What does the PHP kernel do when a variable changes?

Home

Backend Development

PHP Tutorial

What does the PHP kernel do when a variable changes? _PHP Tutorial

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 12, 2016 am 09:08 AM

php kernelphp variables

What does the PHP kernel do when a variable changes?

Introduction

The content comes from "Extending and Embedding PHP" - Chapter 3 - Memory Management, plus my own understanding, to make a translation of the reference counting of variables in PHP, copy-on-write, change-on-write, copy-on-write and change ".

zval

Before reading the following content, first have an understanding of the zval structure

<code class="hljs thrift" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;"><span class="hljs-keyword" style="color: rgb(0, 0, 255);">typedef</span> <span class="hljs-class"><span class="hljs-keyword" style="color: rgb(0, 0, 255);">struct</span> _<span class="hljs-title" style="color: rgb(163, 21, 21);">zval_struct</span> </span>{
    zvalue_value value;
    zend_uint refcount;
    zend_uchar type;
    zend_uchar is_ref;
} zval;</code>

There are 4 elements in the zval structure. value is a union used to actually store the value of zval. refcount is used to count how many variables the zval is used. type represents the data type stored in zval. is_ref is used To mark whether the zval is referenced.

Reference Count

<code class="hljs xml" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;"><span class="php"><span class="hljs-preprocessor" style="color: rgb(43, 145, 175);"><?php </span>
    <span class="hljs-variable">$a</span> = <span class="hljs-string" style="color: rgb(163, 21, 21);">'Hello World'</span>;
    <span class="hljs-variable">$b</span> = <span class="hljs-variable">$a</span>;
    <span class="hljs-keyword" style="color: rgb(0, 0, 255);">unset</span>(<span class="hljs-variable">$a</span>);
<span class="hljs-preprocessor" style="color: rgb(43, 145, 175);">?></span></span></span></code>

Let’s analyze the above code together:

$a = 'Hello World';First this code is executed, the kernel creates a variable and allocates 12 bytes of memory to store the string 'Hello World' and the NULL at the end.

$b = $a;Then execute this code. What happens in the kernel when executing this sentence?

Add 1 to the refcount in the zval pointed to by $a.

points the variable $b to the zval pointed to by $a.
This is probably the case in the kernel, where active_symbol_table is the current variable symbol table

<code class="hljs clojure" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;">    <span class="hljs-collection">{
        zval *helloval;
        MAKE_STD_ZVAL<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">helloval</span>)</span><span class="hljs-comment" style="color: green;">;</span>
        ZVAL_STRING<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">helloval</span>, <span class="hljs-string" style="color: rgb(163, 21, 21);">"Hello World"</span>, <span class="hljs-number">1</span>)</span><span class="hljs-comment" style="color: green;">;</span>
        zend_hash_add<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">EG</span><span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">active_symbol_table</span>)</span>, <span class="hljs-string" style="color: rgb(163, 21, 21);">"a"</span>, sizeof<span class="hljs-list">(<span class="hljs-string" style="color: rgb(163, 21, 21);">"a"</span>)</span>,
                                            &helloval, sizeof<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">zval*</span>)</span>, NULL)</span><span class="hljs-comment" style="color: green;">;</span>
        ZVAL_ADDREF<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">helloval</span>)</span><span class="hljs-comment" style="color: green;">;</span>
        zend_hash_add<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">EG</span><span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">active_symbol_table</span>)</span>, <span class="hljs-string" style="color: rgb(163, 21, 21);">"b"</span>, sizeof<span class="hljs-list">(<span class="hljs-string" style="color: rgb(163, 21, 21);">"b"</span>)</span>,
                                            &helloval, sizeof<span class="hljs-list">(<span class="hljs-keyword" style="color: rgb(0, 0, 255);">zval*</span>)</span>, NULL)</span><span class="hljs-comment" style="color: green;">;</span>
    }</span></code>

unset($a);After this code is executed, the kernel will 🎜>YesshouldzvalknotConstructionBody中 ofr efcountCountCountMinusOne，b还和原来一样

