一、mmap发现
进程mmap泄漏,会导致proc/$pid/maps行数持续增加,严重时会导致申请内存返回mmap() failed! mmap failed errno 12 Out of memory
二、分析mmap
根据dumpsys meminfo的策略,maps可以分为几下几种:
下标 | name |
HEAP_STACK | "[stack"、"[anon:stack_and_tls:"开头 |
HEAP_SO,is_swappable | ".so"结尾 |
HEAP_JAR,is_swappable | ".jar"结尾 |
HEAP_TTF,is_swappable | ".apk"结尾 |
HEAP_TTF,is_swappable | ".ttf"结尾 |
HEAP_DEX, sub_heap=HEAP_DEX_APP_DEX | ".odex"结尾或(namesize>4&&".dex") |
HEAP_DEX, is_swappable | ".vdex"结尾 若"@boot"||"/boot"||"/apex":sub_heap = HEAP_DEX_BOOT_VDEX 否则sub_heap = HEAP_DEX_APP_VDEX |
HEAP_OAT,is_swappable | ".oat"结尾 |
HEAP_ART,is_swappable | ".art"、 ".art]"结尾 若"@boot"||"/boot"||"/apex":sub_heap = HEAP_ART_BOOT 否则sub_heap = HEAP_ART_APP |
HEAP_UNKNOWN_DEV | "/dev/"开头 |
HEAP_GL_DEV | "/dev/kgsl-3d0"开头 |
HEAP_CURSOR | "/dev/ashmem/CursorWindow"开头 |
HEAP_DALVIK_OTHER sub_heap = HEAP_DALVIK_OTHER_ZYGOTE_CODE_CACHE | "/dev/ashmem/jit-zygote-cache"开头 |
HEAP_ASHMEM | "/dev/ashmem"开头 |
HEAP_DALVIK_OTHER sub_heap = HEAP_DALVIK_OTHER_APP_CODE_CACHE | "/memfd:jit-cache"开头 |
HEAP_DALVIK_OTHER sub_heap = HEAP_DALVIK_OTHER_ZYGOTE_CODE_CACHE | "/memfd:jit-zygote-cache"开头 |
HEAP_DALVIK_OTHER sub_heap=HEAP_DALVIK_OTHER_LINEARALLOC | "[anon:dalvik-LinearAlloc"开头 |
HEAP_DALVIK sub_heap = HEAP_DALVIK_NORMAL | "[anon:dalvik-alloc space"||"[anon:dalvik-main space"开头 |
HEAP_DALVIK sub_heap = HEAP_DALVIK_LARGE | "[anon:dalvik-large object space"||"[anon:dalvik-free list large object space"开头 |
HEAP_DALVIK sub_heap = HEAP_DALVIK_NON_MOVING | "[anon:dalvik-non moving space"开头 |
HEAP_DALVIK sub_heap = HEAP_DALVIK_ZYGOTE | "[anon:dalvik-zygote space"开头 |
HEAP_DALVIK_OTHER sub_heap = HEAP_DALVIK_OTHER_INDIRECT_REFERENCE_TABLE | "[anon:dalvik-indirect ref"开头 |
HEAP_DALVIK_OTHER sub_heap = HEAP_DALVIK_OTHER_APP_CODE_CACHE | "[anon:dalvik-jit-code-cache"|| "[anon:dalvik-data-code-cache"开头 |
HEAP_DALVIK_OTHER sub_heap = HEAP_DALVIK_OTHER_COMPILER_METADATA | "[anon:dalvik-CompilerMetadata"开头 |
HEAP_DALVIK_OTHER | "[anon:dalvik-"开头 |
HEAP_UNKNOWN sub_heap = HEAP_DALVIK_OTHER_ACCOUNTING | "[anon:"开头 |
HEAP_UNKNOWN_MAP 16 | 上面的都没有提到,但名字长度大于0的 |
HEAP_SO 9 | 本行的start==上一个map的end并且上一个是so |
根据每条map的name,可将其分为stack、so、unkown、.ttf、.jar等
在过程中可抓取两三次maps文件进行对比,并根据name分类,查看增长最多的类型是什么
三、mmap泄漏定位
stack_and_tls泄漏
若该部分为泄漏点,查看增长的tls后面的线程号tid,通过debuggerd -b PID可查看当前进程的所有线程。然后找到对应tid的堆栈。
unknown泄漏
这部分还需要进一步分析