| // Copyright 2021 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package runtime |
| |
| import ( |
| "internal/cpu" |
| "internal/goexperiment" |
| "runtime/internal/atomic" |
| "unsafe" |
| ) |
| |
| // go119MemoryLimitSupport is a feature flag for a number of changes |
| // related to the memory limit feature (#48409). Disabling this flag |
| // disables those features, as well as the memory limit mechanism, |
| // which becomes a no-op. |
| const go119MemoryLimitSupport = true |
| |
| const ( |
| // gcGoalUtilization is the goal CPU utilization for |
| // marking as a fraction of GOMAXPROCS. |
| // |
| // Increasing the goal utilization will shorten GC cycles as the GC |
| // has more resources behind it, lessening costs from the write barrier, |
| // but comes at the cost of increasing mutator latency. |
| gcGoalUtilization = gcBackgroundUtilization |
| |
| // gcBackgroundUtilization is the fixed CPU utilization for background |
| // marking. It must be <= gcGoalUtilization. The difference between |
| // gcGoalUtilization and gcBackgroundUtilization will be made up by |
| // mark assists. The scheduler will aim to use within 50% of this |
| // goal. |
| // |
| // As a general rule, there's little reason to set gcBackgroundUtilization |
| // < gcGoalUtilization. One reason might be in mostly idle applications, |
| // where goroutines are unlikely to assist at all, so the actual |
| // utilization will be lower than the goal. But this is moot point |
| // because the idle mark workers already soak up idle CPU resources. |
| // These two values are still kept separate however because they are |
| // distinct conceptually, and in previous iterations of the pacer the |
| // distinction was more important. |
| gcBackgroundUtilization = 0.25 |
| |
| // gcCreditSlack is the amount of scan work credit that can |
| // accumulate locally before updating gcController.heapScanWork and, |
| // optionally, gcController.bgScanCredit. Lower values give a more |
| // accurate assist ratio and make it more likely that assists will |
| // successfully steal background credit. Higher values reduce memory |
| // contention. |
| gcCreditSlack = 2000 |
| |
| // gcAssistTimeSlack is the nanoseconds of mutator assist time that |
| // can accumulate on a P before updating gcController.assistTime. |
| gcAssistTimeSlack = 5000 |
| |
| // gcOverAssistWork determines how many extra units of scan work a GC |
| // assist does when an assist happens. This amortizes the cost of an |
| // assist by pre-paying for this many bytes of future allocations. |
| gcOverAssistWork = 64 << 10 |
| |
| // defaultHeapMinimum is the value of heapMinimum for GOGC==100. |
| defaultHeapMinimum = (goexperiment.HeapMinimum512KiBInt)*(512<<10) + |
| (1-goexperiment.HeapMinimum512KiBInt)*(4<<20) |
| |
| // maxStackScanSlack is the bytes of stack space allocated or freed |
| // that can accumulate on a P before updating gcController.stackSize. |
| maxStackScanSlack = 8 << 10 |
| |
| // memoryLimitHeapGoalHeadroom is the amount of headroom the pacer gives to |
| // the heap goal when operating in the memory-limited regime. That is, |
| // it'll reduce the heap goal by this many extra bytes off of the base |
| // calculation. |
| memoryLimitHeapGoalHeadroom = 1 << 20 |
| ) |
| |
| func init() { |
| if offset := unsafe.Offsetof(gcController.heapLive); offset%8 != 0 { |
| println(offset) |
| throw("gcController.heapLive not aligned to 8 bytes") |
| } |
| } |
| |
| // gcController implements the GC pacing controller that determines |
| // when to trigger concurrent garbage collection and how much marking |
| // work to do in mutator assists and background marking. |
| // |
| // It calculates the ratio between the allocation rate (in terms of CPU |
| // time) and the GC scan throughput to determine the heap size at which to |
| // trigger a GC cycle such that no GC assists are required to finish on time. |
| // This algorithm thus optimizes GC CPU utilization to the dedicated background |
| // mark utilization of 25% of GOMAXPROCS by minimizing GC assists. |
| // GOMAXPROCS. The high-level design of this algorithm is documented |
| // at https://github.com/golang/proposal/blob/master/design/44167-gc-pacer-redesign.md. |
| // See https://golang.org/s/go15gcpacing for additional historical context. |
| var gcController gcControllerState |
| |
| type gcControllerState struct { |
| // Initialized from GOGC. GOGC=off means no GC. |
| gcPercent atomic.Int32 |
| |
| _ uint32 // padding so following 64-bit values are 8-byte aligned |
| |
| // memoryLimit is the soft memory limit in bytes. |
| // |
| // Initialized from GOMEMLIMIT. GOMEMLIMIT=off is equivalent to MaxInt64 |
| // which means no soft memory limit in practice. |
| // |
| // This is an int64 instead of a uint64 to more easily maintain parity with |
| // the SetMemoryLimit API, which sets a maximum at MaxInt64. This value |
| // should never be negative. |
| memoryLimit atomic.Int64 |
| |
| // heapMinimum is the minimum heap size at which to trigger GC. |
| // For small heaps, this overrides the usual GOGC*live set rule. |
| // |
| // When there is a very small live set but a lot of allocation, simply |
| // collecting when the heap reaches GOGC*live results in many GC |
| // cycles and high total per-GC overhead. This minimum amortizes this |
| // per-GC overhead while keeping the heap reasonably small. |
| // |
| // During initialization this is set to 4MB*GOGC/100. In the case of |
| // GOGC==0, this will set heapMinimum to 0, resulting in constant |
| // collection even when the heap size is small, which is useful for |
| // debugging. |
| heapMinimum uint64 |
| |
| // runway is the amount of runway in heap bytes allocated by the |
| // application that we want to give the GC once it starts. |
| // |
| // This is computed from consMark during mark termination. |
| runway atomic.Uint64 |
| |
| // consMark is the estimated per-CPU consMark ratio for the application. |
| // |
| // It represents the ratio between the application's allocation |
| // rate, as bytes allocated per CPU-time, and the GC's scan rate, |
| // as bytes scanned per CPU-time. |
| // The units of this ratio are (B / cpu-ns) / (B / cpu-ns). |
| // |
| // At a high level, this value is computed as the bytes of memory |
| // allocated (cons) per unit of scan work completed (mark) in a GC |
| // cycle, divided by the CPU time spent on each activity. |
| // |
| // Updated at the end of each GC cycle, in endCycle. |
| consMark float64 |
| |
| // consMarkController holds the state for the mark-cons ratio |
| // estimation over time. |
| // |
| // Its purpose is to smooth out noisiness in the computation of |
| // consMark; see consMark for details. |
| consMarkController piController |
| |
| _ uint32 // Padding for atomics on 32-bit platforms. |
| |
| // gcPercentHeapGoal is the goal heapLive for when next GC ends derived |
| // from gcPercent. |
| // |
| // Set to ^uint64(0) if gcPercent is disabled. |
| gcPercentHeapGoal atomic.Uint64 |
| |
| // sweepDistMinTrigger is the minimum trigger to ensure a minimum |
| // sweep distance. |
| // |
| // This bound is also special because it applies to both the trigger |
| // *and* the goal (all other trigger bounds must be based *on* the goal). |
| // |
| // It is computed ahead of time, at commit time. The theory is that, |
| // absent a sudden change to a parameter like gcPercent, the trigger |
| // will be chosen to always give the sweeper enough headroom. However, |
| // such a change might dramatically and suddenly move up the trigger, |
| // in which case we need to ensure the sweeper still has enough headroom. |
| sweepDistMinTrigger atomic.Uint64 |
| |
| // triggered is the point at which the current GC cycle actually triggered. |
| // Only valid during the mark phase of a GC cycle, otherwise set to ^uint64(0). |
| // |
| // Updated while the world is stopped. |
| triggered uint64 |
| |
| // lastHeapGoal is the value of heapGoal at the moment the last GC |
| // ended. Note that this is distinct from the last value heapGoal had, |
| // because it could change if e.g. gcPercent changes. |
| // |
| // Read and written with the world stopped or with mheap_.lock held. |
| lastHeapGoal uint64 |
| |
| // heapLive is the number of bytes considered live by the GC. |
| // That is: retained by the most recent GC plus allocated |
| // since then. heapLive ≤ memstats.totalAlloc-memstats.totalFree, since |
| // heapAlloc includes unmarked objects that have not yet been swept (and |
| // hence goes up as we allocate and down as we sweep) while heapLive |
| // excludes these objects (and hence only goes up between GCs). |
| // |
| // This is updated atomically without locking. To reduce |
| // contention, this is updated only when obtaining a span from |
| // an mcentral and at this point it counts all of the |
| // unallocated slots in that span (which will be allocated |
| // before that mcache obtains another span from that |
| // mcentral). Hence, it slightly overestimates the "true" live |
| // heap size. It's better to overestimate than to |
| // underestimate because 1) this triggers the GC earlier than |
| // necessary rather than potentially too late and 2) this |
| // leads to a conservative GC rate rather than a GC rate that |
| // is potentially too low. |
| // |
| // Reads should likewise be atomic (or during STW). |
| // |
| // Whenever this is updated, call traceHeapAlloc() and |
| // this gcControllerState's revise() method. |
| heapLive uint64 |
| |
| // heapScan is the number of bytes of "scannable" heap. This |
| // is the live heap (as counted by heapLive), but omitting |
| // no-scan objects and no-scan tails of objects. |
| // |
| // This value is fixed at the start of a GC cycle, so during a |
| // GC cycle it is safe to read without atomics, and it represents |
| // the maximum scannable heap. |
| heapScan uint64 |
| |
| // lastHeapScan is the number of bytes of heap that were scanned |
| // last GC cycle. It is the same as heapMarked, but only |
| // includes the "scannable" parts of objects. |
| // |
| // Updated when the world is stopped. |
| lastHeapScan uint64 |
| |
| // lastStackScan is the number of bytes of stack that were scanned |
| // last GC cycle. |
| lastStackScan uint64 |
| |
| // maxStackScan is the amount of allocated goroutine stack space in |
| // use by goroutines. |
| // |
| // This number tracks allocated goroutine stack space rather than used |
| // goroutine stack space (i.e. what is actually scanned) because used |
| // goroutine stack space is much harder to measure cheaply. By using |
| // allocated space, we make an overestimate; this is OK, it's better |
| // to conservatively overcount than undercount. |
| // |
| // Read and updated atomically. |
| maxStackScan uint64 |
| |
| // globalsScan is the total amount of global variable space |
| // that is scannable. |
| // |
| // Read and updated atomically. |
| globalsScan uint64 |
| |
| // heapMarked is the number of bytes marked by the previous |
| // GC. After mark termination, heapLive == heapMarked, but |
| // unlike heapLive, heapMarked does not change until the |
| // next mark termination. |
| heapMarked uint64 |
| |
| // heapScanWork is the total heap scan work performed this cycle. |
| // stackScanWork is the total stack scan work performed this cycle. |
| // globalsScanWork is the total globals scan work performed this cycle. |
| // |
| // These are updated atomically during the cycle. Updates occur in |
| // bounded batches, since they are both written and read |
| // throughout the cycle. At the end of the cycle, heapScanWork is how |
| // much of the retained heap is scannable. |
| // |
| // Currently these are measured in bytes. For most uses, this is an |
| // opaque unit of work, but for estimation the definition is important. |
| // |
| // Note that stackScanWork includes only stack space scanned, not all |
| // of the allocated stack. |
| heapScanWork atomic.Int64 |
| stackScanWork atomic.Int64 |
| globalsScanWork atomic.Int64 |
| |
| // bgScanCredit is the scan work credit accumulated by the |
| // concurrent background scan. This credit is accumulated by |
| // the background scan and stolen by mutator assists. This is |
| // updated atomically. Updates occur in bounded batches, since |
| // it is both written and read throughout the cycle. |
| bgScanCredit int64 |
| |
| // assistTime is the nanoseconds spent in mutator assists |
| // during this cycle. This is updated atomically, and must also |
| // be updated atomically even during a STW, because it is read |
| // by sysmon. Updates occur in bounded batches, since it is both |
| // written and read throughout the cycle. |
| assistTime atomic.Int64 |
| |
| // dedicatedMarkTime is the nanoseconds spent in dedicated |
| // mark workers during this cycle. This is updated atomically |
| // at the end of the concurrent mark phase. |
| dedicatedMarkTime int64 |
| |
| // fractionalMarkTime is the nanoseconds spent in the |
| // fractional mark worker during this cycle. This is updated |
| // atomically throughout the cycle and will be up-to-date if |
| // the fractional mark worker is not currently running. |
| fractionalMarkTime int64 |
| |
| // idleMarkTime is the nanoseconds spent in idle marking |
| // during this cycle. This is updated atomically throughout |
| // the cycle. |
| idleMarkTime int64 |
| |
| // markStartTime is the absolute start time in nanoseconds |
| // that assists and background mark workers started. |
| markStartTime int64 |
| |
| // dedicatedMarkWorkersNeeded is the number of dedicated mark |
| // workers that need to be started. This is computed at the |
| // beginning of each cycle and decremented atomically as |
| // dedicated mark workers get started. |
| dedicatedMarkWorkersNeeded int64 |
| |
| // idleMarkWorkers is two packed int32 values in a single uint64. |
| // These two values are always updated simultaneously. |
| // |
| // The bottom int32 is the current number of idle mark workers executing. |
| // |
| // The top int32 is the maximum number of idle mark workers allowed to |
| // execute concurrently. Normally, this number is just gomaxprocs. However, |
| // during periodic GC cycles it is set to 0 because the system is idle |
| // anyway; there's no need to go full blast on all of GOMAXPROCS. |
| // |
| // The maximum number of idle mark workers is used to prevent new workers |
| // from starting, but it is not a hard maximum. It is possible (but |
| // exceedingly rare) for the current number of idle mark workers to |
| // transiently exceed the maximum. This could happen if the maximum changes |
| // just after a GC ends, and an M with no P. |
| // |
| // Note that if we have no dedicated mark workers, we set this value to |
| // 1 in this case we only have fractional GC workers which aren't scheduled |
| // strictly enough to ensure GC progress. As a result, idle-priority mark |
| // workers are vital to GC progress in these situations. |
| // |
| // For example, consider a situation in which goroutines block on the GC |
| // (such as via runtime.GOMAXPROCS) and only fractional mark workers are |
| // scheduled (e.g. GOMAXPROCS=1). Without idle-priority mark workers, the |
| // last running M might skip scheduling a fractional mark worker if its |
| // utilization goal is met, such that once it goes to sleep (because there's |
| // nothing to do), there will be nothing else to spin up a new M for the |
| // fractional worker in the future, stalling GC progress and causing a |
| // deadlock. However, idle-priority workers will *always* run when there is |
| // nothing left to do, ensuring the GC makes progress. |
| // |
| // See github.com/golang/go/issues/44163 for more details. |
| idleMarkWorkers atomic.Uint64 |
| |
| // assistWorkPerByte is the ratio of scan work to allocated |
| // bytes that should be performed by mutator assists. This is |
| // computed at the beginning of each cycle and updated every |
| // time heapScan is updated. |
| assistWorkPerByte atomic.Float64 |
| |
| // assistBytesPerWork is 1/assistWorkPerByte. |
| // |
| // Note that because this is read and written independently |
| // from assistWorkPerByte users may notice a skew between |
| // the two values, and such a state should be safe. |
| assistBytesPerWork atomic.Float64 |
| |
| // fractionalUtilizationGoal is the fraction of wall clock |
