Android LeakCanary的使用和原理

public abstract class BaseFragment extends Fragment {

@Override public void onDestroy() {
super.onDestroy();
RefWatcher refWatcher = App.getRefWatcher(getActivity());
refWatcher.watch(this);
}
}

原理概述

通过监听Activity的onDestory，手动调用GC，然后通过ReferenceQueue+WeakReference，来判断Activity对象是否被回收，然后结合dump Heap的hpof文件，通过Haha开源库分析泄露的位置

主要的知识点

注册Activity的生命周期的监听器

通过Application.registerActivityLifecycleCallbacks()方法注册Activity的生命周期的监听器，每一个Actvity的生命周期都会回调到这个ActivityLifecycleCallbacks上，如果一个Activity走到了onDestory，那么就意味着他就不再存在，然后检测这个Activity是否是真的被销毁

通过ReferenceQueue+WeakReference，来判断对象是否被回收

WeakReference创建时，可以传入一个ReferenceQueue对象，假如WeakReference中引用对象被回收，那么就会把WeakReference对象添加到ReferenceQueue中，可以通过ReferenceQueue中是否为空来判断，被引用对象是否被回收

详细介绍推荐博客：www.jianshu.com/p/964fbc301…

MessageQueue中加入一个IdleHandler来得到主线程空闲回调

详细介绍请看Android Handler 源码解析

手动调用GC后还调用了System.runFinalization();，这个是强制调用已失去引用对象的finalize方法

在可达性算法中，不可达对象，也不是非死不可，这时他们处于“缓刑”阶段，要宣告一个对象真正死亡需要至少俩个标记阶段， 如果发现对象没有引用链，则会进行第一次标记，并进行一次筛选，筛选的条件是此对象是否有必要进行finalize（）方法，当对象没有覆盖finalize(),或者finalize（）已经调用过，这俩种都视为“没有必要执行”

Apolication中可通过processName判断是否是任务执行进程

通过processName，来判断进程

public static boolean isInServiceProcess(Context context, Class<? extends Service> serviceClass) {
PackageManager packageManager = context.getPackageManager();
PackageInfo packageInfo;
try {
packageInfo = packageManager.getPackageInfo(context.getPackageName(), GET_SERVICES);
} catch (Exception e) {
CanaryLog.d(e, “Could not get package info for %s”, context.getPackageName());
return false;
}
String mainProcess = packageInfo.applicationInfo.processName;

ComponentName component = new ComponentName(context, serviceClass);
ServiceInfo serviceInfo;
try {
serviceInfo = packageManager.getServiceInfo(component, 0);
} catch (PackageManager.NameNotFoundException ignored) {
// Service is disabled.
return false;
}

if (serviceInfo.processName.equals(mainProcess)) {
CanaryLog.d(“Did not expect service %s to run in main process %s”, serviceClass, mainProcess);
// Technically we are in the service process, but we’re not in the service dedicated process.
return false;
}

int myPid = android.os.Process.myPid();
ActivityManager activityManager =
(ActivityManager) context.getSystemService(Context.ACTIVITY_SERVICE);
ActivityManager.RunningAppProcessInfo myProcess = null;
List<ActivityManager.RunningAppProcessInfo> runningProcesses =
activityManager.getRunningAppProcesses();
if (runningProcesses != null) {
for (ActivityManager.RunningAppProcessInfo process : runningProcesses) {
if (process.pid == myPid) {
myProcess = process;
break;
}
}
}
if (myProcess == null) {
CanaryLog.d(“Could not find running process for %d”, myPid);
return false;
}

return myProcess.processName.equals(serviceInfo.processName);
}

源码分析

SDK初始化

mRefWatcher = LeakCanary.install(this);

这个是SDK向外暴露的方法，我们以此为入口进行源码的分析

public static RefWatcher install(Application application) {
return refWatcher(application).listenerServiceClass(DisplayLeakService.class)
.excludedRefs(AndroidExcludedRefs.createAppDefaults().build())
.buildAndInstall();
}

public static AndroidRefWatcherBuilder refWatcher(Context context) {
return new AndroidRefWatcherBuilder(context);
}

install方法首先初始化了一个AndroidRefWatcherBuilder类,然后通过listenerServiceClass方法设置了DisplayLeakService,这个类主要用于分析内存泄露的结果信息，然后发送通知给用户

public final class AndroidRefWatcherBuilder extends RefWatcherBuilder {

/**

• Sets a custom {@link AbstractAnalysisResultService} to listen to analysis results. This
• overrides any call to {@link #heapDumpListener(HeapDump.Listener)}.
  */
  public AndroidRefWatcherBuilder listenerServiceClass(
  Class<? extends AbstractAnalysisResultService> listenerServiceClass) {
  return heapDumpListener(new ServiceHeapDumpListener(context, listenerServiceClass));
  }
  …
  }

public class RefWatcherBuilder<T extends RefWatcherBuilder> {
…
/** @see HeapDump.Listener */
public final T heapDumpListener(HeapDump.Listener heapDumpListener) {
this.heapDumpListener = heapDumpListener;
return self();
}
…
}

然后调用excludedRefs方法添加白名单，在AndroidExcludedRefs枚举类中定义了忽略列表信息，如果这些列表中的类发生了内存泄露，并不会显示出来，同时HeapAnalyzer计算GCRoot强引用路径，也会忽略这些类，如果你希望自己项目中某个类泄露的，但是不希望他显示，就可以把类添加到这个上面

public enum AndroidExcludedRefs {

// ######## Android SDK Excluded refs ########

ACTIVITY_CLIENT_RECORD__NEXT_IDLE(SDK_INT >= KITKAT && SDK_INT <= LOLLIPOP) {
@Override void add(ExcludedRefs.Builder excluded) {
excluded.instanceField(“android.app.ActivityThread$ActivityClientRecord”, “nextIdle”)
.reason(“Android AOSP sometimes keeps a reference to a destroyed activity as a”

• " nextIdle client record in the android.app.ActivityThread.mActivities map."
• " Not sure what’s going on there, input welcome.");
  }
  }
  …
  }

最后调用了buildAndInstall方法，创建了一个RefWatcher对象并返回,这个对象是用于检测是否有对象未被回收导致的内存泄露

/**

• Creates a {@link RefWatcher} instance and starts watching activity references (on ICS+).
  */
  public RefWatcher buildAndInstall() {
  RefWatcher refWatcher = build();
  if (refWatcher != DISABLED) {
  LeakCanary.enableDisplayLeakActivity(context);
  ActivityRefWatcher.install((Application) context, refWatcher);
  }
  return refWatcher;
  }

因为分析泄露是在另一个进程进行的，所以判断当前启动的Application是否在分析内存泄露的进程中，如果是就直接返回DISABLED,不在进行后续初始化，如果发现是在程序主进程中，就进行初始化

LeakCanary.enableDisplayLeakActivity(context);主要作用是调用PackageManager将DisplayLeakActivity设置为可用。

public static void enableDisplayLeakActivity(Context context) {
setEnabled(context, DisplayLeakActivity.class, true);
}

public static void setEnabled(Context context, final Class<?> componentClass,
final boolean enabled) {
final Context appContext = context.getApplicationContext();
executeOnFileIoThread(new Runnable() {
@Override public void run() {
setEnabledBlocking(appContext, componentClass, enabled);
}
});
}

public static void setEnabledBlocking(Context appContext, Class<?> componentClass,
boolean enabled) {
ComponentName component = new ComponentName(appContext, componentClass);
PackageManager packageManager = appContext.getPackageManager();
int newState = enabled ? COMPONENT_ENABLED_STATE_ENABLED : COMPONENT_ENABLED_STATE_DISABLED;
// Blocks on IPC.
packageManager.setComponentEnabledSetting(component, newState, DONT_KILL_APP);
}

从配置文件看LeakCanary这几个文件都是运行在新进程的，DisplayLeakActivity默认enable=false,这样就可以一开始隐藏启动图标

接着 ActivityRefWatcher.install((Application) context, refWatcher);这里把refWatcher当做参数传入，同时对Activity的生命周期进行了监听

public static void install(Application application, RefWatcher refWatcher) {
new ActivityRefWatcher(application, refWatcher).watchActivities();
}

public void watchActivities() {
// Make sure you don’t get installed twice.
stopWatchingActivities();
application.registerActivityLifecycleCallbacks(lifecycleCallbacks);
}

public void stopWatchingActivities() {
application.unregisterActivityLifecycleCallbacks(lifecycleCallbacks);
}

private final Application.ActivityLifecycleCallbacks lifecycleCallbacks =
new Application.ActivityLifecycleCallbacks() {
@Override public void onActivityCreated(Activity activity, Bundle savedInstanceState) {
}

@Override public void onActivityStarted(Activity activity) {
}

@Override public void onActivityResumed(Activity activity) {
}

@Override public void onActivityPaused(Activity activity) {
}

@Override public void onActivityStopped(Activity activity) {
}

@Override public void onActivitySaveInstanceState(Activity activity, Bundle outState) {
}

@Override public void onActivityDestroyed(Activity activity) {
ActivityRefWatcher.this.onActivityDestroyed(activity);
}
};

void onActivityDestroyed(Activity activity) {
refWatcher.watch(activity);
}

首先就是注册Activity的生命周期的监听器lifecycleCallbacks，这个监听器可以监听项目中所有Activity的的生命周期，然后在Activity销毁调用onActivityDestroyed的时候，LeakCanary就会获取这个Activity，然后对其进行分析，看是否有内存泄露

分析内存泄露

这里分析对象是否内存泄露的是RefWatcher类，下面简单介绍一下这个类的成员变量

• WatchExecutor watchExecutor：确保任务在主线程进行，同时默认延迟5s执行任务，留时间给系统GC
• DebuggerControl debuggerControl：控制中心
• GcTrigger gcTrigger：内部调用Runtime.getRuntime().gc(),手动触发GC
• HeapDumper heapDumper：用于创建.hprof文件，用于储存head堆快照，可以知道哪些程序在大部分使用内存
• HeapDump.Listener heapdumpListener：分析结果完成后会告诉这个监听器
• ExcludedRefs excludedRefs：分析内存泄露的白名单

从上面可以看出，每当Activity销毁，就会调用RefWatcher的watch方法，去分析是否是内存泄露

public void watch(Object watchedReference) {
watch(watchedReference, “”);
}

public void watch(Object watchedReference, String referenceName) {
if (this == DISABLED) {
return;
}
checkNotNull(watchedReference, “watchedReference”);
checkNotNull(referenceName, “referenceName”);
final long watchStartNanoTime = System.nanoTime();
String key = UUID.randomUUID().toString();
retainedKeys.add(key);
final KeyedWeakReference reference =
new KeyedWeakReference(watchedReference, key, referenceName, queue);

ensureGoneAsync(watchStartNanoTime, reference);
}

上面代码主要作用是，先生成一个随机数key放在retainedKeys容器里，用来区分对象是否被回收，创建了一个弱引用，然后把要分析的Activity对象存入，然后调用了ensureGoneAsync方法

private void ensureGoneAsync(final long watchStartNanoTime, final KeyedWeakReference reference) {
watchExecutor.execute(new Retryable() {
@Override public Retryable.Result run() {
return ensureGone(reference, watchStartNanoTime);
}
});
}

然后用watchExecutor去调度分析任务，这个主要是保证，在主线程进行，延迟5s，让系统有时间GC

@SuppressWarnings(“ReferenceEquality”) // Explicitly checking for named null.
Retryable.Result ensureGone(final KeyedWeakReference reference, final long watchStartNanoTime) {
long gcStartNanoTime = System.nanoTime();
long watchDurationMs = NANOSECONDS.toMillis(gcStartNanoTime - watchStartNanoTime);

removeWeaklyReachableReferences();

if (debuggerControl.isDebuggerAttached()) {
// The debugger can create false leaks.
return RETRY;
}
if (gone(reference)) {
return DONE;
}
gcTrigger.runGc();
removeWeaklyReachableReferences();
if (!gone(reference)) {
long startDumpHeap = System.nanoTime();
long gcDurationMs = NANOSECONDS.toMillis(startDumpHeap - gcStartNanoTime);

