1 /*
2 +----------------------------------------------------------------------+
3 | Zend OPcache |
4 +----------------------------------------------------------------------+
5 | Copyright (c) The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Stanislav Malyshev <stas@zend.com> |
18 | Dmitry Stogov <dmitry@php.net> |
19 +----------------------------------------------------------------------+
20 */
21
22 /* pass 3:
23 * - optimize $i = $i+expr to $i+=expr
24 * - optimize series of JMPs
25 * - change $i++ to ++$i where possible
26 */
27
28 #include "php.h"
29 #include "Optimizer/zend_optimizer.h"
30 #include "Optimizer/zend_optimizer_internal.h"
31 #include "zend_API.h"
32 #include "zend_constants.h"
33 #include "zend_execute.h"
34 #include "zend_vm.h"
35
36 /* we use "jmp_hitlist" to avoid infinity loops during jmp optimization */
37 #define CHECK_JMP(target, label) \
38 for (i=0; i<jmp_hitlist_count; i++) { \
39 if (jmp_hitlist[i] == ZEND_OP1_JMP_ADDR(target)) { \
40 goto label; \
41 } \
42 } \
43 jmp_hitlist[jmp_hitlist_count++] = ZEND_OP1_JMP_ADDR(target);
44
45 #define CHECK_JMP2(target, label) \
46 for (i=0; i<jmp_hitlist_count; i++) { \
47 if (jmp_hitlist[i] == ZEND_OP2_JMP_ADDR(target)) { \
48 goto label; \
49 } \
50 } \
51 jmp_hitlist[jmp_hitlist_count++] = ZEND_OP2_JMP_ADDR(target);
52
zend_optimizer_pass3(zend_op_array * op_array,zend_optimizer_ctx * ctx)53 void zend_optimizer_pass3(zend_op_array *op_array, zend_optimizer_ctx *ctx)
54 {
55 zend_op *opline;
56 zend_op *end = op_array->opcodes + op_array->last;
57 zend_op **jmp_hitlist;
58 int jmp_hitlist_count;
59 int i;
60 uint32_t opline_num = 0;
61 ALLOCA_FLAG(use_heap);
62
63 jmp_hitlist = (zend_op**)do_alloca(sizeof(zend_op*)*op_array->last, use_heap);
64 opline = op_array->opcodes;
65
66 while (opline < end) {
67 jmp_hitlist_count = 0;
68
69 switch (opline->opcode) {
70 case ZEND_ADD:
71 case ZEND_SUB:
72 case ZEND_MUL:
73 case ZEND_DIV:
74 case ZEND_MOD:
75 case ZEND_POW:
76 case ZEND_CONCAT:
77 case ZEND_SL:
78 case ZEND_SR:
79 case ZEND_BW_OR:
80 case ZEND_BW_AND:
81 case ZEND_BW_XOR:
82 {
83 zend_op *next_opline = opline + 1;
84
85 while (next_opline < end && next_opline->opcode == ZEND_NOP) {
86 ++next_opline;
87 }
88
89 if (next_opline >= end || next_opline->opcode != ZEND_ASSIGN) {
90 break;
91 }
92
93 /* change $i=expr+$i to $i=$i+expr so that the following optimization
94 * works on it. Only do this if we are ignoring operator overloading,
95 * as operand order might be significant otherwise. */
96 if ((ctx->optimization_level & ZEND_OPTIMIZER_IGNORE_OVERLOADING)
97 && (opline->op2_type & (IS_VAR | IS_CV))
98 && opline->op2.var == next_opline->op1.var &&
99 (opline->opcode == ZEND_ADD ||
100 opline->opcode == ZEND_MUL ||
101 opline->opcode == ZEND_BW_OR ||
102 opline->opcode == ZEND_BW_AND ||
103 opline->opcode == ZEND_BW_XOR)) {
104 zend_uchar tmp_type = opline->op1_type;
105 znode_op tmp = opline->op1;
106
107 if (opline->opcode != ZEND_ADD
108 || (opline->op1_type == IS_CONST
109 && Z_TYPE(ZEND_OP1_LITERAL(opline)) != IS_ARRAY)) {
110 /* protection from array add: $a = array + $a is not commutative! */
111 COPY_NODE(opline->op1, opline->op2);
112 COPY_NODE(opline->op2, tmp);
113 }
114 }
115
116 if (ZEND_IS_BINARY_ASSIGN_OP_OPCODE(opline->opcode)
117 && (opline->op1_type & (IS_VAR | IS_CV))
118 && opline->op1.var == next_opline->op1.var
119 && opline->op1_type == next_opline->op1_type) {
120 opline->extended_value = opline->opcode;
121 opline->opcode = ZEND_ASSIGN_OP;
122 COPY_NODE(opline->result, next_opline->result);
123 MAKE_NOP(next_opline);
124 opline++;
125 opline_num++;
126 }
127 }
128 break;
129
130 case ZEND_JMP:
131 if (op_array->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK) {
132 break;
133 }
134
135 /* convert L: JMP L+1 to NOP */
136 if (ZEND_OP1_JMP_ADDR(opline) == opline + 1) {
137 MAKE_NOP(opline);
138 goto done_jmp_optimization;
139 }
140
141 /* convert JMP L1 ... L1: JMP L2 to JMP L2 .. L1: JMP L2 */
142 while (ZEND_OP1_JMP_ADDR(opline) < end
143 && ZEND_OP1_JMP_ADDR(opline)->opcode == ZEND_JMP) {
144 zend_op *target = ZEND_OP1_JMP_ADDR(opline);
145 CHECK_JMP(target, done_jmp_optimization);
146 ZEND_SET_OP_JMP_ADDR(opline, opline->op1, ZEND_OP1_JMP_ADDR(target));
147 }
148 break;
149
150 case ZEND_JMP_SET:
151 case ZEND_COALESCE:
152 if (op_array->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK) {
153 break;
154 }
155
156 while (ZEND_OP2_JMP_ADDR(opline) < end) {
157 zend_op *target = ZEND_OP2_JMP_ADDR(opline);
158 if (target->opcode == ZEND_JMP) {
159 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP1_JMP_ADDR(target));
160 } else {
161 break;
162 }
163 }
164 break;
165 case ZEND_JMPZ:
166 case ZEND_JMPNZ:
167 if (op_array->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK) {
168 break;
169 }
170
171 while (ZEND_OP2_JMP_ADDR(opline) < end) {
172 zend_op *target = ZEND_OP2_JMP_ADDR(opline);
173
174 if (target->opcode == ZEND_JMP) {
175 /* plain JMP */
176 /* JMPZ(X,L1), L1: JMP(L2) => JMPZ(X,L2), L1: JMP(L2) */
177 CHECK_JMP(target, done_jmp_optimization);
178 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP1_JMP_ADDR(target));
179 } else if (target->opcode == opline->opcode &&
180 SAME_VAR(opline->op1, target->op1)) {
181 /* same opcode and same var as this opcode */
182 /* JMPZ(X,L1), L1: JMPZ(X,L2) => JMPZ(X,L2), L1: JMPZ(X,L2) */
183 CHECK_JMP2(target, done_jmp_optimization);
184 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP2_JMP_ADDR(target));
185 } else if (target->opcode == opline->opcode + 3 &&
186 SAME_VAR(opline->op1, target->op1)) {
187 /* convert JMPZ(X,L1), L1: T JMPZ_EX(X,L2) to
188 T = JMPZ_EX(X, L2) */
189 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP2_JMP_ADDR(target));
190 opline->opcode += 3;
191 COPY_NODE(opline->result, target->result);
192 break;
193 } else if (target->opcode == INV_COND(opline->opcode) &&
194 SAME_VAR(opline->op1, target->op1)) {
195 /* convert JMPZ(X,L1), L1: JMPNZ(X,L2) to
196 JMPZ(X,L1+1) */
197 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, target + 1);
198 break;
199 } else if (target->opcode == INV_COND_EX(opline->opcode) &&
200 SAME_VAR(opline->op1, target->op1)) {
201 /* convert JMPZ(X,L1), L1: T = JMPNZ_EX(X,L2) to
202 T = JMPZ_EX(X,L1+1) */
203 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, target + 1);
204 opline->opcode += 3;
205 COPY_NODE(opline->result, target->result);
206 break;
207 } else {
208 break;
209 }
210 }
211 break;
212
213 case ZEND_JMPZ_EX:
214 case ZEND_JMPNZ_EX: {
215 zend_uchar T_type = opline->result_type;
216 znode_op T = opline->result;
217
218 if (op_array->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK) {
219 break;
220 }
221
222 /* convert L: T = JMPZ_EX X,L+1 to T = BOOL(X) */
223 /* convert L: T = JMPZ_EX T,L+1 to NOP */
224 if (ZEND_OP2_JMP_ADDR(opline) == opline + 1) {
225 if (opline->op1.var == opline->result.var) {
226 MAKE_NOP(opline);
227 } else {
228 opline->opcode = ZEND_BOOL;
229 SET_UNUSED(opline->op2);
230 }
231 goto done_jmp_optimization;
232 }
233
234 while (ZEND_OP2_JMP_ADDR(opline) < end) {
235 zend_op *target = ZEND_OP2_JMP_ADDR(opline);
236
237 if (target->opcode == opline->opcode-3 &&
238 SAME_VAR(target->op1, T)) {
239 /* convert T=JMPZ_EX(X,L1), L1: JMPZ(T,L2) to
240 JMPZ_EX(X,L2) */
241 CHECK_JMP2(target, continue_jmp_ex_optimization);
242 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP2_JMP_ADDR(target));
243 } else if (target->opcode == opline->opcode &&
244 SAME_VAR(target->op1, T) &&
245 SAME_VAR(target->result, T)) {
246 /* convert T=JMPZ_EX(X,L1), L1: T=JMPZ_EX(T,L2) to
247 JMPZ_EX(X,L2) */
248 CHECK_JMP2(target, continue_jmp_ex_optimization);
249 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP2_JMP_ADDR(target));
250 } else if (target->opcode == ZEND_JMPZNZ &&
251 SAME_VAR(target->op1, T)) {
252 /* Check for JMPZNZ with same cond variable */
253 zend_op *new_target;
254
255 CHECK_JMP2(target, continue_jmp_ex_optimization);
256 if (opline->opcode == ZEND_JMPZ_EX) {
257 new_target = ZEND_OP2_JMP_ADDR(target);
258 } else {
259 /* JMPNZ_EX */
260 new_target = ZEND_OFFSET_TO_OPLINE(target, target->extended_value);
261 }
262 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, new_target);
263 } else if ((target->opcode == INV_EX_COND_EX(opline->opcode) ||
264 target->opcode == INV_EX_COND(opline->opcode)) &&
265 SAME_VAR(opline->op1, target->op1)) {
266 /* convert JMPZ_EX(X,L1), L1: JMPNZ_EX(X,L2) to
267 JMPZ_EX(X,L1+1) */
268 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, target + 1);
269 break;
270 } else if (target->opcode == INV_EX_COND(opline->opcode) &&
271 SAME_VAR(target->op1, T)) {
272 /* convert T=JMPZ_EX(X,L1), L1: JMPNZ(T,L2) to
273 JMPZ_EX(X,L1+1) */
274 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, target + 1);
275 break;
276 } else if (target->opcode == INV_EX_COND_EX(opline->opcode) &&
277 SAME_VAR(target->op1, T) &&
278 SAME_VAR(target->result, T)) {
279 /* convert T=JMPZ_EX(X,L1), L1: T=JMPNZ_EX(T,L2) to
280 JMPZ_EX(X,L1+1) */
281 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, target + 1);
282 break;
283 } else if (target->opcode == ZEND_BOOL &&
284 SAME_VAR(opline->result, target->op1)) {
285 /* convert Y = JMPZ_EX(X,L1), L1: Z = BOOL(Y) to
286 Z = JMPZ_EX(X,L1+1) */
287 opline->result.var = target->result.var;
288 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, target + 1);
289 break;
290 } else {
291 break;
292 }
293 } /* while */
294 continue_jmp_ex_optimization:
295 break;
296 #if 0
297 /* If Ti = JMPZ_EX(X, L) and Ti is not used, convert to JMPZ(X, L) */
298 {
299 zend_op *op;
300 for(op = opline+1; op<end; op++) {
301 if(op->result_type == IS_TMP_VAR &&
302 op->result.var == opline->result.var) {
303 break; /* can pass to part 2 */
304 }
305
306 if(op->opcode == ZEND_JMP ||
307 op->opcode == ZEND_JMPZ ||
308 op->opcode == ZEND_JMPZ_EX ||
309 op->opcode == ZEND_JMPNZ ||
310 op->opcode == ZEND_JMPNZ_EX ||
311 op->opcode == ZEND_JMPZNZ ||
312 op->opcode == ZEND_CASE ||
313 op->opcode == ZEND_RETURN ||
314 op->opcode == ZEND_RETURN_BY_REF ||
315 op->opcode == ZEND_FAST_RET ||
316 op->opcode == ZEND_FE_FETCH_R ||
317 op->opcode == ZEND_FE_FETCH_RW ||
318 op->opcode == ZEND_EXIT) {
319 break;
320 }
321
322 if(op->op1_type == IS_TMP_VAR &&
323 op->op1.var == opline->result.var) {
324 goto done_jmp_optimization;
325 }
326
327 if(op->op2_type == IS_TMP_VAR &&
328 op->op2.var == opline->result.var) {
329 goto done_jmp_optimization;
330 }
331 } /* for */
332
333 for(op = &op_array->opcodes[opline->op2.opline_num]; op<end; op++) {
334
335 if(op->result_type == IS_TMP_VAR &&
336 op->result.var == opline->result.var) {
337 break; /* can pass to optimization */
338 }
339
340 if(op->opcode == ZEND_JMP ||
341 op->opcode == ZEND_JMPZ ||
342 op->opcode == ZEND_JMPZ_EX ||
343 op->opcode == ZEND_JMPNZ ||
344 op->opcode == ZEND_JMPNZ_EX ||
345 op->opcode == ZEND_JMPZNZ ||
346 op->opcode == ZEND_CASE ||
347 op->opcode == ZEND_RETURN ||
348 op->opcode == ZEND_RETURN_BY_REF ||
349 op->opcode == ZEND_FAST_RET ||
350 op->opcode == ZEND_FE_FETCH_R ||
351 op->opcode == ZEND_FE_FETCH_RW ||
352 op->opcode == ZEND_EXIT) {
353 break;
354 }
355
356 if(op->op1_type == IS_TMP_VAR &&
357 op->op1.var == opline->result.var) {
358 goto done_jmp_optimization;
359 }
360
361 if(op->op2_type == IS_TMP_VAR &&
362 op->op2.var == opline->result.var) {
363 goto done_jmp_optimization;
364 }
365 }
366
367 opline->opcode = opline->opcode-3; /* JMP_EX -> JMP */
368 SET_UNUSED(opline->result);
369 break;
370 }
371 #endif
372 }
373 break;
374
375 case ZEND_JMPZNZ:
376 if (op_array->fn_flags & ZEND_ACC_HAS_FINALLY_BLOCK) {
377 break;
378 }
379
380 /* JMPZNZ(X,L1,L2), L1: JMP(L3) => JMPZNZ(X,L3,L2), L1: JMP(L3) */
381 while (ZEND_OP2_JMP_ADDR(opline) < end
382 && ZEND_OP2_JMP_ADDR(opline)->opcode == ZEND_JMP) {
383 zend_op *target = ZEND_OP2_JMP_ADDR(opline);
384 CHECK_JMP(target, continue_jmpznz_optimization);
385 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP1_JMP_ADDR(target));
386 }
387 continue_jmpznz_optimization:
388 /* JMPZNZ(X,L1,L2), L2: JMP(L3) => JMPZNZ(X,L1,L3), L2: JMP(L3) */
389 while (ZEND_OFFSET_TO_OPLINE(opline, opline->extended_value) < end
390 && ZEND_OFFSET_TO_OPLINE(opline, opline->extended_value)->opcode == ZEND_JMP) {
391 zend_op *target = ZEND_OFFSET_TO_OPLINE(opline, opline->extended_value);
392 CHECK_JMP(target, done_jmp_optimization);
393 opline->extended_value = ZEND_OPLINE_TO_OFFSET(opline, ZEND_OP1_JMP_ADDR(target));
394 }
395 break;
396
397 case ZEND_POST_INC_OBJ:
398 case ZEND_POST_DEC_OBJ:
399 case ZEND_POST_INC:
400 case ZEND_POST_DEC: {
401 /* POST_INC, FREE => PRE_INC */
402 zend_op *next_op = opline + 1;
403
404 if (next_op >= end) {
405 break;
406 }
407 if (next_op->opcode == ZEND_FREE &&
408 next_op->op1.var == opline->result.var) {
409 MAKE_NOP(next_op);
410 opline->opcode -= 2;
411 opline->result_type = IS_UNUSED;
412 }
413 }
414 break;
415 }
416 done_jmp_optimization:
417 opline++;
418 opline_num++;
419 }
420 free_alloca(jmp_hitlist, use_heap);
421 }
422