| // time that should be spent in the fractional mark worker on |
| // each P that isn't running a dedicated worker. |
| // |
| // For example, if the utilization goal is 25% and there are |
| // no dedicated workers, this will be 0.25. If the goal is |
| // 25%, there is one dedicated worker, and GOMAXPROCS is 5, |
| // this will be 0.05 to make up the missing 5%. |
| // |
| // If this is zero, no fractional workers are needed. |
| fractionalUtilizationGoal float64 |
| |
| // These memory stats are effectively duplicates of fields from |
| // memstats.heapStats but are updated atomically or with the world |
| // stopped and don't provide the same consistency guarantees. |
| // |
| // Because the runtime is responsible for managing a memory limit, it's |
| // useful to couple these stats more tightly to the gcController, which |
| // is intimately connected to how that memory limit is maintained. |
| heapInUse sysMemStat // bytes in mSpanInUse spans |
| heapReleased sysMemStat // bytes released to the OS |
| heapFree sysMemStat // bytes not in any span, but not released to the OS |
| totalAlloc atomic.Uint64 // total bytes allocated |
| totalFree atomic.Uint64 // total bytes freed |
| mappedReady atomic.Uint64 // total virtual memory in the Ready state (see mem.go). |
| |
| // test indicates that this is a test-only copy of gcControllerState. |
| test bool |
| |
| _ cpu.CacheLinePad |
| } |
| |
| func (c *gcControllerState) init(gcPercent int32, memoryLimit int64) { |
| c.heapMinimum = defaultHeapMinimum |
| c.triggered = ^uint64(0) |
| |
| c.consMarkController = piController{ |
| // Tuned first via the Ziegler-Nichols process in simulation, |
| // then the integral time was manually tuned against real-world |
| // applications to deal with noisiness in the measured cons/mark |
| // ratio. |
| kp: 0.9, |
| ti: 4.0, |
| |
| // Set a high reset time in GC cycles. |
| // This is inversely proportional to the rate at which we |
| // accumulate error from clipping. By making this very high |
| // we make the accumulation slow. In general, clipping is |
| // OK in our situation, hence the choice. |
| // |
| // Tune this if we get unintended effects from clipping for |
| // a long time. |
| tt: 1000, |
| min: -1000, |
| max: 1000, |
| } |
| |
| c.setGCPercent(gcPercent) |
| c.setMemoryLimit(memoryLimit) |
| c.commit(true) // No sweep phase in the first GC cycle. |
| // N.B. Don't bother calling traceHeapGoal. Tracing is never enabled at |
| // initialization time. |
| // N.B. No need to call revise; there's no GC enabled during |
| // initialization. |
| } |
| |
| // startCycle resets the GC controller's state and computes estimates |
| // for a new GC cycle. The caller must hold worldsema and the world |
| // must be stopped. |
| func (c *gcControllerState) startCycle(markStartTime int64, procs int, trigger gcTrigger) { |
| c.heapScanWork.Store(0) |
| c.stackScanWork.Store(0) |
| c.globalsScanWork.Store(0) |
| c.bgScanCredit = 0 |
| c.assistTime.Store(0) |
| c.dedicatedMarkTime = 0 |
| c.fractionalMarkTime = 0 |
| c.idleMarkTime = 0 |
| c.markStartTime = markStartTime |
| |
| // TODO(mknyszek): This is supposed to be the actual trigger point for the heap, but |
| // causes regressions in memory use. The cause is that the PI controller used to smooth |
| // the cons/mark ratio measurements tends to flail when using the less accurate precomputed |
| // trigger for the cons/mark calculation, and this results in the controller being more |
| // conservative about steady-states it tries to find in the future. |
| // |
| // This conservatism is transient, but these transient states tend to matter for short-lived |
| // programs, especially because the PI controller is overdamped, partially because it is |
| // configured with a relatively large time constant. |
| // |
| // Ultimately, I think this is just two mistakes piled on one another: the choice of a swingy |
| // smoothing function that recalls a fairly long history (due to its overdamped time constant) |
| // coupled with an inaccurate cons/mark calculation. It just so happens this works better |
| // today, and it makes it harder to change things in the future. |
| // |
| // This is described in #53738. Fix this for #53892 by changing back to the actual trigger |
| // point and simplifying the smoothing function. |
| heapTrigger, heapGoal := c.trigger() |
| c.triggered = heapTrigger |
| |
| // Compute the background mark utilization goal. In general, |
| // this may not come out exactly. We round the number of |
| // dedicated workers so that the utilization is closest to |
| // 25%. For small GOMAXPROCS, this would introduce too much |
| // error, so we add fractional workers in that case. |
| totalUtilizationGoal := float64(procs) * gcBackgroundUtilization |
| c.dedicatedMarkWorkersNeeded = int64(totalUtilizationGoal + 0.5) |
| utilError := float64(c.dedicatedMarkWorkersNeeded)/totalUtilizationGoal - 1 |
| const maxUtilError = 0.3 |
| if utilError < -maxUtilError || utilError > maxUtilError { |
| // Rounding put us more than 30% off our goal. With |
| // gcBackgroundUtilization of 25%, this happens for |
| // GOMAXPROCS<=3 or GOMAXPROCS=6. Enable fractional |
| // workers to compensate. |
| if float64(c.dedicatedMarkWorkersNeeded) > totalUtilizationGoal { |
| // Too many dedicated workers. |
| c.dedicatedMarkWorkersNeeded-- |
| } |
| c.fractionalUtilizationGoal = (totalUtilizationGoal - float64(c.dedicatedMarkWorkersNeeded)) / float64(procs) |
| } else { |
| c.fractionalUtilizationGoal = 0 |
| } |
| |
| // In STW mode, we just want dedicated workers. |
| if debug.gcstoptheworld > 0 { |
| c.dedicatedMarkWorkersNeeded = int64(procs) |
| c.fractionalUtilizationGoal = 0 |
| } |
| |
| // Clear per-P state |
| for _, p := range allp { |
| p.gcAssistTime = 0 |
| p.gcFractionalMarkTime = 0 |
| } |
| |
| if trigger.kind == gcTriggerTime { |
| // During a periodic GC cycle, reduce the number of idle mark workers |
| // required. However, we need at least one dedicated mark worker or |
| // idle GC worker to ensure GC progress in some scenarios (see comment |
| // on maxIdleMarkWorkers). |
| if c.dedicatedMarkWorkersNeeded > 0 { |
| c.setMaxIdleMarkWorkers(0) |
| } else { |
| // TODO(mknyszek): The fundamental reason why we need this is because |
| // we can't count on the fractional mark worker to get scheduled. |
| // Fix that by ensuring it gets scheduled according to its quota even |
| // if the rest of the application is idle. |
| c.setMaxIdleMarkWorkers(1) |
| } |
| } else { |
| // N.B. gomaxprocs and dedicatedMarkWorkersNeeded is guaranteed not to |
| // change during a GC cycle. |
| c.setMaxIdleMarkWorkers(int32(procs) - int32(c.dedicatedMarkWorkersNeeded)) |
| } |
| |
| // Compute initial values for controls that are updated |
| // throughout the cycle. |
| c.revise() |
| |
| if debug.gcpacertrace > 0 { |
| assistRatio := c.assistWorkPerByte.Load() |
| print("pacer: assist ratio=", assistRatio, |
| " (scan ", gcController.heapScan>>20, " MB in ", |
| work.initialHeapLive>>20, "->", |
| heapGoal>>20, " MB)", |
| " workers=", c.dedicatedMarkWorkersNeeded, |
| "+", c.fractionalUtilizationGoal, "\n") |
| } |
| } |
| |
| // revise updates the assist ratio during the GC cycle to account for |
| // improved estimates. This should be called whenever gcController.heapScan, |
| // gcController.heapLive, or if any inputs to gcController.heapGoal are |
| // updated. It is safe to call concurrently, but it may race with other |
| // calls to revise. |
| // |
| // The result of this race is that the two assist ratio values may not line |
| // up or may be stale. In practice this is OK because the assist ratio |
| // moves slowly throughout a GC cycle, and the assist ratio is a best-effort |
| // heuristic anyway. Furthermore, no part of the heuristic depends on |
| // the two assist ratio values being exact reciprocals of one another, since |
| // the two values are used to convert values from different sources. |
| // |
| // The worst case result of this raciness is that we may miss a larger shift |
| // in the ratio (say, if we decide to pace more aggressively against the |
| // hard heap goal) but even this "hard goal" is best-effort (see #40460). |
| // The dedicated GC should ensure we don't exceed the hard goal by too much |
| // in the rare case we do exceed it. |
| // |
| // It should only be called when gcBlackenEnabled != 0 (because this |
| // is when assists are enabled and the necessary statistics are |
| // available). |
| func (c *gcControllerState) revise() { |
| gcPercent := c.gcPercent.Load() |
| if gcPercent < 0 { |
| // If GC is disabled but we're running a forced GC, |
| // act like GOGC is huge for the below calculations. |
| gcPercent = 100000 |
| } |
| live := atomic.Load64(&c.heapLive) |
| scan := atomic.Load64(&c.heapScan) |
| work := c.heapScanWork.Load() + c.stackScanWork.Load() + c.globalsScanWork.Load() |
| |
| // Assume we're under the soft goal. Pace GC to complete at |
| // heapGoal assuming the heap is in steady-state. |
| heapGoal := int64(c.heapGoal()) |
| |
| // The expected scan work is computed as the amount of bytes scanned last |
| // GC cycle (both heap and stack), plus our estimate of globals work for this cycle. |
| scanWorkExpected := int64(c.lastHeapScan + c.lastStackScan + c.globalsScan) |
| |
| // maxScanWork is a worst-case estimate of the amount of scan work that |
| // needs to be performed in this GC cycle. Specifically, it represents |
| // the case where *all* scannable memory turns out to be live, and |
| // *all* allocated stack space is scannable. |
| maxStackScan := atomic.Load64(&c.maxStackScan) |
| maxScanWork := int64(scan + maxStackScan + c.globalsScan) |
| if work > scanWorkExpected { |
| // We've already done more scan work than expected. Because our expectation |
| // is based on a steady-state scannable heap size, we assume this means our |
| // heap is growing. Compute a new heap goal that takes our existing runway |
| // computed for scanWorkExpected and extrapolates it to maxScanWork, the worst-case |
| // scan work. This keeps our assist ratio stable if the heap continues to grow. |
| // |
| // The effect of this mechanism is that assists stay flat in the face of heap |
| // growths. It's OK to use more memory this cycle to scan all the live heap, |
| // because the next GC cycle is inevitably going to use *at least* that much |
| // memory anyway. |
| extHeapGoal := int64(float64(heapGoal-int64(c.triggered))/float64(scanWorkExpected)*float64(maxScanWork)) + int64(c.triggered) |
| scanWorkExpected = maxScanWork |
| |
| // hardGoal is a hard limit on the amount that we're willing to push back the |
| // heap goal, and that's twice the heap goal (i.e. if GOGC=100 and the heap and/or |
| // stacks and/or globals grow to twice their size, this limits the current GC cycle's |
| // growth to 4x the original live heap's size). |
| // |
| // This maintains the invariant that we use no more memory than the next GC cycle |
| // will anyway. |
| hardGoal := int64((1.0 + float64(gcPercent)/100.0) * float64(heapGoal)) |
| if extHeapGoal > hardGoal { |
| extHeapGoal = hardGoal |
| } |
| heapGoal = extHeapGoal |
| } |
| if int64(live) > heapGoal { |
| // We're already past our heap goal, even the extrapolated one. |
| // Leave ourselves some extra runway, so in the worst case we |
| // finish by that point. |
| const maxOvershoot = 1.1 |
| heapGoal = int64(float64(heapGoal) * maxOvershoot) |
| |
| // Compute the upper bound on the scan work remaining. |
| scanWorkExpected = maxScanWork |
| } |
| |
| // Compute the remaining scan work estimate. |
| // |
| // Note that we currently count allocations during GC as both |
| // scannable heap (heapScan) and scan work completed |
| // (scanWork), so allocation will change this difference |
| // slowly in the soft regime and not at all in the hard |
| // regime. |
| scanWorkRemaining := scanWorkExpected - work |
| if scanWorkRemaining < 1000 { |
| // We set a somewhat arbitrary lower bound on |
| // remaining scan work since if we aim a little high, |
| // we can miss by a little. |
| // |
| // We *do* need to enforce that this is at least 1, |
| // since marking is racy and double-scanning objects |
| // may legitimately make the remaining scan work |
| // negative, even in the hard goal regime. |
| scanWorkRemaining = 1000 |
| } |
| |
| // Compute the heap distance remaining. |
| heapRemaining := heapGoal - int64(live) |
| if heapRemaining <= 0 { |
| // This shouldn't happen, but if it does, avoid |
| // dividing by zero or setting the assist negative. |
| heapRemaining = 1 |
| } |
| |
| // Compute the mutator assist ratio so by the time the mutator |
| // allocates the remaining heap bytes up to heapGoal, it will |
| // have done (or stolen) the remaining amount of scan work. |
| // Note that the assist ratio values are updated atomically |
| // but not together. This means there may be some degree of |
| // skew between the two values. This is generally OK as the |
| // values shift relatively slowly over the course of a GC |
| // cycle. |
| assistWorkPerByte := float64(scanWorkRemaining) / float64(heapRemaining) |
| assistBytesPerWork := float64(heapRemaining) / float64(scanWorkRemaining) |
| c.assistWorkPerByte.Store(assistWorkPerByte) |
| c.assistBytesPerWork.Store(assistBytesPerWork) |
| } |
| |
| // endCycle computes the consMark estimate for the next cycle. |
| // userForced indicates whether the current GC cycle was forced |
| // by the application. |
| func (c *gcControllerState) endCycle(now int64, procs int, userForced bool) { |
| // Record last heap goal for the scavenger. |
| // We'll be updating the heap goal soon. |
| gcController.lastHeapGoal = c.heapGoal() |
| |
| // Compute the duration of time for which assists were turned on. |
| assistDuration := now - c.markStartTime |
| |
| // Assume background mark hit its utilization goal. |
| utilization := gcBackgroundUtilization |
| // Add assist utilization; avoid divide by zero. |
| if assistDuration > 0 { |
| utilization += float64(c.assistTime.Load()) / float64(assistDuration*int64(procs)) |
| } |
| |
| if c.heapLive <= c.triggered { |
| // Shouldn't happen, but let's be very safe about this in case the |
| // GC is somehow extremely short. |
| // |
| // In this case though, the only reasonable value for c.heapLive-c.triggered |
| // would be 0, which isn't really all that useful, i.e. the GC was so short |
| // that it didn't matter. |
| // |
| // Ignore this case and don't update anything. |
| return |
| } |
| idleUtilization := 0.0 |
| if assistDuration > 0 { |
| idleUtilization = float64(c.idleMarkTime) / float64(assistDuration*int64(procs)) |
| } |
| // Determine the cons/mark ratio. |
| // |
| // The units we want for the numerator and denominator are both B / cpu-ns. |
| // We get this by taking the bytes allocated or scanned, and divide by the amount of |
| // CPU time it took for those operations. For allocations, that CPU time is |
| // |
| // assistDuration * procs * (1 - utilization) |
| // |
| // Where utilization includes just background GC workers and assists. It does *not* |
| // include idle GC work time, because in theory the mutator is free to take that at |
| // any point. |
| // |
| // For scanning, that CPU time is |
| // |
| // assistDuration * procs * (utilization + idleUtilization) |
| // |
| // In this case, we *include* idle utilization, because that is additional CPU time that the |
| // the GC had available to it. |
| // |
| // In effect, idle GC time is sort of double-counted here, but it's very weird compared |
| // to other kinds of GC work, because of how fluid it is. Namely, because the mutator is |
| // *always* free to take it. |
| // |
| // So this calculation is really: |
| // (heapLive-trigger) / (assistDuration * procs * (1-utilization)) / |
| // (scanWork) / (assistDuration * procs * (utilization+idleUtilization) |
| // |
| // Note that because we only care about the ratio, assistDuration and procs cancel out. |
| scanWork := c.heapScanWork.Load() + c.stackScanWork.Load() + c.globalsScanWork.Load() |
| currentConsMark := (float64(c.heapLive-c.triggered) * (utilization + idleUtilization)) / |
| (float64(scanWork) * (1 - utilization)) |
| |
| // Update cons/mark controller. The time period for this is 1 GC cycle. |
| // |
| // This use of a PI controller might seem strange. So, here's an explanation: |
