1 /* pass 3: 2 * - optimize $i = $i+expr to $i+=expr 3 * - optimize series of JMPs 4 * - change $i++ to ++$i where possible 5 */ 6 7 /* compares opcodes with allowing oc1 be _EX of oc2 */ 8 #define SAME_OPCODE_EX(oc1, oc2) ((oc1 == oc2) || (oc1 == ZEND_JMPZ_EX && oc2 == ZEND_JMPZ) || (oc1 == ZEND_JMPNZ_EX && oc2 == ZEND_JMPNZ)) 9 10 /* we use "jmp_hitlist" to avoid infinity loops during jmp optimization */ 11 #define CHECK_JMP(target, label) \ 12 for (i=0; i<jmp_hitlist_count; i++) { \ 13 if (jmp_hitlist[i] == ZEND_OP1(&op_array->opcodes[target]).opline_num) { \ 14 goto label; \ 15 } \ 16 } \ 17 jmp_hitlist[jmp_hitlist_count++] = ZEND_OP1(&op_array->opcodes[target]).opline_num; 18 19 #define CHECK_JMP2(target, label) \ 20 for (i=0; i<jmp_hitlist_count; i++) { \ 21 if (jmp_hitlist[i] == ZEND_OP2(&op_array->opcodes[target]).opline_num) { \ 22 goto label; \ 23 } \ 24 } \ 25 jmp_hitlist[jmp_hitlist_count++] = ZEND_OP2(&op_array->opcodes[target]).opline_num; 26 27 if (ZEND_OPTIMIZER_PASS_3 & OPTIMIZATION_LEVEL) { 28 zend_op *opline; 29 zend_op *end = op_array->opcodes + op_array->last; 30 zend_uint *jmp_hitlist; 31 int jmp_hitlist_count; 32 int i; 33 zend_uint opline_num = 0; 34 ALLOCA_FLAG(use_heap); 35 36 jmp_hitlist = (zend_uint *)DO_ALLOCA(sizeof(zend_uint)*op_array->last); 37 opline = op_array->opcodes; 38 39 while (opline < end) { 40 jmp_hitlist_count = 0; 41 42 switch (opline->opcode) { 43 case ZEND_ADD: 44 case ZEND_SUB: 45 case ZEND_MUL: 46 case ZEND_DIV: 47 case ZEND_MOD: 48 case ZEND_CONCAT: 49 case ZEND_SL: 50 case ZEND_SR: 51 case ZEND_BW_OR: 52 case ZEND_BW_AND: 53 case ZEND_BW_XOR: 54 { 55 zend_op *next_opline = opline + 1; 56 57 while (next_opline < end && next_opline->opcode == ZEND_NOP) { 58 ++next_opline; 59 } 60 61 if (next_opline >= end || next_opline->opcode != ZEND_ASSIGN) { 62 break; 63 } 64 65 if ((ZEND_OP2_TYPE(opline) == IS_VAR || ZEND_OP2_TYPE(opline) == IS_CV) 66 && ZEND_OP2(opline).var == ZEND_OP1(next_opline).var && 67 (opline->opcode == ZEND_ADD || 68 opline->opcode == ZEND_MUL || 69 opline->opcode == ZEND_BW_OR || 70 opline->opcode == ZEND_BW_AND || 71 opline->opcode == ZEND_BW_XOR)) { 72 /* change $i=expr+$i to $i=$i+expr so that the next 73 * optimization works on it 74 */ 75 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 76 zend_uchar tmp_type = opline->op1_type; 77 znode_op tmp = opline->op1; 78 #else 79 znode tmp = opline->op1; 80 #endif 81 82 if (opline->opcode != ZEND_ADD || ZEND_OP1_TYPE(opline) == IS_CONST) { 83 /* protection from array add: $a = array + $a is not commutative! */ 84 COPY_NODE(opline->op1, opline->op2); 85 COPY_NODE(opline->op2, tmp); 86 } 87 } 88 if ((ZEND_OP1_TYPE(opline) == IS_VAR || ZEND_OP1_TYPE(opline) == IS_CV) 89 && ZEND_OP1(opline).var == ZEND_OP1(next_opline).var 90 && ZEND_OP1_TYPE(opline) == ZEND_OP1_TYPE(next_opline)) { 91 switch (opline->opcode) { 92 case ZEND_ADD: 93 opline->opcode = ZEND_ASSIGN_ADD; 94 break; 95 case ZEND_SUB: 96 opline->opcode = ZEND_ASSIGN_SUB; 97 break; 98 case ZEND_MUL: 99 opline->opcode = ZEND_ASSIGN_MUL; 100 break; 101 case ZEND_DIV: 102 opline->opcode = ZEND_ASSIGN_DIV; 103 break; 104 case ZEND_MOD: 105 opline->opcode = ZEND_ASSIGN_MOD; 106 break; 107 case ZEND_CONCAT: 108 opline->opcode = ZEND_ASSIGN_CONCAT; 109 break; 110 case ZEND_SL: 111 opline->opcode = ZEND_ASSIGN_SL; 112 break; 113 case ZEND_SR: 114 opline->opcode = ZEND_ASSIGN_SR; 115 break; 116 case ZEND_BW_OR: 117 opline->opcode = ZEND_ASSIGN_BW_OR; 118 break; 119 case ZEND_BW_AND: 120 opline->opcode = ZEND_ASSIGN_BW_AND; 121 break; 122 case ZEND_BW_XOR: 123 opline->opcode = ZEND_ASSIGN_BW_XOR; 124 break; 125 } 126 COPY_NODE(opline->result, next_opline->result); 127 MAKE_NOP(next_opline); 128 opline++; 129 opline_num++; 130 } 131 } 132 break; 133 134 case ZEND_JMP: 135 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 136 if (op_array->has_finally_block) { 137 break; 138 } 139 #endif 140 141 /* convert L: JMP L+1 to NOP */ 142 if (ZEND_OP1(opline).opline_num == opline_num + 1) { 143 MAKE_NOP(opline); 144 goto done_jmp_optimization; 145 } 146 147 /* convert JMP L1 ... L1: JMP L2 to JMP L2 .. L1: JMP L2 */ 148 while (ZEND_OP1(opline).opline_num < op_array->last 149 && op_array->opcodes[ZEND_OP1(opline).opline_num].opcode == ZEND_JMP) { 150 int target = ZEND_OP1(opline).opline_num; 151 CHECK_JMP(target, done_jmp_optimization); 152 ZEND_OP1(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 153 } 154 break; 155 156 #if ZEND_EXTENSION_API_NO >= PHP_5_3_X_API_NO 157 case ZEND_JMP_SET: 158 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 159 case ZEND_JMP_SET_VAR: 160 #endif 161 162 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 163 if (op_array->has_finally_block) { 164 break; 165 } 166 #endif 167 168 while (ZEND_OP2(opline).opline_num < op_array->last) { 169 int target = ZEND_OP2(opline).opline_num; 170 if (op_array->opcodes[target].opcode == ZEND_JMP) { 171 ZEND_OP2(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 172 } else { 173 break; 174 } 175 } 176 break; 177 #endif 178 179 case ZEND_JMPZ: 180 case ZEND_JMPNZ: 181 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 182 if (op_array->has_finally_block) { 183 break; 184 } 185 #endif 186 187 /* convert L: JMPZ L+1 to NOP */ 188 if (ZEND_OP2(opline).opline_num == opline_num + 1) { 189 MAKE_NOP(opline); 190 goto done_jmp_optimization; 191 } 192 193 while (ZEND_OP2(opline).opline_num < op_array->last) { 194 int target = ZEND_OP2(opline).opline_num; 195 196 if (op_array->opcodes[target].opcode == ZEND_JMP) { 197 /* plain JMP */ 198 /* JMPZ(X,L1), L1: JMP(L2) => JMPZ(X,L2), L1: JMP(L2) */ 199 CHECK_JMP(target, done_jmp_optimization); 200 ZEND_OP2(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 201 } else if (op_array->opcodes[target].opcode == opline->opcode && 202 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 203 /* same opcode and same var as this opcode */ 204 /* JMPZ(X,L1), L1: JMPZ(X,L2) => JMPZ(X,L2), L1: JMPZ(X,L2) */ 205 CHECK_JMP2(target, done_jmp_optimization); 206 ZEND_OP2(opline).opline_num = ZEND_OP2(&op_array->opcodes[target]).opline_num; 207 } else if (op_array->opcodes[target].opcode == opline->opcode + 3 && 208 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 209 /* convert JMPZ(X,L1), L1: T JMPZ_EX(X,L2) to 210 T = JMPZ_EX(X, L2) */ 211 ZEND_OP2(opline).opline_num = ZEND_OP2(&op_array->opcodes[target]).opline_num;opline->opcode += 3; 212 COPY_NODE(opline->result, op_array->opcodes[target].result); 213 break; 214 } else if (op_array->opcodes[target].opcode == INV_COND(opline->opcode) && 215 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 216 /* convert JMPZ(X,L1), L1: JMPNZ(X,L2) to 217 JMPZ(X,L1+1) */ 218 ZEND_OP2(opline).opline_num = target + 1; 219 break; 220 } else if (op_array->opcodes[target].opcode == INV_COND_EX(opline->opcode) && 221 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 222 /* convert JMPZ(X,L1), L1: T = JMPNZ_EX(X,L2) to 223 T = JMPZ_EX(X,L1+1) */ 224 ZEND_OP2(opline).opline_num = target + 1; 225 opline->opcode += 3; 226 COPY_NODE(opline->result, op_array->opcodes[target].result); 227 break; 228 } else { 229 break; 230 } 231 } 232 break; 233 234 case ZEND_JMPZ_EX: 235 case ZEND_JMPNZ_EX: { 236 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 237 zend_uchar T_type = opline->result_type; 238 znode_op T = opline->result; 239 #else 240 znode T = opline->result; 241 #endif 242 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 243 if (op_array->has_finally_block) { 244 break; 245 } 246 #endif 247 /* convert L: T = JMPZ_EX X,L+1 to T = BOOL(X) */ 248 /* convert L: T = JMPZ_EX T,L+1 to NOP */ 249 if (ZEND_OP2(opline).opline_num == opline_num + 1) { 250 if (ZEND_OP1(opline).var == ZEND_RESULT(opline).var) { 251 MAKE_NOP(opline); 252 } else { 253 opline->opcode = ZEND_BOOL; 254 SET_UNUSED(opline->op2); 255 } 256 goto done_jmp_optimization; 257 } 258 259 while (ZEND_OP2(opline).opline_num < op_array->last) { 260 int target = ZEND_OP2(opline).opline_num; 261 if (SAME_OPCODE_EX(opline->opcode, op_array->opcodes[target].opcode) && 262 SAME_VAR(op_array->opcodes[target].op1, T)) { 263 /* Check for JMPZ_EX to JMPZ[_EX] with the same condition, either with _EX or not */ 264 if (op_array->opcodes[target].opcode == opline->opcode) { 265 /* change T only if we have _EX opcode there */ 266 COPY_NODE(T, op_array->opcodes[target].result); 267 } 268 CHECK_JMP2(target, continue_jmp_ex_optimization); 269 ZEND_OP2(opline).opline_num = ZEND_OP2(&op_array->opcodes[target]).opline_num; 270 } else if (op_array->opcodes[target].opcode == ZEND_JMPZNZ && 271 SAME_VAR(op_array->opcodes[target].op1, T)) { 272 /* Check for JMPZNZ with same cond variable */ 273 int new_target; 274 CHECK_JMP2(target, continue_jmp_ex_optimization); 275 if (opline->opcode == ZEND_JMPZ_EX) { 276 new_target = ZEND_OP2(&op_array->opcodes[target]).opline_num; 277 } else { 278 /* JMPNZ_EX */ 279 new_target = op_array->opcodes[target].extended_value; 280 } 281 ZEND_OP2(opline).opline_num = new_target; 282 } else if ((op_array->opcodes[target].opcode == INV_EX_COND_EX(opline->opcode) || 283 op_array->opcodes[target].opcode == INV_EX_COND(opline->opcode)) && 284 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 285 /* convert JMPZ_EX(X,L1), L1: JMPNZ_EX(X,L2) to 286 JMPZ_EX(X,L1+1) */ 287 ZEND_OP2(opline).opline_num = target + 1; 288 break; 289 } else { 290 break; 291 } 292 } /* while */ 293 continue_jmp_ex_optimization: 294 break; 295 #if 0 296 /* If Ti = JMPZ_EX(X, L) and Ti is not used, convert to JMPZ(X, L) */ 297 { 298 zend_op *op; 299 for(op = opline+1; op<end; op++) { 300 if(ZEND_RESULT_TYPE(op) == IS_TMP_VAR && 301 ZEND_RESULT(op).var == ZEND_RESULT(opline).var) { 302 break; /* can pass to part 2 */ 303 } 304 305 if(op->opcode == ZEND_JMP || 306 op->opcode == ZEND_JMPZ || 307 op->opcode == ZEND_JMPZ_EX || 308 op->opcode == ZEND_JMPNZ || 309 op->opcode == ZEND_JMPNZ_EX || 310 op->opcode == ZEND_JMPZNZ || 311 op->opcode == ZEND_BRK || 312 op->opcode == ZEND_CONT || 313 op->opcode == ZEND_CASE || 314 op->opcode == ZEND_RETURN || 315 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 316 op->opcode == ZEND_RETURN_BY_REF || 317 #endif 318 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 319 op->opcode == ZEND_FAST_RET || 320 #endif 321 op->opcode == ZEND_FE_FETCH || 322 op->opcode == ZEND_EXIT) { 323 break; 324 } 325 326 if(ZEND_OP1_TYPE(op) == IS_TMP_VAR && 327 ZEND_OP1(op).var == ZEND_RESULT(opline).var) { 328 goto done_jmp_optimization; 329 } 330 331 if(ZEND_OP2_TYPE(op) == IS_TMP_VAR && 332 ZEND_OP2(op).var == ZEND_RESULT(opline).var) { 333 goto done_jmp_optimization; 334 } 335 } /* for */ 336 337 for(op = &op_array->opcodes[ZEND_OP2(opline).opline_num]; op<end; op++) { 338 339 if(ZEND_RESULT_TYPE(op) == IS_TMP_VAR && 340 ZEND_RESULT(op).var == ZEND_RESULT(opline).var) { 341 break; /* can pass to optimization */ 342 } 343 344 if(op->opcode == ZEND_JMP || 345 op->opcode == ZEND_JMPZ || 346 op->opcode == ZEND_JMPZ_EX || 347 op->opcode == ZEND_JMPNZ || 348 op->opcode == ZEND_JMPNZ_EX || 349 op->opcode == ZEND_JMPZNZ || 350 op->opcode == ZEND_BRK || 351 op->opcode == ZEND_CONT || 352 op->opcode == ZEND_CASE || 353 op->opcode == ZEND_RETURN || 354 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 355 op->opcode == ZEND_RETURN_BY_REF || 356 #endif 357 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 358 op->opcode == ZEND_FAST_RET || 359 #endif 360 op->opcode == ZEND_FE_FETCH || 361 op->opcode == ZEND_EXIT) { 362 break; 363 } 364 365 if(ZEND_OP1_TYPE(op) == IS_TMP_VAR && 366 ZEND_OP1(op).var == ZEND_RESULT(opline).var) { 367 goto done_jmp_optimization; 368 } 369 370 if(ZEND_OP2_TYPE(op) == IS_TMP_VAR && 371 ZEND_OP2(op).var == ZEND_RESULT(opline).var) { 372 goto done_jmp_optimization; 373 } 374 } 375 376 opline->opcode = opline->opcode-3; /* JMP_EX -> JMP */ 377 SET_UNUSED(opline->result); 378 break; 379 } 380 #endif 381 } 382 break; 383 384 case ZEND_JMPZNZ: 385 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 386 if (op_array->has_finally_block) { 387 break; 388 } 389 #endif 390 /* JMPZNZ(X,L1,L2), L1: JMP(L3) => JMPZNZ(X,L3,L2), L1: JMP(L3) */ 391 while (ZEND_OP2(opline).opline_num < op_array->last 392 && op_array->opcodes[ZEND_OP2(opline).opline_num].opcode == ZEND_JMP) { 393 int target = ZEND_OP2(opline).opline_num; 394 CHECK_JMP(target, continue_jmpznz_optimization); 395 ZEND_OP2(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 396 } 397 continue_jmpznz_optimization: 398 /* JMPZNZ(X,L1,L2), L2: JMP(L3) => JMPZNZ(X,L1,L3), L2: JMP(L3) */ 399 while (opline->extended_value < op_array->last 400 && op_array->opcodes[opline->extended_value].opcode == ZEND_JMP) { 401 int target = opline->extended_value; 402 CHECK_JMP(target, done_jmp_optimization); 403 opline->extended_value = ZEND_OP1(&op_array->opcodes[target]).opline_num; 404 } 405 break; 406 407 case ZEND_POST_INC: 408 case ZEND_POST_DEC: { 409 /* POST_INC, FREE => PRE_INC */ 410 zend_op *next_op = opline + 1; 411 412 if (next_op >= end) { 413 break; 414 } 415 if (next_op->opcode == ZEND_FREE && 416 ZEND_OP1(next_op).var == ZEND_RESULT(opline).var) { 417 MAKE_NOP(next_op); 418 switch (opline->opcode) { 419 case ZEND_POST_INC: 420 opline->opcode = ZEND_PRE_INC; 421 break; 422 case ZEND_POST_DEC: 423 opline->opcode = ZEND_PRE_DEC; 424 break; 425 } 426 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 427 ZEND_RESULT_TYPE(opline) = IS_VAR | EXT_TYPE_UNUSED; 428 #else 429 ZEND_RESULT_TYPE(opline) = IS_VAR; 430 ZEND_RESULT(opline).EA.type = 0; 431 ZEND_RESULT(opline).EA.type |= EXT_TYPE_UNUSED; 432 #endif 433 } 434 } 435 break; 436 } 437 done_jmp_optimization: 438 opline++; 439 opline_num++; 440 } 441 FREE_ALLOCA(jmp_hitlist); 442 } 443