File heapDumpFile = heapDumper.dumpHeap();
if (heapDumpFile == RETRY_LATER) {
// Could not dump the heap.
return RETRY;
}
long heapDumpDurationMs = NANOSECONDS.toMillis(System.nanoTime() - startDumpHeap);
heapdumpListener.analyze(
new HeapDump(heapDumpFile, reference.key, reference.name, excludedRefs, watchDurationMs,
gcDurationMs, heapDumpDurationMs));
}
return DONE;
}

private void removeWeaklyReachableReferences() {
// WeakReferences are enqueued as soon as the object to which they point to becomes weakly
// reachable. This is before finalization or garbage collection has actually happened.
KeyedWeakReference ref;
while ((ref = (KeyedWeakReference) queue.poll()) != null) {
retainedKeys.remove(ref.key);
}
}

private boolean gone(KeyedWeakReference reference) {
return !retainedKeys.contains(reference.key);
}

首先通过removeWeaklyReachableReferences()方法，尝试从弱引用队列获取待分析对象，如果不为空说明被系统回收了，就把retainedKeys中的key值移除，如果被系统回收直接返回DONE，如果没有被系统回收，就手动调用 gcTrigger.runGc();手动触发系统gc,然后再次调用removeWeaklyReachableReferences()方法，如过还是为空，则判断为内存泄露

GcTrigger DEFAULT = new GcTrigger() {
@Override public void runGc() {
// Code taken from AOSP FinalizationTest:
// https://android.googlesource.com/platform/libcore/+/master/support/src/test/java/libcore/
// java/lang/ref/FinalizationTester.java
// System.gc() does not garbage collect every time. Runtime.gc() is
// more likely to perfom a gc.
Runtime.getRuntime().gc();
enqueueReferences();
System.runFinalization();
}

private void enqueueReferences() {
// Hack. We don’t have a programmatic way to wait for the reference queue daemon to move
// references to the appropriate queues.
try {
Thread.sleep(100);
} catch (InterruptedException e) {
throw new AssertionError();

最后

自我介绍一下，小编13年上海交大毕业，曾经在小公司待过，也去过华为、OPPO等大厂，18年进入阿里一直到现在。

深知大多数初中级Android工程师，想要提升技能，往往是自己摸索成长，自己不成体系的自学效果低效漫长且无助。

因此我收集整理了一份《2024年Android移动开发全套学习资料》，初衷也很简单，就是希望能够帮助到想自学提升又不知道该从何学起的朋友，同时减轻大家的负担。

既有适合小白学习的零基础资料，也有适合3年以上经验的小伙伴深入学习提升的进阶课程，基本涵盖了95%以上Android开发知识点！不论你是刚入门Android开发的新手，还是希望在技术上不断提升的资深开发者，这些资料都将为你打开新的学习之门

如果你觉得这些内容对你有帮助，需要这份全套学习资料的朋友可以戳我获取！！

由于文件比较大，这里只是将部分目录截图出来，每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频，并且会持续更新！
ptg-1715309395486)]

[外链图片转存中…(img-yGKrZrfR-1715309395488)]

[外链图片转存中…(img-3NtTYbdZ-1715309395490)]

[外链图片转存中…(img-SMjdOOV4-1715309395491)]

既有适合小白学习的零基础资料，也有适合3年以上经验的小伙伴深入学习提升的进阶课程，基本涵盖了95%以上Android开发知识点！不论你是刚入门Android开发的新手，还是希望在技术上不断提升的资深开发者，这些资料都将为你打开新的学习之门

如果你觉得这些内容对你有帮助，需要这份全套学习资料的朋友可以戳我获取！！

由于文件比较大，这里只是将部分目录截图出来，每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频，并且会持续更新！