blob: 2d9fd277486ee4025d8be0d3079a6f5201a6f18c [file] [log] [blame]
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package runtime
import (
"internal/cpu"
"internal/goexperiment"
"runtime/internal/atomic"
"unsafe"
)
// go119MemoryLimitSupport is a feature flag for a number of changes
// related to the memory limit feature (#48409). Disabling this flag
// disables those features, as well as the memory limit mechanism,
// which becomes a no-op.
const go119MemoryLimitSupport = true
const (
// gcGoalUtilization is the goal CPU utilization for
// marking as a fraction of GOMAXPROCS.
//
// Increasing the goal utilization will shorten GC cycles as the GC
// has more resources behind it, lessening costs from the write barrier,
// but comes at the cost of increasing mutator latency.
gcGoalUtilization = gcBackgroundUtilization
// gcBackgroundUtilization is the fixed CPU utilization for background
// marking. It must be <= gcGoalUtilization. The difference between
// gcGoalUtilization and gcBackgroundUtilization will be made up by
// mark assists. The scheduler will aim to use within 50% of this
// goal.
//
// As a general rule, there's little reason to set gcBackgroundUtilization
// < gcGoalUtilization. One reason might be in mostly idle applications,
// where goroutines are unlikely to assist at all, so the actual
// utilization will be lower than the goal. But this is moot point
// because the idle mark workers already soak up idle CPU resources.
// These two values are still kept separate however because they are
// distinct conceptually, and in previous iterations of the pacer the
// distinction was more important.
gcBackgroundUtilization = 0.25
// gcCreditSlack is the amount of scan work credit that can
// accumulate locally before updating gcController.heapScanWork and,
// optionally, gcController.bgScanCredit. Lower values give a more
// accurate assist ratio and make it more likely that assists will
// successfully steal background credit. Higher values reduce memory
// contention.
gcCreditSlack = 2000
// gcAssistTimeSlack is the nanoseconds of mutator assist time that
// can accumulate on a P before updating gcController.assistTime.
gcAssistTimeSlack = 5000
// gcOverAssistWork determines how many extra units of scan work a GC
// assist does when an assist happens. This amortizes the cost of an
// assist by pre-paying for this many bytes of future allocations.
gcOverAssistWork = 64 << 10
// defaultHeapMinimum is the value of heapMinimum for GOGC==100.
defaultHeapMinimum = (goexperiment.HeapMinimum512KiBInt)*(512<<10) +
(1-goexperiment.HeapMinimum512KiBInt)*(4<<20)
// maxStackScanSlack is the bytes of stack space allocated or freed
// that can accumulate on a P before updating gcController.stackSize.
maxStackScanSlack = 8 << 10
// memoryLimitHeapGoalHeadroom is the amount of headroom the pacer gives to
// the heap goal when operating in the memory-limited regime. That is,
// it'll reduce the heap goal by this many extra bytes off of the base
// calculation.
memoryLimitHeapGoalHeadroom = 1 << 20
)
func init() {
if offset := unsafe.Offsetof(gcController.heapLive); offset%8 != 0 {
println(offset)
throw("gcController.heapLive not aligned to 8 bytes")
}
}
// gcController implements the GC pacing controller that determines
// when to trigger concurrent garbage collection and how much marking
// work to do in mutator assists and background marking.
//
// It calculates the ratio between the allocation rate (in terms of CPU
// time) and the GC scan throughput to determine the heap size at which to
// trigger a GC cycle such that no GC assists are required to finish on time.
// This algorithm thus optimizes GC CPU utilization to the dedicated background
// mark utilization of 25% of GOMAXPROCS by minimizing GC assists.
// GOMAXPROCS. The high-level design of this algorithm is documented
// at https://github.com/golang/proposal/blob/master/design/44167-gc-pacer-redesign.md.
// See https://golang.org/s/go15gcpacing for additional historical context.
var gcController gcControllerState
type gcControllerState struct {
// Initialized from GOGC. GOGC=off means no GC.
gcPercent atomic.Int32
_ uint32 // padding so following 64-bit values are 8-byte aligned
// memoryLimit is the soft memory limit in bytes.
//
// Initialized from GOMEMLIMIT. GOMEMLIMIT=off is equivalent to MaxInt64
// which means no soft memory limit in practice.
//
// This is an int64 instead of a uint64 to more easily maintain parity with
// the SetMemoryLimit API, which sets a maximum at MaxInt64. This value
// should never be negative.
memoryLimit atomic.Int64
// heapMinimum is the minimum heap size at which to trigger GC.
// For small heaps, this overrides the usual GOGC*live set rule.
//
// When there is a very small live set but a lot of allocation, simply
// collecting when the heap reaches GOGC*live results in many GC
// cycles and high total per-GC overhead. This minimum amortizes this
// per-GC overhead while keeping the heap reasonably small.
//
// During initialization this is set to 4MB*GOGC/100. In the case of
// GOGC==0, this will set heapMinimum to 0, resulting in constant
// collection even when the heap size is small, which is useful for
// debugging.
heapMinimum uint64
// runway is the amount of runway in heap bytes allocated by the
// application that we want to give the GC once it starts.
//
// This is computed from consMark during mark termination.
runway atomic.Uint64
// consMark is the estimated per-CPU consMark ratio for the application.
//
// It represents the ratio between the application's allocation
// rate, as bytes allocated per CPU-time, and the GC's scan rate,
// as bytes scanned per CPU-time.
// The units of this ratio are (B / cpu-ns) / (B / cpu-ns).
//
// At a high level, this value is computed as the bytes of memory
// allocated (cons) per unit of scan work completed (mark) in a GC
// cycle, divided by the CPU time spent on each activity.
//
// Updated at the end of each GC cycle, in endCycle.
consMark float64
// consMarkController holds the state for the mark-cons ratio
// estimation over time.
//
// Its purpose is to smooth out noisiness in the computation of
// consMark; see consMark for details.
consMarkController piController
_ uint32 // Padding for atomics on 32-bit platforms.
// gcPercentHeapGoal is the goal heapLive for when next GC ends derived
// from gcPercent.
//
// Set to ^uint64(0) if gcPercent is disabled.
gcPercentHeapGoal atomic.Uint64
// sweepDistMinTrigger is the minimum trigger to ensure a minimum
// sweep distance.
//
// This bound is also special because it applies to both the trigger
// *and* the goal (all other trigger bounds must be based *on* the goal).
//
// It is computed ahead of time, at commit time. The theory is that,
// absent a sudden change to a parameter like gcPercent, the trigger
// will be chosen to always give the sweeper enough headroom. However,
// such a change might dramatically and suddenly move up the trigger,
// in which case we need to ensure the sweeper still has enough headroom.
sweepDistMinTrigger atomic.Uint64
// triggered is the point at which the current GC cycle actually triggered.
// Only valid during the mark phase of a GC cycle, otherwise set to ^uint64(0).
//
// Updated while the world is stopped.
triggered uint64
// lastHeapGoal is the value of heapGoal at the moment the last GC
// ended. Note that this is distinct from the last value heapGoal had,
// because it could change if e.g. gcPercent changes.
//
// Read and written with the world stopped or with mheap_.lock held.
lastHeapGoal uint64
// heapLive is the number of bytes considered live by the GC.
