1 /*
2 +----------------------------------------------------------------------+
3 | Zend OPcache |
4 +----------------------------------------------------------------------+
5 | Copyright (c) The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | https://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Stanislav Malyshev <stas@zend.com> |
18 | Dmitry Stogov <dmitry@php.net> |
19 +----------------------------------------------------------------------+
20 */
21
22 #include "Optimizer/zend_optimizer.h"
23 #include "Optimizer/zend_optimizer_internal.h"
24 #include "zend_API.h"
25 #include "zend_constants.h"
26 #include "zend_execute.h"
27 #include "zend_vm.h"
28 #include "zend_cfg.h"
29 #include "zend_func_info.h"
30 #include "zend_call_graph.h"
31 #include "zend_inference.h"
32 #include "zend_dump.h"
33 #include "php.h"
34
35 #ifndef ZEND_OPTIMIZER_MAX_REGISTERED_PASSES
36 # define ZEND_OPTIMIZER_MAX_REGISTERED_PASSES 32
37 #endif
38
39 struct {
40 zend_optimizer_pass_t pass[ZEND_OPTIMIZER_MAX_REGISTERED_PASSES];
41 int last;
42 } zend_optimizer_registered_passes = {{NULL}, 0};
43
zend_optimizer_collect_constant(zend_optimizer_ctx * ctx,zval * name,zval * value)44 void zend_optimizer_collect_constant(zend_optimizer_ctx *ctx, zval *name, zval* value)
45 {
46 if (!ctx->constants) {
47 ctx->constants = zend_arena_alloc(&ctx->arena, sizeof(HashTable));
48 zend_hash_init(ctx->constants, 16, NULL, zval_ptr_dtor_nogc, 0);
49 }
50
51 if (zend_hash_add(ctx->constants, Z_STR_P(name), value)) {
52 Z_TRY_ADDREF_P(value);
53 }
54 }
55
zend_optimizer_eval_binary_op(zval * result,uint8_t opcode,zval * op1,zval * op2)56 zend_result zend_optimizer_eval_binary_op(zval *result, uint8_t opcode, zval *op1, zval *op2) /* {{{ */
57 {
58 if (zend_binary_op_produces_error(opcode, op1, op2)) {
59 return FAILURE;
60 }
61
62 binary_op_type binary_op = get_binary_op(opcode);
63 return binary_op(result, op1, op2);
64 }
65 /* }}} */
66
zend_optimizer_eval_unary_op(zval * result,uint8_t opcode,zval * op1)67 zend_result zend_optimizer_eval_unary_op(zval *result, uint8_t opcode, zval *op1) /* {{{ */
68 {
69 unary_op_type unary_op = get_unary_op(opcode);
70
71 if (unary_op) {
72 if (zend_unary_op_produces_error(opcode, op1)) {
73 return FAILURE;
74 }
75 return unary_op(result, op1);
76 } else { /* ZEND_BOOL */
77 ZVAL_BOOL(result, zend_is_true(op1));
78 return SUCCESS;
79 }
80 }
81 /* }}} */
82
zend_optimizer_eval_cast(zval * result,uint32_t type,zval * op1)83 zend_result zend_optimizer_eval_cast(zval *result, uint32_t type, zval *op1) /* {{{ */
84 {
85 switch (type) {
86 case IS_NULL:
87 ZVAL_NULL(result);
88 return SUCCESS;
89 case _IS_BOOL:
90 ZVAL_BOOL(result, zval_is_true(op1));
91 return SUCCESS;
92 case IS_LONG:
93 ZVAL_LONG(result, zval_get_long(op1));
94 return SUCCESS;
95 case IS_DOUBLE:
96 ZVAL_DOUBLE(result, zval_get_double(op1));
97 return SUCCESS;
98 case IS_STRING:
99 /* Conversion from double to string takes into account run-time
100 'precision' setting and cannot be evaluated at compile-time */
101 if (Z_TYPE_P(op1) != IS_ARRAY && Z_TYPE_P(op1) != IS_DOUBLE) {
102 ZVAL_STR(result, zval_get_string(op1));
103 return SUCCESS;
104 }
105 break;
106 case IS_ARRAY:
107 ZVAL_COPY(result, op1);
108 convert_to_array(result);
109 return SUCCESS;
110 }
111 return FAILURE;
112 }
113 /* }}} */
114
zend_optimizer_eval_strlen(zval * result,const zval * op1)115 zend_result zend_optimizer_eval_strlen(zval *result, const zval *op1) /* {{{ */
116 {
117 if (Z_TYPE_P(op1) != IS_STRING) {
118 return FAILURE;
119 }
120 ZVAL_LONG(result, Z_STRLEN_P(op1));
121 return SUCCESS;
122 }
123 /* }}} */
124
zend_optimizer_eval_special_func_call(zval * result,zend_string * name,zend_string * arg)125 zend_result zend_optimizer_eval_special_func_call(
126 zval *result, zend_string *name, zend_string *arg) {
127 if (zend_string_equals_literal(name, "function_exists") ||
128 zend_string_equals_literal(name, "is_callable")) {
129 zend_string *lc_name = zend_string_tolower(arg);
130 zend_internal_function *func = zend_hash_find_ptr(EG(function_table), lc_name);
131 zend_string_release_ex(lc_name, 0);
132
133 if (func && func->type == ZEND_INTERNAL_FUNCTION
134 && func->module->type == MODULE_PERSISTENT
135 #ifdef ZEND_WIN32
136 && func->module->handle == NULL
137 #endif
138 ) {
139 ZVAL_TRUE(result);
140 return SUCCESS;
141 }
142 return FAILURE;
143 }
144 if (zend_string_equals_literal(name, "extension_loaded")) {
145 zend_string *lc_name = zend_string_tolower(arg);
146 zend_module_entry *m = zend_hash_find_ptr(&module_registry, lc_name);
147 zend_string_release_ex(lc_name, 0);
148
149 if (!m) {
150 if (PG(enable_dl)) {
151 return FAILURE;
152 }
153 ZVAL_FALSE(result);
154 return SUCCESS;
155 }
156
157 if (m->type == MODULE_PERSISTENT
158 #ifdef ZEND_WIN32
159 && m->handle == NULL
160 #endif
161 ) {
162 ZVAL_TRUE(result);
163 return SUCCESS;
164 }
165 return FAILURE;
166 }
167 if (zend_string_equals_literal(name, "constant")) {
168 return zend_optimizer_get_persistent_constant(arg, result, 1) ? SUCCESS : FAILURE;
169 }
170 if (zend_string_equals_literal(name, "dirname")) {
171 if (!IS_ABSOLUTE_PATH(ZSTR_VAL(arg), ZSTR_LEN(arg))) {
172 return FAILURE;
173 }
174
175 zend_string *dirname = zend_string_init(ZSTR_VAL(arg), ZSTR_LEN(arg), 0);
176 ZSTR_LEN(dirname) = zend_dirname(ZSTR_VAL(dirname), ZSTR_LEN(dirname));
177 if (IS_ABSOLUTE_PATH(ZSTR_VAL(dirname), ZSTR_LEN(dirname))) {
178 ZVAL_STR(result, dirname);
179 return SUCCESS;
180 }
181 zend_string_release_ex(dirname, 0);
182 return FAILURE;
183 }
184 if (zend_string_equals_literal(name, "ini_get")) {
185 zend_ini_entry *ini_entry = zend_hash_find_ptr(EG(ini_directives), arg);
186 if (!ini_entry) {
187 if (PG(enable_dl)) {
188 return FAILURE;
189 }
190 ZVAL_FALSE(result);
191 } else if (ini_entry->modifiable != ZEND_INI_SYSTEM) {
192 return FAILURE;
193 } else if (ini_entry->value) {
194 ZVAL_STR_COPY(result, ini_entry->value);
195 } else {
196 ZVAL_EMPTY_STRING(result);
197 }
198 return SUCCESS;
199 }
200 return FAILURE;
201 }
202
zend_optimizer_get_collected_constant(HashTable * constants,zval * name,zval * value)203 bool zend_optimizer_get_collected_constant(HashTable *constants, zval *name, zval* value)
204 {
205 zval *val;
206
207 if ((val = zend_hash_find(constants, Z_STR_P(name))) != NULL) {
208 ZVAL_COPY(value, val);
209 return 1;
210 }
211 return 0;
212 }
213
zend_optimizer_convert_to_free_op1(zend_op_array * op_array,zend_op * opline)214 void zend_optimizer_convert_to_free_op1(zend_op_array *op_array, zend_op *opline)
215 {
216 if (opline->op1_type == IS_CV) {
217 opline->opcode = ZEND_CHECK_VAR;
218 SET_UNUSED(opline->op2);
219 SET_UNUSED(opline->result);
220 opline->extended_value = 0;
221 } else if (opline->op1_type & (IS_TMP_VAR|IS_VAR)) {
222 opline->opcode = ZEND_FREE;
223 SET_UNUSED(opline->op2);
224 SET_UNUSED(opline->result);
225 opline->extended_value = 0;
226 } else {
227 ZEND_ASSERT(opline->op1_type == IS_CONST);
228 literal_dtor(&ZEND_OP1_LITERAL(opline));
229 MAKE_NOP(opline);
230 }
231 }
232
zend_optimizer_add_literal(zend_op_array * op_array,const zval * zv)233 int zend_optimizer_add_literal(zend_op_array *op_array, const zval *zv)
234 {
235 int i = op_array->last_literal;
236 op_array->last_literal++;
237 op_array->literals = (zval*)erealloc(op_array->literals, op_array->last_literal * sizeof(zval));
238 ZVAL_COPY_VALUE(&op_array->literals[i], zv);
239 Z_EXTRA(op_array->literals[i]) = 0;
240 return i;
241 }
242
zend_optimizer_add_literal_string(zend_op_array * op_array,zend_string * str)243 static inline int zend_optimizer_add_literal_string(zend_op_array *op_array, zend_string *str) {
244 zval zv;
245 ZVAL_STR(&zv, str);
246 zend_string_hash_val(str);
247 return zend_optimizer_add_literal(op_array, &zv);
248 }
249
drop_leading_backslash(zval * val)250 static inline void drop_leading_backslash(zval *val) {
251 if (Z_STRVAL_P(val)[0] == '\\') {
252 zend_string *str = zend_string_init(Z_STRVAL_P(val) + 1, Z_STRLEN_P(val) - 1, 0);
253 zval_ptr_dtor_nogc(val);
254 ZVAL_STR(val, str);
255 }
256 }
257
alloc_cache_slots(zend_op_array * op_array,uint32_t num)258 static inline uint32_t alloc_cache_slots(zend_op_array *op_array, uint32_t num) {
259 uint32_t ret = op_array->cache_size;
260 op_array->cache_size += num * sizeof(void *);
261 return ret;
262 }
263
264 #define REQUIRES_STRING(val) do { \
265 if (Z_TYPE_P(val) != IS_STRING) { \
266 return 0; \
267 } \
268 } while (0)
269
270 #define TO_STRING_NOWARN(val) do { \
271 if (Z_TYPE_P(val) >= IS_ARRAY) { \
272 return 0; \
273 } \
274 convert_to_string(val); \
275 } while (0)
276
zend_optimizer_update_op1_const(zend_op_array * op_array,zend_op * opline,zval * val)277 bool zend_optimizer_update_op1_const(zend_op_array *op_array,
278 zend_op *opline,
279 zval *val)
280 {
281 switch (opline->opcode) {
282 case ZEND_OP_DATA:
283 switch ((opline-1)->opcode) {
284 case ZEND_ASSIGN_OBJ_REF:
285 case ZEND_ASSIGN_STATIC_PROP_REF:
286 return 0;
287 }
288 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
289 break;
290 case ZEND_FREE:
291 case ZEND_CHECK_VAR:
292 MAKE_NOP(opline);
293 zval_ptr_dtor_nogc(val);
294 return 1;
295 case ZEND_SEND_VAR_EX:
296 case ZEND_SEND_FUNC_ARG:
297 case ZEND_FETCH_DIM_W:
298 case ZEND_FETCH_DIM_RW:
299 case ZEND_FETCH_DIM_FUNC_ARG:
300 case ZEND_FETCH_DIM_UNSET:
301 case ZEND_FETCH_LIST_W:
302 case ZEND_ASSIGN_DIM:
303 case ZEND_RETURN_BY_REF:
304 case ZEND_INSTANCEOF:
305 case ZEND_MAKE_REF:
306 case ZEND_SEPARATE:
307 case ZEND_SEND_VAR_NO_REF:
308 case ZEND_SEND_VAR_NO_REF_EX:
309 return 0;
310 case ZEND_CATCH:
311 REQUIRES_STRING(val);
312 drop_leading_backslash(val);
313 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
314 opline->extended_value = alloc_cache_slots(op_array, 1) | (opline->extended_value & ZEND_LAST_CATCH);
315 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
316 break;
317 case ZEND_DEFINED:
318 REQUIRES_STRING(val);
319 drop_leading_backslash(val);
320 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
321 opline->extended_value = alloc_cache_slots(op_array, 1);
322 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
323 break;
324 case ZEND_NEW:
325 REQUIRES_STRING(val);
326 drop_leading_backslash(val);
327 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
328 opline->op2.num = alloc_cache_slots(op_array, 1);
329 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
330 break;
331 case ZEND_INIT_STATIC_METHOD_CALL:
332 REQUIRES_STRING(val);
333 drop_leading_backslash(val);
334 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
335 if (opline->op2_type != IS_CONST) {
336 opline->result.num = alloc_cache_slots(op_array, 1);
337 }
338 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
339 break;
340 case ZEND_FETCH_CLASS_CONSTANT:
341 REQUIRES_STRING(val);
342 drop_leading_backslash(val);
343 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
344 if (opline->op2_type != IS_CONST) {
345 opline->extended_value = alloc_cache_slots(op_array, 1);
346 }
347 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
348 break;
349 case ZEND_ASSIGN_OP:
350 case ZEND_ASSIGN_DIM_OP:
351 case ZEND_ASSIGN_OBJ_OP:
352 break;
353 case ZEND_ASSIGN_STATIC_PROP_OP:
354 case ZEND_ASSIGN_STATIC_PROP:
355 case ZEND_ASSIGN_STATIC_PROP_REF:
356 case ZEND_FETCH_STATIC_PROP_R:
357 case ZEND_FETCH_STATIC_PROP_W:
358 case ZEND_FETCH_STATIC_PROP_RW:
359 case ZEND_FETCH_STATIC_PROP_IS:
360 case ZEND_FETCH_STATIC_PROP_UNSET:
361 case ZEND_FETCH_STATIC_PROP_FUNC_ARG:
362 case ZEND_UNSET_STATIC_PROP:
363 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
364 case ZEND_PRE_INC_STATIC_PROP:
365 case ZEND_PRE_DEC_STATIC_PROP:
366 case ZEND_POST_INC_STATIC_PROP:
367 case ZEND_POST_DEC_STATIC_PROP:
368 TO_STRING_NOWARN(val);
369 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
370 if (opline->op2_type == IS_CONST && (opline->extended_value & ~ZEND_FETCH_OBJ_FLAGS) + sizeof(void*) == op_array->cache_size) {
371 op_array->cache_size += sizeof(void *);
372 } else {
373 opline->extended_value = alloc_cache_slots(op_array, 3) | (opline->extended_value & ZEND_FETCH_OBJ_FLAGS);
374 }
375 break;
376 case ZEND_SEND_VAR:
377 opline->opcode = ZEND_SEND_VAL;
378 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
379 break;
380 case ZEND_CASE:
381 opline->opcode = ZEND_IS_EQUAL;
382 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
383 break;
384 case ZEND_CASE_STRICT:
385 opline->opcode = ZEND_IS_IDENTICAL;
386 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
387 break;
388 case ZEND_VERIFY_RETURN_TYPE:
389 /* This would require a non-local change.
390 * zend_optimizer_replace_by_const() supports this. */
391 return 0;
392 case ZEND_COPY_TMP:
393 case ZEND_FETCH_CLASS_NAME:
394 return 0;
395 case ZEND_ECHO:
396 {
397 zval zv;
398 if (Z_TYPE_P(val) != IS_STRING && zend_optimizer_eval_cast(&zv, IS_STRING, val) == SUCCESS) {
399 zval_ptr_dtor_nogc(val);
400 val = &zv;
401 }
402 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
403 if (Z_TYPE_P(val) == IS_STRING && Z_STRLEN_P(val) == 0) {
404 MAKE_NOP(opline);
405 return 1;
406 }
407 /* TODO: In a subsequent pass, *after* this step and compacting nops, combine consecutive ZEND_ECHOs using the block information from ssa->cfg */
408 /* (e.g. for ext/opcache/tests/opt/sccp_010.phpt) */
409 break;
410 }
411 case ZEND_CONCAT:
412 case ZEND_FAST_CONCAT:
413 case ZEND_FETCH_R:
414 case ZEND_FETCH_W:
415 case ZEND_FETCH_RW:
416 case ZEND_FETCH_IS:
417 case ZEND_FETCH_UNSET:
418 case ZEND_FETCH_FUNC_ARG:
419 case ZEND_ISSET_ISEMPTY_VAR:
420 case ZEND_UNSET_VAR:
421 TO_STRING_NOWARN(val);
422 if (opline->opcode == ZEND_CONCAT && opline->op2_type == IS_CONST) {
423 opline->opcode = ZEND_FAST_CONCAT;
424 }
425 ZEND_FALLTHROUGH;
426 default:
427 opline->op1.constant = zend_optimizer_add_literal(op_array, val);
428 break;
429 }
430
431 opline->op1_type = IS_CONST;
432 if (Z_TYPE(ZEND_OP1_LITERAL(opline)) == IS_STRING) {
433 zend_string_hash_val(Z_STR(ZEND_OP1_LITERAL(opline)));
434 }
435 return 1;
436 }
437
zend_optimizer_update_op2_const(zend_op_array * op_array,zend_op * opline,zval * val)438 bool zend_optimizer_update_op2_const(zend_op_array *op_array,
439 zend_op *opline,
440 zval *val)
441 {
442 zval tmp;
443
444 switch (opline->opcode) {
445 case ZEND_ASSIGN_REF:
446 case ZEND_FAST_CALL:
447 return 0;
448 case ZEND_FETCH_CLASS:
449 case ZEND_INSTANCEOF:
450 REQUIRES_STRING(val);
451 drop_leading_backslash(val);
452 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
453 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
454 opline->extended_value = alloc_cache_slots(op_array, 1);
455 break;
456 case ZEND_INIT_FCALL_BY_NAME:
457 REQUIRES_STRING(val);
458 drop_leading_backslash(val);
459 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
460 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
461 opline->result.num = alloc_cache_slots(op_array, 1);
462 break;
463 case ZEND_ASSIGN_STATIC_PROP:
464 case ZEND_ASSIGN_STATIC_PROP_REF:
465 case ZEND_FETCH_STATIC_PROP_R:
466 case ZEND_FETCH_STATIC_PROP_W:
467 case ZEND_FETCH_STATIC_PROP_RW:
468 case ZEND_FETCH_STATIC_PROP_IS:
469 case ZEND_FETCH_STATIC_PROP_UNSET:
470 case ZEND_FETCH_STATIC_PROP_FUNC_ARG:
471 case ZEND_UNSET_STATIC_PROP:
472 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
473 case ZEND_PRE_INC_STATIC_PROP:
474 case ZEND_PRE_DEC_STATIC_PROP:
475 case ZEND_POST_INC_STATIC_PROP:
476 case ZEND_POST_DEC_STATIC_PROP:
477 case ZEND_ASSIGN_STATIC_PROP_OP:
478 REQUIRES_STRING(val);
479 drop_leading_backslash(val);
480 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
481 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
482 if (opline->op1_type != IS_CONST) {
483 opline->extended_value = alloc_cache_slots(op_array, 1) | (opline->extended_value & (ZEND_RETURNS_FUNCTION|ZEND_ISEMPTY|ZEND_FETCH_OBJ_FLAGS));
484 }
485 break;
486 case ZEND_INIT_FCALL:
487 REQUIRES_STRING(val);
488 if (Z_REFCOUNT_P(val) == 1) {
489 zend_str_tolower(Z_STRVAL_P(val), Z_STRLEN_P(val));
490 } else {
491 ZVAL_STR(&tmp, zend_string_tolower(Z_STR_P(val)));
492 zval_ptr_dtor_nogc(val);
493 val = &tmp;
494 }
495 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
496 opline->result.num = alloc_cache_slots(op_array, 1);
497 break;
498 case ZEND_INIT_DYNAMIC_CALL:
499 if (Z_TYPE_P(val) == IS_STRING) {
500 if (zend_memrchr(Z_STRVAL_P(val), ':', Z_STRLEN_P(val))) {
501 return 0;
502 }
503
504 if (zend_optimizer_classify_function(Z_STR_P(val), opline->extended_value)) {
505 /* Dynamic call to various special functions must stay dynamic,
506 * otherwise would drop a warning */
507 return 0;
508 }
509
510 opline->opcode = ZEND_INIT_FCALL_BY_NAME;
511 drop_leading_backslash(val);
512 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
513 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
514 opline->result.num = alloc_cache_slots(op_array, 1);
515 } else {
516 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
517 }
518 break;
519 case ZEND_INIT_METHOD_CALL:
520 REQUIRES_STRING(val);
521 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
522 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
523 opline->result.num = alloc_cache_slots(op_array, 2);
524 break;
525 case ZEND_INIT_STATIC_METHOD_CALL:
526 REQUIRES_STRING(val);
527 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
528 zend_optimizer_add_literal_string(op_array, zend_string_tolower(Z_STR_P(val)));
529 if (opline->op1_type != IS_CONST) {
530 opline->result.num = alloc_cache_slots(op_array, 2);
531 }
532 break;
533 case ZEND_ASSIGN_OBJ:
534 case ZEND_ASSIGN_OBJ_REF:
535 case ZEND_FETCH_OBJ_R:
536 case ZEND_FETCH_OBJ_W:
537 case ZEND_FETCH_OBJ_RW:
538 case ZEND_FETCH_OBJ_IS:
539 case ZEND_FETCH_OBJ_UNSET:
540 case ZEND_FETCH_OBJ_FUNC_ARG:
541 case ZEND_UNSET_OBJ:
542 case ZEND_PRE_INC_OBJ:
543 case ZEND_PRE_DEC_OBJ:
544 case ZEND_POST_INC_OBJ:
545 case ZEND_POST_DEC_OBJ:
546 TO_STRING_NOWARN(val);
547 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
548 opline->extended_value = alloc_cache_slots(op_array, 3);
549 break;
550 case ZEND_ASSIGN_OBJ_OP:
551 TO_STRING_NOWARN(val);
552 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
553 ZEND_ASSERT((opline + 1)->opcode == ZEND_OP_DATA);
554 (opline + 1)->extended_value = alloc_cache_slots(op_array, 3);
555 break;
556 case ZEND_ISSET_ISEMPTY_PROP_OBJ:
557 TO_STRING_NOWARN(val);
558 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
559 opline->extended_value = alloc_cache_slots(op_array, 3) | (opline->extended_value & ZEND_ISEMPTY);
560 break;
561 case ZEND_ASSIGN_DIM_OP:
562 case ZEND_ISSET_ISEMPTY_DIM_OBJ:
563 case ZEND_ASSIGN_DIM:
564 case ZEND_UNSET_DIM:
565 case ZEND_FETCH_DIM_R:
566 case ZEND_FETCH_DIM_W:
567 case ZEND_FETCH_DIM_RW:
568 case ZEND_FETCH_DIM_IS:
569 case ZEND_FETCH_DIM_FUNC_ARG:
570 case ZEND_FETCH_DIM_UNSET:
571 case ZEND_FETCH_LIST_R:
572 case ZEND_FETCH_LIST_W:
573 if (Z_TYPE_P(val) == IS_STRING) {
574 zend_ulong index;
575
576 if (ZEND_HANDLE_NUMERIC(Z_STR_P(val), index)) {
577 ZVAL_LONG(&tmp, index);
578 opline->op2.constant = zend_optimizer_add_literal(op_array, &tmp);
579 zend_string_hash_val(Z_STR_P(val));
580 zend_optimizer_add_literal(op_array, val);
581 Z_EXTRA(op_array->literals[opline->op2.constant]) = ZEND_EXTRA_VALUE;
582 break;
583 }
584 }
585 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
586 break;
587 case ZEND_ADD_ARRAY_ELEMENT:
588 case ZEND_INIT_ARRAY:
589 if (Z_TYPE_P(val) == IS_STRING) {
590 zend_ulong index;
591 if (ZEND_HANDLE_NUMERIC(Z_STR_P(val), index)) {
592 zval_ptr_dtor_nogc(val);
593 ZVAL_LONG(val, index);
594 }
595 }
596 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
597 break;
598 case ZEND_ROPE_INIT:
599 case ZEND_ROPE_ADD:
600 case ZEND_ROPE_END:
601 case ZEND_CONCAT:
602 case ZEND_FAST_CONCAT:
603 TO_STRING_NOWARN(val);
604 if (opline->opcode == ZEND_CONCAT && opline->op1_type == IS_CONST) {
605 opline->opcode = ZEND_FAST_CONCAT;
606 }
607 ZEND_FALLTHROUGH;
608 default:
609 opline->op2.constant = zend_optimizer_add_literal(op_array, val);
610 break;
611 }
612
613 opline->op2_type = IS_CONST;
614 if (Z_TYPE(ZEND_OP2_LITERAL(opline)) == IS_STRING) {
615 zend_string_hash_val(Z_STR(ZEND_OP2_LITERAL(opline)));
616 }
617 return 1;
618 }
619
zend_optimizer_replace_by_const(zend_op_array * op_array,zend_op * opline,uint8_t type,uint32_t var,zval * val)620 bool zend_optimizer_replace_by_const(zend_op_array *op_array,
621 zend_op *opline,
622 uint8_t type,
623 uint32_t var,
624 zval *val)
625 {
626 zend_op *end = op_array->opcodes + op_array->last;
627
628 while (opline < end) {
629 if (opline->op1_type == type &&
630 opline->op1.var == var) {
631 switch (opline->opcode) {
632 /* In most cases IS_TMP_VAR operand may be used only once.
633 * The operands are usually destroyed by the opcode handler.
634 * However, there are some exception which keep the operand alive. In that case
635 * we want to try to replace all uses of the temporary.
636 */
637 case ZEND_FETCH_LIST_R:
638 case ZEND_CASE:
639 case ZEND_CASE_STRICT:
640 case ZEND_SWITCH_LONG:
641 case ZEND_SWITCH_STRING:
642 case ZEND_MATCH:
643 case ZEND_JMP_NULL: {
644 zend_op *end = op_array->opcodes + op_array->last;
645 while (opline < end) {
646 if (opline->op1_type == type && opline->op1.var == var) {
647 /* If this opcode doesn't keep the operand alive, we're done. Check
648 * this early, because op replacement may modify the opline. */
649 bool is_last = opline->opcode != ZEND_FETCH_LIST_R
650 && opline->opcode != ZEND_CASE
651 && opline->opcode != ZEND_CASE_STRICT
652 && opline->opcode != ZEND_SWITCH_LONG
653 && opline->opcode != ZEND_SWITCH_STRING
654 && opline->opcode != ZEND_MATCH
655 && opline->opcode != ZEND_JMP_NULL
656 && (opline->opcode != ZEND_FREE
657 || opline->extended_value != ZEND_FREE_ON_RETURN);
658
659 Z_TRY_ADDREF_P(val);
660 if (!zend_optimizer_update_op1_const(op_array, opline, val)) {
661 zval_ptr_dtor(val);
662 return 0;
663 }
664 if (is_last) {
665 break;
666 }
667 }
668 opline++;
669 }
670 zval_ptr_dtor_nogc(val);
671 return 1;
672 }
673 case ZEND_VERIFY_RETURN_TYPE: {
674 zend_arg_info *ret_info = op_array->arg_info - 1;
675 if (!ZEND_TYPE_CONTAINS_CODE(ret_info->type, Z_TYPE_P(val))
676 || (op_array->fn_flags & ZEND_ACC_RETURN_REFERENCE)) {
677 return 0;
678 }
679 MAKE_NOP(opline);
680
681 /* zend_handle_loops_and_finally may inserts other oplines */
682 do {
683 ++opline;
684 } while (opline->opcode != ZEND_RETURN && opline->opcode != ZEND_RETURN_BY_REF);
685 ZEND_ASSERT(opline->op1.var == var);
686
687 break;
688 }
689 default:
690 break;
691 }
692 return zend_optimizer_update_op1_const(op_array, opline, val);
693 }
694
695 if (opline->op2_type == type &&
696 opline->op2.var == var) {
697 return zend_optimizer_update_op2_const(op_array, opline, val);
698 }
699 opline++;
700 }
701
702 return 1;
703 }
704
705 /* Update jump offsets after a jump was migrated to another opline */
zend_optimizer_migrate_jump(zend_op_array * op_array,zend_op * new_opline,zend_op * opline)706 void zend_optimizer_migrate_jump(zend_op_array *op_array, zend_op *new_opline, zend_op *opline) {
707 switch (new_opline->opcode) {
708 case ZEND_JMP:
709 case ZEND_FAST_CALL:
710 ZEND_SET_OP_JMP_ADDR(new_opline, new_opline->op1, ZEND_OP1_JMP_ADDR(opline));
711 break;
712 case ZEND_JMPZ:
713 case ZEND_JMPNZ:
714 case ZEND_JMPZ_EX:
715 case ZEND_JMPNZ_EX:
716 case ZEND_FE_RESET_R:
717 case ZEND_FE_RESET_RW:
718 case ZEND_JMP_SET:
719 case ZEND_COALESCE:
720 case ZEND_ASSERT_CHECK:
721 case ZEND_JMP_NULL:
722 case ZEND_BIND_INIT_STATIC_OR_JMP:
723 ZEND_SET_OP_JMP_ADDR(new_opline, new_opline->op2, ZEND_OP2_JMP_ADDR(opline));
724 break;
725 case ZEND_FE_FETCH_R:
726 case ZEND_FE_FETCH_RW:
727 new_opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, new_opline, ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value));
728 break;
729 case ZEND_CATCH:
730 if (!(opline->extended_value & ZEND_LAST_CATCH)) {
731 ZEND_SET_OP_JMP_ADDR(new_opline, new_opline->op2, ZEND_OP2_JMP_ADDR(opline));
732 }
733 break;
734 case ZEND_SWITCH_LONG:
735 case ZEND_SWITCH_STRING:
736 case ZEND_MATCH:
737 {
738 HashTable *jumptable = Z_ARRVAL(ZEND_OP2_LITERAL(opline));
739 zval *zv;
740 ZEND_HASH_FOREACH_VAL(jumptable, zv) {
741 Z_LVAL_P(zv) = ZEND_OPLINE_NUM_TO_OFFSET(op_array, new_opline, ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, Z_LVAL_P(zv)));
742 } ZEND_HASH_FOREACH_END();
743 new_opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, new_opline, ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value));
744 break;
745 }
746 }
747 }
748
749 /* Shift jump offsets based on shiftlist */
zend_optimizer_shift_jump(zend_op_array * op_array,zend_op * opline,uint32_t * shiftlist)750 void zend_optimizer_shift_jump(zend_op_array *op_array, zend_op *opline, uint32_t *shiftlist) {
751 switch (opline->opcode) {
752 case ZEND_JMP:
753 case ZEND_FAST_CALL:
754 ZEND_SET_OP_JMP_ADDR(opline, opline->op1, ZEND_OP1_JMP_ADDR(opline) - shiftlist[ZEND_OP1_JMP_ADDR(opline) - op_array->opcodes]);
755 break;
756 case ZEND_JMPZ:
757 case ZEND_JMPNZ:
758 case ZEND_JMPZ_EX:
759 case ZEND_JMPNZ_EX:
760 case ZEND_FE_RESET_R:
761 case ZEND_FE_RESET_RW:
762 case ZEND_JMP_SET:
763 case ZEND_COALESCE:
764 case ZEND_ASSERT_CHECK:
765 case ZEND_JMP_NULL:
766 case ZEND_BIND_INIT_STATIC_OR_JMP:
767 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP2_JMP_ADDR(opline) - shiftlist[ZEND_OP2_JMP_ADDR(opline) - op_array->opcodes]);
768 break;
769 case ZEND_CATCH:
770 if (!(opline->extended_value & ZEND_LAST_CATCH)) {
771 ZEND_SET_OP_JMP_ADDR(opline, opline->op2, ZEND_OP2_JMP_ADDR(opline) - shiftlist[ZEND_OP2_JMP_ADDR(opline) - op_array->opcodes]);
772 }
773 break;
774 case ZEND_FE_FETCH_R:
775 case ZEND_FE_FETCH_RW:
776 opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value) - shiftlist[ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value)]);
777 break;
778 case ZEND_SWITCH_LONG:
779 case ZEND_SWITCH_STRING:
780 case ZEND_MATCH:
781 {
782 HashTable *jumptable = Z_ARRVAL(ZEND_OP2_LITERAL(opline));
783 zval *zv;
784 ZEND_HASH_FOREACH_VAL(jumptable, zv) {
785 Z_LVAL_P(zv) = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, Z_LVAL_P(zv)) - shiftlist[ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, Z_LVAL_P(zv))]);
786 } ZEND_HASH_FOREACH_END();
787 opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value) - shiftlist[ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value)]);
788 break;
789 }
790 }
791 }
792
zend_optimizer_get_class_entry(const zend_script * script,const zend_op_array * op_array,zend_string * lcname)793 zend_class_entry *zend_optimizer_get_class_entry(
794 const zend_script *script, const zend_op_array *op_array, zend_string *lcname) {
795 zend_class_entry *ce = script ? zend_hash_find_ptr(&script->class_table, lcname) : NULL;
796 if (ce) {
797 return ce;
798 }
799
800 ce = zend_hash_find_ptr(CG(class_table), lcname);
801 if (ce
802 && (ce->type == ZEND_INTERNAL_CLASS
803 || (op_array && ce->info.user.filename == op_array->filename))) {
804 return ce;
805 }
806
807 if (op_array && op_array->scope && zend_string_equals_ci(op_array->scope->name, lcname)) {
808 return op_array->scope;
809 }
810
811 return NULL;
812 }
813
zend_optimizer_get_class_entry_from_op1(const zend_script * script,const zend_op_array * op_array,const zend_op * opline)814 zend_class_entry *zend_optimizer_get_class_entry_from_op1(
815 const zend_script *script, const zend_op_array *op_array, const zend_op *opline) {
816 if (opline->op1_type == IS_CONST) {
817 zval *op1 = CRT_CONSTANT(opline->op1);
818 if (Z_TYPE_P(op1) == IS_STRING) {
819 return zend_optimizer_get_class_entry(script, op_array, Z_STR_P(op1 + 1));
820 }
821 } else if (opline->op1_type == IS_UNUSED && op_array->scope
822 && !(op_array->scope->ce_flags & ZEND_ACC_TRAIT)
823 && (opline->op1.num & ZEND_FETCH_CLASS_MASK) == ZEND_FETCH_CLASS_SELF) {
824 return op_array->scope;
825 }
826 return NULL;
827 }
828
zend_optimizer_get_called_func(zend_script * script,zend_op_array * op_array,zend_op * opline,bool * is_prototype)829 zend_function *zend_optimizer_get_called_func(
830 zend_script *script, zend_op_array *op_array, zend_op *opline, bool *is_prototype)
831 {
832 *is_prototype = 0;
833 switch (opline->opcode) {
834 case ZEND_INIT_FCALL:
835 {
836 zend_string *function_name = Z_STR_P(CRT_CONSTANT(opline->op2));
837 zend_function *func;
838 if (script && (func = zend_hash_find_ptr(&script->function_table, function_name)) != NULL) {
839 return func;
840 } else if ((func = zend_hash_find_ptr(EG(function_table), function_name)) != NULL) {
841 if (func->type == ZEND_INTERNAL_FUNCTION) {
842 return func;
843 } else if (func->type == ZEND_USER_FUNCTION &&
844 func->op_array.filename &&
845 func->op_array.filename == op_array->filename) {
846 return func;
847 }
848 }
849 break;
850 }
851 case ZEND_INIT_FCALL_BY_NAME:
852 case ZEND_INIT_NS_FCALL_BY_NAME:
853 if (opline->op2_type == IS_CONST && Z_TYPE_P(CRT_CONSTANT(opline->op2)) == IS_STRING) {
854 zval *function_name = CRT_CONSTANT(opline->op2) + 1;
855 zend_function *func;
856 if (script && (func = zend_hash_find_ptr(&script->function_table, Z_STR_P(function_name)))) {
857 return func;
858 } else if ((func = zend_hash_find_ptr(EG(function_table), Z_STR_P(function_name))) != NULL) {
859 if (func->type == ZEND_INTERNAL_FUNCTION) {
860 return func;
861 } else if (func->type == ZEND_USER_FUNCTION &&
862 func->op_array.filename &&
863 func->op_array.filename == op_array->filename) {
864 return func;
865 }
866 }
867 }
868 break;
869 case ZEND_INIT_STATIC_METHOD_CALL:
870 if (opline->op2_type == IS_CONST && Z_TYPE_P(CRT_CONSTANT(opline->op2)) == IS_STRING) {
871 zend_class_entry *ce = zend_optimizer_get_class_entry_from_op1(
872 script, op_array, opline);
873 if (ce) {
874 zend_string *func_name = Z_STR_P(CRT_CONSTANT(opline->op2) + 1);
875 zend_function *fbc = zend_hash_find_ptr(&ce->function_table, func_name);
876 if (fbc) {
877 bool is_public = (fbc->common.fn_flags & ZEND_ACC_PUBLIC) != 0;
878 bool same_scope = fbc->common.scope == op_array->scope;
879 if (is_public || same_scope) {
880 return fbc;
881 }
882 }
883 }
884 }
885 break;
886 case ZEND_INIT_METHOD_CALL:
887 if (opline->op1_type == IS_UNUSED
888 && opline->op2_type == IS_CONST && Z_TYPE_P(CRT_CONSTANT(opline->op2)) == IS_STRING
889 && op_array->scope
890 && !(op_array->fn_flags & ZEND_ACC_TRAIT_CLONE)
891 && !(op_array->scope->ce_flags & ZEND_ACC_TRAIT)) {
892 zend_string *method_name = Z_STR_P(CRT_CONSTANT(opline->op2) + 1);
893 zend_function *fbc = zend_hash_find_ptr(
894 &op_array->scope->function_table, method_name);
895 if (fbc) {
896 bool is_private = (fbc->common.fn_flags & ZEND_ACC_PRIVATE) != 0;
897 if (is_private) {
898 /* Only use private method if in the same scope. We can't even use it
899 * as a prototype, as it may be overridden with changed signature. */
900 bool same_scope = fbc->common.scope == op_array->scope;
901 return same_scope ? fbc : NULL;
902 }
903 /* Prototype methods are potentially overridden. fbc still contains useful type information.
