Source file src/runtime/mheap.go
1 // Copyright 2009 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Page heap. 6 // 7 // See malloc.go for overview. 8 9 package runtime 10 11 import ( 12 "internal/abi" 13 "internal/cpu" 14 "internal/goarch" 15 "internal/goexperiment" 16 "internal/runtime/atomic" 17 "internal/runtime/gc" 18 "internal/runtime/sys" 19 "unsafe" 20 ) 21 22 const ( 23 // minPhysPageSize is a lower-bound on the physical page size. The 24 // true physical page size may be larger than this. In contrast, 25 // sys.PhysPageSize is an upper-bound on the physical page size. 26 minPhysPageSize = 4096 27 28 // maxPhysPageSize is the maximum page size the runtime supports. 29 maxPhysPageSize = 512 << 10 30 31 // maxPhysHugePageSize sets an upper-bound on the maximum huge page size 32 // that the runtime supports. 33 maxPhysHugePageSize = pallocChunkBytes 34 35 // pagesPerReclaimerChunk indicates how many pages to scan from the 36 // pageInUse bitmap at a time. Used by the page reclaimer. 37 // 38 // Higher values reduce contention on scanning indexes (such as 39 // h.reclaimIndex), but increase the minimum latency of the 40 // operation. 41 // 42 // The time required to scan this many pages can vary a lot depending 43 // on how many spans are actually freed. Experimentally, it can 44 // scan for pages at ~300 GB/ms on a 2.6GHz Core i7, but can only 45 // free spans at ~32 MB/ms. Using 512 pages bounds this at 46 // roughly 100µs. 47 // 48 // Must be a multiple of the pageInUse bitmap element size and 49 // must also evenly divide pagesPerArena. 50 pagesPerReclaimerChunk = 512 51 52 // physPageAlignedStacks indicates whether stack allocations must be 53 // physical page aligned. This is a requirement for MAP_STACK on 54 // OpenBSD. 55 physPageAlignedStacks = GOOS == "openbsd" 56 ) 57 58 // Main malloc heap. 59 // The heap itself is the "free" and "scav" treaps, 60 // but all the other global data is here too. 61 // 62 // mheap must not be heap-allocated because it contains mSpanLists, 63 // which must not be heap-allocated. 64 type mheap struct { 65 _ sys.NotInHeap 66 67 // lock must only be acquired on the system stack, otherwise a g 68 // could self-deadlock if its stack grows with the lock held. 69 lock mutex 70 71 pages pageAlloc // page allocation data structure 72 73 sweepgen uint32 // sweep generation, see comment in mspan; written during STW 74 75 // allspans is a slice of all mspans ever created. Each mspan 76 // appears exactly once. 77 // 78 // The memory for allspans is manually managed and can be 79 // reallocated and move as the heap grows. 80 // 81 // In general, allspans is protected by mheap_.lock, which 82 // prevents concurrent access as well as freeing the backing 83 // store. Accesses during STW might not hold the lock, but 84 // must ensure that allocation cannot happen around the 85 // access (since that may free the backing store). 86 allspans []*mspan // all spans out there 87 88 // Proportional sweep 89 // 90 // These parameters represent a linear function from gcController.heapLive 91 // to page sweep count. The proportional sweep system works to 92 // stay in the black by keeping the current page sweep count 93 // above this line at the current gcController.heapLive. 94 // 95 // The line has slope sweepPagesPerByte and passes through a 96 // basis point at (sweepHeapLiveBasis, pagesSweptBasis). At 97 // any given time, the system is at (gcController.heapLive, 98 // pagesSwept) in this space. 99 // 100 // It is important that the line pass through a point we 101 // control rather than simply starting at a 0,0 origin 102 // because that lets us adjust sweep pacing at any time while 103 // accounting for current progress. If we could only adjust 104 // the slope, it would create a discontinuity in debt if any 105 // progress has already been made. 106 pagesInUse atomic.Uintptr // pages of spans in stats mSpanInUse 107 pagesSwept atomic.Uint64 // pages swept this cycle 108 pagesSweptBasis atomic.Uint64 // pagesSwept to use as the origin of the sweep ratio 109 sweepHeapLiveBasis uint64 // value of gcController.heapLive to use as the origin of sweep ratio; written with lock, read without 110 sweepPagesPerByte float64 // proportional sweep ratio; written with lock, read without 111 112 // Page reclaimer state 113 114 // reclaimIndex is the page index in heapArenas of next page to 115 // reclaim. Specifically, it refers to page (i % 116 // pagesPerArena) of arena heapArenas[i / pagesPerArena]. 117 // 118 // If this is >= 1<<63, the page reclaimer is done scanning 119 // the page marks. 120 reclaimIndex atomic.Uint64 121 122 // reclaimCredit is spare credit for extra pages swept. Since 123 // the page reclaimer works in large chunks, it may reclaim 124 // more than requested. Any spare pages released go to this 125 // credit pool. 126 reclaimCredit atomic.Uintptr 127 128 _ cpu.CacheLinePad // prevents false-sharing between arenas and preceding variables 129 130 // arenas is the heap arena map. It points to the metadata for 131 // the heap for every arena frame of the entire usable virtual 132 // address space. 133 // 134 // Use arenaIndex to compute indexes into this array. 135 // 136 // For regions of the address space that are not backed by the 137 // Go heap, the arena map contains nil. 138 // 139 // Modifications are protected by mheap_.lock. Reads can be 140 // performed without locking; however, a given entry can 141 // transition from nil to non-nil at any time when the lock 142 // isn't held. (Entries never transitions back to nil.) 143 // 144 // In general, this is a two-level mapping consisting of an L1 145 // map and possibly many L2 maps. This saves space when there 146 // are a huge number of arena frames. However, on many 147 // platforms (even 64-bit), arenaL1Bits is 0, making this 148 // effectively a single-level map. In this case, arenas[0] 149 // will never be nil. 150 arenas [1 << arenaL1Bits]*[1 << arenaL2Bits]*heapArena 151 152 // arenasHugePages indicates whether arenas' L2 entries are eligible 153 // to be backed by huge pages. 154 arenasHugePages bool 155 156 // heapArenaAlloc is pre-reserved space for allocating heapArena 157 // objects. This is only used on 32-bit, where we pre-reserve 158 // this space to avoid interleaving it with the heap itself. 159 heapArenaAlloc linearAlloc 160 161 // arenaHints is a list of addresses at which to attempt to 162 // add more heap arenas. This is initially populated with a 163 // set of general hint addresses, and grown with the bounds of 164 // actual heap arena ranges. 165 arenaHints *arenaHint 166 167 // arena is a pre-reserved space for allocating heap arenas 168 // (the actual arenas). This is only used on 32-bit. 169 arena linearAlloc 170 171 // heapArenas is the arenaIndex of every mapped arena mapped for the heap. 172 // This can be used to iterate through the heap address space. 173 // 174 // Access is protected by mheap_.lock. However, since this is 175 // append-only and old backing arrays are never freed, it is 176 // safe to acquire mheap_.lock, copy the slice header, and 177 // then release mheap_.lock. 178 heapArenas []arenaIdx 179 180 // userArenaArenas is the arenaIndex of every mapped arena mapped for 181 // user arenas. 182 // 183 // Access is protected by mheap_.lock. However, since this is 184 // append-only and old backing arrays are never freed, it is 185 // safe to acquire mheap_.lock, copy the slice header, and 186 // then release mheap_.lock. 187 userArenaArenas []arenaIdx 188 189 // sweepArenas is a snapshot of heapArenas taken at the 190 // beginning of the sweep cycle. This can be read safely by 191 // simply blocking GC (by disabling preemption). 192 sweepArenas []arenaIdx 193 194 // markArenas is a snapshot of heapArenas taken at the beginning 195 // of the mark cycle. Because heapArenas is append-only, neither 196 // this slice nor its contents will change during the mark, so 197 // it can be read safely. 198 markArenas []arenaIdx 199 200 // curArena is the arena that the heap is currently growing 201 // into. This should always be physPageSize-aligned. 202 curArena struct { 203 base, end uintptr 204 } 205 206 // central free lists for small size classes. 207 // the padding makes sure that the mcentrals are 208 // spaced CacheLinePadSize bytes apart, so that each mcentral.lock 209 // gets its own cache line. 210 // central is indexed by spanClass. 211 central [numSpanClasses]struct { 212 mcentral mcentral 213 pad [(cpu.CacheLinePadSize - unsafe.Sizeof(mcentral{})%cpu.CacheLinePadSize) % cpu.CacheLinePadSize]byte 214 } 215 216 spanalloc fixalloc // allocator for span* 217 cachealloc fixalloc // allocator for mcache* 218 specialfinalizeralloc fixalloc // allocator for specialfinalizer* 219 specialCleanupAlloc fixalloc // allocator for specialCleanup* 220 specialCheckFinalizerAlloc fixalloc // allocator for specialCheckFinalizer* 221 specialTinyBlockAlloc fixalloc // allocator for specialTinyBlock* 222 specialprofilealloc fixalloc // allocator for specialprofile* 223 specialReachableAlloc fixalloc // allocator for specialReachable 224 specialPinCounterAlloc fixalloc // allocator for specialPinCounter 225 specialWeakHandleAlloc fixalloc // allocator for specialWeakHandle 226 specialBubbleAlloc fixalloc // allocator for specialBubble 227 speciallock mutex // lock for special record allocators. 228 arenaHintAlloc fixalloc // allocator for arenaHints 229 230 // User arena state. 231 // 232 // Protected by mheap_.lock. 233 userArena struct { 234 // arenaHints is a list of addresses at which to attempt to 235 // add more heap arenas for user arena chunks. This is initially 236 // populated with a set of general hint addresses, and grown with 237 // the bounds of actual heap arena ranges. 238 arenaHints *arenaHint 239 240 // quarantineList is a list of user arena spans that have been set to fault, but 241 // are waiting for all pointers into them to go away. Sweeping handles 242 // identifying when this is true, and moves the span to the ready list. 243 quarantineList mSpanList 244 245 // readyList is a list of empty user arena spans that are ready for reuse. 246 readyList mSpanList 247 } 248 249 // cleanupID is a counter which is incremented each time a cleanup special is added 250 // to a span. It's used to create globally unique identifiers for individual cleanup. 251 // cleanupID is protected by mheap_.speciallock. It must only be incremented while holding 252 // the lock. ID 0 is reserved. Users should increment first, then read the value. 253 cleanupID uint64 254 255 _ cpu.CacheLinePad 256 257 immortalWeakHandles immortalWeakHandleMap 258 259 unused *specialfinalizer // never set, just here to force the specialfinalizer type into DWARF 260 } 261 262 var mheap_ mheap 263 264 // A heapArena stores metadata for a heap arena. heapArenas are stored 265 // outside of the Go heap and accessed via the mheap_.arenas index. 266 type heapArena struct { 267 _ sys.NotInHeap 268 269 // spans maps from virtual address page ID within this arena to *mspan. 270 // For allocated spans, their pages map to the span itself. 271 // For free spans, only the lowest and highest pages map to the span itself. 272 // Internal pages map to an arbitrary span. 273 // For pages that have never been allocated, spans entries are nil. 274 // 275 // Modifications are protected by mheap.lock. Reads can be 276 // performed without locking, but ONLY from indexes that are 277 // known to contain in-use or stack spans. This means there 278 // must not be a safe-point between establishing that an 279 // address is live and looking it up in the spans array. 280 spans [pagesPerArena]*mspan 281 282 // pageInUse is a bitmap that indicates which spans are in 283 // state mSpanInUse. This bitmap is indexed by page number, 284 // but only the bit corresponding to the first page in each 285 // span is used. 286 // 287 // Reads and writes are atomic. 288 pageInUse [pagesPerArena / 8]uint8 289 290 // pageMarks is a bitmap that indicates which spans have any 291 // marked objects on them. Like pageInUse, only the bit 292 // corresponding to the first page in each span is used. 293 // 294 // Writes are done atomically during marking. Reads are 295 // non-atomic and lock-free since they only occur during 296 // sweeping (and hence never race with writes). 297 // 298 // This is used to quickly find whole spans that can be freed. 299 // 300 // TODO(austin): It would be nice if this was uint64 for 301 // faster scanning, but we don't have 64-bit atomic bit 302 // operations. 303 pageMarks [pagesPerArena / 8]uint8 304 305 // pageSpecials is a bitmap that indicates which spans have 306 // specials (finalizers or other). Like pageInUse, only the bit 307 // corresponding to the first page in each span is used. 308 // 309 // Writes are done atomically whenever a special is added to 310 // a span and whenever the last special is removed from a span. 311 // Reads are done atomically to find spans containing specials 312 // during marking. 313 pageSpecials [pagesPerArena / 8]uint8 314 315 // pageUseSpanInlineMarkBits is a bitmap where each bit corresponds 316 // to a span, as only spans one page in size can have inline mark bits. 317 // The bit indicates that the span has a spanInlineMarkBits struct 318 // stored directly at the top end of the span's memory. 319 pageUseSpanInlineMarkBits [pagesPerArena / 8]uint8 320 321 // checkmarks stores the debug.gccheckmark state. It is only 322 // used if debug.gccheckmark > 0 or debug.checkfinalizers > 0. 323 checkmarks *checkmarksMap 324 325 // zeroedBase marks the first byte of the first page in this 326 // arena which hasn't been used yet and is therefore already 327 // zero. zeroedBase is relative to the arena base. 328 // Increases monotonically until it hits heapArenaBytes. 329 // 330 // This field is sufficient to determine if an allocation 331 // needs to be zeroed because the page allocator follows an 332 // address-ordered first-fit policy. 333 // 334 // Read atomically and written with an atomic CAS. 335 zeroedBase uintptr 336 } 337 338 // arenaHint is a hint for where to grow the heap arenas. See 339 // mheap_.arenaHints. 340 type arenaHint struct { 341 _ sys.NotInHeap 342 addr uintptr 343 down bool 344 next *arenaHint 345 } 346 347 // An mspan is a run of pages. 348 // 349 // When a mspan is in the heap free treap, state == mSpanFree 350 // and heapmap(s->start) == span, heapmap(s->start+s->npages-1) == span. 351 // If the mspan is in the heap scav treap, then in addition to the 352 // above scavenged == true. scavenged == false in all other cases. 353 // 354 // When a mspan is allocated, state == mSpanInUse or mSpanManual 355 // and heapmap(i) == span for all s->start <= i < s->start+s->npages. 356 357 // Every mspan is in one doubly-linked list, either in the mheap's 358 // busy list or one of the mcentral's span lists. 359 360 // An mspan representing actual memory has state mSpanInUse, 361 // mSpanManual, or mSpanFree. Transitions between these states are 362 // constrained as follows: 363 // 364 // - A span may transition from free to in-use or manual during any GC 365 // phase. 366 // 367 // - During sweeping (gcphase == _GCoff), a span may transition from 368 // in-use to free (as a result of sweeping) or manual to free (as a 369 // result of stacks being freed). 370 // 371 // - During GC (gcphase != _GCoff), a span *must not* transition from 372 // manual or in-use to free. Because concurrent GC may read a pointer 373 // and then look up its span, the span state must be monotonic. 374 // 375 // Setting mspan.state to mSpanInUse or mSpanManual must be done 376 // atomically and only after all other span fields are valid. 377 // Likewise, if inspecting a span is contingent on it being 378 // mSpanInUse, the state should be loaded atomically and checked 379 // before depending on other fields. This allows the garbage collector 380 // to safely deal with potentially invalid pointers, since resolving 381 // such pointers may race with a span being allocated. 382 type mSpanState uint8 383 384 const ( 385 mSpanDead mSpanState = iota 386 mSpanInUse // allocated for garbage collected heap 387 mSpanManual // allocated for manual management (e.g., stack allocator) 388 ) 389 390 // mSpanStateNames are the names of the span states, indexed by 391 // mSpanState. 392 var mSpanStateNames = []string{ 393 "mSpanDead", 394 "mSpanInUse", 395 "mSpanManual", 396 } 397 398 // mSpanStateBox holds an atomic.Uint8 to provide atomic operations on 399 // an mSpanState. This is a separate type to disallow accidental comparison 400 // or assignment with mSpanState. 401 type mSpanStateBox struct { 402 s atomic.Uint8 403 } 404 405 // It is nosplit to match get, below. 406 407 //go:nosplit 408 func (b *mSpanStateBox) set(s mSpanState) { 409 b.s.Store(uint8(s)) 410 } 411 412 // It is nosplit because it's called indirectly by typedmemclr, 413 // which must not be preempted. 414 415 //go:nosplit 416 func (b *mSpanStateBox) get() mSpanState { 417 return mSpanState(b.s.Load()) 418 } 419 420 type mspan struct { 421 _ sys.NotInHeap 422 next *mspan // next span in list, or nil if none 423 prev *mspan // previous span in list, or nil if none 424 list *mSpanList // For debugging. 425 426 startAddr uintptr // address of first byte of span aka s.base() 427 npages uintptr // number of pages in span 428 429 manualFreeList gclinkptr // list of free objects in mSpanManual spans 430 431 // freeindex is the slot index between 0 and nelems at which to begin scanning 432 // for the next free object in this span. 433 // Each allocation scans allocBits starting at freeindex until it encounters a 0 434 // indicating a free object. freeindex is then adjusted so that subsequent scans begin 435 // just past the newly discovered free object. 436 // 437 // If freeindex == nelems, this span has no free objects. 438 // 439 // allocBits is a bitmap of objects in this span. 440 // If n >= freeindex and allocBits[n/8] & (1<<(n%8)) is 0 441 // then object n is free; 442 // otherwise, object n is allocated. Bits starting at nelems are 443 // undefined and should never be referenced. 444 // 445 // Object n starts at address n*elemsize + (start << pageShift). 446 freeindex uint16 447 // TODO: Look up nelems from sizeclass and remove this field if it 448 // helps performance. 449 nelems uint16 // number of object in the span. 450 // freeIndexForScan is like freeindex, except that freeindex is 451 // used by the allocator whereas freeIndexForScan is used by the 452 // GC scanner. They are two fields so that the GC sees the object 453 // is allocated only when the object and the heap bits are 454 // initialized (see also the assignment of freeIndexForScan in 455 // mallocgc, and issue 54596). 456 freeIndexForScan uint16 457 458 // Temporary storage for the object index that caused this span to 459 // be queued for scanning. 460 // 461 // Used only with goexperiment.GreenTeaGC. 462 scanIdx uint16 463 464 // Cache of the allocBits at freeindex. allocCache is shifted 465 // such that the lowest bit corresponds to the bit freeindex. 466 // allocCache holds the complement of allocBits, thus allowing 467 // ctz (count trailing zero) to use it directly. 468 // allocCache may contain bits beyond s.nelems; the caller must ignore 469 // these. 470 allocCache uint64 471 472 // allocBits and gcmarkBits hold pointers to a span's mark and 473 // allocation bits. The pointers are 8 byte aligned. 474 // There are three arenas where this data is held. 475 // free: Dirty arenas that are no longer accessed 476 // and can be reused. 477 // next: Holds information to be used in the next GC cycle. 478 // current: Information being used during this GC cycle. 479 // previous: Information being used during the last GC cycle. 480 // A new GC cycle starts with the call to finishsweep_m. 481 // finishsweep_m moves the previous arena to the free arena, 482 // the current arena to the previous arena, and 483 // the next arena to the current arena. 484 // The next arena is populated as the spans request 485 // memory to hold gcmarkBits for the next GC cycle as well 486 // as allocBits for newly allocated spans. 487 // 488 // The pointer arithmetic is done "by hand" instead of using 489 // arrays to avoid bounds checks along critical performance 490 // paths. 491 // The sweep will free the old allocBits and set allocBits to the 492 // gcmarkBits. The gcmarkBits are replaced with a fresh zeroed 493 // out memory. 494 allocBits *gcBits 495 gcmarkBits *gcBits 496 pinnerBits *gcBits // bitmap for pinned objects; accessed atomically 497 498 // sweep generation: 499 // if sweepgen == h->sweepgen - 2, the span needs sweeping 500 // if sweepgen == h->sweepgen - 1, the span is currently being swept 501 // if sweepgen == h->sweepgen, the span is swept and ready to use 502 // if sweepgen == h->sweepgen + 1, the span was cached before sweep began and is still cached, and needs sweeping 503 // if sweepgen == h->sweepgen + 3, the span was swept and then cached and is still cached 504 // h->sweepgen is incremented by 2 after every GC 505 506 sweepgen uint32 507 divMul uint32 // for divide by elemsize 508 allocCount uint16 // number of allocated objects 509 spanclass spanClass // size class and noscan (uint8) 510 state mSpanStateBox // mSpanInUse etc; accessed atomically (get/set methods) 511 needzero uint8 // needs to be zeroed before allocation 512 isUserArenaChunk bool // whether or not this span represents a user arena 513 allocCountBeforeCache uint16 // a copy of allocCount that is stored just before this span is cached 514 elemsize uintptr // computed from sizeclass or from npages 515 limit uintptr // end of data in span 516 speciallock mutex // guards specials list and changes to pinnerBits 517 specials *special // linked list of special records sorted by offset. 518 userArenaChunkFree addrRange // interval for managing chunk allocation 519 largeType *_type // malloc header for large objects. 520 } 521 522 func (s *mspan) base() uintptr { 523 return s.startAddr 524 } 525 526 func (s *mspan) layout() (size, n, total uintptr) { 527 total = s.npages << gc.PageShift 528 size = s.elemsize 529 if size > 0 { 530 n = total / size 531 } 532 return 533 } 534 535 // recordspan adds a newly allocated span to h.allspans. 536 // 537 // This only happens the first time a span is allocated from 538 // mheap.spanalloc (it is not called when a span is reused). 539 // 540 // Write barriers are disallowed here because it can be called from 541 // gcWork when allocating new workbufs. However, because it's an 542 // indirect call from the fixalloc initializer, the compiler can't see 543 // this. 544 // 545 // The heap lock must be held. 546 // 547 //go:nowritebarrierrec 548 func recordspan(vh unsafe.Pointer, p unsafe.Pointer) { 549 h := (*mheap)(vh) 550 s := (*mspan)(p) 551 552 assertLockHeld(&h.lock) 553 554 if len(h.allspans) >= cap(h.allspans) { 555 n := 64 * 1024 / goarch.PtrSize 556 if n < cap(h.allspans)*3/2 { 557 n = cap(h.allspans) * 3 / 2 558 } 559 var new []*mspan 560 sp := (*slice)(unsafe.Pointer(&new)) 561 sp.array = sysAlloc(uintptr(n)*goarch.PtrSize, &memstats.other_sys, "allspans array") 562 if sp.array == nil { 563 throw("runtime: cannot allocate memory") 564 } 565 sp.len = len(h.allspans) 566 sp.cap = n 567 if len(h.allspans) > 0 { 568 copy(new, h.allspans) 569 } 570 oldAllspans := h.allspans 571 *(*notInHeapSlice)(unsafe.Pointer(&h.allspans)) = *(*notInHeapSlice)(unsafe.Pointer(&new)) 572 if len(oldAllspans) != 0 { 573 sysFree(unsafe.Pointer(&oldAllspans[0]), uintptr(cap(oldAllspans))*unsafe.Sizeof(oldAllspans[0]), &memstats.other_sys) 574 } 575 } 576 h.allspans = h.allspans[:len(h.allspans)+1] 577 h.allspans[len(h.allspans)-1] = s 578 } 579 580 // A spanClass represents the size class and noscan-ness of a span. 581 // 582 // Each size class has a noscan spanClass and a scan spanClass. The 583 // noscan spanClass contains only noscan objects, which do not contain 584 // pointers and thus do not need to be scanned by the garbage 585 // collector. 586 type spanClass uint8 587 588 const ( 589 numSpanClasses = gc.NumSizeClasses << 1 590 tinySpanClass = spanClass(tinySizeClass<<1 | 1) 591 ) 592 593 func makeSpanClass(sizeclass uint8, noscan bool) spanClass { 594 return spanClass(sizeclass<<1) | spanClass(bool2int(noscan)) 595 } 596 597 //go:nosplit 598 func (sc spanClass) sizeclass() int8 { 599 return int8(sc >> 1) 600 } 601 602 //go:nosplit 603 func (sc spanClass) noscan() bool { 604 return sc&1 != 0 605 } 606 607 // arenaIndex returns the index into mheap_.arenas of the arena 608 // containing metadata for p. This index combines of an index into the 609 // L1 map and an index into the L2 map and should be used as 610 // mheap_.arenas[ai.l1()][ai.l2()]. 611 // 612 // If p is outside the range of valid heap addresses, either l1() or 613 // l2() will be out of bounds. 614 // 615 // It is nosplit because it's called by spanOf and several other 616 // nosplit functions. 617 // 618 //go:nosplit 619 func arenaIndex(p uintptr) arenaIdx { 620 return arenaIdx((p - arenaBaseOffset) / heapArenaBytes) 621 } 622 623 // arenaBase returns the low address of the region covered by heap 624 // arena i. 625 func arenaBase(i arenaIdx) uintptr { 626 return uintptr(i)*heapArenaBytes + arenaBaseOffset 627 } 628 629 type arenaIdx uint 630 631 // l1 returns the "l1" portion of an arenaIdx. 632 // 633 // Marked nosplit because it's called by spanOf and other nosplit 634 // functions. 635 // 636 //go:nosplit 637 func (i arenaIdx) l1() uint { 638 if arenaL1Bits == 0 { 639 // Let the compiler optimize this away if there's no 640 // L1 map. 641 return 0 642 } else { 643 return uint(i) >> arenaL1Shift 644 } 645 } 646 647 // l2 returns the "l2" portion of an arenaIdx. 648 // 649 // Marked nosplit because it's called by spanOf and other nosplit funcs. 650 // functions. 651 // 652 //go:nosplit 653 func (i arenaIdx) l2() uint { 654 if arenaL1Bits == 0 { 655 return uint(i) 656 } else { 657 return uint(i) & (1<<arenaL2Bits - 1) 658 } 659 } 660 661 // inheap reports whether b is a pointer into a (potentially dead) heap object. 662 // It returns false for pointers into mSpanManual spans. 663 // Non-preemptible because it is used by write barriers. 664 // 665 //go:nowritebarrier 666 //go:nosplit 667 func inheap(b uintptr) bool { 668 return spanOfHeap(b) != nil 669 } 670 671 // inHeapOrStack is a variant of inheap that returns true for pointers 672 // into any allocated heap span. 673 // 674 //go:nowritebarrier 675 //go:nosplit 676 func inHeapOrStack(b uintptr) bool { 677 s := spanOf(b) 678 if s == nil || b < s.base() { 679 return false 680 } 681 switch s.state.get() { 682 case mSpanInUse, mSpanManual: 683 return b < s.limit 684 default: 685 return false 686 } 687 } 688 689 // spanOf returns the span of p. If p does not point into the heap 690 // arena or no span has ever contained p, spanOf returns nil. 691 // 692 // If p does not point to allocated memory, this may return a non-nil 693 // span that does *not* contain p. If this is a possibility, the 694 // caller should either call spanOfHeap or check the span bounds 695 // explicitly. 696 // 697 // Must be nosplit because it has callers that are nosplit. 698 // 699 //go:nosplit 700 func spanOf(p uintptr) *mspan { 701 // This function looks big, but we use a lot of constant 702 // folding around arenaL1Bits to get it under the inlining 703 // budget. Also, many of the checks here are safety checks 704 // that Go needs to do anyway, so the generated code is quite 705 // short. 706 ri := arenaIndex(p) 707 if arenaL1Bits == 0 { 708 // If there's no L1, then ri.l1() can't be out of bounds but ri.l2() can. 709 if ri.l2() >= uint(len(mheap_.arenas[0])) { 710 return nil 711 } 712 } else { 713 // If there's an L1, then ri.l1() can be out of bounds but ri.l2() can't. 714 if ri.l1() >= uint(len(mheap_.arenas)) { 715 return nil 716 } 717 } 718 l2 := mheap_.arenas[ri.l1()] 719 if arenaL1Bits != 0 && l2 == nil { // Should never happen if there's no L1. 720 return nil 721 } 722 ha := l2[ri.l2()] 723 if ha == nil { 724 return nil 725 } 726 return ha.spans[(p/pageSize)%pagesPerArena] 727 } 728 729 // spanOfUnchecked is equivalent to spanOf, but the caller must ensure 730 // that p points into an allocated heap arena. 731 // 732 // Must be nosplit because it has callers that are nosplit. 733 // 734 //go:nosplit 735 func spanOfUnchecked(p uintptr) *mspan { 736 ai := arenaIndex(p) 737 return mheap_.arenas[ai.l1()][ai.l2()].spans[(p/pageSize)%pagesPerArena] 738 } 739 740 // spanOfHeap is like spanOf, but returns nil if p does not point to a 741 // heap object. 742 // 743 // Must be nosplit because it has callers that are nosplit. 744 // 745 //go:nosplit 746 func spanOfHeap(p uintptr) *mspan { 747 s := spanOf(p) 748 // s is nil if it's never been allocated. Otherwise, we check 749 // its state first because we don't trust this pointer, so we 750 // have to synchronize with span initialization. Then, it's 751 // still possible we picked up a stale span pointer, so we 752 // have to check the span's bounds. 753 if s == nil || s.state.get() != mSpanInUse || p < s.base() || p >= s.limit { 754 return nil 755 } 756 return s 757 } 758 759 // pageIndexOf returns the arena, page index, and page mask for pointer p. 760 // The caller must ensure p is in the heap. 761 func pageIndexOf(p uintptr) (arena *heapArena, pageIdx uintptr, pageMask uint8) { 762 ai := arenaIndex(p) 763 arena = mheap_.arenas[ai.l1()][ai.l2()] 764 pageIdx = ((p / pageSize) / 8) % uintptr(len(arena.pageInUse)) 765 pageMask = byte(1 << ((p / pageSize) % 8)) 766 return 767 } 768 769 // heapArenaOf returns the heap arena for p, if one exists. 770 func heapArenaOf(p uintptr) *heapArena { 771 ri := arenaIndex(p) 772 if arenaL1Bits == 0 { 773 // If there's no L1, then ri.l1() can't be out of bounds but ri.l2() can. 774 if ri.l2() >= uint(len(mheap_.arenas[0])) { 775 return nil 776 } 777 } else { 778 // If there's an L1, then ri.l1() can be out of bounds but ri.l2() can't. 779 if ri.l1() >= uint(len(mheap_.arenas)) { 780 return nil 781 } 782 } 783 l2 := mheap_.arenas[ri.l1()] 784 if arenaL1Bits != 0 && l2 == nil { // Should never happen if there's no L1. 785 return nil 786 } 787 return l2[ri.l2()] 788 } 789 790 // Initialize the heap. 791 func (h *mheap) init() { 792 lockInit(&h.lock, lockRankMheap) 793 lockInit(&h.speciallock, lockRankMheapSpecial) 794 795 h.spanalloc.init(unsafe.Sizeof(mspan{}), recordspan, unsafe.Pointer(h), &memstats.mspan_sys) 796 h.cachealloc.init(unsafe.Sizeof(mcache{}), nil, nil, &memstats.mcache_sys) 797 h.specialfinalizeralloc.init(unsafe.Sizeof(specialfinalizer{}), nil, nil, &memstats.other_sys) 798 h.specialCleanupAlloc.init(unsafe.Sizeof(specialCleanup{}), nil, nil, &memstats.other_sys) 799 h.specialCheckFinalizerAlloc.init(unsafe.Sizeof(specialCheckFinalizer{}), nil, nil, &memstats.other_sys) 800 h.specialTinyBlockAlloc.init(unsafe.Sizeof(specialTinyBlock{}), nil, nil, &memstats.other_sys) 801 h.specialprofilealloc.init(unsafe.Sizeof(specialprofile{}), nil, nil, &memstats.other_sys) 802 h.specialReachableAlloc.init(unsafe.Sizeof(specialReachable{}), nil, nil, &memstats.other_sys) 803 h.specialPinCounterAlloc.init(unsafe.Sizeof(specialPinCounter{}), nil, nil, &memstats.other_sys) 804 h.specialWeakHandleAlloc.init(unsafe.Sizeof(specialWeakHandle{}), nil, nil, &memstats.gcMiscSys) 805 h.specialBubbleAlloc.init(unsafe.Sizeof(specialBubble{}), nil, nil, &memstats.other_sys) 806 h.arenaHintAlloc.init(unsafe.Sizeof(arenaHint{}), nil, nil, &memstats.other_sys) 807 808 // Don't zero mspan allocations. Background sweeping can 809 // inspect a span concurrently with allocating it, so it's 810 // important that the span's sweepgen survive across freeing 811 // and re-allocating a span to prevent background sweeping 812 // from improperly cas'ing it from 0. 813 // 814 // This is safe because mspan contains no heap pointers. 815 h.spanalloc.zero = false 816 817 // h->mapcache needs no init 818 819 for i := range h.central { 820 h.central[i].mcentral.init(spanClass(i)) 821 } 822 823 h.pages.init(&h.lock, &memstats.gcMiscSys, false) 824 825 xRegInitAlloc() 826 } 827 828 // reclaim sweeps and reclaims at least npage pages into the heap. 829 // It is called before allocating npage pages to keep growth in check. 830 // 831 // reclaim implements the page-reclaimer half of the sweeper. 832 // 833 // h.lock must NOT be held. 834 func (h *mheap) reclaim(npage uintptr) { 835 // TODO(austin): Half of the time spent freeing spans is in 836 // locking/unlocking the heap (even with low contention). We 837 // could make the slow path here several times faster by 838 // batching heap frees. 839 840 // Bail early if there's no more reclaim work. 841 if h.reclaimIndex.Load() >= 1<<63 { 842 return 843 } 844 845 // Disable preemption so the GC can't start while we're 846 // sweeping, so we can read h.sweepArenas, and so 847 // traceGCSweepStart/Done pair on the P. 848 mp := acquirem() 849 850 trace := traceAcquire() 851 if trace.ok() { 852 trace.GCSweepStart() 853 traceRelease(trace) 854 } 855 856 arenas := h.sweepArenas 857 locked := false 858 for npage > 0 { 859 // Pull from accumulated credit first. 860 if credit := h.reclaimCredit.Load(); credit > 0 { 861 take := credit 862 if take > npage { 863 // Take only what we need. 864 take = npage 865 } 866 if h.reclaimCredit.CompareAndSwap(credit, credit-take) { 867 npage -= take 868 } 869 continue 870 } 871 872 // Claim a chunk of work. 873 idx := uintptr(h.reclaimIndex.Add(pagesPerReclaimerChunk) - pagesPerReclaimerChunk) 874 if idx/pagesPerArena >= uintptr(len(arenas)) { 875 // Page reclaiming is done. 876 h.reclaimIndex.Store(1 << 63) 877 break 878 } 879 880 if !locked { 881 // Lock the heap for reclaimChunk. 882 lock(&h.lock) 883 locked = true 884 } 885 886 // Scan this chunk. 887 nfound := h.reclaimChunk(arenas, idx, pagesPerReclaimerChunk) 888 if nfound <= npage { 889 npage -= nfound 890 } else { 891 // Put spare pages toward global credit. 892 h.reclaimCredit.Add(nfound - npage) 893 npage = 0 894 } 895 } 896 if locked { 897 unlock(&h.lock) 898 } 899 900 trace = traceAcquire() 901 if trace.ok() { 902 trace.GCSweepDone() 903 traceRelease(trace) 904 } 905 releasem(mp) 906 } 907 908 // reclaimChunk sweeps unmarked spans that start at page indexes [pageIdx, pageIdx+n). 909 // It returns the number of pages returned to the heap. 910 // 911 // h.lock must be held and the caller must be non-preemptible. Note: h.lock may be 912 // temporarily unlocked and re-locked in order to do sweeping or if tracing is 913 // enabled. 914 func (h *mheap) reclaimChunk(arenas []arenaIdx, pageIdx, n uintptr) uintptr { 915 // The heap lock must be held because this accesses the 916 // heapArena.spans arrays using potentially non-live pointers. 917 // In particular, if a span were freed and merged concurrently 918 // with this probing heapArena.spans, it would be possible to 919 // observe arbitrary, stale span pointers. 920 assertLockHeld(&h.lock) 921 922 n0 := n 923 var nFreed uintptr 924 sl := sweep.active.begin() 925 if !sl.valid { 926 return 0 927 } 928 for n > 0 { 929 ai := arenas[pageIdx/pagesPerArena] 930 ha := h.arenas[ai.l1()][ai.l2()] 931 932 // Get a chunk of the bitmap to work on. 933 arenaPage := uint(pageIdx % pagesPerArena) 934 inUse := ha.pageInUse[arenaPage/8:] 935 marked := ha.pageMarks[arenaPage/8:] 936 if uintptr(len(inUse)) > n/8 { 937 inUse = inUse[:n/8] 938 marked = marked[:n/8] 939 } 940 941 // Scan this bitmap chunk for spans that are in-use 942 // but have no marked objects on them. 943 for i := range inUse { 944 inUseUnmarked := atomic.Load8(&inUse[i]) &^ marked[i] 945 if inUseUnmarked == 0 { 946 continue 947 } 948 949 for j := uint(0); j < 8; j++ { 950 if inUseUnmarked&(1<<j) != 0 { 951 s := ha.spans[arenaPage+uint(i)*8+j] 952 if s, ok := sl.tryAcquire(s); ok { 953 npages := s.npages 954 unlock(&h.lock) 955 if s.sweep(false) { 956 nFreed += npages 957 } 958 lock(&h.lock) 959 // Reload inUse. It's possible nearby 960 // spans were freed when we dropped the 961 // lock and we don't want to get stale 962 // pointers from the spans array. 963 inUseUnmarked = atomic.Load8(&inUse[i]) &^ marked[i] 964 } 965 } 966 } 967 } 968 969 // Advance. 970 pageIdx += uintptr(len(inUse) * 8) 971 n -= uintptr(len(inUse) * 8) 972 } 973 sweep.active.end(sl) 974 trace := traceAcquire() 975 if trace.ok() { 976 unlock(&h.lock) 977 // Account for pages scanned but not reclaimed. 978 trace.GCSweepSpan((n0 - nFreed) * pageSize) 979 traceRelease(trace) 980 lock(&h.lock) 981 } 982 983 assertLockHeld(&h.lock) // Must be locked on return. 984 return nFreed 985 } 986 987 // spanAllocType represents the type of allocation to make, or 988 // the type of allocation to be freed. 989 type spanAllocType uint8 990 991 const ( 992 spanAllocHeap spanAllocType = iota // heap span 993 spanAllocStack // stack span 994 spanAllocWorkBuf // work buf span 995 ) 996 997 // manual returns true if the span allocation is manually managed. 998 func (s spanAllocType) manual() bool { 999 return s != spanAllocHeap 1000 } 1001 1002 // alloc allocates a new span of npage pages from the GC'd heap. 1003 // 1004 // spanclass indicates the span's size class and scannability. 1005 // 1006 // Returns a span that has been fully initialized. span.needzero indicates 1007 // whether the span has been zeroed. Note that it may not be. 1008 func (h *mheap) alloc(npages uintptr, spanclass spanClass) *mspan { 1009 // Don't do any operations that lock the heap on the G stack. 1010 // It might trigger stack growth, and the stack growth code needs 1011 // to be able to allocate heap. 1012 var s *mspan 1013 systemstack(func() { 1014 // To prevent excessive heap growth, before allocating n pages 1015 // we need to sweep and reclaim at least n pages. 1016 if !isSweepDone() { 1017 h.reclaim(npages) 1018 } 1019 s = h.allocSpan(npages, spanAllocHeap, spanclass) 1020 }) 1021 return s 1022 } 1023 1024 // allocManual allocates a manually-managed span of npage pages. 1025 // allocManual returns nil if allocation fails. 1026 // 1027 // allocManual adds the bytes used to *stat, which should be a 1028 // memstats in-use field. Unlike allocations in the GC'd heap, the 1029 // allocation does *not* count toward heapInUse. 1030 // 1031 // The memory backing the returned span may not be zeroed if 1032 // span.needzero is set. 1033 // 1034 // allocManual must be called on the system stack because it may 1035 // acquire the heap lock via allocSpan. See mheap for details. 1036 // 1037 // If new code is written to call allocManual, do NOT use an 1038 // existing spanAllocType value and instead declare a new one. 1039 // 1040 //go:systemstack 1041 func (h *mheap) allocManual(npages uintptr, typ spanAllocType) *mspan { 1042 if !typ.manual() { 1043 throw("manual span allocation called with non-manually-managed type") 1044 } 1045 return h.allocSpan(npages, typ, 0) 1046 } 1047 1048 // setSpans modifies the span map so [spanOf(base), spanOf(base+npage*pageSize)) 1049 // is s. 1050 func (h *mheap) setSpans(base, npage uintptr, s *mspan) { 1051 p := base / pageSize 1052 ai := arenaIndex(base) 1053 ha := h.arenas[ai.l1()][ai.l2()] 1054 for n := uintptr(0); n < npage; n++ { 1055 i := (p + n) % pagesPerArena 1056 if i == 0 { 1057 ai = arenaIndex(base + n*pageSize) 1058 ha = h.arenas[ai.l1()][ai.l2()] 1059 } 1060 ha.spans[i] = s 1061 } 1062 } 1063 1064 // allocNeedsZero checks if the region of address space [base, base+npage*pageSize), 1065 // assumed to be allocated, needs to be zeroed, updating heap arena metadata for 1066 // future allocations. 1067 // 1068 // This must be called each time pages are allocated from the heap, even if the page 1069 // allocator can otherwise prove the memory it's allocating is already zero because 1070 // they're fresh from the operating system. It updates heapArena metadata that is 1071 // critical for future page allocations. 1072 // 1073 // There are no locking constraints on this method. 1074 func (h *mheap) allocNeedsZero(base, npage uintptr) (needZero bool) { 1075 for npage > 0 { 1076 ai := arenaIndex(base) 1077 ha := h.arenas[ai.l1()][ai.l2()] 1078 1079 zeroedBase := atomic.Loaduintptr(&ha.zeroedBase) 1080 arenaBase := base % heapArenaBytes 1081 if arenaBase < zeroedBase { 1082 // We extended into the non-zeroed part of the 1083 // arena, so this region needs to be zeroed before use. 1084 // 1085 // zeroedBase is monotonically increasing, so if we see this now then 1086 // we can be sure we need to zero this memory region. 1087 // 1088 // We still need to update zeroedBase for this arena, and 1089 // potentially more arenas. 1090 needZero = true 1091 } 1092 // We may observe arenaBase > zeroedBase if we're racing with one or more 1093 // allocations which are acquiring memory directly before us in the address 1094 // space. But, because we know no one else is acquiring *this* memory, it's 1095 // still safe to not zero. 1096 1097 // Compute how far into the arena we extend into, capped 1098 // at heapArenaBytes. 1099 arenaLimit := arenaBase + npage*pageSize 1100 if arenaLimit > heapArenaBytes { 1101 arenaLimit = heapArenaBytes 1102 } 1103 // Increase ha.zeroedBase so it's >= arenaLimit. 1104 // We may be racing with other updates. 1105 for arenaLimit > zeroedBase { 1106 if atomic.Casuintptr(&ha.zeroedBase, zeroedBase, arenaLimit) { 1107 break 1108 } 1109 zeroedBase = atomic.Loaduintptr(&ha.zeroedBase) 1110 // Double check basic conditions of zeroedBase. 1111 if zeroedBase <= arenaLimit && zeroedBase > arenaBase { 1112 // The zeroedBase moved into the space we were trying to 1113 // claim. That's very bad, and indicates someone allocated 1114 // the same region we did. 1115 throw("potentially overlapping in-use allocations detected") 1116 } 1117 } 1118 1119 // Move base forward and subtract from npage to move into 1120 // the next arena, or finish. 1121 base += arenaLimit - arenaBase 1122 npage -= (arenaLimit - arenaBase) / pageSize 1123 } 1124 return 1125 } 1126 1127 // tryAllocMSpan attempts to allocate an mspan object from 1128 // the P-local cache, but may fail. 1129 // 1130 // h.lock need not be held. 1131 // 1132 // This caller must ensure that its P won't change underneath 1133 // it during this function. Currently to ensure that we enforce 1134 // that the function is run on the system stack, because that's 1135 // the only place it is used now. In the future, this requirement 1136 // may be relaxed if its use is necessary elsewhere. 1137 // 1138 //go:systemstack 1139 func (h *mheap) tryAllocMSpan() *mspan { 1140 pp := getg().m.p.ptr() 1141 // If we don't have a p or the cache is empty, we can't do 1142 // anything here. 1143 if pp == nil || pp.mspancache.len == 0 { 1144 return nil 1145 } 1146 // Pull off the last entry in the cache. 1147 s := pp.mspancache.buf[pp.mspancache.len-1] 1148 pp.mspancache.len-- 1149 return s 1150 } 1151 1152 // allocMSpanLocked allocates an mspan object. 1153 // 1154 // h.lock must be held. 1155 // 1156 // allocMSpanLocked must be called on the system stack because 1157 // its caller holds the heap lock. See mheap for details. 1158 // Running on the system stack also ensures that we won't 1159 // switch Ps during this function. See tryAllocMSpan for details. 1160 // 1161 //go:systemstack 1162 func (h *mheap) allocMSpanLocked() *mspan { 1163 assertLockHeld(&h.lock) 1164 1165 pp := getg().m.p.ptr() 1166 if pp == nil { 1167 // We don't have a p so just do the normal thing. 1168 return (*mspan)(h.spanalloc.alloc()) 1169 } 1170 // Refill the cache if necessary. 1171 if pp.mspancache.len == 0 { 1172 const refillCount = len(pp.mspancache.buf) / 2 1173 for i := 0; i < refillCount; i++ { 1174 pp.mspancache.buf[i] = (*mspan)(h.spanalloc.alloc()) 1175 } 1176 pp.mspancache.len = refillCount 1177 } 1178 // Pull off the last entry in the cache. 1179 s := pp.mspancache.buf[pp.mspancache.len-1] 1180 pp.mspancache.len-- 1181 return s 1182 } 1183 1184 // freeMSpanLocked free an mspan object. 1185 // 1186 // h.lock must be held. 1187 // 1188 // freeMSpanLocked must be called on the system stack because 1189 // its caller holds the heap lock. See mheap for details. 1190 // Running on the system stack also ensures that we won't 1191 // switch Ps during this function. See tryAllocMSpan for details. 1192 // 1193 //go:systemstack 1194 func (h *mheap) freeMSpanLocked(s *mspan) { 1195 assertLockHeld(&h.lock) 1196 1197 pp := getg().m.p.ptr() 1198 // First try to free the mspan directly to the cache. 1199 if pp != nil && pp.mspancache.len < len(pp.mspancache.buf) { 1200 pp.mspancache.buf[pp.mspancache.len] = s 1201 pp.mspancache.len++ 1202 return 1203 } 1204 // Failing that (or if we don't have a p), just free it to 1205 // the heap. 1206 h.spanalloc.free(unsafe.Pointer(s)) 1207 } 1208 1209 // allocSpan allocates an mspan which owns npages worth of memory. 1210 // 1211 // If typ.manual() == false, allocSpan allocates a heap span of class spanclass 1212 // and updates heap accounting. If manual == true, allocSpan allocates a 1213 // manually-managed span (spanclass is ignored), and the caller is 1214 // responsible for any accounting related to its use of the span. Either 1215 // way, allocSpan will atomically add the bytes in the newly allocated 1216 // span to *sysStat. 1217 // 1218 // The returned span is fully initialized. 1219 // 1220 // h.lock must not be held. 1221 // 1222 // allocSpan must be called on the system stack both because it acquires 1223 // the heap lock and because it must block GC transitions. 1224 // 1225 //go:systemstack 1226 func (h *mheap) allocSpan(npages uintptr, typ spanAllocType, spanclass spanClass) (s *mspan) { 1227 // Function-global state. 1228 gp := getg() 1229 base, scav := uintptr(0), uintptr(0) 1230 growth := uintptr(0) 1231 1232 // On some platforms we need to provide physical page aligned stack 1233 // allocations. Where the page size is less than the physical page 1234 // size, we already manage to do this by default. 1235 needPhysPageAlign := physPageAlignedStacks && typ == spanAllocStack && pageSize < physPageSize 1236 1237 // If the allocation is small enough, try the page cache! 1238 // The page cache does not support aligned allocations, so we cannot use 1239 // it if we need to provide a physical page aligned stack allocation. 1240 pp := gp.m.p.ptr() 1241 if !needPhysPageAlign && pp != nil && npages < pageCachePages/4 { 1242 c := &pp.pcache 1243 1244 // If the cache is empty, refill it. 1245 if c.empty() { 1246 lock(&h.lock) 1247 *c = h.pages.allocToCache() 1248 unlock(&h.lock) 1249 } 1250 1251 // Try to allocate from the cache. 1252 base, scav = c.alloc(npages) 1253 if base != 0 { 1254 s = h.tryAllocMSpan() 1255 if s != nil { 1256 goto HaveSpan 1257 } 1258 // We have a base but no mspan, so we need 1259 // to lock the heap. 1260 } 1261 } 1262 1263 // For one reason or another, we couldn't get the 1264 // whole job done without the heap lock. 1265 lock(&h.lock) 1266 1267 if needPhysPageAlign { 1268 // Overallocate by a physical page to allow for later alignment. 1269 extraPages := physPageSize / pageSize 1270 1271 // Find a big enough region first, but then only allocate the 1272 // aligned portion. We can't just allocate and then free the 1273 // edges because we need to account for scavenged memory, and 1274 // that's difficult with alloc. 1275 // 1276 // Note that we skip updates to searchAddr here. It's OK if 1277 // it's stale and higher than normal; it'll operate correctly, 1278 // just come with a performance cost. 1279 base, _ = h.pages.find(npages + extraPages) 1280 if base == 0 { 1281 var ok bool 1282 growth, ok = h.grow(npages + extraPages) 1283 if !ok { 1284 unlock(&h.lock) 1285 return nil 1286 } 1287 base, _ = h.pages.find(npages + extraPages) 1288 if base == 0 { 1289 throw("grew heap, but no adequate free space found") 1290 } 1291 } 1292 base = alignUp(base, physPageSize) 1293 scav = h.pages.allocRange(base, npages) 1294 } 1295 1296 if base == 0 { 1297 // Try to acquire a base address. 1298 base, scav = h.pages.alloc(npages) 1299 if base == 0 { 1300 var ok bool 1301 growth, ok = h.grow(npages) 1302 if !ok { 1303 unlock(&h.lock) 1304 return nil 1305 } 1306 base, scav = h.pages.alloc(npages) 1307 if base == 0 { 1308 throw("grew heap, but no adequate free space found") 1309 } 1310 } 1311 } 1312 if s == nil { 1313 // We failed to get an mspan earlier, so grab 1314 // one now that we have the heap lock. 1315 s = h.allocMSpanLocked() 1316 } 1317 unlock(&h.lock) 1318 1319 HaveSpan: 1320 // Decide if we need to scavenge in response to what we just allocated. 1321 // Specifically, we track the maximum amount of memory to scavenge of all 1322 // the alternatives below, assuming that the maximum satisfies *all* 1323 // conditions we check (e.g. if we need to scavenge X to satisfy the 1324 // memory limit and Y to satisfy heap-growth scavenging, and Y > X, then 1325 // it's fine to pick Y, because the memory limit is still satisfied). 1326 // 1327 // It's fine to do this after allocating because we expect any scavenged 1328 // pages not to get touched until we return. Simultaneously, it's important 1329 // to do this before calling sysUsed because that may commit address space. 1330 bytesToScavenge := uintptr(0) 1331 forceScavenge := false 1332 if limit := gcController.memoryLimit.Load(); !gcCPULimiter.limiting() { 1333 // Assist with scavenging to maintain the memory limit by the amount 1334 // that we expect to page in. 1335 inuse := gcController.mappedReady.Load() 1336 // Be careful about overflow, especially with uintptrs. Even on 32-bit platforms 1337 // someone can set a really big memory limit that isn't math.MaxInt64. 1338 if uint64(scav)+inuse > uint64(limit) { 1339 bytesToScavenge = uintptr(uint64(scav) + inuse - uint64(limit)) 1340 forceScavenge = true 1341 } 1342 } 1343 if goal := scavenge.gcPercentGoal.Load(); goal != ^uint64(0) && growth > 0 { 1344 // We just caused a heap growth, so scavenge down what will soon be used. 1345 // By scavenging inline we deal with the failure to allocate out of 1346 // memory fragments by scavenging the memory fragments that are least 1347 // likely to be re-used. 1348 // 1349 // Only bother with this because we're not using a memory limit. We don't 1350 // care about heap growths as long as we're under the memory limit, and the 1351 // previous check for scaving already handles that. 1352 if retained := heapRetained(); retained+uint64(growth) > goal { 1353 // The scavenging algorithm requires the heap lock to be dropped so it 1354 // can acquire it only sparingly. This is a potentially expensive operation 1355 // so it frees up other goroutines to allocate in the meanwhile. In fact, 1356 // they can make use of the growth we just created. 1357 todo := growth 1358 if overage := uintptr(retained + uint64(growth) - goal); todo > overage { 1359 todo = overage 1360 } 1361 if todo > bytesToScavenge { 1362 bytesToScavenge = todo 1363 } 1364 } 1365 } 1366 // There are a few very limited circumstances where we won't have a P here. 1367 // It's OK to simply skip scavenging in these cases. Something else will notice 1368 // and pick up the tab. 1369 var now int64 1370 if pp != nil && bytesToScavenge > 0 { 1371 // Measure how long we spent scavenging and add that measurement to the assist 1372 // time so we can track it for the GC CPU limiter. 1373 // 1374 // Limiter event tracking might be disabled if we end up here 1375 // while on a mark worker. 1376 start := nanotime() 1377 track := pp.limiterEvent.start(limiterEventScavengeAssist, start) 1378 1379 // Scavenge, but back out if the limiter turns on. 1380 released := h.pages.scavenge(bytesToScavenge, func() bool { 1381 return gcCPULimiter.limiting() 1382 }, forceScavenge) 1383 1384 mheap_.pages.scav.releasedEager.Add(released) 1385 1386 // Finish up accounting. 1387 now = nanotime() 1388 if track { 1389 pp.limiterEvent.stop(limiterEventScavengeAssist, now) 1390 } 1391 scavenge.assistTime.Add(now - start) 1392 } 1393 1394 // Initialize the span. 1395 h.initSpan(s, typ, spanclass, base, npages) 1396 1397 if valgrindenabled { 1398 valgrindMempoolMalloc(unsafe.Pointer(arenaBase(arenaIndex(base))), unsafe.Pointer(base), npages*pageSize) 1399 } 1400 1401 // Commit and account for any scavenged memory that the span now owns. 1402 nbytes := npages * pageSize 1403 if scav != 0 { 1404 // sysUsed all the pages that are actually available 1405 // in the span since some of them might be scavenged. 1406 sysUsed(unsafe.Pointer(base), nbytes, scav) 1407 gcController.heapReleased.add(-int64(scav)) 1408 } 1409 // Update stats. 1410 gcController.heapFree.add(-int64(nbytes - scav)) 1411 if typ == spanAllocHeap { 1412 gcController.heapInUse.add(int64(nbytes)) 1413 } 1414 // Update consistent stats. 1415 stats := memstats.heapStats.acquire() 1416 atomic.Xaddint64(&stats.committed, int64(scav)) 1417 atomic.Xaddint64(&stats.released, -int64(scav)) 1418 switch typ { 1419 case spanAllocHeap: 1420 atomic.Xaddint64(&stats.inHeap, int64(nbytes)) 1421 case spanAllocStack: 1422 atomic.Xaddint64(&stats.inStacks, int64(nbytes)) 1423 case spanAllocWorkBuf: 1424 atomic.Xaddint64(&stats.inWorkBufs, int64(nbytes)) 1425 } 1426 memstats.heapStats.release() 1427 1428 // Trace the span alloc. 1429 if traceAllocFreeEnabled() { 1430 trace := traceAcquire() 1431 if trace.ok() { 1432 trace.SpanAlloc(s) 1433 traceRelease(trace) 1434 } 1435 } 1436 return s 1437 } 1438 1439 // initSpan initializes a blank span s which will represent the range 1440 // [base, base+npages*pageSize). typ is the type of span being allocated. 1441 func (h *mheap) initSpan(s *mspan, typ spanAllocType, spanclass spanClass, base, npages uintptr) { 1442 // At this point, both s != nil and base != 0, and the heap 1443 // lock is no longer held. Initialize the span. 1444 s.init(base, npages) 1445 if h.allocNeedsZero(base, npages) { 1446 s.needzero = 1 1447 } 1448 nbytes := npages * pageSize 1449 if typ.manual() { 1450 s.manualFreeList = 0 1451 s.nelems = 0 1452 s.state.set(mSpanManual) 1453 } else { 1454 // We must set span properties before the span is published anywhere 1455 // since we're not holding the heap lock. 1456 s.spanclass = spanclass 1457 if sizeclass := spanclass.sizeclass(); sizeclass == 0 { 1458 s.elemsize = nbytes 1459 s.nelems = 1 1460 s.divMul = 0 1461 } else { 1462 s.elemsize = uintptr(gc.SizeClassToSize[sizeclass]) 1463 if goexperiment.GreenTeaGC { 1464 var reserve uintptr 1465 if gcUsesSpanInlineMarkBits(s.elemsize) { 1466 // Reserve space for the inline mark bits. 1467 reserve += unsafe.Sizeof(spanInlineMarkBits{}) 1468 } 1469 if heapBitsInSpan(s.elemsize) && !s.spanclass.noscan() { 1470 // Reserve space for the pointer/scan bitmap at the end. 1471 reserve += nbytes / goarch.PtrSize / 8 1472 } 1473 s.nelems = uint16((nbytes - reserve) / s.elemsize) 1474 } else { 1475 if !s.spanclass.noscan() && heapBitsInSpan(s.elemsize) { 1476 // Reserve space for the pointer/scan bitmap at the end. 1477 s.nelems = uint16((nbytes - (nbytes / goarch.PtrSize / 8)) / s.elemsize) 1478 } else { 1479 s.nelems = uint16(nbytes / s.elemsize) 1480 } 1481 } 1482 s.divMul = gc.SizeClassToDivMagic[sizeclass] 1483 } 1484 1485 // Initialize mark and allocation structures. 1486 s.freeindex = 0 1487 s.freeIndexForScan = 0 1488 s.allocCache = ^uint64(0) // all 1s indicating all free. 1489 s.gcmarkBits = newMarkBits(uintptr(s.nelems)) 1490 s.allocBits = newAllocBits(uintptr(s.nelems)) 1491 1492 // Adjust s.limit down to the object-containing part of the span. 1493 s.limit = s.base() + s.elemsize*uintptr(s.nelems) 1494 1495 // It's safe to access h.sweepgen without the heap lock because it's 1496 // only ever updated with the world stopped and we run on the 1497 // systemstack which blocks a STW transition. 1498 atomic.Store(&s.sweepgen, h.sweepgen) 1499 1500 // Now that the span is filled in, set its state. This 1501 // is a publication barrier for the other fields in 1502 // the span. While valid pointers into this span 1503 // should never be visible until the span is returned, 1504 // if the garbage collector finds an invalid pointer, 1505 // access to the span may race with initialization of 1506 // the span. We resolve this race by atomically 1507 // setting the state after the span is fully 1508 // initialized, and atomically checking the state in 1509 // any situation where a pointer is suspect. 1510 s.state.set(mSpanInUse) 1511 } 1512 1513 // Publish the span in various locations. 1514 1515 // This is safe to call without the lock held because the slots 1516 // related to this span will only ever be read or modified by 1517 // this thread until pointers into the span are published (and 1518 // we execute a publication barrier at the end of this function 1519 // before that happens) or pageInUse is updated. 1520 h.setSpans(s.base(), npages, s) 1521 1522 if !typ.manual() { 1523 // Mark in-use span in arena page bitmap. 1524 // 1525 // This publishes the span to the page sweeper, so 1526 // it's imperative that the span be completely initialized 1527 // prior to this line. 1528 arena, pageIdx, pageMask := pageIndexOf(s.base()) 1529 atomic.Or8(&arena.pageInUse[pageIdx], pageMask) 1530 1531 // Mark packed span. 1532 if gcUsesSpanInlineMarkBits(s.elemsize) { 1533 atomic.Or8(&arena.pageUseSpanInlineMarkBits[pageIdx], pageMask) 1534 } 1535 1536 // Update related page sweeper stats. 1537 h.pagesInUse.Add(npages) 1538 } 1539 1540 // Make sure the newly allocated span will be observed 1541 // by the GC before pointers into the span are published. 1542 publicationBarrier() 1543 } 1544 1545 // Try to add at least npage pages of memory to the heap, 1546 // returning how much the heap grew by and whether it worked. 1547 // 1548 // h.lock must be held. 1549 func (h *mheap) grow(npage uintptr) (uintptr, bool) { 1550 assertLockHeld(&h.lock) 1551 1552 firstGrow := h.curArena.base == 0 1553 1554 // We must grow the heap in whole palloc chunks. 1555 // We call sysMap below but note that because we 1556 // round up to pallocChunkPages which is on the order 1557 // of MiB (generally >= to the huge page size) we 1558 // won't be calling it too much. 1559 ask := alignUp(npage, pallocChunkPages) * pageSize 1560 1561 totalGrowth := uintptr(0) 1562 // This may overflow because ask could be very large 1563 // and is otherwise unrelated to h.curArena.base. 1564 end := h.curArena.base + ask 1565 nBase := alignUp(end, physPageSize) 1566 if nBase > h.curArena.end || /* overflow */ end < h.curArena.base { 1567 // Not enough room in the current arena. Allocate more 1568 // arena space. This may not be contiguous with the 1569 // current arena, so we have to request the full ask. 1570 av, asize := h.sysAlloc(ask, &h.arenaHints, &h.heapArenas) 1571 if av == nil { 1572 inUse := gcController.heapFree.load() + gcController.heapReleased.load() + gcController.heapInUse.load() 1573 print("runtime: out of memory: cannot allocate ", ask, "-byte block (", inUse, " in use)\n") 1574 return 0, false 1575 } 1576 1577 if uintptr(av) == h.curArena.end { 1578 // The new space is contiguous with the old 1579 // space, so just extend the current space. 1580 h.curArena.end = uintptr(av) + asize 1581 } else { 1582 // The new space is discontiguous. Track what 1583 // remains of the current space and switch to 1584 // the new space. This should be rare. 1585 if size := h.curArena.end - h.curArena.base; size != 0 { 1586 // Transition this space from Reserved to Prepared and mark it 1587 // as released since we'll be able to start using it after updating 1588 // the page allocator and releasing the lock at any time. 1589 sysMap(unsafe.Pointer(h.curArena.base), size, &gcController.heapReleased, "heap") 1590 // Update stats. 1591 stats := memstats.heapStats.acquire() 1592 atomic.Xaddint64(&stats.released, int64(size)) 1593 memstats.heapStats.release() 1594 // Update the page allocator's structures to make this 1595 // space ready for allocation. 1596 h.pages.grow(h.curArena.base, size) 1597 totalGrowth += size 1598 } 1599 // Switch to the new space. 1600 h.curArena.base = uintptr(av) 1601 h.curArena.end = uintptr(av) + asize 1602 1603 if firstGrow && randomizeHeapBase { 1604 // The top heapAddrBits-logHeapArenaBytes are randomized, we now 1605 // want to randomize the next 1606 // logHeapArenaBytes-log2(pallocChunkBytes) bits, making sure 1607 // h.curArena.base is aligned to pallocChunkBytes. 1608 bits := logHeapArenaBytes - logPallocChunkBytes 1609 offset := nextHeapRandBits(bits) 1610 h.curArena.base = alignDown(h.curArena.base|(offset<<logPallocChunkBytes), pallocChunkBytes) 1611 } 1612 } 1613 1614 // Recalculate nBase. 1615 // We know this won't overflow, because sysAlloc returned 1616 // a valid region starting at h.curArena.base which is at 1617 // least ask bytes in size. 1618 nBase = alignUp(h.curArena.base+ask, physPageSize) 1619 } 1620 1621 // Grow into the current arena. 1622 v := h.curArena.base 1623 h.curArena.base = nBase 1624 1625 // Transition the space we're going to use from Reserved to Prepared. 1626 // 1627 // The allocation is always aligned to the heap arena 1628 // size which is always > physPageSize, so its safe to 1629 // just add directly to heapReleased. 1630 sysMap(unsafe.Pointer(v), nBase-v, &gcController.heapReleased, "heap") 1631 1632 // The memory just allocated counts as both released 1633 // and idle, even though it's not yet backed by spans. 1634 stats := memstats.heapStats.acquire() 1635 atomic.Xaddint64(&stats.released, int64(nBase-v)) 1636 memstats.heapStats.release() 1637 1638 // Update the page allocator's structures to make this 1639 // space ready for allocation. 1640 h.pages.grow(v, nBase-v) 1641 totalGrowth += nBase - v 1642 1643 if firstGrow && randomizeHeapBase { 1644 // The top heapAddrBits-log2(pallocChunkBytes) bits are now randomized, 1645 // we finally want to randomize the next 1646 // log2(pallocChunkBytes)-log2(pageSize) bits, while maintaining 1647 // alignment to pageSize. We do this by calculating a random number of 1648 // pages into the current arena, and marking them as allocated. The 1649 // address of the next available page becomes our fully randomized base 1650 // heap address. 1651 randOffset := nextHeapRandBits(logPallocChunkBytes) 1652 randNumPages := alignDown(randOffset, pageSize) / pageSize 1653 if randNumPages != 0 { 1654 h.pages.markRandomPaddingPages(v, randNumPages) 1655 } 1656 } 1657 1658 return totalGrowth, true 1659 } 1660 1661 // Free the span back into the heap. 1662 func (h *mheap) freeSpan(s *mspan) { 1663 systemstack(func() { 1664 // Trace the span free. 1665 if traceAllocFreeEnabled() { 1666 trace := traceAcquire() 1667 if trace.ok() { 1668 trace.SpanFree(s) 1669 traceRelease(trace) 1670 } 1671 } 1672 1673 lock(&h.lock) 1674 if msanenabled { 1675 // Tell msan that this entire span is no longer in use. 1676 base := unsafe.Pointer(s.base()) 1677 bytes := s.npages << gc.PageShift 1678 msanfree(base, bytes) 1679 } 1680 if asanenabled { 1681 // Tell asan that this entire span is no longer in use. 1682 base := unsafe.Pointer(s.base()) 1683 bytes := s.npages << gc.PageShift 1684 asanpoison(base, bytes) 1685 } 1686 if valgrindenabled { 1687 base := s.base() 1688 valgrindMempoolFree(unsafe.Pointer(arenaBase(arenaIndex(base))), unsafe.Pointer(base)) 1689 } 1690 h.freeSpanLocked(s, spanAllocHeap) 1691 unlock(&h.lock) 1692 }) 1693 } 1694 1695 // freeManual frees a manually-managed span returned by allocManual. 1696 // typ must be the same as the spanAllocType passed to the allocManual that 1697 // allocated s. 1698 // 1699 // This must only be called when gcphase == _GCoff. See mSpanState for 1700 // an explanation. 1701 // 1702 // freeManual must be called on the system stack because it acquires 1703 // the heap lock. See mheap for details. 1704 // 1705 //go:systemstack 1706 func (h *mheap) freeManual(s *mspan, typ spanAllocType) { 1707 // Trace the span free. 1708 if traceAllocFreeEnabled() { 1709 trace := traceAcquire() 1710 if trace.ok() { 1711 trace.SpanFree(s) 1712 traceRelease(trace) 1713 } 1714 } 1715 1716 s.needzero = 1 1717 lock(&h.lock) 1718 if valgrindenabled { 1719 base := s.base() 1720 valgrindMempoolFree(unsafe.Pointer(arenaBase(arenaIndex(base))), unsafe.Pointer(base)) 1721 } 1722 h.freeSpanLocked(s, typ) 1723 unlock(&h.lock) 1724 } 1725 1726 func (h *mheap) freeSpanLocked(s *mspan, typ spanAllocType) { 1727 assertLockHeld(&h.lock) 1728 1729 switch s.state.get() { 1730 case mSpanManual: 1731 if s.allocCount != 0 { 1732 throw("mheap.freeSpanLocked - invalid stack free") 1733 } 1734 case mSpanInUse: 1735 if s.isUserArenaChunk { 1736 throw("mheap.freeSpanLocked - invalid free of user arena chunk") 1737 } 1738 if s.allocCount != 0 || s.sweepgen != h.sweepgen { 1739 print("mheap.freeSpanLocked - span ", s, " ptr ", hex(s.base()), " allocCount ", s.allocCount, " sweepgen ", s.sweepgen, "/", h.sweepgen, "\n") 1740 throw("mheap.freeSpanLocked - invalid free") 1741 } 1742 h.pagesInUse.Add(-s.npages) 1743 1744 // Clear in-use bit in arena page bitmap. 1745 arena, pageIdx, pageMask := pageIndexOf(s.base()) 1746 atomic.And8(&arena.pageInUse[pageIdx], ^pageMask) 1747 1748 // Clear small heap span bit if necessary. 1749 if gcUsesSpanInlineMarkBits(s.elemsize) { 1750 atomic.And8(&arena.pageUseSpanInlineMarkBits[pageIdx], ^pageMask) 1751 } 1752 default: 1753 throw("mheap.freeSpanLocked - invalid span state") 1754 } 1755 1756 // Update stats. 1757 // 1758 // Mirrors the code in allocSpan. 1759 nbytes := s.npages * pageSize 1760 gcController.heapFree.add(int64(nbytes)) 1761 if typ == spanAllocHeap { 1762 gcController.heapInUse.add(-int64(nbytes)) 1763 } 1764 // Update consistent stats. 1765 stats := memstats.heapStats.acquire() 1766 switch typ { 1767 case spanAllocHeap: 1768 atomic.Xaddint64(&stats.inHeap, -int64(nbytes)) 1769 case spanAllocStack: 1770 atomic.Xaddint64(&stats.inStacks, -int64(nbytes)) 1771 case spanAllocWorkBuf: 1772 atomic.Xaddint64(&stats.inWorkBufs, -int64(nbytes)) 1773 } 1774 memstats.heapStats.release() 1775 1776 // Mark the space as free. 1777 h.pages.free(s.base(), s.npages) 1778 1779 // Free the span structure. We no longer have a use for it. 1780 s.state.set(mSpanDead) 1781 h.freeMSpanLocked(s) 1782 } 1783 1784 // scavengeAll acquires the heap lock (blocking any additional 1785 // manipulation of the page allocator) and iterates over the whole 1786 // heap, scavenging every free page available. 1787 // 1788 // Must run on the system stack because it acquires the heap lock. 1789 // 1790 //go:systemstack 1791 func (h *mheap) scavengeAll() { 1792 // Disallow malloc or panic while holding the heap lock. We do 1793 // this here because this is a non-mallocgc entry-point to 1794 // the mheap API. 1795 gp := getg() 1796 gp.m.mallocing++ 1797 1798 // Force scavenge everything. 1799 released := h.pages.scavenge(^uintptr(0), nil, true) 1800 1801 gp.m.mallocing-- 1802 1803 if debug.scavtrace > 0 { 1804 printScavTrace(0, released, true) 1805 } 1806 } 1807 1808 //go:linkname runtime_debug_freeOSMemory runtime/debug.freeOSMemory 1809 func runtime_debug_freeOSMemory() { 1810 GC() 1811 systemstack(func() { mheap_.scavengeAll() }) 1812 } 1813 1814 // Initialize a new span with the given start and npages. 1815 func (span *mspan) init(base uintptr, npages uintptr) { 1816 // span is *not* zeroed. 1817 span.next = nil 1818 span.prev = nil 1819 span.list = nil 1820 span.startAddr = base 1821 span.npages = npages 1822 span.limit = base + npages*gc.PageSize // see go.dev/issue/74288; adjusted later for heap spans 1823 span.allocCount = 0 1824 span.spanclass = 0 1825 span.elemsize = 0 1826 span.speciallock.key = 0 1827 span.specials = nil 1828 span.needzero = 0 1829 span.freeindex = 0 1830 span.freeIndexForScan = 0 1831 span.allocBits = nil 1832 span.gcmarkBits = nil 1833 span.pinnerBits = nil 1834 span.state.set(mSpanDead) 1835 lockInit(&span.speciallock, lockRankMspanSpecial) 1836 } 1837 1838 func (span *mspan) inList() bool { 1839 return span.list != nil 1840 } 1841 1842 // mSpanList heads a linked list of spans. 1843 type mSpanList struct { 1844 _ sys.NotInHeap 1845 first *mspan // first span in list, or nil if none 1846 last *mspan // last span in list, or nil if none 1847 } 1848 1849 // Initialize an empty doubly-linked list. 1850 func (list *mSpanList) init() { 1851 list.first = nil 1852 list.last = nil 1853 } 1854 1855 func (list *mSpanList) remove(span *mspan) { 1856 if span.list != list { 1857 print("runtime: failed mSpanList.remove span.npages=", span.npages, 1858 " span=", span, " prev=", span.prev, " span.list=", span.list, " list=", list, "\n") 1859 throw("mSpanList.remove") 1860 } 1861 if list.first == span { 1862 list.first = span.next 1863 } else { 1864 span.prev.next = span.next 1865 } 1866 if list.last == span { 1867 list.last = span.prev 1868 } else { 1869 span.next.prev = span.prev 1870 } 1871 span.next = nil 1872 span.prev = nil 1873 span.list = nil 1874 } 1875 1876 func (list *mSpanList) isEmpty() bool { 1877 return list.first == nil 1878 } 1879 1880 func (list *mSpanList) insert(span *mspan) { 1881 if span.next != nil || span.prev != nil || span.list != nil { 1882 println("runtime: failed mSpanList.insert", span, span.next, span.prev, span.list) 1883 throw("mSpanList.insert") 1884 } 1885 span.next = list.first 1886 if list.first != nil { 1887 // The list contains at least one span; link it in. 1888 // The last span in the list doesn't change. 