Source file src/runtime/mheap.go
1 // Copyright 2009 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Page heap. 6 // 7 // See malloc.go for overview. 8 9 package runtime 10 11 import ( 12 "internal/abi" 13 "internal/cpu" 14 "internal/goarch" 15 "internal/goexperiment" 16 "internal/runtime/atomic" 17 "internal/runtime/gc" 18 "internal/runtime/sys" 19 "unsafe" 20 ) 21 22 const ( 23 // minPhysPageSize is a lower-bound on the physical page size. The 24 // true physical page size may be larger than this. In contrast, 25 // sys.PhysPageSize is an upper-bound on the physical page size. 26 minPhysPageSize = 4096 27 28 // maxPhysPageSize is the maximum page size the runtime supports. 29 maxPhysPageSize = 512 << 10 30 31 // maxPhysHugePageSize sets an upper-bound on the maximum huge page size 32 // that the runtime supports. 33 maxPhysHugePageSize = pallocChunkBytes 34 35 // pagesPerReclaimerChunk indicates how many pages to scan from the 36 // pageInUse bitmap at a time. Used by the page reclaimer. 37 // 38 // Higher values reduce contention on scanning indexes (such as 39 // h.reclaimIndex), but increase the minimum latency of the 40 // operation. 41 // 42 // The time required to scan this many pages can vary a lot depending 43 // on how many spans are actually freed. Experimentally, it can 44 // scan for pages at ~300 GB/ms on a 2.6GHz Core i7, but can only 45 // free spans at ~32 MB/ms. Using 512 pages bounds this at 46 // roughly 100µs. 47 // 48 // Must be a multiple of the pageInUse bitmap element size and 49 // must also evenly divide pagesPerArena. 50 pagesPerReclaimerChunk = min(512, pagesPerArena) 51 52 // physPageAlignedStacks indicates whether stack allocations must be 53 // physical page aligned. This is a requirement for MAP_STACK on 54 // OpenBSD. 55 physPageAlignedStacks = GOOS == "openbsd" 56 ) 57 58 // Main malloc heap. 59 // The heap itself is the "free" and "scav" treaps, 60 // but all the other global data is here too. 61 // 62 // mheap must not be heap-allocated because it contains mSpanLists, 63 // which must not be heap-allocated. 64 type mheap struct { 65 _ sys.NotInHeap 66 67 // lock must only be acquired on the system stack, otherwise a g 68 // could self-deadlock if its stack grows with the lock held. 69 lock mutex 70 71 pages pageAlloc // page allocation data structure 72 73 sweepgen uint32 // sweep generation, see comment in mspan; written during STW 74 75 // allspans is a slice of all mspans ever created. Each mspan 76 // appears exactly once. 77 // 78 // The memory for allspans is manually managed and can be 79 // reallocated and move as the heap grows. 80 // 81 // In general, allspans is protected by mheap_.lock, which 82 // prevents concurrent access as well as freeing the backing 83 // store. Accesses during STW might not hold the lock, but 84 // must ensure that allocation cannot happen around the 85 // access (since that may free the backing store). 86 allspans []*mspan // all spans out there 87 88 // Proportional sweep 89 // 90 // These parameters represent a linear function from gcController.heapLive 91 // to page sweep count. The proportional sweep system works to 92 // stay in the black by keeping the current page sweep count 93 // above this line at the current gcController.heapLive. 94 // 95 // The line has slope sweepPagesPerByte and passes through a 96 // basis point at (sweepHeapLiveBasis, pagesSweptBasis). At 97 // any given time, the system is at (gcController.heapLive, 98 // pagesSwept) in this space. 99 // 100 // It is important that the line pass through a point we 101 // control rather than simply starting at a 0,0 origin 102 // because that lets us adjust sweep pacing at any time while 103 // accounting for current progress. If we could only adjust 104 // the slope, it would create a discontinuity in debt if any 105 // progress has already been made. 106 pagesInUse atomic.Uintptr // pages of spans in stats mSpanInUse 107 pagesSwept atomic.Uint64 // pages swept this cycle 108 pagesSweptBasis atomic.Uint64 // pagesSwept to use as the origin of the sweep ratio 109 sweepHeapLiveBasis uint64 // value of gcController.heapLive to use as the origin of sweep ratio; written with lock, read without 110 sweepPagesPerByte float64 // proportional sweep ratio; written with lock, read without 111 112 // Page reclaimer state 113 114 // reclaimIndex is the page index in heapArenas of next page to 115 // reclaim. Specifically, it refers to page (i % 116 // pagesPerArena) of arena heapArenas[i / pagesPerArena]. 117 // 118 // If this is >= 1<<63, the page reclaimer is done scanning 119 // the page marks. 120 reclaimIndex atomic.Uint64 121 122 // reclaimCredit is spare credit for extra pages swept. Since 123 // the page reclaimer works in large chunks, it may reclaim 124 // more than requested. Any spare pages released go to this 125 // credit pool. 126 reclaimCredit atomic.Uintptr 127 128 _ cpu.CacheLinePad // prevents false-sharing between arenas and preceding variables 129 130 // arenas is the heap arena map. It points to the metadata for 131 // the heap for every arena frame of the entire usable virtual 132 // address space. 133 // 134 // Use arenaIndex to compute indexes into this array. 135 // 136 // For regions of the address space that are not backed by the 137 // Go heap, the arena map contains nil. 138 // 139 // Modifications are protected by mheap_.lock. Reads can be 140 // performed without locking; however, a given entry can 141 // transition from nil to non-nil at any time when the lock 142 // isn't held. (Entries never transitions back to nil.) 143 // 144 // In general, this is a two-level mapping consisting of an L1 145 // map and possibly many L2 maps. This saves space when there 146 // are a huge number of arena frames. However, on many 147 // platforms (even 64-bit), arenaL1Bits is 0, making this 148 // effectively a single-level map. In this case, arenas[0] 149 // will never be nil. 150 arenas [1 << arenaL1Bits]*[1 << arenaL2Bits]*heapArena 151 152 // arenasHugePages indicates whether arenas' L2 entries are eligible 153 // to be backed by huge pages. 154 arenasHugePages bool 155 156 // heapArenaAlloc is pre-reserved space for allocating heapArena 157 // objects. This is only used on 32-bit, where we pre-reserve 158 // this space to avoid interleaving it with the heap itself. 159 heapArenaAlloc linearAlloc 160 161 // arenaHints is a list of addresses at which to attempt to 162 // add more heap arenas. This is initially populated with a 163 // set of general hint addresses, and grown with the bounds of 164 // actual heap arena ranges. 165 arenaHints *arenaHint 166 167 // arena is a pre-reserved space for allocating heap arenas 168 // (the actual arenas). This is only used on 32-bit. 169 arena linearAlloc 170 171 // heapArenas is the arenaIndex of every mapped arena mapped for the heap. 172 // This can be used to iterate through the heap address space. 173 // 174 // Access is protected by mheap_.lock. However, since this is 175 // append-only and old backing arrays are never freed, it is 176 // safe to acquire mheap_.lock, copy the slice header, and 177 // then release mheap_.lock. 178 heapArenas []arenaIdx 179 180 // userArenaArenas is the arenaIndex of every mapped arena mapped for 181 // user arenas. 182 // 183 // Access is protected by mheap_.lock. However, since this is 184 // append-only and old backing arrays are never freed, it is 185 // safe to acquire mheap_.lock, copy the slice header, and 186 // then release mheap_.lock. 187 userArenaArenas []arenaIdx 188 189 // sweepArenas is a snapshot of heapArenas taken at the 190 // beginning of the sweep cycle. This can be read safely by 191 // simply blocking GC (by disabling preemption). 192 sweepArenas []arenaIdx 193 194 // markArenas is a snapshot of heapArenas taken at the beginning 195 // of the mark cycle. Because heapArenas is append-only, neither 196 // this slice nor its contents will change during the mark, so 197 // it can be read safely. 198 markArenas []arenaIdx 199 200 // curArena is the arena that the heap is currently growing 201 // into. This should always be physPageSize-aligned. 202 curArena struct { 203 base, end uintptr 204 } 205 206 // central free lists for small size classes. 207 // the padding makes sure that the mcentrals are 208 // spaced CacheLinePadSize bytes apart, so that each mcentral.lock 209 // gets its own cache line. 210 // central is indexed by spanClass. 211 central [numSpanClasses]struct { 212 mcentral mcentral 213 pad [(cpu.CacheLinePadSize - unsafe.Sizeof(mcentral{})%cpu.CacheLinePadSize) % cpu.CacheLinePadSize]byte 214 } 215 216 spanalloc fixalloc // allocator for span 217 spanSPMCAlloc fixalloc // allocator for spanSPMC, protected by work.spanSPMCs.lock 218 cachealloc fixalloc // allocator for mcache 219 specialfinalizeralloc fixalloc // allocator for specialfinalizer 220 specialCleanupAlloc fixalloc // allocator for specialCleanup 221 specialCheckFinalizerAlloc fixalloc // allocator for specialCheckFinalizer 222 specialTinyBlockAlloc fixalloc // allocator for specialTinyBlock 223 specialprofilealloc fixalloc // allocator for specialprofile 224 specialReachableAlloc fixalloc // allocator for specialReachable 225 specialPinCounterAlloc fixalloc // allocator for specialPinCounter 226 specialWeakHandleAlloc fixalloc // allocator for specialWeakHandle 227 specialBubbleAlloc fixalloc // allocator for specialBubble 228 speciallock mutex // lock for special record allocators. 229 arenaHintAlloc fixalloc // allocator for arenaHints 230 231 // User arena state. 232 // 233 // Protected by mheap_.lock. 234 userArena struct { 235 // arenaHints is a list of addresses at which to attempt to 236 // add more heap arenas for user arena chunks. This is initially 237 // populated with a set of general hint addresses, and grown with 238 // the bounds of actual heap arena ranges. 239 arenaHints *arenaHint 240 241 // quarantineList is a list of user arena spans that have been set to fault, but 242 // are waiting for all pointers into them to go away. Sweeping handles 243 // identifying when this is true, and moves the span to the ready list. 244 quarantineList mSpanList 245 246 // readyList is a list of empty user arena spans that are ready for reuse. 247 readyList mSpanList 248 } 249 250 // cleanupID is a counter which is incremented each time a cleanup special is added 251 // to a span. It's used to create globally unique identifiers for individual cleanup. 252 // cleanupID is protected by mheap_.speciallock. It must only be incremented while holding 253 // the lock. ID 0 is reserved. Users should increment first, then read the value. 254 cleanupID uint64 255 256 _ cpu.CacheLinePad 257 258 immortalWeakHandles immortalWeakHandleMap 259 260 unused *specialfinalizer // never set, just here to force the specialfinalizer type into DWARF 261 } 262 263 var mheap_ mheap 264 265 // A heapArena stores metadata for a heap arena. heapArenas are stored 266 // outside of the Go heap and accessed via the mheap_.arenas index. 267 type heapArena struct { 268 _ sys.NotInHeap 269 270 // spans maps from virtual address page ID within this arena to *mspan. 271 // For allocated spans, their pages map to the span itself. 272 // For free spans, only the lowest and highest pages map to the span itself. 273 // Internal pages map to an arbitrary span. 274 // For pages that have never been allocated, spans entries are nil. 275 // 276 // Modifications are protected by mheap.lock. Reads can be 277 // performed without locking, but ONLY from indexes that are 278 // known to contain in-use or stack spans. This means there 279 // must not be a safe-point between establishing that an 280 // address is live and looking it up in the spans array. 281 spans [pagesPerArena]*mspan 282 283 // pageInUse is a bitmap that indicates which spans are in 284 // state mSpanInUse. This bitmap is indexed by page number, 285 // but only the bit corresponding to the first page in each 286 // span is used. 287 // 288 // Reads and writes are atomic. 289 pageInUse [pagesPerArena / 8]uint8 290 291 // pageMarks is a bitmap that indicates which spans have any 292 // marked objects on them. Like pageInUse, only the bit 293 // corresponding to the first page in each span is used. 294 // 295 // Writes are done atomically during marking. Reads are 296 // non-atomic and lock-free since they only occur during 297 // sweeping (and hence never race with writes). 298 // 299 // This is used to quickly find whole spans that can be freed. 300 // 301 // TODO(austin): It would be nice if this was uint64 for 302 // faster scanning, but we don't have 64-bit atomic bit 303 // operations. 304 pageMarks [pagesPerArena / 8]uint8 305 306 // pageSpecials is a bitmap that indicates which spans have 307 // specials (finalizers or other). Like pageInUse, only the bit 308 // corresponding to the first page in each span is used. 309 // 310 // Writes are done atomically whenever a special is added to 311 // a span and whenever the last special is removed from a span. 312 // Reads are done atomically to find spans containing specials 313 // during marking. 314 pageSpecials [pagesPerArena / 8]uint8 315 316 // pageUseSpanInlineMarkBits is a bitmap where each bit corresponds 317 // to a span, as only spans one page in size can have inline mark bits. 318 // The bit indicates that the span has a spanInlineMarkBits struct 319 // stored directly at the top end of the span's memory. 320 pageUseSpanInlineMarkBits [pagesPerArena / 8]uint8 321 322 // checkmarks stores the debug.gccheckmark state. It is only 323 // used if debug.gccheckmark > 0 or debug.checkfinalizers > 0. 324 checkmarks *checkmarksMap 325 326 // zeroedBase marks the first byte of the first page in this 327 // arena which hasn't been used yet and is therefore already 328 // zero. zeroedBase is relative to the arena base. 329 // Increases monotonically until it hits heapArenaBytes. 330 // 331 // This field is sufficient to determine if an allocation 332 // needs to be zeroed because the page allocator follows an 333 // address-ordered first-fit policy. 334 // 335 // Read atomically and written with an atomic CAS. 336 zeroedBase uintptr 337 } 338 339 // arenaHint is a hint for where to grow the heap arenas. See 340 // mheap_.arenaHints. 341 type arenaHint struct { 342 _ sys.NotInHeap 343 addr uintptr 344 down bool 345 next *arenaHint 346 } 347 348 // An mspan is a run of pages. 349 // 350 // When a mspan is in the heap free treap, state == mSpanFree 351 // and heapmap(s->start) == span, heapmap(s->start+s->npages-1) == span. 352 // If the mspan is in the heap scav treap, then in addition to the 353 // above scavenged == true. scavenged == false in all other cases. 354 // 355 // When a mspan is allocated, state == mSpanInUse or mSpanManual 356 // and heapmap(i) == span for all s->start <= i < s->start+s->npages. 357 358 // Every mspan is in one doubly-linked list, either in the mheap's 359 // busy list or one of the mcentral's span lists. 360 361 // An mspan representing actual memory has state mSpanInUse, 362 // mSpanManual, or mSpanFree. Transitions between these states are 363 // constrained as follows: 364 // 365 // - A span may transition from free to in-use or manual during any GC 366 // phase. 367 // 368 // - During sweeping (gcphase == _GCoff), a span may transition from 369 // in-use to free (as a result of sweeping) or manual to free (as a 370 // result of stacks being freed). 371 // 372 // - During GC (gcphase != _GCoff), a span *must not* transition from 373 // manual or in-use to free. Because concurrent GC may read a pointer 374 // and then look up its span, the span state must be monotonic. 375 // 376 // Setting mspan.state to mSpanInUse or mSpanManual must be done 377 // atomically and only after all other span fields are valid. 378 // Likewise, if inspecting a span is contingent on it being 379 // mSpanInUse, the state should be loaded atomically and checked 380 // before depending on other fields. This allows the garbage collector 381 // to safely deal with potentially invalid pointers, since resolving 382 // such pointers may race with a span being allocated. 383 type mSpanState uint8 384 385 const ( 386 mSpanDead mSpanState = iota 387 mSpanInUse // allocated for garbage collected heap 388 mSpanManual // allocated for manual management (e.g., stack allocator) 389 ) 390 391 // mSpanStateNames are the names of the span states, indexed by 392 // mSpanState. 393 var mSpanStateNames = []string{ 394 "mSpanDead", 395 "mSpanInUse", 396 "mSpanManual", 397 } 398 399 // mSpanStateBox holds an atomic.Uint8 to provide atomic operations on 400 // an mSpanState. This is a separate type to disallow accidental comparison 401 // or assignment with mSpanState. 402 type mSpanStateBox struct { 403 s atomic.Uint8 404 } 405 406 // It is nosplit to match get, below. 407 408 //go:nosplit 409 func (b *mSpanStateBox) set(s mSpanState) { 410 b.s.Store(uint8(s)) 411 } 412 413 // It is nosplit because it's called indirectly by typedmemclr, 414 // which must not be preempted. 415 416 //go:nosplit 417 func (b *mSpanStateBox) get() mSpanState { 418 return mSpanState(b.s.Load()) 419 } 420 421 type mspan struct { 422 _ sys.NotInHeap 423 next *mspan // next span in list, or nil if none 424 prev *mspan // previous span in list, or nil if none 425 list *mSpanList // For debugging. 426 427 startAddr uintptr // address of first byte of span aka s.base() 428 npages uintptr // number of pages in span 429 430 manualFreeList gclinkptr // list of free objects in mSpanManual spans 431 432 // freeindex is the slot index between 0 and nelems at which to begin scanning 433 // for the next free object in this span. 434 // Each allocation scans allocBits starting at freeindex until it encounters a 0 435 // indicating a free object. freeindex is then adjusted so that subsequent scans begin 436 // just past the newly discovered free object. 437 // 438 // If freeindex == nelems, this span has no free objects. 439 // 440 // allocBits is a bitmap of objects in this span. 441 // If n >= freeindex and allocBits[n/8] & (1<<(n%8)) is 0 442 // then object n is free; 443 // otherwise, object n is allocated. Bits starting at nelems are 444 // undefined and should never be referenced. 445 // 446 // Object n starts at address n*elemsize + (start << pageShift). 447 freeindex uint16 448 // TODO: Look up nelems from sizeclass and remove this field if it 449 // helps performance. 450 nelems uint16 // number of object in the span. 451 // freeIndexForScan is like freeindex, except that freeindex is 452 // used by the allocator whereas freeIndexForScan is used by the 453 // GC scanner. They are two fields so that the GC sees the object 454 // is allocated only when the object and the heap bits are 455 // initialized (see also the assignment of freeIndexForScan in 456 // mallocgc, and issue 54596). 457 freeIndexForScan uint16 458 459 // Temporary storage for the object index that caused this span to 460 // be queued for scanning. 461 // 462 // Used only with goexperiment.GreenTeaGC. 463 scanIdx uint16 464 465 // Cache of the allocBits at freeindex. allocCache is shifted 466 // such that the lowest bit corresponds to the bit freeindex. 467 // allocCache holds the complement of allocBits, thus allowing 468 // ctz (count trailing zero) to use it directly. 469 // allocCache may contain bits beyond s.nelems; the caller must ignore 470 // these. 471 allocCache uint64 472 473 // allocBits and gcmarkBits hold pointers to a span's mark and 474 // allocation bits. The pointers are 8 byte aligned. 475 // There are three arenas where this data is held. 476 // free: Dirty arenas that are no longer accessed 477 // and can be reused. 478 // next: Holds information to be used in the next GC cycle. 479 // current: Information being used during this GC cycle. 480 // previous: Information being used during the last GC cycle. 481 // A new GC cycle starts with the call to finishsweep_m. 482 // finishsweep_m moves the previous arena to the free arena, 483 // the current arena to the previous arena, and 484 // the next arena to the current arena. 485 // The next arena is populated as the spans request 486 // memory to hold gcmarkBits for the next GC cycle as well 487 // as allocBits for newly allocated spans. 488 // 489 // The pointer arithmetic is done "by hand" instead of using 490 // arrays to avoid bounds checks along critical performance 491 // paths. 492 // The sweep will free the old allocBits and set allocBits to the 493 // gcmarkBits. The gcmarkBits are replaced with a fresh zeroed 494 // out memory. 495 allocBits *gcBits 496 gcmarkBits *gcBits 497 pinnerBits *gcBits // bitmap for pinned objects; accessed atomically 498 499 // sweep generation: 500 // if sweepgen == h->sweepgen - 2, the span needs sweeping 501 // if sweepgen == h->sweepgen - 1, the span is currently being swept 502 // if sweepgen == h->sweepgen, the span is swept and ready to use 503 // if sweepgen == h->sweepgen + 1, the span was cached before sweep began and is still cached, and needs sweeping 504 // if sweepgen == h->sweepgen + 3, the span was swept and then cached and is still cached 505 // h->sweepgen is incremented by 2 after every GC 506 507 sweepgen uint32 508 divMul uint32 // for divide by elemsize 509 allocCount uint16 // number of allocated objects 510 spanclass spanClass // size class and noscan (uint8) 511 state mSpanStateBox // mSpanInUse etc; accessed atomically (get/set methods) 512 needzero uint8 // needs to be zeroed before allocation 513 isUserArenaChunk bool // whether or not this span represents a user arena 514 allocCountBeforeCache uint16 // a copy of allocCount that is stored just before this span is cached 515 elemsize uintptr // computed from sizeclass or from npages 516 limit uintptr // end of data in span 517 speciallock mutex // guards specials list and changes to pinnerBits 518 specials *special // linked list of special records sorted by offset. 519 userArenaChunkFree addrRange // interval for managing chunk allocation 520 largeType *_type // malloc header for large objects. 521 } 522 523 func (s *mspan) base() uintptr { 524 return s.startAddr 525 } 526 527 func (s *mspan) layout() (size, n, total uintptr) { 528 total = s.npages << gc.PageShift 529 size = s.elemsize 530 if size > 0 { 531 n = total / size 532 } 533 return 534 } 535 536 // recordspan adds a newly allocated span to h.allspans. 537 // 538 // This only happens the first time a span is allocated from 539 // mheap.spanalloc (it is not called when a span is reused). 540 // 541 // Write barriers are disallowed here because it can be called from 542 // gcWork when allocating new workbufs. However, because it's an 543 // indirect call from the fixalloc initializer, the compiler can't see 544 // this. 545 // 546 // The heap lock must be held. 547 // 548 //go:nowritebarrierrec 549 func recordspan(vh unsafe.Pointer, p unsafe.Pointer) { 550 h := (*mheap)(vh) 551 s := (*mspan)(p) 552 553 assertLockHeld(&h.lock) 554 555 if len(h.allspans) >= cap(h.allspans) { 556 n := 64 * 1024 / goarch.PtrSize 557 if n < cap(h.allspans)*3/2 { 558 n = cap(h.allspans) * 3 / 2 559 } 560 var new []*mspan 561 sp := (*slice)(unsafe.Pointer(&new)) 562 sp.array = sysAlloc(uintptr(n)*goarch.PtrSize, &memstats.other_sys, "allspans array") 563 if sp.array == nil { 564 throw("runtime: cannot allocate memory") 565 } 566 sp.len = len(h.allspans) 567 sp.cap = n 568 if len(h.allspans) > 0 { 569 copy(new, h.allspans) 570 } 571 oldAllspans := h.allspans 572 *(*notInHeapSlice)(unsafe.Pointer(&h.allspans)) = *(*notInHeapSlice)(unsafe.Pointer(&new)) 573 if len(oldAllspans) != 0 { 574 sysFree(unsafe.Pointer(&oldAllspans[0]), uintptr(cap(oldAllspans))*unsafe.Sizeof(oldAllspans[0]), &memstats.other_sys) 575 } 576 } 577 h.allspans = h.allspans[:len(h.allspans)+1] 578 h.allspans[len(h.allspans)-1] = s 579 } 580 581 // A spanClass represents the size class and noscan-ness of a span. 582 // 583 // Each size class has a noscan spanClass and a scan spanClass. The 584 // noscan spanClass contains only noscan objects, which do not contain 585 // pointers and thus do not need to be scanned by the garbage 586 // collector. 587 type spanClass uint8 588 589 const ( 590 numSpanClasses = gc.NumSizeClasses << 1 591 tinySpanClass = spanClass(tinySizeClass<<1 | 1) 592 ) 593 594 func makeSpanClass(sizeclass uint8, noscan bool) spanClass { 595 return spanClass(sizeclass<<1) | spanClass(bool2int(noscan)) 596 } 597 598 //go:nosplit 599 func (sc spanClass) sizeclass() int8 { 600 return int8(sc >> 1) 601 } 602 603 //go:nosplit 604 func (sc spanClass) noscan() bool { 605 return sc&1 != 0 606 } 607 608 // arenaIndex returns the index into mheap_.arenas of the arena 609 // containing metadata for p. This index combines of an index into the 610 // L1 map and an index into the L2 map and should be used as 611 // mheap_.arenas[ai.l1()][ai.l2()]. 612 // 613 // If p is outside the range of valid heap addresses, either l1() or 614 // l2() will be out of bounds. 615 // 616 // It is nosplit because it's called by spanOf and several other 617 // nosplit functions. 618 // 619 //go:nosplit 620 func arenaIndex(p uintptr) arenaIdx { 621 return arenaIdx((p - arenaBaseOffset) / heapArenaBytes) 622 } 623 624 // arenaBase returns the low address of the region covered by heap 625 // arena i. 626 func arenaBase(i arenaIdx) uintptr { 627 return uintptr(i)*heapArenaBytes + arenaBaseOffset 628 } 629 630 type arenaIdx uint 631 632 // l1 returns the "l1" portion of an arenaIdx. 633 // 634 // Marked nosplit because it's called by spanOf and other nosplit 635 // functions. 636 // 637 //go:nosplit 638 func (i arenaIdx) l1() uint { 639 if arenaL1Bits == 0 { 640 // Let the compiler optimize this away if there's no 641 // L1 map. 642 return 0 643 } else { 644 return uint(i) >> arenaL1Shift 645 } 646 } 647 648 // l2 returns the "l2" portion of an arenaIdx. 649 // 650 // Marked nosplit because it's called by spanOf and other nosplit funcs. 651 // functions. 652 // 653 //go:nosplit 654 func (i arenaIdx) l2() uint { 655 if arenaL1Bits == 0 { 656 return uint(i) 657 } else { 658 return uint(i) & (1<<arenaL2Bits - 1) 659 } 660 } 661 662 // inheap reports whether b is a pointer into a (potentially dead) heap object. 663 // It returns false for pointers into mSpanManual spans. 664 // Non-preemptible because it is used by write barriers. 665 // 666 //go:nowritebarrier 667 //go:nosplit 668 func inheap(b uintptr) bool { 669 return spanOfHeap(b) != nil 670 } 671 672 // inHeapOrStack is a variant of inheap that returns true for pointers 673 // into any allocated heap span. 674 // 675 //go:nowritebarrier 676 //go:nosplit 677 func inHeapOrStack(b uintptr) bool { 678 s := spanOf(b) 679 if s == nil || b < s.base() { 680 return false 681 } 682 switch s.state.get() { 683 case mSpanInUse, mSpanManual: 684 return b < s.limit 685 default: 686 return false 687 } 688 } 689 690 // spanOf returns the span of p. If p does not point into the heap 691 // arena or no span has ever contained p, spanOf returns nil. 692 // 693 // If p does not point to allocated memory, this may return a non-nil 694 // span that does *not* contain p. If this is a possibility, the 695 // caller should either call spanOfHeap or check the span bounds 696 // explicitly. 697 // 698 // Must be nosplit because it has callers that are nosplit. 699 // 700 //go:nosplit 701 func spanOf(p uintptr) *mspan { 702 // This function looks big, but we use a lot of constant 703 // folding around arenaL1Bits to get it under the inlining 704 // budget. Also, many of the checks here are safety checks 705 // that Go needs to do anyway, so the generated code is quite 706 // short. 707 ri := arenaIndex(p) 708 if arenaL1Bits == 0 { 709 // If there's no L1, then ri.l1() can't be out of bounds but ri.l2() can. 710 if ri.l2() >= uint(len(mheap_.arenas[0])) { 711 return nil 712 } 713 } else { 714 // If there's an L1, then ri.l1() can be out of bounds but ri.l2() can't. 715 if ri.l1() >= uint(len(mheap_.arenas)) { 716 return nil 717 } 718 } 719 l2 := mheap_.arenas[ri.l1()] 720 if arenaL1Bits != 0 && l2 == nil { // Should never happen if there's no L1. 721 return nil 722 } 723 ha := l2[ri.l2()] 724 if ha == nil { 725 return nil 726 } 727 return ha.spans[(p/pageSize)%pagesPerArena] 728 } 729 730 // spanOfUnchecked is equivalent to spanOf, but the caller must ensure 731 // that p points into an allocated heap arena. 732 // 733 // Must be nosplit because it has callers that are nosplit. 734 // 735 //go:nosplit 736 func spanOfUnchecked(p uintptr) *mspan { 737 ai := arenaIndex(p) 738 return mheap_.arenas[ai.l1()][ai.l2()].spans[(p/pageSize)%pagesPerArena] 739 } 740 741 // spanOfHeap is like spanOf, but returns nil if p does not point to a 742 // heap object. 743 // 744 // Must be nosplit because it has callers that are nosplit. 745 // 746 //go:nosplit 747 func spanOfHeap(p uintptr) *mspan { 748 s := spanOf(p) 749 // s is nil if it's never been allocated. Otherwise, we check 750 // its state first because we don't trust this pointer, so we 751 // have to synchronize with span initialization. Then, it's 752 // still possible we picked up a stale span pointer, so we 753 // have to check the span's bounds. 754 if s == nil || s.state.get() != mSpanInUse || p < s.base() || p >= s.limit { 755 return nil 756 } 757 return s 758 } 759 760 // pageIndexOf returns the arena, page index, and page mask for pointer p. 761 // The caller must ensure p is in the heap. 762 func pageIndexOf(p uintptr) (arena *heapArena, pageIdx uintptr, pageMask uint8) { 763 ai := arenaIndex(p) 764 arena = mheap_.arenas[ai.l1()][ai.l2()] 765 pageIdx = ((p / pageSize) / 8) % uintptr(len(arena.pageInUse)) 766 pageMask = byte(1 << ((p / pageSize) % 8)) 767 return 768 } 769 770 // heapArenaOf returns the heap arena for p, if one exists. 771 func heapArenaOf(p uintptr) *heapArena { 772 ri := arenaIndex(p) 773 if arenaL1Bits == 0 { 774 // If there's no L1, then ri.l1() can't be out of bounds but ri.l2() can. 775 if ri.l2() >= uint(len(mheap_.arenas[0])) { 776 return nil 777 } 778 } else { 779 // If there's an L1, then ri.l1() can be out of bounds but ri.l2() can't. 780 if ri.l1() >= uint(len(mheap_.arenas)) { 781 return nil 782 } 783 } 784 l2 := mheap_.arenas[ri.l1()] 785 if arenaL1Bits != 0 && l2 == nil { // Should never happen if there's no L1. 786 return nil 787 } 788 return l2[ri.l2()] 789 } 790 791 // Initialize the heap. 792 func (h *mheap) init() { 793 lockInit(&h.lock, lockRankMheap) 794 lockInit(&h.speciallock, lockRankMheapSpecial) 795 796 h.spanalloc.init(unsafe.Sizeof(mspan{}), recordspan, unsafe.Pointer(h), &memstats.mspan_sys) 797 h.spanSPMCAlloc.init(unsafe.Sizeof(spanSPMC{}), nil, nil, &memstats.gcMiscSys) 798 h.cachealloc.init(unsafe.Sizeof(mcache{}), nil, nil, &memstats.mcache_sys) 799 h.specialfinalizeralloc.init(unsafe.Sizeof(specialfinalizer{}), nil, nil, &memstats.other_sys) 800 h.specialCleanupAlloc.init(unsafe.Sizeof(specialCleanup{}), nil, nil, &memstats.other_sys) 801 h.specialCheckFinalizerAlloc.init(unsafe.Sizeof(specialCheckFinalizer{}), nil, nil, &memstats.other_sys) 802 h.specialTinyBlockAlloc.init(unsafe.Sizeof(specialTinyBlock{}), nil, nil, &memstats.other_sys) 803 h.specialprofilealloc.init(unsafe.Sizeof(specialprofile{}), nil, nil, &memstats.other_sys) 804 h.specialReachableAlloc.init(unsafe.Sizeof(specialReachable{}), nil, nil, &memstats.other_sys) 805 h.specialPinCounterAlloc.init(unsafe.Sizeof(specialPinCounter{}), nil, nil, &memstats.other_sys) 806 h.specialWeakHandleAlloc.init(unsafe.Sizeof(specialWeakHandle{}), nil, nil, &memstats.gcMiscSys) 807 h.specialBubbleAlloc.init(unsafe.Sizeof(specialBubble{}), nil, nil, &memstats.other_sys) 808 h.arenaHintAlloc.init(unsafe.Sizeof(arenaHint{}), nil, nil, &memstats.other_sys) 809 810 // Don't zero mspan allocations. Background sweeping can 811 // inspect a span concurrently with allocating it, so it's 812 // important that the span's sweepgen survive across freeing 813 // and re-allocating a span to prevent background sweeping 814 // from improperly cas'ing it from 0. 815 // 816 // This is safe because mspan contains no heap pointers. 817 h.spanalloc.zero = false 818 819 // h->mapcache needs no init 820 821 for i := range h.central { 822 h.central[i].mcentral.init(spanClass(i)) 823 } 824 825 h.pages.init(&h.lock, &memstats.gcMiscSys, false) 826 827 xRegInitAlloc() 828 } 829 830 // reclaim sweeps and reclaims at least npage pages into the heap. 831 // It is called before allocating npage pages to keep growth in check. 832 // 833 // reclaim implements the page-reclaimer half of the sweeper. 834 // 835 // h.lock must NOT be held. 836 func (h *mheap) reclaim(npage uintptr) { 837 // TODO(austin): Half of the time spent freeing spans is in 838 // locking/unlocking the heap (even with low contention). We 839 // could make the slow path here several times faster by 840 // batching heap frees. 841 842 // Bail early if there's no more reclaim work. 843 if h.reclaimIndex.Load() >= 1<<63 { 844 return 845 } 846 847 // Disable preemption so the GC can't start while we're 848 // sweeping, so we can read h.sweepArenas, and so 849 // traceGCSweepStart/Done pair on the P. 850 mp := acquirem() 851 852 trace := traceAcquire() 853 if trace.ok() { 854 trace.GCSweepStart() 855 traceRelease(trace) 856 } 857 858 arenas := h.sweepArenas 859 locked := false 860 for npage > 0 { 861 // Pull from accumulated credit first. 862 if credit := h.reclaimCredit.Load(); credit > 0 { 863 take := credit 864 if take > npage { 865 // Take only what we need. 866 take = npage 867 } 868 if h.reclaimCredit.CompareAndSwap(credit, credit-take) { 869 npage -= take 870 } 871 continue 872 } 873 874 // Claim a chunk of work. 875 idx := uintptr(h.reclaimIndex.Add(pagesPerReclaimerChunk) - pagesPerReclaimerChunk) 876 if idx/pagesPerArena >= uintptr(len(arenas)) { 877 // Page reclaiming is done. 878 h.reclaimIndex.Store(1 << 63) 879 break 880 } 881 882 if !locked { 883 // Lock the heap for reclaimChunk. 884 lock(&h.lock) 885 locked = true 886 } 887 888 // Scan this chunk. 889 nfound := h.reclaimChunk(arenas, idx, pagesPerReclaimerChunk) 890 if nfound <= npage { 891 npage -= nfound 892 } else { 893 // Put spare pages toward global credit. 894 h.reclaimCredit.Add(nfound - npage) 895 npage = 0 896 } 897 } 898 if locked { 899 unlock(&h.lock) 900 } 901 902 trace = traceAcquire() 903 if trace.ok() { 904 trace.GCSweepDone() 905 traceRelease(trace) 906 } 907 releasem(mp) 908 } 909 910 // reclaimChunk sweeps unmarked spans that start at page indexes [pageIdx, pageIdx+n). 911 // It returns the number of pages returned to the heap. 912 // 913 // h.lock must be held and the caller must be non-preemptible. Note: h.lock may be 914 // temporarily unlocked and re-locked in order to do sweeping or if tracing is 915 // enabled. 916 func (h *mheap) reclaimChunk(arenas []arenaIdx, pageIdx, n uintptr) uintptr { 917 // The heap lock must be held because this accesses the 918 // heapArena.spans arrays using potentially non-live pointers. 919 // In particular, if a span were freed and merged concurrently 920 // with this probing heapArena.spans, it would be possible to 921 // observe arbitrary, stale span pointers. 922 assertLockHeld(&h.lock) 923 924 n0 := n 925 var nFreed uintptr 926 sl := sweep.active.begin() 927 if !sl.valid { 928 return 0 929 } 930 for n > 0 { 931 ai := arenas[pageIdx/pagesPerArena] 932 ha := h.arenas[ai.l1()][ai.l2()] 933 934 // Get a chunk of the bitmap to work on. 935 arenaPage := uint(pageIdx % pagesPerArena) 936 inUse := ha.pageInUse[arenaPage/8:] 937 marked := ha.pageMarks[arenaPage/8:] 938 if uintptr(len(inUse)) > n/8 { 939 inUse = inUse[:n/8] 940 marked = marked[:n/8] 941 } 942 943 // Scan this bitmap chunk for spans that are in-use 944 // but have no marked objects on them. 945 for i := range inUse { 946 inUseUnmarked := atomic.Load8(&inUse[i]) &^ marked[i] 947 if inUseUnmarked == 0 { 948 continue 949 } 950 951 for j := uint(0); j < 8; j++ { 952 if inUseUnmarked&(1<<j) != 0 { 953 s := ha.spans[arenaPage+uint(i)*8+j] 954 if s, ok := sl.tryAcquire(s); ok { 955 npages := s.npages 956 unlock(&h.lock) 957 if s.sweep(false) { 958 nFreed += npages 959 } 960 lock(&h.lock) 961 // Reload inUse. It's possible nearby 962 // spans were freed when we dropped the 963 // lock and we don't want to get stale 964 // pointers from the spans array. 965 inUseUnmarked = atomic.Load8(&inUse[i]) &^ marked[i] 966 } 967 } 968 } 969 } 970 971 // Advance. 972 pageIdx += uintptr(len(inUse) * 8) 973 n -= uintptr(len(inUse) * 8) 974 } 975 sweep.active.end(sl) 976 trace := traceAcquire() 977 if trace.ok() { 978 unlock(&h.lock) 979 // Account for pages scanned but not reclaimed. 980 trace.GCSweepSpan((n0 - nFreed) * pageSize) 981 traceRelease(trace) 982 lock(&h.lock) 983 } 984 985 assertLockHeld(&h.lock) // Must be locked on return. 986 return nFreed 987 } 988 989 // spanAllocType represents the type of allocation to make, or 990 // the type of allocation to be freed. 991 type spanAllocType uint8 992 993 const ( 994 spanAllocHeap spanAllocType = iota // heap span 995 spanAllocStack // stack span 996 spanAllocWorkBuf // work buf span 997 ) 998 999 // manual returns true if the span allocation is manually managed. 1000 func (s spanAllocType) manual() bool { 1001 return s != spanAllocHeap 1002 } 1003 1004 // alloc allocates a new span of npage pages from the GC'd heap. 1005 // 1006 // spanclass indicates the span's size class and scannability. 1007 // 1008 // Returns a span that has been fully initialized. span.needzero indicates 1009 // whether the span has been zeroed. Note that it may not be. 1010 func (h *mheap) alloc(npages uintptr, spanclass spanClass) *mspan { 1011 // Don't do any operations that lock the heap on the G stack. 1012 // It might trigger stack growth, and the stack growth code needs 1013 // to be able to allocate heap. 1014 var s *mspan 1015 systemstack(func() { 1016 // To prevent excessive heap growth, before allocating n pages 1017 // we need to sweep and reclaim at least n pages. 1018 if !isSweepDone() { 1019 h.reclaim(npages) 1020 } 1021 s = h.allocSpan(npages, spanAllocHeap, spanclass) 1022 }) 1023 return s 1024 } 1025 1026 // allocManual allocates a manually-managed span of npage pages. 1027 // allocManual returns nil if allocation fails. 1028 // 1029 // allocManual adds the bytes used to *stat, which should be a 1030 // memstats in-use field. Unlike allocations in the GC'd heap, the 1031 // allocation does *not* count toward heapInUse. 1032 // 1033 // The memory backing the returned span may not be zeroed if 1034 // span.needzero is set. 1035 // 1036 // allocManual must be called on the system stack because it may 1037 // acquire the heap lock via allocSpan. See mheap for details. 1038 // 1039 // If new code is written to call allocManual, do NOT use an 1040 // existing spanAllocType value and instead declare a new one. 1041 // 1042 //go:systemstack 1043 func (h *mheap) allocManual(npages uintptr, typ spanAllocType) *mspan { 1044 if !typ.manual() { 1045 throw("manual span allocation called with non-manually-managed type") 1046 } 1047 return h.allocSpan(npages, typ, 0) 1048 } 1049 1050 // setSpans modifies the span map so [spanOf(base), spanOf(base+npage*pageSize)) 1051 // is s. 1052 func (h *mheap) setSpans(base, npage uintptr, s *mspan) { 1053 p := base / pageSize 1054 ai := arenaIndex(base) 1055 ha := h.arenas[ai.l1()][ai.l2()] 1056 for n := uintptr(0); n < npage; n++ { 1057 i := (p + n) % pagesPerArena 1058 if i == 0 { 1059 ai = arenaIndex(base + n*pageSize) 1060 ha = h.arenas[ai.l1()][ai.l2()] 1061 } 1062 ha.spans[i] = s 1063 } 1064 } 1065 1066 // allocNeedsZero checks if the region of address space [base, base+npage*pageSize), 1067 // assumed to be allocated, needs to be zeroed, updating heap arena metadata for 1068 // future allocations. 1069 // 1070 // This must be called each time pages are allocated from the heap, even if the page 1071 // allocator can otherwise prove the memory it's allocating is already zero because 1072 // they're fresh from the operating system. It updates heapArena metadata that is 1073 // critical for future page allocations. 1074 // 1075 // There are no locking constraints on this method. 1076 func (h *mheap) allocNeedsZero(base, npage uintptr) (needZero bool) { 1077 for npage > 0 { 1078 ai := arenaIndex(base) 1079 ha := h.arenas[ai.l1()][ai.l2()] 1080 1081 zeroedBase := atomic.Loaduintptr(&ha.zeroedBase) 1082 arenaBase := base % heapArenaBytes 1083 if arenaBase < zeroedBase { 1084 // We extended into the non-zeroed part of the 1085 // arena, so this region needs to be zeroed before use. 1086 // 1087 // zeroedBase is monotonically increasing, so if we see this now then 1088 // we can be sure we need to zero this memory region. 1089 // 1090 // We still need to update zeroedBase for this arena, and 1091 // potentially more arenas. 1092 needZero = true 1093 } 1094 // We may observe arenaBase > zeroedBase if we're racing with one or more 1095 // allocations which are acquiring memory directly before us in the address 1096 // space. But, because we know no one else is acquiring *this* memory, it's 1097 // still safe to not zero. 1098 1099 // Compute how far into the arena we extend into, capped 1100 // at heapArenaBytes. 