1 /* pass 3: 2 * - optimize $i = $i+expr to $i+=expr 3 * - optimize series of JMPs 4 * - change $i++ to ++$i where possible 5 */ 6 7 /* compares opcodes with allowing oc1 be _EX of oc2 */ 8 #define SAME_OPCODE_EX(oc1, oc2) ((oc1 == oc2) || (oc1 == ZEND_JMPZ_EX && oc2 == ZEND_JMPZ) || (oc1 == ZEND_JMPNZ_EX && oc2 == ZEND_JMPNZ)) 9 10 /* we use "jmp_hitlist" to avoid infinity loops during jmp optimization */ 11 #define CHECK_JMP(target, label) \ 12 for (i=0; i<jmp_hitlist_count; i++) { \ 13 if (jmp_hitlist[i] == ZEND_OP1(&op_array->opcodes[target]).opline_num) { \ 14 goto label; \ 15 } \ 16 } \ 17 jmp_hitlist[jmp_hitlist_count++] = ZEND_OP1(&op_array->opcodes[target]).opline_num; 18 19 #define CHECK_JMP2(target, label) \ 20 for (i=0; i<jmp_hitlist_count; i++) { \ 21 if (jmp_hitlist[i] == ZEND_OP2(&op_array->opcodes[target]).opline_num) { \ 22 goto label; \ 23 } \ 24 } \ 25 jmp_hitlist[jmp_hitlist_count++] = ZEND_OP2(&op_array->opcodes[target]).opline_num; 26 27 if (ZEND_OPTIMIZER_PASS_3 & OPTIMIZATION_LEVEL) { 28 zend_op *opline; 29 zend_op *end = op_array->opcodes + op_array->last; 30 zend_uint *jmp_hitlist; 31 int jmp_hitlist_count; 32 int i; 33 zend_uint opline_num = 0; 34 ALLOCA_FLAG(use_heap); 35 36 jmp_hitlist = (zend_uint *)DO_ALLOCA(sizeof(zend_uint)*op_array->last); 37 opline = op_array->opcodes; 38 39 while (opline < end) { 40 jmp_hitlist_count = 0; 41 42 switch (opline->opcode) { 43 case ZEND_ADD: 44 case ZEND_SUB: 45 case ZEND_MUL: 46 case ZEND_DIV: 47 case ZEND_MOD: 48 #if ZEND_EXTENSION_API_NO >= PHP_5_6_X_API_NO 49 case ZEND_POW: 50 #endif 51 case ZEND_CONCAT: 52 case ZEND_SL: 53 case ZEND_SR: 54 case ZEND_BW_OR: 55 case ZEND_BW_AND: 56 case ZEND_BW_XOR: 57 { 58 zend_op *next_opline = opline + 1; 59 60 while (next_opline < end && next_opline->opcode == ZEND_NOP) { 61 ++next_opline; 62 } 63 64 if (next_opline >= end || next_opline->opcode != ZEND_ASSIGN) { 65 break; 66 } 67 68 if ((ZEND_OP2_TYPE(opline) == IS_VAR || ZEND_OP2_TYPE(opline) == IS_CV) 69 && ZEND_OP2(opline).var == ZEND_OP1(next_opline).var && 70 (opline->opcode == ZEND_ADD || 71 opline->opcode == ZEND_MUL || 72 opline->opcode == ZEND_BW_OR || 73 opline->opcode == ZEND_BW_AND || 74 opline->opcode == ZEND_BW_XOR)) { 75 /* change $i=expr+$i to $i=$i+expr so that the next 76 * optimization works on it 77 */ 78 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 79 zend_uchar tmp_type = opline->op1_type; 80 znode_op tmp = opline->op1; 81 #else 82 znode tmp = opline->op1; 83 #endif 84 85 if (opline->opcode != ZEND_ADD || ZEND_OP1_TYPE(opline) == IS_CONST) { 86 /* protection from array add: $a = array + $a is not commutative! */ 87 COPY_NODE(opline->op1, opline->op2); 88 COPY_NODE(opline->op2, tmp); 89 } 90 } 91 if ((ZEND_OP1_TYPE(opline) == IS_VAR || ZEND_OP1_TYPE(opline) == IS_CV) 92 && ZEND_OP1(opline).var == ZEND_OP1(next_opline).var 93 && ZEND_OP1_TYPE(opline) == ZEND_OP1_TYPE(next_opline)) { 94 switch (opline->opcode) { 95 case ZEND_ADD: 96 opline->opcode = ZEND_ASSIGN_ADD; 97 break; 98 case ZEND_SUB: 99 opline->opcode = ZEND_ASSIGN_SUB; 100 break; 101 case ZEND_MUL: 102 opline->opcode = ZEND_ASSIGN_MUL; 103 break; 104 case ZEND_DIV: 105 opline->opcode = ZEND_ASSIGN_DIV; 106 break; 107 case ZEND_MOD: 108 opline->opcode = ZEND_ASSIGN_MOD; 109 break; 110 #if ZEND_EXTENSION_API_NO >= PHP_5_6_X_API_NO 111 case ZEND_POW: 112 opline->opcode = ZEND_ASSIGN_POW; 113 break; 114 #endif 115 case ZEND_CONCAT: 116 opline->opcode = ZEND_ASSIGN_CONCAT; 117 break; 118 case ZEND_SL: 119 opline->opcode = ZEND_ASSIGN_SL; 120 break; 121 case ZEND_SR: 122 opline->opcode = ZEND_ASSIGN_SR; 123 break; 124 case ZEND_BW_OR: 125 opline->opcode = ZEND_ASSIGN_BW_OR; 126 break; 127 case ZEND_BW_AND: 128 opline->opcode = ZEND_ASSIGN_BW_AND; 129 break; 130 case ZEND_BW_XOR: 131 opline->opcode = ZEND_ASSIGN_BW_XOR; 132 break; 133 } 134 COPY_NODE(opline->result, next_opline->result); 135 MAKE_NOP(next_opline); 136 opline++; 137 opline_num++; 138 } 139 } 140 break; 141 142 case ZEND_JMP: 143 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 144 if (op_array->has_finally_block) { 145 break; 146 } 147 #endif 148 149 /* convert L: JMP L+1 to NOP */ 150 if (ZEND_OP1(opline).opline_num == opline_num + 1) { 151 MAKE_NOP(opline); 152 goto done_jmp_optimization; 153 } 154 155 /* convert JMP L1 ... L1: JMP L2 to JMP L2 .. L1: JMP L2 */ 156 while (ZEND_OP1(opline).opline_num < op_array->last 157 && op_array->opcodes[ZEND_OP1(opline).opline_num].opcode == ZEND_JMP) { 158 int target = ZEND_OP1(opline).opline_num; 159 CHECK_JMP(target, done_jmp_optimization); 160 ZEND_OP1(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 161 } 162 break; 163 164 #if ZEND_EXTENSION_API_NO >= PHP_5_3_X_API_NO 165 case ZEND_JMP_SET: 166 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 167 case ZEND_JMP_SET_VAR: 168 #endif 169 170 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 171 if (op_array->has_finally_block) { 172 break; 173 } 174 #endif 175 176 while (ZEND_OP2(opline).opline_num < op_array->last) { 177 int target = ZEND_OP2(opline).opline_num; 178 if (op_array->opcodes[target].opcode == ZEND_JMP) { 179 ZEND_OP2(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 180 } else { 181 break; 182 } 183 } 184 break; 185 #endif 186 187 case ZEND_JMPZ: 188 case ZEND_JMPNZ: 189 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 190 if (op_array->has_finally_block) { 191 break; 192 } 193 #endif 194 195 /* convert L: JMPZ L+1 to NOP */ 196 if (ZEND_OP2(opline).opline_num == opline_num + 1) { 197 MAKE_NOP(opline); 198 goto done_jmp_optimization; 199 } 200 201 while (ZEND_OP2(opline).opline_num < op_array->last) { 202 int target = ZEND_OP2(opline).opline_num; 203 204 if (op_array->opcodes[target].opcode == ZEND_JMP) { 205 /* plain JMP */ 206 /* JMPZ(X,L1), L1: JMP(L2) => JMPZ(X,L2), L1: JMP(L2) */ 207 CHECK_JMP(target, done_jmp_optimization); 208 ZEND_OP2(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 209 } else if (op_array->opcodes[target].opcode == opline->opcode && 210 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 211 /* same opcode and same var as this opcode */ 212 /* JMPZ(X,L1), L1: JMPZ(X,L2) => JMPZ(X,L2), L1: JMPZ(X,L2) */ 213 CHECK_JMP2(target, done_jmp_optimization); 214 ZEND_OP2(opline).opline_num = ZEND_OP2(&op_array->opcodes[target]).opline_num; 215 } else if (op_array->opcodes[target].opcode == opline->opcode + 3 && 216 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 217 /* convert JMPZ(X,L1), L1: T JMPZ_EX(X,L2) to 218 T = JMPZ_EX(X, L2) */ 219 ZEND_OP2(opline).opline_num = ZEND_OP2(&op_array->opcodes[target]).opline_num;opline->opcode += 3; 220 COPY_NODE(opline->result, op_array->opcodes[target].result); 221 break; 222 } else if (op_array->opcodes[target].opcode == INV_COND(opline->opcode) && 223 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 224 /* convert JMPZ(X,L1), L1: JMPNZ(X,L2) to 225 JMPZ(X,L1+1) */ 226 ZEND_OP2(opline).opline_num = target + 1; 227 break; 228 } else if (op_array->opcodes[target].opcode == INV_COND_EX(opline->opcode) && 229 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 230 /* convert JMPZ(X,L1), L1: T = JMPNZ_EX(X,L2) to 231 T = JMPZ_EX(X,L1+1) */ 232 ZEND_OP2(opline).opline_num = target + 1; 233 opline->opcode += 3; 234 COPY_NODE(opline->result, op_array->opcodes[target].result); 235 break; 236 } else { 237 break; 238 } 239 } 240 break; 241 242 case ZEND_JMPZ_EX: 243 case ZEND_JMPNZ_EX: { 244 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 245 zend_uchar T_type = opline->result_type; 246 znode_op T = opline->result; 247 #else 248 znode T = opline->result; 249 #endif 250 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 251 if (op_array->has_finally_block) { 252 break; 253 } 254 #endif 255 /* convert L: T = JMPZ_EX X,L+1 to T = BOOL(X) */ 256 /* convert L: T = JMPZ_EX T,L+1 to NOP */ 257 if (ZEND_OP2(opline).opline_num == opline_num + 1) { 258 if (ZEND_OP1(opline).var == ZEND_RESULT(opline).var) { 259 MAKE_NOP(opline); 260 } else { 261 opline->opcode = ZEND_BOOL; 262 SET_UNUSED(opline->op2); 263 } 264 goto done_jmp_optimization; 265 } 266 267 while (ZEND_OP2(opline).opline_num < op_array->last) { 268 int target = ZEND_OP2(opline).opline_num; 269 if (SAME_OPCODE_EX(opline->opcode, op_array->opcodes[target].opcode) && 270 SAME_VAR(op_array->opcodes[target].op1, T)) { 271 /* Check for JMPZ_EX to JMPZ[_EX] with the same condition, either with _EX or not */ 272 if (op_array->opcodes[target].opcode == opline->opcode) { 273 /* change T only if we have _EX opcode there */ 274 COPY_NODE(T, op_array->opcodes[target].result); 275 } 276 CHECK_JMP2(target, continue_jmp_ex_optimization); 277 ZEND_OP2(opline).opline_num = ZEND_OP2(&op_array->opcodes[target]).opline_num; 278 } else if (op_array->opcodes[target].opcode == ZEND_JMPZNZ && 279 SAME_VAR(op_array->opcodes[target].op1, T)) { 280 /* Check for JMPZNZ with same cond variable */ 281 int new_target; 282 CHECK_JMP2(target, continue_jmp_ex_optimization); 283 if (opline->opcode == ZEND_JMPZ_EX) { 284 new_target = ZEND_OP2(&op_array->opcodes[target]).opline_num; 285 } else { 286 /* JMPNZ_EX */ 287 new_target = op_array->opcodes[target].extended_value; 288 } 289 ZEND_OP2(opline).opline_num = new_target; 290 } else if ((op_array->opcodes[target].opcode == INV_EX_COND_EX(opline->opcode) || 291 op_array->opcodes[target].opcode == INV_EX_COND(opline->opcode)) && 292 SAME_VAR(opline->op1, op_array->opcodes[target].op1)) { 293 /* convert JMPZ_EX(X,L1), L1: JMPNZ_EX(X,L2) to 294 JMPZ_EX(X,L1+1) */ 295 ZEND_OP2(opline).opline_num = target + 1; 296 break; 297 } else { 298 break; 299 } 300 } /* while */ 301 continue_jmp_ex_optimization: 302 break; 303 #if 0 304 /* If Ti = JMPZ_EX(X, L) and Ti is not used, convert to JMPZ(X, L) */ 305 { 306 zend_op *op; 307 for(op = opline+1; op<end; op++) { 308 if(ZEND_RESULT_TYPE(op) == IS_TMP_VAR && 309 ZEND_RESULT(op).var == ZEND_RESULT(opline).var) { 310 break; /* can pass to part 2 */ 311 } 312 313 if(op->opcode == ZEND_JMP || 314 op->opcode == ZEND_JMPZ || 315 op->opcode == ZEND_JMPZ_EX || 316 op->opcode == ZEND_JMPNZ || 317 op->opcode == ZEND_JMPNZ_EX || 318 op->opcode == ZEND_JMPZNZ || 319 op->opcode == ZEND_BRK || 320 op->opcode == ZEND_CONT || 321 op->opcode == ZEND_CASE || 322 op->opcode == ZEND_RETURN || 323 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 324 op->opcode == ZEND_RETURN_BY_REF || 325 #endif 326 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 