-
Notifications
You must be signed in to change notification settings - Fork 205
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VOM virtual object and vref weak key GC #3649
Conversation
d266329
to
1cb15b2
Compare
1cb15b2
to
42a7208
Compare
149e3a9
to
d642528
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good work! Some minor changes to make, as well as bringing it up-to-date with current trunk.
@@ -107,6 +107,8 @@ function build( | |||
const pendingPromises = new Set(); // Promises | |||
const importedDevices = new Set(); // device nodes | |||
const deadSet = new Set(); // vrefs that are finalized but not yet reported | |||
const possiblyDeadSet = new Set(); // vrefs that might need to be rechecked for being dead |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The deadSet
is managed both "up" and "down": we add things to deadSet
when the finalizer runs, and we actively remove them (deadSet.delete
) when creating a new Presence in convertValToSlot
.
possiblyDeadSet
is currently only managed "up": we add vrefs to it when the VOM sees one of the three pillars being removed, but we don't remove things from it when a pillar is reestablished (e.g. convertValToSlot
, or VOM's setRefCount
).
We don't necessarily need to do it now, but I'm thinking that, in general, deadSet
should be for tracking things whose Object
references (Representatives, for VOs) have been removed, and all the other processing for VOs should be done in the VOM.
The change would be to merge possiblyDeadSet
and deadSet
, actively .delete()
vrefs when re-instantiating their Object
s (actually we already do this, for both Presences and Representatives), and remove the now-redundant if (!getValForSlot(vref))
check in processDeadSet
.
However, this probably interacts with what happens when the other two pillars are dropped. On one hand, if the only pillar keeping a VO alive is virtualized data, and userspace explicltly deletes it, that should allow the syscall.retireExport
to happen immediately, rather than waiting for end-of-crank or bringOutYourDead
. On the other hand, the probe to see whether the Presence pillar is up or down must query the WeakRef, and those results are not safe to use until bringOutYourDead
(because organic GC could cause variance). So maybe the safest thing to do is to only allow VOs to be deleted during processDeadSet
, even if it wasn't a Representative being deleted that enabled it, which means sticking with the pattern you established in this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On one hand, if the only pillar keeping a VO alive is virtualized data, and userspace explicltly deletes it, that should allow the
syscall.retireExport
to happen immediately, rather than waiting for end-of-crank orbringOutYourDead
. On the other hand, the probe to see whether the Presence pillar is up or down must query the WeakRef, and those results are not safe to use untilbringOutYourDead
(because organic GC could cause variance). So maybe the safest thing to do is to only allow VOs to be deleted duringprocessDeadSet
, even if it wasn't a Representative being deleted that enabled it, which means sticking with the pattern you established in this PR.
I'm probably out of my depth here, but why can't the check for the Presence pillar rely on a flag "there is a known Presence, it may be dead, but since we haven't reaped it yet, we don't know", without checking for the WeakRef directly.
So there's be 3 states for presences:
- Live presence (or unreachable presence that hasn't been actively collected by the engine yet)
- Dead presence, but not yet reaped. The finalizer ran, and added it to the dead set
- Dead presence, reaped. BOYD was called.
If userspace deletes virtualized data, it would only immediately retire the export if the presence was reaped. If it wasn't reaped, the export retire would happen when BOYD is called.
c4af855
to
3680745
Compare
134fb1c
to
70d72b5
Compare
* chore(swingset): small tweaks to GC * rename unretiredKernelRecognizableRemotables to kernelRecognizableRemotables , since they're all unretired * retireOneExport: delete from kernelRecognizableRemotables even if slotToVal was empty. I don't think this could happen, but they're logically distinct checks. * rearrange scanForDeadObjects slightly for clarity * update comment on possibleVirtualObjectDeath * comment on why we add globals to vatPowers * don't completely unpack gcTools: one-off uses can dereference directly, to let the unpack fit in a single line refs #3732 * fix: revert retireOneExport handling of kernelRecognizableRemotables I'm still uncertain that this is the right way to go, but we're going to leave this as-is and revisit it later.
70d72b5
to
db24b39
Compare
Closes #3547 |
No description provided.