1101 arenaLimit := arenaBase + npage*pageSize 1102 if arenaLimit > heapArenaBytes { 1103 arenaLimit = heapArenaBytes 1104 } 1105 // Increase ha.zeroedBase so it's >= arenaLimit. 1106 // We may be racing with other updates. 1107 for arenaLimit > zeroedBase { 1108 if atomic.Casuintptr(&ha.zeroedBase, zeroedBase, arenaLimit) { 1109 break 1110 } 1111 zeroedBase = atomic.Loaduintptr(&ha.zeroedBase) 1112 // Double check basic conditions of zeroedBase. 1113 if zeroedBase <= arenaLimit && zeroedBase > arenaBase { 1114 // The zeroedBase moved into the space we were trying to 1115 // claim. That's very bad, and indicates someone allocated 1116 // the same region we did. 1117 throw("potentially overlapping in-use allocations detected") 1118 } 1119 } 1120 1121 // Move base forward and subtract from npage to move into 1122 // the next arena, or finish. 1123 base += arenaLimit - arenaBase 1124 npage -= (arenaLimit - arenaBase) / pageSize 1125 } 1126 return 1127 } 1128 1129 // tryAllocMSpan attempts to allocate an mspan object from 1130 // the P-local cache, but may fail. 1131 // 1132 // h.lock need not be held. 1133 // 1134 // This caller must ensure that its P won't change underneath 1135 // it during this function. Currently to ensure that we enforce 1136 // that the function is run on the system stack, because that's 1137 // the only place it is used now. In the future, this requirement 1138 // may be relaxed if its use is necessary elsewhere. 1139 // 1140 //go:systemstack 1141 func (h *mheap) tryAllocMSpan() *mspan { 1142 pp := getg().m.p.ptr() 1143 // If we don't have a p or the cache is empty, we can't do 1144 // anything here. 1145 if pp == nil || pp.mspancache.len == 0 { 1146 return nil 1147 } 1148 // Pull off the last entry in the cache. 1149 s := pp.mspancache.buf[pp.mspancache.len-1] 1150 pp.mspancache.len-- 1151 return s 1152 } 1153 1154 // allocMSpanLocked allocates an mspan object. 1155 // 1156 // h.lock must be held. 1157 // 1158 // allocMSpanLocked must be called on the system stack because 1159 // its caller holds the heap lock. See mheap for details. 1160 // Running on the system stack also ensures that we won't 1161 // switch Ps during this function. See tryAllocMSpan for details. 1162 // 1163 //go:systemstack 1164 func (h *mheap) allocMSpanLocked() *mspan { 1165 assertLockHeld(&h.lock) 1166 1167 pp := getg().m.p.ptr() 1168 if pp == nil { 1169 // We don't have a p so just do the normal thing. 1170 return (*mspan)(h.spanalloc.alloc()) 1171 } 1172 // Refill the cache if necessary. 1173 if pp.mspancache.len == 0 { 1174 const refillCount = len(pp.mspancache.buf) / 2 1175 for i := 0; i < refillCount; i++ { 1176 pp.mspancache.buf[i] = (*mspan)(h.spanalloc.alloc()) 1177 } 1178 pp.mspancache.len = refillCount 1179 } 1180 // Pull off the last entry in the cache. 1181 s := pp.mspancache.buf[pp.mspancache.len-1] 1182 pp.mspancache.len-- 1183 return s 1184 } 1185 1186 // freeMSpanLocked free an mspan object. 1187 // 1188 // h.lock must be held. 1189 // 1190 // freeMSpanLocked must be called on the system stack because 1191 // its caller holds the heap lock. See mheap for details. 1192 // Running on the system stack also ensures that we won't 1193 // switch Ps during this function. See tryAllocMSpan for details. 1194 // 1195 //go:systemstack 1196 func (h *mheap) freeMSpanLocked(s *mspan) { 1197 assertLockHeld(&h.lock) 1198 1199 pp := getg().m.p.ptr() 1200 // First try to free the mspan directly to the cache. 1201 if pp != nil && pp.mspancache.len < len(pp.mspancache.buf) { 1202 pp.mspancache.buf[pp.mspancache.len] = s 1203 pp.mspancache.len++ 1204 return 1205 } 1206 // Failing that (or if we don't have a p), just free it to 1207 // the heap. 1208 h.spanalloc.free(unsafe.Pointer(s)) 1209 } 1210 1211 // allocSpan allocates an mspan which owns npages worth of memory. 1212 // 1213 // If typ.manual() == false, allocSpan allocates a heap span of class spanclass 1214 // and updates heap accounting. If manual == true, allocSpan allocates a 1215 // manually-managed span (spanclass is ignored), and the caller is 1216 // responsible for any accounting related to its use of the span. Either 1217 // way, allocSpan will atomically add the bytes in the newly allocated 1218 // span to *sysStat. 1219 // 1220 // The returned span is fully initialized. 1221 // 1222 // h.lock must not be held. 1223 // 1224 // allocSpan must be called on the system stack both because it acquires 1225 // the heap lock and because it must block GC transitions. 1226 // 1227 //go:systemstack 1228 func (h *mheap) allocSpan(npages uintptr, typ spanAllocType, spanclass spanClass) (s *mspan) { 1229 // Function-global state. 1230 gp := getg() 1231 base, scav := uintptr(0), uintptr(0) 1232 growth := uintptr(0) 1233 1234 // On some platforms we need to provide physical page aligned stack 1235 // allocations. Where the page size is less than the physical page 1236 // size, we already manage to do this by default. 1237 needPhysPageAlign := physPageAlignedStacks && typ == spanAllocStack && pageSize < physPageSize 1238 1239 // If the allocation is small enough, try the page cache! 1240 // The page cache does not support aligned allocations, so we cannot use 1241 // it if we need to provide a physical page aligned stack allocation. 1242 pp := gp.m.p.ptr() 1243 if !needPhysPageAlign && pp != nil && npages < pageCachePages/4 { 1244 c := &pp.pcache 1245 1246 // If the cache is empty, refill it. 1247 if c.empty() { 1248 lock(&h.lock) 1249 *c = h.pages.allocToCache() 1250 unlock(&h.lock) 1251 } 1252 1253 // Try to allocate from the cache. 1254 base, scav = c.alloc(npages) 1255 if base != 0 { 1256 s = h.tryAllocMSpan() 1257 if s != nil { 1258 goto HaveSpan 1259 } 1260 // We have a base but no mspan, so we need 1261 // to lock the heap. 1262 } 1263 } 1264 1265 // For one reason or another, we couldn't get the 1266 // whole job done without the heap lock. 1267 lock(&h.lock) 1268 1269 if needPhysPageAlign { 1270 // Overallocate by a physical page to allow for later alignment. 1271 extraPages := physPageSize / pageSize 1272 1273 // Find a big enough region first, but then only allocate the 1274 // aligned portion. We can't just allocate and then free the 1275 // edges because we need to account for scavenged memory, and 1276 // that's difficult with alloc. 1277 // 1278 // Note that we skip updates to searchAddr here. It's OK if 1279 // it's stale and higher than normal; it'll operate correctly, 1280 // just come with a performance cost. 1281 base, _ = h.pages.find(npages + extraPages) 1282 if base == 0 { 1283 var ok bool 1284 growth, ok = h.grow(npages + extraPages) 1285 if !ok { 1286 unlock(&h.lock) 1287 return nil 1288 } 1289 base, _ = h.pages.find(npages + extraPages) 1290 if base == 0 { 1291 throw("grew heap, but no adequate free space found") 1292 } 1293 } 1294 base = alignUp(base, physPageSize) 1295 scav = h.pages.allocRange(base, npages) 1296 } 1297 1298 if base == 0 { 1299 // Try to acquire a base address. 1300 base, scav = h.pages.alloc(npages) 1301 if base == 0 { 1302 var ok bool 1303 growth, ok = h.grow(npages) 1304 if !ok { 1305 unlock(&h.lock) 1306 return nil 1307 } 1308 base, scav = h.pages.alloc(npages) 1309 if base == 0 { 1310 throw("grew heap, but no adequate free space found") 1311 } 1312 } 1313 } 1314 if s == nil { 1315 // We failed to get an mspan earlier, so grab 1316 // one now that we have the heap lock. 1317 s = h.allocMSpanLocked() 1318 } 1319 unlock(&h.lock) 1320 1321 HaveSpan: 1322 // Decide if we need to scavenge in response to what we just allocated. 1323 // Specifically, we track the maximum amount of memory to scavenge of all 1324 // the alternatives below, assuming that the maximum satisfies *all* 1325 // conditions we check (e.g. if we need to scavenge X to satisfy the 1326 // memory limit and Y to satisfy heap-growth scavenging, and Y > X, then 1327 // it's fine to pick Y, because the memory limit is still satisfied). 1328 // 1329 // It's fine to do this after allocating because we expect any scavenged 1330 // pages not to get touched until we return. Simultaneously, it's important 1331 // to do this before calling sysUsed because that may commit address space. 1332 bytesToScavenge := uintptr(0) 1333 forceScavenge := false 1334 if limit := gcController.memoryLimit.Load(); !gcCPULimiter.limiting() { 1335 // Assist with scavenging to maintain the memory limit by the amount 1336 // that we expect to page in. 1337 inuse := gcController.mappedReady.Load() 1338 // Be careful about overflow, especially with uintptrs. Even on 32-bit platforms 1339 // someone can set a really big memory limit that isn't math.MaxInt64. 1340 if uint64(scav)+inuse > uint64(limit) { 1341 bytesToScavenge = uintptr(uint64(scav) + inuse - uint64(limit)) 1342 forceScavenge = true 1343 } 1344 } 1345 if goal := scavenge.gcPercentGoal.Load(); goal != ^uint64(0) && growth > 0 { 1346 // We just caused a heap growth, so scavenge down what will soon be used. 1347 // By scavenging inline we deal with the failure to allocate out of 1348 // memory fragments by scavenging the memory fragments that are least 1349 // likely to be re-used. 1350 // 1351 // Only bother with this because we're not using a memory limit. We don't 1352 // care about heap growths as long as we're under the memory limit, and the 1353 // previous check for scaving already handles that. 1354 if retained := heapRetained(); retained+uint64(growth) > goal { 1355 // The scavenging algorithm requires the heap lock to be dropped so it 1356 // can acquire it only sparingly. This is a potentially expensive operation 1357 // so it frees up other goroutines to allocate in the meanwhile. In fact, 1358 // they can make use of the growth we just created. 1359 todo := growth 1360 if overage := uintptr(retained + uint64(growth) - goal); todo > overage { 1361 todo = overage 1362 } 1363 if todo > bytesToScavenge { 1364 bytesToScavenge = todo 1365 } 1366 } 1367 } 1368 // There are a few very limited circumstances where we won't have a P here. 1369 // It's OK to simply skip scavenging in these cases. Something else will notice 1370 // and pick up the tab. 1371 var now int64 1372 if pp != nil && bytesToScavenge > 0 { 1373 // Measure how long we spent scavenging and add that measurement to the assist 1374 // time so we can track it for the GC CPU limiter. 1375 // 1376 // Limiter event tracking might be disabled if we end up here 1377 // while on a mark worker. 1378 start := nanotime() 1379 track := pp.limiterEvent.start(limiterEventScavengeAssist, start) 1380 1381 // Scavenge, but back out if the limiter turns on. 1382 released := h.pages.scavenge(bytesToScavenge, func() bool { 1383 return gcCPULimiter.limiting() 1384 }, forceScavenge) 1385 1386 mheap_.pages.scav.releasedEager.Add(released) 1387 1388 // Finish up accounting. 1389 now = nanotime() 1390 if track { 1391 pp.limiterEvent.stop(limiterEventScavengeAssist, now) 1392 } 1393 scavenge.assistTime.Add(now - start) 1394 } 1395 1396 // Initialize the span. 1397 h.initSpan(s, typ, spanclass, base, npages, scav) 1398 1399 if valgrindenabled { 1400 valgrindMempoolMalloc(unsafe.Pointer(arenaBase(arenaIndex(base))), unsafe.Pointer(base), npages*pageSize) 1401 } 1402 1403 // Commit and account for any scavenged memory that the span now owns. 1404 nbytes := npages * pageSize 1405 if scav != 0 { 1406 // sysUsed all the pages that are actually available 1407 // in the span since some of them might be scavenged. 1408 sysUsed(unsafe.Pointer(base), nbytes, scav) 1409 gcController.heapReleased.add(-int64(scav)) 1410 } 1411 // Update stats. 1412 gcController.heapFree.add(-int64(nbytes - scav)) 1413 if typ == spanAllocHeap { 1414 gcController.heapInUse.add(int64(nbytes)) 1415 } 1416 // Update consistent stats. 1417 stats := memstats.heapStats.acquire() 1418 atomic.Xaddint64(&stats.committed, int64(scav)) 1419 atomic.Xaddint64(&stats.released, -int64(scav)) 1420 switch typ { 1421 case spanAllocHeap: 1422 atomic.Xaddint64(&stats.inHeap, int64(nbytes)) 1423 case spanAllocStack: 1424 atomic.Xaddint64(&stats.inStacks, int64(nbytes)) 1425 case spanAllocWorkBuf: 1426 atomic.Xaddint64(&stats.inWorkBufs, int64(nbytes)) 1427 } 1428 memstats.heapStats.release() 1429 1430 // Trace the span alloc. 1431 if traceAllocFreeEnabled() { 1432 trace := traceAcquire() 1433 if trace.ok() { 1434 trace.SpanAlloc(s) 1435 traceRelease(trace) 1436 } 1437 } 1438 return s 1439 } 1440 1441 // initSpan initializes a blank span s which will represent the range 1442 // [base, base+npages*pageSize). typ is the type of span being allocated. 1443 func (h *mheap) initSpan(s *mspan, typ spanAllocType, spanclass spanClass, base, npages, scav uintptr) { 1444 // At this point, both s != nil and base != 0, and the heap 1445 // lock is no longer held. Initialize the span. 1446 s.init(base, npages) 1447 // Always call allocNeedsZero to update the arena's zeroedBase watermark 1448 // and determine if the memory is considered dirty. 1449 needZero := h.allocNeedsZero(base, npages) 1450 // If these pages were scavenged (returned to the OS), the kernel guarantees 1451 // they will be zero-filled on next use (fault-in), so we can treat them as 1452 // already zeroed and skip explicit clearing. 