How does V8 large object space work?
44 views
Skip to first unread message
Euan Burns
Apr 21, 2020, 9:25:32 AM4/21/20
to v8-dev
I'm trying to understand some garbage collection behavior I'm seeing with V8 / Chrome. The scenario is that I have a small program that receives ~ 1MiB of image data from a websocket at a rate of about 60Hz.
Minimal receiving code looks like this:
Profiling in Chrome shows a saw tooth of allocations rising until a major garbage collection occurs, repeating at regular intervals. The allocations are all exactly 176 bytes, which doesn't really match up with the expected 1 MiB. I also took a heap snapshot and dug through it a bit but couldn't see anything useful that was 176 bytes in size.
I found an excellent overview of V8 GC (https://v8.dev/blog/trash-talk). If I understand correctly it seems a little surprising that I'm seeing major GC events when a minor scavenge type GC could probably pick up those allocations. Additionally, as mentioned above, the allocations seen while profiling don't have the expected size of 1MiB.
Minimal receiving code looks like this:
var connection = new WebSocket('ws://127.0.0.1:31333');
connection.onmessage = message => {
var dataCopy = new Uint8Array(message.data, 0);
};Profiling in Chrome shows a saw tooth of allocations rising until a major garbage collection occurs, repeating at regular intervals. The allocations are all exactly 176 bytes, which doesn't really match up with the expected 1 MiB. I also took a heap snapshot and dug through it a bit but couldn't see anything useful that was 176 bytes in size.
I found an excellent overview of V8 GC (https://v8.dev/blog/trash-talk). If I understand correctly it seems a little surprising that I'm seeing major GC events when a minor scavenge type GC could probably pick up those allocations. Additionally, as mentioned above, the allocations seen while profiling don't have the expected size of 1MiB.
I understand that there's a "large object space" which is possibly where the allocations are actually ending up.
Unfortunately I can't find any references to "large object space" at https://v8.dev/docs.
Can anyone help me understand:
Why I see this behaviour with major GC's happening regularly?
Why are the allocations smaller than expected?
If it's related to large object handling are there any resources that explain how large objects are handled in V8 / Chrome and what the limits around them are?
Can anyone help me understand:
Why I see this behaviour with major GC's happening regularly?
Why are the allocations smaller than expected?
If it's related to large object handling are there any resources that explain how large objects are handled in V8 / Chrome and what the limits around them are?
I'm using Chrome Version 81.0.4044.113 (Official Build) (64-bit)) and Windows 10 Pro 1903 if that's helpful.
Thanks
Ulan Degenbaev
Apr 21, 2020, 9:34:35 AM4/21/20
to v8-dev
The backing store of an ArrayBuffer is allocated off the heap. Only a small JS object is allocated on the heap. That's why you see only 176 byte objects in the heap snapshot.
That said, a loop doing "dataCopy = new Uint8Array(message.data, 0);" should trigger only minor GCs unless dataCopy is stored outside and long living.
Could you please file a bug at https://bugs.chromium.org/p/v8/issues/list with steps to reproduce for this minor GC vs major GC issue?
Cheers,
Ulan.
--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/e492de7a-b3c5-44d6-9649-a2ee48f41e52%40googlegroups.com.
Euan Burns
Apr 21, 2020, 12:03:39 PM4/21/20
to v8-dev
Thanks, I'll do that.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages