🎉 A framework for improving android 32bit app stability. (Alleviate crashes caused by insufficient virtual memory)

Overview

Patrons

Download

🎉 A framework for improving android 32bit app stability. (Alleviate crashes caused by insufficient virtual memory)

一行代码解决 Android 32位应用因虚拟内存不足导致的 libc:abort(signal 6)

一、背景

目前国内的 Android App 大多数还是32位架构,仅提供了 arm-v7a 的动态链接库,市面上大多数手机都是64位的 CPU,App 通常都运行在兼容模式下,可以使用完整的 4GB 虚拟内存,但是国内应用一般都是集万千功能于一身,随着业务越来越复杂(内置webview、小程序、高清大图、短视频等等),以及部分内存泄漏,4GB 的内存越来越不够用了。

从去年(2020)开始,各大头部应用的 Native Crash 开始暴增,通常 Top1 都是 libc:abort,通过上报的 maps 可见,虚拟内存地址空间大部分接近了 4GB,console logs 中也有大量的 GL Errors: Out of memory(12)

针对此问题,一般首先能想到的就是排查内存泄漏问题,但往往收效甚微,多半是因为随着业务的发展,确实是需要这么多虚拟内存。诚然通过升级64位架构可以把地址空间上限扩充到512GB,但是因为各种原因(包大小、维护成本等等),目前大部分应用尚未完成升级,所以在这里提供一种新的思路。

二、原理

通过一系列技术手段实现运行期间动态调整Region Space预分配的地址空间,释放出最多900MB(根据实际情况调整参数)虚拟内存给到 libc:malloc,增加了接近30%的地址上限,大幅度给应用续命。(细节待补充)

三、使用方式

编译patrons模块,主工程依赖该模块产物,在合适的时机进行初始化:

   repositories {
        mavenCentral()
   }
   dependencies {
         implementation 'com.alibaba:patrons:1.0.6.2'
   }
    com.alibaba.android.patronus.Patrons.init(context, null);
→ 测试 Demo 下载

四、Q & A

  1. SDK 本身会带来多少接入成本(包大小、稳定性):包大小增加20k左右,可以忽略不计;关键逻辑中会有多层保护,不会引发新的崩溃。

  2. SDK 兼容性怎么样:在 Android 8、8.1、9、10、11 共 5 个主流版本生效,覆盖率接近 99.9%。在未兼容机型中不会生效,亦不会产生新的崩溃。

  3. 使用后就能根治 Abort 么:肯定不能,因为 Abort 的成因很多,虽然32位应用多半是因为虚拟内存不足,但是也可能存在其他问题,适配性还是要具体情况具体分析。

You might also like...
An easy to build CO2 Monitor/Meter with Android and iOS App for real time visualization and charting of air data, data logger, a variety of communication options (BLE, WIFI, MQTT, ESP-Now) and many supported sensors.
An easy to build CO2 Monitor/Meter with Android and iOS App for real time visualization and charting of air data, data logger, a variety of communication options (BLE, WIFI, MQTT, ESP-Now) and many supported sensors.

CO2-Gadget An easy to build CO2 Monitor/Meter with cell phone App for real time visualization and charting of air data, datalogger, a variety of commu

Android app of ShaBoom project
Android app of ShaBoom project

ShaBoom app Table of contents: About project Demonstration ML Pipeline Technologies About project This is the proof-of-concept realization of the ShaB

Two PoC of accessing process virtual memory via NT Kernel
Two PoC of accessing process virtual memory via NT Kernel

ProcessVmAccess Two PoC of accessing process virtual memory via NT Kernel Detail You've never interested in accessing process virtual memory through N

Creates a virtual disk in memory and provides the user a shell to interact with it

Tiny-File-System Creates a virtual disk in memory and provides the user a shell to interact with it Known bugs with Export missing chars at the end of

Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executable pages. (VAD hide / NX bit swapping)
Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executable pages. (VAD hide / NX bit swapping)

Stealthy Kernel-mode Injector Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation

A customized LGL Android mod menu, containing ESP only for PUBG Mobile 1.3.0 for Android
A customized LGL Android mod menu, containing ESP only for PUBG Mobile 1.3.0 for Android

PUBG Mobile ESP Mod Menu A customized LGL mod menu, containing ESP only for PUBG Mobile 1.3.0 for Android. Everything are fixed so it works with both

First open source android modding library for Geometry Dash Based on Hooking-and-Patching-android-template

Android-ML First open source android modding library for Geometry Dash Based on Hooking-and-Patching-android-template Installation Download this githu

A simple library that helps Android developers to execute JavaScript code from Android native side easily without using Webview.

AndroidJSModule A simple library that helps Android developers to execute JavaScript code from Android native side easily without using Webview. Insta

A repository for experimenting with elf loading and in-place patching of android native libraries on non-android operating systems.

droidports: A repository for experimenting with elf loading and in-place patching of android native libraries on non-android operating systems. Discla

Comments
  • 伪装libart相同命名空间等相关问题

    伪装libart相同命名空间等相关问题

    1. 伪装命名空间问题 // 找到 libart 中调用的 libartbase.so 中的方法 GetCmdLine, 没有特殊含义,仅仅是用来找一个和 libart.so 同一命名空间的函数来伪装身份 xhook_register(".*/libart.so$", "_ZN3art10GetCmdLineEv", NULL, (void **) (&stub_method_in_art), NULL);

      LOGE("stub_method_in_art:%p", stub_method_in_art);

    这里打印了stub_method_in_art发现是null,这个对于后面调用libart会不会有影响,实际上测试又看到是有效果的

    1. 看到HandleSignal(SIGSEGV)这个会不会影响崩溃捕捉
    opened by whuthj 4
  • 是否仅对64位架构的大RAM手机运行32位应用的场景有效果?

    是否仅对64位架构的大RAM手机运行32位应用的场景有效果?

    1. 对于32位的低端设备(RAM较小)本身物理内存不多,缩减RegionSpace仅仅是把有限的空间让给了Native,而Java堆可分配的内存就相应变小了吧
    2. 对于64位高端设备,在运行32位应用时,是由于虚拟内存限制在4G以内,导致其无法利用手机空闲的内存,该方案可以多利用部分空间(对应缩减RegionSpace的内存大小)

    该方案较适用于:32位且native内存申请较多的应用,特别是运行在64位设备的场景,这样理解对吗

    opened by yangjiantao 2
  • non_free_region_index_limit_可以删去,在代码中没有起到作用

    non_free_region_index_limit_可以删去,在代码中没有起到作用

    [/art/runtime/gc/space/region_space.h]

    761   // Invariant (verified by RegionSpace::VerifyNonFreeRegionLimit):
    762   //   for all `i >= non_free_region_index_limit_`, `regions_[i].IsFree()` is true.
    763   size_t non_free_region_index_limit_ GUARDED_BY(region_lock_);
    

    non_free_region_index_limit_注释中的invariant并非表示这个变量是不变量,注意后面的引号,它指的是762行这个关系式是不变的。实际上non_free_region_index_limit_会在每次CC Collector的ReclaimPhase更新(如下代码所示),每次回收后都会更新。 而我注意到代码中并没有对non_free_region_index_limit_实时更新,只在init阶段赋值,因此代码中记录的non_free_region_index_limit_是滞后的。

    [/art/runtime/gc/collector/concurrent_copying.cc]

    2743     {
    2744       TimingLogger::ScopedTiming split4("ClearFromSpace", GetTimings());
    2745       region_space_->ClearFromSpace(&cleared_bytes, &cleared_objects, /*clear_bitmap*/ !young_gen_);
    

    其实我明白你是为了防止new_size小于Java堆中已用空间的情况。但这种情况已经在RegionSpace::ClampGrowthLimit中的790行做了处理,所以不必担忧。而这个项目里的non_free_region_index_limit_可以删去,因为没有动态更新的话,这个变量的值也就失去了意义。

    [/art/runtime/gc/space/region_space.cc]

    786 void RegionSpace::ClampGrowthLimit(size_t new_capacity) {
    787   MutexLock mu(Thread::Current(), region_lock_);
    788   CHECK_LE(new_capacity, NonGrowthLimitCapacity());
    789   size_t new_num_regions = new_capacity / kRegionSize;
    790   if (non_free_region_index_limit_ > new_num_regions) {
    791     LOG(WARNING) << "Couldn't clamp region space as there are regions in use beyond growth limit.";
    792     return;
    793   }
    
