Intent to Implement: Unified V8 & Blink Garbage Collection (aka Unified Heap)

975 views
Skip to first unread message

Michael Lippautz

unread,
Aug 24, 2018, 9:43:18 AM8/24/18
to blink-dev, Hannes Payer, Kentaro Hara

Contact emails

mlip...@chromium.org, har...@chromium.org, hpa...@chromium.org


Design doc/Spec

See the design document on Unified V8 & Blink Garbage Collection. The document is still work in progress.


Tracking bug: https://crbug.com/843903


The feature is not exposed to the web.


Summary

V8 currently performs wrapper tracing on full garbage collection to find objects transitively reachable through Blink’s object graph that is managed by Oilpan. The unified garbage collection replaces the wrapper tracing part on the Blink-side with doing a full Oilpan marking pass. This way a full transitive closure of live objects is computed.


See the design doc for a full description of how memory is currently reclaimed, effectively involving back-to-back V8 and Blink GCs, and how that is replaced with a single GC and marking pass with the unified GC.


See also the most-recent Blink talk [video; slides] on this topic.


Motivation

Switching to a unified garbage collection addresses the following problems of wrapper tracing:

  1. GC scheduling: Reclaiming memory involving both V8 and Blink currently involves a ping-pong of garbage collections because objects in Blink are rooted (kept alive) by references from V8.

  2. Back-to-back V8 and Blink garbage collections trace through the set of live objects that are part of wrapper tracing twice, i.e., a live object wrappable on the Blink side is currently visited by the V8 GC through wrapper tracing only to be visited again by Oilpan for the follow up GC. This handling is inefficient.

  3. Defining the subset of relevant objects for wrapper tracing is based on C++ types of managed pointers: Member vs TraceWrapperMember. This requires that Blink developers know the object graph and whether edges can transitively reach V8 wrappers, which is error prone and resulted in numerous bugs. Some of these issues are not fixable with today’s architecture as they would require significantly enhancing the capabilities of the wrapper tracing infrastructure. The result are interop bugs where wrappers get prematurely collected which is hard to report, debug, and fix.


With a unified GC these problems do not exist anymore, specifically:

  1. A unified GC computes the full transitive closure and immediately initiates reclamation (sweeping). There’s no need for another GC pass.

  2. A single marking pass over live objects is enough to compute liveness.

  3. Since the whole heap is visited for marking, the distinction between Member and TraceWrapperMember becomes unnecessary. The type can thus be removed and there should not be any problems with wrapper getting lost anymore.


Blink developers should be mostly positively affected by 3), as this removes manual reasoning and stack handling when dealing with wrappables (C++) and wrappers (JS).


Risks

Interoperability and Compatibility

The new architecture fixes interop issues where garbage collections prematurely collected wrappers. These issues cannot happen with a unified approach anymore as all edges (Member & TraceWrapperMember) in such unified garbage collections.


Ergonomics

n/a


Activation

n/a


Debuggability

The unified heap GC will allow DevTools to expose a snapshot containing complete information on any GC-managed object reachable from Blink and V8. This is however out of scope of the first implementation and can be added incrementally after adding the GC support.


Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

Yes.


Link to entry on the feature dashboard

n/a


Requesting approval to ship?

No. We are sending out a PSA once this is ready for shipping. This feature is not web-exposed.


Kentaro Hara

unread,
Aug 27, 2018, 4:11:10 AM8/27/18
to Michael Lippautz, blink-dev, hpayer
LGTM \o/

Once the unified GC is enabled, we can remove the complexity of TraceWrapperMember from the code base. Also the unified GC will fix a lot of interop bugs caused by wrongly collected wrappers (the binding team has spent a lot of engineering time to fix these bugs). Sounds very exciting!

(FWIW the unified GC was a north star dream when we started Oilpan five years ago.)


--
Kentaro Hara, Tokyo, Japan

Jeremy Roman

unread,
Aug 28, 2018, 3:16:43 PM8/28/18
to Kentaro Hara, Michael Lippautz, blink-dev, Hannes Payer
Very much looking forward to a unified GC! Missing wrapper tracing is a very common pitfall -- it's tough to get it right.

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABg10jw_7ajtcnq2CBF_ZneMdKZprf4XOEG0M0Y7cSzoWn%2BDzw%40mail.gmail.com.

Michael Lippautz

unread,
Nov 5, 2018, 4:11:18 PM11/5/18
to Jeremy Roman, Kentaro Hara, Michael Lippautz, blin...@chromium.org, Hannes Payer
PSA: In the next days we are giving the unified heap a try on our waterfalls. We are mainly interested in cycling through all our perf waterfalls before starting a finch trial. 

As for correctness: A few people are already running it locally on Canaries for days/weeks and we continuously run all sorts of tests on a debug bot, so we don't expect too many hickups. Obviously things may break and we will immediately revert in such cases :)



Michael Lippautz

unread,
Feb 4, 2019, 2:37:54 PM2/4/19
to Jeremy Roman, Kentaro Hara, blink-dev, Hannes Payer
PSA: We've been running behind a Finch for Canary and Dev for some time now and will switch it to default in the upcoming hours. 

The idea is to maintain both GC architectures (wrapper tracing & unified heap) for M74 and start removing wrapper tracing in M75.

Cheers, -Michael

Michael Lippautz

unread,
Apr 2, 2019, 8:06:25 AM4/2/19
to Michael Lippautz, Jeremy Roman, Kentaro Hara, blink-dev, Hannes Payer
Another update: We've landed this a while ago now and just removed the type `TraceWrapperMember<T>` that was used to manually annotate interesting edges that could transitively lead to JS wrappers. Everything these days works by just using `Member<T>`.

I've updated the wrapper tracing docs to mention the deprecation and replacement until I find some time to nicely integrate that into the regular Oilpan API documentation.

Kentaro Hara

unread,
Apr 2, 2019, 2:39:34 PM4/2/19
to Michael Lippautz, Jeremy Roman, blink-dev, Hannes Payer
TraceWrapperMember is finally gone -- this reduces a huge amount of technical debts from the code base :)


Ken Russell

unread,
Apr 2, 2019, 9:11:32 PM4/2/19
to Kentaro Hara, Michael Lippautz, Jeremy Roman, blink-dev, Hannes Payer
Fantastic work Michael, Kentaro, Hannes and the team! This is a huge simplification for the implementation of all web APIs in Blink!

-Ken


To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABg10jxoTx8JUgzC7pXajZCeNLiMsqpt_dr8ef%2B5cz7D0H_rEA%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages