1
0
mirror of https://github.com/php/php-src.git synced 2026-04-24 00:18:23 +02:00
Files
Dmitry Stogov 5ee8413259 Fixed bug #62210 (Exceptions can leak temporary variables. As a part of the fix serious refactoring was done. op_array->brk_cont_array was removed, and replaced with more general and speed efficient op_array->T_liveliness. ZEND_GOTO opcode is always replaced by ZEND_JMP at compile time). (Bob, Dmitry, Laruence)
Squashed commit of the following:

commit 38e22106d4
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 15:12:19 2015 +0300

    Added NEWS entry

commit 0a355935bf
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 15:06:32 2015 +0300

    Inline function, to eliminate repeatable checks

commit d937584f3a
Merge: 0341626 32677f5
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 14:35:49 2015 +0300

    Merge branch 'master' into temporary_cleaning

    * master:
      Fixed bug #70006 (cli - function with default arg = STDOUT crash output).
      Fix x86 build
      Fixed use after free on closure_call_leak_with_exception.phpt
      Fixed test

commit 0341626ea9
Merge: 74869fa dec35de
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 12:00:53 2015 +0300

    Merge branch 'temporary_cleaning' of https://github.com/laruence/php-src into temporary_cleaning

    * 'temporary_cleaning' of https://github.com/laruence/php-src:
      Fixed checkpoint get
      Fixed crash of invalid pointer derefer
      cleanup

commit 74869fa673
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 11:45:34 2015 +0300

    Fixed wrong GOTO resolution

commit dec35ded32
Author: Xinchen Hui <laruence@gmail.com>
Date:   Tue Jul 7 15:58:49 2015 +0800

    Fixed checkpoint get

commit b0f419540a
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 10:47:11 2015 +0300

    Fixed crash of invalid pointer derefer (laruence)

commit 7a428d98ca
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 10:35:47 2015 +0300

    Fixed identation

commit 9c3a4dce9c
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 10:33:52 2015 +0300

    Fixed invalid size

commit 653abc670b
Author: Xinchen Hui <laruence@gmail.com>
Date:   Tue Jul 7 11:29:14 2015 +0800

    Fixed crash of invalid pointer derefer

commit e04500ceda
Author: Xinchen Hui <laruence@gmail.com>
Date:   Tue Jul 7 11:28:26 2015 +0800

    cleanup

commit 34183e1687
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 04:49:46 2015 +0300

    op_array->T_liveliness compression

commit 2f6ad84579
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 04:44:44 2015 +0300

    White spaces

commit be83f115a3
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 04:42:26 2015 +0300

    Identation

commit 1f5084b990
Merge: 91b620d 1adf3df
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 04:41:54 2015 +0300

    Merge branch 'master' into temporary_cleaning

    * master:
      Throw TypeError for invalid callback
      Fix crash when exception occurs during nested rope
      Fix crash when exception is thrown during ROPE_END
      Small cleanup in ternary compilation
      move the define to the right place
      fix ext/ldap build
      Rectify information about invalid shift warning being now ArithmeticError

commit 91b620d684
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 04:32:04 2015 +0300

    Replace GOTO by FREE/FE_FREE and JMP at compile time

commit 7052e56979
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Tue Jul 7 02:25:08 2015 +0300

    Use zend_regenerate_var_liveliness_info() to regenerate information after pass two.

commit ae72b0dc67
Merge: a81c4bb a919fe8
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 21:02:34 2015 +0300

    Merge branch 'master' into temporary_cleaning

    * master:
      Do not display EXT_TYPE_UNUSED in phpdbg opcodes
      Run debug build with opcache on travis

commit a81c4bb8c6
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 20:59:34 2015 +0300

    Improved algorithm. It's actually the same algorithm with second loop removed and simpler temporary data structures. The only difference may be in "re-defined" vatriable handling. Now live-range in that case started from the seconnd definition (this must be more safe).

commit 9a16810f7a
Merge: bbfbe47 001ecd3
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 17:57:45 2015 +0300

    Merge branch 'master' into temporary_cleaning

    * master:
      Simplify TMP var number decoding (without HashTable)

commit bbfbe470c8
Merge: 0bda4ab 436b01e
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 17:02:01 2015 +0300

    Merge branch 'master' into temporary_cleaning

    * master:
      Avoid dangerous optimization
      Fixed JMPZNZ instruction printing
      Attempt at falling back on ldap_find_control for Mac OS

commit 0bda4abea7
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 16:05:33 2015 +0300

    Fixed live-range construction for OP_DATA opcode
    Added comments about algorithm assumtions

commit 521ad9df98
Merge: 4398dab a09dcb0
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Mon Jul 6 14:54:15 2015 +0200

    Merge branch 'master' of https://github.com/php/php-src into temporary_cleaning

commit 4398dab82f
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Mon Jul 6 13:51:27 2015 +0200

    Add a few phpt tests related to temporary cleaning

commit 739656f83f
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 14:28:49 2015 +0300

    Fixed Zend/tests/foreach_004.phpt failure (FE_FETCH shouldn't be included into TMP vatriablr live range)

commit 3df462a2bc
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 13:41:02 2015 +0300

    Improve data layout (reduce the op_array structure size on 64-bit systems)

commit 883b73c56e
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Mon Jul 6 13:28:45 2015 +0300

    Removed op_array->brk_cont_array

commit ae5e58b598
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Mon Jul 6 04:22:58 2015 +0200

    Fix bug with brk_cont variable free / free loop vars via temporary liveliness info

commit b4223ca627
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Mon Jul 6 04:07:07 2015 +0200

    Fix bugs / cleanup fixes

commit ea33189d22
Author: Xinchen Hui <laruence@gmail.com>
Date:   Sun Jul 5 20:58:38 2015 +0800

    Removed useless TsTop

commit 1dbb007e4a
Merge: 550bbf8 3a8af24
Author: Xinchen Hui <laruence@gmail.com>
Date:   Sat Jul 4 15:06:44 2015 +0800

    Merge branch 'temporary_cleaning' of https://github.com/dstogov/php-src into temporary_cleaning

commit 3a8af24529
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Fri Jul 3 16:15:36 2015 +0300

    More exceptions from regular liveliness analyses (with explanation in comments).
    Mark old "unexplained" exceptions with ???.

commit ba721efa2c
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Fri Jul 3 14:16:09 2015 +0300

    Print list of live temp variables (at least for internal debugging)

commit 8d1f88fe91
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Fri Jul 3 13:31:56 2015 +0300

    Use op_array->T_liveliness to free incomplete ropes and restore error_reporting level on exception

commit 80c1d0d779
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Fri Jul 3 11:05:39 2015 +0300

    Don't keep empty T_liveliness

commit 501ae8aaac
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Thu Jul 2 22:31:48 2015 +0300

    Reverted changes to Zend/zend_arena.h.
    Reuse CG(arena) instead of creating a new one.

commit a4fce36907
Merge: 6ff7246 fd0fcce
Author: Dmitry Stogov <dmitry@zend.com>
Date:   Thu Jul 2 22:01:42 2015 +0300

    Merge branch 'temporary_cleaning' of github.com:bwoebi/php-src into temporary_cleaning

    * 'temporary_cleaning' of github.com:bwoebi/php-src:
      Fix remaining issues with compacted temporaries
      Fix regression from last commit (+1 ?!)
      Fix off-by-one (opcache may remove last ZEND_RETURN)
      Speed algorithm up, more fail safety when reusing temporaries
      Dumb bug in opcode.c (forgot to update Ts[i])
      Fix opcache support
      Exempt ROPE temporaries from freeing
      Hmm, we need temporary info for all the opcodes
      Add opcache support for cleaning in optimization step (Opcache seems to have a few unrelated issues which blow up together with that patch)
      Add proper temporary cleaning upon frame abortion
      Fix arena on small sizes (size < sizeof(zend_arena))

commit fd0fcce811
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Thu Jul 2 20:00:33 2015 +0200

    Fix remaining issues with compacted temporaries

commit 427dc58bbb
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Wed Jul 1 22:49:12 2015 +0200

    Fix regression from last commit (+1 ?!)

commit 1adcf56a6e
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Wed Jul 1 22:17:07 2015 +0200

    Fix off-by-one (opcache may remove last ZEND_RETURN)

commit 25b231b784
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Wed Jul 1 20:59:24 2015 +0200

    Speed algorithm up, more fail safety when reusing temporaries

commit 22d9d05350
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Wed Jul 1 16:48:46 2015 +0200

    Dumb bug in opcode.c (forgot to update Ts[i])

commit 6538269bfa
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Wed Jul 1 13:05:52 2015 +0200