| // |
| // currentConsMark represents the consMark we *should've* had to be perfectly |
| // on-target for this cycle. Given that we assume the next GC will be like this |
| // one in the steady-state, it stands to reason that we should just pick that |
| // as our next consMark. In practice, however, currentConsMark is too noisy: |
| // we're going to be wildly off-target in each GC cycle if we do that. |
| // |
| // What we do instead is make a long-term assumption: there is some steady-state |
| // consMark value, but it's obscured by noise. By constantly shooting for this |
| // noisy-but-perfect consMark value, the controller will bounce around a bit, |
| // but its average behavior, in aggregate, should be less noisy and closer to |
| // the true long-term consMark value, provided its tuned to be slightly overdamped. |
| var ok bool |
| oldConsMark := c.consMark |
| c.consMark, ok = c.consMarkController.next(c.consMark, currentConsMark, 1.0) |
| if !ok { |
| // The error spiraled out of control. This is incredibly unlikely seeing |
| // as this controller is essentially just a smoothing function, but it might |
| // mean that something went very wrong with how currentConsMark was calculated. |
| // Just reset consMark and keep going. |
| c.consMark = 0 |
| } |
| |
| if debug.gcpacertrace > 0 { |
| printlock() |
| goal := gcGoalUtilization * 100 |
| print("pacer: ", int(utilization*100), "% CPU (", int(goal), " exp.) for ") |
| print(c.heapScanWork.Load(), "+", c.stackScanWork.Load(), "+", c.globalsScanWork.Load(), " B work (", c.lastHeapScan+c.lastStackScan+c.globalsScan, " B exp.) ") |
| print("in ", c.triggered, " B -> ", c.heapLive, " B (∆goal ", int64(c.heapLive)-int64(c.lastHeapGoal), ", cons/mark ", oldConsMark, ")") |
| if !ok { |
| print("[controller reset]") |
| } |
| println() |
| printunlock() |
| } |
| } |
| |
| // enlistWorker encourages another dedicated mark worker to start on |
| // another P if there are spare worker slots. It is used by putfull |
| // when more work is made available. |
| // |
| //go:nowritebarrier |
| func (c *gcControllerState) enlistWorker() { |
| // If there are idle Ps, wake one so it will run an idle worker. |
| // NOTE: This is suspected of causing deadlocks. See golang.org/issue/19112. |
| // |
| // if atomic.Load(&sched.npidle) != 0 && atomic.Load(&sched.nmspinning) == 0 { |
| // wakep() |
| // return |
| // } |
| |
| // There are no idle Ps. If we need more dedicated workers, |
| // try to preempt a running P so it will switch to a worker. |
| if c.dedicatedMarkWorkersNeeded <= 0 { |
| return |
| } |
| // Pick a random other P to preempt. |
| if gomaxprocs <= 1 { |
| return |
| } |
| gp := getg() |
| if gp == nil || gp.m == nil || gp.m.p == 0 { |
| return |
| } |
| myID := gp.m.p.ptr().id |
| for tries := 0; tries < 5; tries++ { |
| id := int32(fastrandn(uint32(gomaxprocs - 1))) |
| if id >= myID { |
| id++ |
| } |
| p := allp[id] |
| if p.status != _Prunning { |
| continue |
| } |
| if preemptone(p) { |
| return |
| } |
| } |
| } |
| |
| // findRunnableGCWorker returns a background mark worker for _p_ if it |
| // should be run. This must only be called when gcBlackenEnabled != 0. |
| func (c *gcControllerState) findRunnableGCWorker(_p_ *p, now int64) (*g, int64) { |
| if gcBlackenEnabled == 0 { |
| throw("gcControllerState.findRunnable: blackening not enabled") |
| } |
| |
| // Since we have the current time, check if the GC CPU limiter |
| // hasn't had an update in a while. This check is necessary in |
| // case the limiter is on but hasn't been checked in a while and |
| // so may have left sufficient headroom to turn off again. |
| if now == 0 { |
| now = nanotime() |
| } |
| if gcCPULimiter.needUpdate(now) { |
| gcCPULimiter.update(now) |
| } |
| |
| if !gcMarkWorkAvailable(_p_) { |
| // No work to be done right now. This can happen at |
| // the end of the mark phase when there are still |
| // assists tapering off. Don't bother running a worker |
| // now because it'll just return immediately. |
| return nil, now |
| } |
| |
| // Grab a worker before we commit to running below. |
| node := (*gcBgMarkWorkerNode)(gcBgMarkWorkerPool.pop()) |
| if node == nil { |
| // There is at least one worker per P, so normally there are |
| // enough workers to run on all Ps, if necessary. However, once |
| // a worker enters gcMarkDone it may park without rejoining the |
| // pool, thus freeing a P with no corresponding worker. |
| // gcMarkDone never depends on another worker doing work, so it |
| // is safe to simply do nothing here. |
| // |
| // If gcMarkDone bails out without completing the mark phase, |
| // it will always do so with queued global work. Thus, that P |
| // will be immediately eligible to re-run the worker G it was |
| // just using, ensuring work can complete. |
| return nil, now |
| } |
| |
| decIfPositive := func(ptr *int64) bool { |
| for { |
| v := atomic.Loadint64(ptr) |
| if v <= 0 { |
| return false |
| } |
| |
| if atomic.Casint64(ptr, v, v-1) { |
| return true |
| } |
| } |
| } |
| |
| if decIfPositive(&c.dedicatedMarkWorkersNeeded) { |
| // This P is now dedicated to marking until the end of |
| // the concurrent mark phase. |
| _p_.gcMarkWorkerMode = gcMarkWorkerDedicatedMode |
| } else if c.fractionalUtilizationGoal == 0 { |
| // No need for fractional workers. |
| gcBgMarkWorkerPool.push(&node.node) |
| return nil, now |
| } else { |
| // Is this P behind on the fractional utilization |
| // goal? |
| // |
| // This should be kept in sync with pollFractionalWorkerExit. |
| delta := now - c.markStartTime |
| if delta > 0 && float64(_p_.gcFractionalMarkTime)/float64(delta) > c.fractionalUtilizationGoal { |
| // Nope. No need to run a fractional worker. |
| gcBgMarkWorkerPool.push(&node.node) |
| return nil, now |
| } |
| // Run a fractional worker. |
| _p_.gcMarkWorkerMode = gcMarkWorkerFractionalMode |
| } |
| |
| // Run the background mark worker. |
| gp := node.gp.ptr() |
| casgstatus(gp, _Gwaiting, _Grunnable) |
| if trace.enabled { |
| traceGoUnpark(gp, 0) |
| } |
| return gp, now |
| } |
| |
| // resetLive sets up the controller state for the next mark phase after the end |
| // of the previous one. Must be called after endCycle and before commit, before |
| // the world is started. |
| // |
| // The world must be stopped. |
| func (c *gcControllerState) resetLive(bytesMarked uint64) { |
| c.heapMarked = bytesMarked |
| c.heapLive = bytesMarked |
| c.heapScan = uint64(c.heapScanWork.Load()) |
| c.lastHeapScan = uint64(c.heapScanWork.Load()) |
| c.lastStackScan = uint64(c.stackScanWork.Load()) |
| c.triggered = ^uint64(0) // Reset triggered. |
| |
| // heapLive was updated, so emit a trace event. |
| if trace.enabled { |
| traceHeapAlloc() |
| } |
| } |
| |
| // markWorkerStop must be called whenever a mark worker stops executing. |
| // |
| // It updates mark work accounting in the controller by a duration of |
| // work in nanoseconds and other bookkeeping. |
| // |
| // Safe to execute at any time. |
| func (c *gcControllerState) markWorkerStop(mode gcMarkWorkerMode, duration int64) { |
| switch mode { |
| case gcMarkWorkerDedicatedMode: |
| atomic.Xaddint64(&c.dedicatedMarkTime, duration) |
| atomic.Xaddint64(&c.dedicatedMarkWorkersNeeded, 1) |
| case gcMarkWorkerFractionalMode: |
| atomic.Xaddint64(&c.fractionalMarkTime, duration) |
| case gcMarkWorkerIdleMode: |
| atomic.Xaddint64(&c.idleMarkTime, duration) |
| c.removeIdleMarkWorker() |
| default: |
| throw("markWorkerStop: unknown mark worker mode") |
| } |
| } |
| |
| func (c *gcControllerState) update(dHeapLive, dHeapScan int64) { |
| if dHeapLive != 0 { |
| atomic.Xadd64(&gcController.heapLive, dHeapLive) |
| if trace.enabled { |
| // gcController.heapLive changed. |
| traceHeapAlloc() |
| } |
| } |
| if gcBlackenEnabled == 0 { |
| // Update heapScan when we're not in a current GC. It is fixed |
| // at the beginning of a cycle. |
| if dHeapScan != 0 { |
| atomic.Xadd64(&gcController.heapScan, dHeapScan) |
| } |
| } else { |
| // gcController.heapLive changed. |
| c.revise() |
| } |
| } |
| |
| func (c *gcControllerState) addScannableStack(pp *p, amount int64) { |
| if pp == nil { |
| atomic.Xadd64(&c.maxStackScan, amount) |