    opened by banshann 2
  • 小米 11 初始化失败

    小米 11 初始化失败

    I/Patrons: patrons start init, config = { debuggable=true, auto=true, periodOfShrink=0.76, shrinkStep=125, periodOfCheck=30, lowerLimit=384, recordInitResult=true }
    E/Patrons-Native: [warning] debuggable is enable, will disable sgev protection, MUST CLOSE it before release.
    D/Patrons-Native: register signal handler
    I/Patrons-Native: signal handler reg success, old handler = 0xc323d2d8
    D/Patrons-Native: start init, sdk = 1.0.6.3, api = 30, debuggable = 1, protect = 1, heap size config = 512m
    D/Patrons-Native: [device] brand = Xiaomi
    D/Patrons-Native: [device] device = M2011K2C
    D/Patrons-Native: [device] fingerprint = Xiaomi/venus/venus:11/RKQ1.200928.002/21.3.25:user/release-keys
    D/Patrons-Native: [instance] a_ = 0xe2dde809, art = /apex/com.android.art/lib/libart.so
    D/Patrons-Native: [instance] r_ = 0xf3300400
    D/Patrons-Native: [instance] h_ = 0xf330bf00
    D/Patrons-Native: [instance] r2 = 0xf3396b30
    D/Patrons-Native: [instance] b = 0xf3396b44, e = 0xf3396b48, l = 0xf3396b4c
    D/Patrons-Native: [instance] n2 = 0xf3396c70
    D/Patrons-Native: [instance] r3 = 0xf3396c90
    D/Patrons-Native: [instance] m_ = 0xee4233c5
    E/Patrons-Native: final check failed, m_ 33 not match l_ 5
    E/Patrons: patrons native init failed !
    
    opened by t894924815 1
Releases(1.1.0)
Owner
Alibaba
Alibaba Open Source
Alibaba
Backup for Gramado Build 241 - (32bit)

Welcome to Gramado 1.1.241 32bit This repository has the source code for: Gramado boot loader Gramado kernel Gramado Window Server Applications Comman

Fred Nora 2 Sep 7, 2022
Flutter-Clock-and-Reminder-App - a highly functional clock and reminder app developed on flutter framework.

clock_app A new Flutter project. Getting Started This project is a starting point for a Flutter application. A few resources to get you started if thi

Umar Baloch 6 Aug 4, 2022
Memory Process File System (MemProcFS) is an easy and convenient way of viewing physical memory as files in a virtual file system

The Memory Process File System (MemProcFS) is an easy and convenient way of viewing physical memory as files in a virtual file system.

Ulf Frisk 1.6k Nov 22, 2022
Bringing the power, stability and functional capabilities of C++ to Python.

going-native-py Bringing the power, stability and functional capabilities of C++ to Python. This is just a get your hands dirty approach and should be

Jan Tschada 7 May 22, 2021
Static analysis of structures is a fundamental step for determining the stability of structures

StAnD: A Dataset of Linear Static Analysis Problems [Abstract] [Paper] Static analysis of structures is a fundamental step for determining the stabili

Zuru Tech 3 Jan 20, 2022
Professor Terence Parr has taught us how to create a virtual machine Now it is time to pwn virtual machine

My First real world CTF Simple Virtual Machine Challenge description Professor Terence Parr has taught us how to create a virtual machine Now it is ti

null 1 Feb 17, 2022
The PNT Integrity Library provides users a method to verify the integrity of the received GPS data and ranging signals, thereby improving resiliency against potential GPS signal loss.

PNT Integrity Library The PNT Integrity Library provides users a method to verify the integrity of the received GPS data and ranging signals, thereby

Cybersecurity and Infrastructure Security Agency 40 Oct 21, 2022
Faster neofetch alternative, written in C. Still improving :)

albafetch ~by alba4k albafetch is a simple, fast system fetching program. It prints many info about the system in way less than a second. I decided to

alba4k 16 Aug 25, 2022
If the button pressed esp will reset and App mode will on. App mode will on then led will on, network is connected led will off.

DHT22-to-Google-sheet-Reset-Using-ESP8266-LED-Switch If button pressed esp will reset and App mode will on. App mode will on then led will on, network

Md. Harun-Or-Rashid 3 Aug 17, 2022
🗺️ OMAPS.APP — Offline OpenStreetMap maps for iOS and Android. A community-driven fork of MAPS.ME.

OMaps is an open source cross-platform offline maps application, built on top of crowd-sourced OpenStreetMap data. It was publicly released for iOS and Android.

OMaps 4.1k Nov 27, 2022