Coverage Report

Created: 2025-06-13 06:43

/src/php-src/Zend/zend_closures.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
   +----------------------------------------------------------------------+
3
   | Zend Engine                                                          |
4
   +----------------------------------------------------------------------+
5
   | Copyright (c) Zend Technologies Ltd. (http://www.zend.com)           |
6
   +----------------------------------------------------------------------+
7
   | This source file is subject to version 2.00 of the Zend license,     |
8
   | that is bundled with this package in the file LICENSE, and is        |
9
   | available through the world-wide-web at the following url:           |
10
   | http://www.zend.com/license/2_00.txt.                                |
11
   | If you did not receive a copy of the Zend license and are unable to  |
12
   | obtain it through the world-wide-web, please send a note to          |
13
   | license@zend.com so we can mail you a copy immediately.              |
14
   +----------------------------------------------------------------------+
15
   | Authors: Christian Seiler <chris_se@gmx.net>                         |
16
   |          Dmitry Stogov <dmitry@php.net>                              |
17
   |          Marcus Boerger <helly@php.net>                              |
18
   +----------------------------------------------------------------------+
19
*/
20
21
#include "zend.h"
22
#include "zend_API.h"
23
#include "zend_closures.h"
24
#include "zend_exceptions.h"
25
#include "zend_interfaces.h"
26
#include "zend_objects.h"
27
#include "zend_objects_API.h"
28
#include "zend_globals.h"
29
#include "zend_closures_arginfo.h"
30
31
typedef struct _zend_closure {
32
  zend_object       std;
33
  zend_function     func;
34
  zval              this_ptr;
35
  zend_class_entry *called_scope;
36
  zif_handler       orig_internal_handler;
37
} zend_closure;
38
39
/* non-static since it needs to be referenced */
40
ZEND_API zend_class_entry *zend_ce_closure;
41
static zend_object_handlers closure_handlers;
42
43
static zend_result zend_closure_get_closure(zend_object *obj, zend_class_entry **ce_ptr, zend_function **fptr_ptr, zend_object **obj_ptr, bool check_only);
44
45
ZEND_METHOD(Closure, __invoke) /* {{{ */
46
197
{
47
197
  zend_function *func = EX(func);
48
197
  zval *args;
49
197
  uint32_t num_args;
50
197
  HashTable *named_args;
51
52
591
  ZEND_PARSE_PARAMETERS_START(0, -1)
53
591
    Z_PARAM_VARIADIC_WITH_NAMED(args, num_args, named_args)
54
591
  ZEND_PARSE_PARAMETERS_END();
55
56
197
  zend_fcall_info_cache fcc = {
57
197
    .closure = Z_OBJ_P(ZEND_THIS),
58
197
  };
59
197
  zend_closure_get_closure(Z_OBJ_P(ZEND_THIS), &fcc.calling_scope, &fcc.function_handler, &fcc.object, false);
60
197
  fcc.called_scope = fcc.calling_scope;
61
197
  zend_call_known_fcc(&fcc, return_value, num_args, args, named_args);
62
63
  /* destruct the function also, then - we have allocated it in get_method */
64
197
  zend_string_release_ex(func->internal_function.function_name, 0);
65
197
  efree(func);
66
67
  /* Set the func pointer to NULL. Prior to PHP 8.3, this was only done for debug builds,
68
   * because debug builds check certain properties after the call and needed to know this
69
   * had been freed.
70
   * However, extensions can proxy zend_execute_internal, and it's a bit surprising to have
71
   * an invalid func pointer sitting on there, so this was changed in PHP 8.3.
72
   */
73
197
  execute_data->func = NULL;
74
197
}
75
/* }}} */
76
77
static bool zend_valid_closure_binding(
78
    zend_closure *closure, zval *newthis, zend_class_entry *scope) /* {{{ */
79
1.67k
{
80
1.67k
  zend_function *func = &closure->func;
81
1.67k
  bool is_fake_closure = (func->common.fn_flags & ZEND_ACC_FAKE_CLOSURE) != 0;
82
1.67k
  if (newthis) {
83
1.38k
    if (func->common.fn_flags & ZEND_ACC_STATIC) {
84
70
      zend_error(E_WARNING, "Cannot bind an instance to a static closure");
85
70
      return 0;
86
70
    }
87
88
1.31k
    if (is_fake_closure && func->common.scope &&
89
1.31k
        !instanceof_function(Z_OBJCE_P(newthis), func->common.scope)) {
90
      /* Binding incompatible $this to an internal method is not supported. */
91
13
      zend_error(E_WARNING, "Cannot bind method %s::%s() to object of class %s",
92
13
          ZSTR_VAL(func->common.scope->name),
93
13
          ZSTR_VAL(func->common.function_name),
94
13
          ZSTR_VAL(Z_OBJCE_P(newthis)->name));
95
13
      return 0;
96
13
    }
97
1.31k
  } else if (is_fake_closure && func->common.scope
98
286
      && !(func->common.fn_flags & ZEND_ACC_STATIC)) {
99
10
    zend_error(E_WARNING, "Cannot unbind $this of method");
100
10
    return 0;
101
276