| return |
| } |
| pp.maxStackScanDelta += amount |
| if pp.maxStackScanDelta >= maxStackScanSlack || pp.maxStackScanDelta <= -maxStackScanSlack { |
| atomic.Xadd64(&c.maxStackScan, pp.maxStackScanDelta) |
| pp.maxStackScanDelta = 0 |
| } |
| } |
| |
| func (c *gcControllerState) addGlobals(amount int64) { |
| atomic.Xadd64(&c.globalsScan, amount) |
| } |
| |
| // heapGoal returns the current heap goal. |
| func (c *gcControllerState) heapGoal() uint64 { |
| goal, _ := c.heapGoalInternal() |
| return goal |
| } |
| |
| // heapGoalInternal is the implementation of heapGoal which returns additional |
| // information that is necessary for computing the trigger. |
| // |
| // The returned minTrigger is always <= goal. |
| func (c *gcControllerState) heapGoalInternal() (goal, minTrigger uint64) { |
| // Start with the goal calculated for gcPercent. |
| goal = c.gcPercentHeapGoal.Load() |
| |
| // Check if the memory-limit-based goal is smaller, and if so, pick that. |
| if newGoal := c.memoryLimitHeapGoal(); go119MemoryLimitSupport && newGoal < goal { |
| goal = newGoal |
| } else { |
| // We're not limited by the memory limit goal, so perform a series of |
| // adjustments that might move the goal forward in a variety of circumstances. |
| |
| sweepDistTrigger := c.sweepDistMinTrigger.Load() |
| if sweepDistTrigger > goal { |
| // Set the goal to maintain a minimum sweep distance since |
| // the last call to commit. Note that we never want to do this |
| // if we're in the memory limit regime, because it could push |
| // the goal up. |
| goal = sweepDistTrigger |
| } |
| // Since we ignore the sweep distance trigger in the memory |
| // limit regime, we need to ensure we don't propagate it to |
| // the trigger, because it could cause a violation of the |
| // invariant that the trigger < goal. |
| minTrigger = sweepDistTrigger |
| |
| // Ensure that the heap goal is at least a little larger than |
| // the point at which we triggered. This may not be the case if GC |
| // start is delayed or if the allocation that pushed gcController.heapLive |
| // over trigger is large or if the trigger is really close to |
| // GOGC. Assist is proportional to this distance, so enforce a |
| // minimum distance, even if it means going over the GOGC goal |
| // by a tiny bit. |
| // |
| // Ignore this if we're in the memory limit regime: we'd prefer to |
| // have the GC respond hard about how close we are to the goal than to |
| // push the goal back in such a manner that it could cause us to exceed |
| // the memory limit. |
| const minRunway = 64 << 10 |
| if c.triggered != ^uint64(0) && goal < c.triggered+minRunway { |
| goal = c.triggered + minRunway |
| } |
| } |
| return |
| } |
| |
| // memoryLimitHeapGoal returns a heap goal derived from memoryLimit. |
| func (c *gcControllerState) memoryLimitHeapGoal() uint64 { |
| // Start by pulling out some values we'll need. Be careful about overflow. |
| var heapFree, heapAlloc, mappedReady uint64 |
| for { |
| heapFree = c.heapFree.load() // Free and unscavenged memory. |
| heapAlloc = c.totalAlloc.Load() - c.totalFree.Load() // Heap object bytes in use. |
| mappedReady = c.mappedReady.Load() // Total unreleased mapped memory. |
| if heapFree+heapAlloc <= mappedReady { |
| break |
| } |
| // It is impossible for total unreleased mapped memory to exceed heap memory, but |
| // because these stats are updated independently, we may observe a partial update |
| // including only some values. Thus, we appear to break the invariant. However, |
| // this condition is necessarily transient, so just try again. In the case of a |
| // persistent accounting error, we'll deadlock here. |
| } |
| |
| // Below we compute a goal from memoryLimit. There are a few things to be aware of. |
| // Firstly, the memoryLimit does not easily compare to the heap goal: the former |
| // is total mapped memory by the runtime that hasn't been released, while the latter is |
| // only heap object memory. Intuitively, the way we convert from one to the other is to |
| // subtract everything from memoryLimit that both contributes to the memory limit (so, |
| // ignore scavenged memory) and doesn't contain heap objects. This isn't quite what |
| // lines up with reality, but it's a good starting point. |
| // |
| // In practice this computation looks like the following: |
| // |
| // memoryLimit - ((mappedReady - heapFree - heapAlloc) + max(mappedReady - memoryLimit, 0)) - memoryLimitHeapGoalHeadroom |
| // ^1 ^2 ^3 |
| // |
| // Let's break this down. |
| // |
| // The first term (marker 1) is everything that contributes to the memory limit and isn't |
| // or couldn't become heap objects. It represents, broadly speaking, non-heap overheads. |
| // One oddity you may have noticed is that we also subtract out heapFree, i.e. unscavenged |
| // memory that may contain heap objects in the future. |
| // |
| // Let's take a step back. In an ideal world, this term would look something like just |
| // the heap goal. That is, we "reserve" enough space for the heap to grow to the heap |
| // goal, and subtract out everything else. This is of course impossible; the definition |
| // is circular! However, this impossible definition contains a key insight: the amount |
| // we're *going* to use matters just as much as whatever we're currently using. |
| // |
| // Consider if the heap shrinks to 1/10th its size, leaving behind lots of free and |
| // unscavenged memory. mappedReady - heapAlloc will be quite large, because of that free |
| // and unscavenged memory, pushing the goal down significantly. |
| // |
| // heapFree is also safe to exclude from the memory limit because in the steady-state, it's |
| // just a pool of memory for future heap allocations, and making new allocations from heapFree |
| // memory doesn't increase overall memory use. In transient states, the scavenger and the |
| // allocator actively manage the pool of heapFree memory to maintain the memory limit. |
| // |
| // The second term (marker 2) is the amount of memory we've exceeded the limit by, and is |
| // intended to help recover from such a situation. By pushing the heap goal down, we also |
| // push the trigger down, triggering and finishing a GC sooner in order to make room for |
| // other memory sources. Note that since we're effectively reducing the heap goal by X bytes, |
| // we're actually giving more than X bytes of headroom back, because the heap goal is in |
| // terms of heap objects, but it takes more than X bytes (e.g. due to fragmentation) to store |
| // X bytes worth of objects. |
| // |
| // The third term (marker 3) subtracts an additional memoryLimitHeapGoalHeadroom bytes from the |
| // heap goal. As the name implies, this is to provide additional headroom in the face of pacing |
| // inaccuracies. This is a fixed number of bytes because these inaccuracies disproportionately |
| // affect small heaps: as heaps get smaller, the pacer's inputs get fuzzier. Shorter GC cycles |
| // and less GC work means noisy external factors like the OS scheduler have a greater impact. |
| |
| memoryLimit := uint64(c.memoryLimit.Load()) |
| |
| // Compute term 1. |
| nonHeapMemory := mappedReady - heapFree - heapAlloc |
| |
| // Compute term 2. |
| var overage uint64 |
| if mappedReady > memoryLimit { |
| overage = mappedReady - memoryLimit |
| } |
| |
| if nonHeapMemory+overage >= memoryLimit { |
| // We're at a point where non-heap memory exceeds the memory limit on its own. |
| // There's honestly not much we can do here but just trigger GCs continuously |
| // and let the CPU limiter reign that in. Something has to give at this point. |
| // Set it to heapMarked, the lowest possible goal. |
| return c.heapMarked |
| } |
| |
| // Compute the goal. |
| goal := memoryLimit - (nonHeapMemory + overage) |
| |
| // Apply some headroom to the goal to account for pacing inaccuracies. |
| // Be careful about small limits. |
| if goal < memoryLimitHeapGoalHeadroom || goal-memoryLimitHeapGoalHeadroom < memoryLimitHeapGoalHeadroom { |
| goal = memoryLimitHeapGoalHeadroom |
| } else { |
| goal = goal - memoryLimitHeapGoalHeadroom |
| } |
| // Don't let us go below the live heap. A heap goal below the live heap doesn't make sense. |
