Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

stack depot grows uncontrollably on chrome #177

Closed
ramosian-glider opened this issue Aug 31, 2015 · 6 comments
Closed

stack depot grows uncontrollably on chrome #177

ramosian-glider opened this issue Aug 31, 2015 · 6 comments
Labels
Priority-Medium ProjectAddressSanitizer Status-Accepted Type-Defect

Comments

@ramosian-glider
Copy link
Member

Originally reported on Google Code with ID 177

1. build asan-ified chrome
2. run it on some google-docs file
3. press F5 (reload) periodically 

The memory usage will grow endlessly. 
The culprit is stack depot -- it grows and grows and grows. 
I suspect that we have too many frames from V8 and those frames
change when we reload a page. 

More info will follow.

Reported by konstantin.s.serebryany on 2013-04-12 09:31:38
@ramosian-glider
Copy link
Member Author 

Update: there is often a garbage in the last frame (or two!). E.g. I am seeing stack
traces like these: 

STACK 3 0x7f05bf66cca3 0x7f05b88a3a89 0x60400000d4d0 
STACK 3 0x7f05bf66cca3 0x7f05b88a3a89 0x00000000000e 
STACK 3 0x7f05bf66cca3 0x7f05b88a3a89 0x7f05be1e5d28 
STACK 3 0x7f05bf66cca3 0x7f05b88a3a89 0x000000000000 
STACK 3 0x7f05bf66cca3 0x7f05b88a3a89 0x7f05c9644b00 
STACK 3 0x7f05bf66cca3 0x7f05b88a3a89 0x484341435f455355 

0x7f05b88a3a89 comes from a system lib which has no frame pointers.
so the following frame is an arbitrary garbage.

Reported by konstantin.s.serebryany on 2013-04-12 11:52:16

@ramosian-glider
Copy link
Member Author 

Removing all last frames will only save ~5%.

My initial idea about V8 seems to be right: lots of stacks look like this:
... 0x7fe54c4e15fc 0x7fe54c609bad 0x38d4dc3062ee 0x38d4dc3162b1 0x38d4dc30b654 0x38d4dc325cde
0x38d4dc3079f7 0x7fe54c0e51e3 0x7fe54c0ead15 ... 

(0x38d4... is from V8)

Reported by konstantin.s.serebryany on 2013-04-12 12:50:07

@ramosian-glider
Copy link
Member Author 

Just FTR, attached is the dump of all stack traces in a typical chrome process
with google docs after pressing reload a few times.
If all V8 frames (in this process they start at 0x38) are replaced with a 
single dummy frame, we could reduce the number of traces by 5x. 
Not sure if that's easy to do though. 

This issue affects only long-running chrome processes (or other stuff with JITs)
and have a clear workaround (e.g. ASAN_OPTIONS=malloc_context_size=5), so 
I am lowering the priority.

Reported by konstantin.s.serebryany on 2013-04-12 14:49:43

  • Labels added: Priority-Medium
  • Labels removed: Priority-High
- _Attachment: [z.bz2](https://storage.googleapis.com/google-code-attachments/address-sanitizer/issue-177/comment-3/z.bz2)_

@ramosian-glider
Copy link
Member Author

Reported by ramosian.glider on 2015-07-30 09:05:31

  • Labels added: ProjectAddressSanitizer

@ramosian-glider
Copy link
Member Author 

Adding Project:AddressSanitizer as part of GitHub migration.

Reported by ramosian.glider on 2015-07-30 09:06:55

@ramosian-glider
Copy link
Member Author

Not sure there's an elegant solution for this bug that we want to invest into.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority-Medium ProjectAddressSanitizer Status-Accepted Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ramosian-glider