commit 392336f94ea783c69ac8ed43bf716ebdc0fc71cd
author Austin Clements <austin@google.com> Thu Mar 26 15:50:22 2015 -0400
committer Austin Clements <austin@google.com> Thu Mar 26 20:38:59 2015 +0000
tree e4876becb5dcf8bc833cd817436afbb7561924b3
parent 400f58a0101717639dafea2f80740bbfb250573c

runtime: disallow write barriers in handoffp and callees

handoffp by definition runs without a P, so it's not allowed to have
write barriers. It doesn't have any right now, but mark it
nowritebarrier to disallow any creeping in in the future. handoffp in
turns calls startm, newm, and newosproc, all of which are "below Go"
and make sense to run without a P, so disallow write barriers in these
as well.

For most functions, we've done this because they may race with
stoptheworld() and hence must not have write barriers. For these
functions, it's a little different: the world can't stop while we're
in handoffp, so this race isn't present. But we implement this
restriction with a somewhat broader rule that you can't have a write
barrier without a P. We like this rule because it's simple and means
that our write barriers can depend on there being a P, even though
this rule is actually a little broader than necessary. Hence, even
though there's no danger of the race in these functions, we want to
adhere to the broader rule.

Change-Id: Ie22319c30eea37d703eb52f5c7ca5da872030b88
Reviewed-on: https://go-review.googlesource.com/8130
Run-TryBot: Austin Clements <austin@google.com>
Reviewed-by: Minux Ma <minux@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Rick Hudson <rlh@golang.org>

src/runtime/os1_darwin.go

diff --git a/src/runtime/os1_darwin.go b/src/runtime/os1_darwin.go
index 6a60314..f6eb557 100644
--- a/src/runtime/os1_darwin.go
+++ b/src/runtime/os1_darwin.go
@@ -71,6 +71,8 @@
 	}
 }
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	mp.tls[0] = uintptr(mp.id) // so 386 asm can find it
 	if false {

src/runtime/os1_dragonfly.go

diff --git a/src/runtime/os1_dragonfly.go b/src/runtime/os1_dragonfly.go
index c94b141..33d87eb 100644
--- a/src/runtime/os1_dragonfly.go
+++ b/src/runtime/os1_dragonfly.go
@@ -71,6 +71,8 @@
 
 func lwp_start(uintptr)
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	if false {
 		print("newosproc stk=", stk, " m=", mp, " g=", mp.g0, " lwp_start=", funcPC(lwp_start), " id=", mp.id, "/", mp.tls[0], " ostk=", &mp, "\n")

src/runtime/os1_freebsd.go

diff --git a/src/runtime/os1_freebsd.go b/src/runtime/os1_freebsd.go
index ae9f78c..10c72d1 100644
--- a/src/runtime/os1_freebsd.go
+++ b/src/runtime/os1_freebsd.go
@@ -67,6 +67,8 @@
 
 func thr_start()
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	if false {
 		print("newosproc stk=", stk, " m=", mp, " g=", mp.g0, " thr_start=", funcPC(thr_start), " id=", mp.id, "/", mp.tls[0], " ostk=", &mp, "\n")

src/runtime/os1_linux.go

diff --git a/src/runtime/os1_linux.go b/src/runtime/os1_linux.go
index 44da57a..190206d 100644
--- a/src/runtime/os1_linux.go
+++ b/src/runtime/os1_linux.go
@@ -113,6 +113,8 @@
 	_CLONE_NEWIPC         = 0x8000000
 )
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	/*
 	 * note: strace gets confused if we use CLONE_PTRACE here.

src/runtime/os1_nacl.go

diff --git a/src/runtime/os1_nacl.go b/src/runtime/os1_nacl.go
index b3759c1..238de5b 100644
--- a/src/runtime/os1_nacl.go
+++ b/src/runtime/os1_nacl.go
@@ -67,6 +67,7 @@
 
 func mstart_nacl()
 
+// May run without a P, so write barriers are not allowed.
 //go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	mp.tls[0] = uintptr(unsafe.Pointer(mp.g0))

src/runtime/os1_netbsd.go

diff --git a/src/runtime/os1_netbsd.go b/src/runtime/os1_netbsd.go
index f2e6ef6..9a40155 100644
--- a/src/runtime/os1_netbsd.go
+++ b/src/runtime/os1_netbsd.go
@@ -89,6 +89,8 @@
 	}
 }
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	if false {
 		print("newosproc stk=", stk, " m=", mp, " g=", mp.g0, " id=", mp.id, "/", int32(mp.tls[0]), " ostk=", &mp, "\n")

src/runtime/os1_openbsd.go

diff --git a/src/runtime/os1_openbsd.go b/src/runtime/os1_openbsd.go
index 92a19fe..1f5ac4a 100644
--- a/src/runtime/os1_openbsd.go
+++ b/src/runtime/os1_openbsd.go
@@ -98,6 +98,8 @@
 	}
 }
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	if false {
 		print("newosproc stk=", stk, " m=", mp, " g=", mp.g0, " id=", mp.id, "/", int32(mp.tls[0]), " ostk=", &mp, "\n")

src/runtime/os1_plan9.go

diff --git a/src/runtime/os1_plan9.go b/src/runtime/os1_plan9.go
index bba1f17..30621ad 100644
--- a/src/runtime/os1_plan9.go
+++ b/src/runtime/os1_plan9.go
@@ -183,6 +183,8 @@
 	exits(&status[0])
 }
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	if false {
 		print("newosproc mp=", mp, " ostk=", &mp, "\n")

src/runtime/os1_windows.go

diff --git a/src/runtime/os1_windows.go b/src/runtime/os1_windows.go
index 4ae1a84..609e430 100644
--- a/src/runtime/os1_windows.go
+++ b/src/runtime/os1_windows.go
@@ -282,6 +282,8 @@
 	return stdcall4(_CreateEventA, 0, 0, 0, 0)
 }
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, stk unsafe.Pointer) {
 	const _STACK_SIZE_PARAM_IS_A_RESERVATION = 0x00010000
 	thandle := stdcall6(_CreateThread, 0, 0x20000,

src/runtime/os3_solaris.go

diff --git a/src/runtime/os3_solaris.go b/src/runtime/os3_solaris.go
index 8c65567..ddec87e 100644
--- a/src/runtime/os3_solaris.go
+++ b/src/runtime/os3_solaris.go
@@ -131,6 +131,8 @@
 
 func tstart_sysvicall()
 
+// May run without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func newosproc(mp *m, _ unsafe.Pointer) {
 	var (
 		attr pthreadattr

src/runtime/proc1.go

diff --git a/src/runtime/proc1.go b/src/runtime/proc1.go
index 4459802..690a978 100644
--- a/src/runtime/proc1.go
+++ b/src/runtime/proc1.go
@@ -973,7 +973,7 @@
 
 // Create a new m.  It will start off with a call to fn, or else the scheduler.
 // fn needs to be static and not a heap allocated closure.
-// May run during STW, so write barriers are not allowed.
+// May run without a P, so write barriers are not allowed.
 //go:nowritebarrier
 func newm(fn func(), _p_ *p) {
 	mp := allocm(_p_)
@@ -1035,7 +1035,7 @@
 
 // Schedules some M to run the p (creates an M if necessary).
 // If p==nil, tries to get an idle P, if no idle P's does nothing.
-// May run during STW, so write barriers are not allowed.
+// May run without a P, so write barriers are not allowed.
 //go:nowritebarrier
 func startm(_p_ *p, spinning bool) {
 	lock(&sched.lock)
@@ -1072,6 +1072,8 @@
 }
 
 // Hands off P from syscall or locked M.
+// Always runs without a P, so write barriers are not allowed.
+//go:nowritebarrier
 func handoffp(_p_ *p) {
 	// if it has local work, start it straight away
 	if _p_.runqhead != _p_.runqtail || sched.runqsize != 0 {