    Fix opcache support

commit 333a7c4a88
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Sat Jun 27 22:40:21 2015 +0200

    Exempt ROPE temporaries from freeing

commit 02585f7708
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Fri Jun 26 16:20:55 2015 +0200

    Hmm, we need temporary info for all the opcodes

commit cbcaedbd78
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Fri Jun 26 01:04:09 2015 +0200

    Add opcache support for cleaning in optimization step
    (Opcache seems to have a few unrelated issues which blow up together with that patch)

commit fef649f406
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Fri Jun 26 01:02:27 2015 +0200

    Add proper temporary cleaning upon frame abortion

commit 1cec2e7271
Author: Bob Weinand <bobwei9@hotmail.com>
Date:   Thu Jun 25 23:33:21 2015 +0200

    Fix arena on small sizes (size < sizeof(zend_arena))
2015-07-07 15:41:12 +03:00

667 lines
20 KiB
C

/*
+----------------------------------------------------------------------+
| Zend OPcache |
+----------------------------------------------------------------------+
| Copyright (c) 1998-2015 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
| Authors: Andi Gutmans <andi@zend.com> |
| Zeev Suraski <zeev@zend.com> |
| Stanislav Malyshev <stas@zend.com> |
| Dmitry Stogov <dmitry@zend.com> |
+----------------------------------------------------------------------+
*/
#include "php.h"
#include "Optimizer/zend_optimizer.h"
#include "Optimizer/zend_optimizer_internal.h"
#include "zend_API.h"
#include "zend_constants.h"
#include "zend_execute.h"
#include "zend_vm.h"
static void zend_optimizer_zval_dtor_wrapper(zval *zvalue)
{
zval_dtor(zvalue);
}
void zend_optimizer_collect_constant(zend_optimizer_ctx *ctx, zval *name, zval* value)
{
zval val;
if (!ctx->constants) {
ctx->constants = zend_arena_alloc(&ctx->arena, sizeof(HashTable));
zend_hash_init(ctx->constants, 16, NULL, zend_optimizer_zval_dtor_wrapper, 0);
}
ZVAL_DUP(&val, value);
zend_hash_add(ctx->constants, Z_STR_P(name), &val);
}
int zend_optimizer_get_collected_constant(HashTable *constants, zval *name, zval* value)
{
zval *val;
if ((val = zend_hash_find(constants, Z_STR_P(name))) != NULL) {
ZVAL_DUP(value, val);
return 1;
}
return 0;
}
int zend_optimizer_lookup_cv(zend_op_array *op_array, zend_string* name)
{
int i = 0;
zend_ulong hash_value = zend_string_hash_val(name);
while (i < op_array->last_var) {
if (op_array->vars[i] == name ||
(ZSTR_H(op_array->vars[i]) == hash_value &&
ZSTR_LEN(op_array->vars[i]) == ZSTR_LEN(name) &&
memcmp(ZSTR_VAL(op_array->vars[i]), ZSTR_VAL(name), ZSTR_LEN(name)) == 0)) {
return (int)(zend_intptr_t)ZEND_CALL_VAR_NUM(NULL, i);
}
i++;
}
i = op_array->last_var;
op_array->last_var++;
op_array->vars = erealloc(op_array->vars, op_array->last_var * sizeof(zend_string*));
op_array->vars[i] = zend_string_dup(name, 0);
/* all IS_TMP_VAR and IS_VAR variable numbers have to be adjusted */
{
zend_op *opline = op_array->opcodes;
zend_op *end = opline + op_array->last;
while (opline < end) {
if (opline->op1_type & (IS_TMP_VAR|IS_VAR)) {
