1 /*
2 +----------------------------------------------------------------------+
3 | Zend Engine |
4 +----------------------------------------------------------------------+
5 | Copyright (c) Zend Technologies Ltd. (http://www.zend.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 2.00 of the Zend license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.zend.com/license/2_00.txt. |
11 | If you did not receive a copy of the Zend license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@zend.com so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Andi Gutmans <andi@php.net> |
16 | Zeev Suraski <zeev@php.net> |
17 | Dmitry Stogov <dmitry@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include "zend.h"
22 #include "zend_globals.h"
23 #include "zend_variables.h"
24 #include "zend_API.h"
25 #include "zend_objects_API.h"
26 #include "zend_fibers.h"
27
zend_objects_store_init(zend_objects_store * objects,uint32_t init_size)28 ZEND_API void ZEND_FASTCALL zend_objects_store_init(zend_objects_store *objects, uint32_t init_size)
29 {
30 objects->object_buckets = (zend_object **) emalloc(init_size * sizeof(zend_object*));
31 objects->top = 1; /* Skip 0 so that handles are true */
32 objects->size = init_size;
33 objects->free_list_head = -1;
34 memset(&objects->object_buckets[0], 0, sizeof(zend_object*));
35 }
36
zend_objects_store_destroy(zend_objects_store * objects)37 ZEND_API void ZEND_FASTCALL zend_objects_store_destroy(zend_objects_store *objects)
38 {
39 efree(objects->object_buckets);
40 objects->object_buckets = NULL;
41 }
42
zend_objects_store_call_destructors(zend_objects_store * objects)43 ZEND_API void ZEND_FASTCALL zend_objects_store_call_destructors(zend_objects_store *objects)
44 {
45 EG(flags) |= EG_FLAGS_OBJECT_STORE_NO_REUSE;
46 if (objects->top > 1) {
47 zend_fiber_switch_block();
48
49 uint32_t i;
50 for (i = 1; i < objects->top; i++) {
51 zend_object *obj = objects->object_buckets[i];
52 if (IS_OBJ_VALID(obj)) {
53 if (!(OBJ_FLAGS(obj) & IS_OBJ_DESTRUCTOR_CALLED)) {
54 GC_ADD_FLAGS(obj, IS_OBJ_DESTRUCTOR_CALLED);
55
56 if (obj->handlers->dtor_obj != zend_objects_destroy_object
57 || obj->ce->destructor) {
58 GC_ADDREF(obj);
59 obj->handlers->dtor_obj(obj);
60 GC_DELREF(obj);
61 }
62 }
63 }
64 }
65
66 zend_fiber_switch_unblock();
67 }
68 }
69
zend_objects_store_mark_destructed(zend_objects_store * objects)70 ZEND_API void ZEND_FASTCALL zend_objects_store_mark_destructed(zend_objects_store *objects)
71 {
72 if (objects->object_buckets && objects->top > 1) {
73 zend_object **obj_ptr = objects->object_buckets + 1;
74 zend_object **end = objects->object_buckets + objects->top;
75
76 do {
77 zend_object *obj = *obj_ptr;
78
79 if (IS_OBJ_VALID(obj)) {
80 GC_ADD_FLAGS(obj, IS_OBJ_DESTRUCTOR_CALLED);
81 }
82 obj_ptr++;
83 } while (obj_ptr != end);
84 }
85 }
86
zend_objects_store_free_object_storage(zend_objects_store * objects,bool fast_shutdown)87 ZEND_API void ZEND_FASTCALL zend_objects_store_free_object_storage(zend_objects_store *objects, bool fast_shutdown)
88 {
89 zend_object **obj_ptr, **end, *obj;
90
91 if (objects->top <= 1) {
92 return;
93 }
94
95 /* Free object contents, but don't free objects themselves, so they show up as leaks.