  } else if (!is_fake_closure && !Z_ISUNDEF(closure->this_ptr)
102
276
      && (func->common.fn_flags & ZEND_ACC_USES_THIS)) {
103
31
    zend_error(E_WARNING, "Cannot unbind $this of closure using $this");
104
31
    return 0;
105
31
  }
106
107
1.54k
  if (scope && scope != func->common.scope && scope->type == ZEND_INTERNAL_CLASS) {
108
    /* rebinding to internal class is not allowed */
109
330
    zend_error(E_WARNING, "Cannot bind closure to scope of internal class %s",
110
330
        ZSTR_VAL(scope->name));
111
330
    return 0;
112
330
  }
113
114
1.21k
  if (is_fake_closure && scope != func->common.scope) {
115
63
    if (func->common.scope == NULL) {
116
41
      zend_error(E_WARNING, "Cannot rebind scope of closure created from function");
117
41
    } else {
118
22
      zend_error(E_WARNING, "Cannot rebind scope of closure created from method");
119
22
    }
120
63
    return 0;
121
63
  }
122
123
1.15k
  return 1;
124
1.21k
}
125
/* }}} */
126
127
/* {{{ Call closure, binding to a given object with its class as the scope */
128
ZEND_METHOD(Closure, call)
129
1.00k
{
130
1.00k
  zval *newthis, closure_result;
131
1.00k
  zend_closure *closure;
132
1.00k
  zend_fcall_info fci;
133
1.00k
  zend_fcall_info_cache fci_cache;
134
1.00k
  zend_object *newobj;
135
1.00k
  zend_class_entry *newclass;
136
137
1.00k
  fci.param_count = 0;
138
1.00k
  fci.params = NULL;
139
140
3.01k
  ZEND_PARSE_PARAMETERS_START(1, -1)
141
4.01k
    Z_PARAM_OBJECT(newthis)
142
1.00k
    Z_PARAM_VARIADIC_WITH_NAMED(fci.params, fci.param_count, fci.named_params)
143
1.00k
  ZEND_PARSE_PARAMETERS_END();
144
145
1.00k
  closure = (zend_closure *) Z_OBJ_P(ZEND_THIS);
146
147
1.00k
  newobj = Z_OBJ_P(newthis);
148
1.00k
  newclass = newobj->ce;
149
150
1.00k
  if (!zend_valid_closure_binding(closure, newthis, newclass)) {
151
321
    return;
152
321
  }
153
154
680
  fci_cache.called_scope = newclass;
155
680
  fci_cache.object = fci.object = newobj;
156
157
680
  fci.size = sizeof(fci);
158
680
  ZVAL_OBJ(&fci.function_name, &closure->std);
159
680
  ZVAL_UNDEF(&closure_result);
160
680
  fci.retval = &closure_result;
161
162
680
  if (closure->func.common.fn_flags & ZEND_ACC_GENERATOR) {
163
5
    zval new_closure;
164
5
    zend_create_closure(&new_closure, &closure->func, newclass, closure->called_scope, newthis);
165
5
    closure = (zend_closure *) Z_OBJ(new_closure);
166
5
    fci_cache.function_handler = &closure->func;
167
168
5
    zend_call_function(&fci, &fci_cache);
169
170
    /* copied upon generator creation */
171
5
    GC_DELREF(&closure->std);
172
675
  } else {
173
675
    zend_closure *fake_closure;
174
675
    zend_function *my_function;
175
176
675
    fake_closure = emalloc(sizeof(zend_closure));
177
675
    memset(&fake_closure->std, 0, sizeof(fake_closure->std));
178
675
    fake_closure->std.gc.refcount = 1;
179
675
    fake_closure->std.gc.u.type_info = GC_NULL;
180
675
    ZVAL_UNDEF(&fake_closure->this_ptr);
181
675
    fake_closure->called_scope = NULL;
182
675
    my_function = &fake_closure->func;
183
675
    if (ZEND_USER_CODE(closure->func.type)) {
184
670
      memcpy(my_function, &closure->func, sizeof(zend_op_array));
185
670
    } else {
186
5
      memcpy(my_function, &closure->func, sizeof(zend_internal_function));
187
5
    }
188
    /* use scope of passed object */
189
675
    my_function->common.scope = newclass;
190
675
    if (closure->func.type == ZEND_INTERNAL_FUNCTION) {
191
5
      my_function->internal_function.handler = closure->orig_internal_handler;
192
5
    }
193
675
    fci_cache.function_handler = my_function;
194
195
    /* Runtime cache relies on bound scope to be immutable, hence we need a separate rt cache in case scope changed */
196
675
    if (ZEND_USER_CODE(my_function->type)
197
675
     && (closure->func.common.scope != newclass
198
670
      || (closure->func.common.fn_flags & ZEND_ACC_HEAP_RT_CACHE))) {
199
670
      void *ptr;
200
201
670
      my_function->op_array.fn_flags |= ZEND_ACC_HEAP_RT_CACHE;
202
670
      ptr = emalloc(my_function->op_array.cache_size);
203
670
      ZEND_MAP_PTR_INIT(my_function->op_array.run_time_cache, ptr);
204
670
      memset(ptr, 0, my_function->op_array.cache_size);
205
670
    }
206
207
675
    zend_call_function(&fci, &fci_cache);
208
209
675
    if (ZEND_USER_CODE(my_function->type)) {
210
670
      if (fci_cache.function_handler->common.fn_flags & ZEND_ACC_HEAP_RT_CACHE) {
211
670
        efree(ZEND_MAP_PTR(my_function->op_array.run_time_cache));
212
670
      }
213
670
    }
214
675
    efree_size(fake_closure, sizeof(zend_closure));
215
675
  }
216
217
680
  if (Z_TYPE(closure_result) != IS_UNDEF) {
218
673
    if (Z_ISREF(closure_result)) {
219
11
      zend_unwrap_reference(&closure_result);
220
11
    }
221
673
    ZVAL_COPY_VALUE(return_value, &closure_result);
222
673
  }
223
680
}
224
/* }}} */
225
226
static void do_closure_bind(zval *return_value, zval *zclosure, zval *newthis, zend_object *scope_obj, zend_string *scope_str)
227
677
{
228
677
  zend_class_entry *ce, *called_scope;
229
677
  zend_closure *closure = (zend_closure *) Z_OBJ_P(zclosure);
230
231
677
  if (scope_obj) {
232
25
    ce = scope_obj->ce;
233
652
  } else if (scope_str) {
234
478
    if (zend_string_equals(scope_str, ZSTR_KNOWN(ZEND_STR_STATIC))) {
235
198
      ce = closure->func.common.scope;
236
280
    } else if ((ce = zend_lookup_class(scope_str)) == NULL) {
237
8
      zend_error(E_WARNING, "Class \"%s\" not found", ZSTR_VAL(scope_str));
238
8
      RETURN_NULL();
239
8
    }
240
478
  } else {
241
174
    ce = NULL;
242
174
  }
243
244
669
  if (!zend_valid_closure_binding(closure, newthis, ce)) {
245
194
    return;
246
194
  }
247
248
475
  if (newthis) {
249
278
    called_scope = Z_OBJCE_P(newthis);
250
278
  } else {
251
197
    called_scope = ce;
252
197
  }
253
254
475
  zend_create_closure(return_value, &closure->func, ce, called_scope, newthis);
255
475
}
256
257
/* {{{ Create a closure from another one and bind to another object and scope */
258
ZEND_METHOD(Closure, bind)
259
30
{
260
30
  zval *zclosure, *newthis;
261
30
  zend_object *scope_obj = NULL;
262
30
  zend_string *scope_str = ZSTR_KNOWN(ZEND_STR_STATIC);
263
264
90
  ZEND_PARSE_PARAMETERS_START(2, 3)
265
120
    Z_PARAM_OBJECT_OF_CLASS(zclosure, zend_ce_closure)
266
150
    Z_PARAM_OBJECT_OR_NULL(newthis)
267
30
    Z_PARAM_OPTIONAL
268
135
    Z_PARAM_OBJ_OR_STR_OR_NULL(scope_obj, scope_str)
269
135
  ZEND_PARSE_PARAMETERS_END();
270
271
30
  do_closure_bind(return_value, zclosure, newthis, scope_obj, scope_str);
272
30
}
273
274
/* {{{ Create a closure from another one and bind to another object and scope */
275
ZEND_METHOD(Closure, bindTo)
276
652
{
277
652
  zval *newthis;
278
652
  zend_object *scope_obj = NULL;
279
652
  zend_string *scope_str = ZSTR_KNOWN(ZEND_STR_STATIC);
280
281
1.95k
  ZEND_PARSE_PARAMETERS_START(1, 2)
282
2.60k
    Z_PARAM_OBJECT_OR_NULL(newthis)
283
652
    Z_PARAM_OPTIONAL
284
2.75k
    Z_PARAM_OBJ_OR_STR_OR_NULL(scope_obj, scope_str)
285
2.75k
  ZEND_PARSE_PARAMETERS_END();
286
287
647
  do_closure_bind(return_value, ZEND_THIS, newthis, scope_obj, scope_str);
288
647
}
289
290
196
static ZEND_NAMED_FUNCTION(zend_closure_call_magic) /* {{{ */ {
291
196
  zend_fcall_info fci;
292
196
  zend_fcall_info_cache fcc;
293
196
  zval params[2];
294
295
196
  memset(&fci, 0, sizeof(zend_fcall_info));
296
196
  memset(&fcc, 0, sizeof(zend_fcall_info_cache));
297
298
196
  fci.size = sizeof(zend_fcall_info);
299
196
  fci.retval = return_value;
300
301
196
  fcc.function_handler = (EX(func)->internal_function.fn_flags & ZEND_ACC_STATIC) ?
302
150
    EX(func)->internal_function.scope->__callstatic : EX(func)->internal_function.scope->__call;
303
196
  fci.named_params = NULL;
304
196
  fci.params = params;
305
196
  fci.param_count = 2;
306
196
  ZVAL_STR(&fci.params[0], EX(func)->common.function_name);
307
196
  if (EX_CALL_INFO() & ZEND_CALL_HAS_EXTRA_NAMED_PARAMS) {
308
23
    zend_string *name;
309
23
    zval *named_param_zval;
310
23
    array_init_size(&fci.params[1], ZEND_NUM_ARGS() + zend_hash_num_elements(EX(extra_named_params)));
311
    /* Avoid conversion from packed to mixed later. */
312
23
    zend_hash_real_init_mixed(Z_ARRVAL(fci.params[1]));
313
23
    zend_copy_parameters_array(ZEND_NUM_ARGS(), &fci.params[1]);
314
138
    ZEND_HASH_MAP_FOREACH_STR_KEY_VAL(EX(extra_named_params), name, named_param_zval) {
315
138
      Z_TRY_ADDREF_P(named_param_zval);
316
138
      zend_hash_add_new(Z_ARRVAL(fci.params[1]), name, named_param_zval);
317
138
    } ZEND_HASH_FOREACH_END();
318
173
  } else if (ZEND_NUM_ARGS()) {
319
107
    array_init_size(&fci.params[1], ZEND_NUM_ARGS());
320
107
    zend_copy_parameters_array(ZEND_NUM_ARGS(), &fci.params[1]);
321
107
  } else {
322
66
    ZVAL_EMPTY_ARRAY(&fci.params[1]);
323
66
  }
324
325
196
  fcc.object = fci.object = Z_OBJ_P(ZEND_THIS);
326
196
  fcc.called_scope = zend_get_called_scope(EG(current_execute_data));
327
328
196
  zend_call_function(&fci, &fcc);
329
330
196
  zval_ptr_dtor(&fci.params[1]);
331
196
}
332
/* }}} */
333
334
487
static zend_result zend_create_closure_from_callable(zval *return_value, zval *callable, char **error) /* {{{ */ {
335
487
  zend_fcall_info_cache fcc;
336
487
  zend_function *mptr;
337
487
  zval instance;
338
487
  zend_internal_function call;
339
340
487
  if (!zend_is_callable_ex(callable, NULL, 0, NULL, &fcc, error)) {
341
92
    return FAILURE;
342
92
  }
343
344
395
  mptr = fcc.function_handler;
345
395
  if (mptr->common.fn_flags & ZEND_ACC_CALL_VIA_TRAMPOLINE) {
346
    /* For Closure::fromCallable([$closure, "__invoke"]) return $closure. */
347
111
    if (fcc.object && fcc.object->ce == zend_ce_closure
348
111
        && zend_string_equals(mptr->common.function_name, ZSTR_KNOWN(ZEND_STR_MAGIC_INVOKE))) {
349
41
      RETVAL_OBJ_COPY(fcc.object);
350
41
      zend_free_trampoline(mptr);
351
41
      return SUCCESS;
352
41
    }
353
354
70
    if (!mptr->common.scope) {
355
0
      return FAILURE;
356
0
    }
357
70
    if (mptr->common.fn_flags & ZEND_ACC_STATIC) {
358
5
      if (!mptr->common.scope->__callstatic) {
359
0
        return FAILURE;
360
0
      }
361
65
    } else {
362
65
      if (!mptr->common.scope->__call) {
363
0
        return FAILURE;
364
0
      }
365
65
    }
366
367
70
    memset(&call, 0, sizeof(zend_internal_function));
368
70
    call.type = ZEND_INTERNAL_FUNCTION;
369
70
    call.fn_flags = mptr->common.fn_flags & (ZEND_ACC_STATIC | ZEND_ACC_DEPRECATED);
370
70
    call.handler = zend_closure_call_magic;
371
70
    call.function_name = mptr->common.function_name;
372
70
    call.scope = mptr->common.scope;
373
70
    call.doc_comment = NULL;
374
70
    call.attributes = mptr->common.attributes;
375
376
70
    zend_free_trampoline(mptr);
377
70
    mptr = (zend_function *) &call;
378
70
  }
379
380
354
  if (fcc.object) {
381
177
    ZVAL_OBJ(&instance, fcc.object);
382
177
    zend_create_fake_closure(return_value, mptr, mptr->common.scope, fcc.called_scope, &instance);
383
177
  } else {
384
177
    zend_create_fake_closure(return_value, mptr, mptr->common.scope, fcc.called_scope, NULL);
385
177
  }
386
387
354
  if (&mptr->internal_function == &call) {
388
70
    zend_string_release(mptr->common.function_name);
389
70
  }
390
391
354
  return SUCCESS;
392
395
}
393
/* }}} */
394
395
/* {{{ Create a closure from a callable using the current scope. */
396
ZEND_METHOD(Closure, fromCallable)
397
492
{
398
492
  zval *callable;
399
492
  char *error = NULL;
400
401
1.47k
  ZEND_PARSE_PARAMETERS_START(1, 1)
402
1.96k
    Z_PARAM_ZVAL(callable)
403
1.96k
  ZEND_PARSE_PARAMETERS_END();
404
405
492
  if (Z_TYPE_P(callable) == IS_OBJECT && instanceof_function(Z_OBJCE_P(callable), zend_ce_closure)) {
406
    /* It's already a closure */
407
5
    RETURN_COPY(callable);
408
5
  }
409
410
487
  if (zend_create_closure_from_callable(return_value, callable, &error) == FAILURE) {
411
92
    if (error) {
412
92
      zend_type_error("Failed to create closure from callable: %s", error);
413
92
      efree(error);
414
92
    } else {
415
0
      zend_type_error("Failed to create closure from callable");
416
0
    }
417
92
  }
418
487
}
419
/* }}} */
420
421
static ZEND_COLD zend_function *zend_closure_get_constructor(zend_object *object) /* {{{ */
422
10
{
423
10
  zend_throw_error(NULL, "Instantiation of class Closure is not allowed");
424
10
  return NULL;
425
10
}
426
/* }}} */
427
428
/* int return due to Object Handler API */
429
static int zend_closure_compare(zval *o1, zval *o2) /* {{{ */
430
137
{
431
137
  ZEND_COMPARE_OBJECTS_FALLBACK(o1, o2);
432
433
137
  zend_closure *lhs = (zend_closure*) Z_OBJ_P(o1);
434
137
  zend_closure *rhs = (zend_closure*) Z_OBJ_P(o2);
435
436
137
  if (!((lhs->func.common.fn_flags & ZEND_ACC_FAKE_CLOSURE) && (rhs->func.common.fn_flags & ZEND_ACC_FAKE_CLOSURE))) {
437
0
    return ZEND_UNCOMPARABLE;
438
0
  }
439
440
137
  if (Z_TYPE(lhs->this_ptr) != Z_TYPE(rhs->this_ptr)) {
441
3
    return ZEND_UNCOMPARABLE;
442
3
  }
443
444
134
  if (Z_TYPE(lhs->this_ptr) == IS_OBJECT && Z_OBJ(lhs->this_ptr) != Z_OBJ(rhs->this_ptr)) {
445
31
    return ZEND_UNCOMPARABLE;
446
31
  }
447
448
103
  if (lhs->called_scope != rhs->called_scope) {
449
12
    return ZEND_UNCOMPARABLE;
450
12
  }
451
452
91
  if (lhs->func.type != rhs->func.type) {
453
0
    return ZEND_UNCOMPARABLE;
454
0
  }
455
456
91
  if (lhs->func.common.scope != rhs->func.common.scope) {
457
0
    return ZEND_UNCOMPARABLE;
458
0
  }
459
460
91
  if (!zend_string_equals(lhs->func.common.function_name, rhs->func.common.function_name)) {
461
44
    return ZEND_UNCOMPARABLE;
462
44
  }
463
464
47
  return 0;
465
91
}
466
/* }}} */
467
468
ZEND_API zend_function *zend_get_closure_invoke_method(zend_object *object) /* {{{ */
469
382
{
470
382
  zend_closure *closure = (zend_closure *)object;
471
382
  zend_function *invoke = (zend_function*)emalloc(sizeof(zend_function));
472
382
  const uint32_t keep_flags =
473
382
    ZEND_ACC_RETURN_REFERENCE | ZEND_ACC_VARIADIC | ZEND_ACC_HAS_RETURN_TYPE | ZEND_ACC_DEPRECATED;
474
475
382
  invoke->common = closure->func.common;
476
  /* We return ZEND_INTERNAL_FUNCTION, but arg_info representation is the
477
   * same as for ZEND_USER_FUNCTION (uses zend_string* instead of char*).
478
   * This is not a problem, because ZEND_ACC_HAS_TYPE_HINTS is never set,
479
   * and we won't check arguments on internal function. We also set
480
   * ZEND_ACC_USER_ARG_INFO flag to prevent invalid usage by Reflection */
481
382
  invoke->type = ZEND_INTERNAL_FUNCTION;
482
382
  invoke->internal_function.fn_flags =
483
382
    ZEND_ACC_PUBLIC | ZEND_ACC_CALL_VIA_HANDLER | (closure->func.common.fn_flags & keep_flags);
484
382
  if (closure->func.type != ZEND_INTERNAL_FUNCTION || (closure->func.common.fn_flags & ZEND_ACC_USER_ARG_INFO)) {
485
290
    invoke->internal_function.fn_flags |=
486
290
      ZEND_ACC_USER_ARG_INFO;
487
290
  }
488
382
  invoke->internal_function.handler = ZEND_MN(Closure___invoke);
489
382
  invoke->internal_function.doc_comment = NULL;
490
382
  invoke->internal_function.module = 0;
491
382
  invoke->internal_function.scope = zend_ce_closure;
492
382
  invoke->internal_function.function_name = ZSTR_KNOWN(ZEND_STR_MAGIC_INVOKE);
493
382
  return invoke;
494
382
}
495
/* }}} */
496
497
ZEND_API const zend_function *zend_get_closure_method_def(zend_object *obj) /* {{{ */
498
485
{
499
485
  zend_closure *closure = (zend_closure *) obj;
500
485
  return &closure->func;
501
485
}
502
/* }}} */
503
504
ZEND_API zval* zend_get_closure_this_ptr(zval *obj) /* {{{ */
505
7
{
506
7
  zend_closure *closure = (zend_closure *)Z_OBJ_P(obj);
507
7
  return &closure->this_ptr;
508
7
}
509
/* }}} */
510
511
static zend_function *zend_closure_get_method(zend_object **object, zend_string *method, const zval *key) /* {{{ */
512
1.63k
{
513
1.63k
  if (zend_string_equals_literal_ci(method, ZEND_INVOKE_FUNC_NAME)) {
514
357
    return zend_get_closure_invoke_method(*object);
515
357
  }
516
517
1.28k
  return zend_std_get_method(object, method, key);
518
1.63k
}
519
/* }}} */
520
521
static void zend_closure_free_storage(zend_object *object) /* {{{ */
522
13.4k
{
523
13.4k
  zend_closure *closure = (zend_closure *)object;
524
525
13.4k
  zend_object_std_dtor(&closure->std);
526
527
13.4k
  if (closure->func.type == ZEND_USER_FUNCTION) {
528
    /* We don't own the static variables of fake closures. */
529
12.9k
    if (!(closure->func.op_array.fn_flags & ZEND_ACC_FAKE_CLOSURE)) {
530
12.4k
      zend_destroy_static_vars(&closure->func.op_array);
531
12.4k
    }
532
12.9k
    destroy_op_array(&closure->func.op_array);
533
12.9k
  } else if (closure->func.type == ZEND_INTERNAL_FUNCTION) {
534
509
    zend_string_release(closure->func.common.function_name);
535
509
  }
536
537
13.4k
  if (Z_TYPE(closure->this_ptr) != IS_UNDEF) {
538
2.86k
    zval_ptr_dtor(&closure->this_ptr);
539
2.86k
  }
540
13.4k
}
541
/* }}} */
542
543
static zend_object *zend_closure_new(zend_class_entry *class_type) /* {{{ */
544
13.4k
{
545
13.4k
  zend_closure *closure;
546
547
13.4k
  closure = emalloc(sizeof(zend_closure));
548
13.4k
  memset(closure, 0, sizeof(zend_closure));
549
550
13.4k
  zend_object_std_init(&closure->std, class_type);
551
552
13.4k
  return (zend_object*)closure;
553
13.4k
}
554
/* }}} */
555
556
static zend_object *zend_closure_clone(zend_object *zobject) /* {{{ */
557
14
{
558
14
  zend_closure *closure = (zend_closure *)zobject;
559
14
  zval result;
560
561
14
  zend_create_closure(&result, &closure->func,
562
14
    closure->func.common.scope, closure->called_scope, &closure->this_ptr);
563
14
  return Z_OBJ(result);
564
14
}
565
/* }}} */
566
567
static zend_result zend_closure_get_closure(zend_object *obj, zend_class_entry **ce_ptr, zend_function **fptr_ptr, zend_object **obj_ptr, bool check_only) /* {{{ */
568
20.0k
{
569
20.0k
  zend_closure *closure = (zend_closure*)obj;
570
571
20.0k
  *fptr_ptr = &closure->func;
572
20.0k
  *ce_ptr = closure->called_scope;
573
574
20.0k
  if (Z_TYPE(closure->this_ptr) != IS_UNDEF) {
575
1.53k
    *obj_ptr = Z_OBJ(closure->this_ptr);
576
18.4k
  } else {
577
18.4k
    *obj_ptr = NULL;
578
18.4k
  }
579
580
20.0k
  return SUCCESS;
581
20.0k
}
582
/* }}} */
583
584
/* *is_temp is int due to Object Handler API */
585
static HashTable *zend_closure_get_debug_info(zend_object *object, int *is_temp) /* {{{ */
586
1.01k
{
587
1.01k
  zend_closure *closure = (zend_closure *)object;
588
1.01k
  zval val;
589
1.01k
  struct _zend_arg_info *arg_info = closure->func.common.arg_info;
590
1.01k
  HashTable *debug_info;
591
1.01k
  bool zstr_args = (closure->func.type == ZEND_USER_FUNCTION) || (closure->func.common.fn_flags & ZEND_ACC_USER_ARG_INFO);
592
593
1.01k
  *is_temp = 1;
594
595
1.01k
  debug_info = zend_new_array(8);
596
597
1.01k
  if (closure->func.op_array.fn_flags & ZEND_ACC_FAKE_CLOSURE) {
598
167
    if (closure->func.common.scope) {
599
32
      zend_string *class_name = closure->func.common.scope->name;
600
32
      zend_string *func_name = closure->func.common.function_name;
601
32
      zend_string *combined = zend_string_concat3(
602
32
        ZSTR_VAL(class_name), ZSTR_LEN(class_name),
603
32
        "::", strlen("::"),
604
32
        ZSTR_VAL(func_name), ZSTR_LEN(func_name)
605
32
      );
606
32
      ZVAL_STR(&val, combined);
607
135
    } else {
608
135
      ZVAL_STR_COPY(&val, closure->func.common.function_name);
609
135
    }
610
167
    zend_hash_update(debug_info, ZSTR_KNOWN(ZEND_STR_FUNCTION), &val);
611
843
  } else {
612
843
    ZVAL_STR_COPY(&val, closure->func.common.function_name);
613
843
    zend_hash_update(debug_info, ZSTR_KNOWN(ZEND_STR_NAME), &val);
614
615
843
    ZVAL_STR_COPY(&val, closure->func.op_array.filename);
616
843
    zend_hash_update(debug_info, ZSTR_KNOWN(ZEND_STR_FILE), &val);
617
618
843
    ZVAL_LONG(&val, closure->func.op_array.line_start);
619
843
    zend_hash_update(debug_info, ZSTR_KNOWN(ZEND_STR_LINE), &val);
620
843
  }
621
622
1.01k
  if (closure->func.type == ZEND_USER_FUNCTION && closure->func.op_array.static_variables) {
623
124
    zval *var;
624
124
    zend_string *key;
625
124
    HashTable *static_variables = ZEND_MAP_PTR_GET(closure->func.op_array.static_variables_ptr);
626
627
124
    array_init(&val);
628
629
541
    ZEND_HASH_MAP_FOREACH_STR_KEY_VAL(static_variables, key, var) {
630
541
      zval copy;
631
632
541
      if (Z_ISREF_P(var) && Z_REFCOUNT_P(var) == 1) {
633
25
        var = Z_REFVAL_P(var);
634
25
      }
635
541
      ZVAL_COPY(&copy, var);
636
637
541
      zend_hash_add_new(Z_ARRVAL(val), key, &copy);
638
541
    } ZEND_HASH_FOREACH_END();
639
640
124
    if (zend_hash_num_elements(Z_ARRVAL(val))) {
641
102
      zend_hash_update(debug_info, ZSTR_KNOWN(ZEND_STR_STATIC), &val);
642
102
    } else {
643
22
      zval_ptr_dtor(&val);
644
22
    }
645
124
  }
646
647
1.01k
  if (Z_TYPE(closure->this_ptr) != IS_UNDEF) {
648
607
    Z_ADDREF(closure->this_ptr);
649
607
    zend_hash_update(debug_info, ZSTR_KNOWN(ZEND_STR_THIS), &closure->this_ptr);
650
607
  }
651
652
1.01k
  if (arg_info &&
653
1.01k
    (closure->func.common.num_args ||
654
157
     (closure->func.common.fn_flags & ZEND_ACC_VARIADIC))) {
655
152
    uint32_t i, num_args, required = closure->func.common.required_num_args;
656
657
152
    array_init(&val);
658
659
152
    num_args = closure->func.common.num_args;
660
152
    if (closure->func.common.fn_flags & ZEND_ACC_VARIADIC) {
661
17
      num_args++;
662
17
    }
663
321
    for (i = 0; i < num_args; i++) {
664
169
      zend_string *name;
665
169
      zval info;
666
169
      ZEND_ASSERT(arg_info->name && "Argument should have name");
667
169
      if (zstr_args) {
668
62
        name = zend_strpprintf(0, "%s$%s",
669
62
            ZEND_ARG_SEND_MODE(arg_info) ? "&" : "",
670
62
            ZSTR_VAL(arg_info->name));
671
107
      } else {
672
107
        name = zend_strpprintf(0, "%s$%s",
673
107
            ZEND_ARG_SEND_MODE(arg_info) ? "&" : "",
674
107
            ((zend_internal_arg_info*)arg_info)->name);
675
107
      }
676
169
      ZVAL_NEW_STR(&info, zend_strpprintf(0, "%s", i >= required ? "<optional>" : "<required>"));
677
169
      zend_hash_update(Z_ARRVAL(val), name, &info);
678
169
      zend_string_release_ex(name, 0);
679
169
      arg_info++;
680
169
    }
681
152
    zend_hash_str_update(debug_info, "parameter", sizeof("parameter")-1, &val);
682
152
  }
683
684
1.01k
  return debug_info;
685
1.01k
}
686
/* }}} */
687
688
static HashTable *zend_closure_get_gc(zend_object *obj, zval **table, int *n) /* {{{ */
689
15.4k
{
690
15.4k
  zend_closure *closure = (zend_closure *)obj;
691
692
15.4k
  *table = Z_TYPE(closure->this_ptr) != IS_NULL ? &closure->this_ptr : NULL;
693
15.4k
  *n = Z_TYPE(closure->this_ptr) != IS_NULL ? 1 : 0;
694
  /* Fake closures don't own the static variables they reference. */
695
15.4k
  return (closure->func.type == ZEND_USER_FUNCTION
696
15.4k
      && !(closure->func.op_array.fn_flags & ZEND_ACC_FAKE_CLOSURE)) ?
697
14.6k
    ZEND_MAP_PTR_GET(closure->func.op_array.static_variables_ptr) : NULL;
698
15.4k
}
699
/* }}} */
700
701
/* {{{ Private constructor preventing instantiation */
702
ZEND_COLD ZEND_METHOD(Closure, __construct)
703
0
{
704
0
  zend_throw_error(NULL, "Instantiation of class Closure is not allowed");
705
0
}
706
/* }}} */
707
708
void zend_register_closure_ce(void) /* {{{ */
709
16
{
710
16
  zend_ce_closure = register_class_Closure();
711
16
  zend_ce_closure->create_object = zend_closure_new;
712
16
  zend_ce_closure->default_object_handlers = &closure_handlers;
713
714
16
  memcpy(&closure_handlers, &std_object_handlers, sizeof(zend_object_handlers));
715
16
  closure_handlers.free_obj = zend_closure_free_storage;
716
16
  closure_handlers.get_constructor = zend_closure_get_constructor;
717
16
  closure_handlers.get_method = zend_closure_get_method;
718
16
  closure_handlers.compare = zend_closure_compare;
719
16
  closure_handlers.clone_obj = zend_closure_clone;
720
16
  closure_handlers.get_debug_info = zend_closure_get_debug_info;
721
16
  closure_handlers.get_closure = zend_closure_get_closure;
722
16
  closure_handlers.get_gc = zend_closure_get_gc;
723
16
}
724
/* }}} */
725
726
static ZEND_NAMED_FUNCTION(zend_closure_internal_handler) /* {{{ */
727
333
{
728
333
  zend_closure *closure = (zend_closure*)ZEND_CLOSURE_OBJECT(EX(func));
729
333
  closure->orig_internal_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
730
  // Assign to EX(this) so that it is released after observer checks etc.
731
333
  ZEND_ADD_CALL_FLAG(execute_data, ZEND_CALL_RELEASE_THIS);
732
333
  Z_OBJ(EX(This)) = &closure->std;
733
333
}
734
/* }}} */
735
736
static void zend_create_closure_ex(zval *res, zend_function *func, zend_class_entry *scope, zend_class_entry *called_scope, zval *this_ptr, bool is_fake) /* {{{ */
737
13.4k
{
738
13.4k
  zend_closure *closure;
739
13.4k
  void *ptr;
740
741
13.4k
  object_init_ex(res, zend_ce_closure);
742
743
13.4k
  closure = (zend_closure *)Z_OBJ_P(res);
744
745
13.4k
  if ((scope == NULL) && this_ptr && (Z_TYPE_P(this_ptr) != IS_UNDEF)) {
746
    /* use dummy scope if we're binding an object without specifying a scope */
747
    /* maybe it would be better to create one for this purpose */
748
110
    scope = zend_ce_closure;
749
110
  }
750
751
13.4k
  if (func->type == ZEND_USER_FUNCTION) {
752
12.9k
    memcpy(&closure->func, func, sizeof(zend_op_array));
753
12.9k
    closure->func.common.fn_flags |= ZEND_ACC_CLOSURE;
754
12.9k
    closure->func.common.fn_flags &= ~ZEND_ACC_IMMUTABLE;
755
756
12.9k
    zend_string_addref(closure->func.op_array.function_name);
757
12.9k
    if (closure->func.op_array.refcount) {
758
179
      (*closure->func.op_array.refcount)++;
759
179
    }
760
761
    /* For fake closures, we want to reuse the static variables of the original function. */
762
12.9k
    HashTable *ht = ZEND_MAP_PTR_GET(func->op_array.static_variables_ptr);
763
12.9k
    if (!is_fake) {
764
12.4k
      if (!ht) {
765
12.3k
        ht = closure->func.op_array.static_variables;
766
12.3k
      }
767
12.4k
      ZEND_MAP_PTR_INIT(closure->func.op_array.static_variables_ptr,
768
12.4k
        ht ? zend_array_dup(ht) : NULL);
769
12.4k
    } else if (func->op_array.static_variables) {
770
69
      if (!ht) {
771
30
        ht = zend_array_dup(func->op_array.static_variables);
772
30
        ZEND_MAP_PTR_SET(func->op_array.static_variables_ptr, ht);
773
30
      }
774
69
      ZEND_MAP_PTR_INIT(closure->func.op_array.static_variables_ptr, ht);
775
69
    }
776
777
    /* Runtime cache is scope-dependent, so we cannot reuse it if the scope changed */
778
12.9k
    ptr = ZEND_MAP_PTR_GET(func->op_array.run_time_cache);
779
12.9k
    if (!ptr
780
12.9k
      || func->common.scope != scope
781
12.9k
      || (func->common.fn_flags & ZEND_ACC_HEAP_RT_CACHE)
782
12.9k
    ) {
783
11.2k
      if (!ptr
784
11.2k
       && (func->common.fn_flags & ZEND_ACC_CLOSURE)
785
11.2k
       && (func->common.scope == scope ||
786
10.6k
           !(func->common.fn_flags & ZEND_ACC_IMMUTABLE))) {
787
        /* If a real closure is used for the first time, we create a shared runtime cache
788
         * and remember which scope it is for. */
789
8.13k
        if (func->common.scope != scope) {
790
0
          func->common.scope = scope;
791
0
        }
792
8.13k
        ptr = zend_arena_alloc(&CG(arena), func->op_array.cache_size);
793
8.13k
        ZEND_MAP_PTR_SET(func->op_array.run_time_cache, ptr);
794
8.13k
        closure->func.op_array.fn_flags &= ~ZEND_ACC_HEAP_RT_CACHE;
795
8.13k
      } else {
796
        /* Otherwise, we use a non-shared runtime cache */
797
3.09k
        ptr = emalloc(func->op_array.cache_size);
798
3.09k
        closure->func.op_array.fn_flags |= ZEND_ACC_HEAP_RT_CACHE;
799
3.09k
      }
800
11.2k
      memset(ptr, 0, func->op_array.cache_size);
801
11.2k
    }
802
12.9k
    ZEND_MAP_PTR_INIT(closure->func.op_array.run_time_cache, ptr);
803
12.9k
  } else {
804
509
    memcpy(&closure->func, func, sizeof(zend_internal_function));
805
509
    closure->func.common.fn_flags |= ZEND_ACC_CLOSURE;
806
    /* wrap internal function handler to avoid memory leak */
807
509
    if (UNEXPECTED(closure->func.internal_function.handler == zend_closure_internal_handler)) {
808
      /* avoid infinity recursion, by taking handler from nested closure */
809
56
      zend_closure *nested = (zend_closure*)((char*)func - XtOffsetOf(zend_closure, func));
810
56
      ZEND_ASSERT(nested->std.ce == zend_ce_closure);
811
56
      closure->orig_internal_handler = nested->orig_internal_handler;
812
453
    } else {
813
453
      closure->orig_internal_handler = closure->func.internal_function.handler;
814
453
    }
815
509
    closure->func.internal_function.handler = zend_closure_internal_handler;
816
509
    zend_string_addref(closure->func.op_array.function_name);
817
509
    if (!func->common.scope) {
818
      /* if it's a free function, we won't set scope & this since they're meaningless */
819
281
      this_ptr = NULL;
820
281
      scope = NULL;
821
281
    }
822
509
  }
823
824
13.4k
  ZVAL_UNDEF(&closure->this_ptr);
825
  /* Invariant:
826
   * If the closure is unscoped or static, it has no bound object. */
827
13.4k
  closure->func.common.scope = scope;
828
13.4k
  closure->called_scope = called_scope;
829
13.4k
  if (scope) {
830
3.37k
    closure->func.common.fn_flags |= ZEND_ACC_PUBLIC;
831
3.37k
    if (this_ptr && Z_TYPE_P(this_ptr) == IS_OBJECT && (closure->func.common.fn_flags & ZEND_ACC_STATIC) == 0) {
832
2.86k
      ZVAL_OBJ_COPY(&closure->this_ptr, Z_OBJ_P(this_ptr));
833
2.86k
    }
834
3.37k
  }
835
13.4k
}
836
/* }}} */
837
838
ZEND_API void zend_create_closure(zval *res, zend_function *func, zend_class_entry *scope, zend_class_entry *called_scope, zval *this_ptr)
839
12.5k
{
840
12.5k
  zend_create_closure_ex(res, func, scope, called_scope, this_ptr,
841
12.5k
    /* is_fake */ (func->common.fn_flags & ZEND_ACC_FAKE_CLOSURE) != 0);
842
12.5k
}
843
844
ZEND_API void zend_create_fake_closure(zval *res, zend_function *func, zend_class_entry *scope, zend_class_entry *called_scope, zval *this_ptr) /* {{{ */
845
948
{
846
948
  zend_closure *closure;
847
848
948
  zend_create_closure_ex(res, func, scope, called_scope, this_ptr, /* is_fake */ true);
849
850
948
  closure = (zend_closure *)Z_OBJ_P(res);
851
948
  closure->func.common.fn_flags |= ZEND_ACC_FAKE_CLOSURE;
852
948
}
853
/* }}} */
854
855
/* __call and __callStatic name the arguments "$arguments" in the docs. */
856
static zend_internal_arg_info trampoline_arg_info[] = {ZEND_ARG_VARIADIC_TYPE_INFO(false, arguments, IS_MIXED, false)};
857
858
402
void zend_closure_from_frame(zval *return_value, zend_execute_data *call) { /* {{{ */
859
402
  zval instance;
860
402
  zend_internal_function trampoline;
861
402
  zend_function *mptr = call->func;
862
863
402
  if (ZEND_CALL_INFO(call) & ZEND_CALL_CLOSURE) {
864
5
    RETURN_OBJ(ZEND_CLOSURE_OBJECT(mptr));
865
5
  }
866
867
397
  if (mptr->common.fn_flags & ZEND_ACC_CALL_VIA_TRAMPOLINE) {
868
115
    if ((ZEND_CALL_INFO(call) & ZEND_CALL_HAS_THIS) &&
869
115
      (Z_OBJCE(call->This) == zend_ce_closure)
870
115
      && zend_string_equals(mptr->common.function_name, ZSTR_KNOWN(ZEND_STR_MAGIC_INVOKE))) {
871
10
          zend_free_trampoline(mptr);
872
10
          RETURN_OBJ_COPY(Z_OBJ(call->This));
873
10
      }
874
875
105
    memset(&trampoline, 0, sizeof(zend_internal_function));
876
105
    trampoline.type = ZEND_INTERNAL_FUNCTION;
877
105
    trampoline.fn_flags = mptr->common.fn_flags & (ZEND_ACC_STATIC | ZEND_ACC_VARIADIC | ZEND_ACC_RETURN_REFERENCE | ZEND_ACC_DEPRECATED);
878
105
    trampoline.handler = zend_closure_call_magic;
879
105
    trampoline.function_name = mptr->common.function_name;
880
105
    trampoline.scope = mptr->common.scope;
881
105
    trampoline.doc_comment = NULL;
882
105
    if (trampoline.fn_flags & ZEND_ACC_VARIADIC) {
883
105
      trampoline.arg_info = trampoline_arg_info;
884
105
    }
885
105
    trampoline.attributes = mptr->common.attributes;
886
887
105
    zend_free_trampoline(mptr);
888
105
    mptr = (zend_function *) &trampoline;
889
105
  }
890
891
387
  if (ZEND_CALL_INFO(call) & ZEND_CALL_HAS_THIS) {
892
114
    ZVAL_OBJ(&instance, Z_OBJ(call->This));
893
894
114
    zend_create_fake_closure(return_value, mptr, mptr->common.scope, Z_OBJCE(instance), &instance);
895
273
  } else {
896
273
    zend_create_fake_closure(return_value, mptr, mptr->common.scope, Z_CE(call->This), NULL);
897
273
  }
898
899
387
  if (&mptr->internal_function == &trampoline) {
900
105
    zend_string_release(mptr->common.function_name);
901
105
  }
902
387
} /* }}} */
903
904
void zend_closure_bind_var(zval *closure_zv, zend_string *var_name, zval *var) /* {{{ */
905
0
{
906
0
  zend_closure *closure = (zend_closure *) Z_OBJ_P(closure_zv);
907
0
  HashTable *static_variables = ZEND_MAP_PTR_GET(closure->func.op_array.static_variables_ptr);
908
0
  zend_hash_update(static_variables, var_name, var);
909
0
}
910
/* }}} */
911
912
void zend_closure_bind_var_ex(zval *closure_zv, uint32_t offset, zval *val) /* {{{ */
913
7.17k
{
914
7.17k
  zend_closure *closure = (zend_closure *) Z_OBJ_P(closure_zv);
915
7.17k
  HashTable *static_variables = ZEND_MAP_PTR_GET(closure->func.op_array.static_variables_ptr);
916
7.17k
  zval *var = (zval*)((char*)static_variables->arData + offset);
917
7.17k
  zval_ptr_dtor(var);
918
7.17k
  ZVAL_COPY_VALUE(var, val);
919
7.17k
}
920
/* }}} */