Black Lives Matter. Support the Equal Justice Initiative.

Source file src/runtime/mbitmap.go

Documentation: runtime

     1  // Copyright 2009 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // Garbage collector: type and heap bitmaps.
     6  //
     7  // Stack, data, and bss bitmaps
     8  //
     9  // Stack frames and global variables in the data and bss sections are described
    10  // by 1-bit bitmaps in which 0 means uninteresting and 1 means live pointer
    11  // to be visited during GC. The bits in each byte are consumed starting with
    12  // the low bit: 1<<0, 1<<1, and so on.
    13  //
    14  // Heap bitmap
    15  //
    16  // The heap bitmap comprises 2 bits for each pointer-sized word in the heap,
    17  // stored in the heapArena metadata backing each heap arena.
    18  // That is, if ha is the heapArena for the arena starting a start,
    19  // then ha.bitmap[0] holds the 2-bit entries for the four words start
    20  // through start+3*ptrSize, ha.bitmap[1] holds the entries for
    21  // start+4*ptrSize through start+7*ptrSize, and so on.
    22  //
    23  // In each 2-bit entry, the lower bit holds the same information as in the 1-bit
    24  // bitmaps: 0 means uninteresting and 1 means live pointer to be visited during GC.
    25  // The meaning of the high bit depends on the position of the word being described
    26  // in its allocated object. In all words *except* the second word, the
    27  // high bit indicates that the object is still being described. In
    28  // these words, if a bit pair with a high bit 0 is encountered, the
    29  // low bit can also be assumed to be 0, and the object description is
    30  // over. This 00 is called the ``dead'' encoding: it signals that the
    31  // rest of the words in the object are uninteresting to the garbage
    32  // collector.
    33  //
    34  // In the second word, the high bit is the GC ``checkmarked'' bit (see below).
    35  //
    36  // The 2-bit entries are split when written into the byte, so that the top half
    37  // of the byte contains 4 high bits and the bottom half contains 4 low (pointer)
    38  // bits.
    39  // This form allows a copy from the 1-bit to the 4-bit form to keep the
    40  // pointer bits contiguous, instead of having to space them out.
    41  //
    42  // The code makes use of the fact that the zero value for a heap bitmap
    43  // has no live pointer bit set and is (depending on position), not used,
    44  // not checkmarked, and is the dead encoding.
    45  // These properties must be preserved when modifying the encoding.
    46  //
    47  // The bitmap for noscan spans is not maintained. Code must ensure
    48  // that an object is scannable before consulting its bitmap by
    49  // checking either the noscan bit in the span or by consulting its
    50  // type's information.
    51  //
    52  // Checkmarks
    53  //
    54  // In a concurrent garbage collector, one worries about failing to mark
    55  // a live object due to mutations without write barriers or bugs in the
    56  // collector implementation. As a sanity check, the GC has a 'checkmark'
    57  // mode that retraverses the object graph with the world stopped, to make
    58  // sure that everything that should be marked is marked.
    59  // In checkmark mode, in the heap bitmap, the high bit of the 2-bit entry
    60  // for the second word of the object holds the checkmark bit.
    61  // When not in checkmark mode, this bit is set to 1.
    62  //
    63  // The smallest possible allocation is 8 bytes. On a 32-bit machine, that
    64  // means every allocated object has two words, so there is room for the
    65  // checkmark bit. On a 64-bit machine, however, the 8-byte allocation is
    66  // just one word, so the second bit pair is not available for encoding the
    67  // checkmark. However, because non-pointer allocations are combined
    68  // into larger 16-byte (maxTinySize) allocations, a plain 8-byte allocation
    69  // must be a pointer, so the type bit in the first word is not actually needed.
    70  // It is still used in general, except in checkmark the type bit is repurposed
    71  // as the checkmark bit and then reinitialized (to 1) as the type bit when
    72  // finished.
    73  //
    74  
    75  package runtime
    76  
    77  import (
    78  	"runtime/internal/atomic"
    79  	"runtime/internal/sys"
    80  	"unsafe"
    81  )
    82  
    83  const (
    84  	bitPointer = 1 << 0
    85  	bitScan    = 1 << 4
    86  
    87  	heapBitsShift      = 1     // shift offset between successive bitPointer or bitScan entries
    88  	wordsPerBitmapByte = 8 / 2 // heap words described by one bitmap byte
    89  
    90  	// all scan/pointer bits in a byte
    91  	bitScanAll    = bitScan | bitScan<<heapBitsShift | bitScan<<(2*heapBitsShift) | bitScan<<(3*heapBitsShift)
    92  	bitPointerAll = bitPointer | bitPointer<<heapBitsShift | bitPointer<<(2*heapBitsShift) | bitPointer<<(3*heapBitsShift)
    93  )
    94  
    95  // addb returns the byte pointer p+n.
    96  //go:nowritebarrier
    97  //go:nosplit
    98  func addb(p *byte, n uintptr) *byte {
    99  	// Note: wrote out full expression instead of calling add(p, n)
   100  	// to reduce the number of temporaries generated by the
   101  	// compiler for this trivial expression during inlining.
   102  	return (*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(p)) + n))
   103  }
   104  
   105  // subtractb returns the byte pointer p-n.
   106  //go:nowritebarrier
   107  //go:nosplit
   108  func subtractb(p *byte, n uintptr) *byte {
   109  	// Note: wrote out full expression instead of calling add(p, -n)
   110  	// to reduce the number of temporaries generated by the
   111  	// compiler for this trivial expression during inlining.
   112  	return (*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(p)) - n))
   113  }
   114  
   115  // add1 returns the byte pointer p+1.
   116  //go:nowritebarrier
   117  //go:nosplit
   118  func add1(p *byte) *byte {
   119  	// Note: wrote out full expression instead of calling addb(p, 1)
   120  	// to reduce the number of temporaries generated by the
   121  	// compiler for this trivial expression during inlining.
   122  	return (*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(p)) + 1))
   123  }
   124  
   125  // subtract1 returns the byte pointer p-1.
   126  //go:nowritebarrier
   127  //
   128  // nosplit because it is used during write barriers and must not be preempted.
   129  //go:nosplit
   130  func subtract1(p *byte) *byte {
   131  	// Note: wrote out full expression instead of calling subtractb(p, 1)
   132  	// to reduce the number of temporaries generated by the
   133  	// compiler for this trivial expression during inlining.
   134  	return (*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(p)) - 1))
   135  }
   136  
   137  // heapBits provides access to the bitmap bits for a single heap word.
   138  // The methods on heapBits take value receivers so that the compiler
   139  // can more easily inline calls to those methods and registerize the
   140  // struct fields independently.
   141  type heapBits struct {
   142  	bitp  *uint8
   143  	shift uint32
   144  	arena uint32 // Index of heap arena containing bitp
   145  	last  *uint8 // Last byte arena's bitmap
   146  }
   147  
   148  // Make the compiler check that heapBits.arena is large enough to hold
   149  // the maximum arena frame number.
   150  var _ = heapBits{arena: (1<<heapAddrBits)/heapArenaBytes - 1}
   151  
   152  // markBits provides access to the mark bit for an object in the heap.
   153  // bytep points to the byte holding the mark bit.
   154  // mask is a byte with a single bit set that can be &ed with *bytep
   155  // to see if the bit has been set.
   156  // *m.byte&m.mask != 0 indicates the mark bit is set.
   157  // index can be used along with span information to generate
   158  // the address of the object in the heap.
   159  // We maintain one set of mark bits for allocation and one for
   160  // marking purposes.
   161  type markBits struct {
   162  	bytep *uint8
   163  	mask  uint8
   164  	index uintptr
   165  }
   166  
   167  //go:nosplit
   168  func (s *mspan) allocBitsForIndex(allocBitIndex uintptr) markBits {
   169  	bytep, mask := s.allocBits.bitp(allocBitIndex)
   170  	return markBits{bytep, mask, allocBitIndex}
   171  }
   172  
   173  // refillAllocCache takes 8 bytes s.allocBits starting at whichByte
   174  // and negates them so that ctz (count trailing zeros) instructions
   175  // can be used. It then places these 8 bytes into the cached 64 bit
   176  // s.allocCache.
   177  func (s *mspan) refillAllocCache(whichByte uintptr) {
   178  	bytes := (*[8]uint8)(unsafe.Pointer(s.allocBits.bytep(whichByte)))
   179  	aCache := uint64(0)
   180  	aCache |= uint64(bytes[0])
   181  	aCache |= uint64(bytes[1]) << (1 * 8)
   182  	aCache |= uint64(bytes[2]) << (2 * 8)
   183  	aCache |= uint64(bytes[3]) << (3 * 8)
   184  	aCache |= uint64(bytes[4]) << (4 * 8)
   185  	aCache |= uint64(bytes[5]) << (5 * 8)
   186  	aCache |= uint64(bytes[6]) << (6 * 8)
   187  	aCache |= uint64(bytes[7]) << (7 * 8)
   188  	s.allocCache = ^aCache
   189  }
   190  
   191  // nextFreeIndex returns the index of the next free object in s at
   192  // or after s.freeindex.
   193  // There are hardware instructions that can be used to make this
   194  // faster if profiling warrants it.
   195  func (s *mspan) nextFreeIndex() uintptr {
   196  	sfreeindex := s.freeindex
   197  	snelems := s.nelems
   198  	if sfreeindex == snelems {
   199  		return sfreeindex
   200  	}
   201  	if sfreeindex > snelems {
   202  		throw("s.freeindex > s.nelems")
   203  	}
   204  
   205  	aCache := s.allocCache
   206  
   207  	bitIndex := sys.Ctz64(aCache)
   208  	for bitIndex == 64 {
   209  		// Move index to start of next cached bits.
   210  		sfreeindex = (sfreeindex + 64) &^ (64 - 1)
   211  		if sfreeindex >= snelems {
   212  			s.freeindex = snelems
   213  			return snelems
   214  		}
   215  		whichByte := sfreeindex / 8
   216  		// Refill s.allocCache with the next 64 alloc bits.
   217  		s.refillAllocCache(whichByte)
   218  		aCache = s.allocCache
   219  		bitIndex = sys.Ctz64(aCache)
   220  		// nothing available in cached bits
   221  		// grab the next 8 bytes and try again.
   222  	}
   223  	result := sfreeindex + uintptr(bitIndex)
   224  	if result >= snelems {
   225  		s.freeindex = snelems
   226  		return snelems
   227  	}
   228  
   229  	s.allocCache >>= uint(bitIndex + 1)
   230  	sfreeindex = result + 1
   231  
   232  	if sfreeindex%64 == 0 && sfreeindex != snelems {
   233  		// We just incremented s.freeindex so it isn't 0.
   234  		// As each 1 in s.allocCache was encountered and used for allocation
   235  		// it was shifted away. At this point s.allocCache contains all 0s.
   236  		// Refill s.allocCache so that it corresponds
   237  		// to the bits at s.allocBits starting at s.freeindex.
   238  		whichByte := sfreeindex / 8
   239  		s.refillAllocCache(whichByte)
   240  	}
   241  	s.freeindex = sfreeindex
   242  	return result
   243  }
   244  
   245  // isFree reports whether the index'th object in s is unallocated.
   246  //
   247  // The caller must ensure s.state is mSpanInUse, and there must have
   248  // been no preemption points since ensuring this (which could allow a
   249  // GC transition, which would allow the state to change).
   250  func (s *mspan) isFree(index uintptr) bool {
   251  	if index < s.freeindex {
   252  		return false
   253  	}
   254  	bytep, mask := s.allocBits.bitp(index)
   255  	return *bytep&mask == 0
   256  }
   257  
   258  func (s *mspan) objIndex(p uintptr) uintptr {
   259  	byteOffset := p - s.base()
   260  	if byteOffset == 0 {
   261  		return 0
   262  	}
   263  	if s.baseMask != 0 {
   264  		// s.baseMask is non-0, elemsize is a power of two, so shift by s.divShift
   265  		return byteOffset >> s.divShift
   266  	}
   267  	return uintptr(((uint64(byteOffset) >> s.divShift) * uint64(s.divMul)) >> s.divShift2)
   268  }
   269  
   270  func markBitsForAddr(p uintptr) markBits {
   271  	s := spanOf(p)
   272  	objIndex := s.objIndex(p)
   273  	return s.markBitsForIndex(objIndex)
   274  }
   275  
   276  func (s *mspan) markBitsForIndex(objIndex uintptr) markBits {
   277  	bytep, mask := s.gcmarkBits.bitp(objIndex)
   278  	return markBits{bytep, mask, objIndex}
   279  }
   280  
   281  func (s *mspan) markBitsForBase() markBits {
   282  	return markBits{(*uint8)(s.gcmarkBits), uint8(1), 0}
   283  }
   284  
   285  // isMarked reports whether mark bit m is set.
   286  func (m markBits) isMarked() bool {
   287  	return *m.bytep&m.mask != 0
   288  }
   289  
   290  // setMarked sets the marked bit in the markbits, atomically.
   291  func (m markBits) setMarked() {
   292  	// Might be racing with other updates, so use atomic update always.
   293  	// We used to be clever here and use a non-atomic update in certain
   294  	// cases, but it's not worth the risk.
   295  	atomic.Or8(m.bytep, m.mask)
   296  }
   297  
   298  // setMarkedNonAtomic sets the marked bit in the markbits, non-atomically.
   299  func (m markBits) setMarkedNonAtomic() {
   300  	*m.bytep |= m.mask
   301  }
   302  
   303  // clearMarked clears the marked bit in the markbits, atomically.
   304  func (m markBits) clearMarked() {
   305  	// Might be racing with other updates, so use atomic update always.
   306  	// We used to be clever here and use a non-atomic update in certain
   307  	// cases, but it's not worth the risk.
   308  	atomic.And8(m.bytep, ^m.mask)
   309  }
   310  
   311  // markBitsForSpan returns the markBits for the span base address base.
   312  func markBitsForSpan(base uintptr) (mbits markBits) {
   313  	mbits = markBitsForAddr(base)
   314  	if mbits.mask != 1 {
   315  		throw("markBitsForSpan: unaligned start")
   316  	}
   317  	return mbits
   318  }
   319  
   320  // advance advances the markBits to the next object in the span.
   321  func (m *markBits) advance() {
   322  	if m.mask == 1<<7 {
   323  		m.bytep = (*uint8)(unsafe.Pointer(uintptr(unsafe.Pointer(m.bytep)) + 1))
   324  		m.mask = 1
   325  	} else {
   326  		m.mask = m.mask << 1
   327  	}
   328  	m.index++
   329  }
   330  
   331  // heapBitsForAddr returns the heapBits for the address addr.
   332  // The caller must ensure addr is in an allocated span.
   333  // In particular, be careful not to point past the end of an object.
   334  //
   335  // nosplit because it is used during write barriers and must not be preempted.
   336  //go:nosplit
   337  func heapBitsForAddr(addr uintptr) (h heapBits) {
   338  	// 2 bits per word, 4 pairs per byte, and a mask is hard coded.
   339  	arena := arenaIndex(addr)
   340  	ha := mheap_.arenas[arena.l1()][arena.l2()]
   341  	// The compiler uses a load for nil checking ha, but in this
   342  	// case we'll almost never hit that cache line again, so it
   343  	// makes more sense to do a value check.
   344  	if ha == nil {
   345  		// addr is not in the heap. Return nil heapBits, which
   346  		// we expect to crash in the caller.
   347  		return
   348  	}
   349  	h.bitp = &ha.bitmap[(addr/(sys.PtrSize*4))%heapArenaBitmapBytes]
   350  	h.shift = uint32((addr / sys.PtrSize) & 3)
   351  	h.arena = uint32(arena)
   352  	h.last = &ha.bitmap[len(ha.bitmap)-1]
   353  	return
   354  }
   355  
   356  // badPointer throws bad pointer in heap panic.
   357  func badPointer(s *mspan, p, refBase, refOff uintptr) {
   358  	// Typically this indicates an incorrect use
   359  	// of unsafe or cgo to store a bad pointer in
   360  	// the Go heap. It may also indicate a runtime
   361  	// bug.
   362  	//
   363  	// TODO(austin): We could be more aggressive
   364  	// and detect pointers to unallocated objects
   365  	// in allocated spans.
   366  	printlock()
   367  	print("runtime: pointer ", hex(p))
   368  	state := s.state.get()
   369  	if state != mSpanInUse {
   370  		print(" to unallocated span")
   371  	} else {
   372  		print(" to unused region of span")
   373  	}
   374  	print(" span.base()=", hex(s.base()), " span.limit=", hex(s.limit), " span.state=", state, "\n")
   375  	if refBase != 0 {
   376  		print("runtime: found in object at *(", hex(refBase), "+", hex(refOff), ")\n")
   377  		gcDumpObject("object", refBase, refOff)
   378  	}
   379  	getg().m.traceback = 2
   380  	throw("found bad pointer in Go heap (incorrect use of unsafe or cgo?)")
   381  }
   382  
   383  // findObject returns the base address for the heap object containing
   384  // the address p, the object's span, and the index of the object in s.
   385  // If p does not point into a heap object, it returns base == 0.
   386  //
   387  // If p points is an invalid heap pointer and debug.invalidptr != 0,
   388  // findObject panics.
   389  //
   390  // refBase and refOff optionally give the base address of the object
   391  // in which the pointer p was found and the byte offset at which it
   392  // was found. These are used for error reporting.
   393  //
   394  // It is nosplit so it is safe for p to be a pointer to the current goroutine's stack.
   395  // Since p is a uintptr, it would not be adjusted if the stack were to move.
   396  //go:nosplit
   397  func findObject(p, refBase, refOff uintptr) (base uintptr, s *mspan, objIndex uintptr) {
   398  	s = spanOf(p)
   399  	// If s is nil, the virtual address has never been part of the heap.
   400  	// This pointer may be to some mmap'd region, so we allow it.
   401  	if s == nil {
   402  		return
   403  	}
   404  	// If p is a bad pointer, it may not be in s's bounds.
   405  	//
   406  	// Check s.state to synchronize with span initialization
   407  	// before checking other fields. See also spanOfHeap.
   408  	if state := s.state.get(); state != mSpanInUse || p < s.base() || p >= s.limit {
   409  		// Pointers into stacks are also ok, the runtime manages these explicitly.
   410  		if state == mSpanManual {
   411  			return
   412  		}
   413  		// The following ensures that we are rigorous about what data
   414  		// structures hold valid pointers.
   415  		if debug.invalidptr != 0 {
   416  			badPointer(s, p, refBase, refOff)
   417  		}
   418  		return
   419  	}
   420  	// If this span holds object of a power of 2 size, just mask off the bits to
   421  	// the interior of the object. Otherwise use the size to get the base.
   422  	if s.baseMask != 0 {
   423  		// optimize for power of 2 sized objects.
   424  		base = s.base()
   425  		base = base + (p-base)&uintptr(s.baseMask)
   426  		objIndex = (base - s.base()) >> s.divShift
   427  		// base = p & s.baseMask is faster for small spans,
   428  		// but doesn't work for large spans.
   429  		// Overall, it's faster to use the more general computation above.
   430  	} else {
   431  		base = s.base()
   432  		if p-base >= s.elemsize {
   433  			// n := (p - base) / s.elemsize, using division by multiplication
   434  			objIndex = uintptr(p-base) >> s.divShift * uintptr(s.divMul) >> s.divShift2
   435  			base += objIndex * s.elemsize
   436  		}
   437  	}
   438  	return
   439  }
   440  
   441  // next returns the heapBits describing the next pointer-sized word in memory.
   442  // That is, if h describes address p, h.next() describes p+ptrSize.
   443  // Note that next does not modify h. The caller must record the result.
   444  //
   445  // nosplit because it is used during write barriers and must not be preempted.
   446  //go:nosplit
   447  func (h heapBits) next() heapBits {
   448  	if h.shift < 3*heapBitsShift {
   449  		h.shift += heapBitsShift
   450  	} else if h.bitp != h.last {
   451  		h.bitp, h.shift = add1(h.bitp), 0
   452  	} else {
   453  		// Move to the next arena.
   454  		return h.nextArena()
   455  	}
   456  	return h
   457  }
   458  
   459  // nextArena advances h to the beginning of the next heap arena.
   460  //
   461  // This is a slow-path helper to next. gc's inliner knows that
   462  // heapBits.next can be inlined even though it calls this. This is
   463  // marked noinline so it doesn't get inlined into next and cause next
   464  // to be too big to inline.
   465  //
   466  //go:nosplit
   467  //go:noinline
   468  func (h heapBits) nextArena() heapBits {
   469  	h.arena++
   470  	ai := arenaIdx(h.arena)
   471  	l2 := mheap_.arenas[ai.l1()]
   472  	if l2 == nil {
   473  		// We just passed the end of the object, which
   474  		// was also the end of the heap. Poison h. It
   475  		// should never be dereferenced at this point.
   476  		return heapBits{}
   477  	}
   478  	ha := l2[ai.l2()]
   479  	if ha == nil {
   480  		return heapBits{}
   481  	}
   482  	h.bitp, h.shift = &ha.bitmap[0], 0
   483  	h.last = &ha.bitmap[len(ha.bitmap)-1]
   484  	return h
   485  }
   486  
   487  // forward returns the heapBits describing n pointer-sized words ahead of h in memory.
   488  // That is, if h describes address p, h.forward(n) describes p+n*ptrSize.
   489  // h.forward(1) is equivalent to h.next(), just slower.
   490  // Note that forward does not modify h. The caller must record the result.
   491  // bits returns the heap bits for the current word.
   492  //go:nosplit
   493  func (h heapBits) forward(n uintptr) heapBits {
   494  	n += uintptr(h.shift) / heapBitsShift
   495  	nbitp := uintptr(unsafe.Pointer(h.bitp)) + n/4
   496  	h.shift = uint32(n%4) * heapBitsShift
   497  	if nbitp <= uintptr(unsafe.Pointer(h.last)) {
   498  		h.bitp = (*uint8)(unsafe.Pointer(nbitp))
   499  		return h
   500  	}
   501  
   502  	// We're in a new heap arena.
   503  	past := nbitp - (uintptr(unsafe.Pointer(h.last)) + 1)
   504  	h.arena += 1 + uint32(past/heapArenaBitmapBytes)
   505  	ai := arenaIdx(h.arena)
   506  	if l2 := mheap_.arenas[ai.l1()]; l2 != nil && l2[ai.l2()] != nil {
   507  		a := l2[ai.l2()]
   508  		h.bitp = &a.bitmap[past%heapArenaBitmapBytes]
   509  		h.last = &a.bitmap[len(a.bitmap)-1]
   510  	} else {
   511  		h.bitp, h.last = nil, nil
   512  	}
   513  	return h
   514  }
   515  
   516  // forwardOrBoundary is like forward, but stops at boundaries between
   517  // contiguous sections of the bitmap. It returns the number of words
   518  // advanced over, which will be <= n.
   519  func (h heapBits) forwardOrBoundary(n uintptr) (heapBits, uintptr) {
   520  	maxn := 4 * ((uintptr(unsafe.Pointer(h.last)) + 1) - uintptr(unsafe.Pointer(h.bitp)))
   521  	if n > maxn {
   522  		n = maxn
   523  	}
   524  	return h.forward(n), n
   525  }
   526  
   527  // The caller can test morePointers and isPointer by &-ing with bitScan and bitPointer.
   528  // The result includes in its higher bits the bits for subsequent words
   529  // described by the same bitmap byte.
   530  //
   531  // nosplit because it is used during write barriers and must not be preempted.
   532  //go:nosplit
   533  func (h heapBits) bits() uint32 {
   534  	// The (shift & 31) eliminates a test and conditional branch
   535  	// from the generated code.
   536  	return uint32(*h.bitp) >> (h.shift & 31)
   537  }
   538  
   539  // morePointers reports whether this word and all remaining words in this object
   540  // are scalars.
   541  // h must not describe the second word of the object.
   542  func (h heapBits) morePointers() bool {
   543  	return h.bits()&bitScan != 0
   544  }
   545  
   546  // isPointer reports whether the heap bits describe a pointer word.
   547  //
   548  // nosplit because it is used during write barriers and must not be preempted.
   549  //go:nosplit
   550  func (h heapBits) isPointer() bool {
   551  	return h.bits()&bitPointer != 0
   552  }
   553  
   554  // isCheckmarked reports whether the heap bits have the checkmarked bit set.
   555  // It must be told how large the object at h is, because the encoding of the
   556  // checkmark bit varies by size.
   557  // h must describe the initial word of the object.
   558  func (h heapBits) isCheckmarked(size uintptr) bool {
   559  	if size == sys.PtrSize {
   560  		return (*h.bitp>>h.shift)&bitPointer != 0
   561  	}
   562  	// All multiword objects are 2-word aligned,
   563  	// so we know that the initial word's 2-bit pair
   564  	// and the second word's 2-bit pair are in the
   565  	// same heap bitmap byte, *h.bitp.
   566  	return (*h.bitp>>(heapBitsShift+h.shift))&bitScan != 0
   567  }
   568  
   569  // setCheckmarked sets the checkmarked bit.
   570  // It must be told how large the object at h is, because the encoding of the
   571  // checkmark bit varies by size.
   572  // h must describe the initial word of the object.
   573  func (h heapBits) setCheckmarked(size uintptr) {
   574  	if size == sys.PtrSize {
   575  		atomic.Or8(h.bitp, bitPointer<<h.shift)
   576  		return
   577  	}
   578  	atomic.Or8(h.bitp, bitScan<<(heapBitsShift+h.shift))
   579  }
   580  
   581  // bulkBarrierPreWrite executes a write barrier
   582  // for every pointer slot in the memory range [src, src+size),
   583  // using pointer/scalar information from [dst, dst+size).
   584  // This executes the write barriers necessary before a memmove.
   585  // src, dst, and size must be pointer-aligned.
   586  // The range [dst, dst+size) must lie within a single object.
   587  // It does not perform the actual writes.
   588  //
   589  // As a special case, src == 0 indicates that this is being used for a
   590  // memclr. bulkBarrierPreWrite will pass 0 for the src of each write
   591  // barrier.
   592  //
   593  // Callers should call bulkBarrierPreWrite immediately before
   594  // calling memmove(dst, src, size). This function is marked nosplit
   595  // to avoid being preempted; the GC must not stop the goroutine
   596  // between the memmove and the execution of the barriers.
   597  // The caller is also responsible for cgo pointer checks if this
   598  // may be writing Go pointers into non-Go memory.
   599  //
   600  // The pointer bitmap is not maintained for allocations containing
   601  // no pointers at all; any caller of bulkBarrierPreWrite must first
   602  // make sure the underlying allocation contains pointers, usually
   603  // by checking typ.ptrdata.
   604  //
   605  // Callers must perform cgo checks if writeBarrier.cgo.
   606  //
   607  //go:nosplit
   608  func bulkBarrierPreWrite(dst, src, size uintptr) {
   609  	if (dst|src|size)&(sys.PtrSize-1) != 0 {
   610  		throw("bulkBarrierPreWrite: unaligned arguments")
   611  	}
   612  	if !writeBarrier.needed {
   613  		return
   614  	}
   615  	if s := spanOf(dst); s == nil {
   616  		// If dst is a global, use the data or BSS bitmaps to
   617  		// execute write barriers.
   618  		for _, datap := range activeModules() {
   619  			if datap.data <= dst && dst < datap.edata {
   620  				bulkBarrierBitmap(dst, src, size, dst-datap.data, datap.gcdatamask.bytedata)
   621  				return
   622  			}
   623  		}
   624  		for _, datap := range activeModules() {
   625  			if datap.bss <= dst && dst < datap.ebss {
   626  				bulkBarrierBitmap(dst, src, size, dst-datap.bss, datap.gcbssmask.bytedata)
   627  				return
   628  			}
   629  		}
   630  		return
   631  	} else if s.state.get() != mSpanInUse || dst < s.base() || s.limit <= dst {
   632  		// dst was heap memory at some point, but isn't now.
   633  		// It can't be a global. It must be either our stack,
   634  		// or in the case of direct channel sends, it could be
   635  		// another stack. Either way, no need for barriers.
   636  		// This will also catch if dst is in a freed span,
   637  		// though that should never have.
   638  		return
   639  	}
   640  
   641  	buf := &getg().m.p.ptr().wbBuf
   642  	h := heapBitsForAddr(dst)
   643  	if src == 0 {
   644  		for i := uintptr(0); i < size; i += sys.PtrSize {
   645  			if h.isPointer() {
   646  				dstx := (*uintptr)(unsafe.Pointer(dst + i))
   647  				if !buf.putFast(*dstx, 0) {
   648  					wbBufFlush(nil, 0)
   649  				}
   650  			}
   651  			h = h.next()
   652  		}
   653  	} else {
   654  		for i := uintptr(0); i < size; i += sys.PtrSize {
   655  			if h.isPointer() {
   656  				dstx := (*uintptr)(unsafe.Pointer(dst + i))
   657  				srcx := (*uintptr)(unsafe.Pointer(src + i))
   658  				if !buf.putFast(*dstx, *srcx) {
   659  					wbBufFlush(nil, 0)
   660  				}
   661  			}
   662  			h = h.next()
   663  		}
   664  	}
   665  }
   666  
   667  // bulkBarrierPreWriteSrcOnly is like bulkBarrierPreWrite but
   668  // does not execute write barriers for [dst, dst+size).
   669  //
   670  // In addition to the requirements of bulkBarrierPreWrite
   671  // callers need to ensure [dst, dst+size) is zeroed.
   672  //
   673  // This is used for special cases where e.g. dst was just
   674  // created and zeroed with malloc.
   675  //go:nosplit
   676  func bulkBarrierPreWriteSrcOnly(dst, src, size uintptr) {
   677  	if (dst|src|size)&(sys.PtrSize-1) != 0 {
   678  		throw("bulkBarrierPreWrite: unaligned arguments")
   679  	}
   680  	if !writeBarrier.needed {
   681  		return
   682  	}
   683  	buf := &getg().m.p.ptr().wbBuf
   684  	h := heapBitsForAddr(dst)
   685  	for i := uintptr(0); i < size; i += sys.PtrSize {
   686  		if h.isPointer() {
   687  			srcx := (*uintptr)(unsafe.Pointer(src + i))
   688  			if !buf.putFast(0, *srcx) {
   689  				wbBufFlush(nil, 0)
   690  			}
   691  		}
   692  		h = h.next()
   693  	}
   694  }
   695  
   696  // bulkBarrierBitmap executes write barriers for copying from [src,
   697  // src+size) to [dst, dst+size) using a 1-bit pointer bitmap. src is
   698  // assumed to start maskOffset bytes into the data covered by the
   699  // bitmap in bits (which may not be a multiple of 8).
   700  //
   701  // This is used by bulkBarrierPreWrite for writes to data and BSS.
   702  //
   703  //go:nosplit
   704  func bulkBarrierBitmap(dst, src, size, maskOffset uintptr, bits *uint8) {
   705  	word := maskOffset / sys.PtrSize
   706  	bits = addb(bits, word/8)
   707  	mask := uint8(1) << (word % 8)
   708  
   709  	buf := &getg().m.p.ptr().wbBuf
   710  	for i := uintptr(0); i < size; i += sys.PtrSize {
   711  		if mask == 0 {
   712  			bits = addb(bits, 1)
   713  			if *bits == 0 {
   714  				// Skip 8 words.
   715  				i += 7 * sys.PtrSize
   716  				continue
   717  			}
   718  			mask = 1
   719  		}
   720  		if *bits&mask != 0 {
   721  			dstx := (*uintptr)(unsafe.Pointer(dst + i))
   722  			if src == 0 {
   723  				if !buf.putFast(*dstx, 0) {
   724  					wbBufFlush(nil, 0)
   725  				}
   726  			} else {
   727  				srcx := (*uintptr)(unsafe.Pointer(src + i))
   728  				if !buf.putFast(*dstx, *srcx) {
   729  					wbBufFlush(nil, 0)
   730  				}
   731  			}
   732  		}
   733  		mask <<= 1
   734  	}
   735  }
   736  
   737  // typeBitsBulkBarrier executes a write barrier for every
   738  // pointer that would be copied from [src, src+size) to [dst,
   739  // dst+size) by a memmove using the type bitmap to locate those
   740  // pointer slots.
   741  //
   742  // The type typ must correspond exactly to [src, src+size) and [dst, dst+size).
   743  // dst, src, and size must be pointer-aligned.
   744  // The type typ must have a plain bitmap, not a GC program.
   745  // The only use of this function is in channel sends, and the
   746  // 64 kB channel element limit takes care of this for us.
   747  //
   748  // Must not be preempted because it typically runs right before memmove,
   749  // and the GC must observe them as an atomic action.
   750  //
   751  // Callers must perform cgo checks if writeBarrier.cgo.
   752  //
   753  //go:nosplit
   754  func typeBitsBulkBarrier(typ *_type, dst, src, size uintptr) {
   755  	if typ == nil {
   756  		throw("runtime: typeBitsBulkBarrier without type")
   757  	}
   758  	if typ.size != size {
   759  		println("runtime: typeBitsBulkBarrier with type ", typ.string(), " of size ", typ.size, " but memory size", size)
   760  		throw("runtime: invalid typeBitsBulkBarrier")
   761  	}
   762  	if typ.kind&kindGCProg != 0 {
   763  		println("runtime: typeBitsBulkBarrier with type ", typ.string(), " with GC prog")
   764  		throw("runtime: invalid typeBitsBulkBarrier")
   765  	}
   766  	if !writeBarrier.needed {
   767  		return
   768  	}
   769  	ptrmask := typ.gcdata
   770  	buf := &getg().m.p.ptr().wbBuf
   771  	var bits uint32
   772  	for i := uintptr(0); i < typ.ptrdata; i += sys.PtrSize {
   773  		if i&(sys.PtrSize*8-1) == 0 {
   774  			bits = uint32(*ptrmask)
   775  			ptrmask = addb(ptrmask, 1)
   776  		} else {
   777  			bits = bits >> 1
   778  		}
   779  		if bits&1 != 0 {
   780  			dstx := (*uintptr)(unsafe.Pointer(dst + i))
   781  			srcx := (*uintptr)(unsafe.Pointer(src + i))
   782  			if !buf.putFast(*dstx, *srcx) {
   783  				wbBufFlush(nil, 0)
   784  			}
   785  		}
   786  	}
   787  }
   788  
   789  // The methods operating on spans all require that h has been returned
   790  // by heapBitsForSpan and that size, n, total are the span layout description
   791  // returned by the mspan's layout method.
   792  // If total > size*n, it means that there is extra leftover memory in the span,
   793  // usually due to rounding.
   794  //
   795  // TODO(rsc): Perhaps introduce a different heapBitsSpan type.
   796  
   797  // initSpan initializes the heap bitmap for a span.
   798  // It clears all checkmark bits.
   799  // If this is a span of pointer-sized objects, it initializes all
   800  // words to pointer/scan.
   801  // Otherwise, it initializes all words to scalar/dead.
   802  func (h heapBits) initSpan(s *mspan) {
   803  	// Clear bits corresponding to objects.
   804  	nw := (s.npages << _PageShift) / sys.PtrSize
   805  	if nw%wordsPerBitmapByte != 0 {
   806  		throw("initSpan: unaligned length")
   807  	}
   808  	if h.shift != 0 {
   809  		throw("initSpan: unaligned base")
   810  	}
   811  	isPtrs := sys.PtrSize == 8 && s.elemsize == sys.PtrSize
   812  	for nw > 0 {
   813  		hNext, anw := h.forwardOrBoundary(nw)
   814  		nbyte := anw / wordsPerBitmapByte
   815  		if isPtrs {
   816  			bitp := h.bitp
   817  			for i := uintptr(0); i < nbyte; i++ {
   818  				*bitp = bitPointerAll | bitScanAll
   819  				bitp = add1(bitp)
   820  			}
   821  		} else {
   822  			memclrNoHeapPointers(unsafe.Pointer(h.bitp), nbyte)
   823  		}
   824  		h = hNext
   825  		nw -= anw
   826  	}
   827  }
   828  
   829  // initCheckmarkSpan initializes a span for being checkmarked.
   830  // It clears the checkmark bits, which are set to 1 in normal operation.
   831  func (h heapBits) initCheckmarkSpan(size, n, total uintptr) {
   832  	// The ptrSize == 8 is a compile-time constant false on 32-bit and eliminates this code entirely.
   833  	if sys.PtrSize == 8 && size == sys.PtrSize {
   834  		// Checkmark bit is type bit, bottom bit of every 2-bit entry.
   835  		// Only possible on 64-bit system, since minimum size is 8.
   836  		// Must clear type bit (checkmark bit) of every word.
   837  		// The type bit is the lower of every two-bit pair.
   838  		for i := uintptr(0); i < n; i += wordsPerBitmapByte {
   839  			*h.bitp &^= bitPointerAll
   840  			h = h.forward(wordsPerBitmapByte)
   841  		}
   842  		return
   843  	}
   844  	for i := uintptr(0); i < n; i++ {
   845  		*h.bitp &^= bitScan << (heapBitsShift + h.shift)
   846  		h = h.forward(size / sys.PtrSize)
   847  	}
   848  }
   849  
   850  // clearCheckmarkSpan undoes all the checkmarking in a span.
   851  // The actual checkmark bits are ignored, so the only work to do
   852  // is to fix the pointer bits. (Pointer bits are ignored by scanobject
   853  // but consulted by typedmemmove.)
   854  func (h heapBits) clearCheckmarkSpan(size, n, total uintptr) {
   855  	// The ptrSize == 8 is a compile-time constant false on 32-bit and eliminates this code entirely.
   856  	if sys.PtrSize == 8 && size == sys.PtrSize {
   857  		// Checkmark bit is type bit, bottom bit of every 2-bit entry.
   858  		// Only possible on 64-bit system, since minimum size is 8.
   859  		// Must clear type bit (checkmark bit) of every word.
   860  		// The type bit is the lower of every two-bit pair.
   861  		for i := uintptr(0); i < n; i += wordsPerBitmapByte {
   862  			*h.bitp |= bitPointerAll
   863  			h = h.forward(wordsPerBitmapByte)
   864  		}
   865  	}
   866  }
   867  
   868  // countAlloc returns the number of objects allocated in span s by
   869  // scanning the allocation bitmap.
   870  func (s *mspan) countAlloc() int {
   871  	count := 0
   872  	bytes := divRoundUp(s.nelems, 8)
   873  	// Iterate over each 8-byte chunk and count allocations
   874  	// with an intrinsic. Note that newMarkBits guarantees that
   875  	// gcmarkBits will be 8-byte aligned, so we don't have to
   876  	// worry about edge cases, irrelevant bits will simply be zero.
   877  	for i := uintptr(0); i < bytes; i += 8 {
   878  		// Extract 64 bits from the byte pointer and get a OnesCount.
   879  		// Note that the unsafe cast here doesn't preserve endianness,
   880  		// but that's OK. We only care about how many bits are 1, not
   881  		// about the order we discover them in.
   882  		mrkBits := *(*uint64)(unsafe.Pointer(s.gcmarkBits.bytep(i)))
   883  		count += sys.OnesCount64(mrkBits)
   884  	}
   885  	return count
   886  }
   887  
   888  // heapBitsSetType records that the new allocation [x, x+size)
   889  // holds in [x, x+dataSize) one or more values of type typ.
   890  // (The number of values is given by dataSize / typ.size.)
   891  // If dataSize < size, the fragment [x+dataSize, x+size) is
   892  // recorded as non-pointer data.
   893  // It is known that the type has pointers somewhere;
   894  // malloc does not call heapBitsSetType when there are no pointers,
   895  // because all free objects are marked as noscan during
   896  // heapBitsSweepSpan.
   897  //
   898  // There can only be one allocation from a given span active at a time,
   899  // and the bitmap for a span always falls on byte boundaries,
   900  // so there are no write-write races for access to the heap bitmap.
   901  // Hence, heapBitsSetType can access the bitmap without atomics.
   902  //
   903  // There can be read-write races between heapBitsSetType and things
   904  // that read the heap bitmap like scanobject. However, since
   905  // heapBitsSetType is only used for objects that have not yet been
   906  // made reachable, readers will ignore bits being modified by this
   907  // function. This does mean this function cannot transiently modify
   908  // bits that belong to neighboring objects. Also, on weakly-ordered
   909  // machines, callers must execute a store/store (publication) barrier
   910  // between calling this function and making the object reachable.
   911  func heapBitsSetType(x, size, dataSize uintptr, typ *_type) {
   912  	const doubleCheck = false // slow but helpful; enable to test modifications to this code
   913  
   914  	// dataSize is always size rounded up to the next malloc size class,
   915  	// except in the case of allocating a defer block, in which case
   916  	// size is sizeof(_defer{}) (at least 6 words) and dataSize may be
   917  	// arbitrarily larger.
   918  	//
   919  	// The checks for size == sys.PtrSize and size == 2*sys.PtrSize can therefore
   920  	// assume that dataSize == size without checking it explicitly.
   921  
   922  	if sys.PtrSize == 8 && size == sys.PtrSize {
   923  		// It's one word and it has pointers, it must be a pointer.
   924  		// Since all allocated one-word objects are pointers
   925  		// (non-pointers are aggregated into tinySize allocations),
   926  		// initSpan sets the pointer bits for us. Nothing to do here.
   927  		if doubleCheck {
   928  			h := heapBitsForAddr(x)
   929  			if !h.isPointer() {
   930  				throw("heapBitsSetType: pointer bit missing")
   931  			}
   932  			if !h.morePointers() {
   933  				throw("heapBitsSetType: scan bit missing")
   934  			}
   935  		}
   936  		return
   937  	}
   938  
   939  	h := heapBitsForAddr(x)
   940  	ptrmask := typ.gcdata // start of 1-bit pointer mask (or GC program, handled below)
   941  
   942  	// Heap bitmap bits for 2-word object are only 4 bits,
   943  	// so also shared with objects next to it.
   944  	// This is called out as a special case primarily for 32-bit systems,
   945  	// so that on 32-bit systems the code below can assume all objects
   946  	// are 4-word aligned (because they're all 16-byte aligned).
   947  	if size == 2*sys.PtrSize {
   948  		if typ.size == sys.PtrSize {
   949  			// We're allocating a block big enough to hold two pointers.
   950  			// On 64-bit, that means the actual object must be two pointers,
   951  			// or else we'd have used the one-pointer-sized block.
   952  			// On 32-bit, however, this is the 8-byte block, the smallest one.
   953  			// So it could be that we're allocating one pointer and this was
   954  			// just the smallest block available. Distinguish by checking dataSize.
   955  			// (In general the number of instances of typ being allocated is
   956  			// dataSize/typ.size.)
   957  			if sys.PtrSize == 4 && dataSize == sys.PtrSize {
   958  				// 1 pointer object. On 32-bit machines clear the bit for the
   959  				// unused second word.
   960  				*h.bitp &^= (bitPointer | bitScan | ((bitPointer | bitScan) << heapBitsShift)) << h.shift
   961  				*h.bitp |= (bitPointer | bitScan) << h.shift
   962  			} else {
   963  				// 2-element slice of pointer.
   964  				*h.bitp |= (bitPointer | bitScan | bitPointer<<heapBitsShift) << h.shift
   965  			}
   966  			return
   967  		}
   968  		// Otherwise typ.size must be 2*sys.PtrSize,
   969  		// and typ.kind&kindGCProg == 0.
   970  		if doubleCheck {
   971  			if typ.size != 2*sys.PtrSize || typ.kind&kindGCProg != 0 {
   972  				print("runtime: heapBitsSetType size=", size, " but typ.size=", typ.size, " gcprog=", typ.kind&kindGCProg != 0, "\n")
   973  				throw("heapBitsSetType")
   974  			}
   975  		}
   976  		b := uint32(*ptrmask)
   977  		hb := (b & 3) | bitScan
   978  		// bitPointer == 1, bitScan is 1 << 4, heapBitsShift is 1.
   979  		// 110011 is shifted h.shift and complemented.
   980  		// This clears out the bits that are about to be
   981  		// ored into *h.hbitp in the next instructions.
   982  		*h.bitp &^= (bitPointer | bitScan | ((bitPointer | bitScan) << heapBitsShift)) << h.shift
   983  		*h.bitp |= uint8(hb << h.shift)
   984  		return
   985  	}
   986  
   987  	// Copy from 1-bit ptrmask into 2-bit bitmap.
   988  	// The basic approach is to use a single uintptr as a bit buffer,
   989  	// alternating between reloading the buffer and writing bitmap bytes.
   990  	// In general, one load can supply two bitmap byte writes.
   991  	// This is a lot of lines of code, but it compiles into relatively few
   992  	// machine instructions.
   993  
   994  	outOfPlace := false
   995  	if arenaIndex(x+size-1) != arenaIdx(h.arena) || (doubleCheck && fastrand()%2 == 0) {
   996  		// This object spans heap arenas, so the bitmap may be
   997  		// discontiguous. Unroll it into the object instead
   998  		// and then copy it out.
   999  		//
  1000  		// In doubleCheck mode, we randomly do this anyway to
  1001  		// stress test the bitmap copying path.
  1002  		outOfPlace = true
  1003  		h.bitp = (*uint8)(unsafe.Pointer(x))
  1004  		h.last = nil
  1005  	}
  1006  
  1007  	var (
  1008  		// Ptrmask input.
  1009  		p     *byte   // last ptrmask byte read
  1010  		b     uintptr // ptrmask bits already loaded
  1011  		nb    uintptr // number of bits in b at next read
  1012  		endp  *byte   // final ptrmask byte to read (then repeat)
  1013  		endnb uintptr // number of valid bits in *endp
  1014  		pbits uintptr // alternate source of bits
  1015  
  1016  		// Heap bitmap output.
  1017  		w     uintptr // words processed
  1018  		nw    uintptr // number of words to process
  1019  		hbitp *byte   // next heap bitmap byte to write
  1020  		hb    uintptr // bits being prepared for *hbitp
  1021  	)
  1022  
  1023  	hbitp = h.bitp
  1024  
  1025  	// Handle GC program. Delayed until this part of the code
  1026  	// so that we can use the same double-checking mechanism
  1027  	// as the 1-bit case. Nothing above could have encountered
  1028  	// GC programs: the cases were all too small.
  1029  	if typ.kind&kindGCProg != 0 {
  1030  		heapBitsSetTypeGCProg(h, typ.ptrdata, typ.size, dataSize, size, addb(typ.gcdata, 4))
  1031  		if doubleCheck {
  1032  			// Double-check the heap bits written by GC program
  1033  			// by running the GC program to create a 1-bit pointer mask
  1034  			// and then jumping to the double-check code below.
  1035  			// This doesn't catch bugs shared between the 1-bit and 4-bit
  1036  			// GC program execution, but it does catch mistakes specific
  1037  			// to just one of those and bugs in heapBitsSetTypeGCProg's
  1038  			// implementation of arrays.
  1039  			lock(&debugPtrmask.lock)
  1040  			if debugPtrmask.data == nil {
  1041  				debugPtrmask.data = (*byte)(persistentalloc(1<<20, 1, &memstats.other_sys))
  1042  			}
  1043  			ptrmask = debugPtrmask.data
  1044  			runGCProg(addb(typ.gcdata, 4), nil, ptrmask, 1)
  1045  		}
  1046  		goto Phase4
  1047  	}
  1048  
  1049  	// Note about sizes:
  1050  	//
  1051  	// typ.size is the number of words in the object,
  1052  	// and typ.ptrdata is the number of words in the prefix
  1053  	// of the object that contains pointers. That is, the final
  1054  	// typ.size - typ.ptrdata words contain no pointers.
  1055  	// This allows optimization of a common pattern where
  1056  	// an object has a small header followed by a large scalar
  1057  	// buffer. If we know the pointers are over, we don't have
  1058  	// to scan the buffer's heap bitmap at all.
  1059  	// The 1-bit ptrmasks are sized to contain only bits for
  1060  	// the typ.ptrdata prefix, zero padded out to a full byte
  1061  	// of bitmap. This code sets nw (below) so that heap bitmap
  1062  	// bits are only written for the typ.ptrdata prefix; if there is
  1063  	// more room in the allocated object, the next heap bitmap
  1064  	// entry is a 00, indicating that there are no more pointers
  1065  	// to scan. So only the ptrmask for the ptrdata bytes is needed.
  1066  	//
  1067  	// Replicated copies are not as nice: if there is an array of
  1068  	// objects with scalar tails, all but the last tail does have to
  1069  	// be initialized, because there is no way to say "skip forward".
  1070  	// However, because of the possibility of a repeated type with
  1071  	// size not a multiple of 4 pointers (one heap bitmap byte),
  1072  	// the code already must handle the last ptrmask byte specially
  1073  	// by treating it as containing only the bits for endnb pointers,
  1074  	// where endnb <= 4. We represent large scalar tails that must
  1075  	// be expanded in the replication by setting endnb larger than 4.
  1076  	// This will have the effect of reading many bits out of b,
  1077  	// but once the real bits are shifted out, b will supply as many
  1078  	// zero bits as we try to read, which is exactly what we need.
  1079  
  1080  	p = ptrmask
  1081  	if typ.size < dataSize {
  1082  		// Filling in bits for an array of typ.
  1083  		// Set up for repetition of ptrmask during main loop.
  1084  		// Note that ptrmask describes only a prefix of
  1085  		const maxBits = sys.PtrSize*8 - 7
  1086  		if typ.ptrdata/sys.PtrSize <= maxBits {
  1087  			// Entire ptrmask fits in uintptr with room for a byte fragment.
  1088  			// Load into pbits and never read from ptrmask again.
  1089  			// This is especially important when the ptrmask has
  1090  			// fewer than 8 bits in it; otherwise the reload in the middle
  1091  			// of the Phase 2 loop would itself need to loop to gather
  1092  			// at least 8 bits.
  1093  
  1094  			// Accumulate ptrmask into b.
  1095  			// ptrmask is sized to describe only typ.ptrdata, but we record
  1096  			// it as describing typ.size bytes, since all the high bits are zero.
  1097  			nb = typ.ptrdata / sys.PtrSize
  1098  			for i := uintptr(0); i < nb; i += 8 {
  1099  				b |= uintptr(*p) << i
  1100  				p = add1(p)
  1101  			}
  1102  			nb = typ.size / sys.PtrSize
  1103  
  1104  			// Replicate ptrmask to fill entire pbits uintptr.
  1105  			// Doubling and truncating is fewer steps than
  1106  			// iterating by nb each time. (nb could be 1.)
  1107  			// Since we loaded typ.ptrdata/sys.PtrSize bits
  1108  			// but are pretending to have typ.size/sys.PtrSize,
  1109  			// there might be no replication necessary/possible.
  1110  			pbits = b
  1111  			endnb = nb
  1112  			if nb+nb <= maxBits {
  1113  				for endnb <= sys.PtrSize*8 {
  1114  					pbits |= pbits << endnb
  1115  					endnb += endnb
  1116  				}
  1117  				// Truncate to a multiple of original ptrmask.
  1118  				// Because nb+nb <= maxBits, nb fits in a byte.
  1119  				// Byte division is cheaper than uintptr division.
  1120  				endnb = uintptr(maxBits/byte(nb)) * nb
  1121  				pbits &= 1<<endnb - 1
  1122  				b = pbits
  1123  				nb = endnb
  1124  			}
  1125  
  1126  			// Clear p and endp as sentinel for using pbits.
  1127  			// Checked during Phase 2 loop.
  1128  			p = nil
  1129  			endp = nil
  1130  		} else {
  1131  			// Ptrmask is larger. Read it multiple times.
  1132  			n := (typ.ptrdata/sys.PtrSize+7)/8 - 1
  1133  			endp = addb(ptrmask, n)
  1134  			endnb = typ.size/sys.PtrSize - n*8
  1135  		}
  1136  	}
  1137  	if p != nil {
  1138  		b = uintptr(*p)
  1139  		p = add1(p)
  1140  		nb = 8
  1141  	}
  1142  
  1143  	if typ.size == dataSize {
  1144  		// Single entry: can stop once we reach the non-pointer data.
  1145  		nw = typ.ptrdata / sys.PtrSize
  1146  	} else {
  1147  		// Repeated instances of typ in an array.
  1148  		// Have to process first N-1 entries in full, but can stop
  1149  		// once we reach the non-pointer data in the final entry.
  1150  		nw = ((dataSize/typ.size-1)*typ.size + typ.ptrdata) / sys.PtrSize
  1151  	}
  1152  	if nw == 0 {
  1153  		// No pointers! Caller was supposed to check.
  1154  		println("runtime: invalid type ", typ.string())
  1155  		throw("heapBitsSetType: called with non-pointer type")
  1156  		return
  1157  	}
  1158  	if nw < 2 {
  1159  		// Must write at least 2 words, because the "no scan"
  1160  		// encoding doesn't take effect until the third word.
  1161  		nw = 2
  1162  	}
  1163  
  1164  	// Phase 1: Special case for leading byte (shift==0) or half-byte (shift==2).
  1165  	// The leading byte is special because it contains the bits for word 1,
  1166  	// which does not have the scan bit set.
  1167  	// The leading half-byte is special because it's a half a byte,
  1168  	// so we have to be careful with the bits already there.
  1169  	switch {
  1170  	default:
  1171  		throw("heapBitsSetType: unexpected shift")
  1172  
  1173  	case h.shift == 0:
  1174  		// Ptrmask and heap bitmap are aligned.
  1175  		// Handle first byte of bitmap specially.
  1176  		//
  1177  		// The first byte we write out covers the first four
  1178  		// words of the object. The scan/dead bit on the first
  1179  		// word must be set to scan since there are pointers
  1180  		// somewhere in the object. The scan/dead bit on the
  1181  		// second word is the checkmark, so we don't set it.
  1182  		// In all following words, we set the scan/dead
  1183  		// appropriately to indicate that the object contains
  1184  		// to the next 2-bit entry in the bitmap.
  1185  		//
  1186  		// TODO: It doesn't matter if we set the checkmark, so
  1187  		// maybe this case isn't needed any more.
  1188  		hb = b & bitPointerAll
  1189  		hb |= bitScan | bitScan<<(2*heapBitsShift) | bitScan<<(3*heapBitsShift)
  1190  		if w += 4; w >= nw {
  1191  			goto Phase3
  1192  		}
  1193  		*hbitp = uint8(hb)
  1194  		hbitp = add1(hbitp)
  1195  		b >>= 4
  1196  		nb -= 4
  1197  
  1198  	case sys.PtrSize == 8 && h.shift == 2:
  1199  		// Ptrmask and heap bitmap are misaligned.
  1200  		// The bits for the first two words are in a byte shared
  1201  		// with another object, so we must be careful with the bits
  1202  		// already there.
  1203  		// We took care of 1-word and 2-word objects above,
  1204  		// so this is at least a 6-word object.
  1205  		hb = (b & (bitPointer | bitPointer<<heapBitsShift)) << (2 * heapBitsShift)
  1206  		// This is not noscan, so set the scan bit in the
  1207  		// first word.
  1208  		hb |= bitScan << (2 * heapBitsShift)
  1209  		b >>= 2
  1210  		nb -= 2
  1211  		// Note: no bitScan for second word because that's
  1212  		// the checkmark.
  1213  		*hbitp &^= uint8((bitPointer | bitScan | (bitPointer << heapBitsShift)) << (2 * heapBitsShift))
  1214  		*hbitp |= uint8(hb)
  1215  		hbitp = add1(hbitp)
  1216  		if w += 2; w >= nw {
  1217  			// We know that there is more data, because we handled 2-word objects above.
  1218  			// This must be at least a 6-word object. If we're out of pointer words,
  1219  			// mark no scan in next bitmap byte and finish.
  1220  			hb = 0
  1221  			w += 4
  1222  			goto Phase3
  1223  		}
  1224  	}
  1225  
  1226  	// Phase 2: Full bytes in bitmap, up to but not including write to last byte (full or partial) in bitmap.
  1227  	// The loop computes the bits for that last write but does not execute the write;
  1228  	// it leaves the bits in hb for processing by phase 3.
  1229  	// To avoid repeated adjustment of nb, we subtract out the 4 bits we're going to
  1230  	// use in the first half of the loop right now, and then we only adjust nb explicitly
  1231  	// if the 8 bits used by each iteration isn't balanced by 8 bits loaded mid-loop.
  1232  	nb -= 4
  1233  	for {
  1234  		// Emit bitmap byte.
  1235  		// b has at least nb+4 bits, with one exception:
  1236  		// if w+4 >= nw, then b has only nw-w bits,
  1237  		// but we'll stop at the break and then truncate
  1238  		// appropriately in Phase 3.
  1239  		hb = b & bitPointerAll
  1240  		hb |= bitScanAll
  1241  		if w += 4; w >= nw {
  1242  			break
  1243  		}
  1244  		*hbitp = uint8(hb)
  1245  		hbitp = add1(hbitp)
  1246  		b >>= 4
  1247  
  1248  		// Load more bits. b has nb right now.
  1249  		if p != endp {
  1250  			// Fast path: keep reading from ptrmask.
  1251  			// nb unmodified: we just loaded 8 bits,
  1252  			// and the next iteration will consume 8 bits,
  1253  			// leaving us with the same nb the next time we're here.
  1254  			if nb < 8 {
  1255  				b |= uintptr(*p) << nb
  1256  				p = add1(p)
  1257  			} else {
  1258  				// Reduce the number of bits in b.
  1259  				// This is important if we skipped
  1260  				// over a scalar tail, since nb could
  1261  				// be larger than the bit width of b.
  1262  				nb -= 8
  1263  			}
  1264  		} else if p == nil {
  1265  			// Almost as fast path: track bit count and refill from pbits.
  1266  			// For short repetitions.
