1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Dmitry Stogov <dmitry@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include "zend.h"
22 #include "zend_globals.h"
23 #include "zend_variables.h"
24 #include "zend_API.h"
25 #include "zend_objects_API.h"
26
zend_objects_store_init(zend_objects_store * objects,uint32_t init_size)27 ZEND_API void ZEND_FASTCALL zend_objects_store_init(zend_objects_store *objects, uint32_t init_size)
28 {
29 objects->object_buckets = (zend_object **) emalloc(init_size * sizeof(zend_object*));
30 objects->top = 1; /* Skip 0 so that handles are true */
31 objects->size = init_size;
32 objects->free_list_head = -1;
33 memset(&objects->object_buckets[0], 0, sizeof(zend_object*));
34 }
35
zend_objects_store_destroy(zend_objects_store * objects)36 ZEND_API void ZEND_FASTCALL zend_objects_store_destroy(zend_objects_store *objects)
37 {
38 efree(objects->object_buckets);
39 objects->object_buckets = NULL;
40 }
41
zend_objects_store_call_destructors(zend_objects_store * objects)42 ZEND_API void ZEND_FASTCALL zend_objects_store_call_destructors(zend_objects_store *objects)
43 {
44 EG(flags) |= EG_FLAGS_OBJECT_STORE_NO_REUSE;
45 if (objects->top > 1) {
46 uint32_t i;
47 for (i = 1; i < objects->top; i++) {
48 zend_object *obj = objects->object_buckets[i];
49 if (IS_OBJ_VALID(obj)) {
50 if (!(OBJ_FLAGS(obj) & IS_OBJ_DESTRUCTOR_CALLED)) {
51 GC_ADD_FLAGS(obj, IS_OBJ_DESTRUCTOR_CALLED);
52
53 if (obj->handlers->dtor_obj != zend_objects_destroy_object
54 || obj->ce->destructor) {
55 GC_ADDREF(obj);
56 obj->handlers->dtor_obj(obj);
57 GC_DELREF(obj);
58 }
59 }
60 }
61 }
62 }
63 }
64
zend_objects_store_mark_destructed(zend_objects_store * objects)65 ZEND_API void ZEND_FASTCALL zend_objects_store_mark_destructed(zend_objects_store *objects)
66 {
67 if (objects->object_buckets && objects->top > 1) {
68 zend_object **obj_ptr = objects->object_buckets + 1;
69 zend_object **end = objects->object_buckets + objects->top;
70
71 do {
72 zend_object *obj = *obj_ptr;
73
74 if (IS_OBJ_VALID(obj)) {
75 GC_ADD_FLAGS(obj, IS_OBJ_DESTRUCTOR_CALLED);
76 }
77 obj_ptr++;
78 } while (obj_ptr != end);
79 }
80 }
81
zend_objects_store_free_object_storage(zend_objects_store * objects,zend_bool fast_shutdown)82 ZEND_API void ZEND_FASTCALL zend_objects_store_free_object_storage(zend_objects_store *objects, zend_bool fast_shutdown)
83 {
84 zend_object **obj_ptr, **end, *obj;
85
86 if (objects->top <= 1) {
87 return;
88 }
89
90 /* Free object contents, but don't free objects themselves, so they show up as leaks.
91 * Also add a ref to all objects, so the object can't be freed by something else later. */
92 end = objects->object_buckets + 1;
93 obj_ptr = objects->object_buckets + objects->top;
94
95 if (fast_shutdown) {
96 do {
97 obj_ptr--;
98 obj = *obj_ptr;
99 if (IS_OBJ_VALID(obj)) {
100 if (!(OBJ_FLAGS(obj) & IS_OBJ_FREE_CALLED)) {
101 GC_ADD_FLAGS(obj, IS_OBJ_FREE_CALLED);
102 if (obj->handlers->free_obj != zend_object_std_dtor) {
103 GC_ADDREF(obj);
104 obj->handlers->free_obj(obj);
105 }
106 }
107 }
108 } while (obj_ptr != end);
109 } else {
110 do {
111 obj_ptr--;
112 obj = *obj_ptr;
113 if (IS_OBJ_VALID(obj)) {
114 if (!(OBJ_FLAGS(obj) & IS_OBJ_FREE_CALLED)) {
115 GC_ADD_FLAGS(obj, IS_OBJ_FREE_CALLED);
116 GC_ADDREF(obj);
117 obj->handlers->free_obj(obj);
118 }
119 }
120 } while (obj_ptr != end);
121 }
122 }
123
124
125 /* Store objects API */
zend_objects_store_put_cold(zend_object * object)126 static ZEND_COLD zend_never_inline void ZEND_FASTCALL zend_objects_store_put_cold(zend_object *object)
127 {
128 int handle;
129 uint32_t new_size = 2 * EG(objects_store).size;
130
131 EG(objects_store).object_buckets = (zend_object **) erealloc(EG(objects_store).object_buckets, new_size * sizeof(zend_object*));
132 /* Assign size after realloc, in case it fails */
133 EG(objects_store).size = new_size;
134 handle = EG(objects_store).top++;
135 object->handle = handle;
136 EG(objects_store).object_buckets[handle] = object;
137 }
138
zend_objects_store_put(zend_object * object)139 ZEND_API void ZEND_FASTCALL zend_objects_store_put(zend_object *object)
140 {
141 int handle;
142
143 /* When in shutdown sequence - do not reuse previously freed handles, to make sure
144 * the dtors for newly created objects are called in zend_objects_store_call_destructors() loop
145 */
146 if (EG(objects_store).free_list_head != -1 && EXPECTED(!(EG(flags) & EG_FLAGS_OBJECT_STORE_NO_REUSE))) {
147 handle = EG(objects_store).free_list_head;
148 EG(objects_store).free_list_head = GET_OBJ_BUCKET_NUMBER(EG(objects_store).object_buckets[handle]);
149 } else if (UNEXPECTED(EG(objects_store).top == EG(objects_store).size)) {
150 zend_objects_store_put_cold(object);
151 return;
152 } else {
153 handle = EG(objects_store).top++;
154 }
155 object->handle = handle;
156 EG(objects_store).object_buckets[handle] = object;
157 }
158
zend_objects_store_del(zend_object * object)159 ZEND_API void ZEND_FASTCALL zend_objects_store_del(zend_object *object) /* {{{ */
160 {
161 ZEND_ASSERT(GC_REFCOUNT(object) == 0);
162
163 /* GC might have released this object already. */
164 if (UNEXPECTED(GC_TYPE(object) == IS_NULL)) {
165 return;
166 }
167
168 /* Make sure we hold a reference count during the destructor call
169 otherwise, when the destructor ends the storage might be freed
170 when the refcount reaches 0 a second time
171 */
172 if (!(OBJ_FLAGS(object) & IS_OBJ_DESTRUCTOR_CALLED)) {
173 GC_ADD_FLAGS(object, IS_OBJ_DESTRUCTOR_CALLED);
174
175 if (object->handlers->dtor_obj != zend_objects_destroy_object
176 || object->ce->destructor) {
177 GC_SET_REFCOUNT(object, 1);
178 object->handlers->dtor_obj(object);
179 GC_DELREF(object);
180 }
181 }
182
183 if (GC_REFCOUNT(object) == 0) {
184 uint32_t handle = object->handle;
185 void *ptr;
186
187 ZEND_ASSERT(EG(objects_store).object_buckets != NULL);
188 ZEND_ASSERT(IS_OBJ_VALID(EG(objects_store).object_buckets[handle]));
189 EG(objects_store).object_buckets[handle] = SET_OBJ_INVALID(object);
190 if (!(OBJ_FLAGS(object) & IS_OBJ_FREE_CALLED)) {
191 GC_ADD_FLAGS(object, IS_OBJ_FREE_CALLED);
192 GC_SET_REFCOUNT(object, 1);
193 object->handlers->free_obj(object);
194 }
195 ptr = ((char*)object) - object->handlers->offset;
196 GC_REMOVE_FROM_BUFFER(object);
197 efree(ptr);
198 ZEND_OBJECTS_STORE_ADD_TO_FREE_LIST(handle);
199 }
200 }
201 /* }}} */
202
