Unbounded heap growth when combining dynamic states & delimited continuation

  • Done
  • quality assurance status badge
Details
2 participants
  • Ludovic Courtès
  • Maxim Cournoyer
Owner
unassigned
Submitted by
Ludovic Courtès
Severity
important
L
L
Ludovic Courtès wrote on 4 Nov 2022 19:24
(address . bug-guile@gnu.org)
87h6zelgr1.fsf@inria.fr
itself a followup to https://issues.guix.gnu.org/58631.)

Consider this code:

Toggle snippet (33 lines)
;; https://issues.guix.gnu.org/58631
;; https://github.com/wingo/fibers/issues/65

(define loss
(make-vector 1000000))

(let ((tag (make-prompt-tag "my prompt")))
(define handler
(lambda (k i)
(when (zero? (modulo i 2000000))
(pk 'heap-size (assoc-ref (gc-stats) 'heap-size)))

(call-with-prompt tag
(lambda ()
(k (modulo (+ 1 i) 10000000)))
handler)))

(call-with-prompt tag
(let ((state (current-dynamic-state)))
(lambda ()
;; (define (with-dynamic-state state thunk)
;; (let ((previous #f))
;; (dynamic-wind
;; (lambda () (set! previous (set-current-dynamic-state state)))
;; thunk
;; (lambda () (set-current-dynamic-state previous)))))
(with-dynamic-state state
(lambda ()
(let loop ((i 0))
(loop (abort-to-prompt tag i)))))))
handler))

On Guile 3.0.8, this program exhibits seemingly unbounded heap growth.
Uncommenting the local ‘with-dynamic-state’ definition fixes the
problem.

Ludo’.
L
L
Ludovic Courtès wrote on 4 Nov 2022 21:24
control message for bug #59021
(address . control@debbugs.gnu.org)
87fseylb6z.fsf@gnu.org
severity 59021 important
quit
L
L
Ludovic Courtès wrote on 5 Nov 2022 23:04
Re: bug#59021: Unbounded heap growth when combining dynamic states & delimited continuation
(address . 59021@debbugs.gnu.org)(name . Andy Wingo)(address . wingo@pobox.com)
877d09hxcp.fsf@gnu.org
Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (36 lines)
> Consider this code:
>
> ;; https://issues.guix.gnu.org/58631
> ;; https://github.com/wingo/fibers/issues/65
>
> (define loss
> (make-vector 1000000))
>
> (let ((tag (make-prompt-tag "my prompt")))
> (define handler
> (lambda (k i)
> (when (zero? (modulo i 2000000))
> (pk 'heap-size (assoc-ref (gc-stats) 'heap-size)))
>
> (call-with-prompt tag
> (lambda ()
> (k (modulo (+ 1 i) 10000000)))
> handler)))
>
> (call-with-prompt tag
> (let ((state (current-dynamic-state)))
> (lambda ()
> ;; (define (with-dynamic-state state thunk)
> ;; (let ((previous #f))
> ;; (dynamic-wind
> ;; (lambda () (set! previous (set-current-dynamic-state state)))
> ;; thunk
> ;; (lambda () (set-current-dynamic-state previous)))))
> (with-dynamic-state state
> (lambda ()
> (let loop ((i 0))
> (loop (abort-to-prompt tag i)))))))
> handler))
>
> On Guile 3.0.8, this program exhibits seemingly unbounded heap growth.

This is fixed by the patch below (tested against the test case above and
the Fibers and Shepherd test cases mentioned before):
Toggle diff (22 lines)
diff --git a/libguile/vm.c b/libguile/vm.c
index 6fd5c554f..516bae773 100644
--- a/libguile/vm.c
+++ b/libguile/vm.c
@@ -165,11 +165,13 @@ capture_stack (union scm_vm_stack_element *stack_top,
scm_t_dynstack *dynstack, uint32_t flags)
{
struct scm_vm_cont *p;
+ size_t stack_size;
- p = scm_gc_malloc (sizeof (*p), "capture_vm_cont");
- p->stack_size = stack_top - sp;
- p->stack_bottom = scm_gc_malloc (p->stack_size * sizeof (*p->stack_bottom),
- "capture_vm_cont");
+ stack_size = stack_top - sp;
+ p = scm_gc_malloc (sizeof (*p) + stack_size * sizeof (*p->stack_bottom),
+ "capture_vm_cont");
+ p->stack_size = stack_size;
+ p->stack_bottom = (void *) ((char *) p + sizeof (*p));
p->vra = vra;
p->mra = mra;
p->fp_offset = stack_top - fp;
Using a simple heap profiler (more on that later), I noticed that the
stacks allocated at ‘p->stack_bottom’ would be partly retained,
explaining the heap growth.

I couldn’t pinpoint what exactly is keeping a pointer to the stack, but
what I can tell is that the trick above makes that impossible (because
we disable interior pointer tracing), hence the difference.

Also, why changing the SCM_DYNSTACK_TYPE_DYNAMIC_STATE entry to an
SCM_DYNSTACK_TYPE_UNWINDER entry would make a difference remains a
mystery to me.

I’m interested in theories that would explain all this in more detail!
I’ll go ahead with the fix above if there are no objections.

It’s not fully satisfying but still it’s a relief.

Ludo’.
M
M
Maxim Cournoyer wrote on 7 Nov 2022 17:03
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 59021@debbugs.gnu.org)
87leomzr8x.fsf@gmail.com
Hi Ludovic,

Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (41 lines)
> itself a followup to <https://issues.guix.gnu.org/58631>.)
>
> Consider this code:
>
> ;; https://issues.guix.gnu.org/58631
> ;; https://github.com/wingo/fibers/issues/65
>
> (define loss
> (make-vector 1000000))
>
> (let ((tag (make-prompt-tag "my prompt")))
> (define handler
> (lambda (k i)
> (when (zero? (modulo i 2000000))
> (pk 'heap-size (assoc-ref (gc-stats) 'heap-size)))
>
> (call-with-prompt tag
> (lambda ()
> (k (modulo (+ 1 i) 10000000)))
> handler)))
>
> (call-with-prompt tag
> (let ((state (current-dynamic-state)))
> (lambda ()
> ;; (define (with-dynamic-state state thunk)
> ;; (let ((previous #f))
> ;; (dynamic-wind
> ;; (lambda () (set! previous (set-current-dynamic-state state)))
> ;; thunk
> ;; (lambda () (set-current-dynamic-state previous)))))
> (with-dynamic-state state
> (lambda ()
> (let loop ((i 0))
> (loop (abort-to-prompt tag i)))))))
> handler))
>
> On Guile 3.0.8, this program exhibits seemingly unbounded heap growth.
> Uncommenting the local ‘with-dynamic-state’ definition fixes the
> problem.

I've tested both 3.0.8 from Guix on multiple machines (including Berlin)
and 2.2 from Debian 10, and ran the above snippet; it grows initially
but stabilize quickly and then doesn't budge. I've let it run for more
than an hour.

So there's a problem there (?), but it doesn't seem like an unbound leak
from my experiments. Perhaps the reproducer needs to be tweaked to
mimic better what is happening in Shepherd?

--
Thanks,
Maxim
M
M
Maxim Cournoyer wrote on 7 Nov 2022 22:52
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 59021@debbugs.gnu.org)
87h6zazb35.fsf@gmail.com
Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

[...]

Toggle quote (5 lines)
> I've tested both 3.0.8 from Guix on multiple machines (including Berlin)
> and 2.2 from Debian 10, and ran the above snippet; it grows initially
> but stabilize quickly and then doesn't budge. I've let it run for more
> than an hour.

Actually, it does grow, it just takes a lot of time. It's now at
150751472 from the original "stable" value of 87846912, so it seems like
an unbound leak after all.

--
Thanks,
Maxim
L
L
Ludovic Courtès wrote on 20 Nov 2022 18:28
(address . 59021-done@debbugs.gnu.org)(name . Andy Wingo)(address . wingo@pobox.com)
87mt8l5ydu.fsf@gnu.org
Hi,

Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (41 lines)
> Ludovic Courtès <ludo@gnu.org> skribis:
>
>> Consider this code:
>>
>> ;; https://issues.guix.gnu.org/58631
>> ;; https://github.com/wingo/fibers/issues/65
>>
>> (define loss
>> (make-vector 1000000))
>>
>> (let ((tag (make-prompt-tag "my prompt")))
>> (define handler
>> (lambda (k i)
>> (when (zero? (modulo i 2000000))
>> (pk 'heap-size (assoc-ref (gc-stats) 'heap-size)))
>>
>> (call-with-prompt tag
>> (lambda ()
>> (k (modulo (+ 1 i) 10000000)))
>> handler)))
>>
>> (call-with-prompt tag
>> (let ((state (current-dynamic-state)))
>> (lambda ()
>> ;; (define (with-dynamic-state state thunk)
>> ;; (let ((previous #f))
>> ;; (dynamic-wind
>> ;; (lambda () (set! previous (set-current-dynamic-state state)))
>> ;; thunk
>> ;; (lambda () (set-current-dynamic-state previous)))))
>> (with-dynamic-state state
>> (lambda ()
>> (let loop ((i 0))
>> (loop (abort-to-prompt tag i)))))))
>> handler))
>>
>> On Guile 3.0.8, this program exhibits seemingly unbounded heap growth.
>
> This is fixed by the patch below (tested against the test case above and
> the Fibers and Shepherd test cases mentioned before):

Pushed as e47a153317c046ea5d335940412999e7dc604c33.

Toggle quote (15 lines)
> Using a simple heap profiler (more on that later), I noticed that the
> stacks allocated at ‘p->stack_bottom’ would be partly retained,
> explaining the heap growth.
>
> I couldn’t pinpoint what exactly is keeping a pointer to the stack, but
> what I can tell is that the trick above makes that impossible (because
> we disable interior pointer tracing), hence the difference.
>
> Also, why changing the SCM_DYNSTACK_TYPE_DYNAMIC_STATE entry to an
> SCM_DYNSTACK_TYPE_UNWINDER entry would make a difference remains a
> mystery to me.
>
> I’m interested in theories that would explain all this in more detail!
> I’ll go ahead with the fix above if there are no objections.

I still am. :-)

Ludo’.
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 59021@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 59021
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch