1// Copyright 2018 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Garbage collector: stack objects and stack tracing 6// See the design doc at https://docs.google.com/document/d/1un-Jn47yByHL7I0aVIP_uVCMxjdM5mpelJhiKlIqxkE/edit?usp=sharing 7// Also see issue 22350. 8 9// Stack tracing solves the problem of determining which parts of the 10// stack are live and should be scanned. It runs as part of scanning 11// a single goroutine stack. 12// 13// Normally determining which parts of the stack are live is easy to 14// do statically, as user code has explicit references (reads and 15// writes) to stack variables. The compiler can do a simple dataflow 16// analysis to determine liveness of stack variables at every point in 17// the code. See cmd/compile/internal/gc/plive.go for that analysis. 18// 19// However, when we take the address of a stack variable, determining 20// whether that variable is still live is less clear. We can still 21// look for static accesses, but accesses through a pointer to the 22// variable are difficult in general to track statically. That pointer 23// can be passed among functions on the stack, conditionally retained, 24// etc. 25// 26// Instead, we will track pointers to stack variables dynamically. 27// All pointers to stack-allocated variables will themselves be on the 28// stack somewhere (or in associated locations, like defer records), so 29// we can find them all efficiently. 30// 31// Stack tracing is organized as a mini garbage collection tracing 32// pass. The objects in this garbage collection are all the variables 33// on the stack whose address is taken, and which themselves contain a 34// pointer. We call these variables "stack objects". 35// 36// We begin by determining all the stack objects on the stack and all 37// the statically live pointers that may point into the stack. We then 38// process each pointer to see if it points to a stack object. If it 39// does, we scan that stack object. It may contain pointers into the 40// heap, in which case those pointers are passed to the main garbage 41// collection. It may also contain pointers into the stack, in which 42// case we add them to our set of stack pointers. 43// 44// Once we're done processing all the pointers (including the ones we 45// added during processing), we've found all the stack objects that 46// are live. Any dead stack objects are not scanned and their contents 47// will not keep heap objects live. Unlike the main garbage 48// collection, we can't sweep the dead stack objects; they live on in 49// a moribund state until the stack frame that contains them is 50// popped. 51// 52// A stack can look like this: 53// 54// +----------+ 55// | foo() | 56// | +------+ | 57// | | A | | <---\ 58// | +------+ | | 59// | | | 60// | +------+ | | 61// | | B | | | 62// | +------+ | | 63// | | | 64// +----------+ | 65// | bar() | | 66// | +------+ | | 67// | | C | | <-\ | 68// | +----|-+ | | | 69// | | | | | 70// | +----v-+ | | | 71// | | D ---------/ 72// | +------+ | | 73// | | | 74// +----------+ | 75// | baz() | | 76// | +------+ | | 77// | | E -------/ 78// | +------+ | 79// | ^ | 80// | F: --/ | 81// | | 82// +----------+ 83// 84// foo() calls bar() calls baz(). Each has a frame on the stack. 85// foo() has stack objects A and B. 86// bar() has stack objects C and D, with C pointing to D and D pointing to A. 87// baz() has a stack object E pointing to C, and a local variable F pointing to E. 88// 89// Starting from the pointer in local variable F, we will eventually 90// scan all of E, C, D, and A (in that order). B is never scanned 91// because there is no live pointer to it. If B is also statically 92// dead (meaning that foo() never accesses B again after it calls 93// bar()), then B's pointers into the heap are not considered live. 94 95package runtime 96 97import ( 98 "runtime/internal/sys" 99 "unsafe" 100) 101 102const stackTraceDebug = false 103 104// Buffer for pointers found during stack tracing. 105// Must be smaller than or equal to workbuf. 106// 107//go:notinheap 108type stackWorkBuf struct { 109 stackWorkBufHdr 110 obj [(_WorkbufSize - unsafe.Sizeof(stackWorkBufHdr{})) / sys.PtrSize]uintptr 111} 112 113// Header declaration must come after the buf declaration above, because of issue #14620. 114// 115//go:notinheap 116type stackWorkBufHdr struct { 117 workbufhdr 118 next *stackWorkBuf // linked list of workbufs 119 // Note: we could theoretically repurpose lfnode.next as this next pointer. 120 // It would save 1 word, but that probably isn't worth busting open 121 // the lfnode API. 122} 123 124// Buffer for stack objects found on a goroutine stack. 125// Must be smaller than or equal to workbuf. 126// 127//go:notinheap 128type stackObjectBuf struct { 129 stackObjectBufHdr 130 obj [(_WorkbufSize - unsafe.Sizeof(stackObjectBufHdr{})) / unsafe.Sizeof(stackObject{})]stackObject 131} 132 133//go:notinheap 134type stackObjectBufHdr struct { 135 workbufhdr 136 next *stackObjectBuf 137} 138 139func init() { 140 if unsafe.Sizeof(stackWorkBuf{}) > unsafe.Sizeof(workbuf{}) { 141 panic("stackWorkBuf too big") 142 } 143 if unsafe.Sizeof(stackObjectBuf{}) > unsafe.Sizeof(workbuf{}) { 144 panic("stackObjectBuf too big") 145 } 146} 147 148// A stackObject represents a variable on the stack that has had 149// its address taken. 150// 151//go:notinheap 152type stackObject struct { 153 off uint32 // offset above stack.lo 154 size uint32 // size of object 155 typ *_type // type info (for ptr/nonptr bits). nil if object has been scanned. 156 left *stackObject // objects with lower addresses 157 right *stackObject // objects with higher addresses 158} 159 160// obj.typ = typ, but with no write barrier. 161//go:nowritebarrier 162func (obj *stackObject) setType(typ *_type) { 163 // Types of stack objects are always in read-only memory, not the heap. 164 // So not using a write barrier is ok. 165 *(*uintptr)(unsafe.Pointer(&obj.typ)) = uintptr(unsafe.Pointer(typ)) 166} 167 168// A stackScanState keeps track of the state used during the GC walk 169// of a goroutine. 170// 171//go:notinheap 172type stackScanState struct { 173 cache pcvalueCache 174 175 // stack limits 176 stack stack 177 178 // conservative indicates that the next frame must be scanned conservatively. 179 // This applies only to the innermost frame at an async safe-point. 180 conservative bool 181 182 // buf contains the set of possible pointers to stack objects. 183 // Organized as a LIFO linked list of buffers. 184 // All buffers except possibly the head buffer are full. 185 buf *stackWorkBuf 186 freeBuf *stackWorkBuf // keep around one free buffer for allocation hysteresis 187 188 // cbuf contains conservative pointers to stack objects. If 189 // all pointers to a stack object are obtained via 190 // conservative scanning, then the stack object may be dead 191 // and may contain dead pointers, so it must be scanned 192 // defensively. 193 cbuf *stackWorkBuf 194 195 // list of stack objects 196 // Objects are in increasing address order. 197 head *stackObjectBuf 198 tail *stackObjectBuf 199 nobjs int 200 201 // root of binary tree for fast object lookup by address 202 // Initialized by buildIndex. 203 root *stackObject 204} 205 206// Add p as a potential pointer to a stack object. 207// p must be a stack address. 208func (s *stackScanState) putPtr(p uintptr, conservative bool) { 209 if p < s.stack.lo || p >= s.stack.hi { 210 throw("address not a stack address") 211 } 212 head := &s.buf 213 if conservative { 214 head = &s.cbuf 215 } 216 buf := *head 217 if buf == nil { 218 // Initial setup. 