New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 792711 link

Starred by 3 users
Status: Duplicate
Owner:
jgruber@chromium.org
Closed: Jan 2018
Cc:
mlippautz@chromium.org
krajshree@chromium.org
binji@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug

Blocked on:
issue 800348


Sign in to add a comment

OOM crash on https://editor.construct.net

Project Member Reported by chrishtr@chromium.org, Dec 6 2017 
Load https://editor.construct.net on stable M62, beta N63, etc.
or on a ToT Chromium build. It will crash. Stack trace from ToT build:

#
# Fatal process OOM in heap setup
#

Received signal 4 ILL_ILLOPN 7f15e1c95d92
#0 0x7f15f09a649c base::debug::StackTrace::StackTrace()
#1 0x7f15f09a6001 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f15f0ab5330 <unknown>
#3 0x7f15e1c95d92 v8::base::OS::Abort()
#4 0x7f15eb4feda9 v8::internal::V8::FatalProcessOutOfMemory()
#5 0x7f15eb90a2ca v8::internal::Isolate::Init()
#6 0x7f15ebb23a95 v8::internal::Snapshot::Initialize()
#7 0x7f15eb52c747 v8::IsolateNewImpl()
#8 0x7f15ebcf4b21 gin::IsolateHolder::IsolateHolder()
#9 0x7f15e96a1999 blink::V8PerIsolateData::V8PerIsolateData()
#10 0x7f15e96a24c6 blink::V8PerIsolateData::Initialize()
#11 0x7f15eadb3cfb blink::WorkerBackingThread::InitializeOnBackingThread()
#12 0x7f15eadbe120 blink::WorkerThread::InitializeOnWorkerThread()
#13 0x7f15eadbffd3 _ZN4base8internal7InvokerINS0_9BindStateIMN5blink12WorkerThreadEFvNSt3__110unique_ptrINS3_25GlobalScopeCreationParamsENS5_14default_deleteIS7_EEEERKNS_8OptionalINS3_30WorkerBackingThreadStartupDataEEENS6_INS3_34GlobalScopeInspectorCreationParamsENS8_ISG_EEEEEJN3WTF28CrossThreadUnretainedWrapperIS4_EENSL_13PassedWrapperISA_EESD_NSO_ISI_EEEEEFvvEE3RunEPNS0_13BindStateBaseE
#14 0x7f15e96734bf blink::(anonymous namespace)::RunCrossThreadClosure()
#15 0x7f15e9673d25 _ZN4base8internal7InvokerINS0_9BindStateIPFvN3WTF19CrossThreadFunctionIFvvEEEEJS6_EEES5_E7RunOnceEPNS0_13BindStateBaseE
#16 0x7f15f09a6d4f base::debug::TaskAnnotator::RunTask()
#17 0x7f15e98be1f9 blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue()
#18 0x7f15e98bd947 
#
# Fatal process OOM in heap setup
#

Comment 1 by chrishtr@chromium.org, Dec 6 2017 

Crashes on Linux, but not Mac.

Comment 2 by krajshree@chromium.org, Dec 7 2017

Labels: Needs-Milestone Needs-Feedback Triaged-ET
Unable to reproduce the issue on Ubuntu 14.04 and Win-10 using chrome latest stable #63.0.3239.84 and chrome version #65.0.3286.0.

Attached a screen shot for reference.

Following are the steps followed to reproduce the issue.
------------
1. Loaded https://editor.construct.net 
2. Observed that the site loaded without any issues.

chrishtr@ - Could you please check the issue on chrome version #65.0.3286.0 by creating a new profile without any apps and extensions and please let us know if the issue still persist or not.

Thanks...!!
792711.png
191 KB View Download

Comment 3 by krajshree@chromium.org, Dec 7 2017

Cc: krajshree@chromium.org

Comment 4 by a...@scirra.com, Dec 7 2017 

We develop the affected site. I can't reproduce this myself with Chrome 63 on Ubuntu 17.10. However we have had another report of this from a user who had what looks like the same issue in Chrome 62: https://github.com/Scirra/Construct-3-bugs/issues/1076

Comment 5 by binji@chromium.org, Dec 7 2017 

I am able to repro on a developer build: 64.0.3244.0 (Developer Build) (64-bit) and 63.0.3239.84 (Official Build) (64-bit), both Linux.

Comment 6 by hablich@chromium.org, Jan 5 2018

Owner: jgruber@chromium.org
Status: Assigned (was: Unconfirmed)
Me too: 9592e5a4e8ae5e16

Assigning to memory sheriff for further triage.

Comment 7 by jgruber@chromium.org, Jan 9 2018

Summary: OOM crash on https://editor.construct.net (was: OOM crash when loading site)
From a quick look, we're running oom due to too many worker threads. I see 30 isolates being created before we finally crash on heap setup.

(Unfortunately the --trace-isolates flag is only available in debug builds.)

