void zend_dfa_optimize_op_array(zend_op_array *op_array, zend_optimizer_ctx *ctx, zend_ssa *ssa)
{
if (ctx->debug_level & ZEND_DUMP_BEFORE_DFA_PASS) {
zend_dump_op_array(op_array, ZEND_DUMP_SSA, "before dfa pass", ssa);
}
if (ssa->var_info) {
int op_1;
int v;
int remove_nops = 0;
zend_op *opline;
zval tmp;
for (v = op_array->last_var; v < ssa->vars_count; v++) {
op_1 = ssa->vars[v].definition;
if (op_1 < 0) {
continue;
}
opline = op_array->opcodes + op_1;
/* Convert LONG constants to DOUBLE */
if (ssa->var_info[v].use_as_double) {
if (opline->opcode == ZEND_ASSIGN
&& opline->op2_type == IS_CONST
&& ssa->ops[op_1].op1_def == v
&& !RETURN_VALUE_USED(opline)
) {
// op_1: ASSIGN ? -> #v [use_as_double], long(?) => ASSIGN ? -> #v, double(?)
zval *zv = CT_CONSTANT_EX(op_array, opline->op2.constant);
ZEND_ASSERT(Z_TYPE_INFO_P(zv) == IS_LONG);
ZVAL_DOUBLE(&tmp, zval_get_double(zv));
opline->op2.constant = zend_optimizer_add_literal(op_array, &tmp);
} else if (opline->opcode == ZEND_QM_ASSIGN
&& opline->op1_type == IS_CONST
) {
// op_1: QM_ASSIGN #v [use_as_double], long(?) => QM_ASSIGN #v, double(?)
zval *zv = CT_CONSTANT_EX(op_array, opline->op1.constant);
ZEND_ASSERT(Z_TYPE_INFO_P(zv) == IS_LONG);
ZVAL_DOUBLE(&tmp, zval_get_double(zv));
opline->op1.constant = zend_optimizer_add_literal(op_array, &tmp);
}
} else {
if (opline->opcode == ZEND_ADD
|| opline->opcode == ZEND_SUB
|| opline->opcode == ZEND_MUL
|| opline->opcode == ZEND_IS_EQUAL
|| opline->opcode == ZEND_IS_NOT_EQUAL
|| opline->opcode == ZEND_IS_SMALLER
|| opline->opcode == ZEND_IS_SMALLER_OR_EQUAL
) {
if (opline->op1_type == IS_CONST
&& opline->op2_type != IS_CONST
&& (OP2_INFO() & MAY_BE_ANY) == MAY_BE_DOUBLE
&& Z_TYPE_INFO_P(CT_CONSTANT_EX(op_array, opline->op1.constant)) == IS_LONG
) {
// op_1: #v.? = ADD long(?), #?.? [double] => #v.? = ADD double(?), #?.? [double]
zval *zv = CT_CONSTANT_EX(op_array, opline->op1.constant);
ZVAL_DOUBLE(&tmp, zval_get_double(zv));
opline->op1.constant = zend_optimizer_add_literal(op_array, &tmp);
} else if (opline->op1_type != IS_CONST
&& opline->op2_type == IS_CONST
&& (OP1_INFO() & MAY_BE_ANY) == MAY_BE_DOUBLE
&& Z_TYPE_INFO_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == IS_LONG
) {
// op_1: #v.? = ADD #?.? [double], long(?) => #v.? = ADD #?.? [double], double(?)
zval *zv = CT_CONSTANT_EX(op_array, opline->op2.constant);
ZVAL_DOUBLE(&tmp, zval_get_double(zv));
opline->op2.constant = zend_optimizer_add_literal(op_array, &tmp);
}
}
}
if (ssa->vars[v].var >= op_array->last_var) {
/* skip TMP and VAR */
continue;
}
if (opline->opcode == ZEND_ASSIGN
&& ssa->ops[op_1].op1_def == v
&& !RETURN_VALUE_USED(opline)
) {
int orig_var = ssa->ops[op_1].op1_use;
if (orig_var >= 0
&& !(ssa->var_info[orig_var].type & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))
) {
int src_var = ssa->ops[op_1].op2_use;
if ((opline->op2_type & (IS_TMP_VAR|IS_VAR))
&& src_var >= 0
&& !(ssa->var_info[src_var].type & MAY_BE_REF)
&& ssa->vars[src_var].definition >= 0
&& ssa->ops[ssa->vars[src_var].definition].result_def == src_var
&& ssa->ops[ssa->vars[src_var].definition].result_use < 0
&& ssa->vars[src_var].use_chain == op_1
&& ssa->ops[op_1].op2_use_chain < 0
&& !ssa->vars[src_var].phi_use_chain
&& !ssa->vars[src_var].sym_use_chain
/* see Zend/tests/generators/aborted_yield_during_new.phpt */
&& op_array->opcodes[ssa->vars[src_var].definition].opcode != ZEND_NEW
) {
int op_2 = ssa->vars[src_var].definition;
// op_2: #src_var.T = OP ... => #v.CV = OP ...
// op_1: ASSIGN #orig_var.CV [undef,scalar] -> #v.CV, #src_var.T NOP
if (zend_ssa_unlink_use_chain(ssa, op_1, orig_var)) {
/* Reconstruct SSA */
ssa->vars[v].definition = op_2;
ssa->ops[op_2].result_def = v;
ssa->vars[src_var].definition = -1;
ssa->vars[src_var].use_chain = -1;
ssa->ops[op_1].op1_use = -1;
ssa->ops[op_1].op2_use = -1;
ssa->ops[op_1].op1_def = -1;
ssa->ops[op_1].op1_use_chain = -1;
/* Update opcodes */
op_array->opcodes[op_2].result_type = opline->op1_type;
op_array->opcodes[op_2].result.var = opline->op1.var;
MAKE_NOP(opline);
remove_nops = 1;
}
} else if (opline->op2_type == IS_CONST
|| ((opline->op2_type & (IS_TMP_VAR|IS_VAR|IS_CV))
&& ssa->ops[op_1].op2_use >= 0
&& ssa->ops[op_1].op2_def < 0)
) {
// op_1: ASSIGN #orig_var.CV [undef,scalar] -> #v.CV, CONST|TMPVAR => QM_ASSIGN v.CV, CONST|TMPVAR
if (zend_ssa_unlink_use_chain(ssa, op_1, orig_var)) {
/* Reconstruct SSA */
ssa->ops[op_1].result_def = v;
ssa->ops[op_1].op1_def = -1;
ssa->ops[op_1].op1_use = ssa->ops[op_1].op2_use;
ssa->ops[op_1].op1_use_chain = ssa->ops[op_1].op2_use_chain;
ssa->ops[op_1].op2_use = -1;
ssa->ops[op_1].op2_use_chain = -1;
/* Update opcode */
opline->result_type = opline->op1_type;
opline->result.var = opline->op1.var;
opline->op1_type = opline->op2_type;
opline->op1.var = opline->op2.var;
opline->op2_type = IS_UNUSED;
opline->op2.var = 0;
opline->opcode = ZEND_QM_ASSIGN;
}
}
}
} else if (opline->opcode == ZEND_ASSIGN_ADD
&& opline->extended_value == 0
&& ssa->ops[op_1].op1_def == v
&& opline->op2_type == IS_CONST
&& Z_TYPE_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == IS_LONG
&& Z_LVAL_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == 1
&& ssa->ops[op_1].op1_use >= 0
&& !(ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) {
// op_1: ASSIGN_ADD #?.CV [undef,null,int,foat] ->#v.CV, int(1) => PRE_INC #?.CV ->#v.CV
opline->opcode = ZEND_PRE_INC;
SET_UNUSED(opline->op2);
} else if (opline->opcode == ZEND_ASSIGN_SUB
&& opline->extended_value == 0
&& ssa->ops[op_1].op1_def == v
&& opline->op2_type == IS_CONST
&& Z_TYPE_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == IS_LONG
&& Z_LVAL_P(CT_CONSTANT_EX(op_array, opline->op2.constant)) == 1
&& ssa->ops[op_1].op1_use >= 0
&& !(ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_FALSE|MAY_BE_TRUE|MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))) {
// op_1: ASSIGN_SUB #?.CV [undef,null,int,foat] -> #v.CV, int(1) => PRE_DEC #?.CV ->#v.CV
opline->opcode = ZEND_PRE_DEC;
SET_UNUSED(opline->op2);
} else if (opline->opcode == ZEND_VERIFY_RETURN_TYPE
&& ssa->ops[op_1].op1_def == v
&& ssa->ops[op_1].op1_use >= 0
&& ssa->ops[op_1].op1_use_chain == -1
&& ssa->vars[v].use_chain >= 0
&& (ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_ANY|MAY_BE_UNDEF)) == (ssa->var_info[ssa->ops[op_1].op1_def].type & MAY_BE_ANY)) {
// op_1: VERIFY_RETURN_TYPE #orig_var.CV [T] -> #v.CV [T] => NOP
int orig_var = ssa->ops[op_1].op1_use;
int ret = ssa->vars[v].use_chain;
ssa->vars[orig_var].use_chain = ret;
ssa->ops[ret].op1_use = orig_var;
ssa->vars[v].definition = -1;
ssa->vars[v].use_chain = -1;
ssa->ops[op_1].op1_def = -1;
ssa->ops[op_1].op1_use = -1;
MAKE_NOP(opline);
remove_nops = 1;
} else if (ssa->ops[op_1].op1_def == v
&& !RETURN_VALUE_USED(opline)
&& ssa->ops[op_1].op1_use >= 0
&& !(ssa->var_info[ssa->ops[op_1].op1_use].type & (MAY_BE_STRING|MAY_BE_ARRAY|MAY_BE_OBJECT|MAY_BE_RESOURCE|MAY_BE_REF))
&& (opline->opcode == ZEND_ASSIGN_ADD
|| opline->opcode == ZEND_ASSIGN_SUB
|| opline->opcode == ZEND_ASSIGN_MUL
|| opline->opcode == ZEND_ASSIGN_DIV
|| opline->opcode == ZEND_ASSIGN_MOD
|| opline->opcode == ZEND_ASSIGN_SL
|| opline->opcode == ZEND_ASSIGN_SR
|| opline->opcode == ZEND_ASSIGN_BW_OR
|| opline->opcode == ZEND_ASSIGN_BW_AND
|| opline->opcode == ZEND_ASSIGN_BW_XOR)
&& opline->extended_value == 0) {
// op_1: ASSIGN_ADD #orig_var.CV [undef,null,bool,int,double] -> #v.CV, ? => #v.CV = ADD #orig_var.CV, ?
/* Reconstruct SSA */
ssa->ops[op_1].result_def = ssa->ops[op_1].op1_def;
ssa->ops[op_1].op1_def = -1;
/* Update opcode */
opline->opcode -= (ZEND_ASSIGN_ADD - ZEND_ADD);
opline->result_type = opline->op1_type;
opline->result.var = opline->op1.var;
}
}
if (remove_nops) {
zend_ssa_remove_nops(op_array, ssa);
}
}
if (ctx->debug_level & ZEND_DUMP_AFTER_DFA_PASS) {
zend_dump_op_array(op_array, ZEND_DUMP_SSA, "after dfa pass", ssa);
}
}
static inline zend_bool may_have_side_effects(
zend_op_array *op_array, zend_ssa *ssa,
const zend_op *opline, const zend_ssa_op *ssa_op,
zend_bool reorder_dtor_effects) {
switch (opline->opcode) {
case ZEND_NOP:
case ZEND_IS_IDENTICAL:
case ZEND_IS_NOT_IDENTICAL:
case ZEND_QM_ASSIGN:
case ZEND_FREE:
case ZEND_TYPE_CHECK:
case ZEND_DEFINED:
case ZEND_ADD:
case ZEND_SUB:
case ZEND_MUL:
case ZEND_POW:
case ZEND_BW_OR:
case ZEND_BW_AND:
case ZEND_BW_XOR:
case ZEND_CONCAT:
case ZEND_FAST_CONCAT:
case ZEND_DIV:
case ZEND_MOD:
case ZEND_BOOL_XOR:
case ZEND_BOOL:
case ZEND_BOOL_NOT:
case ZEND_BW_NOT:
case ZEND_SL:
case ZEND_SR:
case ZEND_IS_EQUAL:
case ZEND_IS_NOT_EQUAL:
case ZEND_IS_SMALLER:
case ZEND_IS_SMALLER_OR_EQUAL:
case ZEND_CASE:
case ZEND_CAST:
case ZEND_ROPE_INIT:
case ZEND_ROPE_ADD:
case ZEND_ROPE_END:
case ZEND_INIT_ARRAY:
case ZEND_ADD_ARRAY_ELEMENT:
case ZEND_SPACESHIP:
case ZEND_STRLEN:
case ZEND_COUNT:
case ZEND_GET_TYPE:
case ZEND_ISSET_ISEMPTY_THIS:
case ZEND_ISSET_ISEMPTY_DIM_OBJ:
case ZEND_FETCH_DIM_IS:
case ZEND_ISSET_ISEMPTY_CV:
case ZEND_ISSET_ISEMPTY_VAR:
case ZEND_FETCH_IS:
case ZEND_IN_ARRAY:
case ZEND_FUNC_NUM_ARGS:
case ZEND_FUNC_GET_ARGS:
/* No side effects */
return 0;
case ZEND_JMP:
case ZEND_JMPZ:
case ZEND_JMPNZ:
