1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine, SSA - Static Single Assignment Form |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1998-2018 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Dmitry Stogov <dmitry@php.net> |
16 +----------------------------------------------------------------------+
17 */
18
19 #ifndef ZEND_SSA_H
20 #define ZEND_SSA_H
21
22 #include "zend_optimizer.h"
23 #include "zend_cfg.h"
24
25 typedef struct _zend_ssa_range {
26 zend_long min;
27 zend_long max;
28 zend_bool underflow;
29 zend_bool overflow;
30 } zend_ssa_range;
31
32 typedef enum _zend_ssa_negative_lat {
33 NEG_NONE = 0,
34 NEG_INIT = 1,
35 NEG_INVARIANT = 2,
36 NEG_USE_LT = 3,
37 NEG_USE_GT = 4,
38 NEG_UNKNOWN = 5
39 } zend_ssa_negative_lat;
40
41 /* Special kind of SSA Phi function used in eSSA */
42 typedef struct _zend_ssa_range_constraint {
43 zend_ssa_range range; /* simple range constraint */
44 int min_var;
45 int max_var;
46 int min_ssa_var; /* ((min_var>0) ? MIN(ssa_var) : 0) + range.min */
47 int max_ssa_var; /* ((max_var>0) ? MAX(ssa_var) : 0) + range.max */
48 zend_ssa_negative_lat negative;
49 } zend_ssa_range_constraint;
50
51 typedef struct _zend_ssa_type_constraint {
52 uint32_t type_mask; /* Type mask to intersect with */
53 zend_class_entry *ce; /* Class entry for instanceof constraints */
54 } zend_ssa_type_constraint;
55
56 typedef union _zend_ssa_pi_constraint {
57 zend_ssa_range_constraint range;
58 zend_ssa_type_constraint type;
59 } zend_ssa_pi_constraint;
60
61 /* SSA Phi - ssa_var = Phi(source0, source1, ...sourceN) */
62 typedef struct _zend_ssa_phi zend_ssa_phi;
63 struct _zend_ssa_phi {
64 zend_ssa_phi *next; /* next Phi in the same BB */
65 int pi; /* if >= 0 this is actually a e-SSA Pi */
66 zend_ssa_pi_constraint constraint; /* e-SSA Pi constraint */
67 int var; /* Original CV, VAR or TMP variable index */
68 int ssa_var; /* SSA variable index */
69 int block; /* current BB index */
70 int visited : 1; /* flag to avoid recursive processing */
71 int has_range_constraint : 1;
72 zend_ssa_phi **use_chains;
73 zend_ssa_phi *sym_use_chain;
74 int *sources; /* Array of SSA IDs that produce this var.
75 As many as this block has
76 predecessors. */
77 };
78
79 typedef struct _zend_ssa_block {
80 zend_ssa_phi *phis;
81 } zend_ssa_block;
82
83 typedef struct _zend_ssa_op {
84 int op1_use;
85 int op2_use;
86 int result_use;
87 int op1_def;
88 int op2_def;
89 int result_def;
90 int op1_use_chain;
91 int op2_use_chain;
92 int res_use_chain;
93 } zend_ssa_op;
94
95 typedef enum _zend_ssa_alias_kind {
96 NO_ALIAS,
97 SYMTABLE_ALIAS,
98 PHP_ERRORMSG_ALIAS,
99 HTTP_RESPONSE_HEADER_ALIAS
100 } zend_ssa_alias_kind;
101
102 typedef enum _zend_ssa_escape_state {
103 ESCAPE_STATE_UNKNOWN,
104 ESCAPE_STATE_NO_ESCAPE,
105 ESCAPE_STATE_FUNCTION_ESCAPE,
106 ESCAPE_STATE_GLOBAL_ESCAPE
107 } zend_ssa_escape_state;
108
109 typedef struct _zend_ssa_var {
110 int var; /* original var number; op.var for CVs and following numbers for VARs and TMP_VARs */
111 int scc; /* strongly connected component */
112 int definition; /* opcode that defines this value */
113 zend_ssa_phi *definition_phi; /* phi that defines this value */
114 int use_chain; /* uses of this value, linked through opN_use_chain */
115 zend_ssa_phi *phi_use_chain; /* uses of this value in Phi, linked through use_chain */
116 zend_ssa_phi *sym_use_chain; /* uses of this value in Pi constraints */
117 unsigned int no_val : 1; /* value doesn't mater (used as op1 in ZEND_ASSIGN) */
118 unsigned int scc_entry : 1;
119 unsigned int alias : 2; /* value may be changed indirectly */
120 unsigned int escape_state : 2;
121 } zend_ssa_var;
122
123 typedef struct _zend_ssa_var_info {
124 uint32_t type; /* inferred type (see zend_inference.h) */
125 zend_ssa_range range;
126 zend_class_entry *ce;
127 unsigned int has_range : 1;
128 unsigned int is_instanceof : 1; /* 0 - class == "ce", 1 - may be child of "ce" */
129 unsigned int recursive : 1;
130 unsigned int use_as_double : 1;
131 } zend_ssa_var_info;
132
133 typedef struct _zend_ssa {
134 zend_cfg cfg; /* control flow graph */
135 int rt_constants; /* run-time or compile-time */
136 int vars_count; /* number of SSA variables */
137 zend_ssa_block *blocks; /* array of SSA blocks */
138 zend_ssa_op *ops; /* array of SSA instructions */
139 zend_ssa_var *vars; /* use/def chain of SSA variables */
140 int sccs; /* number of SCCs */
141 zend_ssa_var_info *var_info;
142 } zend_ssa;
143
144 BEGIN_EXTERN_C()
145
146 int zend_build_ssa(zend_arena **arena, const zend_script *script, const zend_op_array *op_array, uint32_t build_flags, zend_ssa *ssa);
147 int zend_ssa_compute_use_def_chains(zend_arena **arena, const zend_op_array *op_array, zend_ssa *ssa);
148 int zend_ssa_unlink_use_chain(zend_ssa *ssa, int op, int var);
149
150 void zend_ssa_remove_predecessor(zend_ssa *ssa, int from, int to);
151 void zend_ssa_remove_instr(zend_ssa *ssa, zend_op *opline, zend_ssa_op *ssa_op);
152 void zend_ssa_remove_phi(zend_ssa *ssa, zend_ssa_phi *phi);
153 void zend_ssa_remove_uses_of_var(zend_ssa *ssa, int var_num);
154 void zend_ssa_remove_block(zend_op_array *op_array, zend_ssa *ssa, int b);
155 void zend_ssa_rename_var_uses(zend_ssa *ssa, int old_var, int new_var, zend_bool update_types);
156
_zend_ssa_remove_def(zend_ssa_var * var)157 static zend_always_inline void _zend_ssa_remove_def(zend_ssa_var *var)
158 {
159 ZEND_ASSERT(var->definition >= 0);
160 ZEND_ASSERT(var->use_chain < 0);
161 ZEND_ASSERT(!var->phi_use_chain);
162 var->definition = -1;
163 }
164
zend_ssa_remove_result_def(zend_ssa * ssa,zend_ssa_op * ssa_op)165 static zend_always_inline void zend_ssa_remove_result_def(zend_ssa *ssa, zend_ssa_op *ssa_op)
166 {
167 zend_ssa_var *var = &ssa->vars[ssa_op->result_def];
168 _zend_ssa_remove_def(var);
169 ssa_op->result_def = -1;
170 }
171
zend_ssa_remove_op1_def(zend_ssa * ssa,zend_ssa_op * ssa_op)172 static zend_always_inline void zend_ssa_remove_op1_def(zend_ssa *ssa, zend_ssa_op *ssa_op)
173 {
174 zend_ssa_var *var = &ssa->vars[ssa_op->op1_def];
175 _zend_ssa_remove_def(var);
176 ssa_op->op1_def = -1;
177 }
178
zend_ssa_remove_op2_def(zend_ssa * ssa,zend_ssa_op * ssa_op)179 static zend_always_inline void zend_ssa_remove_op2_def(zend_ssa *ssa, zend_ssa_op *ssa_op)
180 {
181 zend_ssa_var *var = &ssa->vars[ssa_op->op2_def];
182 _zend_ssa_remove_def(var);
183 ssa_op->op2_def = -1;
184 }
185
END_EXTERN_C()186 END_EXTERN_C()
187
188 static zend_always_inline int zend_ssa_next_use(const zend_ssa_op *ssa_op, int var, int use)
189 {
190 ssa_op += use;
191 if (ssa_op->op1_use == var) {
192 return ssa_op->op1_use_chain;
193 } else if (ssa_op->op2_use == var) {
194 return ssa_op->op2_use_chain;
195 } else {
196 return ssa_op->res_use_chain;
197 }
198 }
199
zend_ssa_next_use_phi(const zend_ssa * ssa,int var,const zend_ssa_phi * p)200 static zend_always_inline zend_ssa_phi* zend_ssa_next_use_phi(const zend_ssa *ssa, int var, const zend_ssa_phi *p)
201 {
202 if (p->pi >= 0) {
203 return p->use_chains[0];
204 } else {
205 int j;
206 for (j = 0; j < ssa->cfg.blocks[p->block].predecessors_count; j++) {
207 if (p->sources[j] == var) {
208 return p->use_chains[j];
209 }
210 }
211 }
212 return NULL;
213 }
214
zend_ssa_is_no_val_use(const zend_op * opline,const zend_ssa_op * ssa_op,int var)215 static zend_always_inline zend_bool zend_ssa_is_no_val_use(const zend_op *opline, const zend_ssa_op *ssa_op, int var)
216 {
217 if (opline->opcode == ZEND_ASSIGN || opline->opcode == ZEND_UNSET_CV) {
218 return ssa_op->op1_use == var && ssa_op->op2_use != var;
219 }
220 // TODO: Reenable this after changing the SSA structure.