1453 if (needZeroAfterSysUnused() || scav != npages*pageSize) && needZero { 1454 s.needzero = 1 1455 } 1456 nbytes := npages * pageSize 1457 if typ.manual() { 1458 s.manualFreeList = 0 1459 s.nelems = 0 1460 s.state.set(mSpanManual) 1461 } else { 1462 // We must set span properties before the span is published anywhere 1463 // since we're not holding the heap lock. 1464 s.spanclass = spanclass 1465 if sizeclass := spanclass.sizeclass(); sizeclass == 0 { 1466 s.elemsize = nbytes 1467 s.nelems = 1 1468 s.divMul = 0 1469 } else { 1470 s.elemsize = uintptr(gc.SizeClassToSize[sizeclass]) 1471 if goexperiment.GreenTeaGC { 1472 var reserve uintptr 1473 if gcUsesSpanInlineMarkBits(s.elemsize) { 1474 // Reserve space for the inline mark bits. 1475 reserve += unsafe.Sizeof(spanInlineMarkBits{}) 1476 } 1477 if heapBitsInSpan(s.elemsize) && !s.spanclass.noscan() { 1478 // Reserve space for the pointer/scan bitmap at the end. 1479 reserve += nbytes / goarch.PtrSize / 8 1480 } 1481 s.nelems = uint16((nbytes - reserve) / s.elemsize) 1482 } else { 1483 if !s.spanclass.noscan() && heapBitsInSpan(s.elemsize) { 1484 // Reserve space for the pointer/scan bitmap at the end. 1485 s.nelems = uint16((nbytes - (nbytes / goarch.PtrSize / 8)) / s.elemsize) 1486 } else { 1487 s.nelems = uint16(nbytes / s.elemsize) 1488 } 1489 } 1490 s.divMul = gc.SizeClassToDivMagic[sizeclass] 1491 } 1492 1493 // Initialize mark and allocation structures. 1494 s.freeindex = 0 1495 s.freeIndexForScan = 0 1496 s.allocCache = ^uint64(0) // all 1s indicating all free. 1497 s.gcmarkBits = newMarkBits(uintptr(s.nelems)) 1498 s.allocBits = newAllocBits(uintptr(s.nelems)) 1499 1500 // Adjust s.limit down to the object-containing part of the span. 1501 s.limit = s.base() + s.elemsize*uintptr(s.nelems) 1502 1503 // It's safe to access h.sweepgen without the heap lock because it's 1504 // only ever updated with the world stopped and we run on the 1505 // systemstack which blocks a STW transition. 1506 atomic.Store(&s.sweepgen, h.sweepgen) 1507 1508 // Now that the span is filled in, set its state. This 1509 // is a publication barrier for the other fields in 1510 // the span. While valid pointers into this span 1511 // should never be visible until the span is returned, 1512 // if the garbage collector finds an invalid pointer, 1513 // access to the span may race with initialization of 1514 // the span. We resolve this race by atomically 1515 // setting the state after the span is fully 1516 // initialized, and atomically checking the state in 1517 // any situation where a pointer is suspect. 1518 s.state.set(mSpanInUse) 1519 } 1520 1521 // Publish the span in various locations. 1522 1523 // This is safe to call without the lock held because the slots 1524 // related to this span will only ever be read or modified by 1525 // this thread until pointers into the span are published (and 1526 // we execute a publication barrier at the end of this function 1527 // before that happens) or pageInUse is updated. 1528 h.setSpans(s.base(), npages, s) 1529 1530 if !typ.manual() { 1531 // Mark in-use span in arena page bitmap. 1532 // 1533 // This publishes the span to the page sweeper, so 1534 // it's imperative that the span be completely initialized 1535 // prior to this line. 1536 arena, pageIdx, pageMask := pageIndexOf(s.base()) 1537 atomic.Or8(&arena.pageInUse[pageIdx], pageMask) 1538 1539 // Mark packed span. 1540 if gcUsesSpanInlineMarkBits(s.elemsize) { 1541 atomic.Or8(&arena.pageUseSpanInlineMarkBits[pageIdx], pageMask) 1542 } 1543 1544 // Update related page sweeper stats. 1545 h.pagesInUse.Add(npages) 1546 } 1547 1548 // Make sure the newly allocated span will be observed 1549 // by the GC before pointers into the span are published. 1550 publicationBarrier() 1551 } 1552 1553 // Try to add at least npage pages of memory to the heap, 1554 // returning how much the heap grew by and whether it worked. 1555 // 1556 // h.lock must be held. 1557 func (h *mheap) grow(npage uintptr) (uintptr, bool) { 1558 assertLockHeld(&h.lock) 1559 1560 firstGrow := h.curArena.base == 0 1561 1562 // We must grow the heap in whole palloc chunks. 1563 // We call sysMap below but note that because we 1564 // round up to pallocChunkPages which is on the order 1565 // of MiB (generally >= to the huge page size) we 1566 // won't be calling it too much. 1567 ask := alignUp(npage, pallocChunkPages) * pageSize 1568 1569 totalGrowth := uintptr(0) 1570 // This may overflow because ask could be very large 1571 // and is otherwise unrelated to h.curArena.base. 1572 end := h.curArena.base + ask 1573 nBase := alignUp(end, physPageSize) 1574 if nBase > h.curArena.end || /* overflow */ end < h.curArena.base { 1575 // Not enough room in the current arena. Allocate more 1576 // arena space. This may not be contiguous with the 1577 // current arena, so we have to request the full ask. 1578 av, asize := h.sysAlloc(ask, &h.arenaHints, &h.heapArenas) 1579 if av == nil { 1580 inUse := gcController.heapFree.load() + gcController.heapReleased.load() + gcController.heapInUse.load() 1581 print("runtime: out of memory: cannot allocate ", ask, "-byte block (", inUse, " in use)\n") 1582 return 0, false 1583 } 1584 1585 if uintptr(av) == h.curArena.end { 1586 // The new space is contiguous with the old 1587 // space, so just extend the current space. 1588 h.curArena.end = uintptr(av) + asize 1589 } else { 1590 // The new space is discontiguous. Track what 1591 // remains of the current space and switch to 1592 // the new space. This should be rare. 1593 if size := h.curArena.end - h.curArena.base; size != 0 { 1594 // Transition this space from Reserved to Prepared and mark it 1595 // as released since we'll be able to start using it after updating 1596 // the page allocator and releasing the lock at any time. 1597 sysMap(unsafe.Pointer(h.curArena.base), size, &gcController.heapReleased, "heap") 1598 // Update stats. 1599 stats := memstats.heapStats.acquire() 1600 atomic.Xaddint64(&stats.released, int64(size)) 1601 memstats.heapStats.release() 1602 // Update the page allocator's structures to make this 1603 // space ready for allocation. 1604 h.pages.grow(h.curArena.base, size) 1605 totalGrowth += size 1606 } 1607 // Switch to the new space. 1608 h.curArena.base = uintptr(av) 1609 h.curArena.end = uintptr(av) + asize 1610 1611 if firstGrow && randomizeHeapBase { 1612 // The top heapAddrBits-logHeapArenaBytes are randomized, we now 1613 // want to randomize the next 1614 // logHeapArenaBytes-log2(pallocChunkBytes) bits, making sure 1615 // h.curArena.base is aligned to pallocChunkBytes. 1616 bits := logHeapArenaBytes - logPallocChunkBytes 1617 offset := nextHeapRandBits(bits) 1618 h.curArena.base = alignDown(h.curArena.base|(offset<<logPallocChunkBytes), pallocChunkBytes) 1619 } 1620 } 1621 1622 // Recalculate nBase. 1623 // We know this won't overflow, because sysAlloc returned 1624 // a valid region starting at h.curArena.base which is at 1625 // least ask bytes in size. 1626 nBase = alignUp(h.curArena.base+ask, physPageSize) 1627 } 1628 1629 // Grow into the current arena. 1630 v := h.curArena.base 1631 h.curArena.base = nBase 1632 1633 // Transition the space we're going to use from Reserved to Prepared. 1634 // 1635 // The allocation is always aligned to the heap arena 1636 // size which is always > physPageSize, so its safe to 1637 // just add directly to heapReleased. 1638 sysMap(unsafe.Pointer(v), nBase-v, &gcController.heapReleased, "heap") 1639 1640 // The memory just allocated counts as both released 1641 // and idle, even though it's not yet backed by spans. 1642 stats := memstats.heapStats.acquire() 1643 atomic.Xaddint64(&stats.released, int64(nBase-v)) 1644 memstats.heapStats.release() 1645 1646 // Update the page allocator's structures to make this 1647 // space ready for allocation. 1648 h.pages.grow(v, nBase-v) 1649 totalGrowth += nBase - v 1650 1651 if firstGrow && randomizeHeapBase { 1652 // The top heapAddrBits-log2(pallocChunkBytes) bits are now randomized, 1653 // we finally want to randomize the next 1654 // log2(pallocChunkBytes)-log2(pageSize) bits, while maintaining 1655 // alignment to pageSize. We do this by calculating a random number of 1656 // pages into the current arena, and marking them as allocated. The 1657 // address of the next available page becomes our fully randomized base 1658 // heap address. 1659 randOffset := nextHeapRandBits(logPallocChunkBytes) 1660 randNumPages := alignDown(randOffset, pageSize) / pageSize 1661 if randNumPages != 0 { 1662 h.pages.markRandomPaddingPages(v, randNumPages) 1663 } 1664 } 1665 1666 return totalGrowth, true 1667 } 1668 1669 // Free the span back into the heap. 1670 func (h *mheap) freeSpan(s *mspan) { 1671 systemstack(func() { 1672 // Trace the span free. 1673 if traceAllocFreeEnabled() { 1674 trace := traceAcquire() 1675 if trace.ok() { 1676 trace.SpanFree(s) 1677 traceRelease(trace) 1678 } 1679 } 1680 1681 lock(&h.lock) 1682 if msanenabled { 1683 // Tell msan that this entire span is no longer in use. 1684 base := unsafe.Pointer(s.base()) 1685 bytes := s.npages << gc.PageShift 1686 msanfree(base, bytes) 1687 } 1688 if asanenabled { 1689 // Tell asan that this entire span is no longer in use. 1690 base := unsafe.Pointer(s.base()) 1691 bytes := s.npages << gc.PageShift 1692 asanpoison(base, bytes) 1693 } 1694 if valgrindenabled { 1695 base := s.base() 1696 valgrindMempoolFree(unsafe.Pointer(arenaBase(arenaIndex(base))), unsafe.Pointer(base)) 1697 } 1698 h.freeSpanLocked(s, spanAllocHeap) 1699 unlock(&h.lock) 1700 }) 1701 } 1702 1703 // freeManual frees a manually-managed span returned by allocManual. 1704 // typ must be the same as the spanAllocType passed to the allocManual that 1705 // allocated s. 1706 // 1707 // This must only be called when gcphase == _GCoff. See mSpanState for 1708 // an explanation. 1709 // 1710 // freeManual must be called on the system stack because it acquires 1711 // the heap lock. See mheap for details. 1712 // 1713 //go:systemstack 1714 func (h *mheap) freeManual(s *mspan, typ spanAllocType) { 1715 // Trace the span free. 1716 if traceAllocFreeEnabled() { 1717 trace := traceAcquire() 1718 if trace.ok() { 1719 trace.SpanFree(s) 1720 traceRelease(trace) 1721 } 1722 } 1723 1724 s.needzero = 1 1725 lock(&h.lock) 1726 if valgrindenabled { 1727 base := s.base() 1728 valgrindMempoolFree(unsafe.Pointer(arenaBase(arenaIndex(base))), unsafe.Pointer(base)) 1729 } 1730 h.freeSpanLocked(s, typ) 1731 unlock(&h.lock) 1732 } 1733 1734 func (h *mheap) freeSpanLocked(s *mspan, typ spanAllocType) { 1735 assertLockHeld(&h.lock) 1736 1737 switch s.state.get() { 1738 case mSpanManual: 1739 if s.allocCount != 0 { 1740 throw("mheap.freeSpanLocked - invalid stack free") 1741 } 1742 case mSpanInUse: 1743 if s.isUserArenaChunk { 1744 throw("mheap.freeSpanLocked - invalid free of user arena chunk") 1745 } 1746 if s.allocCount != 0 || s.sweepgen != h.sweepgen { 1747 print("mheap.freeSpanLocked - span ", s, " ptr ", hex(s.base()), " allocCount ", s.allocCount, " sweepgen ", s.sweepgen, "/", h.sweepgen, "\n") 1748 throw("mheap.freeSpanLocked - invalid free") 1749 } 1750 h.pagesInUse.Add(-s.npages) 1751 1752 // Clear in-use bit in arena page bitmap. 1753 arena, pageIdx, pageMask := pageIndexOf(s.base()) 1754 atomic.And8(&arena.pageInUse[pageIdx], ^pageMask) 1755 1756 // Clear small heap span bit if necessary. 1757 if gcUsesSpanInlineMarkBits(s.elemsize) { 1758 atomic.And8(&arena.pageUseSpanInlineMarkBits[pageIdx], ^pageMask) 1759 } 1760 default: 1761 throw("mheap.freeSpanLocked - invalid span state") 1762 } 1763 1764 // Update stats. 1765 // 1766 // Mirrors the code in allocSpan. 1767 nbytes := s.npages * pageSize 1768 gcController.heapFree.add(int64(nbytes)) 1769 if typ == spanAllocHeap { 1770 gcController.heapInUse.add(-int64(nbytes)) 1771 } 1772 // Update consistent stats. 1773 stats := memstats.heapStats.acquire() 1774 switch typ { 1775 case spanAllocHeap: 1776 atomic.Xaddint64(&stats.inHeap, -int64(nbytes)) 1777 case spanAllocStack: 1778 atomic.Xaddint64(&stats.inStacks, -int64(nbytes)) 1779 case spanAllocWorkBuf: 1780 atomic.Xaddint64(&stats.inWorkBufs, -int64(nbytes)) 1781 } 1782 memstats.heapStats.release() 1783 1784 // Mark the space as free. 1785 h.pages.free(s.base(), s.npages) 1786 1787 // Free the span structure. We no longer have a use for it. 1788 s.state.set(mSpanDead) 1789 h.freeMSpanLocked(s) 1790 } 1791 1792 // scavengeAll acquires the heap lock (blocking any additional 1793 // manipulation of the page allocator) and iterates over the whole 1794 // heap, scavenging every free page available. 1795 // 1796 // Must run on the system stack because it acquires the heap lock. 1797 // 1798 //go:systemstack 1799 func (h *mheap) scavengeAll() { 1800 // Disallow malloc or panic while holding the heap lock. We do 1801 // this here because this is a non-mallocgc entry-point to 1802 // the mheap API. 1803 gp := getg() 1804 gp.m.mallocing++ 1805 1806 // Force scavenge everything. 1807 released := h.pages.scavenge(^uintptr(0), nil, true) 1808 1809 gp.m.mallocing-- 1810 1811 if debug.scavtrace > 0 { 1812 printScavTrace(0, released, true) 1813 } 1814 } 1815 1816 //go:linkname runtime_debug_freeOSMemory runtime/debug.freeOSMemory 1817 func runtime_debug_freeOSMemory() { 1818 GC() 1819 systemstack(func() { mheap_.scavengeAll() }) 1820 } 1821 1822 // Initialize a new span with the given start and npages. 1823 func (span *mspan) init(base uintptr, npages uintptr) { 1824 // span is *not* zeroed. 1825 span.next = nil 1826 span.prev = nil 1827 span.list = nil 1828 span.startAddr = base 1829 span.npages = npages 1830 span.limit = base + npages*gc.PageSize // see go.dev/issue/74288; adjusted later for heap spans 1831 span.allocCount = 0 1832 span.spanclass = 0 1833 span.elemsize = 0 1834 span.speciallock.key = 0 1835 span.specials = nil 1836 span.needzero = 0 1837 span.freeindex = 0 1838 span.freeIndexForScan = 0 1839 span.allocBits = nil 1840 span.gcmarkBits = nil 1841 span.pinnerBits = nil 1842 span.state.set(mSpanDead) 1843 lockInit(&span.speciallock, lockRankMspanSpecial) 1844 } 1845 1846 func (span *mspan) inList() bool { 1847 return span.list != nil 1848 } 1849 1850 // mSpanList heads a linked list of spans. 