| if goal < c.heapMarked { |
| goal = c.heapMarked |
| } |
| return goal |
| } |
| |
| const ( |
| // These constants determine the bounds on the GC trigger as a fraction |
| // of heap bytes allocated between the start of a GC (heapLive == heapMarked) |
| // and the end of a GC (heapLive == heapGoal). |
| // |
| // The constants are obscured in this way for efficiency. The denominator |
| // of the fraction is always a power-of-two for a quick division, so that |
| // the numerator is a single constant integer multiplication. |
| triggerRatioDen = 64 |
| |
| // The minimum trigger constant was chosen empirically: given a sufficiently |
| // fast/scalable allocator with 48 Ps that could drive the trigger ratio |
| // to <0.05, this constant causes applications to retain the same peak |
| // RSS compared to not having this allocator. |
| minTriggerRatioNum = 45 // ~0.7 |
| |
| // The maximum trigger constant is chosen somewhat arbitrarily, but the |
| // current constant has served us well over the years. |
| maxTriggerRatioNum = 61 // ~0.95 |
| ) |
| |
| // trigger returns the current point at which a GC should trigger along with |
| // the heap goal. |
| // |
| // The returned value may be compared against heapLive to determine whether |
| // the GC should trigger. Thus, the GC trigger condition should be (but may |
| // not be, in the case of small movements for efficiency) checked whenever |
| // the heap goal may change. |
| func (c *gcControllerState) trigger() (uint64, uint64) { |
| goal, minTrigger := c.heapGoalInternal() |
| |
| // Invariant: the trigger must always be less than the heap goal. |
| // |
| // Note that the memory limit sets a hard maximum on our heap goal, |
| // but the live heap may grow beyond it. |
| |
| if c.heapMarked >= goal { |
| // The goal should never be smaller than heapMarked, but let's be |
| // defensive about it. The only reasonable trigger here is one that |
| // causes a continuous GC cycle at heapMarked, but respect the goal |
| // if it came out as smaller than that. |
| return goal, goal |
| } |
| |
| // Below this point, c.heapMarked < goal. |
| |
| // heapMarked is our absolute minimum, and it's possible the trigger |
| // bound we get from heapGoalinternal is less than that. |
| if minTrigger < c.heapMarked { |
| minTrigger = c.heapMarked |
| } |
| |
| // If we let the trigger go too low, then if the application |
| // is allocating very rapidly we might end up in a situation |
| // where we're allocating black during a nearly always-on GC. |
| // The result of this is a growing heap and ultimately an |
| // increase in RSS. By capping us at a point >0, we're essentially |
| // saying that we're OK using more CPU during the GC to prevent |
| // this growth in RSS. |
| triggerLowerBound := uint64(((goal-c.heapMarked)/triggerRatioDen)*minTriggerRatioNum) + c.heapMarked |
| if minTrigger < triggerLowerBound { |
| minTrigger = triggerLowerBound |
| } |
| |
| // For small heaps, set the max trigger point at maxTriggerRatio of the way |
| // from the live heap to the heap goal. This ensures we always have *some* |
| // headroom when the GC actually starts. For larger heaps, set the max trigger |
| // point at the goal, minus the minimum heap size. |
| // |
| // This choice follows from the fact that the minimum heap size is chosen |
| // to reflect the costs of a GC with no work to do. With a large heap but |
| // very little scan work to perform, this gives us exactly as much runway |
| // as we would need, in the worst case. |
| maxTrigger := uint64(((goal-c.heapMarked)/triggerRatioDen)*maxTriggerRatioNum) + c.heapMarked |
| if goal > defaultHeapMinimum && goal-defaultHeapMinimum > maxTrigger { |
| maxTrigger = goal - defaultHeapMinimum |
| } |
| if maxTrigger < minTrigger { |
| maxTrigger = minTrigger |
| } |
| |
| // Compute the trigger from our bounds and the runway stored by commit. |
| var trigger uint64 |
| runway := c.runway.Load() |
| if runway > goal { |
| trigger = minTrigger |
| } else { |
| trigger = goal - runway |
| } |
| if trigger < minTrigger { |
| trigger = minTrigger |
| } |
| if trigger > maxTrigger { |
| trigger = maxTrigger |
| } |
| if trigger > goal { |
| print("trigger=", trigger, " heapGoal=", goal, "\n") |
| print("minTrigger=", minTrigger, " maxTrigger=", maxTrigger, "\n") |
| throw("produced a trigger greater than the heap goal") |
| } |
| return trigger, goal |
| } |
| |
| // commit recomputes all pacing parameters needed to derive the |
| // trigger and the heap goal. Namely, the gcPercent-based heap goal, |
| // and the amount of runway we want to give the GC this cycle. |
| // |
| // This can be called any time. If GC is the in the middle of a |
| // concurrent phase, it will adjust the pacing of that phase. |
| // |
| // isSweepDone should be the result of calling isSweepDone(), |
| // unless we're testing or we know we're executing during a GC cycle. |
| // |
| // This depends on gcPercent, gcController.heapMarked, and |
| // gcController.heapLive. These must be up to date. |
| // |
| // Callers must call gcControllerState.revise after calling this |
| // function if the GC is enabled. |
| // |
| // mheap_.lock must be held or the world must be stopped. |
| func (c *gcControllerState) commit(isSweepDone bool) { |
| if !c.test { |
| assertWorldStoppedOrLockHeld(&mheap_.lock) |
| } |
| |
| if isSweepDone { |
| // The sweep is done, so there aren't any restrictions on the trigger |
| // we need to think about. |
| c.sweepDistMinTrigger.Store(0) |
| } else { |
| // Concurrent sweep happens in the heap growth |
| // from gcController.heapLive to trigger. Make sure we |
| // give the sweeper some runway if it doesn't have enough. |
| c.sweepDistMinTrigger.Store(atomic.Load64(&c.heapLive) + sweepMinHeapDistance) |
| } |
| |
| // Compute the next GC goal, which is when the allocated heap |
| // has grown by GOGC/100 over where it started the last cycle, |
| // plus additional runway for non-heap sources of GC work. |
| gcPercentHeapGoal := ^uint64(0) |
| if gcPercent := c.gcPercent.Load(); gcPercent >= 0 { |
| gcPercentHeapGoal = c.heapMarked + (c.heapMarked+atomic.Load64(&c.lastStackScan)+atomic.Load64(&c.globalsScan))*uint64(gcPercent)/100 |
| } |
| // Apply the minimum heap size here. It's defined in terms of gcPercent |
| // and is only updated by functions that call commit. |
| if gcPercentHeapGoal < c.heapMinimum { |
| gcPercentHeapGoal = c.heapMinimum |
| } |
| c.gcPercentHeapGoal.Store(gcPercentHeapGoal) |
| |
| // Compute the amount of runway we want the GC to have by using our |
| // estimate of the cons/mark ratio. |
| // |
| // The idea is to take our expected scan work, and multiply it by |
| // the cons/mark ratio to determine how long it'll take to complete |
| // that scan work in terms of bytes allocated. This gives us our GC's |
| // runway. |
| // |
| // However, the cons/mark ratio is a ratio of rates per CPU-second, but |
| // here we care about the relative rates for some division of CPU |
| // resources among the mutator and the GC. |
| // |
| // To summarize, we have B / cpu-ns, and we want B / ns. We get that |
| // by multiplying by our desired division of CPU resources. We choose |
| // to express CPU resources as GOMAPROCS*fraction. Note that because |
| // we're working with a ratio here, we can omit the number of CPU cores, |
| // because they'll appear in the numerator and denominator and cancel out. |
| // As a result, this is basically just "weighing" the cons/mark ratio by |
| // our desired division of resources. |
| // |
| // Furthermore, by setting the runway so that CPU resources are divided |
| // this way, assuming that the cons/mark ratio is correct, we make that |
| // division a reality. |
| c.runway.Store(uint64((c.consMark * (1 - gcGoalUtilization) / (gcGoalUtilization)) * float64(c.lastHeapScan+c.lastStackScan+c.globalsScan))) |
| } |
| |
| // setGCPercent updates gcPercent. commit must be called after. |
| // Returns the old value of gcPercent. |
| // |
| // The world must be stopped, or mheap_.lock must be held. |
| func (c *gcControllerState) setGCPercent(in int32) int32 { |
| if !c.test { |
| assertWorldStoppedOrLockHeld(&mheap_.lock) |