// That is: retained by the most recent GC plus allocated
// since then. heapLive ≤ memstats.totalAlloc-memstats.totalFree, since
// heapAlloc includes unmarked objects that have not yet been swept (and
// hence goes up as we allocate and down as we sweep) while heapLive
// excludes these objects (and hence only goes up between GCs).
//
// This is updated atomically without locking. To reduce
// contention, this is updated only when obtaining a span from
// an mcentral and at this point it counts all of the
// unallocated slots in that span (which will be allocated
// before that mcache obtains another span from that
// mcentral). Hence, it slightly overestimates the "true" live
// heap size. It's better to overestimate than to
// underestimate because 1) this triggers the GC earlier than
// necessary rather than potentially too late and 2) this
// leads to a conservative GC rate rather than a GC rate that
// is potentially too low.
//
// Reads should likewise be atomic (or during STW).
//
// Whenever this is updated, call traceHeapAlloc() and
// this gcControllerState's revise() method.
heapLive uint64
// heapScan is the number of bytes of "scannable" heap. This
// is the live heap (as counted by heapLive), but omitting
// no-scan objects and no-scan tails of objects.
//
// This value is fixed at the start of a GC cycle, so during a
// GC cycle it is safe to read without atomics, and it represents
// the maximum scannable heap.
heapScan uint64
// lastHeapScan is the number of bytes of heap that were scanned
// last GC cycle. It is the same as heapMarked, but only
// includes the "scannable" parts of objects.
//
// Updated when the world is stopped.
lastHeapScan uint64
// lastStackScan is the number of bytes of stack that were scanned
// last GC cycle.
lastStackScan uint64
// maxStackScan is the amount of allocated goroutine stack space in
// use by goroutines.
//
// This number tracks allocated goroutine stack space rather than used
// goroutine stack space (i.e. what is actually scanned) because used
// goroutine stack space is much harder to measure cheaply. By using
// allocated space, we make an overestimate; this is OK, it's better
// to conservatively overcount than undercount.
//
// Read and updated atomically.
maxStackScan uint64
// globalsScan is the total amount of global variable space
// that is scannable.
//
// Read and updated atomically.
globalsScan uint64
// heapMarked is the number of bytes marked by the previous
// GC. After mark termination, heapLive == heapMarked, but
// unlike heapLive, heapMarked does not change until the
// next mark termination.
heapMarked uint64
// heapScanWork is the total heap scan work performed this cycle.
// stackScanWork is the total stack scan work performed this cycle.
// globalsScanWork is the total globals scan work performed this cycle.
//
// These are updated atomically during the cycle. Updates occur in
// bounded batches, since they are both written and read
// throughout the cycle. At the end of the cycle, heapScanWork is how
// much of the retained heap is scannable.
//
// Currently these are measured in bytes. For most uses, this is an
// opaque unit of work, but for estimation the definition is important.
//
// Note that stackScanWork includes only stack space scanned, not all
// of the allocated stack.
heapScanWork atomic.Int64
stackScanWork atomic.Int64
globalsScanWork atomic.Int64
// bgScanCredit is the scan work credit accumulated by the
// concurrent background scan. This credit is accumulated by
// the background scan and stolen by mutator assists. This is
// updated atomically. Updates occur in bounded batches, since
// it is both written and read throughout the cycle.
bgScanCredit int64
// assistTime is the nanoseconds spent in mutator assists
// during this cycle. This is updated atomically, and must also
// be updated atomically even during a STW, because it is read
// by sysmon. Updates occur in bounded batches, since it is both
// written and read throughout the cycle.
assistTime atomic.Int64
// dedicatedMarkTime is the nanoseconds spent in dedicated
// mark workers during this cycle. This is updated atomically
// at the end of the concurrent mark phase.
dedicatedMarkTime int64
// fractionalMarkTime is the nanoseconds spent in the
// fractional mark worker during this cycle. This is updated
// atomically throughout the cycle and will be up-to-date if
// the fractional mark worker is not currently running.
fractionalMarkTime int64
// idleMarkTime is the nanoseconds spent in idle marking
// during this cycle. This is updated atomically throughout
// the cycle.
idleMarkTime int64
// markStartTime is the absolute start time in nanoseconds
// that assists and background mark workers started.
markStartTime int64
// dedicatedMarkWorkersNeeded is the number of dedicated mark
// workers that need to be started. This is computed at the
// beginning of each cycle and decremented atomically as
// dedicated mark workers get started.
dedicatedMarkWorkersNeeded int64
// idleMarkWorkers is two packed int32 values in a single uint64.
// These two values are always updated simultaneously.
//
// The bottom int32 is the current number of idle mark workers executing.
//
// The top int32 is the maximum number of idle mark workers allowed to
// execute concurrently. Normally, this number is just gomaxprocs. However,
// during periodic GC cycles it is set to 0 because the system is idle
// anyway; there's no need to go full blast on all of GOMAXPROCS.
//
// The maximum number of idle mark workers is used to prevent new workers
// from starting, but it is not a hard maximum. It is possible (but
// exceedingly rare) for the current number of idle mark workers to
// transiently exceed the maximum. This could happen if the maximum changes
// just after a GC ends, and an M with no P.
//
// Note that if we have no dedicated mark workers, we set this value to
// 1 in this case we only have fractional GC workers which aren't scheduled
// strictly enough to ensure GC progress. As a result, idle-priority mark
// workers are vital to GC progress in these situations.
//
// For example, consider a situation in which goroutines block on the GC
// (such as via runtime.GOMAXPROCS) and only fractional mark workers are
// scheduled (e.g. GOMAXPROCS=1). Without idle-priority mark workers, the
// last running M might skip scheduling a fractional mark worker if its
// utilization goal is met, such that once it goes to sleep (because there's
// nothing to do), there will be nothing else to spin up a new M for the
// fractional worker in the future, stalling GC progress and causing a
// deadlock. However, idle-priority workers will *always* run when there is
// nothing left to do, ensuring the GC makes progress.
//
// See github.com/golang/go/issues/44163 for more details.
idleMarkWorkers atomic.Uint64
// assistWorkPerByte is the ratio of scan work to allocated
// bytes that should be performed by mutator assists. This is
// computed at the beginning of each cycle and updated every
// time heapScan is updated.
assistWorkPerByte atomic.Float64
// assistBytesPerWork is 1/assistWorkPerByte.
//
// Note that because this is read and written independently
// from assistWorkPerByte users may notice a skew between
// the two values, and such a state should be safe.
assistBytesPerWork atomic.Float64
// fractionalUtilizationGoal is the fraction of wall clock
// time that should be spent in the fractional mark worker on
// each P that isn't running a dedicated worker.
//
// For example, if the utilization goal is 25% and there are
// no dedicated workers, this will be 0.25. If the goal is
// 25%, there is one dedicated worker, and GOMAXPROCS is 5,
// this will be 0.05 to make up the missing 5%.
//
// If this is zero, no fractional workers are needed.
fractionalUtilizationGoal float64
// These memory stats are effectively duplicates of fields from
// memstats.heapStats but are updated atomically or with the world
// stopped and don't provide the same consistency guarantees.
//
// Because the runtime is responsible for managing a memory limit, it's
// useful to couple these stats more tightly to the gcController, which
// is intimately connected to how that memory limit is maintained.
heapInUse sysMemStat // bytes in mSpanInUse spans
heapReleased sysMemStat // bytes released to the OS
heapFree sysMemStat // bytes not in any span, but not released to the OS
totalAlloc atomic.Uint64 // total bytes allocated
totalFree atomic.Uint64 // total bytes freed
mappedReady atomic.Uint64 // total virtual memory in the Ready state (see mem.go).
// test indicates that this is a test-only copy of gcControllerState.
test bool
_ cpu.CacheLinePad
}
func (c *gcControllerState) init(gcPercent int32, memoryLimit int64) {
c.heapMinimum = defaultHeapMinimum
c.triggered = ^uint64(0)
c.consMarkController = piController{
// Tuned first via the Ziegler-Nichols process in simulation,
// then the integral time was manually tuned against real-world
// applications to deal with noisiness in the measured cons/mark
// ratio.
kp: 0.9,
ti: 4.0,
// Set a high reset time in GC cycles.
// This is inversely proportional to the rate at which we
// accumulate error from clipping. By making this very high
// we make the accumulation slow. In general, clipping is
// OK in our situation, hence the choice.
//
// Tune this if we get unintended effects from clipping for
// a long time.
tt: 1000,
min: -1000,
max: 1000,
}
c.setGCPercent(gcPercent)
c.setMemoryLimit(memoryLimit)
c.commit(true) // No sweep phase in the first GC cycle.
// N.B. Don't bother calling traceHeapGoal. Tracing is never enabled at
// initialization time.
// N.B. No need to call revise; there's no GC enabled during
// initialization.
}
// startCycle resets the GC controller's state and computes estimates
// for a new GC cycle. The caller must hold worldsema and the world
// must be stopped.
func (c *gcControllerState) startCycle(markStartTime int64, procs int, trigger gcTrigger) {
c.heapScanWork.Store(0)
c.stackScanWork.Store(0)
c.globalsScanWork.Store(0)
c.bgScanCredit = 0
c.assistTime.Store(0)
c.dedicatedMarkTime = 0
c.fractionalMarkTime = 0
c.idleMarkTime = 0
c.markStartTime = markStartTime
// TODO(mknyszek): This is supposed to be the actual trigger point for the heap, but
// causes regressions in memory use. The cause is that the PI controller used to smooth
// the cons/mark ratio measurements tends to flail when using the less accurate precomputed
// trigger for the cons/mark calculation, and this results in the controller being more
// conservative about steady-states it tries to find in the future.
//
// This conservatism is transient, but these transient states tend to matter for short-lived
// programs, especially because the PI controller is overdamped, partially because it is
// configured with a relatively large time constant.
//
// Ultimately, I think this is just two mistakes piled on one another: the choice of a swingy
// smoothing function that recalls a fairly long history (due to its overdamped time constant)
// coupled with an inaccurate cons/mark calculation. It just so happens this works better
// today, and it makes it harder to change things in the future.
//
// This is described in #53738. Fix this for #53892 by changing back to the actual trigger
// point and simplifying the smoothing function.
heapTrigger, heapGoal := c.trigger()
c.triggered = heapTrigger
// Compute the background mark utilization goal. In general,
// this may not come out exactly. We round the number of
// dedicated workers so that the utilization is closest to
// 25%. For small GOMAXPROCS, this would introduce too much
// error, so we add fractional workers in that case.
totalUtilizationGoal := float64(procs) * gcBackgroundUtilization
c.dedicatedMarkWorkersNeeded = int64(totalUtilizationGoal + 0.5)
utilError := float64(c.dedicatedMarkWorkersNeeded)/totalUtilizationGoal - 1
const maxUtilError = 0.3
if utilError < -maxUtilError || utilError > maxUtilError {
// Rounding put us more than 30% off our goal. With
// gcBackgroundUtilization of 25%, this happens for
// GOMAXPROCS<=3 or GOMAXPROCS=6. Enable fractional
// workers to compensate.
if float64(c.dedicatedMarkWorkersNeeded) > totalUtilizationGoal {
// Too many dedicated workers.
c.dedicatedMarkWorkersNeeded--
}
c.fractionalUtilizationGoal = (totalUtilizationGoal - float64(c.dedicatedMarkWorkersNeeded)) / float64(procs)
} else {
c.fractionalUtilizationGoal = 0
}
// In STW mode, we just want dedicated workers.
if debug.gcstoptheworld > 0 {
c.dedicatedMarkWorkersNeeded = int64(procs)
c.fractionalUtilizationGoal = 0
}
// Clear per-P state
for _, p := range allp {
p.gcAssistTime = 0
p.gcFractionalMarkTime = 0
}
if trigger.kind == gcTriggerTime {
// During a periodic GC cycle, reduce the number of idle mark workers
// required. However, we need at least one dedicated mark worker or
// idle GC worker to ensure GC progress in some scenarios (see comment
// on maxIdleMarkWorkers).
if c.dedicatedMarkWorkersNeeded > 0 {
c.setMaxIdleMarkWorkers(0)
} else {
// TODO(mknyszek): The fundamental reason why we need this is because
// we can't count on the fractional mark worker to get scheduled.
// Fix that by ensuring it gets scheduled according to its quota even
// if the rest of the application is idle.
c.setMaxIdleMarkWorkers(1)
}
} else {
// N.B. gomaxprocs and dedicatedMarkWorkersNeeded is guaranteed not to
// change during a GC cycle.
c.setMaxIdleMarkWorkers(int32(procs) - int32(c.dedicatedMarkWorkersNeeded))
}
// Compute initial values for controls that are updated
// throughout the cycle.
c.revise()
if debug.gcpacertrace > 0 {
assistRatio := c.assistWorkPerByte.Load()
print("pacer: assist ratio=", assistRatio,
" (scan ", gcController.heapScan>>20, " MB in ",
work.initialHeapLive>>20, "->",
heapGoal>>20, " MB)",
" workers=", c.dedicatedMarkWorkersNeeded,
"+", c.fractionalUtilizationGoal, "\n")
}
}
// revise updates the assist ratio during the GC cycle to account for
// improved estimates. This should be called whenever gcController.heapScan,
// gcController.heapLive, or if any inputs to gcController.heapGoal are
// updated. It is safe to call concurrently, but it may race with other
// calls to revise.
//
// The result of this race is that the two assist ratio values may not line
// up or may be stale. In practice this is OK because the assist ratio
// moves slowly throughout a GC cycle, and the assist ratio is a best-effort
// heuristic anyway. Furthermore, no part of the heuristic depends on
// the two assist ratio values being exact reciprocals of one another, since
// the two values are used to convert values from different sources.
//
// The worst case result of this raciness is that we may miss a larger shift
// in the ratio (say, if we decide to pace more aggressively against the
// hard heap goal) but even this "hard goal" is best-effort (see #40460).
// The dedicated GC should ensure we don't exceed the hard goal by too much
// in the rare case we do exceed it.