1851 type mSpanList struct { 1852 _ sys.NotInHeap 1853 first *mspan // first span in list, or nil if none 1854 last *mspan // last span in list, or nil if none 1855 } 1856 1857 // Initialize an empty doubly-linked list. 1858 func (list *mSpanList) init() { 1859 list.first = nil 1860 list.last = nil 1861 } 1862 1863 func (list *mSpanList) remove(span *mspan) { 1864 if span.list != list { 1865 print("runtime: failed mSpanList.remove span.npages=", span.npages, 1866 " span=", span, " prev=", span.prev, " span.list=", span.list, " list=", list, "\n") 1867 throw("mSpanList.remove") 1868 } 1869 if list.first == span { 1870 list.first = span.next 1871 } else { 1872 span.prev.next = span.next 1873 } 1874 if list.last == span { 1875 list.last = span.prev 1876 } else { 1877 span.next.prev = span.prev 1878 } 1879 span.next = nil 1880 span.prev = nil 1881 span.list = nil 1882 } 1883 1884 func (list *mSpanList) isEmpty() bool { 1885 return list.first == nil 1886 } 1887 1888 func (list *mSpanList) insert(span *mspan) { 1889 if span.next != nil || span.prev != nil || span.list != nil { 1890 println("runtime: failed mSpanList.insert", span, span.next, span.prev, span.list) 1891 throw("mSpanList.insert") 1892 } 1893 span.next = list.first 1894 if list.first != nil { 1895 // The list contains at least one span; link it in. 1896 // The last span in the list doesn't change. 1897 list.first.prev = span 1898 } else { 1899 // The list contains no spans, so this is also the last span. 1900 list.last = span 1901 } 1902 list.first = span 1903 span.list = list 1904 } 1905 1906 func (list *mSpanList) insertBack(span *mspan) { 1907 if span.next != nil || span.prev != nil || span.list != nil { 1908 println("runtime: failed mSpanList.insertBack", span, span.next, span.prev, span.list) 1909 throw("mSpanList.insertBack") 1910 } 1911 span.prev = list.last 1912 if list.last != nil { 1913 // The list contains at least one span. 1914 list.last.next = span 1915 } else { 1916 // The list contains no spans, so this is also the first span. 1917 list.first = span 1918 } 1919 list.last = span 1920 span.list = list 1921 } 1922 1923 // takeAll removes all spans from other and inserts them at the front 1924 // of list. 1925 func (list *mSpanList) takeAll(other *mSpanList) { 1926 if other.isEmpty() { 1927 return 1928 } 1929 1930 // Reparent everything in other to list. 1931 for s := other.first; s != nil; s = s.next { 1932 s.list = list 1933 } 1934 1935 // Concatenate the lists. 1936 if list.isEmpty() { 1937 *list = *other 1938 } else { 1939 // Neither list is empty. Put other before list. 1940 other.last.next = list.first 1941 list.first.prev = other.last 1942 list.first = other.first 1943 } 1944 1945 other.first, other.last = nil, nil 1946 } 1947 1948 const ( 1949 // _KindSpecialTinyBlock indicates that a given allocation is a tiny block. 1950 // Ordered before KindSpecialFinalizer and KindSpecialCleanup so that it 1951 // always appears first in the specials list. 1952 // Used only if debug.checkfinalizers != 0. 1953 _KindSpecialTinyBlock = 1 1954 // _KindSpecialFinalizer is for tracking finalizers. 1955 _KindSpecialFinalizer = 2 1956 // _KindSpecialWeakHandle is used for creating weak pointers. 1957 _KindSpecialWeakHandle = 3 1958 // _KindSpecialProfile is for memory profiling. 1959 _KindSpecialProfile = 4 1960 // _KindSpecialReachable is a special used for tracking 1961 // reachability during testing. 1962 _KindSpecialReachable = 5 1963 // _KindSpecialPinCounter is a special used for objects that are pinned 1964 // multiple times 1965 _KindSpecialPinCounter = 6 1966 // _KindSpecialCleanup is for tracking cleanups. 1967 _KindSpecialCleanup = 7 1968 // _KindSpecialCheckFinalizer adds additional context to a finalizer or cleanup. 1969 // Used only if debug.checkfinalizers != 0. 1970 _KindSpecialCheckFinalizer = 8 1971 // _KindSpecialBubble is used to associate objects with synctest bubbles. 1972 _KindSpecialBubble = 9 1973 ) 1974 1975 type special struct { 1976 _ sys.NotInHeap 1977 next *special // linked list in span 1978 offset uintptr // span offset of object 1979 kind byte // kind of special 1980 } 1981 1982 // spanHasSpecials marks a span as having specials in the arena bitmap. 1983 func spanHasSpecials(s *mspan) { 1984 arenaPage := (s.base() / pageSize) % pagesPerArena 1985 ai := arenaIndex(s.base()) 1986 ha := mheap_.arenas[ai.l1()][ai.l2()] 1987 atomic.Or8(&ha.pageSpecials[arenaPage/8], uint8(1)<<(arenaPage%8)) 1988 } 1989 1990 // spanHasNoSpecials marks a span as having no specials in the arena bitmap. 1991 func spanHasNoSpecials(s *mspan) { 1992 arenaPage := (s.base() / pageSize) % pagesPerArena 1993 ai := arenaIndex(s.base()) 1994 ha := mheap_.arenas[ai.l1()][ai.l2()] 1995 atomic.And8(&ha.pageSpecials[arenaPage/8], ^(uint8(1) << (arenaPage % 8))) 1996 } 1997 1998 // addspecial adds the special record s to the list of special records for 1999 // the object p. All fields of s should be filled in except for 2000 // offset & next, which this routine will fill in. 2001 // Returns true if the special was successfully added, false otherwise. 2002 // (The add will fail only if a record with the same p and s->kind 2003 // already exists unless force is set to true.) 2004 func addspecial(p unsafe.Pointer, s *special, force bool) bool { 2005 span := spanOfHeap(uintptr(p)) 2006 if span == nil { 2007 throw("addspecial on invalid pointer") 2008 } 2009 2010 // Ensure that the span is swept. 2011 // Sweeping accesses the specials list w/o locks, so we have 2012 // to synchronize with it. And it's just much safer. 2013 mp := acquirem() 2014 span.ensureSwept() 2015 2016 offset := uintptr(p) - span.base() 2017 kind := s.kind 2018 2019 lock(&span.speciallock) 2020 2021 // Find splice point, check for existing record. 2022 iter, exists := span.specialFindSplicePoint(offset, kind) 2023 if !exists || force { 2024 // Splice in record, fill in offset. 2025 s.offset = offset 2026 s.next = *iter 2027 *iter = s 2028 spanHasSpecials(span) 2029 } 2030 2031 unlock(&span.speciallock) 2032 releasem(mp) 2033 // We're converting p to a uintptr and looking it up, and we 2034 // don't want it to die and get swept while we're doing so. 2035 KeepAlive(p) 2036 return !exists || force // already exists or addition was forced 2037 } 2038 2039 // Removes the Special record of the given kind for the object p. 2040 // Returns the record if the record existed, nil otherwise. 2041 // The caller must FixAlloc_Free the result. 2042 func removespecial(p unsafe.Pointer, kind uint8) *special { 2043 span := spanOfHeap(uintptr(p)) 2044 if span == nil { 2045 throw("removespecial on invalid pointer") 2046 } 2047 2048 // Ensure that the span is swept. 2049 // Sweeping accesses the specials list w/o locks, so we have 2050 // to synchronize with it. And it's just much safer. 2051 mp := acquirem() 2052 span.ensureSwept() 2053 2054 offset := uintptr(p) - span.base() 2055 2056 var result *special 2057 lock(&span.speciallock) 2058 2059 iter, exists := span.specialFindSplicePoint(offset, kind) 2060 if exists { 2061 s := *iter 2062 *iter = s.next 2063 result = s 2064 } 2065 if span.specials == nil { 2066 spanHasNoSpecials(span) 2067 } 2068 unlock(&span.speciallock) 2069 releasem(mp) 2070 return result 2071 } 2072 2073 // Find a splice point in the sorted list and check for an already existing 2074 // record. Returns a pointer to the next-reference in the list predecessor. 2075 // Returns true, if the referenced item is an exact match. 2076 func (span *mspan) specialFindSplicePoint(offset uintptr, kind byte) (**special, bool) { 2077 // Find splice point, check for existing record. 2078 iter := &span.specials 2079 found := false 2080 for { 2081 s := *iter 2082 if s == nil { 2083 break 2084 } 2085 if offset == s.offset && kind == s.kind { 2086 found = true 2087 break 2088 } 2089 if offset < s.offset || (offset == s.offset && kind < s.kind) { 2090 break 2091 } 2092 iter = &s.next 2093 } 2094 return iter, found 2095 } 2096 2097 // The described object has a finalizer set for it. 2098 // 2099 // specialfinalizer is allocated from non-GC'd memory, so any heap 2100 // pointers must be specially handled. 2101 type specialfinalizer struct { 2102 _ sys.NotInHeap 2103 special special 2104 fn *funcval // May be a heap pointer. 2105 nret uintptr 2106 fint *_type // May be a heap pointer, but always live. 2107 ot *ptrtype // May be a heap pointer, but always live. 2108 } 2109 2110 // Adds a finalizer to the object p. Returns true if it succeeded. 2111 func addfinalizer(p unsafe.Pointer, f *funcval, nret uintptr, fint *_type, ot *ptrtype) bool { 2112 lock(&mheap_.speciallock) 2113 s := (*specialfinalizer)(mheap_.specialfinalizeralloc.alloc()) 2114 unlock(&mheap_.speciallock) 2115 s.special.kind = _KindSpecialFinalizer 2116 s.fn = f 2117 s.nret = nret 2118 s.fint = fint 2119 s.ot = ot 2120 if addspecial(p, &s.special, false) { 2121 // This is responsible for maintaining the same 2122 // GC-related invariants as markrootSpans in any 2123 // situation where it's possible that markrootSpans 2124 // has already run but mark termination hasn't yet. 2125 if gcphase != _GCoff { 2126 base, span, _ := findObject(uintptr(p), 0, 0) 2127 mp := acquirem() 2128 gcw := &mp.p.ptr().gcw 2129 // Mark everything reachable from the object 2130 // so it's retained for the finalizer. 2131 if !span.spanclass.noscan() { 2132 scanObject(base, gcw) 2133 } 2134 // Mark the finalizer itself, since the 2135 // special isn't part of the GC'd heap. 2136 scanblock(uintptr(unsafe.Pointer(&s.fn)), goarch.PtrSize, &oneptrmask[0], gcw, nil) 2137 releasem(mp) 2138 } 2139 return true 2140 } 2141 2142 // There was an old finalizer 2143 lock(&mheap_.speciallock) 2144 mheap_.specialfinalizeralloc.free(unsafe.Pointer(s)) 2145 unlock(&mheap_.speciallock) 2146 return false 2147 } 2148 2149 // Removes the finalizer (if any) from the object p. 2150 func removefinalizer(p unsafe.Pointer) { 2151 s := (*specialfinalizer)(unsafe.Pointer(removespecial(p, _KindSpecialFinalizer))) 2152 if s == nil { 2153 return // there wasn't a finalizer to remove 2154 } 2155 lock(&mheap_.speciallock) 2156 mheap_.specialfinalizeralloc.free(unsafe.Pointer(s)) 2157 unlock(&mheap_.speciallock) 2158 } 2159 2160 // The described object has a cleanup set for it. 2161 type specialCleanup struct { 2162 _ sys.NotInHeap 2163 special special 2164 fn *funcval 2165 // Globally unique ID for the cleanup, obtained from mheap_.cleanupID. 2166 id uint64 2167 } 2168 2169 // addCleanup attaches a cleanup function to the object. Multiple 2170 // cleanups are allowed on an object, and even the same pointer. 2171 // A cleanup id is returned which can be used to uniquely identify 2172 // the cleanup. 2173 func addCleanup(p unsafe.Pointer, f *funcval) uint64 { 2174 lock(&mheap_.speciallock) 2175 s := (*specialCleanup)(mheap_.specialCleanupAlloc.alloc()) 2176 mheap_.cleanupID++ // Increment first. ID 0 is reserved. 2177 id := mheap_.cleanupID 2178 unlock(&mheap_.speciallock) 2179 s.special.kind = _KindSpecialCleanup 2180 s.fn = f 2181 s.id = id 2182 2183 mp := acquirem() 2184 addspecial(p, &s.special, true) 2185 // This is responsible for maintaining the same 2186 // GC-related invariants as markrootSpans in any 2187 // situation where it's possible that markrootSpans 2188 // has already run but mark termination hasn't yet. 2189 if gcphase != _GCoff { 2190 gcw := &mp.p.ptr().gcw 2191 // Mark the cleanup itself, since the 2192 // special isn't part of the GC'd heap. 2193 scanblock(uintptr(unsafe.Pointer(&s.fn)), goarch.PtrSize, &oneptrmask[0], gcw, nil) 2194 } 2195 releasem(mp) 2196 // Keep f alive. There's a window in this function where it's 2197 // only reachable via the special while the special hasn't been 2198 // added to the specials list yet. This is similar to a bug 2199 // discovered for weak handles, see #70455. 2200 KeepAlive(f) 2201 return id 2202 } 2203 2204 // Always paired with a specialCleanup or specialfinalizer, adds context. 2205 type specialCheckFinalizer struct { 2206 _ sys.NotInHeap 2207 special special 2208 cleanupID uint64 // Needed to disambiguate cleanups. 2209 createPC uintptr 2210 funcPC uintptr 2211 ptrType *_type 2212 } 2213 2214 // setFinalizerContext adds a specialCheckFinalizer to ptr. ptr must already have a 2215 // finalizer special attached. 2216 func setFinalizerContext(ptr unsafe.Pointer, ptrType *_type, createPC, funcPC uintptr) { 2217 setCleanupContext(ptr, ptrType, createPC, funcPC, 0) 2218 } 2219 2220 // setCleanupContext adds a specialCheckFinalizer to ptr. ptr must already have a 2221 // finalizer or cleanup special attached. Pass 0 for the cleanupID to indicate 2222 // a finalizer. 2223 func setCleanupContext(ptr unsafe.Pointer, ptrType *_type, createPC, funcPC uintptr, cleanupID uint64) { 2224 lock(&mheap_.speciallock) 2225 s := (*specialCheckFinalizer)(mheap_.specialCheckFinalizerAlloc.alloc()) 2226 unlock(&mheap_.speciallock) 2227 s.special.kind = _KindSpecialCheckFinalizer 2228 s.cleanupID = cleanupID 2229 s.createPC = createPC 2230 s.funcPC = funcPC 2231 s.ptrType = ptrType 2232 2233 mp := acquirem() 2234 addspecial(ptr, &s.special, true) 2235 releasem(mp) 2236 KeepAlive(ptr) 2237 } 2238 2239 func getCleanupContext(ptr uintptr, cleanupID uint64) *specialCheckFinalizer { 2240 assertWorldStopped() 2241 2242 span := spanOfHeap(ptr) 2243 if span == nil { 2244 return nil 2245 } 2246 var found *specialCheckFinalizer 2247 offset := ptr - span.base() 2248 iter, exists := span.specialFindSplicePoint(offset, _KindSpecialCheckFinalizer) 2249 if exists { 2250 for { 2251 s := *iter 2252 if s == nil { 2253 // Reached the end of the linked list. Stop searching at this point. 2254 break 2255 } 2256 if offset == s.offset && _KindSpecialCheckFinalizer == s.kind && 2257 (*specialCheckFinalizer)(unsafe.Pointer(s)).cleanupID == cleanupID { 2258 // The special is a cleanup and contains a matching cleanup id. 2259 *iter = s.next 2260 found = (*specialCheckFinalizer)(unsafe.Pointer(s)) 2261 break 2262 } 2263 if offset < s.offset || (offset == s.offset && _KindSpecialCheckFinalizer < s.kind) { 2264 // The special is outside the region specified for that kind of 2265 // special. The specials are sorted by kind. 2266 break 2267 } 2268 // Try the next special. 2269 iter = &s.next 2270 } 2271 } 2272 return found 2273 } 2274 2275 // clearFinalizerContext removes the specialCheckFinalizer for the given pointer, if any. 2276 func clearFinalizerContext(ptr uintptr) { 2277 clearCleanupContext(ptr, 0) 2278 } 2279 2280 // clearFinalizerContext removes the specialCheckFinalizer for the given pointer and cleanup ID, if any. 2281 func clearCleanupContext(ptr uintptr, cleanupID uint64) { 2282 // The following block removes the Special record of type cleanup for the object c.ptr. 2283 span := spanOfHeap(ptr) 2284 if span == nil { 2285 return 2286 } 2287 // Ensure that the span is swept. 2288 // Sweeping accesses the specials list w/o locks, so we have 2289 // to synchronize with it. And it's just much safer. 2290 mp := acquirem() 2291 span.ensureSwept() 2292 2293 offset := ptr - span.base() 2294 2295 var found *special 2296 lock(&span.speciallock) 2297 2298 iter, exists := span.specialFindSplicePoint(offset, _KindSpecialCheckFinalizer) 2299 if exists { 2300 for { 2301 s := *iter 2302 if s == nil { 2303 // Reached the end of the linked list. Stop searching at this point. 2304 break 2305 } 2306 if offset == s.offset && _KindSpecialCheckFinalizer == s.kind && 2307 (*specialCheckFinalizer)(unsafe.Pointer(s)).cleanupID == cleanupID { 2308 // The special is a cleanup and contains a matching cleanup id. 2309 *iter = s.next 2310 found = s 2311 break 2312 } 2313 if offset < s.offset || (offset == s.offset && _KindSpecialCheckFinalizer < s.kind) { 2314 // The special is outside the region specified for that kind of 2315 // special. The specials are sorted by kind. 2316 break 2317 } 2318 // Try the next special. 2319 iter = &s.next 2320 } 2321 } 2322 if span.specials == nil { 2323 spanHasNoSpecials(span) 2324 } 2325 unlock(&span.speciallock) 2326 releasem(mp) 2327 2328 if found == nil { 2329 return 2330 } 2331 lock(&mheap_.speciallock) 2332 mheap_.specialCheckFinalizerAlloc.free(unsafe.Pointer(found)) 2333 unlock(&mheap_.speciallock) 2334 } 2335 2336 // Indicates that an allocation is a tiny block. 2337 // Used only if debug.checkfinalizers != 0. 2338 type specialTinyBlock struct { 2339 _ sys.NotInHeap 2340 special special 2341 } 2342 2343 // setTinyBlockContext marks an allocation as a tiny block to diagnostics like 2344 // checkfinalizer. 2345 // 2346 // A tiny block is only marked if it actually contains more than one distinct 2347 // value, since we're using this for debugging. 2348 func setTinyBlockContext(ptr unsafe.Pointer) { 2349 lock(&mheap_.speciallock) 2350 s := (*specialTinyBlock)(mheap_.specialTinyBlockAlloc.alloc()) 2351 unlock(&mheap_.speciallock) 2352 s.special.kind = _KindSpecialTinyBlock 2353 2354 mp := acquirem() 2355 addspecial(ptr, &s.special, false) 2356 releasem(mp) 2357 KeepAlive(ptr) 2358 } 2359 2360 // inTinyBlock returns whether ptr is in a tiny alloc block, at one point grouped 2361 // with other distinct values. 2362 func inTinyBlock(ptr uintptr) bool { 2363 assertWorldStopped() 2364 2365 ptr = alignDown(ptr, maxTinySize) 2366 span := spanOfHeap(ptr) 2367 if span == nil { 2368 return false 2369 } 2370 offset := ptr - span.base() 2371 _, exists := span.specialFindSplicePoint(offset, _KindSpecialTinyBlock) 2372 return exists 2373 } 2374 2375 // The described object has a weak pointer. 2376 // 2377 // Weak pointers in the GC have the following invariants: 2378 // 2379 // - Strong-to-weak conversions must ensure the strong pointer 2380 // remains live until the weak handle is installed. This ensures 2381 // that creating a weak pointer cannot fail. 2382 // 2383 // - Weak-to-strong conversions require the weakly-referenced 2384 // object to be swept before the conversion may proceed. This 2385 // ensures that weak-to-strong conversions cannot resurrect 2386 // dead objects by sweeping them before that happens. 2387 // 2388 // - Weak handles are unique and canonical for each byte offset into 2389 // an object that a strong pointer may point to, until an object 2390 // becomes unreachable. 2391 // 2392 // - Weak handles contain nil as soon as an object becomes unreachable 2393 // the first time, before a finalizer makes it reachable again. New 2394 // weak handles created after resurrection are newly unique. 2395 // 2396 // specialWeakHandle is allocated from non-GC'd memory, so any heap 2397 // pointers must be specially handled. 2398 type specialWeakHandle struct { 2399 _ sys.NotInHeap 2400 special special 2401 // handle is a reference to the actual weak pointer. 2402 // It is always heap-allocated and must be explicitly kept 2403 // live so long as this special exists. 2404 handle *atomic.Uintptr 2405 } 2406 2407 //go:linkname internal_weak_runtime_registerWeakPointer weak.runtime_registerWeakPointer 2408 func internal_weak_runtime_registerWeakPointer(p unsafe.Pointer) unsafe.Pointer { 2409 return unsafe.Pointer(getOrAddWeakHandle(p)) 2410 } 2411 2412 //go:linkname internal_weak_runtime_makeStrongFromWeak weak.runtime_makeStrongFromWeak 2413 func internal_weak_runtime_makeStrongFromWeak(u unsafe.Pointer) unsafe.Pointer { 2414 handle := (*atomic.Uintptr)(u) 2415 2416 // Prevent preemption. We want to make sure that another GC cycle can't start 2417 // and that work.strongFromWeak.block can't change out from under us. 2418 mp := acquirem() 2419 2420 // Yield to the GC if necessary. 2421 if work.strongFromWeak.block { 2422 releasem(mp) 2423 2424 // Try to park and wait for mark termination. 2425 // N.B. gcParkStrongFromWeak calls acquirem before returning. 2426 mp = gcParkStrongFromWeak() 2427 } 2428 2429 p := handle.Load() 2430 if p == 0 { 2431 releasem(mp) 2432 return nil 2433 } 2434 // Be careful. p may or may not refer to valid memory anymore, as it could've been 2435 // swept and released already. It's always safe to ensure a span is swept, though, 2436 // even if it's just some random span. 2437 span := spanOfHeap(p) 2438 if span == nil { 2439 // If it's immortal, then just return the pointer. 2440 // 2441 // Stay non-preemptible so the GC can't see us convert this potentially 2442 // completely bogus value to an unsafe.Pointer. 2443 if isGoPointerWithoutSpan(unsafe.Pointer(p)) { 2444 releasem(mp) 2445 return unsafe.Pointer(p) 2446 } 2447 // It's heap-allocated, so the span probably just got swept and released. 2448 releasem(mp) 2449 return nil 2450 } 2451 // Ensure the span is swept. 2452 span.ensureSwept() 2453 2454 // Now we can trust whatever we get from handle, so make a strong pointer. 2455 // 2456 // Even if we just swept some random span that doesn't contain this object, because 2457 // this object is long dead and its memory has since been reused, we'll just observe nil. 2458 ptr := unsafe.Pointer(handle.Load()) 2459 2460 // This is responsible for maintaining the same GC-related 2461 // invariants as the Yuasa part of the write barrier. During 2462 // the mark phase, it's possible that we just created the only 2463 // valid pointer to the object pointed to by ptr. If it's only 2464 // ever referenced from our stack, and our stack is blackened 2465 // already, we could fail to mark it. So, mark it now. 2466 if gcphase != _GCoff { 2467 shade(uintptr(ptr)) 2468 } 2469 releasem(mp) 2470 2471 // Explicitly keep ptr alive. This seems unnecessary since we return ptr, 2472 // but let's be explicit since it's important we keep ptr alive across the 2473 // call to shade. 2474 KeepAlive(ptr) 2475 return ptr 2476 } 2477 2478 // gcParkStrongFromWeak puts the current goroutine on the weak->strong queue and parks. 2479 func gcParkStrongFromWeak() *m { 2480 // Prevent preemption as we check strongFromWeak, so it can't change out from under us. 2481 mp := acquirem() 2482 2483 for work.strongFromWeak.block { 2484 lock(&work.strongFromWeak.lock) 2485 releasem(mp) // N.B. Holding the lock prevents preemption. 2486 2487 // Queue ourselves up. 2488 work.strongFromWeak.q.pushBack(getg()) 2489 2490 // Park. 2491 goparkunlock(&work.strongFromWeak.lock, waitReasonGCWeakToStrongWait, traceBlockGCWeakToStrongWait, 2) 2492 2493 // Re-acquire the current M since we're going to check the condition again. 2494 mp = acquirem() 2495 2496 // Re-check condition. We may have awoken in the next GC's mark termination phase. 2497 } 2498 return mp 2499 } 2500 2501 // gcWakeAllStrongFromWeak wakes all currently blocked weak->strong 2502 // conversions. This is used at the end of a GC cycle. 2503 // 2504 // work.strongFromWeak.block must be false to prevent woken goroutines 2505 // from immediately going back to sleep. 2506 func gcWakeAllStrongFromWeak() { 2507 lock(&work.strongFromWeak.lock) 2508 list := work.strongFromWeak.q.popList() 2509 injectglist(&list) 2510 unlock(&work.strongFromWeak.lock) 2511 } 2512 2513 // Retrieves or creates a weak pointer handle for the object p. 2514 func getOrAddWeakHandle(p unsafe.Pointer) *atomic.Uintptr { 2515 if debug.sbrk != 0 { 2516 // debug.sbrk never frees memory, so it'll never go nil. However, we do still 2517 // need a weak handle that's specific to p. Use the immortal weak handle map. 2518 // Keep p alive across the call to getOrAdd defensively, though it doesn't 2519 // really matter in this particular case. 2520 handle := mheap_.immortalWeakHandles.getOrAdd(uintptr(p)) 2521 KeepAlive(p) 2522 return handle 2523 } 2524 2525 // First try to retrieve without allocating. 2526 if handle := getWeakHandle(p); handle != nil { 2527 // Keep p alive for the duration of the function to ensure 2528 // that it cannot die while we're trying to do this. 2529 KeepAlive(p) 2530 return handle 2531 } 2532 2533 lock(&mheap_.speciallock) 2534 s := (*specialWeakHandle)(mheap_.specialWeakHandleAlloc.alloc()) 2535 unlock(&mheap_.speciallock) 2536 2537 handle := new(atomic.Uintptr) 2538 s.special.kind = _KindSpecialWeakHandle 2539 s.handle = handle 2540 handle.Store(uintptr(p)) 2541 if addspecial(p, &s.special, false) { 2542 // This is responsible for maintaining the same 2543 // GC-related invariants as markrootSpans in any 2544 // situation where it's possible that markrootSpans 2545 // has already run but mark termination hasn't yet. 2546 if gcphase != _GCoff { 2547 mp := acquirem() 2548 gcw := &mp.p.ptr().gcw 2549 // Mark the weak handle itself, since the 2550 // special isn't part of the GC'd heap. 2551 scanblock(uintptr(unsafe.Pointer(&s.handle)), goarch.PtrSize, &oneptrmask[0], gcw, nil) 2552 releasem(mp) 2553 } 2554 2555 // Keep p alive for the duration of the function to ensure 2556 // that it cannot die while we're trying to do this. 2557 // 2558 // Same for handle, which is only stored in the special. 2559 // There's a window where it might die if we don't keep it 2560 // alive explicitly. Returning it here is probably good enough, 2561 // but let's be defensive and explicit. See #70455. 2562 KeepAlive(p) 2563 KeepAlive(handle) 2564 return handle 2565 } 2566 2567 // There was an existing handle. Free the special 2568 // and try again. We must succeed because we're explicitly 2569 // keeping p live until the end of this function. Either 2570 // we, or someone else, must have succeeded, because we can 2571 // only fail in the event of a race, and p will still be 2572 // be valid no matter how much time we spend here. 2573 lock(&mheap_.speciallock) 2574 mheap_.specialWeakHandleAlloc.free(unsafe.Pointer(s)) 2575 unlock(&mheap_.speciallock) 2576 2577 handle = getWeakHandle(p) 2578 if handle == nil { 2579 throw("failed to get or create weak handle") 2580 } 2581 2582 // Keep p alive for the duration of the function to ensure 2583 // that it cannot die while we're trying to do this. 2584 // 2585 // Same for handle, just to be defensive. 2586 KeepAlive(p) 2587 KeepAlive(handle) 2588 return handle 2589 } 2590 2591 func getWeakHandle(p unsafe.Pointer) *atomic.Uintptr { 2592 span := spanOfHeap(uintptr(p)) 2593 if span == nil { 2594 if isGoPointerWithoutSpan(p) { 2595 return mheap_.immortalWeakHandles.getOrAdd(uintptr(p)) 2596 } 2597 throw("getWeakHandle on invalid pointer") 2598 } 2599 2600 // Ensure that the span is swept. 2601 // Sweeping accesses the specials list w/o locks, so we have 2602 // to synchronize with it. And it's just much safer. 2603 mp := acquirem() 2604 span.ensureSwept() 2605 2606 offset := uintptr(p) - span.base() 2607 2608 lock(&span.speciallock) 2609 2610 // Find the existing record and return the handle if one exists. 2611 var handle *atomic.Uintptr 2612 iter, exists := span.specialFindSplicePoint(offset, _KindSpecialWeakHandle) 2613 if exists { 2614 handle = ((*specialWeakHandle)(unsafe.Pointer(*iter))).handle 2615 } 2616 unlock(&span.speciallock) 2617 releasem(mp) 2618 2619 // Keep p alive for the duration of the function to ensure 2620 // that it cannot die while we're trying to do this. 2621 KeepAlive(p) 2622 return handle 2623 } 2624 2625 type immortalWeakHandleMap struct { 2626 root atomic.UnsafePointer // *immortalWeakHandle (can't use generics because it's notinheap) 2627 } 2628 2629 // immortalWeakHandle is a lock-free append-only hash-trie. 2630 // 2631 // Key features: 2632 // - 2-ary trie. Child nodes are indexed by the highest bit (remaining) of the hash of the address. 2633 // - New nodes are placed at the first empty level encountered. 