free_op1;
    9284             : 
    9285      279782 :         mod_function(&EX_T(opline->result.u.var).tmp_var,
    9286      139891 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9287             :                 &opline->op2.u.constant TSRMLS_CC);
    9288      139891 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9289             : 
    9290      139891 :         ZEND_VM_NEXT_OPCODE();
    9291             : }
    9292             : 
    9293        2888 : static int ZEND_FASTCALL  ZEND_SL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9294             : {
    9295        2888 :         zend_op *opline = EX(opline);
    9296             :         zend_free_op free_op1;
    9297             : 
    9298        5776 :         shift_left_function(&EX_T(opline->result.u.var).tmp_var,
    9299        2888 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9300             :                 &opline->op2.u.constant TSRMLS_CC);
    9301        2888 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9302             : 
    9303        2888 :         ZEND_VM_NEXT_OPCODE();
    9304             : }
    9305             : 
    9306           0 : static int ZEND_FASTCALL  ZEND_SR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9307             : {
    9308           0 :         zend_op *opline = EX(opline);
    9309             :         zend_free_op free_op1;
    9310             : 
    9311           0 :         shift_right_function(&EX_T(opline->result.u.var).tmp_var,
    9312           0 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9313             :                 &opline->op2.u.constant TSRMLS_CC);
    9314           0 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9315             : 
    9316           0 :         ZEND_VM_NEXT_OPCODE();
    9317             : }
    9318             : 
    9319       47659 : static int ZEND_FASTCALL  ZEND_CONCAT_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9320             : {
    9321       47659 :         zend_op *opline = EX(opline);
    9322             :         zend_free_op free_op1;
    9323             : 
    9324       95318 :         concat_function(&EX_T(opline->result.u.var).tmp_var,
    9325       47659 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9326             :                 &opline->op2.u.constant TSRMLS_CC);
    9327       47659 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9328             : 
    9329       47659 :         ZEND_VM_NEXT_OPCODE();
    9330             : }
    9331             : 
    9332      424771 : static int ZEND_FASTCALL  ZEND_IS_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9333             : {
    9334      424771 :         zend_op *opline = EX(opline);
    9335             :         zend_free_op free_op1;
    9336             : 
    9337      849542 :         is_identical_function(&EX_T(opline->result.u.var).tmp_var,
    9338      424771 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9339             :                 &opline->op2.u.constant TSRMLS_CC);
    9340      424771 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9341             : 
    9342      424771 :         ZEND_VM_NEXT_OPCODE();
    9343             : }
    9344             : 
    9345      510601 : static int ZEND_FASTCALL  ZEND_IS_NOT_IDENTICAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9346             : {
    9347      510601 :         zend_op *opline = EX(opline);
    9348             :         zend_free_op free_op1;
    9349      510601 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    9350             : 
    9351     1021202 :         is_identical_function(result,
    9352      510601 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9353             :                 &opline->op2.u.constant TSRMLS_CC);
    9354      510601 :         Z_LVAL_P(result) = !Z_LVAL_P(result);
    9355      510601 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9356             : 
    9357      510601 :         ZEND_VM_NEXT_OPCODE();
    9358             : }
    9359             : 
    9360     1195457 : static int ZEND_FASTCALL  ZEND_IS_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9361             : {
    9362     1195457 :         zend_op *opline = EX(opline);
    9363             :         zend_free_op free_op1;
    9364     1195457 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    9365             : 
    9366     2390914 :         compare_function(result,
    9367     1195457 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9368             :                 &opline->op2.u.constant TSRMLS_CC);
    9369     1195457 :         ZVAL_BOOL(result, (Z_LVAL_P(result) == 0));
    9370     1195457 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9371             : 
    9372     1195457 :         ZEND_VM_NEXT_OPCODE();
    9373             : }
    9374             : 
    9375       12324 : static int ZEND_FASTCALL  ZEND_IS_NOT_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9376             : {
    9377       12324 :         zend_op *opline = EX(opline);
    9378             :         zend_free_op free_op1;
    9379       12324 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    9380             : 
    9381       24648 :         compare_function(result,
    9382       12324 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9383             :                 &opline->op2.u.constant TSRMLS_CC);
    9384       12324 :         ZVAL_BOOL(result, (Z_LVAL_P(result) != 0));
    9385       12324 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9386             : 
    9387       12324 :         ZEND_VM_NEXT_OPCODE();
    9388             : }
    9389             : 
    9390       15189 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9391             : {
    9392       15189 :         zend_op *opline = EX(opline);
    9393             :         zend_free_op free_op1;
    9394       15189 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    9395             : 
    9396       30378 :         compare_function(result,
    9397       15189 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9398             :                 &opline->op2.u.constant TSRMLS_CC);
    9399       15189 :         ZVAL_BOOL(result, (Z_LVAL_P(result) < 0));
    9400       15189 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9401             : 
    9402       15189 :         ZEND_VM_NEXT_OPCODE();
    9403             : }
    9404             : 
    9405          18 : static int ZEND_FASTCALL  ZEND_IS_SMALLER_OR_EQUAL_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9406             : {
    9407          18 :         zend_op *opline = EX(opline);
    9408             :         zend_free_op free_op1;
    9409          18 :         zval *result = &EX_T(opline->result.u.var).tmp_var;
    9410             : 
    9411          36 :         compare_function(result,
    9412          18 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9413             :                 &opline->op2.u.constant TSRMLS_CC);
    9414          18 :         ZVAL_BOOL(result, (Z_LVAL_P(result) <= 0));
    9415          18 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9416             : 
    9417          18 :         ZEND_VM_NEXT_OPCODE();
    9418             : }
    9419             : 
    9420           3 : static int ZEND_FASTCALL  ZEND_BW_OR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9421             : {
    9422           3 :         zend_op *opline = EX(opline);
    9423             :         zend_free_op free_op1;
    9424             : 
    9425           6 :         bitwise_or_function(&EX_T(opline->result.u.var).tmp_var,
    9426           3 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9427             :                 &opline->op2.u.constant TSRMLS_CC);
    9428           3 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9429             : 
    9430           3 :         ZEND_VM_NEXT_OPCODE();
    9431             : }
    9432             : 
    9433         134 : static int ZEND_FASTCALL  ZEND_BW_AND_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9434             : {
    9435         134 :         zend_op *opline = EX(opline);
    9436             :         zend_free_op free_op1;
    9437             : 
    9438         268 :         bitwise_and_function(&EX_T(opline->result.u.var).tmp_var,
    9439         134 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9440             :                 &opline->op2.u.constant TSRMLS_CC);
    9441         134 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9442             : 
    9443         134 :         ZEND_VM_NEXT_OPCODE();
    9444             : }
    9445             : 
    9446           0 : static int ZEND_FASTCALL  ZEND_BW_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9447             : {
    9448           0 :         zend_op *opline = EX(opline);
    9449             :         zend_free_op free_op1;
    9450             : 
    9451           0 :         bitwise_xor_function(&EX_T(opline->result.u.var).tmp_var,
    9452           0 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9453             :                 &opline->op2.u.constant TSRMLS_CC);
    9454           0 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9455             : 
    9456           0 :         ZEND_VM_NEXT_OPCODE();
    9457             : }
    9458             : 
    9459           0 : static int ZEND_FASTCALL  ZEND_BOOL_XOR_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
    9460             : {
    9461           0 :         zend_op *opline = EX(opline);
    9462             :         zend_free_op free_op1;
    9463             : 
    9464           0 :         boolean_xor_function(&EX_T(opline->result.u.var).tmp_var,
    9465           0 :                 _get_zval_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC),
    9466             :                 &opline->op2.u.constant TSRMLS_CC);
    9467           0 :         if (free_op1.var) {zval_ptr_dtor(&free_op1.var);};
    9468             : 
    9469           0 :         ZEND_VM_NEXT_OPCODE();
    9470             : }
    9471             : 
    9472          18 : static int ZEND_FASTCALL zend_binary_assign_op_obj_helper_SPEC_VAR_CONST(int (*binary_op)(zval *result, zval *op1, zval *op2 TSRMLS_DC), ZEND_OPCODE_HANDLER_ARGS)
    9473             : {
    9474          18 :         zend_op *opline = EX(opline);
    9475          18 :         zend_op *op_data = opline+1;
    9476             :         zend_free_op free_op1, free_op_data1;
    9477          36 :         zval **object_ptr = _get_zval_ptr_ptr_var(&opline->op1, EX(Ts), &free_op1 TSRMLS_CC);
    9478             :         zval *object;
    9479          18 :         zval *property = &opline->op2.u.constant;
    9480          18 :         zval *value = get_zval_ptr(&op_data->op1, EX(Ts), &free_op_data1, BP_VAR_R);
    9481          18 :         znode *result = &opline->result;
    9482          18 :         int have_get_ptr = 0;
    9483             : 
    9484          18 :         if (IS_VAR == IS_VAR && !object_ptr) {
    9485           1 :                 zend_error_noreturn(E_ERROR, "Cannot use string offset as an object");
    9486             :         }
    9487             : 
    9488          17 :         EX_T(result->u.var).var.ptr_ptr = NULL;
    9489          17 :         make_real_object(object_ptr TSRMLS_CC);
    9490          17 :         object = *object_ptr;
    9491             : 
    9492          17 :         if (Z_TYPE_P(object) != IS_OBJECT) {
    9493           3 :                 zend_error(E_WARNING, "Attempt to assign property of non-object");
    9494             : 
    9495           3 :                 FREE_OP(free_op_data1);
    9496             : 
    9497           3 :                 if (!RETURN_VALUE_UNUSED(result)) {
    9498           0 :                         EX_T(result->u.var).var.ptr = EG(uninitialized_zval_ptr);
    9499           0 :                         EX_T(result->u.var).var.ptr_ptr = NULL;
    9500           0 :                         PZVAL_LOCK(EG(uninitialized_zval_ptr));
    9501             :                 }
    9502             :         } else {
    9503             :                 /* here we are sure we are dealing with an object */
    9504          14 :                 if (0) {
    9505             :                         MAKE_REAL_ZVAL_PTR(property);
    9506             :                 }
    9507             : 
    9508             :                 /* here property is a string */
    9509          19 :                 if (opline->extended_value == ZEND_ASSIGN_OBJ
    9510          19 :                         && Z_OBJ_HT_P(object)->get_property_ptr_ptr) {
    9511           5 :                         zval **zptr = Z_OBJ_HT_P(object)->get_property_ptr_ptr(object, property TSRMLS_CC);
    9512           5 :                         if (zptr != NULL) {                     /* NULL means no success in getting PTR */
    9513          25 :                                 SEPARATE_ZVAL_IF_NOT_REF(zptr);
    9514             : 
    9515           5 :                                 have_get_ptr = 1;
    9516           5 :                                 binary_op(*zptr, *zptr, value TSRMLS_CC);
    9517           5 :                                 if (!RETURN_VALUE_UNUSED(result)) {
    9518           0 :                                         EX_T(result->u.var).var.ptr = *zptr;
    9519           0 :                                         EX_T(result->u.var).var.ptr_ptr = NULL;
    9520           0 :                                         PZVAL_LOCK(*zptr);
    9521             :                                 }
    9522             :                         }
    9523             :                 }
    9524             : 
    9525          14 :