//
// It should only be called when gcBlackenEnabled != 0 (because this
// is when assists are enabled and the necessary statistics are
// available).
func (c *gcControllerState) revise() {
gcPercent := c.gcPercent.Load()
if gcPercent < 0 {
// If GC is disabled but we're running a forced GC,
// act like GOGC is huge for the below calculations.
gcPercent = 100000
}
live := atomic.Load64(&c.heapLive)
scan := atomic.Load64(&c.heapScan)
work := c.heapScanWork.Load() + c.stackScanWork.Load() + c.globalsScanWork.Load()
// Assume we're under the soft goal. Pace GC to complete at
// heapGoal assuming the heap is in steady-state.
heapGoal := int64(c.heapGoal())
// The expected scan work is computed as the amount of bytes scanned last
// GC cycle (both heap and stack), plus our estimate of globals work for this cycle.
scanWorkExpected := int64(c.lastHeapScan + c.lastStackScan + c.globalsScan)
// maxScanWork is a worst-case estimate of the amount of scan work that
// needs to be performed in this GC cycle. Specifically, it represents
// the case where *all* scannable memory turns out to be live, and
// *all* allocated stack space is scannable.
maxStackScan := atomic.Load64(&c.maxStackScan)
maxScanWork := int64(scan + maxStackScan + c.globalsScan)
if work > scanWorkExpected {
// We've already done more scan work than expected. Because our expectation
// is based on a steady-state scannable heap size, we assume this means our
// heap is growing. Compute a new heap goal that takes our existing runway
// computed for scanWorkExpected and extrapolates it to maxScanWork, the worst-case
// scan work. This keeps our assist ratio stable if the heap continues to grow.
//
// The effect of this mechanism is that assists stay flat in the face of heap
// growths. It's OK to use more memory this cycle to scan all the live heap,
// because the next GC cycle is inevitably going to use *at least* that much
// memory anyway.
extHeapGoal := int64(float64(heapGoal-int64(c.triggered))/float64(scanWorkExpected)*float64(maxScanWork)) + int64(c.triggered)
scanWorkExpected = maxScanWork
// hardGoal is a hard limit on the amount that we're willing to push back the
// heap goal, and that's twice the heap goal (i.e. if GOGC=100 and the heap and/or
// stacks and/or globals grow to twice their size, this limits the current GC cycle's
// growth to 4x the original live heap's size).
//
// This maintains the invariant that we use no more memory than the next GC cycle
// will anyway.
hardGoal := int64((1.0 + float64(gcPercent)/100.0) * float64(heapGoal))
if extHeapGoal > hardGoal {
extHeapGoal = hardGoal
}
heapGoal = extHeapGoal
}
if int64(live) > heapGoal {
// We're already past our heap goal, even the extrapolated one.
// Leave ourselves some extra runway, so in the worst case we
// finish by that point.
const maxOvershoot = 1.1
heapGoal = int64(float64(heapGoal) * maxOvershoot)
// Compute the upper bound on the scan work remaining.
scanWorkExpected = maxScanWork
}
// Compute the remaining scan work estimate.
//
// Note that we currently count allocations during GC as both
// scannable heap (heapScan) and scan work completed
// (scanWork), so allocation will change this difference
// slowly in the soft regime and not at all in the hard
// regime.
scanWorkRemaining := scanWorkExpected - work
if scanWorkRemaining < 1000 {
// We set a somewhat arbitrary lower bound on
// remaining scan work since if we aim a little high,
// we can miss by a little.
//
// We *do* need to enforce that this is at least 1,
// since marking is racy and double-scanning objects
// may legitimately make the remaining scan work
// negative, even in the hard goal regime.
scanWorkRemaining = 1000
}
// Compute the heap distance remaining.
heapRemaining := heapGoal - int64(live)
if heapRemaining <= 0 {
// This shouldn't happen, but if it does, avoid
// dividing by zero or setting the assist negative.
heapRemaining = 1
}
// Compute the mutator assist ratio so by the time the mutator
// allocates the remaining heap bytes up to heapGoal, it will
// have done (or stolen) the remaining amount of scan work.
// Note that the assist ratio values are updated atomically
// but not together. This means there may be some degree of
// skew between the two values. This is generally OK as the
// values shift relatively slowly over the course of a GC
// cycle.
assistWorkPerByte := float64(scanWorkRemaining) / float64(heapRemaining)
assistBytesPerWork := float64(heapRemaining) / float64(scanWorkRemaining)
c.assistWorkPerByte.Store(assistWorkPerByte)
c.assistBytesPerWork.Store(assistBytesPerWork)
}
// endCycle computes the consMark estimate for the next cycle.
// userForced indicates whether the current GC cycle was forced
// by the application.
func (c *gcControllerState) endCycle(now int64, procs int, userForced bool) {
// Record last heap goal for the scavenger.
// We'll be updating the heap goal soon.
gcController.lastHeapGoal = c.heapGoal()
// Compute the duration of time for which assists were turned on.
assistDuration := now - c.markStartTime
// Assume background mark hit its utilization goal.
utilization := gcBackgroundUtilization
// Add assist utilization; avoid divide by zero.
if assistDuration > 0 {
utilization += float64(c.assistTime.Load()) / float64(assistDuration*int64(procs))
}
if c.heapLive <= c.triggered {
// Shouldn't happen, but let's be very safe about this in case the
// GC is somehow extremely short.
//
// In this case though, the only reasonable value for c.heapLive-c.triggered
// would be 0, which isn't really all that useful, i.e. the GC was so short
// that it didn't matter.
//
// Ignore this case and don't update anything.
return
}
idleUtilization := 0.0
if assistDuration > 0 {
idleUtilization = float64(c.idleMarkTime) / float64(assistDuration*int64(procs))
}
// Determine the cons/mark ratio.
//
// The units we want for the numerator and denominator are both B / cpu-ns.
// We get this by taking the bytes allocated or scanned, and divide by the amount of
// CPU time it took for those operations. For allocations, that CPU time is
//
// assistDuration * procs * (1 - utilization)
//
// Where utilization includes just background GC workers and assists. It does *not*
// include idle GC work time, because in theory the mutator is free to take that at
// any point.
//
// For scanning, that CPU time is
//
// assistDuration * procs * (utilization + idleUtilization)
//
// In this case, we *include* idle utilization, because that is additional CPU time that the
// the GC had available to it.
//
// In effect, idle GC time is sort of double-counted here, but it's very weird compared
// to other kinds of GC work, because of how fluid it is. Namely, because the mutator is
// *always* free to take it.
//
// So this calculation is really:
// (heapLive-trigger) / (assistDuration * procs * (1-utilization)) /
// (scanWork) / (assistDuration * procs * (utilization+idleUtilization)
//
// Note that because we only care about the ratio, assistDuration and procs cancel out.
scanWork := c.heapScanWork.Load() + c.stackScanWork.Load() + c.globalsScanWork.Load()
currentConsMark := (float64(c.heapLive-c.triggered) * (utilization + idleUtilization)) /
(float64(scanWork) * (1 - utilization))
// Update cons/mark controller. The time period for this is 1 GC cycle.
//
// This use of a PI controller might seem strange. So, here's an explanation:
//
// currentConsMark represents the consMark we *should've* had to be perfectly
// on-target for this cycle. Given that we assume the next GC will be like this
// one in the steady-state, it stands to reason that we should just pick that
// as our next consMark. In practice, however, currentConsMark is too noisy:
// we're going to be wildly off-target in each GC cycle if we do that.
//
// What we do instead is make a long-term assumption: there is some steady-state
// consMark value, but it's obscured by noise. By constantly shooting for this
// noisy-but-perfect consMark value, the controller will bounce around a bit,
// but its average behavior, in aggregate, should be less noisy and closer to
// the true long-term consMark value, provided its tuned to be slightly overdamped.
var ok bool
oldConsMark := c.consMark
c.consMark, ok = c.consMarkController.next(c.consMark, currentConsMark, 1.0)
if !ok {
// The error spiraled out of control. This is incredibly unlikely seeing
// as this controller is essentially just a smoothing function, but it might
// mean that something went very wrong with how currentConsMark was calculated.