1889 list.first.prev = span 1890 } else { 1891 // The list contains no spans, so this is also the last span. 1892 list.last = span 1893 } 1894 list.first = span 1895 span.list = list 1896 } 1897 1898 func (list *mSpanList) insertBack(span *mspan) { 1899 if span.next != nil || span.prev != nil || span.list != nil { 1900 println("runtime: failed mSpanList.insertBack", span, span.next, span.prev, span.list) 1901 throw("mSpanList.insertBack") 1902 } 1903 span.prev = list.last 1904 if list.last != nil { 1905 // The list contains at least one span. 1906 list.last.next = span 1907 } else { 1908 // The list contains no spans, so this is also the first span. 1909 list.first = span 1910 } 1911 list.last = span 1912 span.list = list 1913 } 1914 1915 // takeAll removes all spans from other and inserts them at the front 1916 // of list. 1917 func (list *mSpanList) takeAll(other *mSpanList) { 1918 if other.isEmpty() { 1919 return 1920 } 1921 1922 // Reparent everything in other to list. 1923 for s := other.first; s != nil; s = s.next { 1924 s.list = list 1925 } 1926 1927 // Concatenate the lists. 1928 if list.isEmpty() { 1929 *list = *other 1930 } else { 1931 // Neither list is empty. Put other before list. 1932 other.last.next = list.first 1933 list.first.prev = other.last 1934 list.first = other.first 1935 } 1936 1937 other.first, other.last = nil, nil 1938 } 1939 1940 // mSpanQueue is like an mSpanList but is FIFO instead of LIFO and may 1941 // be allocated on the stack. (mSpanList can be visible from the mspan 1942 // itself, so it is marked as not-in-heap). 1943 type mSpanQueue struct { 1944 head, tail *mspan 1945 n int 1946 } 1947 1948 // push adds s to the end of the queue. 1949 func (q *mSpanQueue) push(s *mspan) { 1950 if s.next != nil { 1951 throw("span already on list") 1952 } 1953 if q.tail == nil { 1954 q.tail, q.head = s, s 1955 } else { 1956 q.tail.next = s 1957 q.tail = s 1958 } 1959 q.n++ 1960 } 1961 1962 // pop removes a span from the head of the queue, if any. 1963 func (q *mSpanQueue) pop() *mspan { 1964 if q.head == nil { 1965 return nil 1966 } 1967 s := q.head 1968 q.head = s.next 1969 s.next = nil 1970 if q.head == nil { 1971 q.tail = nil 1972 } 1973 q.n-- 1974 return s 1975 } 1976 1977 // takeAll removes all the spans from q2 and adds them to the end of q1, in order. 1978 func (q1 *mSpanQueue) takeAll(q2 *mSpanQueue) { 1979 if q2.head == nil { 1980 return 1981 } 1982 if q1.head == nil { 1983 *q1 = *q2 1984 } else { 1985 q1.tail.next = q2.head 1986 q1.tail = q2.tail 1987 q1.n += q2.n 1988 } 1989 q2.tail = nil 1990 q2.head = nil 1991 q2.n = 0 1992 } 1993 1994 // popN removes n spans from the head of the queue and returns them as a new queue. 1995 func (q *mSpanQueue) popN(n int) mSpanQueue { 1996 var newQ mSpanQueue 1997 if n <= 0 { 1998 return newQ 1999 } 2000 if n >= q.n { 2001 newQ = *q 2002 q.tail = nil 2003 q.head = nil 2004 q.n = 0 2005 return newQ 2006 } 2007 s := q.head 2008 for range n - 1 { 2009 s = s.next 2010 } 2011 q.n -= n 2012 newQ.head = q.head 2013 newQ.tail = s 2014 newQ.n = n 2015 q.head = s.next 2016 s.next = nil 2017 return newQ 2018 } 2019 2020 const ( 2021 // _KindSpecialTinyBlock indicates that a given allocation is a tiny block. 2022 // Ordered before KindSpecialFinalizer and KindSpecialCleanup so that it 2023 // always appears first in the specials list. 2024 // Used only if debug.checkfinalizers != 0. 2025 _KindSpecialTinyBlock = 1 2026 // _KindSpecialFinalizer is for tracking finalizers. 2027 _KindSpecialFinalizer = 2 2028 // _KindSpecialWeakHandle is used for creating weak pointers. 2029 _KindSpecialWeakHandle = 3 2030 // _KindSpecialProfile is for memory profiling. 2031 _KindSpecialProfile = 4 2032 // _KindSpecialReachable is a special used for tracking 2033 // reachability during testing. 2034 _KindSpecialReachable = 5 2035 // _KindSpecialPinCounter is a special used for objects that are pinned 2036 // multiple times 2037 _KindSpecialPinCounter = 6 2038 // _KindSpecialCleanup is for tracking cleanups. 2039 _KindSpecialCleanup = 7 2040 // _KindSpecialCheckFinalizer adds additional context to a finalizer or cleanup. 2041 // Used only if debug.checkfinalizers != 0. 2042 _KindSpecialCheckFinalizer = 8 2043 // _KindSpecialBubble is used to associate objects with synctest bubbles. 2044 _KindSpecialBubble = 9 2045 ) 2046 2047 type special struct { 2048 _ sys.NotInHeap 2049 next *special // linked list in span 2050 offset uintptr // span offset of object 2051 kind byte // kind of special 2052 } 2053 2054 // spanHasSpecials marks a span as having specials in the arena bitmap. 2055 func spanHasSpecials(s *mspan) { 2056 arenaPage := (s.base() / pageSize) % pagesPerArena 2057 ai := arenaIndex(s.base()) 2058 ha := mheap_.arenas[ai.l1()][ai.l2()] 2059 atomic.Or8(&ha.pageSpecials[arenaPage/8], uint8(1)<<(arenaPage%8)) 2060 } 2061 2062 // spanHasNoSpecials marks a span as having no specials in the arena bitmap. 2063 func spanHasNoSpecials(s *mspan) { 2064 arenaPage := (s.base() / pageSize) % pagesPerArena 2065 ai := arenaIndex(s.base()) 2066 ha := mheap_.arenas[ai.l1()][ai.l2()] 2067 atomic.And8(&ha.pageSpecials[arenaPage/8], ^(uint8(1) << (arenaPage % 8))) 2068 } 2069 2070 // addspecial adds the special record s to the list of special records for 2071 // the object p. All fields of s should be filled in except for 2072 // offset & next, which this routine will fill in. 2073 // Returns true if the special was successfully added, false otherwise. 2074 // (The add will fail only if a record with the same p and s->kind 2075 // already exists unless force is set to true.) 2076 func addspecial(p unsafe.Pointer, s *special, force bool) bool { 2077 span := spanOfHeap(uintptr(p)) 2078 if span == nil { 2079 throw("addspecial on invalid pointer") 2080 } 2081 2082 // Ensure that the span is swept. 2083 // Sweeping accesses the specials list w/o locks, so we have 2084 // to synchronize with it. And it's just much safer. 2085 mp := acquirem() 2086 span.ensureSwept() 2087 2088 offset := uintptr(p) - span.base() 2089 kind := s.kind 2090 2091 lock(&span.speciallock) 2092 2093 // Find splice point, check for existing record. 2094 iter, exists := span.specialFindSplicePoint(offset, kind) 2095 if !exists || force { 2096 // Splice in record, fill in offset. 2097 s.offset = offset 2098 s.next = *iter 2099 *iter = s 2100 spanHasSpecials(span) 2101 } 2102 2103 unlock(&span.speciallock) 2104 releasem(mp) 2105 // We're converting p to a uintptr and looking it up, and we 2106 // don't want it to die and get swept while we're doing so. 2107 KeepAlive(p) 2108 return !exists || force // already exists or addition was forced 2109 } 2110 2111 // Removes the Special record of the given kind for the object p. 2112 // Returns the record if the record existed, nil otherwise. 2113 // The caller must FixAlloc_Free the result. 2114 func removespecial(p unsafe.Pointer, kind uint8) *special { 2115 span := spanOfHeap(uintptr(p)) 2116 if span == nil { 2117 throw("removespecial on invalid pointer") 2118 } 2119 2120 // Ensure that the span is swept. 2121 // Sweeping accesses the specials list w/o locks, so we have 2122 // to synchronize with it. And it's just much safer. 2123 mp := acquirem() 2124 span.ensureSwept() 2125 2126 offset := uintptr(p) - span.base() 2127 2128 var result *special 2129 lock(&span.speciallock) 2130 2131 iter, exists := span.specialFindSplicePoint(offset, kind) 2132 if exists { 2133 s := *iter 2134 *iter = s.next 2135 result = s 2136 } 2137 if span.specials == nil { 2138 spanHasNoSpecials(span) 2139 } 2140 unlock(&span.speciallock) 2141 releasem(mp) 2142 return result 2143 } 2144 2145 // Find a splice point in the sorted list and check for an already existing 2146 // record. Returns a pointer to the next-reference in the list predecessor. 2147 // Returns true, if the referenced item is an exact match. 2148 func (span *mspan) specialFindSplicePoint(offset uintptr, kind byte) (**special, bool) { 2149 // Find splice point, check for existing record. 2150 iter := &span.specials 2151 found := false 2152 for { 2153 s := *iter 2154 if s == nil { 2155 break 2156 } 2157 if offset == s.offset && kind == s.kind { 2158 found = true 2159 break 2160 } 2161 if offset < s.offset || (offset == s.offset && kind < s.kind) { 2162 break 2163 } 2164 iter = &s.next 2165 } 2166 return iter, found 2167 } 2168 2169 // The described object has a finalizer set for it. 2170 // 2171 // specialfinalizer is allocated from non-GC'd memory, so any heap 2172 // pointers must be specially handled. 2173 type specialfinalizer struct { 2174 _ sys.NotInHeap 2175 special special 2176 fn *funcval // May be a heap pointer. 2177 nret uintptr 2178 fint *_type // May be a heap pointer, but always live. 2179 ot *ptrtype // May be a heap pointer, but always live. 2180 } 2181 2182 // Adds a finalizer to the object p. Returns true if it succeeded. 2183 func addfinalizer(p unsafe.Pointer, f *funcval, nret uintptr, fint *_type, ot *ptrtype) bool { 2184 lock(&mheap_.speciallock) 2185 s := (*specialfinalizer)(mheap_.specialfinalizeralloc.alloc()) 2186 unlock(&mheap_.speciallock) 2187 s.special.kind = _KindSpecialFinalizer 2188 s.fn = f 2189 s.nret = nret 2190 s.fint = fint 2191 s.ot = ot 2192 if addspecial(p, &s.special, false) { 2193 // This is responsible for maintaining the same 2194 // GC-related invariants as markrootSpans in any 2195 // situation where it's possible that markrootSpans 2196 // has already run but mark termination hasn't yet. 2197 if gcphase != _GCoff { 2198 base, span, _ := findObject(uintptr(p), 0, 0) 2199 mp := acquirem() 2200 gcw := &mp.p.ptr().gcw 2201 // Mark everything reachable from the object 2202 // so it's retained for the finalizer. 2203 if !span.spanclass.noscan() { 2204 scanObject(base, gcw) 2205 } 2206 // Mark the finalizer itself, since the 2207 // special isn't part of the GC'd heap. 2208 scanblock(uintptr(unsafe.Pointer(&s.fn)), goarch.PtrSize, &oneptrmask[0], gcw, nil) 2209 releasem(mp) 2210 } 2211 return true 2212 } 2213 2214 // There was an old finalizer 2215 lock(&mheap_.speciallock) 2216 mheap_.specialfinalizeralloc.free(unsafe.Pointer(s)) 2217 unlock(&mheap_.speciallock) 2218 return false 2219 } 2220 2221 // Removes the finalizer (if any) from the object p. 2222 func removefinalizer(p unsafe.Pointer) { 2223 s := (*specialfinalizer)(unsafe.Pointer(removespecial(p, _KindSpecialFinalizer))) 2224 if s == nil { 2225 return // there wasn't a finalizer to remove 2226 } 2227 lock(&mheap_.speciallock) 2228 mheap_.specialfinalizeralloc.free(unsafe.Pointer(s)) 2229 unlock(&mheap_.speciallock) 2230 } 2231 2232 // The described object has a cleanup set for it. 2233 type specialCleanup struct { 2234 _ sys.NotInHeap 2235 special special 2236 fn *funcval 2237 // Globally unique ID for the cleanup, obtained from mheap_.cleanupID. 2238 id uint64 2239 } 2240 2241 // addCleanup attaches a cleanup function to the object. Multiple 2242 // cleanups are allowed on an object, and even the same pointer. 2243 // A cleanup id is returned which can be used to uniquely identify 2244 // the cleanup. 2245 func addCleanup(p unsafe.Pointer, f *funcval) uint64 { 2246 lock(&mheap_.speciallock) 2247 s := (*specialCleanup)(mheap_.specialCleanupAlloc.alloc()) 2248 mheap_.cleanupID++ // Increment first. ID 0 is reserved. 2249 id := mheap_.cleanupID 2250 unlock(&mheap_.speciallock) 2251 s.special.kind = _KindSpecialCleanup 2252 s.fn = f 2253 s.id = id 2254 2255 mp := acquirem() 2256 addspecial(p, &s.special, true) 2257 // This is responsible for maintaining the same 2258 // GC-related invariants as markrootSpans in any 2259 // situation where it's possible that markrootSpans 2260 // has already run but mark termination hasn't yet. 2261 if gcphase != _GCoff { 2262 gcw := &mp.p.ptr().gcw 2263 // Mark the cleanup itself, since the 2264 // special isn't part of the GC'd heap. 2265 scanblock(uintptr(unsafe.Pointer(&s.fn)), goarch.PtrSize, &oneptrmask[0], gcw, nil) 2266 } 2267 releasem(mp) 2268 // Keep f alive. There's a window in this function where it's 2269 // only reachable via the special while the special hasn't been 2270 // added to the specials list yet. This is similar to a bug 2271 // discovered for weak handles, see #70455. 2272 KeepAlive(f) 2273 return id 2274 } 2275 2276 // Always paired with a specialCleanup or specialfinalizer, adds context. 2277 type specialCheckFinalizer struct { 2278 _ sys.NotInHeap 2279 special special 2280 cleanupID uint64 // Needed to disambiguate cleanups. 2281 createPC uintptr 2282 funcPC uintptr 2283 ptrType *_type 2284 } 2285 2286 // setFinalizerContext adds a specialCheckFinalizer to ptr. ptr must already have a 2287 // finalizer special attached. 2288 func setFinalizerContext(ptr unsafe.Pointer, ptrType *_type, createPC, funcPC uintptr) { 2289 setCleanupContext(ptr, ptrType, createPC, funcPC, 0) 2290 } 2291 2292 // setCleanupContext adds a specialCheckFinalizer to ptr. ptr must already have a 2293 // finalizer or cleanup special attached. Pass 0 for the cleanupID to indicate 2294 // a finalizer. 2295 func setCleanupContext(ptr unsafe.Pointer, ptrType *_type, createPC, funcPC uintptr, cleanupID uint64) { 2296 lock(&mheap_.speciallock) 2297 s := (*specialCheckFinalizer)(mheap_.specialCheckFinalizerAlloc.alloc()) 2298 unlock(&mheap_.speciallock) 2299 s.special.kind = _KindSpecialCheckFinalizer 2300 s.cleanupID = cleanupID 2301 s.createPC = createPC 2302 s.funcPC = funcPC 2303 s.ptrType = ptrType 2304 2305 mp := acquirem() 2306 addspecial(ptr, &s.special, true) 2307 releasem(mp) 2308 KeepAlive(ptr) 2309 } 2310 2311 func getCleanupContext(ptr uintptr, cleanupID uint64) *specialCheckFinalizer { 2312 assertWorldStopped() 2313 2314 span := spanOfHeap(ptr) 2315 if span == nil { 2316 return nil 2317 } 2318 var found *specialCheckFinalizer 2319 offset := ptr - span.base() 2320 iter, exists := span.specialFindSplicePoint(offset, _KindSpecialCheckFinalizer) 2321 if exists { 2322 for { 2323 s := *iter 2324 if s == nil { 2325 // Reached the end of the linked list. Stop searching at this point. 2326 break 2327 } 2328 if offset == s.offset && _KindSpecialCheckFinalizer == s.kind && 2329 (*specialCheckFinalizer)(unsafe.Pointer(s)).cleanupID == cleanupID { 2330 // The special is a cleanup and contains a matching cleanup id. 2331 *iter = s.next 2332 found = (*specialCheckFinalizer)(unsafe.Pointer(s)) 2333 break 2334 } 2335 if offset < s.offset || (offset == s.offset && _KindSpecialCheckFinalizer < s.kind) { 2336 // The special is outside the region specified for that kind of 2337 // special. The specials are sorted by kind. 2338 break 2339 } 2340 // Try the next special. 2341 iter = &s.next 2342 } 2343 } 2344 return found 2345 } 2346 2347 // clearFinalizerContext removes the specialCheckFinalizer for the given pointer, if any. 2348 func clearFinalizerContext(ptr uintptr) { 2349 clearCleanupContext(ptr, 0) 2350 } 2351 2352 // clearFinalizerContext removes the specialCheckFinalizer for the given pointer and cleanup ID, if any. 2353 func clearCleanupContext(ptr uintptr, cleanupID uint64) { 2354 // The following block removes the Special record of type cleanup for the object c.ptr. 2355 span := spanOfHeap(ptr) 2356 if span == nil { 2357 return 2358 } 2359 // Ensure that the span is swept. 2360 // Sweeping accesses the specials list w/o locks, so we have 2361 // to synchronize with it. And it's just much safer. 2362 mp := acquirem() 2363 span.ensureSwept() 2364 2365 offset := ptr - span.base() 2366 2367 var found *special 2368 lock(&span.speciallock) 2369 2370 iter, exists := span.specialFindSplicePoint(offset, _KindSpecialCheckFinalizer) 2371 if exists { 2372 for { 2373 s := *iter 2374 if s == nil { 2375 // Reached the end of the linked list. Stop searching at this point. 2376 break 2377 } 2378 if offset == s.offset && _KindSpecialCheckFinalizer == s.kind && 2379 (*specialCheckFinalizer)(unsafe.Pointer(s)).cleanupID == cleanupID { 2380 // The special is a cleanup and contains a matching cleanup id. 2381 *iter = s.next 2382 found = s 2383 break 2384 } 2385 if offset < s.offset || (offset == s.offset && _KindSpecialCheckFinalizer < s.kind) { 2386 // The special is outside the region specified for that kind of 2387 // special. The specials are sorted by kind. 2388 break 2389 } 2390 // Try the next special. 2391 iter = &s.next 2392 } 2393 } 2394 if span.specials == nil { 2395 spanHasNoSpecials(span) 2396 } 2397 unlock(&span.speciallock) 2398 releasem(mp) 2399 2400 if found == nil { 2401 return 2402 } 2403 lock(&mheap_.speciallock) 2404 mheap_.specialCheckFinalizerAlloc.free(unsafe.Pointer(found)) 2405 unlock(&mheap_.speciallock) 2406 } 2407 2408 // Indicates that an allocation is a tiny block. 2409 // Used only if debug.checkfinalizers != 0. 2410 type specialTinyBlock struct { 2411 _ sys.NotInHeap 2412 special special 2413 } 2414 2415 // setTinyBlockContext marks an allocation as a tiny block to diagnostics like 2416 // checkfinalizer. 2417 // 2418 // A tiny block is only marked if it actually contains more than one distinct 2419 // value, since we're using this for debugging. 2420 func setTinyBlockContext(ptr unsafe.Pointer) { 2421 lock(&mheap_.speciallock) 2422 s := (*specialTinyBlock)(mheap_.specialTinyBlockAlloc.alloc()) 2423 unlock(&mheap_.speciallock) 2424 s.special.kind = _KindSpecialTinyBlock 2425 2426 mp := acquirem() 2427 addspecial(ptr, &s.special, false) 2428 releasem(mp) 2429 KeepAlive(ptr) 2430 } 2431 2432 // inTinyBlock returns whether ptr is in a tiny alloc block, at one point grouped 2433 // with other distinct values. 2434 func inTinyBlock(ptr uintptr) bool { 2435 assertWorldStopped() 2436 2437 ptr = alignDown(ptr, maxTinySize) 2438 span := spanOfHeap(ptr) 2439 if span == nil { 2440 return false 2441 } 2442 offset := ptr - span.base() 2443 _, exists := span.specialFindSplicePoint(offset, _KindSpecialTinyBlock) 2444 return exists 2445 } 2446 2447 // The described object has a weak pointer. 2448 // 2449 // Weak pointers in the GC have the following invariants: 2450 // 2451 // - Strong-to-weak conversions must ensure the strong pointer 2452 // remains live until the weak handle is installed. This ensures 2453 // that creating a weak pointer cannot fail. 2454 // 2455 // - Weak-to-strong conversions require the weakly-referenced 2456 // object to be swept before the conversion may proceed. This 2457 // ensures that weak-to-strong conversions cannot resurrect 2458 // dead objects by sweeping them before that happens. 2459 // 2460 // - Weak handles are unique and canonical for each byte offset into 2461 // an object that a strong pointer may point to, until an object 2462 // becomes unreachable. 2463 // 2464 // - Weak handles contain nil as soon as an object becomes unreachable 2465 // the first time, before a finalizer makes it reachable again. New 2466 // weak handles created after resurrection are newly unique. 2467 // 2468 // specialWeakHandle is allocated from non-GC'd memory, so any heap 2469 // pointers must be specially handled. 2470 type specialWeakHandle struct { 2471 _ sys.NotInHeap 2472 special special 2473 // handle is a reference to the actual weak pointer. 2474 // It is always heap-allocated and must be explicitly kept 2475 // live so long as this special exists. 2476 handle *atomic.Uintptr 2477 } 2478 2479 //go:linkname internal_weak_runtime_registerWeakPointer weak.runtime_registerWeakPointer 2480 func internal_weak_runtime_registerWeakPointer(p unsafe.Pointer) unsafe.Pointer { 2481 return unsafe.Pointer(getOrAddWeakHandle(p)) 2482 } 2483 2484 //go:linkname internal_weak_runtime_makeStrongFromWeak weak.runtime_makeStrongFromWeak 2485 func internal_weak_runtime_makeStrongFromWeak(u unsafe.Pointer) unsafe.Pointer { 2486 handle := (*atomic.Uintptr)(u) 2487 2488 // Prevent preemption. We want to make sure that another GC cycle can't start 2489 // and that work.strongFromWeak.block can't change out from under us. 2490 mp := acquirem() 2491 2492 // Yield to the GC if necessary. 2493 if work.strongFromWeak.block { 2494 releasem(mp) 2495 2496 // Try to park and wait for mark termination. 2497 // N.B. gcParkStrongFromWeak calls acquirem before returning. 2498 mp = gcParkStrongFromWeak() 2499 } 2500 2501 p := handle.Load() 2502 if p == 0 { 2503 releasem(mp) 2504 return nil 2505 } 2506 // Be careful. p may or may not refer to valid memory anymore, as it could've been 2507 // swept and released already. It's always safe to ensure a span is swept, though, 2508 // even if it's just some random span. 2509 span := spanOfHeap(p) 2510 if span == nil { 2511 // If it's immortal, then just return the pointer. 2512 // 2513 // Stay non-preemptible so the GC can't see us convert this potentially 2514 // completely bogus value to an unsafe.Pointer. 2515 if isGoPointerWithoutSpan(unsafe.Pointer(p)) { 2516 releasem(mp) 2517 return unsafe.Pointer(p) 2518 } 2519 // It's heap-allocated, so the span probably just got swept and released. 2520 releasem(mp) 2521 return nil 2522 } 2523 // Ensure the span is swept. 2524 span.ensureSwept() 2525 2526 // Now we can trust whatever we get from handle, so make a strong pointer. 2527 // 2528 // Even if we just swept some random span that doesn't contain this object, because 2529 // this object is long dead and its memory has since been reused, we'll just observe nil. 2530 ptr := unsafe.Pointer(handle.Load()) 2531 2532 // This is responsible for maintaining the same GC-related 2533 // invariants as the Yuasa part of the write barrier. During 2534 // the mark phase, it's possible that we just created the only 2535 // valid pointer to the object pointed to by ptr. If it's only 2536 // ever referenced from our stack, and our stack is blackened 2537 // already, we could fail to mark it. So, mark it now. 2538 if gcphase != _GCoff { 2539 shade(uintptr(ptr)) 2540 } 2541 releasem(mp) 2542 2543 // Explicitly keep ptr alive. This seems unnecessary since we return ptr, 2544 // but let's be explicit since it's important we keep ptr alive across the 2545 // call to shade. 2546 KeepAlive(ptr) 2547 return ptr 2548 } 2549 2550 // gcParkStrongFromWeak puts the current goroutine on the weak->strong queue and parks. 2551 func gcParkStrongFromWeak() *m { 2552 // Prevent preemption as we check strongFromWeak, so it can't change out from under us. 2553 mp := acquirem() 2554 2555 for work.strongFromWeak.block { 2556 lock(&work.strongFromWeak.lock) 2557 releasem(mp) // N.B. Holding the lock prevents preemption. 2558 2559 // Queue ourselves up. 2560 work.strongFromWeak.q.pushBack(getg()) 2561 2562 // Park. 2563 goparkunlock(&work.strongFromWeak.lock, waitReasonGCWeakToStrongWait, traceBlockGCWeakToStrongWait, 2) 2564 2565 // Re-acquire the current M since we're going to check the condition again. 2566 mp = acquirem() 2567 2568 // Re-check condition. We may have awoken in the next GC's mark termination phase. 2569 } 2570 return mp 2571 } 2572 2573 // gcWakeAllStrongFromWeak wakes all currently blocked weak->strong 2574 // conversions. This is used at the end of a GC cycle. 2575 // 2576 // work.strongFromWeak.block must be false to prevent woken goroutines 2577 // from immediately going back to sleep. 2578 func gcWakeAllStrongFromWeak() { 2579 lock(&work.strongFromWeak.lock) 2580 list := work.strongFromWeak.q.popList() 2581 injectglist(&list) 2582 unlock(&work.strongFromWeak.lock) 2583 } 2584 2585 // Retrieves or creates a weak pointer handle for the object p. 2586 func getOrAddWeakHandle(p unsafe.Pointer) *atomic.Uintptr { 2587 if debug.sbrk != 0 { 2588 // debug.sbrk never frees memory, so it'll never go nil. However, we do still 2589 // need a weak handle that's specific to p. Use the immortal weak handle map. 2590 // Keep p alive across the call to getOrAdd defensively, though it doesn't 2591 // really matter in this particular case. 2592 handle := mheap_.immortalWeakHandles.getOrAdd(uintptr(p)) 2593 KeepAlive(p) 2594 return handle 2595 } 2596 2597 // First try to retrieve without allocating. 2598 if handle := getWeakHandle(p); handle != nil { 2599 // Keep p alive for the duration of the function to ensure 2600 // that it cannot die while we're trying to do this. 2601 KeepAlive(p) 2602 return handle 2603 } 2604 2605 lock(&mheap_.speciallock) 2606 s := (*specialWeakHandle)(mheap_.specialWeakHandleAlloc.alloc()) 2607 unlock(&mheap_.speciallock) 2608 2609 handle := new(atomic.Uintptr) 2610 s.special.kind = _KindSpecialWeakHandle 2611 s.handle = handle 2612 handle.Store(uintptr(p)) 2613 if addspecial(p, &s.special, false) { 2614 // This is responsible for maintaining the same 2615 // GC-related invariants as markrootSpans in any 2616 // situation where it's possible that markrootSpans 2617 // has already run but mark termination hasn't yet. 2618 if gcphase != _GCoff { 2619 mp := acquirem() 2620 gcw := &mp.p.ptr().gcw 2621 // Mark the weak handle itself, since the 2622 // special isn't part of the GC'd heap. 2623 scanblock(uintptr(unsafe.Pointer(&s.handle)), goarch.PtrSize, &oneptrmask[0], gcw, nil) 2624 releasem(mp) 2625 } 2626 2627 // Keep p alive for the duration of the function to ensure 2628 // that it cannot die while we're trying to do this. 2629 // 2630 // Same for handle, which is only stored in the special. 2631 // There's a window where it might die if we don't keep it 2632 // alive explicitly. Returning it here is probably good enough, 2633 // but let's be defensive and explicit. See #70455. 2634 KeepAlive(p) 2635 KeepAlive(handle) 2636 return handle 2637 } 2638 2639 // There was an existing handle. Free the special 2640 // and try again. We must succeed because we're explicitly 2641 // keeping p live until the end of this function. Either 2642 // we, or someone else, must have succeeded, because we can 2643 // only fail in the event of a race, and p will still be 2644 // be valid no matter how much time we spend here. 2645 lock(&mheap_.speciallock) 2646 mheap_.specialWeakHandleAlloc.free(unsafe.Pointer(s)) 2647 unlock(&mheap_.speciallock) 2648 2649 handle = getWeakHandle(p) 2650 if handle == nil { 2651 throw("failed to get or create weak handle") 2652 } 2653 2654 // Keep p alive for the duration of the function to ensure 2655 // that it cannot die while we're trying to do this. 2656 // 2657 // Same for handle, just to be defensive. 2658 KeepAlive(p) 2659 KeepAlive(handle) 2660 return handle 2661 } 2662 2663 func getWeakHandle(p unsafe.Pointer) *atomic.Uintptr { 2664 span := spanOfHeap(uintptr(p)) 2665 if span == nil { 2666 if isGoPointerWithoutSpan(p) { 2667 return mheap_.immortalWeakHandles.getOrAdd(uintptr(p)) 2668 } 2669 throw("getWeakHandle on invalid pointer") 2670 } 2671 2672 // Ensure that the span is swept. 2673 // Sweeping accesses the specials list w/o locks, so we have 2674 // to synchronize with it. And it's just much safer. 2675 mp := acquirem() 2676 span.ensureSwept() 2677 2678 offset := uintptr(p) - span.base() 2679 2680 lock(&span.speciallock) 2681 2682 // Find the existing record and return the handle if one exists. 2683 var handle *atomic.Uintptr 2684 iter, exists := span.specialFindSplicePoint(offset, _KindSpecialWeakHandle) 2685 if exists { 2686 handle = ((*specialWeakHandle)(unsafe.Pointer(*iter))).handle 2687 } 2688 unlock(&span.speciallock) 2689 releasem(mp) 2690 2691 // Keep p alive for the duration of the function to ensure 2692 // that it cannot die while we're trying to do this. 2693 KeepAlive(p) 2694 return handle 2695 } 2696 2697 type immortalWeakHandleMap struct { 2698 root atomic.UnsafePointer // *immortalWeakHandle (can't use generics because it's notinheap) 2699 } 2700 2701 // immortalWeakHandle is a lock-free append-only hash-trie. 2702 // 2703 // Key features: 2704 // - 2-ary trie. Child nodes are indexed by the highest bit (remaining) of the hash of the address. 