221 /*if (opline->opcode == ZEND_FE_FETCH_R) {
222 return ssa_op->op2_use == var && ssa_op->op1_use != var;
223 }*/
224 if (ssa_op->result_use == var && opline->opcode != ZEND_ADD_ARRAY_ELEMENT) {
225 return ssa_op->op1_use != var && ssa_op->op2_use != var;
226 }
227 return 0;
228 }
229
zend_ssa_rename_defs_of_instr(zend_ssa * ssa,zend_ssa_op * ssa_op)230 static zend_always_inline void zend_ssa_rename_defs_of_instr(zend_ssa *ssa, zend_ssa_op *ssa_op) {
231 /* Rename def to use if possible. Mark variable as not defined otherwise. */
232 if (ssa_op->op1_def >= 0) {
233 if (ssa_op->op1_use >= 0) {
234 zend_ssa_rename_var_uses(ssa, ssa_op->op1_def, ssa_op->op1_use, 1);
235 }
236 ssa->vars[ssa_op->op1_def].definition = -1;
237 ssa_op->op1_def = -1;
238 }
239 if (ssa_op->op2_def >= 0) {
240 if (ssa_op->op2_use >= 0) {
241 zend_ssa_rename_var_uses(ssa, ssa_op->op2_def, ssa_op->op2_use, 1);
242 }
243 ssa->vars[ssa_op->op2_def].definition = -1;
244 ssa_op->op2_def = -1;
245 }
246 if (ssa_op->result_def >= 0) {
247 if (ssa_op->result_use >= 0) {
248 zend_ssa_rename_var_uses(ssa, ssa_op->result_def, ssa_op->result_use, 1);
249 }
250 ssa->vars[ssa_op->result_def].definition = -1;
251 ssa_op->result_def = -1;
252 }
253 }
254
255 #define NUM_PHI_SOURCES(phi) \
256 ((phi)->pi >= 0 ? 1 : (ssa->cfg.blocks[(phi)->block].predecessors_count))
257
258 /* FOREACH_USE and FOREACH_PHI_USE explicitly support "continue"
259 * and changing the use chain of the current element */
260 #define FOREACH_USE(var, use) do { \
261 int _var_num = (var) - ssa->vars, next; \
262 for (use = (var)->use_chain; use >= 0; use = next) { \
263 next = zend_ssa_next_use(ssa->ops, _var_num, use);
264 #define FOREACH_USE_END() \
265 } \
266 } while (0)
267
268 #define FOREACH_PHI_USE(var, phi) do { \
269 int _var_num = (var) - ssa->vars; \
270 zend_ssa_phi *next_phi; \
271 for (phi = (var)->phi_use_chain; phi; phi = next_phi) { \
272 next_phi = zend_ssa_next_use_phi(ssa, _var_num, phi);
273 #define FOREACH_PHI_USE_END() \
274 } \
275 } while (0)
276
277 #define FOREACH_PHI_SOURCE(phi, source) do { \
278 zend_ssa_phi *_phi = (phi); \
279 int _i, _end = NUM_PHI_SOURCES(phi); \
280 for (_i = 0; _i < _end; _i++) { \
281 ZEND_ASSERT(_phi->sources[_i] >= 0); \
282 source = _phi->sources[_i];
283 #define FOREACH_PHI_SOURCE_END() \
284 } \
285 } while (0)
286
287 #define FOREACH_PHI(phi) do { \
288 int _i; \
289 for (_i = 0; _i < ssa->cfg.blocks_count; _i++) { \
290 phi = ssa->blocks[_i].phis; \
291 for (; phi; phi = phi->next) {
292 #define FOREACH_PHI_END() \
293 } \
294 } \
295 } while (0)
296
297 #define FOREACH_BLOCK(block) do { \
298 int _i; \
299 for (_i = 0; _i < ssa->cfg.blocks_count; _i++) { \
300 (block) = &ssa->cfg.blocks[_i]; \
301 if (!((block)->flags & ZEND_BB_REACHABLE)) { \
302 continue; \
303 }
304 #define FOREACH_BLOCK_END() \
305 } \
306 } while (0)
307
308 /* Does not support "break" */
309 #define FOREACH_INSTR_NUM(i) do { \
310 zend_basic_block *_block; \
311 FOREACH_BLOCK(_block) { \
312 uint32_t _end = _block->start + _block->len; \
313 for ((i) = _block->start; (i) < _end; (i)++) {
314 #define FOREACH_INSTR_NUM_END() \
315 } \
316 } FOREACH_BLOCK_END(); \
317 } while (0)
318
319 #endif /* ZEND_SSA_H */
320
321 /*
322 * Local variables:
323 * tab-width: 4
324 * c-basic-offset: 4
325 * indent-tabs-mode: t
326 * End:
327 */
328