219 buf = (*stackWorkBuf)(unsafe.Pointer(getempty())) 220 buf.nobj = 0 221 buf.next = nil 222 *head = buf 223 } else if buf.nobj == len(buf.obj) { 224 if s.freeBuf != nil { 225 buf = s.freeBuf 226 s.freeBuf = nil 227 } else { 228 buf = (*stackWorkBuf)(unsafe.Pointer(getempty())) 229 } 230 buf.nobj = 0 231 buf.next = *head 232 *head = buf 233 } 234 buf.obj[buf.nobj] = p 235 buf.nobj++ 236} 237 238// Remove and return a potential pointer to a stack object. 239// Returns 0 if there are no more pointers available. 240// 241// This prefers non-conservative pointers so we scan stack objects 242// precisely if there are any non-conservative pointers to them. 243func (s *stackScanState) getPtr() (p uintptr, conservative bool) { 244 for _, head := range []**stackWorkBuf{&s.buf, &s.cbuf} { 245 buf := *head 246 if buf == nil { 247 // Never had any data. 248 continue 249 } 250 if buf.nobj == 0 { 251 if s.freeBuf != nil { 252 // Free old freeBuf. 253 putempty((*workbuf)(unsafe.Pointer(s.freeBuf))) 254 } 255 // Move buf to the freeBuf. 256 s.freeBuf = buf 257 buf = buf.next 258 *head = buf 259 if buf == nil { 260 // No more data in this list. 261 continue 262 } 263 } 264 buf.nobj-- 265 return buf.obj[buf.nobj], head == &s.cbuf 266 } 267 // No more data in either list. 268 if s.freeBuf != nil { 269 putempty((*workbuf)(unsafe.Pointer(s.freeBuf))) 270 s.freeBuf = nil 271 } 272 return 0, false 273} 274 275// addObject adds a stack object at addr of type typ to the set of stack objects. 276func (s *stackScanState) addObject(addr uintptr, typ *_type) { 277 x := s.tail 278 if x == nil { 279 // initial setup 280 x = (*stackObjectBuf)(unsafe.Pointer(getempty())) 281 x.next = nil 282 s.head = x 283 s.tail = x 284 } 285 if x.nobj > 0 && uint32(addr-s.stack.lo) < x.obj[x.nobj-1].off+x.obj[x.nobj-1].size { 286 throw("objects added out of order or overlapping") 287 } 288 if x.nobj == len(x.obj) { 289 // full buffer - allocate a new buffer, add to end of linked list 290 y := (*stackObjectBuf)(unsafe.Pointer(getempty())) 291 y.next = nil 292 x.next = y 293 s.tail = y 294 x = y 295 } 296 obj := &x.obj[x.nobj] 297 x.nobj++ 298 obj.off = uint32(addr - s.stack.lo) 299 obj.size = uint32(typ.size) 300 obj.setType(typ) 301 // obj.left and obj.right will be initialized by buildIndex before use. 302 s.nobjs++ 303} 304 305// buildIndex initializes s.root to a binary search tree. 306// It should be called after all addObject calls but before 307// any call of findObject. 308func (s *stackScanState) buildIndex() { 309 s.root, _, _ = binarySearchTree(s.head, 0, s.nobjs) 310} 311 312// Build a binary search tree with the n objects in the list 313// x.obj[idx], x.obj[idx+1], ..., x.next.obj[0], ... 314// Returns the root of that tree, and the buf+idx of the nth object after x.obj[idx]. 315// (The first object that was not included in the binary search tree.) 316// If n == 0, returns nil, x. 317func binarySearchTree(x *stackObjectBuf, idx int, n int) (root *stackObject, restBuf *stackObjectBuf, restIdx int) { 318 if n == 0 { 319 return nil, x, idx 320 } 321 var left, right *stackObject 322 left, x, idx = binarySearchTree(x, idx, n/2) 323 root = &x.obj[idx] 324 idx++ 325 if idx == len(x.obj) { 326 x = x.next 327 idx = 0 328 } 329 right, x, idx = binarySearchTree(x, idx, n-n/2-1) 330 root.left = left 331 root.right = right 332 return root, x, idx 333} 334 335// findObject returns the stack object containing address a, if any. 336// Must have called buildIndex previously. 337func (s *stackScanState) findObject(a uintptr) *stackObject { 338 off := uint32(a - s.stack.lo) 339 obj := s.root 340 for { 341 if obj == nil { 342 return nil 343 } 344 if off < obj.off { 345 obj = obj.left 346 continue 347 } 348 if off >= obj.off+obj.size { 349 obj = obj.right 350 continue 351 } 352 return obj 353 } 354} 355