// Just reset consMark and keep going.
c.consMark = 0
}
if debug.gcpacertrace > 0 {
printlock()
goal := gcGoalUtilization * 100
print("pacer: ", int(utilization*100), "% CPU (", int(goal), " exp.) for ")
print(c.heapScanWork.Load(), "+", c.stackScanWork.Load(), "+", c.globalsScanWork.Load(), " B work (", c.lastHeapScan+c.lastStackScan+c.globalsScan, " B exp.) ")
print("in ", c.triggered, " B -> ", c.heapLive, " B (∆goal ", int64(c.heapLive)-int64(c.lastHeapGoal), ", cons/mark ", oldConsMark, ")")
if !ok {
print("[controller reset]")
}
println()
printunlock()
}
}
// enlistWorker encourages another dedicated mark worker to start on
// another P if there are spare worker slots. It is used by putfull
// when more work is made available.
//
//go:nowritebarrier
func (c *gcControllerState) enlistWorker() {
// If there are idle Ps, wake one so it will run an idle worker.
// NOTE: This is suspected of causing deadlocks. See golang.org/issue/19112.
//
// if atomic.Load(&sched.npidle) != 0 && atomic.Load(&sched.nmspinning) == 0 {
// wakep()
// return
// }
// There are no idle Ps. If we need more dedicated workers,
// try to preempt a running P so it will switch to a worker.
if c.dedicatedMarkWorkersNeeded <= 0 {
return
}
// Pick a random other P to preempt.
if gomaxprocs <= 1 {
return
}
gp := getg()
if gp == nil || gp.m == nil || gp.m.p == 0 {
return
}
myID := gp.m.p.ptr().id
for tries := 0; tries < 5; tries++ {
id := int32(fastrandn(uint32(gomaxprocs - 1)))
if id >= myID {
id++
}
p := allp[id]
if p.status != _Prunning {
continue
}
if preemptone(p) {
return
}
}
}
// findRunnableGCWorker returns a background mark worker for _p_ if it
// should be run. This must only be called when gcBlackenEnabled != 0.
func (c *gcControllerState) findRunnableGCWorker(_p_ *p, now int64) (*g, int64) {
if gcBlackenEnabled == 0 {
throw("gcControllerState.findRunnable: blackening not enabled")
}
// Since we have the current time, check if the GC CPU limiter
// hasn't had an update in a while. This check is necessary in
// case the limiter is on but hasn't been checked in a while and
// so may have left sufficient headroom to turn off again.
if now == 0 {
now = nanotime()
}
if gcCPULimiter.needUpdate(now) {
gcCPULimiter.update(now)
}
if !gcMarkWorkAvailable(_p_) {
// No work to be done right now. This can happen at
// the end of the mark phase when there are still
// assists tapering off. Don't bother running a worker
// now because it'll just return immediately.
return nil, now
}
// Grab a worker before we commit to running below.
node := (*gcBgMarkWorkerNode)(gcBgMarkWorkerPool.pop())
if node == nil {
// There is at least one worker per P, so normally there are
// enough workers to run on all Ps, if necessary. However, once
// a worker enters gcMarkDone it may park without rejoining the
// pool, thus freeing a P with no corresponding worker.
// gcMarkDone never depends on another worker doing work, so it
// is safe to simply do nothing here.
//
// If gcMarkDone bails out without completing the mark phase,
// it will always do so with queued global work. Thus, that P
// will be immediately eligible to re-run the worker G it was
// just using, ensuring work can complete.
return nil, now
}
decIfPositive := func(ptr *int64) bool {
for {
v := atomic.Loadint64(ptr)
if v <= 0 {
return false
}
if atomic.Casint64(ptr, v, v-1) {
return true
}
}
}
if decIfPositive(&c.dedicatedMarkWorkersNeeded) {
// This P is now dedicated to marking until the end of
// the concurrent mark phase.
_p_.gcMarkWorkerMode = gcMarkWorkerDedicatedMode
} else if c.fractionalUtilizationGoal == 0 {
// No need for fractional workers.
gcBgMarkWorkerPool.push(&node.node)
return nil, now
} else {
// Is this P behind on the fractional utilization
// goal?
//
// This should be kept in sync with pollFractionalWorkerExit.
delta := now - c.markStartTime
if delta > 0 && float64(_p_.gcFractionalMarkTime)/float64(delta) > c.fractionalUtilizationGoal {
// Nope. No need to run a fractional worker.
gcBgMarkWorkerPool.push(&node.node)
return nil, now
}
// Run a fractional worker.
_p_.gcMarkWorkerMode = gcMarkWorkerFractionalMode
}
// Run the background mark worker.
gp := node.gp.ptr()
casgstatus(gp, _Gwaiting, _Grunnable)
if trace.enabled {
traceGoUnpark(gp, 0)
}
return gp, now
}
// resetLive sets up the controller state for the next mark phase after the end
// of the previous one. Must be called after endCycle and before commit, before
// the world is started.
//
// The world must be stopped.
func (c *gcControllerState) resetLive(bytesMarked uint64) {
c.heapMarked = bytesMarked
c.heapLive = bytesMarked
c.heapScan = uint64(c.heapScanWork.Load())
c.lastHeapScan = uint64(c.heapScanWork.Load())
c.lastStackScan = uint64(c.stackScanWork.Load())
c.triggered = ^uint64(0) // Reset triggered.
// heapLive was updated, so emit a trace event.
if trace.enabled {
traceHeapAlloc()
}
}
// markWorkerStop must be called whenever a mark worker stops executing.
//
// It updates mark work accounting in the controller by a duration of
// work in nanoseconds and other bookkeeping.
//
// Safe to execute at any time.
func (c *gcControllerState) markWorkerStop(mode gcMarkWorkerMode, duration int64) {
switch mode {
case gcMarkWorkerDedicatedMode:
atomic.Xaddint64(&c.dedicatedMarkTime, duration)
atomic.Xaddint64(&c.dedicatedMarkWorkersNeeded, 1)
case gcMarkWorkerFractionalMode:
atomic.Xaddint64(&c.fractionalMarkTime, duration)
case gcMarkWorkerIdleMode:
atomic.Xaddint64(&c.idleMarkTime, duration)
c.removeIdleMarkWorker()
default:
throw("markWorkerStop: unknown mark worker mode")
}
}
func (c *gcControllerState) update(dHeapLive, dHeapScan int64) {
if dHeapLive != 0 {
atomic.Xadd64(&gcController.heapLive, dHeapLive)
if trace.enabled {
// gcController.heapLive changed.
traceHeapAlloc()
}
}
if gcBlackenEnabled == 0 {
// Update heapScan when we're not in a current GC. It is fixed
// at the beginning of a cycle.
if dHeapScan != 0 {
atomic.Xadd64(&gcController.heapScan, dHeapScan)
}
} else {
// gcController.heapLive changed.
c.revise()
}
}
func (c *gcControllerState) addScannableStack(pp *p, amount int64) {
if pp == nil {
atomic.Xadd64(&c.maxStackScan, amount)
return
}
pp.maxStackScanDelta += amount
if pp.maxStackScanDelta >= maxStackScanSlack || pp.maxStackScanDelta <= -maxStackScanSlack {
atomic.Xadd64(&c.maxStackScan, pp.maxStackScanDelta)
pp.maxStackScanDelta = 0
}
}
func (c *gcControllerState) addGlobals(amount int64) {
atomic.Xadd64(&c.globalsScan, amount)
}
// heapGoal returns the current heap goal.
func (c *gcControllerState) heapGoal() uint64 {
goal, _ := c.heapGoalInternal()
return goal
}
// heapGoalInternal is the implementation of heapGoal which returns additional
// information that is necessary for computing the trigger.
//
// The returned minTrigger is always <= goal.
func (c *gcControllerState) heapGoalInternal() (goal, minTrigger uint64) {
// Start with the goal calculated for gcPercent.
goal = c.gcPercentHeapGoal.Load()
// Check if the memory-limit-based goal is smaller, and if so, pick that.
if newGoal := c.memoryLimitHeapGoal(); go119MemoryLimitSupport && newGoal < goal {
goal = newGoal
} else {
// We're not limited by the memory limit goal, so perform a series of
// adjustments that might move the goal forward in a variety of circumstances.
sweepDistTrigger := c.sweepDistMinTrigger.Load()
if sweepDistTrigger > goal {
// Set the goal to maintain a minimum sweep distance since
// the last call to commit. Note that we never want to do this
// if we're in the memory limit regime, because it could push
// the goal up.
goal = sweepDistTrigger
}
// Since we ignore the sweep distance trigger in the memory
// limit regime, we need to ensure we don't propagate it to
// the trigger, because it could cause a violation of the
// invariant that the trigger < goal.
minTrigger = sweepDistTrigger
// Ensure that the heap goal is at least a little larger than
// the point at which we triggered. This may not be the case if GC
// start is delayed or if the allocation that pushed gcController.heapLive
// over trigger is large or if the trigger is really close to
// GOGC. Assist is proportional to this distance, so enforce a
// minimum distance, even if it means going over the GOGC goal
// by a tiny bit.
//
// Ignore this if we're in the memory limit regime: we'd prefer to
// have the GC respond hard about how close we are to the goal than to
// push the goal back in such a manner that it could cause us to exceed
// the memory limit.
const minRunway = 64 << 10
if c.triggered != ^uint64(0) && goal < c.triggered+minRunway {
goal = c.triggered + minRunway
}
}
return
}
// memoryLimitHeapGoal returns a heap goal derived from memoryLimit.
func (c *gcControllerState) memoryLimitHeapGoal() uint64 {
// Start by pulling out some values we'll need. Be careful about overflow.
var heapFree, heapAlloc, mappedReady uint64
for {
heapFree = c.heapFree.load() // Free and unscavenged memory.
heapAlloc = c.totalAlloc.Load() - c.totalFree.Load() // Heap object bytes in use.
mappedReady = c.mappedReady.Load() // Total unreleased mapped memory.
if heapFree+heapAlloc <= mappedReady {
break
}
// It is impossible for total unreleased mapped memory to exceed heap memory, but
// because these stats are updated independently, we may observe a partial update
// including only some values. Thus, we appear to break the invariant. However,
// this condition is necessarily transient, so just try again. In the case of a
// persistent accounting error, we'll deadlock here.
}
// Below we compute a goal from memoryLimit. There are a few things to be aware of.
// Firstly, the memoryLimit does not easily compare to the heap goal: the former
// is total mapped memory by the runtime that hasn't been released, while the latter is
// only heap object memory. Intuitively, the way we convert from one to the other is to
// subtract everything from memoryLimit that both contributes to the memory limit (so,
// ignore scavenged memory) and doesn't contain heap objects. This isn't quite what
// lines up with reality, but it's a good starting point.
//
// In practice this computation looks like the following:
//
// memoryLimit - ((mappedReady - heapFree - heapAlloc) + max(mappedReady - memoryLimit, 0)) - memoryLimitHeapGoalHeadroom
// ^1 ^2 ^3
//
// Let's break this down.
//
// The first term (marker 1) is everything that contributes to the memory limit and isn't
// or couldn't become heap objects. It represents, broadly speaking, non-heap overheads.
// One oddity you may have noticed is that we also subtract out heapFree, i.e. unscavenged
// memory that may contain heap objects in the future.
//
// Let's take a step back. In an ideal world, this term would look something like just
// the heap goal. That is, we "reserve" enough space for the heap to grow to the heap
// goal, and subtract out everything else. This is of course impossible; the definition
// is circular! However, this impossible definition contains a key insight: the amount
// we're *going* to use matters just as much as whatever we're currently using.
//
// Consider if the heap shrinks to 1/10th its size, leaving behind lots of free and
// unscavenged memory. mappedReady - heapAlloc will be quite large, because of that free
// and unscavenged memory, pushing the goal down significantly.
//
// heapFree is also safe to exclude from the memory limit because in the steady-state, it's
// just a pool of memory for future heap allocations, and making new allocations from heapFree
// memory doesn't increase overall memory use. In transient states, the scavenger and the
// allocator actively manage the pool of heapFree memory to maintain the memory limit.
//
// The second term (marker 2) is the amount of memory we've exceeded the limit by, and is
// intended to help recover from such a situation. By pushing the heap goal down, we also
// push the trigger down, triggering and finishing a GC sooner in order to make room for
// other memory sources. Note that since we're effectively reducing the heap goal by X bytes,
// we're actually giving more than X bytes of headroom back, because the heap goal is in
// terms of heap objects, but it takes more than X bytes (e.g. due to fragmentation) to store
// X bytes worth of objects.
//
// The third term (marker 3) subtracts an additional memoryLimitHeapGoalHeadroom bytes from the
// heap goal. As the name implies, this is to provide additional headroom in the face of pacing
// inaccuracies. This is a fixed number of bytes because these inaccuracies disproportionately
// affect small heaps: as heaps get smaller, the pacer's inputs get fuzzier. Shorter GC cycles
// and less GC work means noisy external factors like the OS scheduler have a greater impact.
memoryLimit := uint64(c.memoryLimit.Load())
// Compute term 1.
nonHeapMemory := mappedReady - heapFree - heapAlloc
// Compute term 2.
var overage uint64
if mappedReady > memoryLimit {
overage = mappedReady - memoryLimit
}
if nonHeapMemory+overage >= memoryLimit {
// We're at a point where non-heap memory exceeds the memory limit on its own.
// There's honestly not much we can do here but just trigger GCs continuously
// and let the CPU limiter reign that in. Something has to give at this point.
// Set it to heapMarked, the lowest possible goal.
return c.heapMarked
}
// Compute the goal.
goal := memoryLimit - (nonHeapMemory + overage)
// Apply some headroom to the goal to account for pacing inaccuracies.
// Be careful about small limits.
if goal < memoryLimitHeapGoalHeadroom || goal-memoryLimitHeapGoalHeadroom < memoryLimitHeapGoalHeadroom {
goal = memoryLimitHeapGoalHeadroom
} else {
goal = goal - memoryLimitHeapGoalHeadroom
}
// Don't let us go below the live heap. A heap goal below the live heap doesn't make sense.
if goal < c.heapMarked {
goal = c.heapMarked
}
return goal
}
const (
// These constants determine the bounds on the GC trigger as a fraction
// of heap bytes allocated between the start of a GC (heapLive == heapMarked)
// and the end of a GC (heapLive == heapGoal).
//
// The constants are obscured in this way for efficiency. The denominator
// of the fraction is always a power-of-two for a quick division, so that
// the numerator is a single constant integer multiplication.
triggerRatioDen = 64
// The minimum trigger constant was chosen empirically: given a sufficiently
// fast/scalable allocator with 48 Ps that could drive the trigger ratio
// to <0.05, this constant causes applications to retain the same peak
// RSS compared to not having this allocator.
minTriggerRatioNum = 45 // ~0.7
// The maximum trigger constant is chosen somewhat arbitrarily, but the
// current constant has served us well over the years.
maxTriggerRatioNum = 61 // ~0.95
)
// trigger returns the current point at which a GC should trigger along with
// the heap goal.
//
// The returned value may be compared against heapLive to determine whether
// the GC should trigger. Thus, the GC trigger condition should be (but may
// not be, in the case of small movements for efficiency) checked whenever
// the heap goal may change.
func (c *gcControllerState) trigger() (uint64, uint64) {
goal, minTrigger := c.heapGoalInternal()
// Invariant: the trigger must always be less than the heap goal.
//
// Note that the memory limit sets a hard maximum on our heap goal,
// but the live heap may grow beyond it.
if c.heapMarked >= goal {
// The goal should never be smaller than heapMarked, but let's be
// defensive about it. The only reasonable trigger here is one that
// causes a continuous GC cycle at heapMarked, but respect the goal
// if it came out as smaller than that.
return goal, goal
}
// Below this point, c.heapMarked < goal.
// heapMarked is our absolute minimum, and it's possible the trigger
// bound we get from heapGoalinternal is less than that.
if minTrigger < c.heapMarked {
minTrigger = c.heapMarked
}
// If we let the trigger go too low, then if the application
// is allocating very rapidly we might end up in a situation
// where we're allocating black during a nearly always-on GC.
// The result of this is a growing heap and ultimately an
// increase in RSS. By capping us at a point >0, we're essentially
// saying that we're OK using more CPU during the GC to prevent
// this growth in RSS.
triggerLowerBound := uint64(((goal-c.heapMarked)/triggerRatioDen)*minTriggerRatioNum) + c.heapMarked
if minTrigger < triggerLowerBound {
minTrigger = triggerLowerBound
}
// For small heaps, set the max trigger point at maxTriggerRatio of the way
// from the live heap to the heap goal. This ensures we always have *some*
// headroom when the GC actually starts. For larger heaps, set the max trigger
// point at the goal, minus the minimum heap size.
//
// This choice follows from the fact that the minimum heap size is chosen
// to reflect the costs of a GC with no work to do. With a large heap but
// very little scan work to perform, this gives us exactly as much runway
// as we would need, in the worst case.
maxTrigger := uint64(((goal-c.heapMarked)/triggerRatioDen)*maxTriggerRatioNum) + c.heapMarked
if goal > defaultHeapMinimum && goal-defaultHeapMinimum > maxTrigger {
maxTrigger = goal - defaultHeapMinimum
}
if maxTrigger < minTrigger {
maxTrigger = minTrigger
}
// Compute the trigger from our bounds and the runway stored by commit.
var trigger uint64
runway := c.runway.Load()
if runway > goal {
trigger = minTrigger
} else {
trigger = goal - runway
}
if trigger < minTrigger {
trigger = minTrigger
}
if trigger > maxTrigger {
trigger = maxTrigger
}
if trigger > goal {
print("trigger=", trigger, " heapGoal=", goal, "\n")
print("minTrigger=", minTrigger, " maxTrigger=", maxTrigger, "\n")
throw("produced a trigger greater than the heap goal")
}
return trigger, goal
}
// commit recomputes all pacing parameters needed to derive the
// trigger and the heap goal. Namely, the gcPercent-based heap goal,
// and the amount of runway we want to give the GC this cycle.
//
// This can be called any time. If GC is the in the middle of a
// concurrent phase, it will adjust the pacing of that phase.
//
// isSweepDone should be the result of calling isSweepDone(),
// unless we're testing or we know we're executing during a GC cycle.
//
// This depends on gcPercent, gcController.heapMarked, and
// gcController.heapLive. These must be up to date.
//
// Callers must call gcControllerState.revise after calling this
// function if the GC is enabled.
//
// mheap_.lock must be held or the world must be stopped.
func (c *gcControllerState) commit(isSweepDone bool) {
if !c.test {
assertWorldStoppedOrLockHeld(&mheap_.lock)
}
if isSweepDone {
// The sweep is done, so there aren't any restrictions on the trigger
// we need to think about.
c.sweepDistMinTrigger.Store(0)
} else {
// Concurrent sweep happens in the heap growth
// from gcController.heapLive to trigger. Make sure we
// give the sweeper some runway if it doesn't have enough.
c.sweepDistMinTrigger.Store(atomic.Load64(&c.heapLive) + sweepMinHeapDistance)
}
// Compute the next GC goal, which is when the allocated heap
// has grown by GOGC/100 over where it started the last cycle,
// plus additional runway for non-heap sources of GC work.
gcPercentHeapGoal := ^uint64(0)
if gcPercent := c.gcPercent.Load(); gcPercent >= 0 {
gcPercentHeapGoal = c.heapMarked + (c.heapMarked+atomic.Load64(&c.lastStackScan)+atomic.Load64(&c.globalsScan))*uint64(gcPercent)/100
}
// Apply the minimum heap size here. It's defined in terms of gcPercent
// and is only updated by functions that call commit.
if gcPercentHeapGoal < c.heapMinimum {
gcPercentHeapGoal = c.heapMinimum
}
c.gcPercentHeapGoal.Store(gcPercentHeapGoal)
// Compute the amount of runway we want the GC to have by using our
// estimate of the cons/mark ratio.
//
// The idea is to take our expected scan work, and multiply it by
// the cons/mark ratio to determine how long it'll take to complete
// that scan work in terms of bytes allocated. This gives us our GC's
// runway.
//
// However, the cons/mark ratio is a ratio of rates per CPU-second, but
// here we care about the relative rates for some division of CPU
// resources among the mutator and the GC.
//
// To summarize, we have B / cpu-ns, and we want B / ns. We get that
// by multiplying by our desired division of CPU resources. We choose
// to express CPU resources as GOMAPROCS*fraction. Note that because
// we're working with a ratio here, we can omit the number of CPU cores,
// because they'll appear in the numerator and denominator and cancel out.
// As a result, this is basically just "weighing" the cons/mark ratio by
// our desired division of resources.
//
// Furthermore, by setting the runway so that CPU resources are divided
// this way, assuming that the cons/mark ratio is correct, we make that
// division a reality.
c.runway.Store(uint64((c.consMark * (1 - gcGoalUtilization) / (gcGoalUtilization)) * float64(c.lastHeapScan+c.lastStackScan+c.globalsScan)))
}
// setGCPercent updates gcPercent. commit must be called after.
// Returns the old value of gcPercent.