opline->op1.var += sizeof(zval);
}
if (opline->op2_type & (IS_TMP_VAR|IS_VAR)) {
opline->op2.var += sizeof(zval);
}
if (opline->result_type & (IS_TMP_VAR|IS_VAR)) {
opline->result.var += sizeof(zval);
}
if (opline->opcode == ZEND_DECLARE_INHERITED_CLASS ||
opline->opcode == ZEND_DECLARE_ANON_INHERITED_CLASS ||
opline->opcode == ZEND_DECLARE_INHERITED_CLASS_DELAYED) {
opline->extended_value += sizeof(zval);
}
opline++;
}
}
return (int)(zend_intptr_t)ZEND_CALL_VAR_NUM(NULL, i);
}
int zend_optimizer_add_literal(zend_op_array *op_array, zval *zv)
{
int i = op_array->last_literal;
op_array->last_literal++;
op_array->literals = (zval*)erealloc(op_array->literals, op_array->last_literal * sizeof(zval));
ZVAL_COPY_VALUE(&op_array->literals[i], zv);
Z_CACHE_SLOT(op_array->literals[i]) = -1;
return i;
}
int zend_optimizer_is_disabled_func(const char *name, size_t len) {
zend_function *fbc = (zend_function *)zend_hash_str_find_ptr(EG(function_table), name, len);
return (fbc && fbc->type == ZEND_INTERNAL_FUNCTION &&
fbc->internal_function.handler == ZEND_FN(display_disabled_function));
}
void zend_optimizer_update_op1_const(zend_op_array *op_array,
zend_op *opline,
zval *val)
{
if (opline->opcode == ZEND_FREE) {
MAKE_NOP(opline);
zval_dtor(val);
} else {
ZEND_OP1_TYPE(opline) = IS_CONST;
if (Z_TYPE_P(val) == IS_STRING) {
switch (opline->opcode) {
case ZEND_INIT_STATIC_METHOD_CALL:
case ZEND_CATCH:
case ZEND_FETCH_CONSTANT:
case ZEND_DEFINED:
case ZEND_NEW:
opline->op1.constant = zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(ZEND_OP1_LITERAL(opline)));
Z_CACHE_SLOT(op_array->literals[opline->op1.constant]) = op_array->cache_size;
op_array->cache_size += sizeof(void*);
zend_str_tolower(Z_STRVAL_P(val), Z_STRLEN_P(val));
zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(op_array->literals[opline->op1.constant+1]));
break;
default:
opline->op1.constant = zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(ZEND_OP1_LITERAL(opline)));
break;
}
} else {
if (opline->opcode == ZEND_CONCAT ||
opline->opcode == ZEND_FAST_CONCAT) {
convert_to_string(val);
}
opline->op1.constant = zend_optimizer_add_literal(op_array, val);
}
}
}
void zend_optimizer_update_op2_const(zend_op_array *op_array,
zend_op *opline,
zval *val)
{
ZEND_OP2_TYPE(opline) = IS_CONST;
if (opline->opcode == ZEND_INIT_FCALL) {
zend_str_tolower(Z_STRVAL_P(val), Z_STRLEN_P(val));
opline->op2.constant = zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(ZEND_OP2_LITERAL(opline)));
Z_CACHE_SLOT(op_array->literals[opline->op2.constant]) = op_array->cache_size;
op_array->cache_size += sizeof(void*);
return;
} else if (opline->opcode == ZEND_ROPE_INIT ||
opline->opcode == ZEND_ROPE_ADD ||
opline->opcode == ZEND_ROPE_END ||
opline->opcode == ZEND_CONCAT ||
opline->opcode == ZEND_FAST_CONCAT) {
convert_to_string(val);
}
opline->op2.constant = zend_optimizer_add_literal(op_array, val);
if (Z_TYPE_P(val) == IS_STRING) {
zend_string_hash_val(Z_STR(ZEND_OP2_LITERAL(opline)));
switch (opline->opcode) {
case ZEND_FETCH_R:
case ZEND_FETCH_W:
case ZEND_FETCH_RW:
case ZEND_FETCH_IS:
case ZEND_FETCH_UNSET:
