New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 323767 link

Starred by 14 users

Issue metadata

Status: Fixed
Owner:
Email to this user bounced
Closed: Dec 2015
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 2
Type: Bug



Sign in to add a comment

frequent allocations of temporary Typed Array objects lead to OOM

Reported by kazuho...@gmail.com, Nov 27 2013

Issue description

UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36

Steps to reproduce the problem:
1. Open the HTML below (test page: http://kazuhooku.com/~kazuho/tmp/typedarray.html)

<html>
current length of Uint8Array is <input id="arrlen"> bytes.
<script>
var arr = new Uint8Array(12345);
function doit() {
  for (var i = 0; i < 100; ++i) {
    arr = new Uint8Array(arr.length + (Math.random() * 500 | 0));
  }
  document.getElementById("arrlen").value = arr.length;
}
setInterval(doit, 1);
</script>
</html>

2. After some time, you will see an OOM crash when the # of allocated bytes is around 1MB to 2MB.

What is the expected behavior?
JavaScript VM should not crash.

What went wrong?
In the example, there is only one live typed array at a time (i.e. all the the typed array objects are not reachable from JavaScript except for the one that is allocated most recently).

However Chrome fails to detect the memory pressure imposed by the frequent allocations of Typed Array objects, and GC is never triggered.  The outcome is that the JavaScript runtime crashes OOM due to the fact that too much memory is allocated by non-reachable typed array objects.

Did this work before? N/A 

Chrome version: 30.0.1599.101  Channel: n/a
OS Version: OS X 10.8.5
Flash Version: Shockwave Flash 11.9 r900
 
On 33.0.1712.4 (Official Build 236299) dev Linux 64 bit no OOM happens and GC occurs, however looking at memory usage though the Chrome Task Manager shows 200MB jump and drops of memory usage constantly which is odd.

Owner: dslomov@chromium.org
Status: Assigned
Dmitry could you take a look here?
It seems that V8::AdjustAmountOfExternalAllocatedMemory call is necessary for ArrayBuffer.
Currently, AdjustAmountOfExternalAllocatedMemory is not called for ArrayBuffer allocated in JS.
https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/wtf/ArrayBufferDeallocationObserver.h&sq=package:chromium&type=cs&l=41&rcl=1385517175
Re #3: No, it is called: https://code.google.com/p/chromium/codesearch#chromium/src/v8/src/runtime.cc&q=runtime.cc&sq=package:chromium&type=cs&l=789

There is something else going on, I'll take a look
Labels: Cr-Blink-JavaScript-Language
Labels: Hotlist-Recharge
This issue likely requires triage.  The current issue owner may be inactive (i.e. hasn't fixed an issue in the last 30 days or commented in this particular issue in the last 90 days).  Thanks for helping out!

-Anthony
Status: Fixed
Works on M49 on my Macbook. I stopped at 10 mb. 

Sign in to add a comment