case ZEND_JMPZNZ:
case ZEND_JMPZ_EX:
case ZEND_JMPNZ_EX:
case ZEND_JMP_SET:
case ZEND_COALESCE:
case ZEND_ASSERT_CHECK:
/* For our purposes a jumps and branches are side effects. */
return 1;
case ZEND_BEGIN_SILENCE:
case ZEND_END_SILENCE:
case ZEND_ECHO:
case ZEND_INCLUDE_OR_EVAL:
case ZEND_THROW:
case ZEND_EXT_STMT:
case ZEND_EXT_FCALL_BEGIN:
case ZEND_EXT_FCALL_END:
case ZEND_EXT_NOP:
case ZEND_TICKS:
case ZEND_YIELD:
case ZEND_YIELD_FROM:
/* Intrinsic side effects */
return 1;
case ZEND_DO_FCALL:
case ZEND_DO_FCALL_BY_NAME:
case ZEND_DO_ICALL:
case ZEND_DO_UCALL:
/* For now assume all calls have side effects */
return 1;
case ZEND_RECV:
case ZEND_RECV_INIT:
/* Even though RECV_INIT can be side-effect free, these cannot be simply dropped
* due to the prologue skipping code. */
return 1;
case ZEND_ASSIGN_REF:
return 1;
case ZEND_ASSIGN:
{
if (is_bad_mod(ssa, ssa_op->op1_use, ssa_op->op1_def)) {
return 1;
}
if (!reorder_dtor_effects) {
if (opline->op2_type != IS_CONST
&& (OP2_INFO() & MAY_HAVE_DTOR)
&& ssa->vars[ssa_op->op2_use].escape_state != ESCAPE_STATE_NO_ESCAPE) {
/* DCE might shorten lifetime */
return 1;
}
}
return 0;
}
case ZEND_UNSET_VAR:
return 1;
case ZEND_UNSET_CV:
{
uint32_t t1 = OP1_INFO();
if (t1 & MAY_BE_REF) {
/* We don't consider uses as the LHS of an assignment as real uses during DCE, so
* an unset may be considered dead even if there is a later assignment to the
* variable. Removing the unset in this case would not be correct if the variable
* is a reference, because unset breaks references. */
return 1;
}
return 0;
}
case ZEND_PRE_INC:
case ZEND_POST_INC:
case ZEND_PRE_DEC:
case ZEND_POST_DEC:
return is_bad_mod(ssa, ssa_op->op1_use, ssa_op->op1_def);
case ZEND_ASSIGN_ADD:
case ZEND_ASSIGN_SUB:
case ZEND_ASSIGN_MUL:
case ZEND_ASSIGN_DIV:
case ZEND_ASSIGN_MOD:
case ZEND_ASSIGN_SL:
case ZEND_ASSIGN_SR:
case ZEND_ASSIGN_CONCAT:
case ZEND_ASSIGN_BW_OR:
case ZEND_ASSIGN_BW_AND:
case ZEND_ASSIGN_BW_XOR:
case ZEND_ASSIGN_POW:
return is_bad_mod(ssa, ssa_op->op1_use, ssa_op->op1_def)
|| (opline->extended_value
&& ssa->vars[ssa_op->op1_def].escape_state != ESCAPE_STATE_NO_ESCAPE);
case ZEND_ASSIGN_DIM:
case ZEND_ASSIGN_OBJ:
if (is_bad_mod(ssa, ssa_op->op1_use, ssa_op->op1_def)
|| ssa->vars[ssa_op->op1_def].escape_state != ESCAPE_STATE_NO_ESCAPE) {
return 1;
}
if (!reorder_dtor_effects) {
opline++;
ssa_op++;
if (opline->op1_type != IS_CONST
&& (OP1_INFO() & MAY_HAVE_DTOR)) {
/* DCE might shorten lifetime */
return 1;
}
}
return 0;
case ZEND_PRE_INC_OBJ:
case ZEND_PRE_DEC_OBJ:
case ZEND_POST_INC_OBJ:
case ZEND_POST_DEC_OBJ:
if (is_bad_mod(ssa, ssa_op->op1_use, ssa_op->op1_def)
|| ssa->vars[ssa_op->op1_def].escape_state != ESCAPE_STATE_NO_ESCAPE) {
return 1;
}
return 0;
default:
/* For everything we didn't handle, assume a side-effect */
return 1;
}
}