904 * Some optimizations may not be applied, like inlining or inferring the send-mode of superfluous args.
905 * A method cannot be overridden if the class or method is final. */
906 if ((fbc->common.fn_flags & ZEND_ACC_FINAL) == 0 &&
907 (fbc->common.scope->ce_flags & ZEND_ACC_FINAL) == 0) {
908 *is_prototype = true;
909 }
910 return fbc;
911 }
912 }
913 break;
914 case ZEND_NEW:
915 {
916 zend_class_entry *ce = zend_optimizer_get_class_entry_from_op1(
917 script, op_array, opline);
918 if (ce && ce->type == ZEND_USER_CLASS) {
919 return ce->constructor;
920 }
921 break;
922 }
923 }
924 return NULL;
925 }
926
zend_optimizer_classify_function(zend_string * name,uint32_t num_args)927 uint32_t zend_optimizer_classify_function(zend_string *name, uint32_t num_args) {
928 if (zend_string_equals_literal(name, "extract")) {
929 return ZEND_FUNC_INDIRECT_VAR_ACCESS;
930 } else if (zend_string_equals_literal(name, "compact")) {
931 return ZEND_FUNC_INDIRECT_VAR_ACCESS;
932 } else if (zend_string_equals_literal(name, "get_defined_vars")) {
933 return ZEND_FUNC_INDIRECT_VAR_ACCESS;
934 } else if (zend_string_equals_literal(name, "db2_execute")) {
935 return ZEND_FUNC_INDIRECT_VAR_ACCESS;
936 } else if (zend_string_equals_literal(name, "func_num_args")) {
937 return ZEND_FUNC_VARARG;
938 } else if (zend_string_equals_literal(name, "func_get_arg")) {
939 return ZEND_FUNC_VARARG;
940 } else if (zend_string_equals_literal(name, "func_get_args")) {
941 return ZEND_FUNC_VARARG;
942 } else {
943 return 0;
944 }
945 }
946
zend_optimizer_get_loop_var_def(const zend_op_array * op_array,zend_op * free_opline)947 zend_op *zend_optimizer_get_loop_var_def(const zend_op_array *op_array, zend_op *free_opline) {
948 uint32_t var = free_opline->op1.var;
949 ZEND_ASSERT(zend_optimizer_is_loop_var_free(free_opline));
950
951 while (--free_opline >= op_array->opcodes) {
952 if ((free_opline->result_type & (IS_TMP_VAR|IS_VAR)) && free_opline->result.var == var) {
953 return free_opline;
954 }
955 }
956 return NULL;
957 }
958
zend_optimize(zend_op_array * op_array,zend_optimizer_ctx * ctx)959 static void zend_optimize(zend_op_array *op_array,
960 zend_optimizer_ctx *ctx)
961 {
962 if (op_array->type == ZEND_EVAL_CODE) {
963 return;
964 }
965
966 if (ctx->debug_level & ZEND_DUMP_BEFORE_OPTIMIZER) {
967 zend_dump_op_array(op_array, ZEND_DUMP_LIVE_RANGES, "before optimizer", NULL);
968 }
969
970 /* pass 1 (Simple local optimizations)
971 * - persistent constant substitution (true, false, null, etc)
972 * - constant casting (ADD expects numbers, CONCAT strings, etc)
973 * - constant expression evaluation
974 * - optimize constant conditional JMPs
975 * - pre-evaluate constant function calls
976 * - eliminate FETCH $GLOBALS followed by FETCH_DIM/UNSET_DIM/ISSET_ISEMPTY_DIM
977 */
978 if (ZEND_OPTIMIZER_PASS_1 & ctx->optimization_level) {
979 zend_optimizer_pass1(op_array, ctx);
980 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_1) {
981 zend_dump_op_array(op_array, 0, "after pass 1", NULL);
982 }
983 }
984
985 /* pass 3: (Jump optimization)
986 * - optimize series of JMPs
987 */
988 if (ZEND_OPTIMIZER_PASS_3 & ctx->optimization_level) {
989 zend_optimizer_pass3(op_array, ctx);
990 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_3) {
991 zend_dump_op_array(op_array, 0, "after pass 3", NULL);
992 }
993 }
994
995 /* pass 4:
996 * - INIT_FCALL_BY_NAME -> DO_FCALL
997 */
998 if (ZEND_OPTIMIZER_PASS_4 & ctx->optimization_level) {
999 zend_optimize_func_calls(op_array, ctx);
1000 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_4) {
1001 zend_dump_op_array(op_array, 0, "after pass 4", NULL);
1002 }
1003 }
1004
1005 /* pass 5:
1006 * - CFG optimization
1007 */
1008 if (ZEND_OPTIMIZER_PASS_5 & ctx->optimization_level) {
1009 zend_optimize_cfg(op_array, ctx);
1010 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_5) {
1011 zend_dump_op_array(op_array, 0, "after pass 5", NULL);
1012 }
1013 }
1014
1015 /* pass 6:
1016 * - DFA optimization
1017 */
1018 if ((ZEND_OPTIMIZER_PASS_6 & ctx->optimization_level) &&
1019 !(ZEND_OPTIMIZER_PASS_7 & ctx->optimization_level)) {
1020 zend_optimize_dfa(op_array, ctx);
1021 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_6) {
1022 zend_dump_op_array(op_array, 0, "after pass 6", NULL);
1023 }
1024 }
1025
1026 /* pass 9:
1027 * - Optimize temp variables usage
1028 */
1029 if ((ZEND_OPTIMIZER_PASS_9 & ctx->optimization_level) &&
1030 !(ZEND_OPTIMIZER_PASS_7 & ctx->optimization_level)) {
1031 zend_optimize_temporary_variables(op_array, ctx);
1032 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_9) {
1033 zend_dump_op_array(op_array, 0, "after pass 9", NULL);
1034 }
1035 }
1036
1037 /* pass 10:
1038 * - remove NOPs
1039 */
1040 if (((ZEND_OPTIMIZER_PASS_10|ZEND_OPTIMIZER_PASS_5) & ctx->optimization_level) == ZEND_OPTIMIZER_PASS_10) {
1041 zend_optimizer_nop_removal(op_array, ctx);
1042 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_10) {
1043 zend_dump_op_array(op_array, 0, "after pass 10", NULL);
1044 }
1045 }
1046
1047 /* pass 11:
1048 * - Compact literals table
1049 */
1050 if ((ZEND_OPTIMIZER_PASS_11 & ctx->optimization_level) &&
1051 (!(ZEND_OPTIMIZER_PASS_6 & ctx->optimization_level) ||
1052 !(ZEND_OPTIMIZER_PASS_7 & ctx->optimization_level))) {
1053 zend_optimizer_compact_literals(op_array, ctx);
1054 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_11) {
1055 zend_dump_op_array(op_array, 0, "after pass 11", NULL);
1056 }
1057 }
1058
1059 if ((ZEND_OPTIMIZER_PASS_13 & ctx->optimization_level) &&
1060 (!(ZEND_OPTIMIZER_PASS_6 & ctx->optimization_level) ||
1061 !(ZEND_OPTIMIZER_PASS_7 & ctx->optimization_level))) {
1062 zend_optimizer_compact_vars(op_array);
1063 if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_13) {
1064 zend_dump_op_array(op_array, 0, "after pass 13", NULL);
1065 }
1066 }
1067
1068 if (ZEND_OPTIMIZER_PASS_7 & ctx->optimization_level) {
1069 return;
1070 }
1071
1072 if (ctx->debug_level & ZEND_DUMP_AFTER_OPTIMIZER) {
1073 zend_dump_op_array(op_array, 0, "after optimizer", NULL);
1074 }
1075 }
1076
zend_revert_pass_two(zend_op_array * op_array)1077 static void zend_revert_pass_two(zend_op_array *op_array)
1078 {
1079 zend_op *opline, *end;
1080
1081 ZEND_ASSERT((op_array->fn_flags & ZEND_ACC_DONE_PASS_TWO) != 0);
1082
1083 opline = op_array->opcodes;
1084 end = opline + op_array->last;
1085 while (opline < end) {
1086 if (opline->op1_type == IS_CONST) {
1087 ZEND_PASS_TWO_UNDO_CONSTANT(op_array, opline, opline->op1);
1088 }
1089 if (opline->op2_type == IS_CONST) {
1090 ZEND_PASS_TWO_UNDO_CONSTANT(op_array, opline, opline->op2);
1091 }
1092 /* reset smart branch flags IS_SMART_BRANCH_JMP[N]Z */
1093 opline->result_type &= (IS_TMP_VAR|IS_VAR|IS_CV|IS_CONST);
1094 opline++;
1095 }
1096 #if !ZEND_USE_ABS_CONST_ADDR
1097 if (op_array->literals) {
1098 zval *literals = emalloc(sizeof(zval) * op_array->last_literal);
1099 memcpy(literals, op_array->literals, sizeof(zval) * op_array->last_literal);
1100 op_array->literals = literals;
1101 }
1102 #endif
1103
1104 op_array->fn_flags &= ~ZEND_ACC_DONE_PASS_TWO;
1105 }
1106
zend_redo_pass_two(zend_op_array * op_array)1107 static void zend_redo_pass_two(zend_op_array *op_array)
1108 {
1109 zend_op *opline, *end;
1110 #if ZEND_USE_ABS_JMP_ADDR && !ZEND_USE_ABS_CONST_ADDR
1111 zend_op *old_opcodes = op_array->opcodes;
1112 #endif
1113
1114 ZEND_ASSERT((op_array->fn_flags & ZEND_ACC_DONE_PASS_TWO) == 0);
1115
1116 #if !ZEND_USE_ABS_CONST_ADDR
1117 if (op_array->last_literal) {
1118 op_array->opcodes = (zend_op *) erealloc(op_array->opcodes,
1119 ZEND_MM_ALIGNED_SIZE_EX(sizeof(zend_op) * op_array->last, 16) +
1120 sizeof(zval) * op_array->last_literal);
1121 memcpy(((char*)op_array->opcodes) + ZEND_MM_ALIGNED_SIZE_EX(sizeof(zend_op) * op_array->last, 16),
1122 op_array->literals, sizeof(zval) * op_array->last_literal);
1123 efree(op_array->literals);
1124 op_array->literals = (zval*)(((char*)op_array->opcodes) + ZEND_MM_ALIGNED_SIZE_EX(sizeof(zend_op) * op_array->last, 16));
1125 } else {
1126 if (op_array->literals) {
1127 efree(op_array->literals);
1128 }
1129 op_array->literals = NULL;
1130 }
1131 #endif
1132
1133 opline = op_array->opcodes;
1134 end = opline + op_array->last;
1135 while (opline < end) {
1136 if (opline->op1_type == IS_CONST) {
1137 ZEND_PASS_TWO_UPDATE_CONSTANT(op_array, opline, opline->op1);
1138 }
1139 if (opline->op2_type == IS_CONST) {
1140 ZEND_PASS_TWO_UPDATE_CONSTANT(op_array, opline, opline->op2);
1141 }
1142 /* fix jumps to point to new array */
1143 switch (opline->opcode) {
1144 #if ZEND_USE_ABS_JMP_ADDR && !ZEND_USE_ABS_CONST_ADDR
1145 case ZEND_JMP:
1146 case ZEND_FAST_CALL:
1147 opline->op1.jmp_addr = &op_array->opcodes[opline->op1.jmp_addr - old_opcodes];
1148 break;
1149 case ZEND_JMPZ:
1150 case ZEND_JMPNZ:
1151 case ZEND_JMPZ_EX:
1152 case ZEND_JMPNZ_EX:
1153 case ZEND_JMP_SET:
1154 case ZEND_COALESCE:
1155 case ZEND_FE_RESET_R:
1156 case ZEND_FE_RESET_RW:
1157 case ZEND_ASSERT_CHECK:
1158 case ZEND_JMP_NULL:
1159 case ZEND_BIND_INIT_STATIC_OR_JMP:
1160 opline->op2.jmp_addr = &op_array->opcodes[opline->op2.jmp_addr - old_opcodes];
1161 break;
1162 case ZEND_CATCH:
1163 if (!(opline->extended_value & ZEND_LAST_CATCH)) {
1164 opline->op2.jmp_addr = &op_array->opcodes[opline->op2.jmp_addr - old_opcodes];
1165 }
1166 break;
1167 case ZEND_FE_FETCH_R:
1168 case ZEND_FE_FETCH_RW:
1169 case ZEND_SWITCH_LONG:
1170 case ZEND_SWITCH_STRING:
1171 case ZEND_MATCH:
1172 /* relative extended_value don't have to be changed */
1173 break;
1174 #endif
1175 case ZEND_IS_IDENTICAL:
1176 case ZEND_IS_NOT_IDENTICAL:
1177 case ZEND_IS_EQUAL:
1178 case ZEND_IS_NOT_EQUAL:
1179 case ZEND_IS_SMALLER:
1180 case ZEND_IS_SMALLER_OR_EQUAL:
1181 case ZEND_CASE:
1182 case ZEND_CASE_STRICT:
1183 case ZEND_ISSET_ISEMPTY_CV:
1184 case ZEND_ISSET_ISEMPTY_VAR:
1185 case ZEND_ISSET_ISEMPTY_DIM_OBJ:
1186 case ZEND_ISSET_ISEMPTY_PROP_OBJ:
1187 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
1188 case ZEND_INSTANCEOF:
1189 case ZEND_TYPE_CHECK:
1190 case ZEND_DEFINED:
1191 case ZEND_IN_ARRAY:
1192 case ZEND_ARRAY_KEY_EXISTS:
1193 if (opline->result_type & IS_TMP_VAR) {
1194 /* reinitialize result_type of smart branch instructions */
1195 if (opline + 1 < end) {
1196 if ((opline+1)->opcode == ZEND_JMPZ
1197 && (opline+1)->op1_type == IS_TMP_VAR
1198 && (opline+1)->op1.var == opline->result.var) {
1199 opline->result_type = IS_SMART_BRANCH_JMPZ | IS_TMP_VAR;
1200 } else if ((opline+1)->opcode == ZEND_JMPNZ
1201 && (opline+1)->op1_type == IS_TMP_VAR
1202 && (opline+1)->op1.var == opline->result.var) {
1203 opline->result_type = IS_SMART_BRANCH_JMPNZ | IS_TMP_VAR;
1204 }
1205 }
1206 }
1207 break;
1208 }
1209 ZEND_VM_SET_OPCODE_HANDLER(opline);
1210 opline++;
1211 }
1212
1213 op_array->fn_flags |= ZEND_ACC_DONE_PASS_TWO;
1214 }
1215
zend_redo_pass_two_ex(zend_op_array * op_array,zend_ssa * ssa)1216 static void zend_redo_pass_two_ex(zend_op_array *op_array, zend_ssa *ssa)
1217 {
1218 zend_op *opline, *end;
1219 #if ZEND_USE_ABS_JMP_ADDR && !ZEND_USE_ABS_CONST_ADDR
1220 zend_op *old_opcodes = op_array->opcodes;
1221 #endif
1222
1223 ZEND_ASSERT((op_array->fn_flags & ZEND_ACC_DONE_PASS_TWO) == 0);
1224
1225 #if !ZEND_USE_ABS_CONST_ADDR
1226 if (op_array->last_literal) {
1227 op_array->opcodes = (zend_op *) erealloc(op_array->opcodes,
1228 ZEND_MM_ALIGNED_SIZE_EX(sizeof(zend_op) * op_array->last, 16) +
1229 sizeof(zval) * op_array->last_literal);
1230 memcpy(((char*)op_array->opcodes) + ZEND_MM_ALIGNED_SIZE_EX(sizeof(zend_op) * op_array->last, 16),
1231 op_array->literals, sizeof(zval) * op_array->last_literal);
1232 efree(op_array->literals);
1233 op_array->literals = (zval*)(((char*)op_array->opcodes) + ZEND_MM_ALIGNED_SIZE_EX(sizeof(zend_op) * op_array->last, 16));
1234 } else {
1235 if (op_array->literals) {
1236 efree(op_array->literals);
1237 }
1238 op_array->literals = NULL;
1239 }
1240 #endif
1241
1242 opline = op_array->opcodes;
1243 end = opline + op_array->last;
1244 while (opline < end) {
1245 zend_ssa_op *ssa_op = &ssa->ops[opline - op_array->opcodes];
1246 uint32_t op1_info = opline->op1_type == IS_UNUSED ? 0 : (OP1_INFO() & (MAY_BE_UNDEF|MAY_BE_ANY|MAY_BE_REF|MAY_BE_ARRAY_OF_ANY|MAY_BE_ARRAY_KEY_ANY));
1247 uint32_t op2_info = opline->op1_type == IS_UNUSED ? 0 : (OP2_INFO() & (MAY_BE_UNDEF|MAY_BE_ANY|MAY_BE_REF|MAY_BE_ARRAY_OF_ANY|MAY_BE_ARRAY_KEY_ANY));
1248 uint32_t res_info =
1249 (opline->opcode == ZEND_PRE_INC ||
1250 opline->opcode == ZEND_PRE_DEC ||
1251 opline->opcode == ZEND_POST_INC ||
1252 opline->opcode == ZEND_POST_DEC) ?