case ZEND_FETCH_FUNC_ARG:
case ZEND_FETCH_CLASS:
case ZEND_INIT_FCALL_BY_NAME:
/*case ZEND_INIT_NS_FCALL_BY_NAME:*/
case ZEND_UNSET_VAR:
case ZEND_ISSET_ISEMPTY_VAR:
case ZEND_ADD_INTERFACE:
case ZEND_ADD_TRAIT:
case ZEND_INSTANCEOF:
Z_CACHE_SLOT(op_array->literals[opline->op2.constant]) = op_array->cache_size;
op_array->cache_size += sizeof(void*);
zend_str_tolower(Z_STRVAL_P(val), Z_STRLEN_P(val));
zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(op_array->literals[opline->op2.constant+1]));
break;
case ZEND_INIT_DYNAMIC_CALL:
opline->opcode = ZEND_INIT_FCALL_BY_NAME;
Z_CACHE_SLOT(op_array->literals[opline->op2.constant]) = op_array->cache_size;
op_array->cache_size += sizeof(void*);
zend_str_tolower(Z_STRVAL_P(val), Z_STRLEN_P(val));
zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(op_array->literals[opline->op2.constant+1]));
break;
case ZEND_INIT_METHOD_CALL:
case ZEND_INIT_STATIC_METHOD_CALL:
zend_str_tolower(Z_STRVAL_P(val), Z_STRLEN_P(val));
zend_optimizer_add_literal(op_array, val);
zend_string_hash_val(Z_STR(op_array->literals[opline->op2.constant+1]));
/* break missing intentionally */
/*case ZEND_FETCH_CONSTANT:*/
case ZEND_ASSIGN_OBJ:
case ZEND_FETCH_OBJ_R:
case ZEND_FETCH_OBJ_W:
case ZEND_FETCH_OBJ_RW:
case ZEND_FETCH_OBJ_IS:
case ZEND_FETCH_OBJ_UNSET:
case ZEND_FETCH_OBJ_FUNC_ARG:
case ZEND_UNSET_OBJ:
case ZEND_PRE_INC_OBJ:
case ZEND_PRE_DEC_OBJ:
case ZEND_POST_INC_OBJ:
case ZEND_POST_DEC_OBJ:
case ZEND_ISSET_ISEMPTY_PROP_OBJ:
Z_CACHE_SLOT(op_array->literals[opline->op2.constant]) = op_array->cache_size;
op_array->cache_size += 2 * sizeof(void*);
break;
case ZEND_ASSIGN_ADD:
case ZEND_ASSIGN_SUB:
case ZEND_ASSIGN_MUL:
case ZEND_ASSIGN_DIV:
case ZEND_ASSIGN_MOD:
case ZEND_ASSIGN_SL:
case ZEND_ASSIGN_SR:
case ZEND_ASSIGN_CONCAT:
case ZEND_ASSIGN_BW_OR:
case ZEND_ASSIGN_BW_AND:
case ZEND_ASSIGN_BW_XOR:
if (opline->extended_value == ZEND_ASSIGN_OBJ) {
Z_CACHE_SLOT(op_array->literals[opline->op2.constant]) = op_array->cache_size;
op_array->cache_size += 2 * sizeof(void*);
}
break;
case ZEND_OP_DATA:
if ((opline-1)->opcode == ZEND_ASSIGN_DIM ||
((opline-1)->extended_value == ZEND_ASSIGN_DIM &&
((opline-1)->opcode == ZEND_ASSIGN_ADD ||
(opline-1)->opcode == ZEND_ASSIGN_SUB ||
(opline-1)->opcode == ZEND_ASSIGN_MUL ||
(opline-1)->opcode == ZEND_ASSIGN_DIV ||
(opline-1)->opcode == ZEND_ASSIGN_MOD ||
(opline-1)->opcode == ZEND_ASSIGN_SL ||
(opline-1)->opcode == ZEND_ASSIGN_SR ||
(opline-1)->opcode == ZEND_ASSIGN_CONCAT ||
(opline-1)->opcode == ZEND_ASSIGN_BW_OR ||
(opline-1)->opcode == ZEND_ASSIGN_BW_AND ||
(opline-1)->opcode == ZEND_ASSIGN_BW_XOR))) {
goto check_numeric;
}
break;
case ZEND_ISSET_ISEMPTY_DIM_OBJ:
case ZEND_ADD_ARRAY_ELEMENT:
case ZEND_INIT_ARRAY:
case ZEND_ASSIGN_DIM:
case ZEND_UNSET_DIM:
case ZEND_FETCH_DIM_R:
case ZEND_FETCH_DIM_W:
case ZEND_FETCH_DIM_RW:
case ZEND_FETCH_DIM_IS:
case ZEND_FETCH_DIM_FUNC_ARG:
case ZEND_FETCH_DIM_UNSET:
case ZEND_FETCH_LIST:
check_numeric:
{
zend_ulong index;
if (ZEND_HANDLE_NUMERIC(Z_STR_P(val), index)) {
zval_dtor(val);
ZVAL_LONG(val, index);
op_array->literals[opline->op2.constant] = *val;