| } |
| |
| out := c.gcPercent.Load() |
| if in < 0 { |
| in = -1 |
| } |
| c.heapMinimum = defaultHeapMinimum * uint64(in) / 100 |
| c.gcPercent.Store(in) |
| |
| return out |
| } |
| |
| //go:linkname setGCPercent runtime/debug.setGCPercent |
| func setGCPercent(in int32) (out int32) { |
| // Run on the system stack since we grab the heap lock. |
| systemstack(func() { |
| lock(&mheap_.lock) |
| out = gcController.setGCPercent(in) |
| gcControllerCommit() |
| unlock(&mheap_.lock) |
| }) |
| |
| // If we just disabled GC, wait for any concurrent GC mark to |
| // finish so we always return with no GC running. |
| if in < 0 { |
| gcWaitOnMark(atomic.Load(&work.cycles)) |
| } |
| |
| return out |
| } |
| |
| func readGOGC() int32 { |
| p := gogetenv("GOGC") |
| if p == "off" { |
| return -1 |
| } |
| if n, ok := atoi32(p); ok { |
| return n |
| } |
| return 100 |
| } |
| |
| // setMemoryLimit updates memoryLimit. commit must be called after |
| // Returns the old value of memoryLimit. |
| // |
| // The world must be stopped, or mheap_.lock must be held. |
| func (c *gcControllerState) setMemoryLimit(in int64) int64 { |
| if !c.test { |
| assertWorldStoppedOrLockHeld(&mheap_.lock) |
| } |
| |
| out := c.memoryLimit.Load() |
| if in >= 0 { |
| c.memoryLimit.Store(in) |
| } |
| |
| return out |
| } |
| |
| //go:linkname setMemoryLimit runtime/debug.setMemoryLimit |
| func setMemoryLimit(in int64) (out int64) { |
| // Run on the system stack since we grab the heap lock. |
| systemstack(func() { |
| lock(&mheap_.lock) |
| out = gcController.setMemoryLimit(in) |
| if in < 0 || out == in { |
| // If we're just checking the value or not changing |
| // it, there's no point in doing the rest. |
| unlock(&mheap_.lock) |
| return |
| } |
| gcControllerCommit() |
| unlock(&mheap_.lock) |
| }) |
| return out |
| } |
| |
| func readGOMEMLIMIT() int64 { |
| p := gogetenv("GOMEMLIMIT") |
| if p == "" || p == "off" { |
| return maxInt64 |
| } |
| n, ok := parseByteCount(p) |
| if !ok { |
| print("GOMEMLIMIT=", p, "\n") |
| throw("malformed GOMEMLIMIT; see `go doc runtime/debug.SetMemoryLimit`") |
| } |
| return n |
| } |
| |
| type piController struct { |
| kp float64 // Proportional constant. |
| ti float64 // Integral time constant. |
| tt float64 // Reset time. |
| |
| min, max float64 // Output boundaries. |
| |
| // PI controller state. |
| |
| errIntegral float64 // Integral of the error from t=0 to now. |
| |
| // Error flags. |
| errOverflow bool // Set if errIntegral ever overflowed. |
| inputOverflow bool // Set if an operation with the input overflowed. |
| } |
| |
| // next provides a new sample to the controller. |
| // |
| // input is the sample, setpoint is the desired point, and period is how much |
| // time (in whatever unit makes the most sense) has passed since the last sample. |
| // |
| // Returns a new value for the variable it's controlling, and whether the operation |
| // completed successfully. One reason this might fail is if error has been growing |
| // in an unbounded manner, to the point of overflow. |
| // |
| // In the specific case of an error overflow occurs, the errOverflow field will be |
| // set and the rest of the controller's internal state will be fully reset. |
| func (c *piController) next(input, setpoint, period float64) (float64, bool) { |
| // Compute the raw output value. |
| prop := c.kp * (setpoint - input) |
| rawOutput := prop + c.errIntegral |
| |
| // Clamp rawOutput into output. |
| output := rawOutput |
| if isInf(output) || isNaN(output) { |
| // The input had a large enough magnitude that either it was already |
| // overflowed, or some operation with it overflowed. |
| // Set a flag and reset. That's the safest thing to do. |
| c.reset() |
| c.inputOverflow = true |
| return c.min, false |
| } |
| if output < c.min { |
| output = c.min |
| } else if output > c.max { |
| output = c.max |
| } |
| |
| // Update the controller's state. |
| if c.ti != 0 && c.tt != 0 { |
| c.errIntegral += (c.kp*period/c.ti)*(setpoint-input) + (period/c.tt)*(output-rawOutput) |
| if isInf(c.errIntegral) || isNaN(c.errIntegral) { |
| // So much error has accumulated that we managed to overflow. |
| // The assumptions around the controller have likely broken down. |
| // Set a flag and reset. That's the safest thing to do. |
| c.reset() |
| c.errOverflow = true |
| return c.min, false |
| } |
| } |
| return output, true |
| } |
| |
| // reset resets the controller state, except for controller error flags. |
| func (c *piController) reset() { |
| c.errIntegral = 0 |
| } |
| |
| // addIdleMarkWorker attempts to add a new idle mark worker. |
| // |
| // If this returns true, the caller must become an idle mark worker unless |
| // there's no background mark worker goroutines in the pool. This case is |
| // harmless because there are already background mark workers running. |
| // If this returns false, the caller must NOT become an idle mark worker. |
| // |
| // nosplit because it may be called without a P. |
| // |
| //go:nosplit |
| func (c *gcControllerState) addIdleMarkWorker() bool { |
| for { |
| old := c.idleMarkWorkers.Load() |
| n, max := int32(old&uint64(^uint32(0))), int32(old>>32) |
| if n >= max { |
| // See the comment on idleMarkWorkers for why |
| // n > max is tolerated. |
| return false |
| } |
| if n < 0 { |
| print("n=", n, " max=", max, "\n") |
| throw("negative idle mark workers") |
| } |
| new := uint64(uint32(n+1)) | (uint64(max) << 32) |
| if c.idleMarkWorkers.CompareAndSwap(old, new) { |
| return true |
| } |
| } |
| } |
| |
| // needIdleMarkWorker is a hint as to whether another idle mark worker is needed. |
| // |
| // The caller must still call addIdleMarkWorker to become one. This is mainly |
| // useful for a quick check before an expensive operation. |
| // |
| // nosplit because it may be called without a P. |
| // |
| //go:nosplit |
| func (c *gcControllerState) needIdleMarkWorker() bool { |
| p := c.idleMarkWorkers.Load() |
| n, max := int32(p&uint64(^uint32(0))), int32(p>>32) |
| return n < max |
| } |
| |
| // removeIdleMarkWorker must be called when an new idle mark worker stops executing. |
| func (c *gcControllerState) removeIdleMarkWorker() { |
| for { |
| old := c.idleMarkWorkers.Load() |
| n, max := int32(old&uint64(^uint32(0))), int32(old>>32) |
| if n-1 < 0 { |
| print("n=", n, " max=", max, "\n") |
| throw("negative idle mark workers") |
| } |
| new := uint64(uint32(n-1)) | (uint64(max) << 32) |
| if c.idleMarkWorkers.CompareAndSwap(old, new) { |
| return |
| } |
| } |
| } |
| |
| // setMaxIdleMarkWorkers sets the maximum number of idle mark workers allowed. |
| // |
| // This method is optimistic in that it does not wait for the number of |
| // idle mark workers to reduce to max before returning; it assumes the workers |
| // will deschedule themselves. |
| func (c *gcControllerState) setMaxIdleMarkWorkers(max int32) { |
| for { |
| old := c.idleMarkWorkers.Load() |
| n := int32(old & uint64(^uint32(0))) |
| if n < 0 { |
| print("n=", n, " max=", max, "\n") |
| throw("negative idle mark workers") |
| } |
| new := uint64(uint32(n)) | (uint64(max) << 32) |
| if c.idleMarkWorkers.CompareAndSwap(old, new) { |
| return |
| } |
| } |
| } |
| |
| // gcControllerCommit is gcController.commit, but passes arguments from live |
| // (non-test) data. It also updates any consumers of the GC pacing, such as |
| // sweep pacing and the background scavenger. |
| // |
| // Calls gcController.commit. |
| // |
| // The heap lock must be held, so this must be executed on the system stack. |
| // |
| //go:systemstack |
| func gcControllerCommit() { |
| assertWorldStoppedOrLockHeld(&mheap_.lock) |
| |
| gcController.commit(isSweepDone()) |
| |
| // Update mark pacing. |
| if gcphase != _GCoff { |
| gcController.revise() |
| } |
| |
| // TODO(mknyszek): This isn't really accurate any longer because the heap |
| // goal is computed dynamically. Still useful to snapshot, but not as useful. |
| if trace.enabled { |
| traceHeapGoal() |
| } |
| |
| trigger, heapGoal := gcController.trigger() |
| gcPaceSweeper(trigger) |
| gcPaceScavenger(gcController.memoryLimit.Load(), heapGoal, gcController.lastHeapGoal) |
| } |