  1267  			if nb < 8 {
  1268  				b |= pbits << nb
  1269  				nb += endnb
  1270  			}
  1271  			nb -= 8 // for next iteration
  1272  		} else {
  1273  			// Slow path: reached end of ptrmask.
  1274  			// Process final partial byte and rewind to start.
  1275  			b |= uintptr(*p) << nb
  1276  			nb += endnb
  1277  			if nb < 8 {
  1278  				b |= uintptr(*ptrmask) << nb
  1279  				p = add1(ptrmask)
  1280  			} else {
  1281  				nb -= 8
  1282  				p = ptrmask
  1283  			}
  1284  		}
  1285  
  1286  		// Emit bitmap byte.
  1287  		hb = b & bitPointerAll
  1288  		hb |= bitScanAll
  1289  		if w += 4; w >= nw {
  1290  			break
  1291  		}
  1292  		*hbitp = uint8(hb)
  1293  		hbitp = add1(hbitp)
  1294  		b >>= 4
  1295  	}
  1296  
  1297  Phase3:
  1298  	// Phase 3: Write last byte or partial byte and zero the rest of the bitmap entries.
  1299  	if w > nw {
  1300  		// Counting the 4 entries in hb not yet written to memory,
  1301  		// there are more entries than possible pointer slots.
  1302  		// Discard the excess entries (can't be more than 3).
  1303  		mask := uintptr(1)<<(4-(w-nw)) - 1
  1304  		hb &= mask | mask<<4 // apply mask to both pointer bits and scan bits
  1305  	}
  1306  
  1307  	// Change nw from counting possibly-pointer words to total words in allocation.
  1308  	nw = size / sys.PtrSize
  1309  
  1310  	// Write whole bitmap bytes.
  1311  	// The first is hb, the rest are zero.
  1312  	if w <= nw {
  1313  		*hbitp = uint8(hb)
  1314  		hbitp = add1(hbitp)
  1315  		hb = 0 // for possible final half-byte below
  1316  		for w += 4; w <= nw; w += 4 {
  1317  			*hbitp = 0
  1318  			hbitp = add1(hbitp)
  1319  		}
  1320  	}
  1321  
  1322  	// Write final partial bitmap byte if any.
  1323  	// We know w > nw, or else we'd still be in the loop above.
  1324  	// It can be bigger only due to the 4 entries in hb that it counts.
  1325  	// If w == nw+4 then there's nothing left to do: we wrote all nw entries
  1326  	// and can discard the 4 sitting in hb.
  1327  	// But if w == nw+2, we need to write first two in hb.
  1328  	// The byte is shared with the next object, so be careful with
  1329  	// existing bits.
  1330  	if w == nw+2 {
  1331  		*hbitp = *hbitp&^(bitPointer|bitScan|(bitPointer|bitScan)<<heapBitsShift) | uint8(hb)
  1332  	}
  1333  
  1334  Phase4:
  1335  	// Phase 4: Copy unrolled bitmap to per-arena bitmaps, if necessary.
  1336  	if outOfPlace {
  1337  		// TODO: We could probably make this faster by
  1338  		// handling [x+dataSize, x+size) specially.
  1339  		h := heapBitsForAddr(x)
  1340  		// cnw is the number of heap words, or bit pairs
  1341  		// remaining (like nw above).
  1342  		cnw := size / sys.PtrSize
  1343  		src := (*uint8)(unsafe.Pointer(x))
  1344  		// We know the first and last byte of the bitmap are
  1345  		// not the same, but it's still possible for small
  1346  		// objects span arenas, so it may share bitmap bytes
  1347  		// with neighboring objects.
  1348  		//
  1349  		// Handle the first byte specially if it's shared. See
  1350  		// Phase 1 for why this is the only special case we need.
  1351  		if doubleCheck {
  1352  			if !(h.shift == 0 || (sys.PtrSize == 8 && h.shift == 2)) {
  1353  				print("x=", x, " size=", size, " cnw=", h.shift, "\n")
  1354  				throw("bad start shift")
  1355  			}
  1356  		}
  1357  		if sys.PtrSize == 8 && h.shift == 2 {
  1358  			*h.bitp = *h.bitp&^((bitPointer|bitScan|(bitPointer|bitScan)<<heapBitsShift)<<(2*heapBitsShift)) | *src
  1359  			h = h.next().next()
  1360  			cnw -= 2
  1361  			src = addb(src, 1)
  1362  		}
  1363  		// We're now byte aligned. Copy out to per-arena
  1364  		// bitmaps until the last byte (which may again be
  1365  		// partial).
  1366  		for cnw >= 4 {
  1367  			// This loop processes four words at a time,
  1368  			// so round cnw down accordingly.
  1369  			hNext, words := h.forwardOrBoundary(cnw / 4 * 4)
  1370  
  1371  			// n is the number of bitmap bytes to copy.
  1372  			n := words / 4
  1373  			memmove(unsafe.Pointer(h.bitp), unsafe.Pointer(src), n)
  1374  			cnw -= words
  1375  			h = hNext
  1376  			src = addb(src, n)
  1377  		}
  1378  		if doubleCheck && h.shift != 0 {
  1379  			print("cnw=", cnw, " h.shift=", h.shift, "\n")
  1380  			throw("bad shift after block copy")
  1381  		}
  1382  		// Handle the last byte if it's shared.
  1383  		if cnw == 2 {
  1384  			*h.bitp = *h.bitp&^(bitPointer|bitScan|(bitPointer|bitScan)<<heapBitsShift) | *src
  1385  			src = addb(src, 1)
  1386  			h = h.next().next()
  1387  		}
  1388  		if doubleCheck {
  1389  			if uintptr(unsafe.Pointer(src)) > x+size {
  1390  				throw("copy exceeded object size")
  1391  			}
  1392  			if !(cnw == 0 || cnw == 2) {
  1393  				print("x=", x, " size=", size, " cnw=", cnw, "\n")
  1394  				throw("bad number of remaining words")
  1395  			}
  1396  			// Set up hbitp so doubleCheck code below can check it.
  1397  			hbitp = h.bitp
  1398  		}
  1399  		// Zero the object where we wrote the bitmap.
  1400  		memclrNoHeapPointers(unsafe.Pointer(x), uintptr(unsafe.Pointer(src))-x)
  1401  	}
  1402  
  1403  	// Double check the whole bitmap.
  1404  	if doubleCheck {
  1405  		// x+size may not point to the heap, so back up one
  1406  		// word and then call next().
  1407  		end := heapBitsForAddr(x + size - sys.PtrSize).next()
  1408  		endAI := arenaIdx(end.arena)
  1409  		if !outOfPlace && (end.bitp == nil || (end.shift == 0 && end.bitp == &mheap_.arenas[endAI.l1()][endAI.l2()].bitmap[0])) {
  1410  			// The unrolling code above walks hbitp just
  1411  			// past the bitmap without moving to the next
  1412  			// arena. Synthesize this for end.bitp.
  1413  			end.arena--
  1414  			endAI = arenaIdx(end.arena)
  1415  			end.bitp = addb(&mheap_.arenas[endAI.l1()][endAI.l2()].bitmap[0], heapArenaBitmapBytes)
  1416  			end.last = nil
  1417  		}
  1418  		if typ.kind&kindGCProg == 0 && (hbitp != end.bitp || (w == nw+2) != (end.shift == 2)) {
  1419  			println("ended at wrong bitmap byte for", typ.string(), "x", dataSize/typ.size)
  1420  			print("typ.size=", typ.size, " typ.ptrdata=", typ.ptrdata, " dataSize=", dataSize, " size=", size, "\n")
  1421  			print("w=", w, " nw=", nw, " b=", hex(b), " nb=", nb, " hb=", hex(hb), "\n")
  1422  			h0 := heapBitsForAddr(x)
  1423  			print("initial bits h0.bitp=", h0.bitp, " h0.shift=", h0.shift, "\n")
  1424  			print("ended at hbitp=", hbitp, " but next starts at bitp=", end.bitp, " shift=", end.shift, "\n")
  1425  			throw("bad heapBitsSetType")
  1426  		}
  1427  
  1428  		// Double-check that bits to be written were written correctly.
  1429  		// Does not check that other bits were not written, unfortunately.
  1430  		h := heapBitsForAddr(x)
  1431  		nptr := typ.ptrdata / sys.PtrSize
  1432  		ndata := typ.size / sys.PtrSize
  1433  		count := dataSize / typ.size
  1434  		totalptr := ((count-1)*typ.size + typ.ptrdata) / sys.PtrSize
  1435  		for i := uintptr(0); i < size/sys.PtrSize; i++ {
  1436  			j := i % ndata
  1437  			var have, want uint8
  1438  			have = (*h.bitp >> h.shift) & (bitPointer | bitScan)
  1439  			if i >= totalptr {
  1440  				want = 0 // deadmarker
  1441  				if typ.kind&kindGCProg != 0 && i < (totalptr+3)/4*4 {
  1442  					want = bitScan
  1443  				}
  1444  			} else {
  1445  				if j < nptr && (*addb(ptrmask, j/8)>>(j%8))&1 != 0 {
  1446  					want |= bitPointer
  1447  				}
  1448  				if i != 1 {
  1449  					want |= bitScan
  1450  				} else {
  1451  					have &^= bitScan
  1452  				}
  1453  			}
  1454  			if have != want {
  1455  				println("mismatch writing bits for", typ.string(), "x", dataSize/typ.size)
  1456  				print("typ.size=", typ.size, " typ.ptrdata=", typ.ptrdata, " dataSize=", dataSize, " size=", size, "\n")
  1457  				print("kindGCProg=", typ.kind&kindGCProg != 0, " outOfPlace=", outOfPlace, "\n")
  1458  				print("w=", w, " nw=", nw, " b=", hex(b), " nb=", nb, " hb=", hex(hb), "\n")
  1459  				h0 := heapBitsForAddr(x)
  1460  				print("initial bits h0.bitp=", h0.bitp, " h0.shift=", h0.shift, "\n")
  1461  				print("current bits h.bitp=", h.bitp, " h.shift=", h.shift, " *h.bitp=", hex(*h.bitp), "\n")
  1462  				print("ptrmask=", ptrmask, " p=", p, " endp=", endp, " endnb=", endnb, " pbits=", hex(pbits), " b=", hex(b), " nb=", nb, "\n")
  1463  				println("at word", i, "offset", i*sys.PtrSize, "have", hex(have), "want", hex(want))
  1464  				if typ.kind&kindGCProg != 0 {
  1465  					println("GC program:")
  1466  					dumpGCProg(addb(typ.gcdata, 4))
  1467  				}
  1468  				throw("bad heapBitsSetType")
  1469  			}
  1470  			h = h.next()
  1471  		}
  1472  		if ptrmask == debugPtrmask.data {
  1473  			unlock(&debugPtrmask.lock)
  1474  		}
  1475  	}
  1476  }
  1477  
  1478  var debugPtrmask struct {
  1479  	lock mutex
  1480  	data *byte
  1481  }
  1482  
  1483  // heapBitsSetTypeGCProg implements heapBitsSetType using a GC program.
  1484  // progSize is the size of the memory described by the program.
  1485  // elemSize is the size of the element that the GC program describes (a prefix of).
  1486  // dataSize is the total size of the intended data, a multiple of elemSize.
  1487  // allocSize is the total size of the allocated memory.
  1488  //
  1489  // GC programs are only used for large allocations.
  1490  // heapBitsSetType requires that allocSize is a multiple of 4 words,
  1491  // so that the relevant bitmap bytes are not shared with surrounding
  1492  // objects.
  1493  func heapBitsSetTypeGCProg(h heapBits, progSize, elemSize, dataSize, allocSize uintptr, prog *byte) {
  1494  	if sys.PtrSize == 8 && allocSize%(4*sys.PtrSize) != 0 {
  1495  		// Alignment will be wrong.
  1496  		throw("heapBitsSetTypeGCProg: small allocation")
  1497  	}
  1498  	var totalBits uintptr
  1499  	if elemSize == dataSize {
  1500  		totalBits = runGCProg(prog, nil, h.bitp, 2)
  1501  		if totalBits*sys.PtrSize != progSize {
  1502  			println("runtime: heapBitsSetTypeGCProg: total bits", totalBits, "but progSize", progSize)
  1503  			throw("heapBitsSetTypeGCProg: unexpected bit count")
  1504  		}
  1505  	} else {
  1506  		count := dataSize / elemSize
  1507  
  1508  		// Piece together program trailer to run after prog that does:
  1509  		//	literal(0)
  1510  		//	repeat(1, elemSize-progSize-1) // zeros to fill element size
  1511  		//	repeat(elemSize, count-1) // repeat that element for count
  1512  		// This zero-pads the data remaining in the first element and then
  1513  		// repeats that first element to fill the array.
  1514  		var trailer [40]byte // 3 varints (max 10 each) + some bytes
  1515  		i := 0
  1516  		if n := elemSize/sys.PtrSize - progSize/sys.PtrSize; n > 0 {
  1517  			// literal(0)
  1518  			trailer[i] = 0x01
  1519  			i++
  1520  			trailer[i] = 0
  1521  			i++
  1522  			if n > 1 {
  1523  				// repeat(1, n-1)
  1524  				trailer[i] = 0x81
  1525  				i++
  1526  				n--
  1527  				for ; n >= 0x80; n >>= 7 {
  1528  					trailer[i] = byte(n | 0x80)
  1529  					i++
  1530  				}
  1531  				trailer[i] = byte(n)
  1532  				i++
  1533  			}
  1534  		}
  1535  		// repeat(elemSize/ptrSize, count-1)
  1536  		trailer[i] = 0x80
  1537  		i++
  1538  		n := elemSize / sys.PtrSize
  1539  		for ; n >= 0x80; n >>= 7 {
  1540  			trailer[i] = byte(n | 0x80)
  1541  			i++
  1542  		}
  1543  		trailer[i] = byte(n)
  1544  		i++
  1545  		n = count - 1
  1546  		for ; n >= 0x80; n >>= 7 {
  1547  			trailer[i] = byte(n | 0x80)
  1548  			i++
  1549  		}
  1550  		trailer[i] = byte(n)
  1551  		i++
  1552  		trailer[i] = 0
  1553  		i++
  1554  
  1555  		runGCProg(prog, &trailer[0], h.bitp, 2)
  1556  
  1557  		// Even though we filled in the full array just now,
  1558  		// record that we only filled in up to the ptrdata of the
  1559  		// last element. This will cause the code below to
  1560  		// memclr the dead section of the final array element,
  1561  		// so that scanobject can stop early in the final element.
  1562  		totalBits = (elemSize*(count-1) + progSize) / sys.PtrSize
  1563  	}
  1564  	endProg := unsafe.Pointer(addb(h.bitp, (totalBits+3)/4))
  1565  	endAlloc := unsafe.Pointer(addb(h.bitp, allocSize/sys.PtrSize/wordsPerBitmapByte))
  1566  	memclrNoHeapPointers(endProg, uintptr(endAlloc)-uintptr(endProg))
  1567  }
  1568  
  1569  // progToPointerMask returns the 1-bit pointer mask output by the GC program prog.
  1570  // size the size of the region described by prog, in bytes.
  1571  // The resulting bitvector will have no more than size/sys.PtrSize bits.
  1572  func progToPointerMask(prog *byte, size uintptr) bitvector {
  1573  	n := (size/sys.PtrSize + 7) / 8
  1574  	x := (*[1 << 30]byte)(persistentalloc(n+1, 1, &memstats.buckhash_sys))[:n+1]
  1575  	x[len(x)-1] = 0xa1 // overflow check sentinel
  1576  	n = runGCProg(prog, nil, &x[0], 1)
  1577  	if x[len(x)-1] != 0xa1 {
  1578  		throw("progToPointerMask: overflow")
  1579  	}
  1580  	return bitvector{int32(n), &x[0]}
  1581  }
  1582  
  1583  // Packed GC pointer bitmaps, aka GC programs.
  1584  //
  1585  // For large types containing arrays, the type information has a
  1586  // natural repetition that can be encoded to save space in the
  1587  // binary and in the memory representation of the type information.
  1588  //
  1589  // The encoding is a simple Lempel-Ziv style bytecode machine
  1590  // with the following instructions:
  1591  //
  1592  //	00000000: stop
  1593  //	0nnnnnnn: emit n bits copied from the next (n+7)/8 bytes
  1594  //	10000000 n c: repeat the previous n bits c times; n, c are varints
  1595  //	1nnnnnnn c: repeat the previous n bits c times; c is a varint
  1596  
  1597  // runGCProg executes the GC program prog, and then trailer if non-nil,
  1598  // writing to dst with entries of the given size.
  1599  // If size == 1, dst is a 1-bit pointer mask laid out moving forward from dst.
  1600  // If size == 2, dst is the 2-bit heap bitmap, and writes move backward
  1601  // starting at dst (because the heap bitmap does). In this case, the caller guarantees
  1602  // that only whole bytes in dst need to be written.
  1603  //
  1604  // runGCProg returns the number of 1- or 2-bit entries written to memory.
  1605  func runGCProg(prog, trailer, dst *byte, size int) uintptr {
  1606  	dstStart := dst
  1607  
  1608  	// Bits waiting to be written to memory.
  1609  	var bits uintptr
  1610  	var nbits uintptr
  1611  
  1612  	p := prog
  1613  Run:
  1614  	for {
  1615  		// Flush accumulated full bytes.
  1616  		// The rest of the loop assumes that nbits <= 7.
  1617  		for ; nbits >= 8; nbits -= 8 {
  1618  			if size == 1 {
  1619  				*dst = uint8(bits)
  1620  				dst = add1(dst)
  1621  				bits >>= 8
  1622  			} else {
  1623  				v := bits&bitPointerAll | bitScanAll
  1624  				*dst = uint8(v)
  1625  				dst = add1(dst)
  1626  				bits >>= 4
  1627  				v = bits&bitPointerAll | bitScanAll
  1628  				*dst = uint8(v)
  1629  				dst = add1(dst)
  1630  				bits >>= 4
  1631  			}
  1632  		}
  1633  
  1634  		// Process one instruction.
  1635  		inst := uintptr(*p)
  1636  		p = add1(p)
  1637  		n := inst & 0x7F
  1638  		if inst&0x80 == 0 {
  1639  			// Literal bits; n == 0 means end of program.
  1640  			if n == 0 {
  1641  				// Program is over; continue in trailer if present.
  1642  				if trailer != nil {
  1643  					p = trailer
  1644  					trailer = nil
  1645  					continue
  1646  				}
  1647  				break Run
  1648  			}
  1649  			nbyte := n / 8
  1650  			for i := uintptr(0); i < nbyte; i++ {
  1651  				bits |= uintptr(*p) << nbits
  1652  				p = add1(p)
  1653  				if size == 1 {
  1654  					*dst = uint8(bits)
  1655  					dst = add1(dst)
  1656  					bits >>= 8
  1657  				} else {
  1658  					v := bits&0xf | bitScanAll
  1659  					*dst = uint8(v)
  1660  					dst = add1(dst)
  1661  					bits >>= 4
  1662  					v = bits&0xf | bitScanAll
  1663  					*dst = uint8(v)
  1664  					dst = add1(dst)
  1665  					bits >>= 4
  1666  				}
  1667  			}
  1668  			if n %= 8; n > 0 {
  1669  				bits |= uintptr(*p) << nbits
  1670  				p = add1(p)
  1671  				nbits += n
  1672  			}
  1673  			continue Run
  1674  		}
  1675  
  1676  		// Repeat. If n == 0, it is encoded in a varint in the next bytes.
  1677  		if n == 0 {
  1678  			for off := uint(0); ; off += 7 {
  1679  				x := uintptr(*p)
  1680  				p = add1(p)
  1681  				n |= (x & 0x7F) << off
  1682  				if x&0x80 == 0 {
  1683  					break
  1684  				}
  1685  			}
  1686  		}
  1687  
  1688  		// Count is encoded in a varint in the next bytes.
  1689  		c := uintptr(0)
  1690  		for off := uint(0); ; off += 7 {
  1691  			x := uintptr(*p)
  1692  			p = add1(p)
  1693  			c |= (x & 0x7F) << off
  1694  			if x&0x80 == 0 {
  1695  				break
  1696  			}
  1697  		}
  1698  		c *= n // now total number of bits to copy
  1699  
  1700  		// If the number of bits being repeated is small, load them
  1701  		// into a register and use that register for the entire loop
  1702  		// instead of repeatedly reading from memory.
  1703  		// Handling fewer than 8 bits here makes the general loop simpler.
  1704  		// The cutoff is sys.PtrSize*8 - 7 to guarantee that when we add
  1705  		// the pattern to a bit buffer holding at most 7 bits (a partial byte)
  1706  		// it will not overflow.
  1707  		src := dst
  1708  		const maxBits = sys.PtrSize*8 - 7
  1709  		if n <= maxBits {
  1710  			// Start with bits in output buffer.
  1711  			pattern := bits
  1712  			npattern := nbits
  1713  
  1714  			// If we need more bits, fetch them from memory.
  1715  			if size == 1 {
  1716  				src = subtract1(src)
  1717  				for npattern < n {
  1718  					pattern <<= 8
  1719  					pattern |= uintptr(*src)
  1720  					src = subtract1(src)
  1721  					npattern += 8
  1722  				}
  1723  			} else {
  1724  				src = subtract1(src)
  1725  				for npattern < n {
  1726  					pattern <<= 4
  1727  					pattern |= uintptr(*src) & 0xf
  1728  					src = subtract1(src)
  1729  					npattern += 4
  1730  				}
  1731  			}
  1732  
  1733  			// We started with the whole bit output buffer,
  1734  			// and then we loaded bits from whole bytes.
  1735  			// Either way, we might now have too many instead of too few.
  1736  			// Discard the extra.
  1737  			if npattern > n {
  1738  				pattern >>= npattern - n
  1739  				npattern = n
  1740  			}
  1741  
  1742  			// Replicate pattern to at most maxBits.
  1743  			if npattern == 1 {
  1744  				// One bit being repeated.
  1745  				// If the bit is 1, make the pattern all 1s.
  1746  				// If the bit is 0, the pattern is already all 0s,
  1747  				// but we can claim that the number of bits
  1748  				// in the word is equal to the number we need (c),
  1749  				// because right shift of bits will zero fill.
  1750  				if pattern == 1 {
  1751  					pattern = 1<<maxBits - 1
  1752  					npattern = maxBits
  1753  				} else {
  1754  					npattern = c
  1755  				}
  1756  			} else {
  1757  				b := pattern
  1758  				nb := npattern
  1759  				if nb+nb <= maxBits {
  1760  					// Double pattern until the whole uintptr is filled.
  1761  					for nb <= sys.PtrSize*8 {
  1762  						b |= b << nb
  1763  						nb += nb
  1764  					}
  1765  					// Trim away incomplete copy of original pattern in high bits.
  1766  					// TODO(rsc): Replace with table lookup or loop on systems without divide?
  1767  					nb = maxBits / npattern * npattern
  1768  					b &= 1<<nb - 1
  1769  					pattern = b
  1770  					npattern = nb
  1771  				}
  1772  			}
  1773  
  1774  			// Add pattern to bit buffer and flush bit buffer, c/npattern times.
  1775  			// Since pattern contains >8 bits, there will be full bytes to flush
  1776  			// on each iteration.