}
}
break;
default:
break;
}
}
}
int zend_optimizer_replace_by_const(zend_op_array *op_array,
zend_op *opline,
zend_uchar type,
uint32_t var,
zval *val)
{
zend_op *end = op_array->opcodes + op_array->last;
while (opline < end) {
if (ZEND_OP1_TYPE(opline) == type &&
ZEND_OP1(opline).var == var) {
switch (opline->opcode) {
case ZEND_FETCH_DIM_W:
case ZEND_FETCH_DIM_RW:
case ZEND_FETCH_DIM_FUNC_ARG:
case ZEND_FETCH_DIM_UNSET:
case ZEND_ASSIGN_DIM:
case ZEND_SEPARATE:
return 0;
case ZEND_SEND_VAR:
opline->extended_value = 0;
opline->opcode = ZEND_SEND_VAL;
break;
case ZEND_SEND_VAR_EX:
opline->extended_value = 0;
opline->opcode = ZEND_SEND_VAL_EX;
break;
case ZEND_SEND_VAR_NO_REF:
if (opline->extended_value & ZEND_ARG_COMPILE_TIME_BOUND) {
if (opline->extended_value & ZEND_ARG_SEND_BY_REF) {
zval_dtor(val);
return 0;
}
opline->extended_value = 0;
opline->opcode = ZEND_SEND_VAL_EX;
} else {
opline->extended_value = 0;
opline->opcode = ZEND_SEND_VAL;
}
break;
/* In most cases IS_TMP_VAR operand may be used only once.
* The operands are usually destroyed by the opcode handler.
* ZEND_CASE is an exception, that keeps operand unchanged,
* and allows its reuse. The number of ZEND_CASE instructions
* usually terminated by ZEND_FREE that finally kills the value.
*/
case ZEND_FREE:
case ZEND_CASE: {
zend_op *m = opline;
zend_op *end = op_array->opcodes + op_array->last;
while (m < end) {
if (ZEND_OP1_TYPE(m) == type && ZEND_OP1(m).var == var) {
if (m->opcode == ZEND_CASE) {
zval old_val;
ZVAL_COPY_VALUE(&old_val, val);
zval_copy_ctor(val);
zend_optimizer_update_op1_const(op_array, m, val);
ZVAL_COPY_VALUE(val, &old_val);
} else if (m->opcode == ZEND_FREE) {
MAKE_NOP(m);
break;
} else {
ZEND_ASSERT(0);
}
}
m++;
}
zval_dtor(val);
return 1;
}
default:
break;
}
zend_optimizer_update_op1_const(op_array, opline, val);
break;
}
if (ZEND_OP2_TYPE(opline) == type &&
ZEND_OP2(opline).var == var) {
switch (opline->opcode) {
case ZEND_ASSIGN_REF:
zval_dtor(val);
return 0;
default:
break;
}
zend_optimizer_update_op2_const(op_array, opline, val);
break;
}
opline++;
}
return 1;
}
static void zend_optimize(zend_op_array *op_array,
zend_optimizer_ctx *ctx)
{
if (op_array->type == ZEND_EVAL_CODE) {
return;
}
/* pass 1
* - substitute persistent constants (true, false, null, etc)
* - perform compile-time evaluation of constant binary and unary operations
* - optimize series of ADD_STRING and/or ADD_CHAR
* - convert CAST(IS_BOOL,x) into BOOL(x)
*/
if (ZEND_OPTIMIZER_PASS_1 & OPTIMIZATION_LEVEL) {
zend_optimizer_pass1(op_array, ctx);
}
/* pass 2:
* - convert non-numeric constants to numeric constants in numeric operators
* - optimize constant conditional JMPs
* - optimize static BRKs and CONTs
* - pre-evaluate constant function calls
*/
if (ZEND_OPTIMIZER_PASS_2 & OPTIMIZATION_LEVEL) {
zend_optimizer_pass2(op_array);
}
/* pass 3:
* - optimize $i = $i+expr to $i+=expr
* - optimize series of JMPs
* - change $i++ to ++$i where possible
*/
if (ZEND_OPTIMIZER_PASS_3 & OPTIMIZATION_LEVEL) {
zend_optimizer_pass3(op_array);
}
/* pass 4:
* - INIT_FCALL_BY_NAME -> DO_FCALL
*/
