Allow some array functions to operate in-place using a peep-hole optimization

nielsdos · nielsdos · commit a0b7278e3551 · 2023-04-11T21:19:00.000+02:00
This patch essentially implements GH-9881 (and more). Patterns like that seem to be quite common in user code. Therefore it seems to make sense to make to create a "peep-hole optimization" to prevent copies of the array. This patch optimizes the `$x = array_function($x, ...)` pattern and the `$x = array_function(temporary, ...)` pattern for these functions: array_merge, array_unique, array_replace, and array_intersect. With these limitations: - array_{unique,intersect} only do the temporary optimization because the comparison may throw. - array_{merge,replace} only optimizes CVs for non-recursive case because the recursive version may throw. - array_merge optimization works only if the array is packed and is without holes. It works by checking if the array function is immediately followed by an assignment which overrides the input. In that case we can do the operation in-place instead of copying the array. Note that this is limited to CV's at the moment, and can't handle more complex scenarios like array or object assignments. For the temporary case it suffices to check if the refcount of the input array is 1 and the array is non-persistent and non-immutable. The current approach is a bit ugly though: it looks at the VM instructions from within a function to check if the optimization is possible, which is a bit odd. I considered extending opcache as an alternative, but I believe this would require adding a whole bunch of machinery for only a few users. Looking at the assembly of prepare_in_place_array_modify_if_possible() it looks pretty light-weight, about 95 bytes / 29 instructions on my x86-64 Linux laptop. ** Safety ** There are some array functions which take some sort of copy of the input array into a temporary C array for sorting. (e.g. array_unique, array_diff, and array_intersect do this). Since we no longer take a copy in all cases, we must check if it's possible that a value is accessed that was already destroyed. For array_unique: cmpdata will never be removed so that will never reach refcount 0. And when something is removed, it is the previous value of cmpdata, not the one user later. So this seems okay. For array_intersect: a previous pointer (ptr[0] - 1) is accessed. But this can't be a destroyed value because the pointer is first moved forward. ** Results ** Using this benchmark script https://gist.github.com/nielsdos/ae5a2dddc53c61749ae31c908aa78e98 I get: === array_merge $a = array_merge($a, ...) === before 4.3821 sec after 0.0022 sec === array_merge temporary === before 0.1265 sec after 0.0479 sec === array_unique temporary === before 0.9297 sec after 0.8498 sec === array_replace $a = array_replace($a, ...) === before 0.0810 sec after 0.0083 sec === array_replace temporary === before 0.1261 sec after 0.0534 sec === array_intersect temporary (no significant improvement because dominated by sorting) === before 30.499 sec after 30.356 sec
diff --git a/ext/standard/array.c b/ext/standard/array.c
@@ -3825,6 +3825,59 @@ PHPAPI int php_array_replace_recursive(HashTable *dest, HashTable *src) /* {{{ *
 }
 /* }}} */
 
+/* Returns true if it's possible to do an in-place array modification, preventing a costly copy.
+ * It also modifies the CV (if applicable) to prevent freeing it upon assigning.
+ * If this returns true you need to add a ref at the end of the modification for the return value.
+ * safe_for_CV indicates whether the optimization may be applied to CVs. This should be false
+ * if the operation may throw for example, because then the in-place modification is visible to
+ * the exception catcher. */
+static bool prepare_in_place_array_modify_if_possible(const zend_execute_data *execute_data, const zval *arg, bool safe_for_CV)
+{
+	/* 2 refs: the CV and the argument; or 1 ref for a temporary passed as argument */
+	uint32_t refcount = Z_REFCOUNT_P(arg);
+	if (refcount != 1 && !(refcount == 2 && safe_for_CV)) {
+		return false;
+	}
+	/* Immutable or persistent => no modification allowed */
+	if (GC_FLAGS(Z_ARRVAL_P(arg)) & (IS_ARRAY_IMMUTABLE | IS_ARRAY_PERSISTENT)) {
+		return false;
+	}
+
+	if (refcount == 2) {
+		const zend_op *call_opline = execute_data->prev_execute_data->opline;
+		const zend_op *next_opline = call_opline + 1;
+
+		/* Must be an assignment from the result of the call to a CV */
+		if (next_opline->opcode != ZEND_ASSIGN || next_opline->op1_type != IS_CV || next_opline->op2.var != call_opline->result.var) {
+			return false;
+		}
+
+		/* Must be an assignment to the same array as the input */
+		zval *var = ZEND_CALL_VAR(execute_data->prev_execute_data, next_opline->op1.var);
+		if (Z_TYPE_P(var) != IS_ARRAY || Z_ARRVAL_P(arg) != Z_ARRVAL_P(var)) {
+			return false;
+		}
+
+		/* Must set the CV to NULL so we don't destroy the array on assignment */
+		ZVAL_NULL(var);
+		/* Make RC 1 such that the array may be modified */
+		GC_DELREF(Z_ARRVAL_P(arg));
+	}
+
+	return true;
+}
+
+static bool set_return_value_array_dup_or_in_place(const zend_execute_data *execute_data, const zval *arg, zval *return_value, bool safe_for_CV)
+{
+	if (prepare_in_place_array_modify_if_possible(execute_data, arg, safe_for_CV)) {
+		RETVAL_ARR(Z_ARRVAL_P(arg));
+		return true;
+	} else {
+		RETVAL_ARR(zend_array_dup(Z_ARRVAL_P(arg)));
+		return false;
+	}
+}
+
 static zend_always_inline void php_array_replace_wrapper(INTERNAL_FUNCTION_PARAMETERS, int recursive) /* {{{ */
 {
 	zval *args = NULL;
@@ -3846,10 +3899,11 @@ static zend_always_inline void php_array_replace_wrapper(INTERNAL_FUNCTION_PARAM
 		}
 	}
 
-	/* copy first array */
+	/* copy first array if necessary */
 	arg = args;
-	dest = zend_array_dup(Z_ARRVAL_P(arg));
-	ZVAL_ARR(return_value, dest);
+	bool in_place = set_return_value_array_dup_or_in_place(execute_data, arg, return_value, !recursive);
+	dest = Z_ARRVAL_P(return_value);
+
 	if (recursive) {
 		for (i = 1; i < argc; i++) {
 			arg = args + i;
@@ -3861,6 +3915,10 @@ static zend_always_inline void php_array_replace_wrapper(INTERNAL_FUNCTION_PARAM
 			zend_hash_merge(dest, Z_ARRVAL_P(arg), zval_add_ref, 1);
 		}
 	}
+
+	if (in_place) {
+		GC_ADDREF(dest);
+	}
 }
 /* }}} */
 
@@ -3925,22 +3983,34 @@ static zend_always_inline void php_array_merge_wrapper(INTERNAL_FUNCTION_PARAMET
 
 	arg = args;
 	src  = Z_ARRVAL_P(arg);
-	/* copy first array */
-	array_init_size(return_value, count);
-	dest = Z_ARRVAL_P(return_value);
+	bool in_place = false;
+	/* copy first array if necessary */
 	if (HT_IS_PACKED(src)) {
-		zend_hash_real_init_packed(dest);
-		ZEND_HASH_FILL_PACKED(dest) {
-			ZEND_HASH_PACKED_FOREACH_VAL(src, src_entry) {
-				if (UNEXPECTED(Z_ISREF_P(src_entry) &&
-					Z_REFCOUNT_P(src_entry) == 1)) {
-					src_entry = Z_REFVAL_P(src_entry);
-				}
-				Z_TRY_ADDREF_P(src_entry);
-				ZEND_HASH_FILL_ADD(src_entry);
-			} ZEND_HASH_FOREACH_END();
-		} ZEND_HASH_FILL_END();
+		/* Note: If it has holes, it might get sequentialized */
+		if (HT_IS_WITHOUT_HOLES(src) && prepare_in_place_array_modify_if_possible(execute_data, arg, !recursive)) {
+			in_place = true;
+			dest = src;
+			ZVAL_ARR(return_value, dest);
+		} else {
+			array_init_size(return_value, count);
+			dest = Z_ARRVAL_P(return_value);
+
+			zend_hash_real_init_packed(dest);
+			ZEND_HASH_FILL_PACKED(dest) {
+				ZEND_HASH_PACKED_FOREACH_VAL(src, src_entry) {
+					if (UNEXPECTED(Z_ISREF_P(src_entry) &&
+						Z_REFCOUNT_P(src_entry) == 1)) {
+						src_entry = Z_REFVAL_P(src_entry);
+					}
+					Z_TRY_ADDREF_P(src_entry);
+					ZEND_HASH_FILL_ADD(src_entry);
+				} ZEND_HASH_FOREACH_END();
+			} ZEND_HASH_FILL_END();
+		}
 	} else {
+		array_init_size(return_value, count);
+		dest = Z_ARRVAL_P(return_value);
+
 		zend_string *string_key;
 		zend_hash_real_init_mixed(dest);
 		ZEND_HASH_MAP_FOREACH_STR_KEY_VAL(src, string_key, src_entry) {
@@ -3967,6 +4037,10 @@ static zend_always_inline void php_array_merge_wrapper(INTERNAL_FUNCTION_PARAMET
 			php_array_merge(dest, Z_ARRVAL_P(arg));
 		}
 	}
+
+	if (in_place) {
+		GC_ADDREF(src);
+	}
 }
 /* }}} */
 
@@ -4574,7 +4648,7 @@ PHP_FUNCTION(array_unique)
 
 	cmp = php_get_data_compare_func_unstable(sort_type, 0);
 
-	RETVAL_ARR(zend_array_dup(Z_ARRVAL_P(array)));
+	bool in_place = set_return_value_array_dup_or_in_place(execute_data, array, return_value, false);
 
 	/* create and sort array with pointers to the target_hash buckets */
 	arTmp = pemalloc((Z_ARRVAL_P(array)->nNumOfElements + 1) * sizeof(struct bucketindex), GC_FLAGS(Z_ARRVAL_P(array)) & IS_ARRAY_PERSISTENT);
@@ -4620,6 +4694,10 @@ PHP_FUNCTION(array_unique)
 		}
 	}
 	pefree(arTmp, GC_FLAGS(Z_ARRVAL_P(array)) & IS_ARRAY_PERSISTENT);
+
+	if (in_place) {
+		GC_ADDREF(Z_ARRVAL_P(array));
+	}
 }
 /* }}} */
 
@@ -4744,6 +4822,7 @@ static void php_array_intersect(INTERNAL_FUNCTION_PARAMETERS, int behavior, int
 	zend_fcall_info *fci_key = NULL, *fci_data;
 	zend_fcall_info_cache *fci_key_cache = NULL, *fci_data_cache;
 	PHP_ARRAY_CMP_FUNC_VARS;
+	bool in_place = false;
 
 	bucket_compare_func_t intersect_key_compare_func;
 	bucket_compare_func_t intersect_data_compare_func;
@@ -4870,8 +4949,8 @@ static void php_array_intersect(INTERNAL_FUNCTION_PARAMETERS, int behavior, int
 		}
 	}
 
-	/* copy the argument array */
-	RETVAL_ARR(zend_array_dup(Z_ARRVAL(args[0])));
+	/* copy the argument array if necessary */
+	in_place = set_return_value_array_dup_or_in_place(execute_data, &args[0], return_value, false);
 
 	/* go through the lists and look for common values */
 	while (Z_TYPE(ptrs[0]->val) != IS_UNDEF) {
@@ -4982,6 +5061,10 @@ static void php_array_intersect(INTERNAL_FUNCTION_PARAMETERS, int behavior, int
 
 	efree(ptrs);
 	efree(lists);
+
+	if (in_place) {
+		GC_ADDREF(Z_ARRVAL_P(return_value));
+	}
 }
 /* }}} */
 