写时复制

<code class="hljs xml" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;"><span class="php"><span class="hljs-preprocessor" style="color: rgb(43, 145, 175);"><?php </span>
    <span class="hljs-variable">$a</span> = <span class="hljs-number">1</span>;
    <span class="hljs-variable">$b</span> = <span class="hljs-variable">$a</span>;
    <span class="hljs-variable">$b</span> += <span class="hljs-number">5</span>;
<span class="hljs-preprocessor" style="color: rgb(43, 145, 175);">?></span></span></span></code>

上面这段代码执行完之后，一般肯定希望$a=1,$b=6,但是如果像引用计数那样，$a和$b指向相同的zval，修改$b之后$a不是也变了？
这个具体是怎么实现的呢，我们一起来看下：

$a = 1;The kernel creates a zval and allocates 4 bytes to store the number 1.
$b = $a; This step is the same as the second step in reference counting. Point $b to the same zval as $a, and add 1 to the reference count value refcount in the zval.

$b = 5;The key is this step. What happens in this step? How to ensure that the modification will not affect $a.

其实Zend内核在改变zval之前都会去进行get_var_and_separete操作，如果recfount>1,就需要分离就创建新的zval返回，否则直接返回变量所指向的zval，下面看看如何分离产生新的zval。
复制一个和$b所指向zval一样的zval。
将$b所指向的zval中的refcount计数减1。
初始化生成的新zval，设置refcount=1，is_ref=0。
让$b指向新生成的zval。

对新生成的zval进行操作，这就是写时复制。
下面看看内核中分离时的主要代码：

<code class="hljs lasso" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;">    zval <span class="hljs-subst">*</span>get_var_and_separate(char <span class="hljs-subst">*</span>varname, int varname_len TSRMLS_DC)
    {
        zval <span class="hljs-subst">**</span>varval, <span class="hljs-subst">*</span>varcopy;
        <span class="hljs-keyword" style="color: rgb(0, 0, 255);">if</span> (zend_hash_find(EG(active_symbol_table),
                        varname, varname_len <span class="hljs-subst">+</span> <span class="hljs-number">1</span>, (<span class="hljs-literal">void</span><span class="hljs-subst">**</span>)<span class="hljs-subst">&</span>varval) <span class="hljs-subst">==</span> FAILURE) {
        <span class="hljs-comment" style="color: green;">/* Variable doesn't actually exist  fail out */</span>
        <span class="hljs-keyword" style="color: rgb(0, 0, 255);">return</span> <span class="hljs-built_in" style="color: rgb(0, 0, 255);">NULL</span>;
    }
    <span class="hljs-keyword" style="color: rgb(0, 0, 255);">if</span> ((<span class="hljs-subst">*</span>varval)<span class="hljs-subst">-></span>is_ref <span class="hljs-subst">||</span> (<span class="hljs-subst">*</span>varval)<span class="hljs-subst">-></span>refcount <span class="hljs-subst"> <span class="hljs-number">2</span>) {
        <span class="hljs-comment" style="color: green;">/* varname is the only actual reference,
        * or it's a full reference to other variables
        * either way: no separating to be done
        */</span>
        <span class="hljs-keyword" style="color: rgb(0, 0, 255);">return</span> <span class="hljs-subst">*</span>varval;
    }
    <span class="hljs-comment" style="color: green;">/* Otherwise, make a copy of the zval* value */</span>
    MAKE_STD_ZVAL(varcopy);
    varcopy <span class="hljs-subst">=</span> <span class="hljs-subst">*</span>varval;
    <span class="hljs-comment" style="color: green;">/* Duplicate any allocated structures within the zval* */</span>
    zval_copy_ctor(varcopy);

    <span class="hljs-comment" style="color: green;">/* Remove the old version of varname
    * This will decrease the refcount of varval in the process
    */</span>
    zend_hash_del(EG(active_symbol_table), varname, varname_len <span class="hljs-subst">+</span> <span class="hljs-number">1</span>);

    <span class="hljs-comment" style="color: green;">/* Initialize the reference count of the
    * newly created value and attach it to
    * the varname variable
    */</span>
    varcopy<span class="hljs-subst">-></span>refcount <span class="hljs-subst">=</span> <span class="hljs-number">1</span>;
    varcopy<span class="hljs-subst">-></span>is_ref <span class="hljs-subst">=</span> <span class="hljs-number">0</span>;
    zend_hash_add(EG(active_symbol_table), varname, varname_len <span class="hljs-subst">+</span> <span class="hljs-number">1</span>,
                                            <span class="hljs-subst">&</span>varcopy, sizeof(zval<span class="hljs-subst">*</span>), <span class="hljs-built_in" style="color: rgb(0, 0, 255);">NULL</span>);
    <span class="hljs-comment" style="color: green;">/* Return the new zval* */</span>
    <span class="hljs-keyword" style="color: rgb(0, 0, 255);">return</span> varcopy;
    }</span></code>

写时改变

<code class="hljs xml" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;"><span class="php"><span class="hljs-preprocessor" style="color: rgb(43, 145, 175);"><?php </span>
    <span class="hljs-variable">$a</span> = <span class="hljs-number">1</span>;
    <span class="hljs-variable">$b</span> = &<span class="hljs-variable">$a</span>;
    <span class="hljs-variable">$b</span> += <span class="hljs-number">5</span>;
<span class="hljs-preprocessor" style="color: rgb(43, 145, 175);">?></span></span></span></code>

上面这段代码执行完之后一般希望是：$a == $b == 6。这个又是怎么实现的呢？

$a = 1;This step is the same as the first step in copy-on-write.
$b = &$a;In this step, the kernel will point $b to the zval pointed to by $a, increase the refcount in the zval by 1, and set the is_ref in the zval to 1.
$b = 5;This step is the same as the third step in copy-on-write, but what happens in the kernel is different.
- kernel sees that $b has changed, it will also execute the get_var_and_separate function to see if separation is needed.
- If (*varval)->is_ref is used, it will directly return the zval pointed to by $b without separating and generating a new zval, regardless of whether the refcount of zval is >1.
- At this time, if you modify the $b value, the value of $a will also change, because they point to the same zval.

The problem of separation

Now that you are smart, you may have seen something wrong. What if a zval structure has both a refcount count and an is_ref reference?

<code class="hljs xml" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;"><span class="php"><span class="hljs-preprocessor" style="color: rgb(43, 145, 175);"><?php </span>
    <span class="hljs-variable">$a</span> = <span class="hljs-number">1</span>;
    <span class="hljs-variable">$b</span> = <span class="hljs-variable">$a</span>;
    <span class="hljs-variable">$c</span> = &<span class="hljs-variable">$a</span>;
<span class="hljs-preprocessor" style="color: rgb(43, 145, 175);">?></span></span></span></code>

如果出现上面这种情况的时候，如果$a、$b、$c指向同一个zval结构体，进行改变的时候Zend到底去听谁的？其实这个地方不会指向同一个zval了。
如果对一个is_ref = 0 && refcount >1的zval进行写时改变这种赋值形式(就是引用赋值)的时候，Zend会将等号右边的变量分离出来一个新的zval，
对这个zval进行初始化，对之前的zval的refcount进行减1操作，让等号左边的变量指向这个新的zval，refcount进行加1操作，is_ref=1。看看下面这张图片

What does the PHP kernel do when a variable changes? _PHP Tutorial

<code class="hljs xml" style="font-family: 'Courier New', sans-serif !important; line-height: 1.5 !important; font-size: 12px !important; background-color: rgb(245, 245, 245) !important; border: 1px solid rgb(204, 204, 204) !important; padding: 5px !important; border-top-left-radius: 3px !important; border-top-right-radius: 3px !important; border-bottom-right-radius: 3px !important; border-bottom-left-radius: 3px !important; display: block; overflow-x: auto; color: rgb(0, 0, 0); background-position: initial initial; background-repeat: initial initial;"><span class="php"><span class="hljs-preprocessor" style="color: rgb(43, 145, 175);"><?php </span>
    <span class="hljs-variable">$a</span> = <span class="hljs-number">1</span>;
    <span class="hljs-variable">$b</span> = &<span class="hljs-variable">$a</span>;
    <span class="hljs-variable">$c</span> = <span class="hljs-variable">$a</span>;
<span class="hljs-preprocessor" style="color: rgb(43, 145, 175);">?></span></span></span></code>

上面这又是另外一种情况，在is_ref = 1的情况下，试图单纯的进行refcount+1操作的时候会分离出来一个新的zval给等号左边的变量，并初始化他，看看下面这张图片

What does the PHP kernel do when a variable changes? _PHP Tutorial

参考文献

1.《Extending and Embedding PHP》- Chaper 3 - Memory Management.

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Beyond the Hype: Assessing PHP's Role TodayApr 12, 2025 am 12:17 AM

PHP remains a powerful and widely used tool in modern programming, especially in the field of web development. 1) PHP is easy to use and seamlessly integrated with databases, and is the first choice for many developers. 2) It supports dynamic content generation and object-oriented programming, suitable for quickly creating and maintaining websites. 3) PHP's performance can be improved by caching and optimizing database queries, and its extensive community and rich ecosystem make it still important in today's technology stack.

What are Weak References in PHP and when are they useful?Apr 12, 2025 am 12:13 AM

In PHP, weak references are implemented through the WeakReference class and will not prevent the garbage collector from reclaiming objects. Weak references are suitable for scenarios such as caching systems and event listeners. It should be noted that it cannot guarantee the survival of objects and that garbage collection may be delayed.

Explain the __invoke magic method in PHP.Apr 12, 2025 am 12:07 AM

The \_\_invoke method allows objects to be called like functions. 1. Define the \_\_invoke method so that the object can be called. 2. When using the $obj(...) syntax, PHP will execute the \_\_invoke method. 3. Suitable for scenarios such as logging and calculator, improving code flexibility and readability.

Explain Fibers in PHP 8.1 for concurrency.Apr 12, 2025 am 12:05 AM

Fibers was introduced in PHP8.1, improving concurrent processing capabilities. 1) Fibers is a lightweight concurrency model similar to coroutines. 2) They allow developers to manually control the execution flow of tasks and are suitable for handling I/O-intensive tasks. 3) Using Fibers can write more efficient and responsive code.

The PHP Community: Resources, Support, and DevelopmentApr 12, 2025 am 12:04 AM

The PHP community provides rich resources and support to help developers grow. 1) Resources include official documentation, tutorials, blogs and open source projects such as Laravel and Symfony. 2) Support can be obtained through StackOverflow, Reddit and Slack channels. 3) Development trends can be learned by following RFC. 4) Integration into the community can be achieved through active participation, contribution to code and learning sharing.

PHP vs. Python: Understanding the DifferencesApr 11, 2025 am 12:15 AM

PHP and Python each have their own advantages, and the choice should be based on project requirements. 1.PHP is suitable for web development, with simple syntax and high execution efficiency. 2. Python is suitable for data science and machine learning, with concise syntax and rich libraries.

PHP: Is It Dying or Simply Adapting?Apr 11, 2025 am 12:13 AM

PHP is not dying, but constantly adapting and evolving. 1) PHP has undergone multiple version iterations since 1994 to adapt to new technology trends. 2) It is currently widely used in e-commerce, content management systems and other fields. 3) PHP8 introduces JIT compiler and other functions to improve performance and modernization. 4) Use OPcache and follow PSR-12 standards to optimize performance and code quality.

The Future of PHP: Adaptations and InnovationsApr 11, 2025 am 12:01 AM

The future of PHP will be achieved by adapting to new technology trends and introducing innovative features: 1) Adapting to cloud computing, containerization and microservice architectures, supporting Docker and Kubernetes; 2) introducing JIT compilers and enumeration types to improve performance and data processing efficiency; 3) Continuously optimize performance and promote best practices.

See all articles