Re: Issue 2345 in v8: Skip lists for code pages are not always freed.

[codesite...@google.com]

Updates:
Owner: mstar...@chromium.org

Comment #1 on issue 2345 by erik.corry: Skip lists for code pages are not
always freed.
http://code.google.com/p/v8/issues/detail?id=2345

(No comment was entered for this change.)

[codesite...@google.com]

Status: New
Owner: ----

New issue 2345 by erikco...@google.com: Skip lists for code pages are not
always freed.
http://code.google.com/p/v8/issues/detail?id=2345

Complaint from valgrind

Using local file src/sconsbuild/Debug/content_unittests.
Leak of 1024 bytes in 1 objects allocated from:
@ 27dc5da v8::internal::SkipList::Update
@ 27e7956 v8::internal::PagedSpace::AllocateRaw
@ 27c2123 v8::internal::Heap::ReserveSpace
@ 2a0f795 v8::internal::Deserializer::Deserialize
@ 285b040 v8::internal::Isolate::Init
@ 2a54254 v8::internal::V8::Initialize
@ 2a1863a v8::internal::Snapshot::Initialize
@ 26a714d v8::InitializeHelper
@ 26be0ef v8::V8::Initialize
@ 14d9772 WebKit::initialize
@ e7af70 content::UnitTestTestSuite::UnitTestTestSuite

This may be a 64 bit-only issue. On 32 bit it looks OK. The skip list is
deleted in MemoryAllocator::Free(MemoryChunk*), which is called from
PagedSpace::TearDown when execution ends. If a code page is freed during
execution of the VM it is queued for freeing in PagedSpace::ReleasePage.
It is picked up from the queue in FreeQueuedChunk, which correctly calls
MemoryAllocator::Free(MemoryChunk*). Some aspects of this may be different
on 64 bit with a reserved 2Gbyte code area.

[codesite...@google.com]

Comment #2 on issue 2345 by gli...@chromium.org: Skip lists for code pages

are not always freed.
http://code.google.com/p/v8/issues/detail?id=2345

Let me note that this is tcmalloc's heapchecker, not Valgrind.

To reproduce the report one can build the tests (e.g. test_shell_tests or
views_unittests) with the following GYP defines:

GYP_DEFINES=linux_use_tcmalloc=1 linux_use_heapchecker=1
linux_keep_shadow_stacks=1 component=static_library werror=
(used by the Linux Heapchecker bot)

or

GYP_DEFINES=linux_use_tcmalloc=1 linux_use_heapchecker=1
linux_keep_shadow_stacks=1 component=static_library werror= chromeos=1
(used by the Chromium OS Heapchecker bot)

and run them with tools/heapcheck/chrome_tests.sh, e.g.

$ tools/heapcheck/chrome_tests.sh --build_dir src/sconsbuild/Debug --test
views

[codesite...@google.com]

Issue 2345: Skip lists for code pages are not always freed.
http://code.google.com/p/v8/issues/detail?id=2345

This issue is now blocking issue chromium:151907.
See http://code.google.com/p/chromium/issues/detail?id=151907

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

[codesite...@google.com]

Updates:
Status: Assigned
Labels: Type-Bug Priority-Medium HW-x64 OS-Linux

Comment #4 on issue 2345 by mstar...@chromium.org: Skip lists for code

pages are not always freed.
http://code.google.com/p/v8/issues/detail?id=2345

I'll take a look.

[codesite...@google.com]

Updates:
Status: Duplicate
Cc: veg...@chromium.org
Mergedinto: chromium:99304

Comment #5 on issue 2345 by mstar...@chromium.org: Skip lists for code

pages are not always freed.
http://code.google.com/p/v8/issues/detail?id=2345

This is a dupe of Chromium issue 99304 which has been around for ages. The
only thing that changed is the stack trace that the heap checker spits out
because of Erik's recent serializer changes.

And I came to the same conclusion that vegorov@ did back then, the V8
tear-down methods are just never called. This doesn't seem to be a V8 issue.

http://code.google.com/p/chromium/issues/detail?id=99304