1253 ((ssa->ops[opline - op_array->opcodes].op1_def >= 0) ? (OP1_DEF_INFO() & (MAY_BE_UNDEF|MAY_BE_ANY|MAY_BE_REF|MAY_BE_ARRAY_OF_ANY|MAY_BE_ARRAY_KEY_ANY)) : MAY_BE_ANY) :
1254 (opline->result_type == IS_UNUSED ? 0 : (RES_INFO() & (MAY_BE_UNDEF|MAY_BE_ANY|MAY_BE_REF|MAY_BE_ARRAY_OF_ANY|MAY_BE_ARRAY_KEY_ANY)));
1255
1256 if (opline->op1_type == IS_CONST) {
1257 ZEND_PASS_TWO_UPDATE_CONSTANT(op_array, opline, opline->op1);
1258 }
1259 if (opline->op2_type == IS_CONST) {
1260 ZEND_PASS_TWO_UPDATE_CONSTANT(op_array, opline, opline->op2);
1261 }
1262
1263 /* fix jumps to point to new array */
1264 switch (opline->opcode) {
1265 #if ZEND_USE_ABS_JMP_ADDR && !ZEND_USE_ABS_CONST_ADDR
1266 case ZEND_JMP:
1267 case ZEND_FAST_CALL:
1268 opline->op1.jmp_addr = &op_array->opcodes[opline->op1.jmp_addr - old_opcodes];
1269 break;
1270 case ZEND_JMPZ:
1271 case ZEND_JMPNZ:
1272 case ZEND_JMPZ_EX:
1273 case ZEND_JMPNZ_EX:
1274 case ZEND_JMP_SET:
1275 case ZEND_COALESCE:
1276 case ZEND_FE_RESET_R:
1277 case ZEND_FE_RESET_RW:
1278 case ZEND_ASSERT_CHECK:
1279 case ZEND_JMP_NULL:
1280 case ZEND_BIND_INIT_STATIC_OR_JMP:
1281 opline->op2.jmp_addr = &op_array->opcodes[opline->op2.jmp_addr - old_opcodes];
1282 break;
1283 case ZEND_CATCH:
1284 if (!(opline->extended_value & ZEND_LAST_CATCH)) {
1285 opline->op2.jmp_addr = &op_array->opcodes[opline->op2.jmp_addr - old_opcodes];
1286 }
1287 break;
1288 case ZEND_FE_FETCH_R:
1289 case ZEND_FE_FETCH_RW:
1290 case ZEND_SWITCH_LONG:
1291 case ZEND_SWITCH_STRING:
1292 case ZEND_MATCH:
1293 /* relative extended_value don't have to be changed */
1294 break;
1295 #endif
1296 case ZEND_IS_IDENTICAL:
1297 case ZEND_IS_NOT_IDENTICAL:
1298 case ZEND_IS_EQUAL:
1299 case ZEND_IS_NOT_EQUAL:
1300 case ZEND_IS_SMALLER:
1301 case ZEND_IS_SMALLER_OR_EQUAL:
1302 case ZEND_CASE:
1303 case ZEND_CASE_STRICT:
1304 case ZEND_ISSET_ISEMPTY_CV:
1305 case ZEND_ISSET_ISEMPTY_VAR:
1306 case ZEND_ISSET_ISEMPTY_DIM_OBJ:
1307 case ZEND_ISSET_ISEMPTY_PROP_OBJ:
1308 case ZEND_ISSET_ISEMPTY_STATIC_PROP:
1309 case ZEND_INSTANCEOF:
1310 case ZEND_TYPE_CHECK:
1311 case ZEND_DEFINED:
1312 case ZEND_IN_ARRAY:
1313 case ZEND_ARRAY_KEY_EXISTS:
1314 if (opline->result_type & IS_TMP_VAR) {
1315 /* reinitialize result_type of smart branch instructions */
1316 if (opline + 1 < end) {
1317 if ((opline+1)->opcode == ZEND_JMPZ
1318 && (opline+1)->op1_type == IS_TMP_VAR
1319 && (opline+1)->op1.var == opline->result.var) {
1320 opline->result_type = IS_SMART_BRANCH_JMPZ | IS_TMP_VAR;
1321 } else if ((opline+1)->opcode == ZEND_JMPNZ
1322 && (opline+1)->op1_type == IS_TMP_VAR
1323 && (opline+1)->op1.var == opline->result.var) {
1324 opline->result_type = IS_SMART_BRANCH_JMPNZ | IS_TMP_VAR;
1325 }
1326 }
1327 }
1328 break;
1329 }
1330 zend_vm_set_opcode_handler_ex(opline, op1_info, op2_info, res_info);
1331 opline++;
1332 }
1333
1334 op_array->fn_flags |= ZEND_ACC_DONE_PASS_TWO;
1335 }
1336
zend_optimize_op_array(zend_op_array * op_array,zend_optimizer_ctx * ctx)1337 static void zend_optimize_op_array(zend_op_array *op_array,
1338 zend_optimizer_ctx *ctx)
1339 {
1340 /* Revert pass_two() */
1341 zend_revert_pass_two(op_array);
1342
1343 /* Do actual optimizations */
1344 zend_optimize(op_array, ctx);
1345
1346 /* Redo pass_two() */
1347 zend_redo_pass_two(op_array);
1348
1349 if (op_array->live_range) {
1350 zend_recalc_live_ranges(op_array, NULL);
1351 }
1352 }
1353
zend_adjust_fcall_stack_size(zend_op_array * op_array,zend_optimizer_ctx * ctx)1354 static void zend_adjust_fcall_stack_size(zend_op_array *op_array, zend_optimizer_ctx *ctx)
1355 {
1356 zend_function *func;
1357 zend_op *opline, *end;
1358
1359 opline = op_array->opcodes;
1360 end = opline + op_array->last;
1361 while (opline < end) {
1362 if (opline->opcode == ZEND_INIT_FCALL) {
1363 func = zend_hash_find_ptr(
1364 &ctx->script->function_table,
1365 Z_STR_P(RT_CONSTANT(opline, opline->op2)));
1366 if (func) {
1367 opline->op1.num = zend_vm_calc_used_stack(opline->extended_value, func);
1368 }
1369 }
1370 opline++;
1371 }
1372 }
1373
zend_adjust_fcall_stack_size_graph(zend_op_array * op_array)1374 static void zend_adjust_fcall_stack_size_graph(zend_op_array *op_array)
1375 {
1376 zend_func_info *func_info = ZEND_FUNC_INFO(op_array);
1377
1378 if (func_info) {
1379 zend_call_info *call_info =func_info->callee_info;
1380
1381 while (call_info) {
1382 zend_op *opline = call_info->caller_init_opline;
1383
1384 if (opline && call_info->callee_func && opline->opcode == ZEND_INIT_FCALL) {
1385 ZEND_ASSERT(!call_info->is_prototype);
1386 opline->op1.num = zend_vm_calc_used_stack(opline->extended_value, call_info->callee_func);
1387 }
1388 call_info = call_info->next_callee;
1389 }
1390 }
1391 }
1392
needs_live_range(zend_op_array * op_array,zend_op * def_opline)1393 static bool needs_live_range(zend_op_array *op_array, zend_op *def_opline) {
1394 zend_func_info *func_info = ZEND_FUNC_INFO(op_array);
1395 zend_ssa_op *ssa_op = &func_info->ssa.ops[def_opline - op_array->opcodes];
1396 int ssa_var = ssa_op->result_def;
1397 if (ssa_var < 0) {
1398 /* Be conservative. */
1399 return 1;
1400 }
1401
1402 /* If the variable is used by a PHI, this may be the assignment of the final branch of a
1403 * ternary/etc structure. While this is where the live range starts, the value from the other
1404 * branch may also be used. As such, use the type of the PHI node for the following check. */
1405 if (func_info->ssa.vars[ssa_var].phi_use_chain) {
1406 ssa_var = func_info->ssa.vars[ssa_var].phi_use_chain->ssa_var;
1407 }
1408
1409 uint32_t type = func_info->ssa.var_info[ssa_var].type;
1410 return (type & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF)) != 0;
1411 }
1412
zend_foreach_op_array_helper(zend_op_array * op_array,zend_op_array_func_t func,void * context)1413 static void zend_foreach_op_array_helper(
1414 zend_op_array *op_array, zend_op_array_func_t func, void *context) {
1415 func(op_array, context);
1416 for (uint32_t i = 0; i < op_array->num_dynamic_func_defs; i++) {
1417 zend_foreach_op_array_helper(op_array->dynamic_func_defs[i], func, context);
1418 }
1419 }
1420
zend_foreach_op_array(zend_script * script,zend_op_array_func_t func,void * context)1421 void zend_foreach_op_array(zend_script *script, zend_op_array_func_t func, void *context)
1422 {
1423 zval *zv;
1424 zend_op_array *op_array;
1425
1426 zend_foreach_op_array_helper(&script->main_op_array, func, context);
1427
1428 ZEND_HASH_MAP_FOREACH_PTR(&script->function_table, op_array) {
1429 zend_foreach_op_array_helper(op_array, func, context);
1430 } ZEND_HASH_FOREACH_END();
1431
1432 ZEND_HASH_MAP_FOREACH_VAL(&script->class_table, zv) {
1433 if (Z_TYPE_P(zv) == IS_ALIAS_PTR) {
1434 continue;
1435 }
1436 zend_class_entry *ce = Z_CE_P(zv);
1437 ZEND_HASH_MAP_FOREACH_PTR(&ce->function_table, op_array) {
1438 if (op_array->scope == ce
1439 && op_array->type == ZEND_USER_FUNCTION
1440 && !(op_array->fn_flags & ZEND_ACC_ABSTRACT)
1441 && !(op_array->fn_flags & ZEND_ACC_TRAIT_CLONE)) {
1442 zend_foreach_op_array_helper(op_array, func, context);
1443 }
1444 } ZEND_HASH_FOREACH_END();
1445 } ZEND_HASH_FOREACH_END();
1446 }
1447
step_optimize_op_array(zend_op_array * op_array,void * context)1448 static void step_optimize_op_array(zend_op_array *op_array, void *context) {
1449 zend_optimize_op_array(op_array, (zend_optimizer_ctx *) context);
1450 }
1451
step_adjust_fcall_stack_size(zend_op_array * op_array,void * context)1452 static void step_adjust_fcall_stack_size(zend_op_array *op_array, void *context) {
1453 zend_adjust_fcall_stack_size(op_array, (zend_optimizer_ctx *) context);
1454 }
1455
step_dump_after_optimizer(zend_op_array * op_array,void * context)1456 static void step_dump_after_optimizer(zend_op_array *op_array, void *context) {
1457 zend_dump_op_array(op_array, ZEND_DUMP_LIVE_RANGES, "after optimizer", NULL);
1458 }
1459
zend_optimizer_call_registered_passes(zend_script * script,void * ctx)1460 static void zend_optimizer_call_registered_passes(zend_script *script, void *ctx) {
1461 for (int i = 0; i < zend_optimizer_registered_passes.last; i++) {
1462 if (!zend_optimizer_registered_passes.pass[i]) {
1463 continue;
1464 }
1465
1466 zend_optimizer_registered_passes.pass[i](script, ctx);
1467 }
1468 }
1469
zend_optimize_script(zend_script * script,zend_long optimization_level,zend_long debug_level)1470 ZEND_API void zend_optimize_script(zend_script *script, zend_long optimization_level, zend_long debug_level)
1471 {
1472 zend_op_array *op_array;
1473 zend_string *name;
1474 zend_optimizer_ctx ctx;
1475 zval *zv;
1476
1477 ctx.arena = zend_arena_create(64 * 1024);
1478 ctx.script = script;
1479 ctx.constants = NULL;
1480 ctx.optimization_level = optimization_level;
1481 ctx.debug_level = debug_level;
1482
1483 if ((ZEND_OPTIMIZER_PASS_6 & optimization_level) &&
1484 (ZEND_OPTIMIZER_PASS_7 & optimization_level)) {
1485 /* Optimize using call-graph */
1486 zend_call_graph call_graph;
1487 zend_build_call_graph(&ctx.arena, script, &call_graph);
1488
1489 int i;
1490 zend_func_info *func_info;
1491
1492 for (i = 0; i < call_graph.op_arrays_count; i++) {
1493 zend_revert_pass_two(call_graph.op_arrays[i]);
1494 zend_optimize(call_graph.op_arrays[i], &ctx);
1495 }
1496
1497 zend_analyze_call_graph(&ctx.arena, script, &call_graph);
1498
1499 for (i = 0; i < call_graph.op_arrays_count; i++) {
1500 func_info = ZEND_FUNC_INFO(call_graph.op_arrays[i]);
1501 if (func_info) {
1502 func_info->call_map = zend_build_call_map(&ctx.arena, func_info, call_graph.op_arrays[i]);
1503 if (call_graph.op_arrays[i]->fn_flags & ZEND_ACC_HAS_RETURN_TYPE) {
1504 zend_init_func_return_info(call_graph.op_arrays[i], script, &func_info->return_info);
1505 }
1506 }
1507 }
1508
1509 for (i = 0; i < call_graph.op_arrays_count; i++) {
1510 func_info = ZEND_FUNC_INFO(call_graph.op_arrays[i]);
1511 if (func_info) {
1512 if (zend_dfa_analyze_op_array(call_graph.op_arrays[i], &ctx, &func_info->ssa) == SUCCESS) {
1513 func_info->flags = func_info->ssa.cfg.flags;
1514 } else {
1515 ZEND_SET_FUNC_INFO(call_graph.op_arrays[i], NULL);
1516 }
1517 }
1518 }
1519
1520 //TODO: perform inner-script inference???
1521 for (i = 0; i < call_graph.op_arrays_count; i++) {
1522 func_info = ZEND_FUNC_INFO(call_graph.op_arrays[i]);
1523 if (func_info) {
1524 zend_dfa_optimize_op_array(call_graph.op_arrays[i], &ctx, &func_info->ssa, func_info->call_map);
1525 }
1526 }
1527
1528 if (debug_level & ZEND_DUMP_AFTER_PASS_7) {
1529 for (i = 0; i < call_graph.op_arrays_count; i++) {
1530 zend_dump_op_array(call_graph.op_arrays[i], 0, "after pass 7", NULL);
1531 }
1532 }
1533
1534 if (ZEND_OPTIMIZER_PASS_9 & optimization_level) {
1535 for (i = 0; i < call_graph.op_arrays_count; i++) {
1536 zend_optimize_temporary_variables(call_graph.op_arrays[i], &ctx);
1537 if (debug_level & ZEND_DUMP_AFTER_PASS_9) {
1538 zend_dump_op_array(call_graph.op_arrays[i], 0, "after pass 9", NULL);
1539 }
1540 }
1541 }
1542
1543 if (ZEND_OPTIMIZER_PASS_11 & optimization_level) {
1544 for (i = 0; i < call_graph.op_arrays_count; i++) {
1545 zend_optimizer_compact_literals(call_graph.op_arrays[i], &ctx);
1546 if (debug_level & ZEND_DUMP_AFTER_PASS_11) {
1547 zend_dump_op_array(call_graph.op_arrays[i], 0, "after pass 11", NULL);
1548 }
1549 }
1550 }
1551
1552 if (ZEND_OPTIMIZER_PASS_13 & optimization_level) {
1553 for (i = 0; i < call_graph.op_arrays_count; i++) {
1554 zend_optimizer_compact_vars(call_graph.op_arrays[i]);
1555 if (debug_level & ZEND_DUMP_AFTER_PASS_13) {
1556 zend_dump_op_array(call_graph.op_arrays[i], 0, "after pass 13", NULL);
1557 }
1558 }
1559 }
1560
1561 if (ZEND_OPTIMIZER_PASS_12 & optimization_level) {
1562 for (i = 0; i < call_graph.op_arrays_count; i++) {
1563 zend_adjust_fcall_stack_size_graph(call_graph.op_arrays[i]);
1564 }
1565 }
1566
1567 for (i = 0; i < call_graph.op_arrays_count; i++) {
1568 op_array = call_graph.op_arrays[i];
1569 func_info = ZEND_FUNC_INFO(op_array);
1570 if (func_info && func_info->ssa.var_info) {
1571 zend_redo_pass_two_ex(op_array, &func_info->ssa);
1572 if (op_array->live_range) {
1573 zend_recalc_live_ranges(op_array, needs_live_range);
1574 }
1575 } else {
1576 zend_redo_pass_two(op_array);
1577 if (op_array->live_range) {
1578 zend_recalc_live_ranges(op_array, NULL);
1579 }
1580 }
1581 }
1582
1583 for (i = 0; i < call_graph.op_arrays_count; i++) {
1584 ZEND_SET_FUNC_INFO(call_graph.op_arrays[i], NULL);
1585 }
1586 } else {
1587 zend_foreach_op_array(script, step_optimize_op_array, &ctx);
1588
1589 if (ZEND_OPTIMIZER_PASS_12 & optimization_level) {
1590 zend_foreach_op_array(script, step_adjust_fcall_stack_size, &ctx);
1591 }
1592 }
1593
1594 ZEND_HASH_MAP_FOREACH_VAL(&script->class_table, zv) {
1595 if (Z_TYPE_P(zv) == IS_ALIAS_PTR) {
1596 continue;
1597 }
1598 zend_class_entry *ce = Z_CE_P(zv);
1599 ZEND_HASH_MAP_FOREACH_STR_KEY_PTR(&ce->function_table, name, op_array) {
1600 if (op_array->scope != ce && op_array->type == ZEND_USER_FUNCTION) {
1601 zend_op_array *orig_op_array =
1602 zend_hash_find_ptr(&op_array->scope->function_table, name);
1603
1604 ZEND_ASSERT(orig_op_array != NULL);
1605 if (orig_op_array != op_array) {
1606 uint32_t fn_flags = op_array->fn_flags;
1607 zend_function *prototype = op_array->prototype;
1608 HashTable *ht = op_array->static_variables;
1609
1610 *op_array = *orig_op_array;
1611 op_array->fn_flags = fn_flags;
1612 op_array->prototype = prototype;
1613 op_array->static_variables = ht;
1614 }
1615 }
1616 } ZEND_HASH_FOREACH_END();
1617 } ZEND_HASH_FOREACH_END();
1618
1619 zend_optimizer_call_registered_passes(script, &ctx);
1620
1621 if ((debug_level & ZEND_DUMP_AFTER_OPTIMIZER) &&
1622 (ZEND_OPTIMIZER_PASS_7 & optimization_level)) {
1623 zend_foreach_op_array(script, step_dump_after_optimizer, NULL);
1624 }
1625
1626 if (ctx.constants) {
1627 zend_hash_destroy(ctx.constants);
1628 }
1629 zend_arena_destroy(ctx.arena);
1630 }
1631
zend_optimizer_register_pass(zend_optimizer_pass_t pass)1632 ZEND_API int zend_optimizer_register_pass(zend_optimizer_pass_t pass)
1633 {
1634 if (!pass) {
1635 return -1;
1636 }
1637
1638 if (zend_optimizer_registered_passes.last == ZEND_OPTIMIZER_MAX_REGISTERED_PASSES) {
1639 return -1;
1640 }
1641
1642 zend_optimizer_registered_passes.pass[
1643 zend_optimizer_registered_passes.last++] = pass;
1644
1645 return zend_optimizer_registered_passes.last;
1646 }
1647
zend_optimizer_unregister_pass(int idx)1648 ZEND_API void zend_optimizer_unregister_pass(int idx)
1649 {
1650 zend_optimizer_registered_passes.pass[idx-1] = NULL;
1651 }
1652
zend_optimizer_startup(void)1653 zend_result zend_optimizer_startup(void)
1654 {
1655 return zend_func_info_startup();
1656 }
1657
zend_optimizer_shutdown(void)1658 zend_result zend_optimizer_shutdown(void)
1659 {
1660 return zend_func_info_shutdown();
1661 }
1662