if (ZEND_OPTIMIZER_PASS_4 & OPTIMIZATION_LEVEL) {
optimize_func_calls(op_array, ctx);
}
/* pass 5:
* - CFG optimization
*/
if (ZEND_OPTIMIZER_PASS_5 & OPTIMIZATION_LEVEL) {
optimize_cfg(op_array, ctx);
}
/* pass 9:
* - Optimize temp variables usage
*/
if (ZEND_OPTIMIZER_PASS_9 & OPTIMIZATION_LEVEL) {
optimize_temporary_variables(op_array, ctx);
}
/* pass 10:
* - remove NOPs
*/
if (((ZEND_OPTIMIZER_PASS_10|ZEND_OPTIMIZER_PASS_5) & OPTIMIZATION_LEVEL) == ZEND_OPTIMIZER_PASS_10) {
zend_optimizer_nop_removal(op_array);
}
/* pass 11:
* - Compact literals table
*/
if (ZEND_OPTIMIZER_PASS_11 & OPTIMIZATION_LEVEL) {
zend_optimizer_compact_literals(op_array, ctx);
}
if ((ZEND_OPTIMIZER_PASS_1
|ZEND_OPTIMIZER_PASS_2
|ZEND_OPTIMIZER_PASS_3
|ZEND_OPTIMIZER_PASS_4
|ZEND_OPTIMIZER_PASS_5
|ZEND_OPTIMIZER_PASS_9
|ZEND_OPTIMIZER_PASS_10
|ZEND_OPTIMIZER_PASS_11) & OPTIMIZATION_LEVEL) {
zend_regenerate_var_liveliness_info(op_array);
}
}
static void zend_accel_optimize(zend_op_array *op_array,
zend_optimizer_ctx *ctx)
{
zend_op *opline, *end;
/* Revert pass_two() */
opline = op_array->opcodes;
end = opline + op_array->last;
while (opline < end) {
if (opline->op1_type == IS_CONST) {
ZEND_PASS_TWO_UNDO_CONSTANT(op_array, opline->op1);
}
if (opline->op2_type == IS_CONST) {
ZEND_PASS_TWO_UNDO_CONSTANT(op_array, opline->op2);
}
switch (opline->opcode) {
case ZEND_JMP:
case ZEND_FAST_CALL:
case ZEND_DECLARE_ANON_CLASS:
case ZEND_DECLARE_ANON_INHERITED_CLASS:
ZEND_PASS_TWO_UNDO_JMP_TARGET(op_array, opline, ZEND_OP1(opline));
break;
case ZEND_JMPZNZ:
/* relative offset into absolute index */
opline->extended_value = ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value);
/* break omitted intentionally */
case ZEND_JMPZ:
case ZEND_JMPNZ:
case ZEND_JMPZ_EX:
case ZEND_JMPNZ_EX:
case ZEND_JMP_SET:
case ZEND_COALESCE:
case ZEND_NEW:
case ZEND_FE_RESET_R:
case ZEND_FE_RESET_RW:
case ZEND_ASSERT_CHECK:
ZEND_PASS_TWO_UNDO_JMP_TARGET(op_array, opline, ZEND_OP2(opline));
break;
case ZEND_FE_FETCH_R:
case ZEND_FE_FETCH_RW:
opline->extended_value = ZEND_OFFSET_TO_OPLINE_NUM(op_array, opline, opline->extended_value);
break;
}
opline++;
}
/* Do actual optimizations */
zend_optimize(op_array, ctx);
/* Redo pass_two() */
opline = op_array->opcodes;
end = opline + op_array->last;
while (opline < end) {
if (opline->op1_type == IS_CONST) {
ZEND_PASS_TWO_UPDATE_CONSTANT(op_array, opline->op1);
}
if (opline->op2_type == IS_CONST) {
ZEND_PASS_TWO_UPDATE_CONSTANT(op_array, opline->op2);
}
switch (opline->opcode) {
case ZEND_JMP:
case ZEND_FAST_CALL:
case ZEND_DECLARE_ANON_CLASS:
case ZEND_DECLARE_ANON_INHERITED_CLASS:
ZEND_PASS_TWO_UPDATE_JMP_TARGET(op_array, opline, ZEND_OP1(opline));
break;
case ZEND_JMPZNZ:
/* absolute index to relative offset */
opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, opline->extended_value);
/* break omitted intentionally */
case ZEND_JMPZ:
case ZEND_JMPNZ:
case ZEND_JMPZ_EX:
case ZEND_JMPNZ_EX:
case ZEND_JMP_SET:
case ZEND_COALESCE:
case ZEND_NEW:
case ZEND_FE_RESET_R:
case ZEND_FE_RESET_RW:
case ZEND_ASSERT_CHECK:
ZEND_PASS_TWO_UPDATE_JMP_TARGET(op_array, opline, ZEND_OP2(opline));
break;
case ZEND_FE_FETCH_R:
case ZEND_FE_FETCH_RW:
opline->extended_value = ZEND_OPLINE_NUM_TO_OFFSET(op_array, opline, opline->extended_value);
break;
}
ZEND_VM_SET_OPCODE_HANDLER(opline);
opline++;
}
}
static void zend_accel_adjust_fcall_stack_size(zend_op_array *op_array, zend_optimizer_ctx *ctx)
{
zend_function *func;
zend_op *opline, *end;
opline = op_array->opcodes;
end = opline + op_array->last;
while (opline < end) {
if (opline->opcode == ZEND_INIT_FCALL) {
func = zend_hash_find_ptr(
&ctx->script->function_table,
Z_STR_P(RT_CONSTANT(op_array, opline->op2)));
if (func) {
opline->op1.num = zend_vm_calc_used_stack(opline->extended_value, func);
}
}
opline++;
}
}
int zend_accel_script_optimize(zend_persistent_script *script)
{
uint idx, j;
Bucket *p, *q;
zend_class_entry *ce;
zend_op_array *op_array;
zend_optimizer_ctx ctx;
ctx.arena = zend_arena_create(64 * 1024);
ctx.script = script;
ctx.constants = NULL;
zend_accel_optimize(&script->main_op_array, &ctx);
for (idx = 0; idx < script->function_table.nNumUsed; idx++) {
p = script->function_table.arData + idx;
if (Z_TYPE(p->val) == IS_UNDEF) continue;
op_array = (zend_op_array*)Z_PTR(p->val);
zend_accel_optimize(op_array, &ctx);
}
for (idx = 0; idx < script->class_table.nNumUsed; idx++) {
p = script->class_table.arData + idx;
if (Z_TYPE(p->val) == IS_UNDEF) continue;
ce = (zend_class_entry*)Z_PTR(p->val);
for (j = 0; j < ce->function_table.nNumUsed; j++) {
q = ce->function_table.arData + j;
if (Z_TYPE(q->val) == IS_UNDEF) continue;
op_array = (zend_op_array*)Z_PTR(q->val);
if (op_array->scope == ce) {
zend_accel_optimize(op_array, &ctx);
} else if (op_array->type == ZEND_USER_FUNCTION) {
zend_op_array *orig_op_array;
if ((orig_op_array = zend_hash_find_ptr(&op_array->scope->function_table, q->key)) != NULL) {
HashTable *ht = op_array->static_variables;
*op_array = *orig_op_array;
op_array->static_variables = ht;
}
}
}
}
if (ZEND_OPTIMIZER_PASS_12 & OPTIMIZATION_LEVEL) {
zend_accel_adjust_fcall_stack_size(&script->main_op_array, &ctx);
for (idx = 0; idx < script->function_table.nNumUsed; idx++) {
p = script->function_table.arData + idx;
if (Z_TYPE(p->val) == IS_UNDEF) continue;
op_array = (zend_op_array*)Z_PTR(p->val);
zend_accel_adjust_fcall_stack_size(op_array, &ctx);
}
for (idx = 0; idx < script->class_table.nNumUsed; idx++) {
p = script->class_table.arData + idx;
if (Z_TYPE(p->val) == IS_UNDEF) continue;
ce = (zend_class_entry*)Z_PTR(p->val);
for (j = 0; j < ce->function_table.nNumUsed; j++) {
q = ce->function_table.arData + j;
if (Z_TYPE(q->val) == IS_UNDEF) continue;
op_array = (zend_op_array*)Z_PTR(q->val);
if (op_array->scope == ce) {
zend_accel_adjust_fcall_stack_size(op_array, &ctx);
} else if (op_array->type == ZEND_USER_FUNCTION) {
zend_op_array *orig_op_array;
if ((orig_op_array = zend_hash_find_ptr(&op_array->scope->function_table, q->key)) != NULL) {
HashTable *ht = op_array->static_variables;
*op_array = *orig_op_array;
op_array->static_variables = ht;
}
}
}
}
}
if (ctx.constants) {
zend_hash_destroy(ctx.constants);
}
zend_arena_destroy(ctx.arena);
return 1;
}