96 * Also add a ref to all objects, so the object can't be freed by something else later. */
97 end = objects->object_buckets + 1;
98 obj_ptr = objects->object_buckets + objects->top;
99
100 if (fast_shutdown) {
101 do {
102 obj_ptr--;
103 obj = *obj_ptr;
104 if (IS_OBJ_VALID(obj)) {
105 if (!(OBJ_FLAGS(obj) & IS_OBJ_FREE_CALLED)) {
106 GC_ADD_FLAGS(obj, IS_OBJ_FREE_CALLED);
107 if (obj->handlers->free_obj != zend_object_std_dtor) {
108 GC_ADDREF(obj);
109 obj->handlers->free_obj(obj);
110 }
111 }
112 }
113 } while (obj_ptr != end);
114 } else {
115 do {
116 obj_ptr--;
117 obj = *obj_ptr;
118 if (IS_OBJ_VALID(obj)) {
119 if (!(OBJ_FLAGS(obj) & IS_OBJ_FREE_CALLED)) {
120 GC_ADD_FLAGS(obj, IS_OBJ_FREE_CALLED);
121 GC_ADDREF(obj);
122 obj->handlers->free_obj(obj);
123 }
124 }
125 } while (obj_ptr != end);
126 }
127 }
128
129
130 /* Store objects API */
zend_objects_store_put_cold(zend_object * object)131 static ZEND_COLD zend_never_inline void ZEND_FASTCALL zend_objects_store_put_cold(zend_object *object)
132 {
133 int handle;
134 uint32_t new_size = 2 * EG(objects_store).size;
135
136 EG(objects_store).object_buckets = (zend_object **) erealloc(EG(objects_store).object_buckets, new_size * sizeof(zend_object*));
137 /* Assign size after realloc, in case it fails */
138 EG(objects_store).size = new_size;
139 handle = EG(objects_store).top++;
140 object->handle = handle;
141 EG(objects_store).object_buckets[handle] = object;
142 }
143
zend_objects_store_put(zend_object * object)144 ZEND_API void ZEND_FASTCALL zend_objects_store_put(zend_object *object)
145 {
146 int handle;
147
148 /* When in shutdown sequence - do not reuse previously freed handles, to make sure
149 * the dtors for newly created objects are called in zend_objects_store_call_destructors() loop
150 */
151 if (EG(objects_store).free_list_head != -1 && EXPECTED(!(EG(flags) & EG_FLAGS_OBJECT_STORE_NO_REUSE))) {
152 handle = EG(objects_store).free_list_head;
153 EG(objects_store).free_list_head = GET_OBJ_BUCKET_NUMBER(EG(objects_store).object_buckets[handle]);
154 } else if (UNEXPECTED(EG(objects_store).top == EG(objects_store).size)) {
155 zend_objects_store_put_cold(object);
156 return;
157 } else {
158 handle = EG(objects_store).top++;
159 }
160 object->handle = handle;
161 EG(objects_store).object_buckets[handle] = object;
162 }
163
zend_objects_store_del(zend_object * object)164 ZEND_API void ZEND_FASTCALL zend_objects_store_del(zend_object *object) /* {{{ */
165 {
166 ZEND_ASSERT(GC_REFCOUNT(object) == 0);
167
168 /* GC might have released this object already. */
169 if (UNEXPECTED(GC_TYPE(object) == IS_NULL)) {
170 return;
171 }
172
173 /* Make sure we hold a reference count during the destructor call
174 otherwise, when the destructor ends the storage might be freed
175 when the refcount reaches 0 a second time
176 */
177 if (!(OBJ_FLAGS(object) & IS_OBJ_DESTRUCTOR_CALLED)) {
178 GC_ADD_FLAGS(object, IS_OBJ_DESTRUCTOR_CALLED);
179
180 if (object->handlers->dtor_obj != zend_objects_destroy_object
181 || object->ce->destructor) {
182 zend_fiber_switch_block();
183 GC_SET_REFCOUNT(object, 1);
184 object->handlers->dtor_obj(object);
185 GC_DELREF(object);
186 zend_fiber_switch_unblock();
187 }
188 }
189
190 if (GC_REFCOUNT(object) == 0) {
191 uint32_t handle = object->handle;
192 void *ptr;
193
194 ZEND_ASSERT(EG(objects_store).object_buckets != NULL);
195 ZEND_ASSERT(IS_OBJ_VALID(EG(objects_store).object_buckets[handle]));
196 EG(objects_store).object_buckets[handle] = SET_OBJ_INVALID(object);
197 if (!(OBJ_FLAGS(object) & IS_OBJ_FREE_CALLED)) {
198 GC_ADD_FLAGS(object, IS_OBJ_FREE_CALLED);
199 GC_SET_REFCOUNT(object, 1);
200 object->handlers->free_obj(object);
201 }
202 ptr = ((char*)object) - object->handlers->offset;
203 GC_REMOVE_FROM_BUFFER(object);
204 efree(ptr);
205 ZEND_OBJECTS_STORE_ADD_TO_FREE_LIST(handle);
206 }
207 }
208 /* }}} */
209