2705 // - New nodes are placed at the first empty level encountered. 2706 // - When the first child is added to a node, the existing value is not moved into a child. 2707 // This means that we must check the value at each level, not just at the leaf. 2708 // - No deletion or rebalancing. 2709 // - Intentionally devolves into a linked list on hash collisions (the hash bits will all 2710 // get shifted out during iteration, and new nodes will just be appended to the 0th child). 2711 type immortalWeakHandle struct { 2712 _ sys.NotInHeap 2713 2714 children [2]atomic.UnsafePointer // *immortalObjectMapNode (can't use generics because it's notinheap) 2715 ptr uintptr // &ptr is the weak handle 2716 } 2717 2718 // handle returns a canonical weak handle. 2719 func (h *immortalWeakHandle) handle() *atomic.Uintptr { 2720 // N.B. Since we just need an *atomic.Uintptr that never changes, we can trivially 2721 // reference ptr to save on some memory in immortalWeakHandle and avoid extra atomics 2722 // in getOrAdd. 2723 return (*atomic.Uintptr)(unsafe.Pointer(&h.ptr)) 2724 } 2725 2726 // getOrAdd introduces p, which must be a pointer to immortal memory (for example, a linker-allocated 2727 // object) and returns a weak handle. The weak handle will never become nil. 2728 func (tab *immortalWeakHandleMap) getOrAdd(p uintptr) *atomic.Uintptr { 2729 var newNode *immortalWeakHandle 2730 m := &tab.root 2731 hash := memhash(abi.NoEscape(unsafe.Pointer(&p)), 0, goarch.PtrSize) 2732 hashIter := hash 2733 for { 2734 n := (*immortalWeakHandle)(m.Load()) 2735 if n == nil { 2736 // Try to insert a new map node. We may end up discarding 2737 // this node if we fail to insert because it turns out the 2738 // value is already in the map. 2739 // 2740 // The discard will only happen if two threads race on inserting 2741 // the same value. Both might create nodes, but only one will 2742 // succeed on insertion. If two threads race to insert two 2743 // different values, then both nodes will *always* get inserted, 2744 // because the equality checking below will always fail. 2745 // 2746 // Performance note: contention on insertion is likely to be 2747 // higher for small maps, but since this data structure is 2748 // append-only, either the map stays small because there isn't 2749 // much activity, or the map gets big and races to insert on 2750 // the same node are much less likely. 2751 if newNode == nil { 2752 newNode = (*immortalWeakHandle)(persistentalloc(unsafe.Sizeof(immortalWeakHandle{}), goarch.PtrSize, &memstats.gcMiscSys)) 2753 newNode.ptr = p 2754 } 2755 if m.CompareAndSwapNoWB(nil, unsafe.Pointer(newNode)) { 2756 return newNode.handle() 2757 } 2758 // Reload n. Because pointers are only stored once, 2759 // we must have lost the race, and therefore n is not nil 2760 // anymore. 2761 n = (*immortalWeakHandle)(m.Load()) 2762 } 2763 if n.ptr == p { 2764 return n.handle() 2765 } 2766 m = &n.children[hashIter>>(8*goarch.PtrSize-1)] 2767 hashIter <<= 1 2768 } 2769 } 2770 2771 // The described object is being heap profiled. 2772 type specialprofile struct { 2773 _ sys.NotInHeap 2774 special special 2775 b *bucket 2776 } 2777 2778 // Set the heap profile bucket associated with addr to b. 2779 func setprofilebucket(p unsafe.Pointer, b *bucket) { 2780 lock(&mheap_.speciallock) 2781 s := (*specialprofile)(mheap_.specialprofilealloc.alloc()) 2782 unlock(&mheap_.speciallock) 2783 s.special.kind = _KindSpecialProfile 2784 s.b = b 2785 if !addspecial(p, &s.special, false) { 2786 throw("setprofilebucket: profile already set") 2787 } 2788 } 2789 2790 // specialReachable tracks whether an object is reachable on the next 2791 // GC cycle. This is used by testing. 2792 type specialReachable struct { 2793 special special 2794 done bool 2795 reachable bool 2796 } 2797 2798 // specialPinCounter tracks whether an object is pinned multiple times. 2799 type specialPinCounter struct { 2800 special special 2801 counter uintptr 2802 } 2803 2804 // specialsIter helps iterate over specials lists. 2805 type specialsIter struct { 2806 pprev **special 2807 s *special 2808 } 2809 2810 func newSpecialsIter(span *mspan) specialsIter { 2811 return specialsIter{&span.specials, span.specials} 2812 } 2813 2814 func (i *specialsIter) valid() bool { 2815 return i.s != nil 2816 } 2817 2818 func (i *specialsIter) next() { 2819 i.pprev = &i.s.next 2820 i.s = *i.pprev 2821 } 2822 2823 // unlinkAndNext removes the current special from the list and moves 2824 // the iterator to the next special. It returns the unlinked special. 2825 func (i *specialsIter) unlinkAndNext() *special { 2826 cur := i.s 2827 i.s = cur.next 2828 *i.pprev = i.s 2829 return cur 2830 } 2831 2832 // freeSpecial performs any cleanup on special s and deallocates it. 2833 // s must already be unlinked from the specials list. 2834 func freeSpecial(s *special, p unsafe.Pointer, size uintptr) { 2835 switch s.kind { 2836 case _KindSpecialFinalizer: 2837 sf := (*specialfinalizer)(unsafe.Pointer(s)) 2838 queuefinalizer(p, sf.fn, sf.nret, sf.fint, sf.ot) 2839 lock(&mheap_.speciallock) 2840 mheap_.specialfinalizeralloc.free(unsafe.Pointer(sf)) 2841 unlock(&mheap_.speciallock) 2842 case _KindSpecialWeakHandle: 2843 sw := (*specialWeakHandle)(unsafe.Pointer(s)) 2844 sw.handle.Store(0) 2845 lock(&mheap_.speciallock) 2846 mheap_.specialWeakHandleAlloc.free(unsafe.Pointer(s)) 2847 unlock(&mheap_.speciallock) 2848 case _KindSpecialProfile: 2849 sp := (*specialprofile)(unsafe.Pointer(s)) 2850 mProf_Free(sp.b, size) 2851 lock(&mheap_.speciallock) 2852 mheap_.specialprofilealloc.free(unsafe.Pointer(sp)) 2853 unlock(&mheap_.speciallock) 2854 case _KindSpecialReachable: 2855 sp := (*specialReachable)(unsafe.Pointer(s)) 2856 sp.done = true 2857 // The creator frees these. 2858 case _KindSpecialPinCounter: 2859 lock(&mheap_.speciallock) 2860 mheap_.specialPinCounterAlloc.free(unsafe.Pointer(s)) 2861 unlock(&mheap_.speciallock) 2862 case _KindSpecialCleanup: 2863 sc := (*specialCleanup)(unsafe.Pointer(s)) 2864 // Cleanups, unlike finalizers, do not resurrect the objects 2865 // they're attached to, so we only need to pass the cleanup 2866 // function, not the object. 2867 gcCleanups.enqueue(sc.fn) 2868 lock(&mheap_.speciallock) 2869 mheap_.specialCleanupAlloc.free(unsafe.Pointer(sc)) 2870 unlock(&mheap_.speciallock) 2871 case _KindSpecialCheckFinalizer: 2872 sc := (*specialCheckFinalizer)(unsafe.Pointer(s)) 2873 lock(&mheap_.speciallock) 2874 mheap_.specialCheckFinalizerAlloc.free(unsafe.Pointer(sc)) 2875 unlock(&mheap_.speciallock) 2876 case _KindSpecialTinyBlock: 2877 st := (*specialTinyBlock)(unsafe.Pointer(s)) 2878 lock(&mheap_.speciallock) 2879 mheap_.specialTinyBlockAlloc.free(unsafe.Pointer(st)) 2880 unlock(&mheap_.speciallock) 2881 case _KindSpecialBubble: 2882 st := (*specialBubble)(unsafe.Pointer(s)) 2883 lock(&mheap_.speciallock) 2884 mheap_.specialBubbleAlloc.free(unsafe.Pointer(st)) 2885 unlock(&mheap_.speciallock) 2886 default: 2887 throw("bad special kind") 2888 panic("not reached") 2889 } 2890 } 2891 2892 // gcBits is an alloc/mark bitmap. This is always used as gcBits.x. 2893 type gcBits struct { 2894 _ sys.NotInHeap 2895 x uint8 2896 } 2897 2898 // bytep returns a pointer to the n'th byte of b. 2899 func (b *gcBits) bytep(n uintptr) *uint8 { 2900 return addb(&b.x, n) 2901 } 2902 2903 // bitp returns a pointer to the byte containing bit n and a mask for 2904 // selecting that bit from *bytep. 2905 func (b *gcBits) bitp(n uintptr) (bytep *uint8, mask uint8) { 2906 return b.bytep(n / 8), 1 << (n % 8) 2907 } 2908 2909 const gcBitsChunkBytes = uintptr(64 << 10) 2910 const gcBitsHeaderBytes = unsafe.Sizeof(gcBitsHeader{}) 2911 2912 type gcBitsHeader struct { 2913 free uintptr // free is the index into bits of the next free byte. 2914 next uintptr // *gcBits triggers recursive type bug. (issue 14620) 2915 } 2916 2917 type gcBitsArena struct { 2918 _ sys.NotInHeap 2919 // gcBitsHeader // side step recursive type bug (issue 14620) by including fields by hand. 2920 free uintptr // free is the index into bits of the next free byte; read/write atomically 2921 next *gcBitsArena 2922 bits [gcBitsChunkBytes - gcBitsHeaderBytes]gcBits 2923 } 2924 2925 var gcBitsArenas struct { 2926 lock mutex 2927 free *gcBitsArena 2928 next *gcBitsArena // Read atomically. Write atomically under lock. 2929 current *gcBitsArena 2930 previous *gcBitsArena 2931 } 2932 2933 // tryAlloc allocates from b or returns nil if b does not have enough room. 2934 // This is safe to call concurrently. 2935 func (b *gcBitsArena) tryAlloc(bytes uintptr) *gcBits { 2936 if b == nil || atomic.Loaduintptr(&b.free)+bytes > uintptr(len(b.bits)) { 2937 return nil 2938 } 2939 // Try to allocate from this block. 2940 end := atomic.Xadduintptr(&b.free, bytes) 2941 if end > uintptr(len(b.bits)) { 2942 return nil 2943 } 2944 // There was enough room. 2945 start := end - bytes 2946 return &b.bits[start] 2947 } 2948 2949 // newMarkBits returns a pointer to 8 byte aligned bytes 2950 // to be used for a span's mark bits. 2951 func newMarkBits(nelems uintptr) *gcBits { 2952 blocksNeeded := (nelems + 63) / 64 2953 bytesNeeded := blocksNeeded * 8 2954 2955 // Try directly allocating from the current head arena. 2956 head := (*gcBitsArena)(atomic.Loadp(unsafe.Pointer(&gcBitsArenas.next))) 2957 if p := head.tryAlloc(bytesNeeded); p != nil { 2958 return p 2959 } 2960 2961 // There's not enough room in the head arena. We may need to 2962 // allocate a new arena. 2963 lock(&gcBitsArenas.lock) 2964 // Try the head arena again, since it may have changed. Now 2965 // that we hold the lock, the list head can't change, but its 2966 // free position still can. 2967 if p := gcBitsArenas.next.tryAlloc(bytesNeeded); p != nil { 2968 unlock(&gcBitsArenas.lock) 2969 return p 2970 } 2971 2972 // Allocate a new arena. This may temporarily drop the lock. 2973 fresh := newArenaMayUnlock() 2974 // If newArenaMayUnlock dropped the lock, another thread may 2975 // have put a fresh arena on the "next" list. Try allocating 2976 // from next again. 2977 if p := gcBitsArenas.next.tryAlloc(bytesNeeded); p != nil { 2978 // Put fresh back on the free list. 2979 // TODO: Mark it "already zeroed" 2980 fresh.next = gcBitsArenas.free 2981 gcBitsArenas.free = fresh 2982 unlock(&gcBitsArenas.lock) 2983 return p 2984 } 2985 2986 // Allocate from the fresh arena. We haven't linked it in yet, so 2987 // this cannot race and is guaranteed to succeed. 2988 p := fresh.tryAlloc(bytesNeeded) 2989 if p == nil { 2990 throw("markBits overflow") 2991 } 2992 2993 // Add the fresh arena to the "next" list. 2994 fresh.next = gcBitsArenas.next 2995 atomic.StorepNoWB(unsafe.Pointer(&gcBitsArenas.next), unsafe.Pointer(fresh)) 2996 2997 unlock(&gcBitsArenas.lock) 2998 return p 2999 } 3000 3001 // newAllocBits returns a pointer to 8 byte aligned bytes 3002 // to be used for this span's alloc bits. 3003 // newAllocBits is used to provide newly initialized spans 3004 // allocation bits. For spans not being initialized the 3005 // mark bits are repurposed as allocation bits when 3006 // the span is swept. 3007 func newAllocBits(nelems uintptr) *gcBits { 3008 return newMarkBits(nelems) 3009 } 3010 3011 // nextMarkBitArenaEpoch establishes a new epoch for the arenas 3012 // holding the mark bits. The arenas are named relative to the 3013 // current GC cycle which is demarcated by the call to finishweep_m. 3014 // 3015 // All current spans have been swept. 3016 // During that sweep each span allocated room for its gcmarkBits in 3017 // gcBitsArenas.next block. gcBitsArenas.next becomes the gcBitsArenas.current 3018 // where the GC will mark objects and after each span is swept these bits 3019 // will be used to allocate objects. 3020 // gcBitsArenas.current becomes gcBitsArenas.previous where the span's 3021 // gcAllocBits live until all the spans have been swept during this GC cycle. 3022 // The span's sweep extinguishes all the references to gcBitsArenas.previous 3023 // by pointing gcAllocBits into the gcBitsArenas.current. 3024 // The gcBitsArenas.previous is released to the gcBitsArenas.free list. 3025 func nextMarkBitArenaEpoch() { 3026 lock(&gcBitsArenas.lock) 3027 if gcBitsArenas.previous != nil { 3028 if gcBitsArenas.free == nil { 3029 gcBitsArenas.free = gcBitsArenas.previous 3030 } else { 3031 // Find end of previous arenas. 3032 last := gcBitsArenas.previous 3033 for last = gcBitsArenas.previous; last.next != nil; last = last.next { 3034 } 3035 last.next = gcBitsArenas.free 3036 gcBitsArenas.free = gcBitsArenas.previous 3037 } 3038 } 3039 gcBitsArenas.previous = gcBitsArenas.current 3040 gcBitsArenas.current = gcBitsArenas.next 3041 atomic.StorepNoWB(unsafe.Pointer(&gcBitsArenas.next), nil) // newMarkBits calls newArena when needed 3042 unlock(&gcBitsArenas.lock) 3043 } 3044 3045 // newArenaMayUnlock allocates and zeroes a gcBits arena. 3046 // The caller must hold gcBitsArena.lock. This may temporarily release it. 3047 func newArenaMayUnlock() *gcBitsArena { 3048 var result *gcBitsArena 3049 if gcBitsArenas.free == nil { 3050 unlock(&gcBitsArenas.lock) 3051 result = (*gcBitsArena)(sysAlloc(gcBitsChunkBytes, &memstats.gcMiscSys, "gc bits")) 3052 if result == nil { 3053 throw("runtime: cannot allocate memory") 3054 } 3055 lock(&gcBitsArenas.lock) 3056 } else { 3057 result = gcBitsArenas.free 3058 gcBitsArenas.free = gcBitsArenas.free.next 3059 memclrNoHeapPointers(unsafe.Pointer(result), gcBitsChunkBytes) 3060 } 3061 result.next = nil 3062 // If result.bits is not 8 byte aligned adjust index so 3063 // that &result.bits[result.free] is 8 byte aligned. 3064 if unsafe.Offsetof(gcBitsArena{}.bits)&7 == 0 { 3065 result.free = 0 3066 } else { 3067 result.free = 8 - (uintptr(unsafe.Pointer(&result.bits[0])) & 7) 3068 } 3069 return result 3070 } 3071