$ chrome --js-flags="--trace-isolates" https://editor.construct.net/
Isolate 0x1e0a15721000 (id 1)constructor
Isolate 0x1e0a15721000 (id 1)init
Isolate 0x1e0a15708000 (id 1)constructor
Isolate 0x1e0a15708000 (id 1)init
Isolate 0x1e0a158f0000 (id 2)constructor
Isolate 0x1e0a158f0000 (id 2)init
Isolate 0x1e0a16a41000 (id 3)constructor
Isolate 0x1e0a16a41000 (id 3)init
Isolate 0x1e0a16ac4000 (id 4)constructor
Isolate 0x1e0a16ac4000 (id 4)init
Isolate 0x1e0a16cb8000 (id 5)constructor
Isolate 0x1e0a16cb8000 (id 5)init
Isolate 0x1e0a161a2000 (id 6)constructor
Isolate 0x1e0a161a2000 (id 6)init
Isolate 0x1e0a1620e000 (id 7)constructor
Isolate 0x1e0a1620e000 (id 7)init
Isolate 0x1e0a162db000 (id 8)constructor
Isolate 0x1e0a162db000 (id 8)init
Isolate 0x1e0a16350000 (id 9)constructor
Isolate 0x1e0a16350000 (id 9)init
Isolate 0x1e0a163fc000 (id 10)constructor
Isolate 0x1e0a163fc000 (id 10)init
Isolate 0x1e0a164d3000 (id 11)constructor
Isolate 0x1e0a164d3000 (id 11)init
Isolate 0x1e0a16585000 (id 12)constructor
Isolate 0x1e0a16585000 (id 12)init
Isolate 0x1e0a16602000 (id 13)constructor
Isolate 0x1e0a16602000 (id 13)init
Isolate 0x1e0a166ae000 (id 14)constructor
Isolate 0x1e0a166ae000 (id 14)init
Isolate 0x1e0a16787000 (id 15)constructor
Isolate 0x1e0a16787000 (id 15)init
Isolate 0x1e0a1683e000 (id 16)constructor
Isolate 0x1e0a1683e000 (id 16)init
Isolate 0x1e0a16d9f000 (id 17)constructor
Isolate 0x1e0a16d9f000 (id 17)init
Isolate 0x1e0a16f30000 (id 18)constructor
Isolate 0x1e0a16f30000 (id 18)init
Isolate 0x1e0a17094000 (id 19)constructor
Isolate 0x1e0a17094000 (id 19)init
Isolate 0x1e0a171e2000 (id 20)constructor
Isolate 0x1e0a171e2000 (id 20)init
Isolate 0x1e0a1739d000 (id 21)constructor
Isolate 0x1e0a1739d000 (id 21)init
Isolate 0x1e0a17468000 (id 22)constructor
Isolate 0x1e0a17468000 (id 22)init
Isolate 0x1e0a1762e000 (id 23)constructor
Isolate 0x1e0a1762e000 (id 23)init
Isolate 0x1e0a176e1000 (id 24)constructor
Isolate 0x1e0a176e1000 (id 24)init
Isolate 0x1e0a1781f000 (id 25)constructor
Isolate 0x1e0a1781f000 (id 25)init
Isolate 0x1e0a178d1000 (id 26)constructor
Isolate 0x1e0a178d1000 (id 26)init
Isolate 0x1e0a17943000 (id 27)constructor
Isolate 0x1e0a17943000 (id 27)init
Isolate 0x1e0a17a34000 (id 28)constructor
Isolate 0x1e0a17a34000 (id 28)init
Isolate 0x1e0a17aa1000 (id 29)constructor
Isolate 0x1e0a17aa1000 (id 29)init
Isolate 0x1e0a17b4f000 (id 30)constructor
Isolate 0x1e0a17b4f000 (id 30)init

#
# Fatal process OOM in heap setup
#

ash@scirra.com, can you reduce the number of workers created?

Comment 8 by a...@scirra.com, Jan 9 2018 

We create as many workers as navigator.hardwareConcurrency. I thought this was common practice. Should we not do that? How do we know what the limit ought to be instead?

Comment 9 by jgruber@chromium.org, Jan 9 2018

Cc: mlippautz@chromium.org
Mergedinto: 752185
Status: Duplicate (was: Assigned)
Chatted with mlippautz@: this is due to a restriction of the sandbox on Linux which limits reserved (not committed) memory. Each isolate reserves roughly 512MB so creating multiple web workers will run into this fairly quickly. Note that this is also affected by the number of other tabs that are currently open.

Sorry I currently don't have a better answer for you.

A small repro is attached. It consistently crashes when setting up the heap during creation of the 31st isolate. To run:

$ python2 -m SimpleHTTPServer 8000
$ chrome localhost:8000/worker.html
worker.html
502 bytes View Download
worker.js
166 bytes View Download

Comment 10 by a...@scirra.com, Jan 9 2018 

I don't have permission to view issue 752185. Is there another way I can follow any updates to this issue?

Comment 11 by jgruber@chromium.org, Jan 9 2018

Blockedon: 800348

Comment 12 by jgruber@chromium.org, Jan 9 2018 

See the blocked-on bug in #11.

Comment 13 by a...@scirra.com, Jan 9 2018 

Thanks, starred.

Sign in to add a comment