/src/php-src/Zend/Optimizer/dfa_pass.c
Line | Count | Source |
1 | | /* |
2 | | +----------------------------------------------------------------------+ |
3 | | | Zend OPcache | |
4 | | +----------------------------------------------------------------------+ |
5 | | | Copyright © The PHP Group and Contributors. | |
6 | | +----------------------------------------------------------------------+ |
7 | | | This source file is subject to the Modified BSD License that is | |
8 | | | bundled with this package in the file LICENSE, and is available | |
9 | | | through the World Wide Web at <https://www.php.net/license/>. | |
10 | | | | |
11 | | | SPDX-License-Identifier: BSD-3-Clause | |
12 | | +----------------------------------------------------------------------+ |
13 | | | Authors: Dmitry Stogov <dmitry@php.net> | |
14 | | +----------------------------------------------------------------------+ |
15 | | */ |
16 | | |
17 | | #include "Optimizer/zend_optimizer.h" |
18 | | #include "Optimizer/zend_optimizer_internal.h" |
19 | | #include "zend_API.h" |
20 | | #include "zend_constants.h" |
21 | | #include "zend_execute.h" |
22 | | #include "zend_vm.h" |
23 | | #include "zend_bitset.h" |
24 | | #include "zend_cfg.h" |
25 | | #include "zend_ssa.h" |
26 | | #include "zend_func_info.h" |
27 | | #include "zend_call_graph.h" |
28 | | #include "zend_inference.h" |
29 | | #include "zend_dump.h" |
30 | | |
31 | | #ifndef ZEND_DEBUG_DFA |
32 | | # define ZEND_DEBUG_DFA ZEND_DEBUG |
33 | | #endif |
34 | | |
35 | | #if ZEND_DEBUG_DFA |
36 | | # include "ssa_integrity.c" |
37 | | #endif |
38 | | |
39 | | zend_result zend_dfa_analyze_op_array(zend_op_array *op_array, zend_optimizer_ctx *ctx, zend_ssa *ssa) |
40 | 94.6k | { |
41 | 94.6k | uint32_t build_flags; |
42 | | |
43 | 94.6k | if (op_array->last_try_catch) { |
44 | | /* TODO: we can't analyze functions with try/catch/finally ??? */ |
45 | 18.9k | return FAILURE; |
46 | 18.9k | } |
47 | | |
48 | | /* Build SSA */ |
49 | 75.7k | memset(ssa, 0, sizeof(zend_ssa)); |
50 | | |
51 | 75.7k | zend_build_cfg(&ctx->arena, op_array, ZEND_CFG_NO_ENTRY_PREDECESSORS, &ssa->cfg); |
52 | | |
53 | 75.7k | if ((ssa->cfg.flags & ZEND_FUNC_INDIRECT_VAR_ACCESS)) { |
54 | | /* TODO: we can't analyze functions with indirect variable access ??? */ |
55 | 3.26k | return FAILURE; |
56 | 3.26k | } |
57 | | |
58 | 72.4k | zend_cfg_build_predecessors(&ctx->arena, &ssa->cfg); |
59 | | |
60 | 72.4k | if (ctx->debug_level & ZEND_DUMP_DFA_CFG) { |
61 | 0 | zend_dump_op_array(op_array, ZEND_DUMP_CFG, "dfa cfg", &ssa->cfg); |
62 | 0 | } |
63 | | |
64 | | /* Compute Dominators Tree */ |
65 | 72.4k | zend_cfg_compute_dominators_tree(op_array, &ssa->cfg); |
66 | | |
67 | | /* Identify reducible and irreducible loops */ |
68 | 72.4k | zend_cfg_identify_loops(op_array, &ssa->cfg); |
69 | | |
70 | 72.4k | if (ctx->debug_level & ZEND_DUMP_DFA_DOMINATORS) { |
71 | 0 | zend_dump_dominators(op_array, &ssa->cfg); |
72 | 0 | } |
73 | | |
74 | 72.4k | build_flags = 0; |
75 | 72.4k | if (ctx->debug_level & ZEND_DUMP_DFA_LIVENESS) { |
76 | 0 | build_flags |= ZEND_SSA_DEBUG_LIVENESS; |
77 | 0 | } |
78 | 72.4k | if (ctx->debug_level & ZEND_DUMP_DFA_PHI) { |
79 | 0 | build_flags |= ZEND_SSA_DEBUG_PHI_PLACEMENT; |
80 | 0 | } |
81 | 72.4k | if (zend_build_ssa(&ctx->arena, ctx->script, op_array, build_flags, ssa) == FAILURE) { |
82 | 0 | return FAILURE; |
83 | 0 | } |
84 | | |
85 | 72.4k | if (ctx->debug_level & ZEND_DUMP_DFA_SSA) { |
86 | 0 | zend_dump_op_array(op_array, ZEND_DUMP_SSA, "dfa ssa", ssa); |
87 | 0 | } |
88 | | |
89 | | |
90 | 72.4k | zend_ssa_compute_use_def_chains(&ctx->arena, op_array, ssa); |
91 | | |
92 | 72.4k | zend_ssa_find_false_dependencies(op_array, ssa); |
93 | | |
94 | 72.4k | zend_ssa_find_sccs(op_array, ssa); |
95 | | |
96 | 72.4k | if (zend_ssa_inference(&ctx->arena, op_array, ctx->script, ssa, ctx->optimization_level) == FAILURE) { |
97 | 0 | return FAILURE; |
98 | 0 | } |
99 | | |
100 | 72.4k | if (zend_ssa_escape_analysis(ctx->script, op_array, ssa) == FAILURE) { |
101 | 0 | return FAILURE; |
102 | 0 | } |
103 | | |
104 | 72.4k | if (ctx->debug_level & ZEND_DUMP_DFA_SSA_VARS) { |
105 | 0 | zend_dump_ssa_variables(op_array, ssa, 0); |
106 | 0 | } |
107 | | |
108 | 72.4k | return SUCCESS; |
109 | 72.4k | } |
110 | | |
111 | | static void zend_ssa_remove_nops(zend_op_array *op_array, zend_ssa *ssa, zend_optimizer_ctx *ctx) |
112 | 8.10k | { |
113 | 8.10k | zend_basic_block *blocks = ssa->cfg.blocks; |
114 | 8.10k | zend_basic_block *blocks_end = blocks + ssa->cfg.blocks_count; |
115 | 8.10k | zend_basic_block *b; |
116 | 8.10k | zend_func_info *func_info; |
117 | 8.10k | int j; |
118 | 8.10k | uint32_t i = 0; |
119 | 8.10k | uint32_t target = 0; |
120 | 8.10k | uint32_t *shiftlist; |
121 | 8.10k | ALLOCA_FLAG(use_heap); |
122 | | |
123 | 8.10k | shiftlist = (uint32_t *)do_alloca(sizeof(uint32_t) * op_array->last, use_heap); |
124 | 8.10k | memset(shiftlist, 0, sizeof(uint32_t) * op_array->last); |
125 | | /* remove empty callee_info */ |
126 | 8.10k | func_info = ZEND_FUNC_INFO(op_array); |
127 | 8.10k | if (func_info) { |
128 | 8.10k | zend_call_info **call_info = &func_info->callee_info; |
129 | 17.6k | while ((*call_info)) { |
130 | 9.55k | if ((*call_info)->caller_init_opline->opcode == ZEND_NOP) { |
131 | 70 | *call_info = (*call_info)->next_callee; |
132 | 9.48k | } else { |
133 | 9.48k | call_info = &(*call_info)->next_callee; |
134 | 9.48k | } |
135 | 9.55k | } |
136 | 8.10k | } |
137 | | |
138 | 69.4k | for (b = blocks; b < blocks_end; b++) { |
139 | 61.3k | if (b->flags & (ZEND_BB_REACHABLE|ZEND_BB_UNREACHABLE_FREE)) { |
140 | 55.2k | if (b->len) { |
141 | 54.7k | uint32_t new_start, old_end; |
142 | 69.6k | while (i < b->start) { |
143 | 14.9k | shiftlist[i] = i - target; |
144 | 14.9k | i++; |
145 | 14.9k | } |
146 | | |
147 | 54.7k | if (b->flags & ZEND_BB_UNREACHABLE_FREE) { |
148 | | /* Only keep the FREE for the loop var */ |
149 | 12 | ZEND_ASSERT(op_array->opcodes[b->start].opcode == ZEND_FREE |
150 | 12 | || op_array->opcodes[b->start].opcode == ZEND_FE_FREE); |
151 | 12 | b->len = 1; |
152 | 12 | } |
153 | | |
154 | 54.7k | new_start = target; |
155 | 54.7k | old_end = b->start + b->len; |
156 | 518k | while (i < old_end) { |
157 | 463k | shiftlist[i] = i - target; |
158 | 463k | if (EXPECTED(op_array->opcodes[i].opcode != ZEND_NOP)) { |
159 | 438k | if (i != target) { |
160 | 276k | op_array->opcodes[target] = op_array->opcodes[i]; |
161 | 276k | ssa->ops[target] = ssa->ops[i]; |
162 | 276k | ssa->cfg.map[target] = b - blocks; |
163 | 276k | } |
164 | 438k | target++; |
165 | 438k | } |
166 | 463k | i++; |
167 | 463k | } |
168 | 54.7k | b->start = new_start; |
169 | 54.7k | if (target != old_end) { |
170 | 36.2k | zend_op *opline; |
171 | 36.2k | zend_op *new_opline; |
172 | | |
173 | 36.2k | b->len = target - b->start; |
174 | 36.2k | opline = op_array->opcodes + old_end - 1; |
175 | 36.2k | if (opline->opcode == ZEND_NOP) { |
176 | 198 | continue; |
177 | 198 | } |
178 | | |
179 | 36.0k | new_opline = op_array->opcodes + target - 1; |
180 | 36.0k | zend_optimizer_migrate_jump(op_array, new_opline, opline); |
181 | 36.0k | } |
182 | 54.7k | } else { |
183 | 436 | b->start = target; |
184 | 436 | } |
185 | 55.2k | } else { |
186 | 6.17k | b->start = target; |
187 | 6.17k | b->len = 0; |
188 | 6.17k | } |
189 | 61.3k | } |
190 | | |
191 | 8.10k | if (target != op_array->last) { |
192 | | /* reset rest opcodes */ |
193 | 49.4k | for (i = target; i < op_array->last; i++) { |
194 | 41.3k | MAKE_NOP(op_array->opcodes + i); |
195 | 41.3k | } |
196 | | |
197 | | /* update SSA variables */ |
198 | 433k | for (j = 0; j < ssa->vars_count; j++) { |
199 | 425k | if (ssa->vars[j].definition >= 0) { |
200 | 297k | ssa->vars[j].definition -= shiftlist[ssa->vars[j].definition]; |
201 | 297k | } |
202 | 425k | if (ssa->vars[j].use_chain >= 0) { |
203 | 305k | ssa->vars[j].use_chain -= shiftlist[ssa->vars[j].use_chain]; |
204 | 305k | } |
205 | 425k | } |
206 | 487k | for (i = 0; i < op_array->last; i++) { |
207 | 479k | if (ssa->ops[i].op1_use_chain >= 0) { |
208 | 22.9k | ssa->ops[i].op1_use_chain -= shiftlist[ssa->ops[i].op1_use_chain]; |
209 | 22.9k | } |
210 | 479k | if (ssa->ops[i].op2_use_chain >= 0) { |
211 | 28.3k | ssa->ops[i].op2_use_chain -= shiftlist[ssa->ops[i].op2_use_chain]; |
212 | 28.3k | } |
213 | 479k | if (ssa->ops[i].res_use_chain >= 0) { |
214 | 0 | ssa->ops[i].res_use_chain -= shiftlist[ssa->ops[i].res_use_chain]; |
215 | 0 | } |
216 | 479k | } |
217 | | |
218 | | /* update branch targets */ |
219 | 69.4k | for (b = blocks; b < blocks_end; b++) { |
220 | 61.3k | if ((b->flags & ZEND_BB_REACHABLE) && b->len != 0) { |
221 | 54.7k | zend_op *opline = op_array->opcodes + b->start + b->len - 1; |
222 | 54.7k | zend_optimizer_shift_jump(op_array, opline, shiftlist); |
223 | 54.7k | } |
224 | 61.3k | } |
225 | | |
226 | | /* update try/catch array */ |
227 | 8.10k | for (uint32_t j = 0; j < op_array->last_try_catch; j++) { |
228 | 0 | op_array->try_catch_array[j].try_op -= shiftlist[op_array->try_catch_array[j].try_op]; |
229 | 0 | op_array->try_catch_array[j].catch_op -= shiftlist[op_array->try_catch_array[j].catch_op]; |
230 | 0 | if (op_array->try_catch_array[j].finally_op) { |
231 | 0 | op_array->try_catch_array[j].finally_op -= shiftlist[op_array->try_catch_array[j].finally_op]; |
232 | 0 | op_array->try_catch_array[j].finally_end -= shiftlist[op_array->try_catch_array[j].finally_end]; |
233 | 0 | } |
234 | 0 | } |
235 | | |
236 | | /* update call graph */ |
237 | 8.10k | if (func_info) { |
238 | 8.10k | zend_call_info *call_info = func_info->callee_info; |
239 | 17.5k | while (call_info) { |
240 | 9.48k | call_info->caller_init_opline -= |
241 | 9.48k | shiftlist[call_info->caller_init_opline - op_array->opcodes]; |
242 | 9.48k | if (call_info->caller_call_opline) { |
243 | 9.48k | call_info->caller_call_opline -= |
244 | 9.48k | shiftlist[call_info->caller_call_opline - op_array->opcodes]; |
245 | 9.48k | } |
246 | 9.48k | call_info = call_info->next_callee; |
247 | 9.48k | } |
248 | 8.10k | } |
249 | | |
250 | 8.10k | op_array->last = target; |
251 | 8.10k | } |
252 | 8.10k | free_alloca(shiftlist, use_heap); |
253 | 8.10k | } |
254 | | |
255 | 302 | static bool safe_instanceof(const zend_class_entry *ce1, const zend_class_entry *ce2) { |
256 | 302 | if (ce1 == ce2) { |
257 | 190 | return true; |
258 | 190 | } |
259 | 112 | if (!(ce1->ce_flags & ZEND_ACC_LINKED)) { |
260 | | /* This case could be generalized, similarly to unlinked_instanceof */ |
261 | 16 | return false; |
262 | 16 | } |
263 | 96 | return instanceof_function(ce1, ce2); |
264 | 112 | } |
265 | | |
266 | | static inline bool can_elide_list_type( |
267 | | const zend_script *script, const zend_op_array *op_array, |
268 | | const zend_ssa_var_info *use_info, const zend_type type) |
269 | 411 | { |
270 | 411 | const zend_type *single_type; |
271 | | /* For intersection: result==false is failure, default is success. |
272 | | * For union: result==true is success, default is failure. */ |
273 | 411 | bool is_intersection = ZEND_TYPE_IS_INTERSECTION(type); |
274 | 822 | ZEND_TYPE_FOREACH(type, single_type) { |
275 | 822 | if (ZEND_TYPE_HAS_LIST(*single_type)) { |
276 | 40 | ZEND_ASSERT(!is_intersection); |
277 | 40 | return can_elide_list_type(script, op_array, use_info, *single_type); |
278 | 40 | } |
279 | 371 | if (ZEND_TYPE_HAS_NAME(*single_type)) { |
280 | 371 | zend_string *lcname = zend_string_tolower(ZEND_TYPE_NAME(*single_type)); |
281 | 371 | const zend_class_entry *ce = zend_optimizer_get_class_entry(script, op_array, lcname); |
282 | 371 | zend_string_release(lcname); |
283 | 371 | bool result = ce && safe_instanceof(use_info->ce, ce); |
284 | 371 | if (result == !is_intersection) { |
285 | 266 | return result; |
286 | 266 | } |
287 | 371 | } |
288 | 371 | } ZEND_TYPE_FOREACH_END(); |
289 | 105 | return is_intersection; |
290 | 411 | } |
291 | | |
292 | | static inline bool can_elide_return_type_check( |
293 | 2.73k | const zend_script *script, zend_op_array *op_array, zend_ssa *ssa, zend_ssa_op *ssa_op) { |
294 | 2.73k | zend_arg_info *arg_info = &op_array->arg_info[-1]; |
295 | 2.73k | zend_ssa_var_info *use_info = &ssa->var_info[ssa_op->op1_use]; |
296 | 2.73k | uint32_t use_type = use_info->type & (MAY_BE_ANY|MAY_BE_UNDEF); |
297 | 2.73k | if (use_type & MAY_BE_REF) { |
298 | 0 | return false; |
299 | 0 | } |
300 | | |
301 | 2.73k | if (use_type & MAY_BE_UNDEF) { |
302 | 85 | use_type &= ~MAY_BE_UNDEF; |
303 | 85 | use_type |= MAY_BE_NULL; |
304 | 85 | } |
305 | | |
306 | 2.73k | uint32_t disallowed_types = use_type & ~ZEND_TYPE_PURE_MASK(arg_info->type); |
307 | 2.73k | if (!disallowed_types) { |
308 | | /* Only contains allowed types. */ |
309 | 720 | return true; |
310 | 720 | } |
311 | | |
312 | 2.01k | if (disallowed_types == MAY_BE_OBJECT && use_info->ce && ZEND_TYPE_IS_COMPLEX(arg_info->type)) { |
313 | 371 | return can_elide_list_type(script, op_array, use_info, arg_info->type); |
314 | 371 | } |
315 | | |
316 | 1.64k | return false; |
317 | 2.01k | } |
318 | | |
319 | | static bool opline_supports_assign_contraction( |
320 | 6.02k | zend_op_array *op_array, zend_ssa *ssa, zend_op *opline, int src_var, uint32_t cv_var) { |
321 | 6.02k | if (opline->opcode == ZEND_NEW) { |
322 | | /* see Zend/tests/generators/aborted_yield_during_new.phpt */ |
323 | 1.20k | return false; |
324 | 1.20k | } |
325 | | |
326 | | /* Frameless calls override the return value, but the return value may overlap with the arguments. */ |
327 | 4.82k | switch (opline->opcode) { |
328 | 0 | case ZEND_FRAMELESS_ICALL_3: |
329 | 0 | if ((opline + 1)->op1_type == IS_CV && (opline + 1)->op1.var == cv_var) return false; |
330 | 0 | ZEND_FALLTHROUGH; |
331 | 0 | case ZEND_FRAMELESS_ICALL_2: |
332 | 0 | if (opline->op2_type == IS_CV && opline->op2.var == cv_var) return false; |
333 | 0 | ZEND_FALLTHROUGH; |
334 | 0 | case ZEND_FRAMELESS_ICALL_1: |
335 | 0 | if (opline->op1_type == IS_CV && opline->op1.var == cv_var) return false; |
336 | 0 | return true; |
337 | 4.82k | } |
338 | | |
339 | 4.82k | if (opline->opcode == ZEND_DO_ICALL || opline->opcode == ZEND_DO_UCALL |
340 | 4.81k | || opline->opcode == ZEND_DO_FCALL || opline->opcode == ZEND_DO_FCALL_BY_NAME) { |
341 | | /* Function calls may dtor the return value after it has already been written -- allow |
342 | | * direct assignment only for types where a double-dtor does not matter. */ |
343 | 647 | uint32_t type = ssa->var_info[src_var].type; |
344 | 647 | uint32_t simple = MAY_BE_NULL|MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_LONG|MAY_BE_DOUBLE; |
345 | 647 | return !((type & MAY_BE_ANY) & ~simple); |
346 | 647 | } |
347 | | |
348 | 4.17k | if (opline->opcode == ZEND_POST_INC || opline->opcode == ZEND_POST_DEC) { |
349 | | /* POST_INC/DEC write the result variable before performing the inc/dec. For $i = $i++ |
350 | | * eliding the temporary variable would thus yield an incorrect result. */ |
351 | 22 | return opline->op1_type != IS_CV || opline->op1.var != cv_var; |
352 | 22 | } |
353 | | |
354 | 4.15k | if (opline->opcode == ZEND_INIT_ARRAY) { |
355 | | /* INIT_ARRAY initializes the result array before reading key/value. */ |
356 | 60 | return (opline->op1_type != IS_CV || opline->op1.var != cv_var) |
357 | 56 | && (opline->op2_type != IS_CV || opline->op2.var != cv_var); |
358 | 60 | } |
359 | | |
360 | 4.09k | if (opline->opcode == ZEND_CAST |
361 | 92 | && (opline->extended_value == IS_ARRAY || opline->extended_value == IS_OBJECT)) { |
362 | | /* CAST to array/object may initialize the result to an empty array/object before |
363 | | * reading the expression. */ |
364 | 16 | return opline->op1_type != IS_CV || opline->op1.var != cv_var; |
365 | 16 | } |
366 | | |
367 | 4.07k | if ((opline->opcode == ZEND_ASSIGN_OP |
368 | 4.06k | || opline->opcode == ZEND_ASSIGN_OBJ |
369 | 4.06k | || opline->opcode == ZEND_ASSIGN_DIM |
370 | 4.04k | || opline->opcode == ZEND_ASSIGN_OBJ_OP |
371 | 4.04k | || opline->opcode == ZEND_ASSIGN_DIM_OP) |
372 | 32 | && opline->op1_type == IS_CV |
373 | 32 | && opline->op1.var == cv_var |
374 | 14 | && zend_may_throw(opline, &ssa->ops[ssa->vars[src_var].definition], op_array, ssa)) { |
375 | 6 | return false; |
376 | 6 | } |
377 | | |
378 | 4.07k | return true; |
379 | 4.07k | } |
380 | | |
381 | | static bool variable_defined_or_used_in_range(zend_ssa *ssa, int var, int start, int end) |
382 | 4.17k | { |
383 | 4.21k | while (start < end) { |
384 | 40 | const zend_ssa_op *ssa_op = &ssa->ops[start]; |
385 | 40 | if ((ssa_op->op1_def >= 0 && ssa->vars[ssa_op->op1_def].var == var) || |
386 | 40 | (ssa_op->op2_def >= 0 && ssa->vars[ssa_op->op2_def].var == var) || |
387 | 40 | (ssa_op->result_def >= 0 && ssa->vars[ssa_op->result_def].var == var) || |
388 | 40 | (ssa_op->op1_use >= 0 && ssa->vars[ssa_op->op1_use].var == var) || |
389 | 40 | (ssa_op->op2_use >= 0 && ssa->vars[ssa_op->op2_use].var == var) || |
390 | 40 | (ssa_op->result_use >= 0 && ssa->vars[ssa_op->result_use].var == var) |
391 | 40 | ) { |
392 | 0 | return true; |
393 | 0 | } |
394 | 40 | start++; |
395 | 40 | } |
396 | 4.17k | return false; |
397 | 4.17k | } |
398 | | |
399 | | static uint32_t zend_dfa_optimize_calls(zend_op_array *op_array, zend_ssa *ssa) |
400 | 72.4k | { |
401 | 72.4k | const zend_func_info *func_info = ZEND_FUNC_INFO(op_array); |
402 | 72.4k | uint32_t removed_ops = 0; |
403 | | |
404 | 72.4k | if (func_info->callee_info) { |
405 | 33.3k | const zend_call_info *call_info = func_info->callee_info; |
406 | | |
407 | 82.4k | do { |
408 | 82.4k | zend_op *op = call_info->caller_init_opline; |
409 | | |
410 | 82.4k | if ((op->opcode == ZEND_FRAMELESS_ICALL_2 |
411 | 82.4k | || (op->opcode == ZEND_FRAMELESS_ICALL_3 && (op + 1)->op1_type == IS_CONST)) |
412 | 0 | && call_info->callee_func |
413 | 0 | && zend_string_equals_literal_ci(call_info->callee_func->common.function_name, "in_array")) { |
414 | 0 | bool strict = false; |
415 | 0 | bool has_opdata = op->opcode == ZEND_FRAMELESS_ICALL_3; |
416 | 0 | ZEND_ASSERT(!call_info->is_prototype); |
417 | |
|
418 | 0 | if (has_opdata) { |
419 | 0 | if (zend_is_true(CT_CONSTANT_EX(op_array, (op + 1)->op1.constant))) { |
420 | 0 | strict = true; |
421 | 0 | } |
422 | 0 | } |
423 | |
|
424 | 0 | if (op->op2_type == IS_CONST |
425 | 0 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op->op2.constant)) == IS_ARRAY) { |
426 | 0 | bool ok = true; |
427 | |
|
428 | 0 | const HashTable *src = Z_ARRVAL_P(CT_CONSTANT_EX(op_array, op->op2.constant)); |
429 | 0 | HashTable *dst; |
430 | 0 | zval *val, tmp; |
431 | 0 | zend_ulong idx; |
432 | |
|
433 | 0 | ZVAL_TRUE(&tmp); |
434 | 0 | dst = zend_new_array(zend_hash_num_elements(src)); |
435 | 0 | if (strict) { |
436 | 0 | ZEND_HASH_FOREACH_VAL(src, val) { |
437 | 0 | if (Z_TYPE_P(val) == IS_STRING) { |
438 | 0 | zend_hash_add(dst, Z_STR_P(val), &tmp); |
439 | 0 | } else if (Z_TYPE_P(val) == IS_LONG) { |
440 | 0 | zend_hash_index_add(dst, Z_LVAL_P(val), &tmp); |
441 | 0 | } else { |
442 | 0 | zend_array_destroy(dst); |
443 | 0 | ok = false; |
444 | 0 | break; |
445 | 0 | } |
446 | 0 | } ZEND_HASH_FOREACH_END(); |
447 | 0 | } else { |
448 | 0 | ZEND_HASH_FOREACH_VAL(src, val) { |
449 | 0 | if (Z_TYPE_P(val) != IS_STRING || ZEND_HANDLE_NUMERIC(Z_STR_P(val), idx)) { |
450 | 0 | zend_array_destroy(dst); |
451 | 0 | ok = false; |
452 | 0 | break; |
453 | 0 | } |
454 | 0 | zend_hash_add(dst, Z_STR_P(val), &tmp); |
455 | 0 | } ZEND_HASH_FOREACH_END(); |
456 | 0 | } |
457 | |
|
458 | 0 | if (ok) { |
459 | 0 | ZVAL_ARR(&tmp, dst); |
460 | | |
461 | | /* Update opcode */ |
462 | 0 | op->opcode = ZEND_IN_ARRAY; |
463 | 0 | op->extended_value = strict; |
464 | 0 | op->op2.constant = zend_optimizer_add_literal(op_array, &tmp); |
465 | 0 | if (has_opdata) { |
466 | 0 | MAKE_NOP(op + 1); |
467 | 0 | removed_ops++; |
468 | 0 | } |
469 | 0 | } |
470 | 0 | } |
471 | 0 | } |
472 | 82.4k | call_info = call_info->next_callee; |
473 | 82.4k | } while (call_info); |
474 | 33.3k | } |
475 | | |
476 | 72.4k | return removed_ops; |
477 | 72.4k | } |
478 | | |
479 | | static zend_always_inline void take_successor_0(zend_ssa *ssa, uint32_t block_num, zend_basic_block *block) |
480 | 1.81k | { |
481 | 1.81k | if (block->successors_count == 2) { |
482 | 360 | if (block->successors[1] != block->successors[0]) { |
483 | 56 | zend_ssa_remove_predecessor(ssa, block_num, block->successors[1]); |
484 | 56 | } |
485 | 360 | block->successors_count = 1; |
486 | 360 | } |
487 | 1.81k | } |
488 | | |
489 | | static zend_always_inline void take_successor_1(zend_ssa *ssa, uint32_t block_num, zend_basic_block *block) |
490 | 800 | { |
491 | 800 | if (block->successors_count == 2) { |
492 | 465 | if (block->successors[1] != block->successors[0]) { |
493 | 394 | zend_ssa_remove_predecessor(ssa, block_num, block->successors[0]); |
494 | 394 | block->successors[0] = block->successors[1]; |
495 | 394 | } |
496 | 465 | block->successors_count = 1; |
497 | 465 | } |
498 | 800 | } |
499 | | |
500 | | static zend_always_inline void take_successor_ex(zend_ssa *ssa, uint32_t block_num, zend_basic_block *block, int target_block) |
501 | 24 | { |
502 | 82 | for (uint32_t i = 0; i < block->successors_count; i++) { |
503 | 58 | if (block->successors[i] != target_block) { |
504 | 34 | zend_ssa_remove_predecessor(ssa, block_num, block->successors[i]); |
505 | 34 | } |
506 | 58 | } |
507 | 24 | block->successors[0] = target_block; |
508 | 24 | block->successors_count = 1; |
509 | 24 | } |
510 | | |
511 | | static void compress_block(zend_op_array *op_array, zend_basic_block *block) |
512 | 252k | { |
513 | 259k | while (block->len > 0) { |
514 | 256k | zend_op *opline = &op_array->opcodes[block->start + block->len - 1]; |
515 | | |
516 | 256k | if (opline->opcode == ZEND_NOP) { |
517 | 6.45k | block->len--; |
518 | 250k | } else { |
519 | 250k | break; |
520 | 250k | } |
521 | 256k | } |
522 | 252k | } |
523 | | |
524 | 1.89k | static void replace_predecessor(zend_ssa *ssa, int block_id, int old_pred, int new_pred) { |
525 | 1.89k | zend_basic_block *block = &ssa->cfg.blocks[block_id]; |
526 | 1.89k | int *predecessors = &ssa->cfg.predecessors[block->predecessor_offset]; |
527 | 1.89k | zend_ssa_phi *phi; |
528 | | |
529 | 1.89k | int old_pred_idx = -1; |
530 | 1.89k | int new_pred_idx = -1; |
531 | 4.61k | for (uint32_t i = 0; i < block->predecessors_count; i++) { |
532 | 2.71k | if (predecessors[i] == old_pred) { |
533 | 1.89k | old_pred_idx = i; |
534 | 1.89k | } |
535 | 2.71k | if (predecessors[i] == new_pred) { |
536 | 419 | new_pred_idx = i; |
537 | 419 | } |
538 | 2.71k | } |
539 | | |
540 | 1.89k | ZEND_ASSERT(old_pred_idx != -1); |
541 | 1.89k | if (new_pred_idx == -1) { |
542 | | /* If the new predecessor doesn't exist yet, simply rewire the old one */ |
543 | 1.47k | predecessors[old_pred_idx] = new_pred; |
544 | 1.47k | } else { |
545 | | /* Otherwise, rewiring the old predecessor would make the new predecessor appear |
546 | | * twice, which violates our CFG invariants. Remove the old predecessor instead. */ |
547 | 419 | memmove( |
548 | 419 | predecessors + old_pred_idx, |
549 | 419 | predecessors + old_pred_idx + 1, |
550 | 419 | sizeof(int) * (block->predecessors_count - old_pred_idx - 1) |
551 | 419 | ); |
552 | | |
553 | | /* Also remove the corresponding phi node entries */ |
554 | 444 | for (phi = ssa->blocks[block_id].phis; phi; phi = phi->next) { |
555 | 25 | if (phi->pi >= 0) { |
556 | 8 | if (phi->pi == old_pred || phi->pi == new_pred) { |
557 | 8 | zend_ssa_rename_var_uses( |
558 | 8 | ssa, phi->ssa_var, phi->sources[0], /* update_types */ 0); |
559 | 8 | zend_ssa_remove_phi(ssa, phi); |
560 | 8 | } |
561 | 17 | } else { |
562 | 17 | memmove( |
563 | 17 | phi->sources + old_pred_idx, |
564 | 17 | phi->sources + old_pred_idx + 1, |
565 | 17 | sizeof(int) * (block->predecessors_count - old_pred_idx - 1) |
566 | 17 | ); |
567 | 17 | } |
568 | 25 | } |
569 | | |
570 | 419 | block->predecessors_count--; |
571 | 419 | } |
572 | 1.89k | } |
573 | | |
574 | | static void zend_ssa_replace_control_link(zend_op_array *op_array, zend_ssa *ssa, int from, int to, int new_to) |
575 | 1.89k | { |
576 | 1.89k | zend_basic_block *src = &ssa->cfg.blocks[from]; |
577 | 1.89k | zend_basic_block *old = &ssa->cfg.blocks[to]; |
578 | 1.89k | zend_basic_block *dst = &ssa->cfg.blocks[new_to]; |
579 | 1.89k | zend_op *opline; |
580 | | |
581 | 5.01k | for (uint32_t i = 0; i < src->successors_count; i++) { |
582 | 3.11k | if (src->successors[i] == to) { |
583 | 1.93k | src->successors[i] = new_to; |
584 | 1.93k | } |
585 | 3.11k | } |
586 | | |
587 | 1.89k | if (src->len > 0) { |
588 | 1.68k | opline = op_array->opcodes + src->start + src->len - 1; |
589 | 1.68k | switch (opline->opcode) { |
590 | 6 | case ZEND_JMP: |
591 | 6 | case ZEND_FAST_CALL: |
592 | 6 | ZEND_ASSERT(ZEND_OP1_JMP_ADDR(opline) == op_array->opcodes + old->start); |
593 | 6 | ZEND_SET_OP_JMP_ADDR(opline, opline->op1, op_array->opcodes + dst->start); |
594 | 6 | break; |
595 | 518 | case ZEND_JMPZ: |
596 | 729 | case ZEND_JMPNZ: |
597 | 883 | case ZEND_JMPZ_EX: |
598 | 911 | case ZEND_JMPNZ_EX: |
599 | 911 | case ZEND_FE_RESET_R: |
600 | 911 | case ZEND_FE_RESET_RW: |
601 | 1.03k | case ZEND_JMP_SET: |
602 | 1.28k | case ZEND_COALESCE: |
603 | 1.28k | case ZEND_ASSERT_CHECK: |
604 | 1.28k | case ZEND_JMP_NULL: |
605 | 1.28k | case ZEND_BIND_INIT_STATIC_OR_JMP: |
606 | 1.28k | case ZEND_JMP_FRAMELESS: |
607 | 1.28k | if (ZEND_OP2_JMP_ADDR(opline) == op_array->opcodes + old->start) { |
608 | 384 | ZEND_SET_OP_JMP_ADDR(opline, opline->op2, op_array->opcodes + dst->start); |
609 | 384 | } |
610 | 1.28k | break; |
611 | 0 | case ZEND_CATCH: |
612 | 0 | if (!(opline->extended_value & ZEND_LAST_CATCH)) { |
613 | 0 | if (ZEND_OP2_JMP_ADDR(opline) == op_array->opcodes + old->start) { |
614 | 0 | ZEND_SET_OP_JMP_ADDR(opline, opline->op2, op_array->opcodes + dst->start); |
615 | 0 | } |
616 | 0 | } |
617 | 0 | break; |
618 | 9 | case ZEND_FE_FETCH_R: |
619 | 9 | case ZEND_FE_FETCH_RW: |
620 | 9 | if (ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value) == old->start) { |
621 | 0 | opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, dst->start); |
622 | 0 | } |
623 | 9 | break; |
624 | 0 | case ZEND_SWITCH_LONG: |
625 | 0 | case ZEND_SWITCH_STRING: |
626 | 6 | case ZEND_MATCH: |
627 | 6 | { |
628 | 6 | HashTable *jumptable = Z_ARRVAL(ZEND_OP2_LITERAL(opline)); |
629 | 6 | zval *zv; |
630 | 30 | ZEND_HASH_FOREACH_VAL(jumptable, zv) { |
631 | 30 | if (ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, Z_LVAL_P(zv)) == old->start) { |
632 | 0 | Z_LVAL_P(zv) = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, dst->start); |
633 | 0 | } |
634 | 30 | } ZEND_HASH_FOREACH_END(); |
635 | 6 | if (ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value) == old->start) { |
636 | 6 | opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, dst->start); |
637 | 6 | } |
638 | 6 | break; |
639 | 0 | } |
640 | 1.68k | } |
641 | 1.68k | } |
642 | | |
643 | 1.89k | replace_predecessor(ssa, new_to, to, from); |
644 | 1.89k | } |
645 | | |
646 | | static void zend_ssa_unlink_block(zend_op_array *op_array, zend_ssa *ssa, zend_basic_block *block, uint32_t block_num) |
647 | 2.41k | { |
648 | 2.41k | if (block->predecessors_count == 1 && ssa->blocks[block_num].phis == NULL) { |
649 | 1.89k | int *predecessors; |
650 | 1.89k | zend_basic_block *fe_fetch_block = NULL; |
651 | | |
652 | 1.89k | ZEND_ASSERT(block->successors_count == 1); |
653 | 1.89k | predecessors = &ssa->cfg.predecessors[block->predecessor_offset]; |
654 | 1.89k | if (block->predecessors_count == 1 && (block->flags & ZEND_BB_FOLLOW)) { |
655 | 1.62k | zend_basic_block *pred_block = &ssa->cfg.blocks[predecessors[0]]; |
656 | | |
657 | 1.62k | if (pred_block->len > 0 && (pred_block->flags & ZEND_BB_REACHABLE)) { |
658 | 1.41k | if ((op_array->opcodes[pred_block->start + pred_block->len - 1].opcode == ZEND_FE_FETCH_R |
659 | 1.40k | || op_array->opcodes[pred_block->start + pred_block->len - 1].opcode == ZEND_FE_FETCH_RW) |
660 | 9 | && op_array->opcodes[pred_block->start + pred_block->len - 1].op2_type == IS_CV) { |
661 | 9 | fe_fetch_block = pred_block; |
662 | 9 | } |
663 | 1.41k | } |
664 | 1.62k | } |
665 | 3.79k | for (uint32_t i = 0; i < block->predecessors_count; i++) { |
666 | 1.89k | zend_ssa_replace_control_link(op_array, ssa, predecessors[i], block_num, block->successors[0]); |
667 | 1.89k | } |
668 | 1.89k | zend_ssa_remove_block(op_array, ssa, block_num); |
669 | 1.89k | if (fe_fetch_block && fe_fetch_block->successors[0] == fe_fetch_block->successors[1]) { |
670 | | /* The body of "foreach" loop was removed */ |
671 | 5 | int ssa_var = ssa->ops[fe_fetch_block->start + fe_fetch_block->len - 1].op2_def; |
672 | 5 | if (ssa_var >= 0) { |
673 | 5 | zend_ssa_remove_uses_of_var(ssa, ssa_var); |
674 | 5 | } |
675 | 5 | } |
676 | 1.89k | } |
677 | 2.41k | } |
678 | | |
679 | | static int zend_dfa_optimize_jmps(zend_op_array *op_array, zend_ssa *ssa) |
680 | 144k | { |
681 | 144k | int removed_ops = 0; |
682 | 144k | uint32_t block_num = 0; |
683 | | |
684 | 404k | for (block_num = 1; block_num < ssa->cfg.blocks_count; block_num++) { |
685 | 259k | zend_basic_block *block = &ssa->cfg.blocks[block_num]; |
686 | | |
687 | 259k | if (!(block->flags & ZEND_BB_REACHABLE)) { |
688 | 9.77k | continue; |
689 | 9.77k | } |
690 | 249k | compress_block(op_array, block); |
691 | 249k | if (block->len == 0) { |
692 | 1.16k | zend_ssa_unlink_block(op_array, ssa, block, block_num); |
693 | 1.16k | } |
694 | 249k | } |
695 | | |
696 | 144k | block_num = 0; |
697 | 144k | while (block_num < ssa->cfg.blocks_count |
698 | 144k | && !(ssa->cfg.blocks[block_num].flags & ZEND_BB_REACHABLE)) { |
699 | 0 | block_num++; |
700 | 0 | } |
701 | 540k | while (block_num < ssa->cfg.blocks_count) { |
702 | 395k | uint32_t next_block_num = block_num + 1; |
703 | 395k | zend_basic_block *block = &ssa->cfg.blocks[block_num]; |
704 | 395k | uint32_t op_num; |
705 | 395k | zend_op *opline; |
706 | 395k | zend_ssa_op *ssa_op; |
707 | 395k | bool can_follow = true; |
708 | | |
709 | 421k | while (next_block_num < ssa->cfg.blocks_count |
710 | 276k | && !(ssa->cfg.blocks[next_block_num].flags & ZEND_BB_REACHABLE)) { |
711 | 25.8k | if (ssa->cfg.blocks[next_block_num].flags & ZEND_BB_UNREACHABLE_FREE) { |
712 | 56 | can_follow = false; |
713 | 56 | } |
714 | 25.8k | next_block_num++; |
715 | 25.8k | } |
716 | | |
717 | 395k | if (block->len) { |
718 | 394k | op_num = block->start + block->len - 1; |
719 | 394k | opline = op_array->opcodes + op_num; |
720 | 394k | ssa_op = ssa->ops + op_num; |
721 | | |
722 | 394k | switch (opline->opcode) { |
723 | 30.4k | case ZEND_JMP: |
724 | 31.9k | optimize_jmp: |
725 | 31.9k | if (block->successors[0] == next_block_num && can_follow) { |
726 | 1.61k | MAKE_NOP(opline); |
727 | 1.61k | removed_ops++; |
728 | 1.61k | goto optimize_nop; |
729 | 1.61k | } |
730 | 30.3k | break; |
731 | 30.3k | case ZEND_JMPZ: |
732 | 16.5k | optimize_jmpz: |
733 | 16.5k | if (opline->op1_type == IS_CONST) { |
734 | 563 | if (zend_is_true(CT_CONSTANT_EX(op_array, opline->op1.constant))) { |
735 | 341 | MAKE_NOP(opline); |
736 | 341 | removed_ops++; |
737 | 341 | take_successor_1(ssa, block_num, block); |
738 | 341 | goto optimize_nop; |
739 | 341 | } else { |
740 | 222 | opline->opcode = ZEND_JMP; |
741 | 222 | COPY_NODE(opline->op1, opline->op2); |
742 | 222 | take_successor_0(ssa, block_num, block); |
743 | 222 | goto optimize_jmp; |
744 | 222 | } |
745 | 15.9k | } else { |
746 | 15.9k | if (block->successors[0] == next_block_num && can_follow) { |
747 | 157 | take_successor_0(ssa, block_num, block); |
748 | 157 | if (opline->op1_type == IS_CV && (OP1_INFO() & MAY_BE_UNDEF)) { |
749 | 13 | opline->opcode = ZEND_CHECK_VAR; |
750 | 13 | opline->op2.num = 0; |
751 | 144 | } else if (opline->op1_type == IS_CV || !(OP1_INFO() & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
752 | 94 | zend_ssa_remove_instr(ssa, opline, ssa_op); |
753 | 94 | removed_ops++; |
754 | 94 | goto optimize_nop; |
755 | 94 | } else { |
756 | 50 | opline->opcode = ZEND_FREE; |
757 | 50 | opline->op2.num = 0; |
758 | 50 | } |
759 | 157 | } |
760 | 15.9k | } |
761 | 15.8k | break; |
762 | 18.4k | case ZEND_JMPNZ: |
763 | 19.7k | optimize_jmpnz: |
764 | 19.7k | if (opline->op1_type == IS_CONST) { |
765 | 875 | if (zend_is_true(CT_CONSTANT_EX(op_array, opline->op1.constant))) { |
766 | 633 | opline->opcode = ZEND_JMP; |
767 | 633 | COPY_NODE(opline->op1, opline->op2); |
768 | 633 | take_successor_0(ssa, block_num, block); |
769 | 633 | goto optimize_jmp; |
770 | 633 | } else { |
771 | 242 | MAKE_NOP(opline); |
772 | 242 | removed_ops++; |
773 | 242 | take_successor_1(ssa, block_num, block); |
774 | 242 | goto optimize_nop; |
775 | 242 | } |
776 | 18.8k | } else if (block->successors_count == 2) { |
777 | 18.8k | if (block->successors[0] == next_block_num && can_follow) { |
778 | 147 | take_successor_0(ssa, block_num, block); |
779 | 147 | if (opline->op1_type == IS_CV && (OP1_INFO() & MAY_BE_UNDEF)) { |
780 | 2 | opline->opcode = ZEND_CHECK_VAR; |
781 | 2 | opline->op2.num = 0; |
782 | 145 | } else if (opline->op1_type == IS_CV || !(OP1_INFO() & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
783 | 125 | zend_ssa_remove_instr(ssa, opline, ssa_op); |
784 | 125 | removed_ops++; |
785 | 125 | goto optimize_nop; |
786 | 125 | } else { |
787 | 20 | opline->opcode = ZEND_FREE; |
788 | 20 | opline->op2.num = 0; |
789 | 20 | } |
790 | 147 | } |
791 | 18.8k | } |
792 | 18.7k | break; |
793 | 18.7k | case ZEND_JMPZ_EX: |
794 | 1.28k | if (ssa->vars[ssa_op->result_def].use_chain < 0 |
795 | 1.28k | && ssa->vars[ssa_op->result_def].phi_use_chain == NULL) { |
796 | 444 | opline->opcode = ZEND_JMPZ; |
797 | 444 | opline->result_type = IS_UNUSED; |
798 | 444 | zend_ssa_remove_result_def(ssa, ssa_op); |
799 | 444 | goto optimize_jmpz; |
800 | 845 | } else if (opline->op1_type == IS_CONST) { |
801 | 83 | if (zend_is_true(CT_CONSTANT_EX(op_array, opline->op1.constant))) { |
802 | 61 | opline->opcode = ZEND_BOOL; |
803 | 61 | take_successor_1(ssa, block_num, block); |
804 | 61 | } |
805 | 83 | } |
806 | 845 | break; |
807 | 1.21k | case ZEND_JMPNZ_EX: |
808 | 1.21k | if (ssa->vars[ssa_op->result_def].use_chain < 0 |
809 | 1.21k | && ssa->vars[ssa_op->result_def].phi_use_chain == NULL) { |
810 | 144 | opline->opcode = ZEND_JMPNZ; |
811 | 144 | opline->result_type = IS_UNUSED; |
812 | 144 | zend_ssa_remove_result_def(ssa, ssa_op); |
813 | 144 | goto optimize_jmpnz; |
814 | 1.07k | } else if (opline->op1_type == IS_CONST) { |
815 | 122 | if (!zend_is_true(CT_CONSTANT_EX(op_array, opline->op1.constant))) { |
816 | 0 | opline->opcode = ZEND_BOOL; |
817 | 0 | take_successor_1(ssa, block_num, block); |
818 | 0 | } |
819 | 122 | } |
820 | 1.07k | break; |
821 | 2.64k | case ZEND_JMP_SET: |
822 | 2.64k | if (ssa->vars[ssa_op->result_def].use_chain < 0 |
823 | 2.64k | && ssa->vars[ssa_op->result_def].phi_use_chain == NULL) { |
824 | 1.15k | opline->opcode = ZEND_JMPNZ; |
825 | 1.15k | opline->result_type = IS_UNUSED; |
826 | 1.15k | zend_ssa_remove_result_def(ssa, ssa_op); |
827 | 1.15k | goto optimize_jmpnz; |
828 | 1.49k | } else if (opline->op1_type == IS_CONST) { |
829 | 8 | if (!zend_is_true(CT_CONSTANT_EX(op_array, opline->op1.constant))) { |
830 | 8 | MAKE_NOP(opline); |
831 | 8 | removed_ops++; |
832 | 8 | take_successor_1(ssa, block_num, block); |
833 | 8 | zend_ssa_remove_result_def(ssa, ssa_op); |
834 | 8 | goto optimize_nop; |
835 | 8 | } |
836 | 8 | } |
837 | 1.48k | break; |
838 | 4.88k | case ZEND_COALESCE: |
839 | 4.88k | { |
840 | 4.88k | zend_ssa_var *var = &ssa->vars[ssa_op->result_def]; |
841 | 4.88k | if (opline->op1_type == IS_CONST |
842 | 820 | && var->use_chain < 0 && var->phi_use_chain == NULL) { |
843 | 762 | if (Z_TYPE_P(CT_CONSTANT_EX(op_array, opline->op1.constant)) == IS_NULL) { |
844 | 116 | zend_ssa_remove_result_def(ssa, ssa_op); |
845 | 116 | MAKE_NOP(opline); |
846 | 116 | removed_ops++; |
847 | 116 | take_successor_1(ssa, block_num, block); |
848 | 116 | goto optimize_nop; |
849 | 646 | } else { |
850 | 646 | opline->opcode = ZEND_JMP; |
851 | 646 | opline->result_type = IS_UNUSED; |
852 | 646 | zend_ssa_remove_result_def(ssa, ssa_op); |
853 | 646 | COPY_NODE(opline->op1, opline->op2); |
854 | 646 | take_successor_0(ssa, block_num, block); |
855 | 646 | goto optimize_jmp; |
856 | 646 | } |
857 | 762 | } |
858 | 4.12k | break; |
859 | 4.88k | } |
860 | 58.8k | case ZEND_JMP_NULL: |
861 | 58.8k | { |
862 | 58.8k | zend_ssa_var *var = &ssa->vars[ssa_op->result_def]; |
863 | 58.8k | if (opline->op1_type == IS_CONST |
864 | 76 | && var->use_chain < 0 && var->phi_use_chain == NULL) { |
865 | 44 | if (Z_TYPE_P(CT_CONSTANT_EX(op_array, opline->op1.constant)) == IS_NULL) { |
866 | 12 | opline->opcode = ZEND_JMP; |
867 | 12 | opline->result_type = IS_UNUSED; |
868 | 12 | zend_ssa_remove_result_def(ssa, ssa_op); |
869 | 12 | COPY_NODE(opline->op1, opline->op2); |
870 | 12 | take_successor_0(ssa, block_num, block); |
871 | 12 | goto optimize_jmp; |
872 | 32 | } else { |
873 | 32 | zend_ssa_remove_result_def(ssa, ssa_op); |
874 | 32 | MAKE_NOP(opline); |
875 | 32 | removed_ops++; |
876 | 32 | take_successor_1(ssa, block_num, block); |
877 | 32 | goto optimize_nop; |
878 | 32 | } |
879 | 44 | } |
880 | 58.8k | break; |
881 | 58.8k | } |
882 | 58.8k | case ZEND_SWITCH_LONG: |
883 | 112 | case ZEND_SWITCH_STRING: |
884 | 404 | case ZEND_MATCH: |
885 | 404 | if (opline->op1_type == IS_CONST) { |
886 | 24 | zval *zv = CT_CONSTANT_EX(op_array, opline->op1.constant); |
887 | 24 | uint8_t type = Z_TYPE_P(zv); |
888 | 24 | bool correct_type = |
889 | 24 | (opline->opcode == ZEND_SWITCH_LONG && type == IS_LONG) |
890 | 24 | || (opline->opcode == ZEND_SWITCH_STRING && type == IS_STRING) |
891 | 24 | || (opline->opcode == ZEND_MATCH && (type == IS_LONG || type == IS_STRING)); |
892 | | |
893 | | /* Switch statements have a fallback chain for loose comparison. In those |
894 | | * cases the SWITCH_* instruction is a NOP. Match does strict comparison and |
895 | | * thus jumps to the default branch on mismatched types, so we need to |
896 | | * convert MATCH to a jmp. */ |
897 | 24 | if (!correct_type && opline->opcode != ZEND_MATCH) { |
898 | 12 | removed_ops++; |
899 | 12 | MAKE_NOP(opline); |
900 | 12 | opline->extended_value = 0; |
901 | 12 | take_successor_ex(ssa, block_num, block, block->successors[block->successors_count - 1]); |
902 | 12 | goto optimize_nop; |
903 | 12 | } |
904 | | |
905 | 12 | uint32_t target; |
906 | 12 | if (correct_type) { |
907 | 6 | HashTable *jmptable = Z_ARRVAL_P(CT_CONSTANT_EX(op_array, opline->op2.constant)); |
908 | 6 | zval *jmp_zv = type == IS_LONG |
909 | 6 | ? zend_hash_index_find(jmptable, Z_LVAL_P(zv)) |
910 | 6 | : zend_hash_find(jmptable, Z_STR_P(zv)); |
911 | | |
912 | 6 | if (jmp_zv) { |
913 | 2 | target = ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, Z_LVAL_P(jmp_zv)); |
914 | 4 | } else { |
915 | 4 | target = ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value); |
916 | 4 | } |
917 | 6 | } else { |
918 | 6 | ZEND_ASSERT(opline->opcode == ZEND_MATCH); |
919 | 6 | target = ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value); |
920 | 6 | } |
921 | 12 | opline->opcode = ZEND_JMP; |
922 | 12 | opline->extended_value = 0; |
923 | 12 | SET_UNUSED(opline->op1); |
924 | 12 | ZEND_SET_OP_JMP_ADDR(opline, opline->op1, op_array->opcodes + target); |
925 | 12 | SET_UNUSED(opline->op2); |
926 | 12 | take_successor_ex(ssa, block_num, block, ssa->cfg.map[target]); |
927 | 12 | goto optimize_jmp; |
928 | 12 | } |
929 | 380 | break; |
930 | 380 | case ZEND_NOP: |
931 | 2.69k | optimize_nop: |
932 | 2.69k | compress_block(op_array, block); |
933 | 2.69k | if (block->len == 0) { |
934 | 1.34k | if (block_num > 0) { |
935 | 1.25k | zend_ssa_unlink_block(op_array, ssa, block, block_num); |
936 | | /* backtrack to previous basic block */ |
937 | 1.25k | int backtracking_block_num = block_num; |
938 | 11.9k | do { |
939 | 11.9k | backtracking_block_num--; |
940 | 11.9k | } while (backtracking_block_num >= 0 |
941 | 11.9k | && !(ssa->cfg.blocks[backtracking_block_num].flags & ZEND_BB_REACHABLE)); |
942 | 1.25k | if (backtracking_block_num >= 0) { |
943 | 1.25k | block_num = backtracking_block_num; |
944 | 1.25k | continue; |
945 | 1.25k | } |
946 | 1.25k | } |
947 | 1.34k | } |
948 | 1.44k | break; |
949 | 260k | default: |
950 | 260k | break; |
951 | 394k | } |
952 | 394k | } |
953 | | |
954 | 394k | block_num = next_block_num; |
955 | 394k | } |
956 | | |
957 | 144k | return removed_ops; |
958 | 144k | } |
959 | | |
960 | | static bool zend_dfa_try_to_replace_result(zend_op_array *op_array, zend_ssa *ssa, int def, int cv_var) |
961 | 12.9k | { |
962 | 12.9k | int result_var = ssa->ops[def].result_def; |
963 | 12.9k | uint32_t cv = EX_NUM_TO_VAR(ssa->vars[cv_var].var); |
964 | | |
965 | 12.9k | if (result_var >= 0 |
966 | 12.9k | && !(ssa->var_info[cv_var].type & MAY_BE_REF) |
967 | 7.63k | && ssa->vars[cv_var].alias == NO_ALIAS |
968 | 7.63k | && ssa->vars[result_var].phi_use_chain == NULL |
969 | 7.60k | && ssa->vars[result_var].sym_use_chain == NULL) { |
970 | 7.60k | int use = ssa->vars[result_var].use_chain; |
971 | | |
972 | 7.60k | if (use >= 0 |
973 | 7.06k | && zend_ssa_next_use(ssa->ops, result_var, use) < 0 |
974 | 7.06k | && op_array->opcodes[use].opcode != ZEND_FREE |
975 | 7.06k | && op_array->opcodes[use].opcode != ZEND_SEND_VAL |
976 | 7.05k | && op_array->opcodes[use].opcode != ZEND_SEND_VAL_EX |
977 | 7.04k | && op_array->opcodes[use].opcode != ZEND_VERIFY_RETURN_TYPE |
978 | 7.03k | && op_array->opcodes[use].opcode != ZEND_YIELD) { |
979 | 7.02k | if (use > def) { |
980 | 7.02k | int i = use; |
981 | 7.02k | const zend_op *opline = &op_array->opcodes[use]; |
982 | | |
983 | 13.7k | while (i > def) { |
984 | 8.10k | if ((opline->op1_type == IS_CV && opline->op1.var == cv) |
985 | 6.80k | || (opline->op2_type == IS_CV && opline->op2.var == cv) |
986 | 6.71k | || (opline->result_type == IS_CV && opline->result.var == cv)) { |
987 | 1.39k | return false; |
988 | 1.39k | } |
989 | 6.71k | opline--; |
990 | 6.71k | i--; |
991 | 6.71k | } |
992 | | |
993 | | /* Update opcodes and reconstruct SSA */ |
994 | 5.63k | ssa->vars[result_var].definition = -1; |
995 | 5.63k | ssa->vars[result_var].use_chain = -1; |
996 | 5.63k | ssa->ops[def].result_def = -1; |
997 | | |
998 | 5.63k | op_array->opcodes[def].result_type = IS_UNUSED; |
999 | 5.63k | op_array->opcodes[def].result.var = 0; |
1000 | | |
1001 | 5.63k | if (ssa->ops[use].op1_use == result_var) { |
1002 | 1.82k | ssa->ops[use].op1_use = cv_var; |
1003 | 1.82k | ssa->ops[use].op1_use_chain = ssa->vars[cv_var].use_chain; |
1004 | 1.82k | ssa->vars[cv_var].use_chain = use; |
1005 | | |
1006 | 1.82k | op_array->opcodes[use].op1_type = IS_CV; |
1007 | 1.82k | op_array->opcodes[use].op1.var = cv; |
1008 | 3.80k | } else if (ssa->ops[use].op2_use == result_var) { |
1009 | 3.80k | ssa->ops[use].op2_use = cv_var; |
1010 | 3.80k | ssa->ops[use].op2_use_chain = ssa->vars[cv_var].use_chain; |
1011 | 3.80k | ssa->vars[cv_var].use_chain = use; |
1012 | | |
1013 | 3.80k | op_array->opcodes[use].op2_type = IS_CV; |
1014 | 3.80k | op_array->opcodes[use].op2.var = cv; |
1015 | 3.80k | } else if (ssa->ops[use].result_use == result_var) { |
1016 | 0 | ssa->ops[use].result_use = cv_var; |
1017 | 0 | ssa->ops[use].res_use_chain = ssa->vars[cv_var].use_chain; |
1018 | 0 | ssa->vars[cv_var].use_chain = use; |
1019 | |
|
1020 | 0 | op_array->opcodes[use].result_type = IS_CV; |
1021 | 0 | op_array->opcodes[use].result.var = cv; |
1022 | 0 | } |
1023 | | |
1024 | 5.63k | return true; |
1025 | 7.02k | } |
1026 | 7.02k | } |
1027 | 7.60k | } |
1028 | | |
1029 | 5.94k | return false; |
1030 | 12.9k | } |
1031 | | |
1032 | | void zend_dfa_optimize_op_array(zend_op_array *op_array, zend_optimizer_ctx *ctx, zend_ssa *ssa, zend_call_info **call_map) |
1033 | 72.4k | { |
1034 | 72.4k | if (ctx->debug_level & ZEND_DUMP_BEFORE_DFA_PASS) { |
1035 | 0 | zend_dump_op_array(op_array, ZEND_DUMP_SSA, "before dfa pass", ssa); |
1036 | 0 | } |
1037 | | |
1038 | 72.4k | if (ssa->var_info) { |
1039 | 72.4k | int op_1; |
1040 | 72.4k | int v; |
1041 | 72.4k | int remove_nops = 0; |
1042 | 72.4k | zend_op *opline; |
1043 | 72.4k | zend_ssa_op *ssa_op; |
1044 | 72.4k | zval tmp; |
1045 | | |
1046 | 72.4k | #if ZEND_DEBUG_DFA |
1047 | 72.4k | ssa_verify_integrity(op_array, ssa, "before dfa"); |
1048 | 72.4k | #endif |
1049 | | |
1050 | 72.4k | if (ZEND_OPTIMIZER_PASS_8 & ctx->optimization_level) { |
1051 | 72.4k | if (sccp_optimize_op_array(ctx, op_array, ssa, call_map)) { |
1052 | 1.57k | remove_nops = 1; |
1053 | 1.57k | } |
1054 | | |
1055 | 72.4k | if (zend_dfa_optimize_jmps(op_array, ssa)) { |
1056 | 625 | remove_nops = 1; |
1057 | 625 | } |
1058 | | |
1059 | 72.4k | #if ZEND_DEBUG_DFA |
1060 | 72.4k | ssa_verify_integrity(op_array, ssa, "after sccp"); |
1061 | 72.4k | #endif |
1062 | 72.4k | if (ZEND_FUNC_INFO(op_array)) { |
1063 | 72.4k | if (zend_dfa_optimize_calls(op_array, ssa)) { |
1064 | 0 | remove_nops = 1; |
1065 | 0 | } |
1066 | 72.4k | } |
1067 | 72.4k | if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_8) { |
1068 | 0 | zend_dump_op_array(op_array, ZEND_DUMP_SSA, "after sccp pass", ssa); |
1069 | 0 | } |
1070 | 72.4k | #if ZEND_DEBUG_DFA |
1071 | 72.4k | ssa_verify_integrity(op_array, ssa, "after calls"); |
1072 | 72.4k | #endif |
1073 | 72.4k | } |
1074 | | |
1075 | 72.4k | if (ZEND_OPTIMIZER_PASS_14 & ctx->optimization_level) { |
1076 | 72.4k | if (dce_optimize_op_array(op_array, ctx, ssa, 0)) { |
1077 | 6.01k | remove_nops = 1; |
1078 | 6.01k | } |
1079 | 72.4k | if (zend_dfa_optimize_jmps(op_array, ssa)) { |
1080 | 288 | remove_nops = 1; |
1081 | 288 | } |
1082 | 72.4k | if (ctx->debug_level & ZEND_DUMP_AFTER_PASS_14) { |
1083 | 0 | zend_dump_op_array(op_array, ZEND_DUMP_SSA, "after dce pass", ssa); |
1084 | 0 | } |
1085 | 72.4k | #if ZEND_DEBUG_DFA |
1086 | 72.4k | ssa_verify_integrity(op_array, ssa, "after dce"); |
1087 | 72.4k | #endif |
1088 | 72.4k | } |
1089 | | |
1090 | 1.09M | for (v = op_array->last_var; v < ssa->vars_count; v++) { |
1091 | | |
1092 | 1.02M | op_1 = ssa->vars[v].definition; |
1093 | | |
1094 | 1.02M | if (op_1 < 0) { |
1095 | 175k | continue; |
1096 | 175k | } |
1097 | | |
1098 | 849k | opline = op_array->opcodes + op_1; |
1099 | 849k | ssa_op = &ssa->ops[op_1]; |
1100 | | |
1101 | | /* Convert LONG constants to DOUBLE */ |
1102 | 849k | if (ssa->var_info[v].use_as_double) { |
1103 | 2 | if (opline->opcode == ZEND_ASSIGN |
1104 | 2 | && opline->op2_type == IS_CONST |
1105 | 2 | && ssa->ops[op_1].op1_def == v |
1106 | 2 | && !RETURN_VALUE_USED(opline) |
1107 | 2 | ) { |
1108 | | |
1109 | | // op_1: ASSIGN ? -> #v [use_as_double], long(?) => ASSIGN ? -> #v, double(?) |
1110 | | |
1111 | 2 | zval *zv = CT_CONSTANT_EX(op_array, opline->op2.constant); |
1112 | 2 | ZEND_ASSERT(Z_TYPE_INFO_P(zv) == IS_LONG); |
1113 | 2 | ZVAL_DOUBLE(&tmp, zval_get_double(zv)); |
1114 | 2 | opline->op2.constant = zend_optimizer_add_literal(op_array, &tmp); |
1115 | | |
1116 | 2 | } else if (opline->opcode == ZEND_QM_ASSIGN |
1117 | 0 | && opline->op1_type == IS_CONST |
1118 | 0 | ) { |
1119 | | |
1120 | | // op_1: QM_ASSIGN #v [use_as_double], long(?) => QM_ASSIGN #v, double(?) |
1121 | |
|
1122 | 0 | zval *zv = CT_CONSTANT_EX(op_array, opline->op1.constant); |
1123 | 0 | ZEND_ASSERT(Z_TYPE_INFO_P(zv) == IS_LONG); |
1124 | 0 | ZVAL_DOUBLE(&tmp, zval_get_double(zv)); |
1125 | 0 | opline->op1.constant = zend_optimizer_add_literal(op_array, &tmp); |
1126 | 0 | } |
1127 | | |
1128 | 849k | } else { |
1129 | 849k | if (opline->opcode == ZEND_ADD |
1130 | 841k | || opline->opcode == ZEND_SUB |
1131 | 835k | || opline->opcode == ZEND_MUL |
1132 | 829k | || opline->opcode == ZEND_IS_EQUAL |
1133 | 826k | || opline->opcode == ZEND_IS_NOT_EQUAL |
1134 | 823k | || opline->opcode == ZEND_IS_SMALLER |
1135 | 815k | || opline->opcode == ZEND_IS_SMALLER_OR_EQUAL |
1136 | 849k | ) { |
1137 | | |
1138 | 36.2k | if (opline->op1_type == IS_CONST && opline->op2_type != IS_CONST) { |
1139 | 4.05k | zval *zv = CT_CONSTANT_EX(op_array, opline->op1.constant); |
1140 | | |
1141 | 4.05k | if ((OP2_INFO() & MAY_BE_ANY) == MAY_BE_DOUBLE |
1142 | 35 | && Z_TYPE_INFO_P(zv) == IS_LONG) { |
1143 | | |
1144 | | // op_1: #v.? = ADD long(?), #?.? [double] => #v.? = ADD double(?), #?.? [double] |
1145 | | |
1146 | 11 | ZVAL_DOUBLE(&tmp, zval_get_double(zv)); |
1147 | 11 | opline->op1.constant = zend_optimizer_add_literal(op_array, &tmp); |
1148 | 11 | zv = CT_CONSTANT_EX(op_array, opline->op1.constant); |
1149 | 11 | } |
1150 | 4.05k | if (opline->opcode == ZEND_ADD) { |
1151 | 775 | zv = CT_CONSTANT_EX(op_array, opline->op1.constant); |
1152 | | |
1153 | 775 | if (((OP2_INFO() & (MAY_BE_ANY|MAY_BE_UNDEF)) == MAY_BE_LONG |
1154 | 103 | && Z_TYPE_INFO_P(zv) == IS_LONG |
1155 | 45 | && Z_LVAL_P(zv) == 0) |
1156 | 775 | || ((OP2_INFO() & (MAY_BE_ANY|MAY_BE_UNDEF)) == MAY_BE_DOUBLE |
1157 | 16 | && Z_TYPE_INFO_P(zv) == IS_DOUBLE |
1158 | 0 | && Z_DVAL_P(zv) == 0.0)) { |
1159 | | |
1160 | | // op_1: #v.? = ADD 0, #?.? [double,long] => #v.? = QM_ASSIGN #?.? |
1161 | |
|
1162 | 0 | opline->opcode = ZEND_QM_ASSIGN; |
1163 | 0 | opline->op1_type = opline->op2_type; |
1164 | 0 | opline->op1.var = opline->op2.var; |
1165 | 0 | opline->op2_type = IS_UNUSED; |
1166 | 0 | opline->op2.num = 0; |
1167 | 0 | ssa->ops[op_1].op1_use = ssa->ops[op_1].op2_use; |
1168 | 0 | ssa->ops[op_1].op1_use_chain = ssa->ops[op_1].op2_use_chain; |
1169 | 0 | ssa->ops[op_1].op2_use = -1; |
1170 | 0 | ssa->ops[op_1].op2_use_chain = -1; |
1171 | 0 | } |
1172 | 3.27k | } else if (opline->opcode == ZEND_MUL |
1173 | 24 | && (OP2_INFO() & ((MAY_BE_ANY|MAY_BE_UNDEF)-(MAY_BE_LONG|MAY_BE_DOUBLE))) == 0) { |
1174 | 0 | zv = CT_CONSTANT_EX(op_array, opline->op1.constant); |
1175 | |
|
1176 | 0 | if ((Z_TYPE_INFO_P(zv) == IS_LONG |
1177 | 0 | && Z_LVAL_P(zv) == 2) |
1178 | 0 | || (Z_TYPE_INFO_P(zv) == IS_DOUBLE |
1179 | 0 | && Z_DVAL_P(zv) == 2.0 |
1180 | 0 | && !(OP2_INFO() & MAY_BE_LONG))) { |
1181 | | |
1182 | | // op_1: #v.? = MUL 2, #x.? [double,long] => #v.? = ADD #x.?, #x.? |
1183 | |
|
1184 | 0 | opline->opcode = ZEND_ADD; |
1185 | 0 | opline->op1_type = opline->op2_type; |
1186 | 0 | opline->op1.var = opline->op2.var; |
1187 | 0 | ssa->ops[op_1].op1_use = ssa->ops[op_1].op2_use; |
1188 | 0 | ssa->ops[op_1].op1_use_chain = ssa->ops[op_1].op2_use_chain; |
1189 | 0 | } |
1190 | 0 | } |
1191 | 32.1k | } else if (opline->op1_type != IS_CONST && opline->op2_type == IS_CONST) { |
1192 | 13.9k | zval *zv = CT_CONSTANT_EX(op_array, opline->op2.constant); |
1193 | | |
1194 | 13.9k | if ((OP1_INFO() & MAY_BE_ANY) == MAY_BE_DOUBLE |
1195 | 285 | && Z_TYPE_INFO_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == IS_LONG) { |
1196 | | |
1197 | | // op_1: #v.? = ADD #?.? [double], long(?) => #v.? = ADD #?.? [double], double(?) |
1198 | | |
1199 | 135 | ZVAL_DOUBLE(&tmp, zval_get_double(zv)); |
1200 | 135 | opline->op2.constant = zend_optimizer_add_literal(op_array, &tmp); |
1201 | 135 | zv = CT_CONSTANT_EX(op_array, opline->op2.constant); |
1202 | 135 | } |
1203 | 13.9k | if (opline->opcode == ZEND_ADD || opline->opcode == ZEND_SUB) { |
1204 | 3.50k | if (((OP1_INFO() & (MAY_BE_ANY|MAY_BE_UNDEF)) == MAY_BE_LONG |
1205 | 870 | && Z_TYPE_INFO_P(zv) == IS_LONG |
1206 | 844 | && Z_LVAL_P(zv) == 0) |
1207 | 3.49k | || ((OP1_INFO() & (MAY_BE_ANY|MAY_BE_UNDEF)) == MAY_BE_DOUBLE |
1208 | 65 | && Z_TYPE_INFO_P(zv) == IS_DOUBLE |
1209 | 39 | && Z_DVAL_P(zv) == 0.0)) { |
1210 | | |
1211 | | // op_1: #v.? = ADD #?.? [double,long], 0 => #v.? = QM_ASSIGN #?.? |
1212 | | |
1213 | 16 | opline->opcode = ZEND_QM_ASSIGN; |
1214 | 16 | opline->op2_type = IS_UNUSED; |
1215 | 16 | opline->op2.num = 0; |
1216 | 16 | } |
1217 | 10.4k | } else if (opline->opcode == ZEND_MUL |
1218 | 2.83k | && (OP1_INFO() & ((MAY_BE_ANY|MAY_BE_UNDEF)-(MAY_BE_LONG|MAY_BE_DOUBLE))) == 0) { |
1219 | 816 | zv = CT_CONSTANT_EX(op_array, opline->op2.constant); |
1220 | | |
1221 | 816 | if ((Z_TYPE_INFO_P(zv) == IS_LONG |
1222 | 620 | && Z_LVAL_P(zv) == 2) |
1223 | 752 | || (Z_TYPE_INFO_P(zv) == IS_DOUBLE |
1224 | 65 | && Z_DVAL_P(zv) == 2.0 |
1225 | 68 | && !(OP1_INFO() & MAY_BE_LONG))) { |
1226 | | |
1227 | | // op_1: #v.? = MUL #x.? [double,long], 2 => #v.? = ADD #x.?, #x.? |
1228 | | |
1229 | 68 | opline->opcode = ZEND_ADD; |
1230 | 68 | opline->op2_type = opline->op1_type; |
1231 | 68 | opline->op2.var = opline->op1.var; |
1232 | 68 | ssa->ops[op_1].op2_use = ssa->ops[op_1].op1_use; |
1233 | 68 | ssa->ops[op_1].op2_use_chain = ssa->ops[op_1].op1_use_chain; |
1234 | 68 | } |
1235 | 816 | } |
1236 | 13.9k | } |
1237 | 812k | } else if (opline->opcode == ZEND_CONCAT) { |
1238 | 8.81k | if (!(OP1_INFO() & MAY_BE_OBJECT) |
1239 | 6.15k | && !(OP2_INFO() & MAY_BE_OBJECT)) { |
1240 | 4.64k | opline->opcode = ZEND_FAST_CONCAT; |
1241 | 4.64k | } |
1242 | 804k | } else if (opline->opcode == ZEND_VERIFY_RETURN_TYPE |
1243 | 2.00k | && opline->op1_type != IS_CONST |
1244 | 1.84k | && ssa->ops[op_1].op1_def == v |
1245 | 1.84k | && ssa->ops[op_1].op1_use >= 0) { |
1246 | 1.84k | int orig_var = ssa->ops[op_1].op1_use; |
1247 | 1.84k | int ret = ssa->vars[v].use_chain; |
1248 | | |
1249 | 1.84k | if (ssa->ops[op_1].op1_use_chain == -1 |
1250 | 1.80k | && can_elide_return_type_check(ctx->script, op_array, ssa, &ssa->ops[op_1])) { |
1251 | | |
1252 | | // op_1: VERIFY_RETURN_TYPE #orig_var.? [T] -> #v.? [T] => NOP |
1253 | | |
1254 | 914 | zend_ssa_unlink_use_chain(ssa, op_1, orig_var); |
1255 | | |
1256 | 914 | if (ret >= 0) { |
1257 | 914 | ssa->ops[ret].op1_use = orig_var; |
1258 | 914 | ssa->ops[ret].op1_use_chain = ssa->vars[orig_var].use_chain; |
1259 | 914 | ssa->vars[orig_var].use_chain = ret; |
1260 | 914 | } |
1261 | | |
1262 | 914 | ssa->vars[v].definition = -1; |
1263 | 914 | ssa->vars[v].use_chain = -1; |
1264 | | |
1265 | 914 | ssa->ops[op_1].op1_def = -1; |
1266 | 914 | ssa->ops[op_1].op1_use = -1; |
1267 | | |
1268 | 914 | MAKE_NOP(opline); |
1269 | 914 | remove_nops = 1; |
1270 | 933 | } else if (ret >= 0 |
1271 | 933 | && ssa->ops[ret].op1_use == v |
1272 | 933 | && ssa->ops[ret].op1_use_chain == -1 |
1273 | 933 | && can_elide_return_type_check(ctx->script, op_array, ssa, &ssa->ops[op_1])) { |
1274 | | |
1275 | | // op_1: VERIFY_RETURN_TYPE #orig_var.? [T] -> #v.? [T] => NOP |
1276 | | |
1277 | 32 | zend_ssa_replace_use_chain(ssa, op_1, ret, orig_var); |
1278 | | |
1279 | 32 | ssa->ops[ret].op1_use = orig_var; |
1280 | 32 | ssa->ops[ret].op1_use_chain = ssa->ops[op_1].op1_use_chain; |
1281 | | |
1282 | 32 | ssa->vars[v].definition = -1; |
1283 | 32 | ssa->vars[v].use_chain = -1; |
1284 | | |
1285 | 32 | ssa->ops[op_1].op1_def = -1; |
1286 | 32 | ssa->ops[op_1].op1_use = -1; |
1287 | | |
1288 | 32 | MAKE_NOP(opline); |
1289 | 32 | remove_nops = 1; |
1290 | 32 | } |
1291 | 1.84k | } |
1292 | 849k | } |
1293 | | |
1294 | 849k | if (opline->opcode == ZEND_QM_ASSIGN |
1295 | 7.84k | && ssa->ops[op_1].result_def == v |
1296 | 7.84k | && opline->op1_type & (IS_TMP_VAR|IS_VAR) |
1297 | 994 | && !(ssa->var_info[v].type & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF)) |
1298 | 849k | ) { |
1299 | | |
1300 | 128 | int src_var = ssa->ops[op_1].op1_use; |
1301 | | |
1302 | 128 | if (src_var >= 0 |
1303 | 128 | && !(ssa->var_info[src_var].type & MAY_BE_REF) |
1304 | 128 | && (ssa->var_info[src_var].type & (MAY_BE_UNDEF|MAY_BE_ANY)) |
1305 | 124 | && ssa->vars[src_var].definition >= 0 |
1306 | 14 | && ssa->ops[ssa->vars[src_var].definition].result_def == src_var |
1307 | 14 | && ssa->ops[ssa->vars[src_var].definition].result_use < 0 |
1308 | 14 | && ssa->vars[src_var].use_chain == op_1 |
1309 | 14 | && ssa->ops[op_1].op1_use_chain < 0 |
1310 | 14 | && !ssa->vars[src_var].phi_use_chain |
1311 | 14 | && !ssa->vars[src_var].sym_use_chain |
1312 | 14 | && opline_supports_assign_contraction( |
1313 | 14 | op_array, ssa, &op_array->opcodes[ssa->vars[src_var].definition], |
1314 | 14 | src_var, opline->result.var) |
1315 | 14 | && !variable_defined_or_used_in_range(ssa, EX_VAR_TO_NUM(opline->result.var), |
1316 | 14 | ssa->vars[src_var].definition+1, op_1) |
1317 | 128 | ) { |
1318 | | |
1319 | 14 | int orig_var = ssa->ops[op_1].result_use; |
1320 | 14 | int op_2 = ssa->vars[src_var].definition; |
1321 | | |
1322 | | // op_2: #src_var.T = OP ... => #v.CV = OP ... |
1323 | | // op_1: QM_ASSIGN #src_var.T #orig_var.CV [undef,scalar] -> #v.CV, NOP |
1324 | | |
1325 | 14 | if (orig_var >= 0) { |
1326 | 0 | zend_ssa_unlink_use_chain(ssa, op_1, orig_var); |
1327 | 0 | } |
1328 | | |
1329 | | /* Reconstruct SSA */ |
1330 | 14 | ssa->vars[v].definition = op_2; |
1331 | 14 | ssa->ops[op_2].result_def = v; |
1332 | | |
1333 | 14 | ssa->vars[src_var].definition = -1; |
1334 | 14 | ssa->vars[src_var].use_chain = -1; |
1335 | | |
1336 | 14 | ssa->ops[op_1].op1_use = -1; |
1337 | 14 | ssa->ops[op_1].op1_def = -1; |
1338 | 14 | ssa->ops[op_1].op1_use_chain = -1; |
1339 | 14 | ssa->ops[op_1].result_use = -1; |
1340 | 14 | ssa->ops[op_1].result_def = -1; |
1341 | 14 | ssa->ops[op_1].res_use_chain = -1; |
1342 | | |
1343 | | /* Update opcodes */ |
1344 | 14 | op_array->opcodes[op_2].result_type = opline->result_type; |
1345 | 14 | op_array->opcodes[op_2].result.var = opline->result.var; |
1346 | | |
1347 | 14 | MAKE_NOP(opline); |
1348 | 14 | remove_nops = 1; |
1349 | | |
1350 | 14 | if (op_array->opcodes[op_2].opcode == ZEND_SUB |
1351 | 2 | && op_array->opcodes[op_2].op1_type == op_array->opcodes[op_2].result_type |
1352 | 2 | && op_array->opcodes[op_2].op1.var == op_array->opcodes[op_2].result.var |
1353 | 0 | && op_array->opcodes[op_2].op2_type == IS_CONST |
1354 | 0 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == IS_LONG |
1355 | 0 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == 1 |
1356 | 0 | && ssa->ops[op_2].op1_use >= 0 |
1357 | 0 | && !(ssa->var_info[ssa->ops[op_2].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1358 | |
|
1359 | 0 | op_array->opcodes[op_2].opcode = ZEND_PRE_DEC; |
1360 | 0 | SET_UNUSED(op_array->opcodes[op_2].op2); |
1361 | 0 | SET_UNUSED(op_array->opcodes[op_2].result); |
1362 | |
|
1363 | 0 | ssa->ops[op_2].result_def = -1; |
1364 | 0 | ssa->ops[op_2].op1_def = v; |
1365 | |
|
1366 | 14 | } else if (op_array->opcodes[op_2].opcode == ZEND_ADD |
1367 | 0 | && op_array->opcodes[op_2].op1_type == op_array->opcodes[op_2].result_type |
1368 | 0 | && op_array->opcodes[op_2].op1.var == op_array->opcodes[op_2].result.var |
1369 | 0 | && op_array->opcodes[op_2].op2_type == IS_CONST |
1370 | 0 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == IS_LONG |
1371 | 0 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == 1 |
1372 | 0 | && ssa->ops[op_2].op1_use >= 0 |
1373 | 0 | && !(ssa->var_info[ssa->ops[op_2].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1374 | |
|
1375 | 0 | op_array->opcodes[op_2].opcode = ZEND_PRE_INC; |
1376 | 0 | SET_UNUSED(op_array->opcodes[op_2].op2); |
1377 | 0 | SET_UNUSED(op_array->opcodes[op_2].result); |
1378 | |
|
1379 | 0 | ssa->ops[op_2].result_def = -1; |
1380 | 0 | ssa->ops[op_2].op1_def = v; |
1381 | |
|
1382 | 14 | } else if (op_array->opcodes[op_2].opcode == ZEND_ADD |
1383 | 0 | && op_array->opcodes[op_2].op2_type == op_array->opcodes[op_2].result_type |
1384 | 0 | && op_array->opcodes[op_2].op2.var == op_array->opcodes[op_2].result.var |
1385 | 0 | && op_array->opcodes[op_2].op1_type == IS_CONST |
1386 | 0 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op1.constant)) == IS_LONG |
1387 | 0 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op1.constant)) == 1 |
1388 | 0 | && ssa->ops[op_2].op2_use >= 0 |
1389 | 0 | && !(ssa->var_info[ssa->ops[op_2].op2_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1390 | |
|
1391 | 0 | op_array->opcodes[op_2].opcode = ZEND_PRE_INC; |
1392 | 0 | op_array->opcodes[op_2].op1_type = op_array->opcodes[op_2].op2_type; |
1393 | 0 | op_array->opcodes[op_2].op1.var = op_array->opcodes[op_2].op2.var; |
1394 | 0 | SET_UNUSED(op_array->opcodes[op_2].op2); |
1395 | 0 | SET_UNUSED(op_array->opcodes[op_2].result); |
1396 | |
|
1397 | 0 | ssa->ops[op_2].result_def = -1; |
1398 | 0 | ssa->ops[op_2].op1_def = v; |
1399 | 0 | ssa->ops[op_2].op1_use = ssa->ops[op_2].op2_use; |
1400 | 0 | ssa->ops[op_2].op1_use_chain = ssa->ops[op_2].op2_use_chain; |
1401 | 0 | ssa->ops[op_2].op2_use = -1; |
1402 | 0 | ssa->ops[op_2].op2_use_chain = -1; |
1403 | 0 | } |
1404 | 14 | } |
1405 | 128 | } |
1406 | | |
1407 | 849k | if (ssa->vars[v].var >= op_array->last_var) { |
1408 | | /* skip TMP and VAR */ |
1409 | 706k | continue; |
1410 | 706k | } |
1411 | | |
1412 | 143k | if (ssa->ops[op_1].op1_def == v |
1413 | 111k | && RETURN_VALUE_USED(opline)) { |
1414 | 23.5k | if (opline->opcode == ZEND_ASSIGN |
1415 | 13.4k | || opline->opcode == ZEND_ASSIGN_OP |
1416 | 11.4k | || opline->opcode == ZEND_PRE_INC |
1417 | 12.9k | || opline->opcode == ZEND_PRE_DEC) { |
1418 | 12.9k | zend_dfa_try_to_replace_result(op_array, ssa, op_1, v); |
1419 | 12.9k | } else if (opline->opcode == ZEND_POST_INC) { |
1420 | 1.03k | int result_var = ssa->ops[op_1].result_def; |
1421 | | |
1422 | 1.03k | if (result_var >= 0 |
1423 | 1.03k | && (ssa->var_info[result_var].type & ((MAY_BE_ANY|MAY_BE_REF|MAY_BE_UNDEF) - (MAY_BE_LONG|MAY_BE_DOUBLE))) == 0) { |
1424 | 476 | int use = ssa->vars[result_var].use_chain; |
1425 | | |
1426 | 476 | if (use >= 0 && op_array->opcodes[use].opcode == ZEND_IS_SMALLER |
1427 | 46 | && ssa->ops[use].op1_use == result_var |
1428 | 46 | && zend_dfa_try_to_replace_result(op_array, ssa, op_1, v)) { |
1429 | 46 | opline->opcode = ZEND_PRE_INC; |
1430 | 46 | op_array->opcodes[use].opcode = ZEND_IS_SMALLER_OR_EQUAL; |
1431 | 46 | } |
1432 | 476 | } |
1433 | 9.61k | } else if (opline->opcode == ZEND_POST_DEC) { |
1434 | 1.22k | int result_var = ssa->ops[op_1].result_def; |
1435 | | |
1436 | 1.22k | if (result_var >= 0 |
1437 | 1.22k | && (ssa->var_info[result_var].type & ((MAY_BE_ANY|MAY_BE_REF|MAY_BE_UNDEF) - (MAY_BE_LONG|MAY_BE_DOUBLE))) == 0) { |
1438 | 489 | int use = ssa->vars[result_var].use_chain; |
1439 | | |
1440 | 489 | if (use >= 0 && op_array->opcodes[use].opcode == ZEND_IS_SMALLER |
1441 | 5 | && ssa->ops[use].op2_use == result_var |
1442 | 5 | && zend_dfa_try_to_replace_result(op_array, ssa, op_1, v)) { |
1443 | 5 | opline->opcode = ZEND_PRE_DEC; |
1444 | 5 | op_array->opcodes[use].opcode = ZEND_IS_SMALLER_OR_EQUAL; |
1445 | 5 | } |
1446 | 489 | } |
1447 | 1.22k | } |
1448 | 23.5k | } |
1449 | | |
1450 | 143k | if (opline->opcode == ZEND_ASSIGN |
1451 | 57.3k | && ssa->ops[op_1].op1_def == v |
1452 | 57.3k | && !RETURN_VALUE_USED(opline) |
1453 | 143k | ) { |
1454 | 51.4k | int orig_var = ssa->ops[op_1].op1_use; |
1455 | | |
1456 | 51.4k | if (orig_var >= 0 |
1457 | 51.3k | && !(ssa->var_info[orig_var].type & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF)) |
1458 | 51.4k | ) { |
1459 | 11.8k | int src_var = ssa->ops[op_1].op2_use; |
1460 | | |
1461 | 11.8k | if ((opline->op2_type & (IS_TMP_VAR|IS_VAR)) |
1462 | 6.62k | && src_var >= 0 |
1463 | 6.62k | && !(ssa->var_info[src_var].type & MAY_BE_REF) |
1464 | 6.61k | && (ssa->var_info[src_var].type & (MAY_BE_UNDEF|MAY_BE_ANY)) |
1465 | 6.51k | && ssa->vars[src_var].definition >= 0 |
1466 | 6.14k | && ssa->ops[ssa->vars[src_var].definition].result_def == src_var |
1467 | 6.14k | && ssa->ops[ssa->vars[src_var].definition].result_use < 0 |
1468 | 6.08k | && ssa->vars[src_var].use_chain == op_1 |
1469 | 6.01k | && ssa->ops[op_1].op2_use_chain < 0 |
1470 | 6.01k | && !ssa->vars[src_var].phi_use_chain |
1471 | 6.01k | && !ssa->vars[src_var].sym_use_chain |
1472 | 6.01k | && opline_supports_assign_contraction( |
1473 | 6.01k | op_array, ssa, &op_array->opcodes[ssa->vars[src_var].definition], |
1474 | 6.01k | src_var, opline->op1.var) |
1475 | 4.16k | && !variable_defined_or_used_in_range(ssa, EX_VAR_TO_NUM(opline->op1.var), |
1476 | 4.16k | ssa->vars[src_var].definition+1, op_1) |
1477 | 11.8k | ) { |
1478 | | |
1479 | 4.16k | int op_2 = ssa->vars[src_var].definition; |
1480 | | |
1481 | | // op_2: #src_var.T = OP ... => #v.CV = OP ... |
1482 | | // op_1: ASSIGN #orig_var.CV [undef,scalar] -> #v.CV, #src_var.T NOP |
1483 | | |
1484 | 4.16k | zend_ssa_unlink_use_chain(ssa, op_1, orig_var); |
1485 | | /* Reconstruct SSA */ |
1486 | 4.16k | ssa->vars[v].definition = op_2; |
1487 | 4.16k | ssa->ops[op_2].result_def = v; |
1488 | | |
1489 | 4.16k | ssa->vars[src_var].definition = -1; |
1490 | 4.16k | ssa->vars[src_var].use_chain = -1; |
1491 | | |
1492 | 4.16k | ssa->ops[op_1].op1_use = -1; |
1493 | 4.16k | ssa->ops[op_1].op2_use = -1; |
1494 | 4.16k | ssa->ops[op_1].op1_def = -1; |
1495 | 4.16k | ssa->ops[op_1].op1_use_chain = -1; |
1496 | | |
1497 | | /* Update opcodes */ |
1498 | 4.16k | op_array->opcodes[op_2].result_type = opline->op1_type; |
1499 | 4.16k | op_array->opcodes[op_2].result.var = opline->op1.var; |
1500 | | |
1501 | 4.16k | MAKE_NOP(opline); |
1502 | 4.16k | remove_nops = 1; |
1503 | | |
1504 | 4.16k | if (op_array->opcodes[op_2].opcode == ZEND_SUB |
1505 | 356 | && op_array->opcodes[op_2].op1_type == op_array->opcodes[op_2].result_type |
1506 | 181 | && op_array->opcodes[op_2].op1.var == op_array->opcodes[op_2].result.var |
1507 | 24 | && op_array->opcodes[op_2].op2_type == IS_CONST |
1508 | 4 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == IS_LONG |
1509 | 4 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == 1 |
1510 | 0 | && ssa->ops[op_2].op1_use >= 0 |
1511 | 0 | && !(ssa->var_info[ssa->ops[op_2].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1512 | |
|
1513 | 0 | op_array->opcodes[op_2].opcode = ZEND_PRE_DEC; |
1514 | 0 | SET_UNUSED(op_array->opcodes[op_2].op2); |
1515 | 0 | SET_UNUSED(op_array->opcodes[op_2].result); |
1516 | |
|
1517 | 0 | ssa->ops[op_2].result_def = -1; |
1518 | 0 | ssa->ops[op_2].op1_def = v; |
1519 | |
|
1520 | 4.16k | } else if (op_array->opcodes[op_2].opcode == ZEND_ADD |
1521 | 1.60k | && op_array->opcodes[op_2].op1_type == op_array->opcodes[op_2].result_type |
1522 | 842 | && op_array->opcodes[op_2].op1.var == op_array->opcodes[op_2].result.var |
1523 | 542 | && op_array->opcodes[op_2].op2_type == IS_CONST |
1524 | 44 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == IS_LONG |
1525 | 12 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op2.constant)) == 1 |
1526 | 2 | && ssa->ops[op_2].op1_use >= 0 |
1527 | 2 | && !(ssa->var_info[ssa->ops[op_2].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1528 | | |
1529 | 2 | op_array->opcodes[op_2].opcode = ZEND_PRE_INC; |
1530 | 2 | SET_UNUSED(op_array->opcodes[op_2].op2); |
1531 | 2 | SET_UNUSED(op_array->opcodes[op_2].result); |
1532 | | |
1533 | 2 | ssa->ops[op_2].result_def = -1; |
1534 | 2 | ssa->ops[op_2].op1_def = v; |
1535 | | |
1536 | 4.16k | } else if (op_array->opcodes[op_2].opcode == ZEND_ADD |
1537 | 1.60k | && op_array->opcodes[op_2].op2_type == op_array->opcodes[op_2].result_type |
1538 | 970 | && op_array->opcodes[op_2].op2.var == op_array->opcodes[op_2].result.var |
1539 | 225 | && op_array->opcodes[op_2].op1_type == IS_CONST |
1540 | 4 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op1.constant)) == IS_LONG |
1541 | 0 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, op_array->opcodes[op_2].op1.constant)) == 1 |
1542 | 0 | && ssa->ops[op_2].op2_use >= 0 |
1543 | 0 | && !(ssa->var_info[ssa->ops[op_2].op2_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1544 | |
|
1545 | 0 | op_array->opcodes[op_2].opcode = ZEND_PRE_INC; |
1546 | 0 | op_array->opcodes[op_2].op1_type = op_array->opcodes[op_2].op2_type; |
1547 | 0 | op_array->opcodes[op_2].op1.var = op_array->opcodes[op_2].op2.var; |
1548 | 0 | SET_UNUSED(op_array->opcodes[op_2].op2); |
1549 | 0 | SET_UNUSED(op_array->opcodes[op_2].result); |
1550 | |
|
1551 | 0 | ssa->ops[op_2].result_def = -1; |
1552 | 0 | ssa->ops[op_2].op1_def = v; |
1553 | 0 | ssa->ops[op_2].op1_use = ssa->ops[op_2].op2_use; |
1554 | 0 | ssa->ops[op_2].op1_use_chain = ssa->ops[op_2].op2_use_chain; |
1555 | 0 | ssa->ops[op_2].op2_use = -1; |
1556 | 0 | ssa->ops[op_2].op2_use_chain = -1; |
1557 | 0 | } |
1558 | 7.70k | } else if (opline->op2_type == IS_CONST |
1559 | 3.84k | || ((opline->op2_type & (IS_TMP_VAR|IS_VAR|IS_CV)) |
1560 | 3.84k | && ssa->ops[op_1].op2_use >= 0 |
1561 | 3.84k | && ssa->ops[op_1].op2_def < 0) |
1562 | 7.70k | ) { |
1563 | | |
1564 | | // op_1: ASSIGN #orig_var.CV [undef,scalar] -> #v.CV, CONST|TMPVAR => QM_ASSIGN v.CV, CONST|TMPVAR |
1565 | | |
1566 | 7.70k | if (ssa->ops[op_1].op1_use != ssa->ops[op_1].op2_use) { |
1567 | 7.52k | zend_ssa_unlink_use_chain(ssa, op_1, orig_var); |
1568 | 7.52k | } else { |
1569 | 188 | ssa->ops[op_1].op2_use_chain = ssa->ops[op_1].op1_use_chain; |
1570 | 188 | } |
1571 | | |
1572 | | /* Reconstruct SSA */ |
1573 | 7.70k | ssa->ops[op_1].result_def = v; |
1574 | 7.70k | ssa->ops[op_1].op1_def = -1; |
1575 | 7.70k | ssa->ops[op_1].op1_use = ssa->ops[op_1].op2_use; |
1576 | 7.70k | ssa->ops[op_1].op1_use_chain = ssa->ops[op_1].op2_use_chain; |
1577 | 7.70k | ssa->ops[op_1].op2_use = -1; |
1578 | 7.70k | ssa->ops[op_1].op2_use_chain = -1; |
1579 | | |
1580 | | /* Update opcode */ |
1581 | 7.70k | opline->result_type = opline->op1_type; |
1582 | 7.70k | opline->result.var = opline->op1.var; |
1583 | 7.70k | opline->op1_type = opline->op2_type; |
1584 | 7.70k | opline->op1.var = opline->op2.var; |
1585 | 7.70k | opline->op2_type = IS_UNUSED; |
1586 | 7.70k | opline->op2.var = 0; |
1587 | 7.70k | opline->opcode = ZEND_QM_ASSIGN; |
1588 | 7.70k | } |
1589 | 11.8k | } |
1590 | | |
1591 | 91.6k | } else if (opline->opcode == ZEND_ASSIGN_OP |
1592 | 5.24k | && opline->extended_value == ZEND_ADD |
1593 | 1.29k | && ssa->ops[op_1].op1_def == v |
1594 | 1.29k | && opline->op2_type == IS_CONST |
1595 | 220 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == IS_LONG |
1596 | 192 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == 1 |
1597 | 80 | && ssa->ops[op_1].op1_use >= 0 |
1598 | 80 | && !(ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1599 | | |
1600 | | // op_1: ASSIGN_ADD #?.CV [undef,null,int,foat] ->#v.CV, int(1) => PRE_INC #?.CV ->#v.CV |
1601 | | |
1602 | 13 | opline->opcode = ZEND_PRE_INC; |
1603 | 13 | opline->extended_value = 0; |
1604 | 13 | SET_UNUSED(opline->op2); |
1605 | | |
1606 | 91.6k | } else if (opline->opcode == ZEND_ASSIGN_OP |
1607 | 5.23k | && opline->extended_value == ZEND_SUB |
1608 | 300 | && ssa->ops[op_1].op1_def == v |
1609 | 300 | && opline->op2_type == IS_CONST |
1610 | 170 | && Z_TYPE_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == IS_LONG |
1611 | 149 | && Z_LVAL_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == 1 |
1612 | 4 | && ssa->ops[op_1].op1_use >= 0 |
1613 | 4 | && !(ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_UNDEF|MAY_BE_NULL|MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) { |
1614 | | |
1615 | | // op_1: ASSIGN_SUB #?.CV [undef,null,int,foat] -> #v.CV, int(1) => PRE_DEC #?.CV ->#v.CV |
1616 | |
|
1617 | 0 | opline->opcode = ZEND_PRE_DEC; |
1618 | 0 | opline->extended_value = 0; |
1619 | 0 | SET_UNUSED(opline->op2); |
1620 | |
|
1621 | 91.6k | } else if (ssa->ops[op_1].op1_def == v |
1622 | 60.2k | && !RETURN_VALUE_USED(opline) |
1623 | 42.2k | && ssa->ops[op_1].op1_use >= 0 |
1624 | 42.2k | && !(ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF)) |
1625 | 16.0k | && opline->opcode == ZEND_ASSIGN_OP |
1626 | 1.96k | && opline->extended_value != ZEND_CONCAT) { |
1627 | | |
1628 | | // op_1: ASSIGN_OP #orig_var.CV [undef,null,bool,int,double] -> #v.CV, ? => #v.CV = ADD #orig_var.CV, ? |
1629 | | |
1630 | | /* Reconstruct SSA */ |
1631 | 1.69k | ssa->ops[op_1].result_def = ssa->ops[op_1].op1_def; |
1632 | 1.69k | ssa->ops[op_1].op1_def = -1; |
1633 | | |
1634 | | /* Update opcode */ |
1635 | 1.69k | opline->opcode = opline->extended_value; |
1636 | 1.69k | opline->extended_value = 0; |
1637 | 1.69k | opline->result_type = opline->op1_type; |
1638 | 1.69k | opline->result.var = opline->op1.var; |
1639 | | |
1640 | 1.69k | } |
1641 | 143k | } |
1642 | | |
1643 | 72.4k | #if ZEND_DEBUG_DFA |
1644 | 72.4k | ssa_verify_integrity(op_array, ssa, "after dfa"); |
1645 | 72.4k | #endif |
1646 | | |
1647 | 72.4k | if (remove_nops) { |
1648 | 8.10k | zend_ssa_remove_nops(op_array, ssa, ctx); |
1649 | 8.10k | #if ZEND_DEBUG_DFA |
1650 | 8.10k | ssa_verify_integrity(op_array, ssa, "after nop"); |
1651 | 8.10k | #endif |
1652 | 8.10k | } |
1653 | 72.4k | } |
1654 | | |
1655 | 72.4k | if (ctx->debug_level & ZEND_DUMP_AFTER_DFA_PASS) { |
1656 | 0 | zend_dump_op_array(op_array, ZEND_DUMP_SSA, "after dfa pass", ssa); |
1657 | 0 | } |
1658 | 72.4k | } |
1659 | | |
1660 | | void zend_optimize_dfa(zend_op_array *op_array, zend_optimizer_ctx *ctx) |
1661 | 0 | { |
1662 | 0 | void *checkpoint = zend_arena_checkpoint(ctx->arena); |
1663 | 0 | zend_ssa ssa; |
1664 | |
|
1665 | 0 | if (zend_dfa_analyze_op_array(op_array, ctx, &ssa) == FAILURE) { |
1666 | 0 | zend_arena_release(&ctx->arena, checkpoint); |
1667 | 0 | return; |
1668 | 0 | } |
1669 | | |
1670 | 0 | zend_dfa_optimize_op_array(op_array, ctx, &ssa, NULL); |
1671 | | |
1672 | | /* Destroy SSA */ |
1673 | 0 | zend_arena_release(&ctx->arena, checkpoint); |
1674 | 0 | } |