  1777  			for ; c >= npattern; c -= npattern {
  1778  				bits |= pattern << nbits
  1779  				nbits += npattern
  1780  				if size == 1 {
  1781  					for nbits >= 8 {
  1782  						*dst = uint8(bits)
  1783  						dst = add1(dst)
  1784  						bits >>= 8
  1785  						nbits -= 8
  1786  					}
  1787  				} else {
  1788  					for nbits >= 4 {
  1789  						*dst = uint8(bits&0xf | bitScanAll)
  1790  						dst = add1(dst)
  1791  						bits >>= 4
  1792  						nbits -= 4
  1793  					}
  1794  				}
  1795  			}
  1796  
  1797  			// Add final fragment to bit buffer.
  1798  			if c > 0 {
  1799  				pattern &= 1<<c - 1
  1800  				bits |= pattern << nbits
  1801  				nbits += c
  1802  			}
  1803  			continue Run
  1804  		}
  1805  
  1806  		// Repeat; n too large to fit in a register.
  1807  		// Since nbits <= 7, we know the first few bytes of repeated data
  1808  		// are already written to memory.
  1809  		off := n - nbits // n > nbits because n > maxBits and nbits <= 7
  1810  		if size == 1 {
  1811  			// Leading src fragment.
  1812  			src = subtractb(src, (off+7)/8)
  1813  			if frag := off & 7; frag != 0 {
  1814  				bits |= uintptr(*src) >> (8 - frag) << nbits
  1815  				src = add1(src)
  1816  				nbits += frag
  1817  				c -= frag
  1818  			}
  1819  			// Main loop: load one byte, write another.
  1820  			// The bits are rotating through the bit buffer.
  1821  			for i := c / 8; i > 0; i-- {
  1822  				bits |= uintptr(*src) << nbits
  1823  				src = add1(src)
  1824  				*dst = uint8(bits)
  1825  				dst = add1(dst)
  1826  				bits >>= 8
  1827  			}
  1828  			// Final src fragment.
  1829  			if c %= 8; c > 0 {
  1830  				bits |= (uintptr(*src) & (1<<c - 1)) << nbits
  1831  				nbits += c
  1832  			}
  1833  		} else {
  1834  			// Leading src fragment.
  1835  			src = subtractb(src, (off+3)/4)
  1836  			if frag := off & 3; frag != 0 {
  1837  				bits |= (uintptr(*src) & 0xf) >> (4 - frag) << nbits
  1838  				src = add1(src)
  1839  				nbits += frag
  1840  				c -= frag
  1841  			}
  1842  			// Main loop: load one byte, write another.
  1843  			// The bits are rotating through the bit buffer.
  1844  			for i := c / 4; i > 0; i-- {
  1845  				bits |= (uintptr(*src) & 0xf) << nbits
  1846  				src = add1(src)
  1847  				*dst = uint8(bits&0xf | bitScanAll)
  1848  				dst = add1(dst)
  1849  				bits >>= 4
  1850  			}
  1851  			// Final src fragment.
  1852  			if c %= 4; c > 0 {
  1853  				bits |= (uintptr(*src) & (1<<c - 1)) << nbits
  1854  				nbits += c
  1855  			}
  1856  		}
  1857  	}
  1858  
  1859  	// Write any final bits out, using full-byte writes, even for the final byte.
  1860  	var totalBits uintptr
  1861  	if size == 1 {
  1862  		totalBits = (uintptr(unsafe.Pointer(dst))-uintptr(unsafe.Pointer(dstStart)))*8 + nbits
  1863  		nbits += -nbits & 7
  1864  		for ; nbits > 0; nbits -= 8 {
  1865  			*dst = uint8(bits)
  1866  			dst = add1(dst)
  1867  			bits >>= 8
  1868  		}
  1869  	} else {
  1870  		totalBits = (uintptr(unsafe.Pointer(dst))-uintptr(unsafe.Pointer(dstStart)))*4 + nbits
  1871  		nbits += -nbits & 3
  1872  		for ; nbits > 0; nbits -= 4 {
  1873  			v := bits&0xf | bitScanAll
  1874  			*dst = uint8(v)
  1875  			dst = add1(dst)
  1876  			bits >>= 4
  1877  		}
  1878  	}
  1879  	return totalBits
  1880  }
  1881  
  1882  // materializeGCProg allocates space for the (1-bit) pointer bitmask
  1883  // for an object of size ptrdata.  Then it fills that space with the
  1884  // pointer bitmask specified by the program prog.
  1885  // The bitmask starts at s.startAddr.
  1886  // The result must be deallocated with dematerializeGCProg.
  1887  func materializeGCProg(ptrdata uintptr, prog *byte) *mspan {
  1888  	// Each word of ptrdata needs one bit in the bitmap.
  1889  	bitmapBytes := divRoundUp(ptrdata, 8*sys.PtrSize)
  1890  	// Compute the number of pages needed for bitmapBytes.
  1891  	pages := divRoundUp(bitmapBytes, pageSize)
  1892  	s := mheap_.allocManual(pages, &memstats.gc_sys)
  1893  	runGCProg(addb(prog, 4), nil, (*byte)(unsafe.Pointer(s.startAddr)), 1)
  1894  	return s
  1895  }
  1896  func dematerializeGCProg(s *mspan) {
  1897  	mheap_.freeManual(s, &memstats.gc_sys)
  1898  }
  1899  
  1900  func dumpGCProg(p *byte) {
  1901  	nptr := 0
  1902  	for {
  1903  		x := *p
  1904  		p = add1(p)
  1905  		if x == 0 {
  1906  			print("\t", nptr, " end\n")
  1907  			break
  1908  		}
  1909  		if x&0x80 == 0 {
  1910  			print("\t", nptr, " lit ", x, ":")
  1911  			n := int(x+7) / 8
  1912  			for i := 0; i < n; i++ {
  1913  				print(" ", hex(*p))
  1914  				p = add1(p)
  1915  			}
  1916  			print("\n")
  1917  			nptr += int(x)
  1918  		} else {
  1919  			nbit := int(x &^ 0x80)
  1920  			if nbit == 0 {
  1921  				for nb := uint(0); ; nb += 7 {
  1922  					x := *p
  1923  					p = add1(p)
  1924  					nbit |= int(x&0x7f) << nb
  1925  					if x&0x80 == 0 {
  1926  						break
  1927  					}
  1928  				}
  1929  			}
  1930  			count := 0
  1931  			for nb := uint(0); ; nb += 7 {
  1932  				x := *p
  1933  				p = add1(p)
  1934  				count |= int(x&0x7f) << nb
  1935  				if x&0x80 == 0 {
  1936  					break
  1937  				}
  1938  			}
  1939  			print("\t", nptr, " repeat ", nbit, " × ", count, "\n")
  1940  			nptr += nbit * count
  1941  		}
  1942  	}
  1943  }
  1944  
  1945  // Testing.
  1946  
  1947  func getgcmaskcb(frame *stkframe, ctxt unsafe.Pointer) bool {
  1948  	target := (*stkframe)(ctxt)
  1949  	if frame.sp <= target.sp && target.sp < frame.varp {
  1950  		*target = *frame
  1951  		return false
  1952  	}
  1953  	return true
  1954  }
  1955  
  1956  // gcbits returns the GC type info for x, for testing.
  1957  // The result is the bitmap entries (0 or 1), one entry per byte.
  1958  //go:linkname reflect_gcbits reflect.gcbits
  1959  func reflect_gcbits(x interface{}) []byte {
  1960  	ret := getgcmask(x)
  1961  	typ := (*ptrtype)(unsafe.Pointer(efaceOf(&x)._type)).elem
  1962  	nptr := typ.ptrdata / sys.PtrSize
  1963  	for uintptr(len(ret)) > nptr && ret[len(ret)-1] == 0 {
  1964  		ret = ret[:len(ret)-1]
  1965  	}
  1966  	return ret
  1967  }
  1968  
  1969  // Returns GC type info for the pointer stored in ep for testing.
  1970  // If ep points to the stack, only static live information will be returned
  1971  // (i.e. not for objects which are only dynamically live stack objects).
  1972  func getgcmask(ep interface{}) (mask []byte) {
  1973  	e := *efaceOf(&ep)
  1974  	p := e.data
  1975  	t := e._type
  1976  	// data or bss
  1977  	for _, datap := range activeModules() {
  1978  		// data
  1979  		if datap.data <= uintptr(p) && uintptr(p) < datap.edata {
  1980  			bitmap := datap.gcdatamask.bytedata
  1981  			n := (*ptrtype)(unsafe.Pointer(t)).elem.size
  1982  			mask = make([]byte, n/sys.PtrSize)
  1983  			for i := uintptr(0); i < n; i += sys.PtrSize {
  1984  				off := (uintptr(p) + i - datap.data) / sys.PtrSize
  1985  				mask[i/sys.PtrSize] = (*addb(bitmap, off/8) >> (off % 8)) & 1
  1986  			}
  1987  			return
  1988  		}
  1989  
  1990  		// bss
  1991  		if datap.bss <= uintptr(p) && uintptr(p) < datap.ebss {
  1992  			bitmap := datap.gcbssmask.bytedata
  1993  			n := (*ptrtype)(unsafe.Pointer(t)).elem.size
  1994  			mask = make([]byte, n/sys.PtrSize)
  1995  			for i := uintptr(0); i < n; i += sys.PtrSize {
  1996  				off := (uintptr(p) + i - datap.bss) / sys.PtrSize
  1997  				mask[i/sys.PtrSize] = (*addb(bitmap, off/8) >> (off % 8)) & 1
  1998  			}
  1999  			return
  2000  		}
  2001  	}
  2002  
  2003  	// heap
  2004  	if base, s, _ := findObject(uintptr(p), 0, 0); base != 0 {
  2005  		hbits := heapBitsForAddr(base)
  2006  		n := s.elemsize
  2007  		mask = make([]byte, n/sys.PtrSize)
  2008  		for i := uintptr(0); i < n; i += sys.PtrSize {
  2009  			if hbits.isPointer() {
  2010  				mask[i/sys.PtrSize] = 1
  2011  			}
  2012  			if i != 1*sys.PtrSize && !hbits.morePointers() {
  2013  				mask = mask[:i/sys.PtrSize]
  2014  				break
  2015  			}
  2016  			hbits = hbits.next()
  2017  		}
  2018  		return
  2019  	}
  2020  
  2021  	// stack
  2022  	if _g_ := getg(); _g_.m.curg.stack.lo <= uintptr(p) && uintptr(p) < _g_.m.curg.stack.hi {
  2023  		var frame stkframe
  2024  		frame.sp = uintptr(p)
  2025  		_g_ := getg()
  2026  		gentraceback(_g_.m.curg.sched.pc, _g_.m.curg.sched.sp, 0, _g_.m.curg, 0, nil, 1000, getgcmaskcb, noescape(unsafe.Pointer(&frame)), 0)
  2027  		if frame.fn.valid() {
  2028  			locals, _, _ := getStackMap(&frame, nil, false)
  2029  			if locals.n == 0 {
  2030  				return
  2031  			}
  2032  			size := uintptr(locals.n) * sys.PtrSize
  2033  			n := (*ptrtype)(unsafe.Pointer(t)).elem.size
  2034  			mask = make([]byte, n/sys.PtrSize)
  2035  			for i := uintptr(0); i < n; i += sys.PtrSize {
  2036  				off := (uintptr(p) + i - frame.varp + size) / sys.PtrSize
  2037  				mask[i/sys.PtrSize] = locals.ptrbit(off)
  2038  			}
  2039  		}
  2040  		return
  2041  	}
  2042  
  2043  	// otherwise, not something the GC knows about.
  2044  	// possibly read-only data, like malloc(0).
  2045  	// must not have pointers
  2046  	return
  2047  }
  2048  

View as plain text