327 op->opcode == ZEND_FAST_RET || 328 #endif 329 op->opcode == ZEND_FE_FETCH || 330 op->opcode == ZEND_EXIT) { 331 break; 332 } 333 334 if(ZEND_OP1_TYPE(op) == IS_TMP_VAR && 335 ZEND_OP1(op).var == ZEND_RESULT(opline).var) { 336 goto done_jmp_optimization; 337 } 338 339 if(ZEND_OP2_TYPE(op) == IS_TMP_VAR && 340 ZEND_OP2(op).var == ZEND_RESULT(opline).var) { 341 goto done_jmp_optimization; 342 } 343 } /* for */ 344 345 for(op = &op_array->opcodes[ZEND_OP2(opline).opline_num]; op<end; op++) { 346 347 if(ZEND_RESULT_TYPE(op) == IS_TMP_VAR && 348 ZEND_RESULT(op).var == ZEND_RESULT(opline).var) { 349 break; /* can pass to optimization */ 350 } 351 352 if(op->opcode == ZEND_JMP || 353 op->opcode == ZEND_JMPZ || 354 op->opcode == ZEND_JMPZ_EX || 355 op->opcode == ZEND_JMPNZ || 356 op->opcode == ZEND_JMPNZ_EX || 357 op->opcode == ZEND_JMPZNZ || 358 op->opcode == ZEND_BRK || 359 op->opcode == ZEND_CONT || 360 op->opcode == ZEND_CASE || 361 op->opcode == ZEND_RETURN || 362 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 363 op->opcode == ZEND_RETURN_BY_REF || 364 #endif 365 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 366 op->opcode == ZEND_FAST_RET || 367 #endif 368 op->opcode == ZEND_FE_FETCH || 369 op->opcode == ZEND_EXIT) { 370 break; 371 } 372 373 if(ZEND_OP1_TYPE(op) == IS_TMP_VAR && 374 ZEND_OP1(op).var == ZEND_RESULT(opline).var) { 375 goto done_jmp_optimization; 376 } 377 378 if(ZEND_OP2_TYPE(op) == IS_TMP_VAR && 379 ZEND_OP2(op).var == ZEND_RESULT(opline).var) { 380 goto done_jmp_optimization; 381 } 382 } 383 384 opline->opcode = opline->opcode-3; /* JMP_EX -> JMP */ 385 SET_UNUSED(opline->result); 386 break; 387 } 388 #endif 389 } 390 break; 391 392 case ZEND_JMPZNZ: 393 #if ZEND_EXTENSION_API_NO > PHP_5_4_X_API_NO 394 if (op_array->has_finally_block) { 395 break; 396 } 397 #endif 398 /* JMPZNZ(X,L1,L2), L1: JMP(L3) => JMPZNZ(X,L3,L2), L1: JMP(L3) */ 399 while (ZEND_OP2(opline).opline_num < op_array->last 400 && op_array->opcodes[ZEND_OP2(opline).opline_num].opcode == ZEND_JMP) { 401 int target = ZEND_OP2(opline).opline_num; 402 CHECK_JMP(target, continue_jmpznz_optimization); 403 ZEND_OP2(opline).opline_num = ZEND_OP1(&op_array->opcodes[target]).opline_num; 404 } 405 continue_jmpznz_optimization: 406 /* JMPZNZ(X,L1,L2), L2: JMP(L3) => JMPZNZ(X,L1,L3), L2: JMP(L3) */ 407 while (opline->extended_value < op_array->last 408 && op_array->opcodes[opline->extended_value].opcode == ZEND_JMP) { 409 int target = opline->extended_value; 410 CHECK_JMP(target, done_jmp_optimization); 411 opline->extended_value = ZEND_OP1(&op_array->opcodes[target]).opline_num; 412 } 413 break; 414 415 case ZEND_POST_INC: 416 case ZEND_POST_DEC: { 417 /* POST_INC, FREE => PRE_INC */ 418 zend_op *next_op = opline + 1; 419 420 if (next_op >= end) { 421 break; 422 } 423 if (next_op->opcode == ZEND_FREE && 424 ZEND_OP1(next_op).var == ZEND_RESULT(opline).var) { 425 MAKE_NOP(next_op); 426 switch (opline->opcode) { 427 case ZEND_POST_INC: 428 opline->opcode = ZEND_PRE_INC; 429 break; 430 case ZEND_POST_DEC: 431 opline->opcode = ZEND_PRE_DEC; 432 break; 433 } 434 #if ZEND_EXTENSION_API_NO > PHP_5_3_X_API_NO 435 ZEND_RESULT_TYPE(opline) = IS_VAR | EXT_TYPE_UNUSED; 436 #else 437 ZEND_RESULT_TYPE(opline) = IS_VAR; 438 ZEND_RESULT(opline).EA.type = 0; 439 ZEND_RESULT(opline).EA.type |= EXT_TYPE_UNUSED; 440 #endif 441 } 442 } 443 break; 444 } 445 done_jmp_optimization: 446 opline++; 447 opline_num++; 448 } 449 FREE_ALLOCA(jmp_hitlist); 450 } 451
