search

KwaiAppTeam / KOOM

KOOM is an OOM killer on mobile platform by Kwai.
Other
3.19k stars 424 forks source link

native leak monitor中RegisterAlloc和unregisterAlloc的address存在不一致的bug #179

Closed aceding closed 2 years ago

aceding commented 2 years ago 
ALWAYS_INLINE void LeakMonitor::RegisterAlloc(uintptr_t address, size_t size) {
  if (!address || !size) {
    return;
  }

  auto unwind_backtrace = [](uintptr_t *frames, uint32_t *frame_count) {
    *frame_count = StackTrace::FastUnwind(frames, kMaxBacktraceSize);
  };

  thread_local ThreadInfo thread_info;
  auto alloc_record = std::make_shared<AllocRecord>();
  alloc_record->address = CONFUSE(address);
  alloc_record->size = size;
  alloc_record->index = alloc_index_++;
  memcpy(alloc_record->thread_name, thread_info.name, kMaxThreadNameLen);
  unwind_backtrace(alloc_record->backtrace, &(alloc_record->num_backtraces));
  live_alloc_records_.Put(CONFUSE(address), std::move(alloc_record));
}

ALWAYS_INLINE void LeakMonitor::UnregisterAlloc(uintptr_t address) {
  live_alloc_records_.Erase(address);
}

RegisterAlloc时,live_alloc_records_进行Put的地址是CONFUSE后的,而在UnregisterAlloc时,live_alloc_records_进行Erase的地址是没有CONFUSE的,这就会导致malloc和free后,address没能在live_alloc_records_进行Erase

lbtrace commented 2 years ago

在调用 UnregisterAlloc 时,传入的参数已经进行 CONFUSE 了

aceding commented 2 years ago

在调用 UnregisterAlloc 时,传入的参数已经进行 CONFUSE 了

比如首先malloc了一个地址,然后通过free主动释放了这个地址,free的地址在UnregisterAlloc时没有经过CONFUSE的。 @lbtrace