2634 // - When the first child is added to a node, the existing value is not moved into a child. 2635 // This means that we must check the value at each level, not just at the leaf. 2636 // - No deletion or rebalancing. 2637 // - Intentionally devolves into a linked list on hash collisions (the hash bits will all 2638 // get shifted out during iteration, and new nodes will just be appended to the 0th child). 2639 type immortalWeakHandle struct { 2640 _ sys.NotInHeap 2641 2642 children [2]atomic.UnsafePointer // *immortalObjectMapNode (can't use generics because it's notinheap) 2643 ptr uintptr // &ptr is the weak handle 2644 } 2645 2646 // handle returns a canonical weak handle. 2647 func (h *immortalWeakHandle) handle() *atomic.Uintptr { 2648 // N.B. Since we just need an *atomic.Uintptr that never changes, we can trivially 2649 // reference ptr to save on some memory in immortalWeakHandle and avoid extra atomics 2650 // in getOrAdd. 2651 return (*atomic.Uintptr)(unsafe.Pointer(&h.ptr)) 2652 } 2653 2654 // getOrAdd introduces p, which must be a pointer to immortal memory (for example, a linker-allocated 2655 // object) and returns a weak handle. The weak handle will never become nil. 2656 func (tab *immortalWeakHandleMap) getOrAdd(p uintptr) *atomic.Uintptr { 2657 var newNode *immortalWeakHandle 2658 m := &tab.root 2659 hash := memhash(abi.NoEscape(unsafe.Pointer(&p)), 0, goarch.PtrSize) 2660 hashIter := hash 2661 for { 2662 n := (*immortalWeakHandle)(m.Load()) 2663 if n == nil { 2664 // Try to insert a new map node. We may end up discarding 2665 // this node if we fail to insert because it turns out the 2666 // value is already in the map. 2667 // 2668 // The discard will only happen if two threads race on inserting 2669 // the same value. Both might create nodes, but only one will 2670 // succeed on insertion. If two threads race to insert two 2671 // different values, then both nodes will *always* get inserted, 2672 // because the equality checking below will always fail. 2673 // 2674 // Performance note: contention on insertion is likely to be 2675 // higher for small maps, but since this data structure is 2676 // append-only, either the map stays small because there isn't 2677 // much activity, or the map gets big and races to insert on 2678 // the same node are much less likely. 2679 if newNode == nil { 2680 newNode = (*immortalWeakHandle)(persistentalloc(unsafe.Sizeof(immortalWeakHandle{}), goarch.PtrSize, &memstats.gcMiscSys)) 2681 newNode.ptr = p 2682 } 2683 if m.CompareAndSwapNoWB(nil, unsafe.Pointer(newNode)) { 2684 return newNode.handle() 2685 } 2686 // Reload n. Because pointers are only stored once, 2687 // we must have lost the race, and therefore n is not nil 2688 // anymore. 2689 n = (*immortalWeakHandle)(m.Load()) 2690 } 2691 if n.ptr == p { 2692 return n.handle() 2693 } 2694 m = &n.children[hashIter>>(8*goarch.PtrSize-1)] 2695 hashIter <<= 1 2696 } 2697 } 2698 2699 // The described object is being heap profiled. 2700 type specialprofile struct { 2701 _ sys.NotInHeap 2702 special special 2703 b *bucket 2704 } 2705 2706 // Set the heap profile bucket associated with addr to b. 2707 func setprofilebucket(p unsafe.Pointer, b *bucket) { 2708 lock(&mheap_.speciallock) 2709 s := (*specialprofile)(mheap_.specialprofilealloc.alloc()) 2710 unlock(&mheap_.speciallock) 2711 s.special.kind = _KindSpecialProfile 2712 s.b = b 2713 if !addspecial(p, &s.special, false) { 2714 throw("setprofilebucket: profile already set") 2715 } 2716 } 2717 2718 // specialReachable tracks whether an object is reachable on the next 2719 // GC cycle. This is used by testing. 2720 type specialReachable struct { 2721 special special 2722 done bool 2723 reachable bool 2724 } 2725 2726 // specialPinCounter tracks whether an object is pinned multiple times. 2727 type specialPinCounter struct { 2728 special special 2729 counter uintptr 2730 } 2731 2732 // specialsIter helps iterate over specials lists. 2733 type specialsIter struct { 2734 pprev **special 2735 s *special 2736 } 2737 2738 func newSpecialsIter(span *mspan) specialsIter { 2739 return specialsIter{&span.specials, span.specials} 2740 } 2741 2742 func (i *specialsIter) valid() bool { 2743 return i.s != nil 2744 } 2745 2746 func (i *specialsIter) next() { 2747 i.pprev = &i.s.next 2748 i.s = *i.pprev 2749 } 2750 2751 // unlinkAndNext removes the current special from the list and moves 2752 // the iterator to the next special. It returns the unlinked special. 2753 func (i *specialsIter) unlinkAndNext() *special { 2754 cur := i.s 2755 i.s = cur.next 2756 *i.pprev = i.s 2757 return cur 2758 } 2759 2760 // freeSpecial performs any cleanup on special s and deallocates it. 2761 // s must already be unlinked from the specials list. 2762 func freeSpecial(s *special, p unsafe.Pointer, size uintptr) { 2763 switch s.kind { 2764 case _KindSpecialFinalizer: 2765 sf := (*specialfinalizer)(unsafe.Pointer(s)) 2766 queuefinalizer(p, sf.fn, sf.nret, sf.fint, sf.ot) 2767 lock(&mheap_.speciallock) 2768 mheap_.specialfinalizeralloc.free(unsafe.Pointer(sf)) 2769 unlock(&mheap_.speciallock) 2770 case _KindSpecialWeakHandle: 2771 sw := (*specialWeakHandle)(unsafe.Pointer(s)) 2772 sw.handle.Store(0) 2773 lock(&mheap_.speciallock) 2774 mheap_.specialWeakHandleAlloc.free(unsafe.Pointer(s)) 2775 unlock(&mheap_.speciallock) 2776 case _KindSpecialProfile: 2777 sp := (*specialprofile)(unsafe.Pointer(s)) 2778 mProf_Free(sp.b, size) 2779 lock(&mheap_.speciallock) 2780 mheap_.specialprofilealloc.free(unsafe.Pointer(sp)) 2781 unlock(&mheap_.speciallock) 2782 case _KindSpecialReachable: 2783 sp := (*specialReachable)(unsafe.Pointer(s)) 2784 sp.done = true 2785 // The creator frees these. 2786 case _KindSpecialPinCounter: 2787 lock(&mheap_.speciallock) 2788 mheap_.specialPinCounterAlloc.free(unsafe.Pointer(s)) 2789 unlock(&mheap_.speciallock) 2790 case _KindSpecialCleanup: 2791 sc := (*specialCleanup)(unsafe.Pointer(s)) 2792 // Cleanups, unlike finalizers, do not resurrect the objects 2793 // they're attached to, so we only need to pass the cleanup 2794 // function, not the object. 2795 gcCleanups.enqueue(sc.fn) 2796 lock(&mheap_.speciallock) 2797 mheap_.specialCleanupAlloc.free(unsafe.Pointer(sc)) 2798 unlock(&mheap_.speciallock) 2799 case _KindSpecialCheckFinalizer: 2800 sc := (*specialCheckFinalizer)(unsafe.Pointer(s)) 2801 lock(&mheap_.speciallock) 2802 mheap_.specialCheckFinalizerAlloc.free(unsafe.Pointer(sc)) 2803 unlock(&mheap_.speciallock) 2804 case _KindSpecialTinyBlock: 2805 st := (*specialTinyBlock)(unsafe.Pointer(s)) 2806 lock(&mheap_.speciallock) 2807 mheap_.specialTinyBlockAlloc.free(unsafe.Pointer(st)) 2808 unlock(&mheap_.speciallock) 2809 case _KindSpecialBubble: 2810 st := (*specialBubble)(unsafe.Pointer(s)) 2811 lock(&mheap_.speciallock) 2812 mheap_.specialBubbleAlloc.free(unsafe.Pointer(st)) 2813 unlock(&mheap_.speciallock) 2814 default: 2815 throw("bad special kind") 2816 panic("not reached") 2817 } 2818 } 2819 2820 // gcBits is an alloc/mark bitmap. This is always used as gcBits.x. 2821 type gcBits struct { 2822 _ sys.NotInHeap 2823 x uint8 2824 } 2825 2826 // bytep returns a pointer to the n'th byte of b. 2827 func (b *gcBits) bytep(n uintptr) *uint8 { 2828 return addb(&b.x, n) 2829 } 2830 2831 // bitp returns a pointer to the byte containing bit n and a mask for 2832 // selecting that bit from *bytep. 2833 func (b *gcBits) bitp(n uintptr) (bytep *uint8, mask uint8) { 2834 return b.bytep(n / 8), 1 << (n % 8) 2835 } 2836 2837 const gcBitsChunkBytes = uintptr(64 << 10) 2838 const gcBitsHeaderBytes = unsafe.Sizeof(gcBitsHeader{}) 2839 2840 type gcBitsHeader struct { 2841 free uintptr // free is the index into bits of the next free byte. 2842 next uintptr // *gcBits triggers recursive type bug. (issue 14620) 2843 } 2844 2845 type gcBitsArena struct { 2846 _ sys.NotInHeap 2847 // gcBitsHeader // side step recursive type bug (issue 14620) by including fields by hand. 2848 free uintptr // free is the index into bits of the next free byte; read/write atomically 2849 next *gcBitsArena 2850 bits [gcBitsChunkBytes - gcBitsHeaderBytes]gcBits 2851 } 2852 2853 var gcBitsArenas struct { 2854 lock mutex 2855 free *gcBitsArena 2856 next *gcBitsArena // Read atomically. Write atomically under lock. 2857 current *gcBitsArena 2858 previous *gcBitsArena 2859 } 2860 2861 // tryAlloc allocates from b or returns nil if b does not have enough room. 2862 // This is safe to call concurrently. 2863 func (b *gcBitsArena) tryAlloc(bytes uintptr) *gcBits { 2864 if b == nil || atomic.Loaduintptr(&b.free)+bytes > uintptr(len(b.bits)) { 2865 return nil 2866 } 2867 // Try to allocate from this block. 2868 end := atomic.Xadduintptr(&b.free, bytes) 2869 if end > uintptr(len(b.bits)) { 2870 return nil 2871 } 2872 // There was enough room. 2873 start := end - bytes 2874 return &b.bits[start] 2875 } 2876 2877 // newMarkBits returns a pointer to 8 byte aligned bytes 2878 // to be used for a span's mark bits. 2879 func newMarkBits(nelems uintptr) *gcBits { 2880 blocksNeeded := (nelems + 63) / 64 2881 bytesNeeded := blocksNeeded * 8 2882 2883 // Try directly allocating from the current head arena. 2884 head := (*gcBitsArena)(atomic.Loadp(unsafe.Pointer(&gcBitsArenas.next))) 2885 if p := head.tryAlloc(bytesNeeded); p != nil { 2886 return p 2887 } 2888 2889 // There's not enough room in the head arena. We may need to 2890 // allocate a new arena. 2891 lock(&gcBitsArenas.lock) 2892 // Try the head arena again, since it may have changed. Now 2893 // that we hold the lock, the list head can't change, but its 2894 // free position still can. 2895 if p := gcBitsArenas.next.tryAlloc(bytesNeeded); p != nil { 2896 unlock(&gcBitsArenas.lock) 2897 return p 2898 } 2899 2900 // Allocate a new arena. This may temporarily drop the lock. 2901 fresh := newArenaMayUnlock() 2902 // If newArenaMayUnlock dropped the lock, another thread may 2903 // have put a fresh arena on the "next" list. Try allocating 2904 // from next again. 2905 if p := gcBitsArenas.next.tryAlloc(bytesNeeded); p != nil { 2906 // Put fresh back on the free list. 2907 // TODO: Mark it "already zeroed" 2908 fresh.next = gcBitsArenas.free 2909 gcBitsArenas.free = fresh 2910 unlock(&gcBitsArenas.lock) 2911 return p 2912 } 2913 2914 // Allocate from the fresh arena. We haven't linked it in yet, so 2915 // this cannot race and is guaranteed to succeed. 2916 p := fresh.tryAlloc(bytesNeeded) 2917 if p == nil { 2918 throw("markBits overflow") 2919 } 2920 2921 // Add the fresh arena to the "next" list. 2922 fresh.next = gcBitsArenas.next 2923 atomic.StorepNoWB(unsafe.Pointer(&gcBitsArenas.next), unsafe.Pointer(fresh)) 2924 2925 unlock(&gcBitsArenas.lock) 2926 return p 2927 } 2928 2929 // newAllocBits returns a pointer to 8 byte aligned bytes 2930 // to be used for this span's alloc bits. 2931 // newAllocBits is used to provide newly initialized spans 2932 // allocation bits. For spans not being initialized the 2933 // mark bits are repurposed as allocation bits when 2934 // the span is swept. 2935 func newAllocBits(nelems uintptr) *gcBits { 2936 return newMarkBits(nelems) 2937 } 2938 2939 // nextMarkBitArenaEpoch establishes a new epoch for the arenas 2940 // holding the mark bits. The arenas are named relative to the 2941 // current GC cycle which is demarcated by the call to finishweep_m. 2942 // 2943 // All current spans have been swept. 2944 // During that sweep each span allocated room for its gcmarkBits in 2945 // gcBitsArenas.next block. gcBitsArenas.next becomes the gcBitsArenas.current 2946 // where the GC will mark objects and after each span is swept these bits 2947 // will be used to allocate objects. 2948 // gcBitsArenas.current becomes gcBitsArenas.previous where the span's 2949 // gcAllocBits live until all the spans have been swept during this GC cycle. 2950 // The span's sweep extinguishes all the references to gcBitsArenas.previous 2951 // by pointing gcAllocBits into the gcBitsArenas.current. 2952 // The gcBitsArenas.previous is released to the gcBitsArenas.free list. 2953 func nextMarkBitArenaEpoch() { 2954 lock(&gcBitsArenas.lock) 2955 if gcBitsArenas.previous != nil { 2956 if gcBitsArenas.free == nil { 2957 gcBitsArenas.free = gcBitsArenas.previous 2958 } else { 2959 // Find end of previous arenas. 2960 last := gcBitsArenas.previous 2961 for last = gcBitsArenas.previous; last.next != nil; last = last.next { 2962 } 2963 last.next = gcBitsArenas.free 2964 gcBitsArenas.free = gcBitsArenas.previous 2965 } 2966 } 2967 gcBitsArenas.previous = gcBitsArenas.current 2968 gcBitsArenas.current = gcBitsArenas.next 2969 atomic.StorepNoWB(unsafe.Pointer(&gcBitsArenas.next), nil) // newMarkBits calls newArena when needed 2970 unlock(&gcBitsArenas.lock) 2971 } 2972 2973 // newArenaMayUnlock allocates and zeroes a gcBits arena. 2974 // The caller must hold gcBitsArena.lock. This may temporarily release it. 2975 func newArenaMayUnlock() *gcBitsArena { 2976 var result *gcBitsArena 2977 if gcBitsArenas.free == nil { 2978 unlock(&gcBitsArenas.lock) 2979 result = (*gcBitsArena)(sysAlloc(gcBitsChunkBytes, &memstats.gcMiscSys, "gc bits")) 2980 if result == nil { 2981 throw("runtime: cannot allocate memory") 2982 } 2983 lock(&gcBitsArenas.lock) 2984 } else { 2985 result = gcBitsArenas.free 2986 gcBitsArenas.free = gcBitsArenas.free.next 2987 memclrNoHeapPointers(unsafe.Pointer(result), gcBitsChunkBytes) 2988 } 2989 result.next = nil 2990 // If result.bits is not 8 byte aligned adjust index so 2991 // that &result.bits[result.free] is 8 byte aligned. 2992 if unsafe.Offsetof(gcBitsArena{}.bits)&7 == 0 { 2993 result.free = 0 2994 } else { 2995 result.free = 8 - (uintptr(unsafe.Pointer(&result.bits[0])) & 7) 2996 } 2997 return result 2998 } 2999