//
// The world must be stopped, or mheap_.lock must be held.
func (c *gcControllerState) setGCPercent(in int32) int32 {
if !c.test {
assertWorldStoppedOrLockHeld(&mheap_.lock)
}
out := c.gcPercent.Load()
if in < 0 {
in = -1
}
c.heapMinimum = defaultHeapMinimum * uint64(in) / 100
c.gcPercent.Store(in)
return out
}
//go:linkname setGCPercent runtime/debug.setGCPercent
func setGCPercent(in int32) (out int32) {
// Run on the system stack since we grab the heap lock.
systemstack(func() {
lock(&mheap_.lock)
out = gcController.setGCPercent(in)
gcControllerCommit()
unlock(&mheap_.lock)
})
// If we just disabled GC, wait for any concurrent GC mark to
// finish so we always return with no GC running.
if in < 0 {
gcWaitOnMark(atomic.Load(&work.cycles))
}
return out
}
func readGOGC() int32 {
p := gogetenv("GOGC")
if p == "off" {
return -1
}
if n, ok := atoi32(p); ok {
return n
}
return 100
}
// setMemoryLimit updates memoryLimit. commit must be called after
// Returns the old value of memoryLimit.
//
// The world must be stopped, or mheap_.lock must be held.
func (c *gcControllerState) setMemoryLimit(in int64) int64 {
if !c.test {
assertWorldStoppedOrLockHeld(&mheap_.lock)
}
out := c.memoryLimit.Load()
if in >= 0 {
c.memoryLimit.Store(in)
}
return out
}
//go:linkname setMemoryLimit runtime/debug.setMemoryLimit
func setMemoryLimit(in int64) (out int64) {
// Run on the system stack since we grab the heap lock.
systemstack(func() {
lock(&mheap_.lock)
out = gcController.setMemoryLimit(in)
if in < 0 || out == in {
// If we're just checking the value or not changing
// it, there's no point in doing the rest.
unlock(&mheap_.lock)
return
}
gcControllerCommit()
unlock(&mheap_.lock)
})
return out
}
func readGOMEMLIMIT() int64 {
p := gogetenv("GOMEMLIMIT")
if p == "" || p == "off" {
return maxInt64
}
n, ok := parseByteCount(p)
if !ok {
print("GOMEMLIMIT=", p, "\n")
throw("malformed GOMEMLIMIT; see `go doc runtime/debug.SetMemoryLimit`")
}
return n
}
type piController struct {
kp float64 // Proportional constant.
ti float64 // Integral time constant.
tt float64 // Reset time.
min, max float64 // Output boundaries.
// PI controller state.
errIntegral float64 // Integral of the error from t=0 to now.
// Error flags.
errOverflow bool // Set if errIntegral ever overflowed.
inputOverflow bool // Set if an operation with the input overflowed.
}
// next provides a new sample to the controller.
//
// input is the sample, setpoint is the desired point, and period is how much
// time (in whatever unit makes the most sense) has passed since the last sample.
//
// Returns a new value for the variable it's controlling, and whether the operation
// completed successfully. One reason this might fail is if error has been growing
// in an unbounded manner, to the point of overflow.
//
// In the specific case of an error overflow occurs, the errOverflow field will be
// set and the rest of the controller's internal state will be fully reset.
func (c *piController) next(input, setpoint, period float64) (float64, bool) {
// Compute the raw output value.
prop := c.kp * (setpoint - input)
rawOutput := prop + c.errIntegral
// Clamp rawOutput into output.
output := rawOutput
if isInf(output) || isNaN(output) {
// The input had a large enough magnitude that either it was already
// overflowed, or some operation with it overflowed.
// Set a flag and reset. That's the safest thing to do.
c.reset()
c.inputOverflow = true
return c.min, false
}
if output < c.min {
output = c.min
} else if output > c.max {
output = c.max
}
// Update the controller's state.
if c.ti != 0 && c.tt != 0 {
c.errIntegral += (c.kp*period/c.ti)*(setpoint-input) + (period/c.tt)*(output-rawOutput)
if isInf(c.errIntegral) || isNaN(c.errIntegral) {
// So much error has accumulated that we managed to overflow.
// The assumptions around the controller have likely broken down.
// Set a flag and reset. That's the safest thing to do.
c.reset()
c.errOverflow = true
return c.min, false
}
}
return output, true
}
// reset resets the controller state, except for controller error flags.
func (c *piController) reset() {
c.errIntegral = 0
}
// addIdleMarkWorker attempts to add a new idle mark worker.
//
// If this returns true, the caller must become an idle mark worker unless
// there's no background mark worker goroutines in the pool. This case is
// harmless because there are already background mark workers running.
// If this returns false, the caller must NOT become an idle mark worker.
//
// nosplit because it may be called without a P.
//
//go:nosplit
func (c *gcControllerState) addIdleMarkWorker() bool {
for {
old := c.idleMarkWorkers.Load()
n, max := int32(old&uint64(^uint32(0))), int32(old>>32)
if n >= max {
// See the comment on idleMarkWorkers for why
// n > max is tolerated.
return false
}
if n < 0 {
print("n=", n, " max=", max, "\n")
throw("negative idle mark workers")
}
new := uint64(uint32(n+1)) | (uint64(max) << 32)
if c.idleMarkWorkers.CompareAndSwap(old, new) {
return true
}
}
}
// needIdleMarkWorker is a hint as to whether another idle mark worker is needed.
//
// The caller must still call addIdleMarkWorker to become one. This is mainly
// useful for a quick check before an expensive operation.
//
// nosplit because it may be called without a P.
//
//go:nosplit
func (c *gcControllerState) needIdleMarkWorker() bool {
p := c.idleMarkWorkers.Load()
n, max := int32(p&uint64(^uint32(0))), int32(p>>32)
return n < max
}
// removeIdleMarkWorker must be called when an new idle mark worker stops executing.
func (c *gcControllerState) removeIdleMarkWorker() {
for {
old := c.idleMarkWorkers.Load()
n, max := int32(old&uint64(^uint32(0))), int32(old>>32)
if n-1 < 0 {
print("n=", n, " max=", max, "\n")
throw("negative idle mark workers")
}
new := uint64(uint32(n-1)) | (uint64(max) << 32)
if c.idleMarkWorkers.CompareAndSwap(old, new) {
return
}
}
}
// setMaxIdleMarkWorkers sets the maximum number of idle mark workers allowed.
//
// This method is optimistic in that it does not wait for the number of
// idle mark workers to reduce to max before returning; it assumes the workers
// will deschedule themselves.
func (c *gcControllerState) setMaxIdleMarkWorkers(max int32) {
for {
old := c.idleMarkWorkers.Load()
n := int32(old & uint64(^uint32(0)))
if n < 0 {
print("n=", n, " max=", max, "\n")
throw("negative idle mark workers")
}
new := uint64(uint32(n)) | (uint64(max) << 32)
if c.idleMarkWorkers.CompareAndSwap(old, new) {
return
}
}
}
// gcControllerCommit is gcController.commit, but passes arguments from live
// (non-test) data. It also updates any consumers of the GC pacing, such as
// sweep pacing and the background scavenger.
//
// Calls gcController.commit.
//
// The heap lock must be held, so this must be executed on the system stack.
//
//go:systemstack
func gcControllerCommit() {
assertWorldStoppedOrLockHeld(&mheap_.lock)
gcController.commit(isSweepDone())
// Update mark pacing.
if gcphase != _GCoff {
gcController.revise()
}
// TODO(mknyszek): This isn't really accurate any longer because the heap
// goal is computed dynamically. Still useful to snapshot, but not as useful.
if trace.enabled {
traceHeapGoal()
}
trigger, heapGoal := gcController.trigger()
gcPaceSweeper(trigger)
gcPaceScavenger(gcController.memoryLimit.Load(), heapGoal, gcController.lastHeapGoal)
}