|Subject:||Re: Memory accounting in libgc|
|Date:||Tue, 18 Mar 2014 11:10:31 -0400|
I was thinking this morning about memory accounting in libgc. There are
a couple of use cases for this.
One is simply asking "how much memory does this object use?"
Another case is the common "implement an IRC bot that people can use to
evaluate expressions in a sandbox, but with a limit on the amount of
time and space those programs can use". Let's assume that we've already
arranged that the program can't write to files or do other things we
wouldn't like it to do, and also that we have given it a time limit
through some means.
Both of these cases should be handled by GC, since GC is what can see
the whole object graph in a program. The rest of this mail describes
what Racket does in their GC, and how we might be able to do it in
Racket has a type of objects called "custodians". Custodians nest.
There is one root custodian for the whole program, and creating a new
custodian adds a new kid of the current custodian. There is a separate
form to make a custodian current. New threads are created "within" the
current custodian. (Racket threads are not pthreads, but this concept
generalizes to pthreads.) There is also a form to "enter" a new
custodian, effectively partitioning a thread's stack into a range owned
by the old custodian, and a range owned by the new custodian.
If there are multiple custodians in a program -- something that isn't
always the case -- then after GC runs, their GC calls
This does a mark of the program's objects, but in a different mode (the
"accounting" flag is set). Custodians and threads have a separate GC
"kind", in BDW-GC terms. When marking a custodian or a thread in
accounting mode, the mark procedure only recurses into sub-objects if
the custodian is "current". First, all the program static roots are
marked, excluding stacks, and memory use from those roots is attributed
to the root custodian. Then BTC_do_accounting traverses the custodian
tree, in pre-order, for each custodian setting it "current" and running
its mark procedure, and marking stack segments for any threads created
by that custodian. Any visited unmarked object is accounted to the
current custodian (i.e., the size of the object is added to the current
custodian's size counter). Then the tree is traversed in post-order,
and child memory use is also accounted to parents. This is O(n) in live
heap size and doesn't require any additional memory.
Finally if any custodian is over its limit, an after-GC hook sets that
custodian as scheduled for shutdown, which in Racket will close
resources associated with the custodian (for example, files opened when
the custodian was current), arrange to kill threads spawned by the
custodian, arrange to longjmp() out of any entered custodian, etc.
How does this affect libgc?
First of all, it gives an answer to the question of "how much memory
does an object use" -- simply stop the world, mark the heap in two parts
(the first time ignoring the object in question, the second time
starting from the object), and subtract the live heap size of the former
from the latter. Libgc could do this without too much problem, it seems
to me, on objects of any kind. It would be a little extra code but it
could be useful. Or not? Dunno.
On the question of limiting memory usage -- clearly, arranging to free
memory is out of libgc's purview, as that's an application issue. But
allowing an application to impose a memory limitation on a part of the
program does need libgc help, and it would be most usefully done via
something like a custodian tree. Custodians could be implemented by a
new GC kind, so that they get a mark procedure; but then we would need a
hook to be able to do accounting after GC is done, and really it seems
this is best done in libgc somehow (even if its implementation is
layered on top of gc kinds, mark procedures, and such).
Accounting a thread's stack to multiple owners is tricky, but doable --
we could do it with a new version of GC_call_with_gc_active or so.
There is also the issue of objects reachable by custodians that are
"peers" -- where one does not dominate the other. In that case the
object would be charged randomly to one or the other. That's probably
Also, you would probably want to maintain a general set of per-custodian
data -- file descriptors, for example. One would also want to maintain
an estimate of non-GC allocations per-custodian (for example for
third-party image processing libraries), but I don't know how that could
be done; perhaps it is only possible if you register a separate GC kind
for those objects, perhaps with a mark procedure.
Anyway, just some thoughts. I don't know when I could implement this,
but I thought I'd put this out there in case someone had any ideas about
this, or pointers to literature. Cheers.
|[Prev in Thread]||Current Thread||[Next in Thread]|