fix(allocator): AllocatorPool do not consume all memory on Windows#17094
Conversation
How to use the Graphite Merge QueueAdd either label to this PR to merge it via the merge queue:
You must have a Graphite account in order to use the merge queue. Sign up using this link. An organization admin has enabled the Graphite Merge Queue in this repository. Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue. This stack of pull requests is managed by Graphite. Learn more about stacking. |
overlookmotel
force-pushed
the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
from
498bf05 to
8646be9
Compare
CodSpeed Performance ReportMerging #17094 will not alter performanceComparing Summary
Footnotes
|
overlookmotel
force-pushed
the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
3 times, most recently
from
7ac9e8c to
d77d515
Compare
camc314
left a comment
camc314
left a comment
There was a problem hiding this comment.
I deliberatly did not take this approach as it's going to lead to people complaining about high memory usage.
Lets take the language server, when it starts, it's going to consume ~ (N - 4GB), where N is the total system memory (assuming N < thread_count * 4 GB. This memory is going to be consumend for the entire lifecycle of the language server, and it's not going to be freed until the language server is shut down
overlookmotel
force-pushed
the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
2 times, most recently
from
586524b to
803113a
Compare
Yes, I know, and I see the LSP problem. I'm not saying that this is the ideal solution, but I think we do need some solution for Windows OOM, which I think is inevitable in the current implementation (though you've made it much less likely, which is a huge win). Do you have a better idea? We don't support JS plugins in language server at present, so unless we can come up with a better solution, perhaps we go with this for now, and figure out something better when we get to the LSP? As you know, I have in mind a longer-term solution by changing how raw transfer handles memory. So this is only intended as a stopgap anyway. @camc314 What do you think? |
There was a problem hiding this comment.
Pull request overview
This PR redesigns the FixedSizeAllocatorPool to prevent memory exhaustion on Windows while simplifying the overall implementation. The key changes address Windows' lack of virtual memory overcommit by creating a fixed pool of allocators upfront and ensuring sufficient memory remains for other allocations.
Key Changes:
- Split implementation into platform-specific versions (Linux/Mac vs Windows) with different allocation strategies
- Removed dynamic pool growth capability in favor of fixed-size pool created at initialization
- On Windows, create up to
thread_count + 1allocators and discard the last one to ensure 4 GiB remains free
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
crates/oxc_allocator/src/pool/fixed_size.rs |
Redesigned allocator pool with platform-specific implementations; removed synchronization for pool growth; added comprehensive documentation explaining design rationale |
.github/workflows/ci.yml |
Commented out the conditional limiting Windows NAPI tests to main branch only |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Ah i see, yeah this seems reasonable |
overlookmotel
force-pushed
the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
from
803113a to
dae1f00
Compare
overlookmotel
dismissed
camc314’s stale review
Later comment says this PR seems reasonable.
OK cool, I'll merge then. |
Merge activity
|
overlookmotel
force-pushed
the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
from
dae1f00 to
1302ed4
Compare
…17094) Modification of fixed-size allocator limits, building on #17023. ### The problem This is an alternative design, intended to handle one flaw on Windows: Each allocator is 4 GiB in size, so if system has 16.01 GiB of memory available, we could succeed in creating 4 x 4 GiB allocators, but that'd only leave 10 MiB of memory free. Likely then some other allocation (e.g. creating a normal `Allocator`, or even allocating a heap `String`) would fail due to OOM later on. Note that "memory available" on Windows does not mean "how much RAM the system has". It includes the swap file, the size of which depends on how much free disk space the system has. So numbers like 16.01 GiB are not at all out of the question. ### Proposed solution On Windows, create as many allocators as possible when creating the pool, up to `thread count + 1`. Then return the last allocator back to the system. This ensures that there's at least 4 GiB of memory free for other allocations, which should be enough. ### Redesign In working through the various scenarios, I realized that the implementation can be simplified for both Linux/Mac and Windows. In both cases, no more than `thread_count` fixed-size allocators can be in use at any given time - see doc comment on `FixedSizeAllocatorPool` for full explanation. So create the pool with `thread_count` allocators (or as close as we can get on Windows). Thereafter the pool does not need to grow, and cannot. This allows removing a bunch of synchronization code. * On Linux/Mac, #17013 solved the too-many-allocators problem another way, so all we need is the `Mutex`. * On Windows, we only need a `Mutex` + a `Condvar`. In both cases, it's much simplified, which makes it much less likely for subtle race conditions like #17112 to creep in. Removing the additional synchronization should also be a little more performant. Note that the redesign is not the main motivator for this change - preventing OOM on Windows is.
graphite-app
bot
force-pushed
the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
from
1302ed4 to
adb41ba
Compare
graphite-app
bot
deleted the
om/12-19-fix_allocator_allocatorpool_do_not_consume_all_memory_on_windows
branch
2 participants
Modification of fixed-size allocator limits, building on #17023.
The problem
This is an alternative design, intended to handle one flaw on Windows:
Each allocator is 4 GiB in size, so if system has 16.01 GiB of memory available, we could succeed in creating 4 x 4 GiB allocators, but that'd only leave 10 MiB of memory free. Likely then some other allocation (e.g. creating a normal
Allocator, or even allocating a heapString) would fail due to OOM later on.Note that "memory available" on Windows does not mean "how much RAM the system has". It includes the swap file, the size of which depends on how much free disk space the system has. So numbers like 16.01 GiB are not at all out of the question.
Proposed solution
On Windows, create as many allocators as possible when creating the pool, up to
thread count + 1. Then return the last allocator back to the system. This ensures that there's at least 4 GiB of memory free for other allocations, which should be enough.Redesign
In working through the various scenarios, I realized that the implementation can be simplified for both Linux/Mac and Windows.
In both cases, no more than
thread_countfixed-size allocators can be in use at any given time - see doc comment onFixedSizeAllocatorPoolfor full explanation.So create the pool with
thread_countallocators (or as close as we can get on Windows). Thereafter the pool does not need to grow, and cannot.This allows removing a bunch of synchronization code.
Mutex.Mutex+ aCondvar.In both cases, it's much simplified, which makes it much less likely for subtle race conditions like #17112 to creep in.
Removing the additional synchronization should also be a little more performant.
Note that the redesign is not the main motivator for this change - preventing OOM on Windows is.