[go: up one dir, main page]

WO2020098311A1 - Method and apparatus for resource leak detection - Google Patents

Method and apparatus for resource leak detection Download PDF

Info

Publication number
WO2020098311A1
WO2020098311A1 PCT/CN2019/098711 CN2019098711W WO2020098311A1 WO 2020098311 A1 WO2020098311 A1 WO 2020098311A1 CN 2019098711 W CN2019098711 W CN 2019098711W WO 2020098311 A1 WO2020098311 A1 WO 2020098311A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
data
resource data
application
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2019/098711
Other languages
French (fr)
Chinese (zh)
Inventor
周璐
戴康
吕苏
欧鹏
翟威
陆寄豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Publication of WO2020098311A1 publication Critical patent/WO2020098311A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/362Debugging of software
    • G06F11/366Debugging of software using diagnostics

Definitions

  • Embodiments of the present invention relate to the technical field of code detection, and in particular, to a method and device for resource leak detection.
  • Resource leaking refers to the application of a certain resource, such as memory, file handle, database connection, etc., during the running process, but it is not released after the use of the resource, so that the resource cannot be recycled and reused, resulting in the program occupying resources over time The growing phenomenon. Resource leaks continue to consume system resources, which can cause programs to slow down continuously. Once the leaked resources reach the upper limit of available resources, it will cause serious consequences such as application crashes, system downtime, and server paralysis.
  • Embodiments of the present invention provide a method and a device for detecting resource leaks, which are used to realize that there is no need to change the source code of application programs, reduce the impact on application program codes, and improve the accuracy of resource leak detection.
  • the resource data is sent by a resource acquisition code located at a preset code position of the application;
  • the resource data includes a data operation type and a unique identifier;
  • the resource matching rules are the correspondence between the preset resource application operations and resource release operations;
  • matching the resource data according to the data operation type of the resource data and preset resource matching rules includes:
  • the data operation type of the resource data is a resource application operation, add the resource data to the active resource list;
  • the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; The match is successful, otherwise it is determined that the match failed.
  • the method further includes:
  • the active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak.
  • the resource data after determining that the resource data is abnormal, it further includes:
  • the method further includes:
  • an embodiment of the present invention also provides an apparatus for resource leak detection, including:
  • An acquiring unit configured to acquire resource data, which is sent by a resource acquiring code located at a preset code position of an application; the resource data includes a data operation type and a unique identifier;
  • processing unit is specifically used to:
  • the data operation type of the resource data is a resource application operation, add the resource data to the active resource list;
  • the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined The match is successful, otherwise it is determined that the match failed.
  • processing unit is also used to:
  • the active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak.
  • processing unit is also used to:
  • processing unit is also used to:
  • the resource acquisition code is injected into the preset code position of the application program.
  • an embodiment of the present invention provides a computer device, including:
  • Memory used to store program instructions
  • the processor is configured to call the program instructions stored in the memory and execute the method for detecting the resource leak according to the obtained program.
  • an embodiment of the present invention provides a computer-readable non-volatile storage medium, including computer-readable instructions.
  • the computer reads and executes the computer-readable instructions, the computer is allowed to perform the above method for detecting resource leakage .
  • An embodiment of the present invention provides a computer program product.
  • the computer program product includes a calculation program stored on a non-transitory computer-readable storage medium.
  • the computer program includes program instructions. When the program instructions are executed by a computer, The method for causing the computer to perform the above resource leak detection.
  • FIG. 1 is a schematic structural diagram of a system architecture provided by an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of a resource leak detection method according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart of a resource leak detection method according to an embodiment of the present invention.
  • FIG. 4 is a schematic flowchart of a data collection module provided by an embodiment of the present invention.
  • FIG. 5 is a schematic flowchart of a rule matching module provided by an embodiment of the present invention.
  • FIG. 6 is a schematic diagram of an example of code output provided by an embodiment of the present invention.
  • FIG. 7 is a schematic structural diagram of an apparatus for detecting resource leakage according to an embodiment of the present invention.
  • FIG. 1 exemplarily shows the structure of a system architecture to which an embodiment of the present invention is applicable.
  • the system architecture may include a code implanting module 110, a data collection module 120, a rule matching module 130, and an early warning module 104.
  • the code embedding module 110 is used to embed a piece of code in the preset code position of the application program, so that the resource data can be obtained when the code reaches this point.
  • the implant agent implants a piece of code at the preset code position of the application (application resource location and release resource location) before the application code is loaded. Bury the predefined anchor point according to certain requirements, so that after the application starts, each time it runs to the anchor point position, it outputs the relevant data (resource identifier and call chain) related to the current operating resource.
  • the data collection module 120 is used to collect the resource data output by the code embedding module 110, filter the collected resource data, and send it to the rule matching module.
  • the application code runs to the anchor position, the pre-injected code is executed, the current resource data is output to a certain location (such as output to a log file), and the output resource data It is discovered and collected by the data collection module and pushed to the rule matching module 130.
  • the rule matching module 130 may match the application-release operation according to the pre-defined rules, and regularly check whether any application operation hits the resource leakage rule. Once the leak rules are matched, the rule matching module 130 immediately pushes the suspected resource leak operation data to the early warning module 140.
  • the early warning module 140 After receiving the suspected resource leakage data, the early warning module 140 initiates an early warning according to a predetermined plan (such as sending a notification email, etc.).
  • a predetermined plan such as sending a notification email, etc.
  • FIG. 2 exemplarily shows a flow of a method for detecting a resource leak provided by an embodiment of the present invention, and the flow may be executed by an apparatus for detecting a resource leak.
  • the process specifically includes:
  • Step 201 Obtain resource data.
  • the resource data is sent by the resource acquisition code located at the preset code position of the application. Therefore, before acquiring the resource data, the resource acquisition code needs to be injected at the preset code position of the application .
  • the preset code location may be the application resource location and the release resource location in the application code.
  • the resource data may include a data operation type and a unique identifier, and the data operation type may include a resource application operation and a resource release operation.
  • Step 202 Match the resource data according to the data operation type and unique identifier of the resource data and preset resource matching rules.
  • the resource matching rule is the correspondence relationship between the preset resource application operation and the resource release operation. Specifically, after the resource data is obtained, if the data operation type of the resource data is a resource application operation, the resource data is added to the active resource list. If the data operation type of the resource data is a resource release operation, scan the active resource list to find an application for a resource operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined that the match is successful, indicating the application- If the release match is successful and the corresponding resource application operation has no leakage problem, it can be removed from the active resource list. When the search is unsuccessful, it is determined that the match fails.
  • Step 203 If the matching of the resource data fails, it is determined that the resource data is abnormal.
  • step 203 after it is determined that the matching of the resource data fails, it can be determined that the resource data has an abnormality, which is equivalent to the resource release operation having no corresponding resource application operation, and the abnormal release information needs to be analyzed.
  • the above active resource list may also be scanned periodically to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if so, it is determined that there is a resource leak in the resource data.
  • the preset threshold can be set according to experience.
  • the periodicity can be set according to experience, for example, 10 minutes, 1 hour, 2 hours, etc.
  • the resource data can be deleted and an early warning message is issued.
  • the implant function of the code implant module is triggered, and the implant agent is implanted at the preset application code location (resource application location and release resource location) before the application code is loaded.
  • the application code runs to the anchor point, the pre-injected code is executed, the current resource data is output to a location (such as output to a log file), and the output resource data is collected by data
  • the module discovers and collects and pushes it to the rule matching module.
  • the rule matching module matches the application-release operation according to the pre-defined rules, and regularly checks whether any application operation hits a resource leakage rule. Once the leak rule is matched, the rule matching module immediately pushes the suspected resource leak operation data to the early warning module.
  • the early warning module After receiving the suspected resource leakage data, the early warning module initiates an early warning according to a predetermined plan (such as sending a notification email, etc.).
  • a predetermined plan such as sending a notification email, etc.
  • the code implantation module mainly solves two problems: code implantation location and implantation content.
  • the implantation location must contain two points, the application resource location and the release resource location, and the actual location of the resource application and release needs to be located according to the difference between the actual application and the detected resource type.
  • the code embedding module completes code embedding according to this position.
  • the content of the implanted code is mainly to obtain and output the current resource information, and the resource information includes the unique identifier of the resource and the call chain.
  • the content of the implanted code may be: output database connection instance information + current call stack information to the log.
  • the data collection module is responsible for identifying the valid data related to resource leak detection from the numerous data output by the application and pushing it to the rule matching module.
  • the specific steps performed by the data collection module may be as shown in FIG. 4 and specifically include:
  • Step 401 new data is found.
  • Step 402 Determine whether it is resource application or resource release data. If yes, go to step 404. If no, go to step 403.
  • Step 403 discard the data.
  • step 405 it is judged whether it is valid data. If yes, go to step 407; if no, go to step 406.
  • Step 407 Push to the rule matching module.
  • the valid data that passes the verification is pushed to the rule matching module, and the invalid data is discarded.
  • the rule matching module in FIG. 3 is responsible for rule matching on resource operation data, promptly discovering suspicious operations with risk of leakage, and pushing them to the early warning module.
  • the process shown in Figure 5 includes:
  • Step 501 resource data is reached.
  • Step 502 it is determined whether the data operation type of the resource data is a resource application operation, if yes, then go to step 503, if not, go to step 504.
  • Step 503 Add resource data to the active resource list.
  • Step 504 Determine whether the data operation type of the resource data is a resource release operation. If yes, go to step 506. If no, go to step 505.
  • Step 505 discard the data.
  • Step 506 Scan the active resource list.
  • step 507 it is determined whether the resource data corresponding to the resource release operation matches with an active resource. If yes, then go to step 509, if not, go to step 508.
  • Step 508 the resource data corresponding to the resource release operation is stored in the database.
  • Step 509 remove the active resource from the active resource list.
  • step 510 the scan task is scheduled.
  • Step 511 Determine whether the active resource times out. If yes, go to step 513. If no, go to step 512.
  • Step 512 reserve active resources.
  • step 513 the timeout resource information is stored in the database.
  • Step 514 Remove the active resource from the active resource list.
  • step 515 early warning is initiated.
  • the rule matching module maintains an active resource information list
  • the resource operation data arrives, it is determined whether the data is a resource application operation or a resource release operation.
  • the data of the applied resource is added to the active resource list.
  • the predefined scheduled scan task scans the active resource list every t time to check whether there are any active resources that exist longer than the maximum active time threshold T. If there are, it is considered that there is a resource leak problem in the operation of applying for resources.
  • the operation record is stored in the database, the data is removed from the active resource list, and the early warning module is called to initiate the early warning.
  • the early warning module receives the suspected leaked data pushed by the rule matching module, sends early warning information to stakeholders through email, web page push, etc. according to a predetermined plan, and pushes the leaked resource information and the leaked program call chain.
  • Staff can check the source code for leaks based on resource information and call chains and fix them.
  • the code implantation module implements a method for applying for a database connection (getConnection ()) and a method for releasing a database connection (returnConnection ()) implemented at the bottom of the connection pool )
  • a method for applying for a database connection (getConnection ())
  • a method for releasing a database connection (returnConnection ()) implemented at the bottom of the connection pool )
  • the unique identifier of the database connection (Connection) currently performing the apply / release (get / return) operation and the call stack information of the current operation code are output in the log.
  • the actual output effect is shown in Figure 6.
  • the data matching module scans the log in real time, and determines whether it is a database monitoring related log according to whether there is a "detection insert" code (as shown in Figure 6) in the log, and after verification, the effective monitoring log is pushed to the rule matching module.
  • the rule matching module receives the database monitoring log data, and if it is a get operation, it is added to the active connection list; if it is a return operation, it scans the active connection list based on the unique identifier of the Connection, detectionInsert ConInfo, to find the get that matches the return operation Operation, completing the matching get operation is regarded as the operation without risk of database connection leakage, and it is removed from the active connection list, and other get operations are kept in the active connection list.
  • the early warning module sends the monitoring output data shown in FIG. 6 as early warning information to the stakeholders by email, and the stakeholders locate the leaked code location through the call stack for troubleshooting and repair.
  • the embodiment of the present invention uses code dynamic implantation technology to bury anchor points at the locations where the resources are actually applied and released, so that when the application runs to these locations, the information of the requested or released resources and the current code are output in real time according to the runtime context
  • the call chain matches the application-release data to determine whether a resource is properly released after use, to achieve the purpose of checking for resource leaks, and accurately locates the location of the resource leak based on the code call chain for the operation of the requested resource.
  • FIG. 7 exemplarily shows an apparatus for resource leak detection provided by an embodiment of the present invention.
  • the apparatus can execute a process of resource leak detection.
  • the obtaining unit 701 is configured to obtain resource data sent by a resource obtaining code located at a preset code position of an application program; the resource data includes a data operation type and a unique identifier;
  • the processing unit 702 is configured to match the resource data according to the data operation type and unique identifier of the resource data and a preset resource matching rule; the resource matching rule is a preset resource application operation and a resource release operation Corresponding relationship; if the matching fails, it is determined that the resource data is abnormal.
  • processing unit 702 is specifically configured to:
  • the data operation type of the resource data is a resource application operation, add the resource data to the active resource list;
  • the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined The match is successful, otherwise it is determined that the match failed.
  • processing unit 702 is also used to:
  • processing unit 702 is also used to:
  • processing unit 702 is also used to:
  • the resource acquisition code is injected into the preset code position of the application program.
  • embodiments of the present invention provide a computer device, including:
  • Memory used to store program instructions
  • an embodiment of the present invention provides a computer-readable non-volatile storage medium, including computer-readable instructions, which causes the computer to perform the above-mentioned resource leak when the computer reads and executes the computer-readable instructions Method of detection.
  • embodiments of the present application also provide a computer program product, the computer program product includes a calculation program stored on a non-transitory computer-readable storage medium, the computer program includes program instructions, when the When the program instructions are executed by a computer, the computer is caused to perform the above-mentioned method for detecting resource leaks.
  • These computer program instructions can be provided to the processor of a general-purpose computer, special-purpose computer, embedded processing machine, or other programmable data processing device to produce a machine that enables the generation of instructions executed by the processor of the computer or other programmable data processing device
  • These computer program instructions may also be stored in a computer-readable memory that can guide a computer or other programmable data processing device to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including an instruction device, the instructions The device implements the functions specified in one block or multiple blocks of the flowchart one flow or multiple flows and / or block diagrams.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device, so that a series of operating steps are performed on the computer or other programmable device to produce computer-implemented processing, which is executed on the computer or other programmable device
  • the instructions provide steps for implementing the functions specified in one block or multiple blocks of the flowchart one flow or multiple flows and / or block diagrams.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

Disclosed in the present invention are a method and an apparatus for resource leak detection. The method comprises: resource data is acquired, the resource data being sent by resource acquisition code located at a preset code position of an application program, and the resource data comprising a data operation type and a unique identifier; on the basis of the data operation type and the unique identifier of the resource data and a preset resource matching rule, matching is performed on the resource data, the resource matching rule being preset correspondence relationship between a resource request operation and a resource release operation; and if matching fails, then an abnormality is determined to be present in the resource data. Acquired resource data is matched by means of a preset correspondence relationship between a resource request operation and a resource release operation, and when matching fails, it may be determined that an abnormality is present in the resource data. Because it is not necessary to change the source code of an application program, resource leak detection is completed without the awareness of the application program, reducing the impact on corresponding application program code and improving the accuracy of resource leak detection.

Description

一种资源泄露检测的方法及装置Method and device for detecting resource leakage

相关申请的交叉引用Cross-reference of related applications

本申请要求在2018年11月12日提交中国专利局、申请号为201811339180.0、申请名称为“一种资源泄露检测的方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application requires the priority of the Chinese patent application filed on November 12, 2018 in the Chinese Patent Office with the application number 201811339180.0 and the application name as "a method and device for resource leak detection", the entire contents of which are incorporated by reference in this document Applying.

技术领域Technical field

本发明实施例涉及代码检测技术领域,尤其涉及一种资源泄露检测的方法及装置。Embodiments of the present invention relate to the technical field of code detection, and in particular, to a method and device for resource leak detection.

背景技术Background technique

资源泄漏指程序在运行过程中申请了某项资源,如内存、文件句柄、数据库连接等,但在资源使用结束后没有进行释放,使得资源无法被回收和再利用,导致程序占用资源随运行时间不断增长的现象。资源泄漏持续消耗系统资源,轻则导致程序运行速度不断减慢,而一旦泄漏资源达到可用资源上限,会引起应用崩溃、系统宕机、服务器瘫痪等严重后果。Resource leaking refers to the application of a certain resource, such as memory, file handle, database connection, etc., during the running process, but it is not released after the use of the resource, so that the resource cannot be recycled and reused, resulting in the program occupying resources over time The growing phenomenon. Resource leaks continue to consume system resources, which can cause programs to slow down continuously. Once the leaked resources reach the upper limit of available resources, it will cause serious consequences such as application crashes, system downtime, and server paralysis.

由于资源使用情况对于开发、测试、用户不是直观可见的,且资源泄漏早期对于应用程序功能无直接影响,在可用资源达到上限前,存在泄漏现象的程序运行情况可能完全正常,因此一直以来资源泄漏问题难以被识别和定位,而一旦爆发基本上都会造成灾难性的后果。资源泄漏问题已成为业界痛点。Because resource usage is not intuitively visible to development, testing, and users, and resource leaks have no direct impact on application functions early on, before the available resources reach the upper limit, the operation of the leaked program may be completely normal, so resource leaks have been Problems are difficult to identify and locate, and once an outbreak basically has catastrophic consequences. The problem of resource leakage has become a pain point in the industry.

发明内容Summary of the invention

本发明实施例提供一种资源泄露检测的方法及装置,用以实现无需改变应用程序的源代码,降低了对应用程序代码的影响,提高资源泄露检测的准确性。Embodiments of the present invention provide a method and a device for detecting resource leaks, which are used to realize that there is no need to change the source code of application programs, reduce the impact on application program codes, and improve the accuracy of resource leak detection.

本发明实施例提供的一种资源泄露检测的方法,包括:A method for resource leak detection provided by an embodiment of the present invention includes:

获取资源数据,所述资源数据是位于应用程序的预设代码位置上的资源获取代码发送的;所述资源数据包括数据操作类型和唯一标识;Acquire resource data, the resource data is sent by a resource acquisition code located at a preset code position of the application; the resource data includes a data operation type and a unique identifier;

根据所述资源数据的数据操作类型和唯一标识以及预设的资源匹配规则,对所述资源数据进行匹配;所述资源匹配规则是预先设置的资源申请操作与资源释放操作的对应关系;Matching the resource data according to the data operation type and unique identifier of the resource data and preset resource matching rules; the resource matching rules are the correspondence between the preset resource application operations and resource release operations;

若匹配失败,则确定所述资源数据存在异常。If the matching fails, it is determined that the resource data is abnormal.

通过预设的资源申请操作和资源释放操作的对应关系来匹配获取的资源数据,当匹配失败后,可以确定资源数据存在异常,由于无需改变应用程序的源代码,做到在应用程序无感知的情况下完成资源泄露检测,降低了对应用程序代码的影响,提高资源泄露检测的准确性。Match the acquired resource data through the preset correspondence between the resource application operation and the resource release operation. When the matching fails, it can be determined that the resource data is abnormal. Since there is no need to change the source code of the application, the application is not aware of it. Under the circumstances, the completion of resource leak detection reduces the impact on application code and improves the accuracy of resource leak detection.

可选的,所述根据所述资源数据的数据操作类型以及预设的资源匹配规则,对所述资源数据进行匹配,包括:Optionally, matching the resource data according to the data operation type of the resource data and preset resource matching rules includes:

若所述资源数据的数据操作类型为资源申请操作,则将所述资源数据添加到活跃资源列表;If the data operation type of the resource data is a resource application operation, add the resource data to the active resource list;

若所述资源数据的数据操作类型为资源释放操作,则对所述活跃资源列表进行扫描,查找与所述资源释放操作对应的资源数据的唯一标识一致的申请资源操作;若查找成功,则确定匹配成功,否则确定匹配失败。If the data operation type of the resource data is a resource release operation, the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; The match is successful, otherwise it is determined that the match failed.

可选的,所述方法还包括:Optionally, the method further includes:

周期性的扫描所述活跃资源列表,检查所述活跃资源列表中是否存在时间超过预设阈值的资源数据,若存在,则确定所述资源数据存在资源泄露。The active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak.

可选的,在确定所述资源数据存在异常之后,还包括:Optionally, after determining that the resource data is abnormal, it further includes:

将所述资源数据删除,并发出预警信息。Delete the resource data and issue an early warning message.

可选的,在所述获取资源数据之前,还包括:Optionally, before the obtaining resource data, the method further includes:

在所述应用程序的预设代码位置上注入资源获取代码。Injecting resource acquisition code at the preset code position of the application program.

相应的,本发明实施例还提供了一种资源泄露检测的装置,包括:Correspondingly, an embodiment of the present invention also provides an apparatus for resource leak detection, including:

获取单元,用于获取资源数据,所述资源数据是位于应用程序的预设代 码位置上的资源获取代码发送的;所述资源数据包括数据操作类型和唯一标识;An acquiring unit, configured to acquire resource data, which is sent by a resource acquiring code located at a preset code position of an application; the resource data includes a data operation type and a unique identifier;

处理单元,用于根据所述资源数据的数据操作类型和唯一标识以及预设的资源匹配规则,对所述资源数据进行匹配;所述资源匹配规则是预先设置的资源申请操作与资源释放操作的对应关系;若匹配失败,则确定所述资源数据存在异常。The processing unit is configured to match the resource data according to the data operation type and unique identifier of the resource data and a preset resource matching rule; the resource matching rule is a preset resource application operation and resource release operation Correspondence; if the match fails, it is determined that the resource data is abnormal.

可选的,所述处理单元具体用于:Optionally, the processing unit is specifically used to:

若所述资源数据的数据操作类型为资源申请操作,则将所述资源数据添加到活跃资源列表;If the data operation type of the resource data is a resource application operation, add the resource data to the active resource list;

若所述资源数据的数据操作类型为资源释放操作,则对所述活跃资源列表进行扫描,查找与所述资源释放操作对应的资源数据的唯一标识一致的申请资源操作;若查找成功,则确定匹配成功,否则确定匹配失败。If the data operation type of the resource data is a resource release operation, the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined The match is successful, otherwise it is determined that the match failed.

可选的,所述处理单元还用于:Optionally, the processing unit is also used to:

周期性的扫描所述活跃资源列表,检查所述活跃资源列表中是否存在时间超过预设阈值的资源数据,若存在,则确定所述资源数据存在资源泄露。The active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak.

可选的,所述处理单元还用于:Optionally, the processing unit is also used to:

在确定所述资源数据存在异常之后,将所述资源数据删除,并发出预警信息。After determining that the resource data is abnormal, delete the resource data and issue an early warning message.

可选的,所述处理单元还用于:Optionally, the processing unit is also used to:

在所述获取资源数据之前,在所述应用程序的预设代码位置上注入资源获取代码。Before the resource data is acquired, the resource acquisition code is injected into the preset code position of the application program.

相应的,本发明实施例提供了一种计算机设备,包括:Correspondingly, an embodiment of the present invention provides a computer device, including:

存储器,用于存储程序指令;Memory, used to store program instructions;

处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行上述资源泄露检测的方法。The processor is configured to call the program instructions stored in the memory and execute the method for detecting the resource leak according to the obtained program.

相应的,本发明实施例提供了一种计算机可读非易失性存储介质,包括计算机可读指令,当计算机读取并执行所述计算机可读指令时,使得计算机 执行上述资源泄露检测的方法。Correspondingly, an embodiment of the present invention provides a computer-readable non-volatile storage medium, including computer-readable instructions. When the computer reads and executes the computer-readable instructions, the computer is allowed to perform the above method for detecting resource leakage .

本发明实施例提供一种计算机程序产品,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行上述资源泄露检测的方法。An embodiment of the present invention provides a computer program product. The computer program product includes a calculation program stored on a non-transitory computer-readable storage medium. The computer program includes program instructions. When the program instructions are executed by a computer, The method for causing the computer to perform the above resource leak detection.

附图说明BRIEF DESCRIPTION

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly explain the technical solutions in the embodiments of the present invention, the drawings required in the description of the embodiments will be briefly described below. Obviously, the drawings in the following description are only some embodiments of the present invention. Those of ordinary skill in the art can obtain other drawings based on these drawings without creative work.

图1为本发明实施例提供的一种系统架构的结构示意图;1 is a schematic structural diagram of a system architecture provided by an embodiment of the present invention;

图2为本发明实施例提供的一种资源泄露检测的方法的流程示意图;2 is a schematic flowchart of a resource leak detection method according to an embodiment of the present invention;

图3为本发明实施例提供的一种资源泄露检测的方法的流程示意图;FIG. 3 is a schematic flowchart of a resource leak detection method according to an embodiment of the present invention;

图4为本发明实施例提供的一种数据采集模块的流程示意图;4 is a schematic flowchart of a data collection module provided by an embodiment of the present invention;

图5为本发明实施例提供的一种规则匹配模块的流程示意图;5 is a schematic flowchart of a rule matching module provided by an embodiment of the present invention;

图6为本发明实施例提供的一种代码输出实例的示意图;6 is a schematic diagram of an example of code output provided by an embodiment of the present invention;

图7为本发明实施例提供的一种资源泄露检测的装置的结构示意图。7 is a schematic structural diagram of an apparatus for detecting resource leakage according to an embodiment of the present invention.

具体实施方式detailed description

为了使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明作进一步地详细描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of the present invention rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative work fall within the protection scope of the present invention.

图1示例性的示出了本发明实施例所适用的系统架构的结构,该系统架构可以包括代码植入模块110、数据采集模块120、规则匹配模块130和预警 模块104。FIG. 1 exemplarily shows the structure of a system architecture to which an embodiment of the present invention is applicable. The system architecture may include a code implanting module 110, a data collection module 120, a rule matching module 130, and an early warning module 104.

其中,代码植入模块110用于在应用程序的预设代码位置植入一段代码,以使代码运行到该点时获取资源数据。应用程序启动时,可以触发代码植入模块的植入功能,植入Agent在应用程序的代码载入前,在应用程序的预设代码位置(申请资源位置和释放资源位置)植入一段代码,按一定需求埋下预定义锚点,使应用启动后、每次运行到锚点位置时,输出与当前操作资源的相关数据(资源标识符和调用链)。The code embedding module 110 is used to embed a piece of code in the preset code position of the application program, so that the resource data can be obtained when the code reaches this point. When the application starts, it can trigger the implant function of the code implant module. The implant agent implants a piece of code at the preset code position of the application (application resource location and release resource location) before the application code is loaded. Bury the predefined anchor point according to certain requirements, so that after the application starts, each time it runs to the anchor point position, it outputs the relevant data (resource identifier and call chain) related to the current operating resource.

该数据采集模块120,用于采集代码植入模块110输出的资源数据,并将采集的资源数据进行过滤后发送给规则匹配模块。当应用程序发生申请资源和释放资源操作时,应用程序的代码运行到锚点位置,预注入代码被执行,当前资源数据被输出到某个位置(如输出到日志文件中),输出的资源数据被数据采集模块发现并采集,并推送到规则匹配模块130。The data collection module 120 is used to collect the resource data output by the code embedding module 110, filter the collected resource data, and send it to the rule matching module. When an application requests resources and releases resources, the application code runs to the anchor position, the pre-injected code is executed, the current resource data is output to a certain location (such as output to a log file), and the output resource data It is discovered and collected by the data collection module and pushed to the rule matching module 130.

规则匹配模块130可以根据预定义的规则对申请-释放操作进行匹配,并定时检查是否有申请操作命中资源泄漏规则。一旦泄漏规则被匹配,规则匹配模块130立即将疑似资源泄漏操作数据推送给预警模块140。The rule matching module 130 may match the application-release operation according to the pre-defined rules, and regularly check whether any application operation hits the resource leakage rule. Once the leak rules are matched, the rule matching module 130 immediately pushes the suspected resource leak operation data to the early warning module 140.

预警模块140收到疑似资源泄漏数据后,按照预定方案发起预警(如发送通知邮件等)。After receiving the suspected resource leakage data, the early warning module 140 initiates an early warning according to a predetermined plan (such as sending a notification email, etc.).

基于上述描述,图2示例性的示出了本发明实施例提供的一直资源泄露检测的方法的流程,该流程可以由资源泄露检测的装置执行。Based on the above description, FIG. 2 exemplarily shows a flow of a method for detecting a resource leak provided by an embodiment of the present invention, and the flow may be executed by an apparatus for detecting a resource leak.

如图2所示,该流程具体包括:As shown in Figure 2, the process specifically includes:

步骤201,获取资源数据。Step 201: Obtain resource data.

在本发明实施例中,该资源数据是位于应用程序的预设代码位置上的资源获取代码发送的,因此,在获取资源数据之前,还需要在应用程序的预设代码位置上注入资源获取代码。该预设代码位置可以为应用程序的代码中的申请资源位置和释放资源位置。该资源数据可以包括数据操作类型和唯一标识,该数据操作类型可以包括资源申请操作和资源释放操作。In the embodiment of the present invention, the resource data is sent by the resource acquisition code located at the preset code position of the application. Therefore, before acquiring the resource data, the resource acquisition code needs to be injected at the preset code position of the application . The preset code location may be the application resource location and the release resource location in the application code. The resource data may include a data operation type and a unique identifier, and the data operation type may include a resource application operation and a resource release operation.

步骤202,根据所述资源数据的数据操作类型和唯一标识以及预设的资源 匹配规则,对所述资源数据进行匹配。Step 202: Match the resource data according to the data operation type and unique identifier of the resource data and preset resource matching rules.

资源匹配规则是预先设置的资源申请操作与资源释放操作的对应关系。具体的,在得到资源数据之后,若资源数据的数据操作类型为资源申请操作,则将资源数据添加到活跃资源列表。若资源数据的数据操作类型为资源释放操作,则对活跃资源列表进行扫描,查找与资源释放操作对应的资源数据的唯一标识一致的申请资源操作;若查找成功,则确定匹配成功,说明申请-释放匹配成功,对应的申请资源操作无泄露问题,也就可以将其从活跃资源列表中移除。当查找不成功时,确定匹配失败。The resource matching rule is the correspondence relationship between the preset resource application operation and the resource release operation. Specifically, after the resource data is obtained, if the data operation type of the resource data is a resource application operation, the resource data is added to the active resource list. If the data operation type of the resource data is a resource release operation, scan the active resource list to find an application for a resource operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined that the match is successful, indicating the application- If the release match is successful and the corresponding resource application operation has no leakage problem, it can be removed from the active resource list. When the search is unsuccessful, it is determined that the match fails.

步骤203,若对所述资源数据匹配失败,则确定所述资源数据存在异常。Step 203: If the matching of the resource data fails, it is determined that the resource data is abnormal.

在上述步骤203中,确定资源数据匹配失败后,就可以确定该资源数据存在异常,相当于资源释放操作没有对应的资源申请操作,需要对该异常释放信息进行分析。In the above step 203, after it is determined that the matching of the resource data fails, it can be determined that the resource data has an abnormality, which is equivalent to the resource release operation having no corresponding resource application operation, and the abnormal release information needs to be analyzed.

需要说明的是,还可以周期性的扫描上述活跃资源列表,检查活跃资源列表中是否存在时间超过预设阈值的资源数据,若存在,则确定资源数据存在资源泄露。预设阈值可以依据经验进行设置。该周期性的可以依据经验设置,例如可以为10分钟、1小时、2小时等。It should be noted that the above active resource list may also be scanned periodically to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if so, it is determined that there is a resource leak in the resource data. The preset threshold can be set according to experience. The periodicity can be set according to experience, for example, 10 minutes, 1 hour, 2 hours, etc.

当确定资源数据存在资源泄露之后,就可以将该资源数据删除,并发出预警信息。When it is determined that there is a resource leak in the resource data, the resource data can be deleted and an early warning message is issued.

为了更好的解释本发明实施例,下面将通过具体的实施场景进行描述:In order to better explain the embodiments of the present invention, the following will be described through specific implementation scenarios:

如图3所示的流程,应用启动时,触发代码植入模块的植入功能,植入Agent在应用代码载入前,在预设的应用代码位置(申请资源位置和释放资源位置)植入一段代码,按一定需求埋下预定义锚点,使应用启动后、每次运行到锚点位置时,输出与当前操作资源的相关数据(资源标识符和调用链)。As shown in the process shown in FIG. 3, when the application starts, the implant function of the code implant module is triggered, and the implant agent is implanted at the preset application code location (resource application location and release resource location) before the application code is loaded. A piece of code to bury a predefined anchor point according to certain requirements, so that after the application starts, each time it runs to the anchor point, it outputs data related to the current operating resource (resource identifier and call chain).

当应用发生申请资源和释放资源操作时,应用代码运行到锚点位置,预注入代码被执行,当前资源数据被输出到某个位置(如输出到日志文件中),输出的资源数据被数据采集模块发现并采集,并推送到规则匹配模块。When the application requests resources and releases resources, the application code runs to the anchor point, the pre-injected code is executed, the current resource data is output to a location (such as output to a log file), and the output resource data is collected by data The module discovers and collects and pushes it to the rule matching module.

规则匹配模块根据预定义的规则对申请-释放操作进行匹配,并定时检查 是否有申请操作命中资源泄漏规则。一旦泄漏规则被匹配,规则匹配模块立即将疑似资源泄漏操作数据推送给预警模块。The rule matching module matches the application-release operation according to the pre-defined rules, and regularly checks whether any application operation hits a resource leakage rule. Once the leak rule is matched, the rule matching module immediately pushes the suspected resource leak operation data to the early warning module.

预警模块收到疑似资源泄漏数据后,按照预定方案发起预警(如发送通知邮件等)。After receiving the suspected resource leakage data, the early warning module initiates an early warning according to a predetermined plan (such as sending a notification email, etc.).

其中,代码植入模块主要解决两个问题:代码植入位置和植入内容。Among them, the code implantation module mainly solves two problems: code implantation location and implantation content.

植入位置必须包含两个点,申请资源位置和释放资源位置,需根据应用实际和被检测资源类型的不同,定位资源申请和释放的实际位置。代码植入模块根据这个位置完成代码植入。The implantation location must contain two points, the application resource location and the release resource location, and the actual location of the resource application and release needs to be located according to the difference between the actual application and the detected resource type. The code embedding module completes code embedding according to this position.

植入代码内容主要是获取当前资源信息并输出,而资源信息包含资源唯一标识和调用链。例如,在进行数据库连接池监控时,植入代码内容可以是:输出数据库连接实例信息+当前调用堆栈信息到日志。The content of the implanted code is mainly to obtain and output the current resource information, and the resource information includes the unique identifier of the resource and the call chain. For example, when monitoring the database connection pool, the content of the implanted code may be: output database connection instance information + current call stack information to the log.

数据采集模块负责在应用输出的众多数据中甄别出与资源泄漏检测相关的有效数据,并推送到规则匹配模块。其中数据采集模块具体执行的步骤可以如图4所示,具体包括:The data collection module is responsible for identifying the valid data related to resource leak detection from the numerous data output by the application and pushing it to the rule matching module. The specific steps performed by the data collection module may be as shown in FIG. 4 and specifically include:

步骤401,发现新数据。Step 401, new data is found.

定时侦听应用输出数据,检测是否有新数据产生,若发现新数据,则逐行读取。Regularly listen to the output data of the application to detect whether there is new data. If new data is found, read it line by line.

步骤402,判断是否为资源申请或资源释放数据,若是,则转入步骤404,若否,则转入步骤403。Step 402: Determine whether it is resource application or resource release data. If yes, go to step 404. If no, go to step 403.

检测该数据是否为资源申请/释放相关数据,不是则丢弃。Check whether the data is related to resource application / release, otherwise discard it.

步骤403,丢弃数据。Step 403, discard the data.

步骤404,数据校验。Step 404, data verification.

对数据进行校验,检查格式、完整性等。Verify data, check format, integrity, etc.

步骤405,判断是否为有效数据,若是,则转入步骤407,若否,则转入步骤406。In step 405, it is judged whether it is valid data. If yes, go to step 407; if no, go to step 406.

步骤406,丢弃数据。Step 406, discard the data.

步骤407,推送至规则匹配模块。Step 407: Push to the rule matching module.

将通过校验的有效数据推送至规则匹配模块,无效数据则丢弃。The valid data that passes the verification is pushed to the rule matching module, and the invalid data is discarded.

图3中的规则匹配模块负责对资源操作数据进行规则匹配,及时发现存在泄露风险的可疑操作,并推送给预警模块。The rule matching module in FIG. 3 is responsible for rule matching on resource operation data, promptly discovering suspicious operations with risk of leakage, and pushing them to the early warning module.

如图5所示的流程,具体包括:The process shown in Figure 5 includes:

步骤501,资源数据达到。Step 501, resource data is reached.

步骤502,判断资源数据的数据操作类型是否是资源申请操作,若是,则转入步骤503,若否,则转入步骤504。Step 502, it is determined whether the data operation type of the resource data is a resource application operation, if yes, then go to step 503, if not, go to step 504.

步骤503,将资源数据添加到活跃资源列表。Step 503: Add resource data to the active resource list.

步骤504,判断资源数据的数据操作类型是否是资源释放操作,若是,则转入步骤506,若否,则转入步骤505。Step 504: Determine whether the data operation type of the resource data is a resource release operation. If yes, go to step 506. If no, go to step 505.

步骤505,丢弃数据。Step 505, discard the data.

步骤506,扫描活跃资源列表。Step 506: Scan the active resource list.

步骤507,判断资源释放操作对应的资源数据是否有活跃资源匹配,若是,则转入步骤509,若否,则转入步骤508。In step 507, it is determined whether the resource data corresponding to the resource release operation matches with an active resource. If yes, then go to step 509, if not, go to step 508.

步骤508,资源释放操作对应的资源数据入库。Step 508, the resource data corresponding to the resource release operation is stored in the database.

步骤509,从活跃资源列表中移除活跃资源。Step 509, remove the active resource from the active resource list.

步骤510,定时扫描任务。In step 510, the scan task is scheduled.

定时扫描活跃资源列表。Scan the active resource list regularly.

步骤511,判断活跃资源是否超时,若是,则转入步骤513,若否,则转入步骤512。Step 511: Determine whether the active resource times out. If yes, go to step 513. If no, go to step 512.

步骤512,保留活跃资源。Step 512, reserve active resources.

步骤513,超时资源信息入库。In step 513, the timeout resource information is stored in the database.

步骤514,从活跃资源列表中移除活跃资源。Step 514: Remove the active resource from the active resource list.

步骤515,发起预警。In step 515, early warning is initiated.

规则匹配模块维护一个活跃资源信息列表;The rule matching module maintains an active resource information list;

当资源操作数据到达,判断该数据是资源申请操作还是资源释放操作。When the resource operation data arrives, it is determined whether the data is a resource application operation or a resource release operation.

若为资源申请操作,则将该申请资源数据添加至活跃资源列表。If it is a resource application operation, the data of the applied resource is added to the active resource list.

若为资源释放操作,则对活跃资源列表进行扫描,查找与被释放资源的唯一标识一致的申请资源操作,如果查找成功,则说明申请-释放匹配成功,对应的申请资源操作无泄漏问题,于是将其从活跃资源列表中移除;如果查找失败,则将该资源释放操作记录入库,用于异常信息分析。If it is a resource release operation, scan the active resource list to find the application resource operation that is consistent with the unique identifier of the released resource. If the search is successful, it means that the application-release match is successful, and the corresponding application resource operation has no leakage problem, so Remove it from the list of active resources; if the search fails, record the resource release operation into the library for analysis of abnormal information.

预定义的定时扫描任务每隔t时间对活跃资源列表进行扫描,检查是否有活跃资源的存在时间超过最长活跃时间阈值T,如果有,则认为该申请资源操作存在资源泄漏问题,将该可疑操作记录入库,从活跃资源列表移除该数据,并调用预警模块发起预警。The predefined scheduled scan task scans the active resource list every t time to check whether there are any active resources that exist longer than the maximum active time threshold T. If there are, it is considered that there is a resource leak problem in the operation of applying for resources. The operation record is stored in the database, the data is removed from the active resource list, and the early warning module is called to initiate the early warning.

预警模块接收规则匹配模块推送的疑似泄漏数据,按预定方案通过邮件、网页推送等手段向干系人发送预警信息,推送被泄漏资源信息和发生泄漏的程序调用链。工作人员可以根据资源信息和调用链检查源代码是否确实存在泄漏问题并进行修复。The early warning module receives the suspected leaked data pushed by the rule matching module, sends early warning information to stakeholders through email, web page push, etc. according to a predetermined plan, and pushes the leaked resource information and the leaked program call chain. Staff can check the source code for leaks based on resource information and call chains and fix them.

在本发明实施例的另一实施方式,在数据库连接池泄漏检测中,代码植入模块通过在连接池底层实现的申请数据库连接的方法(getConnection())和释放数据库连接的方法(returnConnection())中植入代码,使这两个方法每次被调用时在日志中输出当前进行申请/释放(get/return)操作的数据库连接(Connection)的唯一标识和当前操作代码调用堆栈信息。实际输出效果如图6所示。In another implementation of the embodiment of the present invention, in the database connection pool leak detection, the code implantation module implements a method for applying for a database connection (getConnection ()) and a method for releasing a database connection (returnConnection ()) implemented at the bottom of the connection pool ) Into the code, so that each time these two methods are called, the unique identifier of the database connection (Connection) currently performing the apply / release (get / return) operation and the call stack information of the current operation code are output in the log. The actual output effect is shown in Figure 6.

其中,“[get]”表示这是一次申请数据库连接操作,其后紧跟当前操作的调用堆栈信息,“detectionInsertConInfo”后面为当前数据库信息,可以唯一定位一个数据库连接。释放据库连接操作的输出与此类似,唯一的差别是将“[get]”替换为“[return]”。Among them, "[get]" indicates that this is an application for database connection operation, followed by the call stack information of the current operation, and "detectionInsertConInfo" is followed by the current database information, which can uniquely locate a database connection. The output of the release database connection operation is similar to this, the only difference is that "[get]" is replaced with "[return]".

数据匹配模块实时扫描日志,根据日志中是否有“detection insert code”关键字(如图6所示)判断是否为数据库监控相关日志,进行校验后将有效监控日志推送给规则匹配模块。The data matching module scans the log in real time, and determines whether it is a database monitoring related log according to whether there is a "detection insert" code (as shown in Figure 6) in the log, and after verification, the effective monitoring log is pushed to the rule matching module.

规则匹配模块接收数据库监控日志数据,如果是get操作,则将其加入活跃连接列表;如果是return操作,则以Connection的唯一标识detectionInsert  ConInfo为依据,扫描活跃连接列表,寻找与return操作匹配的get操作,完成匹配的get操作视为无数据库连接泄漏风险的操作,将其从活跃连接列表中移除,其他get操作保留在活跃连接列表中。通过实验发现,绝大多数的数据库操作都是毫秒级的,即一个get操作发生后,在几毫秒内便会有一个return操作与之完成匹配,于是定时扫描任务中设置超时时间为1小时,如果一次get操作超过1小时还没有被return操作匹配上,我们认为这次get操作疑似发生数据库连接泄漏。于是预警模块以邮件的方式将图6所示的监控输出数据作为预警信息发送给干系人,干系人通过调用堆栈定位泄漏代码位置,进行排查和修复。The rule matching module receives the database monitoring log data, and if it is a get operation, it is added to the active connection list; if it is a return operation, it scans the active connection list based on the unique identifier of the Connection, detectionInsert ConInfo, to find the get that matches the return operation Operation, completing the matching get operation is regarded as the operation without risk of database connection leakage, and it is removed from the active connection list, and other get operations are kept in the active connection list. Through experiments, it is found that most database operations are in milliseconds, that is, after a get operation occurs, there will be a return operation matching it within a few milliseconds, so the timeout period is set to 1 hour in the scheduled scan task. If a get operation has not been matched by a return operation for more than 1 hour, we believe that a database connection leak is suspected for this get operation. Therefore, the early warning module sends the monitoring output data shown in FIG. 6 as early warning information to the stakeholders by email, and the stakeholders locate the leaked code location through the call stack for troubleshooting and repair.

目前,该数据库连接池泄漏检测方法在测试环境全面部署后,已经在银联无卡路由管理系统、商户管理系统、风险系统等多个业务系统中准确发现了多个数据库连接泄漏问题并精准定位泄漏代码段,全过程零误报,帮助各业务系统发现和排除了多个连接泄漏风险,达到了非常好的实践效果。At present, after the database connection pool leak detection method is fully deployed in the test environment, multiple database connection leak problems have been accurately found and accurately located in multiple business systems such as UnionPay cardless routing management system, merchant management system, risk system, etc. The code snippet and zero false alarms throughout the process have helped various business systems discover and eliminate the risk of multiple connection leaks, achieving very good practical results.

本发明实施例通过代码动态植入技术,在资源实际申请和释放的位置分别埋下锚点,使当应用运行到这些位置时,根据运行时上下文实时输出被申请或释放资源的信息及当前代码调用链,通过对申请-释放数据的匹配,判断某一资源使用后是否被正确释放,达到检查资源泄漏的目的,并根据申请资源操作的代码调用链,精准定位资源泄漏发生的位置。The embodiment of the present invention uses code dynamic implantation technology to bury anchor points at the locations where the resources are actually applied and released, so that when the application runs to these locations, the information of the requested or released resources and the current code are output in real time according to the runtime context The call chain matches the application-release data to determine whether a resource is properly released after use, to achieve the purpose of checking for resource leaks, and accurately locates the location of the resource leak based on the code call chain for the operation of the requested resource.

基于相同的技术构思,图7示例性的示出了本发明实施例提供的一种资源泄露检测的装置,该装置可以执行资源泄露检测的流程。Based on the same technical concept, FIG. 7 exemplarily shows an apparatus for resource leak detection provided by an embodiment of the present invention. The apparatus can execute a process of resource leak detection.

如图7所示,该装置包括:As shown in Figure 7, the device includes:

获取单元701,用于获取资源数据,所述资源数据是位于应用程序的预设代码位置上的资源获取代码发送的;所述资源数据包括数据操作类型和唯一标识;The obtaining unit 701 is configured to obtain resource data sent by a resource obtaining code located at a preset code position of an application program; the resource data includes a data operation type and a unique identifier;

处理单元702,用于根据所述资源数据的数据操作类型和唯一标识以及预设的资源匹配规则,对所述资源数据进行匹配;所述资源匹配规则是预先设置的资源申请操作与资源释放操作的对应关系;若匹配失败,则确定所述资 源数据存在异常。The processing unit 702 is configured to match the resource data according to the data operation type and unique identifier of the resource data and a preset resource matching rule; the resource matching rule is a preset resource application operation and a resource release operation Corresponding relationship; if the matching fails, it is determined that the resource data is abnormal.

可选的,所述处理单元702具体用于:Optionally, the processing unit 702 is specifically configured to:

若所述资源数据的数据操作类型为资源申请操作,则将所述资源数据添加到活跃资源列表;If the data operation type of the resource data is a resource application operation, add the resource data to the active resource list;

若所述资源数据的数据操作类型为资源释放操作,则对所述活跃资源列表进行扫描,查找与所述资源释放操作对应的资源数据的唯一标识一致的申请资源操作;若查找成功,则确定匹配成功,否则确定匹配失败。If the data operation type of the resource data is a resource release operation, the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined The match is successful, otherwise it is determined that the match failed.

可选的,所述处理单元702还用于:Optionally, the processing unit 702 is also used to:

周期性的扫描所述活跃资源列表,检查所述活跃资源列表中是否存在时间超过预设阈值的资源数据,若存在,则确定所述资源数据存在资源泄露。The active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak.

可选的,所述处理单元702还用于:Optionally, the processing unit 702 is also used to:

在确定所述资源数据存在异常之后,将所述资源数据删除,并发出预警信息。After determining that the resource data is abnormal, delete the resource data and issue an early warning message.

可选的,所述处理单元702还用于:Optionally, the processing unit 702 is also used to:

在所述获取资源数据之前,在所述应用程序的预设代码位置上注入资源获取代码。Before the resource data is acquired, the resource acquisition code is injected into the preset code position of the application program.

基于相同的技术构思,本发明实施例提供了一种计算机设备,包括:Based on the same technical concept, embodiments of the present invention provide a computer device, including:

存储器,用于存储程序指令;Memory, used to store program instructions;

处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行上述资源泄露检测的方法。The processor is configured to call the program instructions stored in the memory and execute the method for detecting the resource leak according to the obtained program.

基于相同的技术构思,本发明实施例提供了一种计算机可读非易失性存储介质,包括计算机可读指令,当计算机读取并执行所述计算机可读指令时,使得计算机执行上述资源泄露检测的方法。Based on the same technical concept, an embodiment of the present invention provides a computer-readable non-volatile storage medium, including computer-readable instructions, which causes the computer to perform the above-mentioned resource leak when the computer reads and executes the computer-readable instructions Method of detection.

基于同一发明构思,本申请实施例还提供了一种计算机程序产品,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行上述资源泄露检测的方法。Based on the same inventive concept, embodiments of the present application also provide a computer program product, the computer program product includes a calculation program stored on a non-transitory computer-readable storage medium, the computer program includes program instructions, when the When the program instructions are executed by a computer, the computer is caused to perform the above-mentioned method for detecting resource leaks.

本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowcharts and / or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each flow and / or block in the flowchart and / or block diagram and a combination of the flow and / or block in the flowchart and / or block diagram may be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, special-purpose computer, embedded processing machine, or other programmable data processing device to produce a machine that enables the generation of instructions executed by the processor of the computer or other programmable data processing device An apparatus for realizing the functions specified in one block or multiple blocks of one flow or multiple flows of a flowchart and / or one block or multiple blocks of a block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory that can guide a computer or other programmable data processing device to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including an instruction device, the instructions The device implements the functions specified in one block or multiple blocks of the flowchart one flow or multiple flows and / or block diagrams.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, so that a series of operating steps are performed on the computer or other programmable device to produce computer-implemented processing, which is executed on the computer or other programmable device The instructions provide steps for implementing the functions specified in one block or multiple blocks of the flowchart one flow or multiple flows and / or block diagrams.

尽管已描述了本发明的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本发明范围的所有变更和修改。Although the preferred embodiments of the present invention have been described, those skilled in the art can make additional changes and modifications to these embodiments once they learn the basic inventive concept. Therefore, the appended claims are intended to be interpreted as including the preferred embodiments and all changes and modifications falling within the scope of the present invention.

显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various modifications and variations to the present invention without departing from the spirit and scope of the present invention. In this way, if these modifications and variations of the present invention fall within the scope of the claims of the present invention and equivalent technologies thereof, the present invention is also intended to include these modifications and variations.

Claims (13)

一种资源泄露检测的方法,其特征在于,包括:A method for resource leak detection, which includes: 获取资源数据,所述资源数据是位于应用程序的预设代码位置上的资源获取代码发送的;所述资源数据包括数据操作类型和唯一标识;Acquire resource data, the resource data is sent by a resource acquisition code located at a preset code position of the application; the resource data includes a data operation type and a unique identifier; 根据所述资源数据的数据操作类型和唯一标识以及预设的资源匹配规则,对所述资源数据进行匹配;所述资源匹配规则是预先设置的资源申请操作与资源释放操作的对应关系;Matching the resource data according to the data operation type and unique identifier of the resource data and preset resource matching rules; the resource matching rules are the correspondence between the preset resource application operations and resource release operations; 若匹配失败,则确定所述资源数据存在异常。If the matching fails, it is determined that the resource data is abnormal. 如权利要求1所述的方法,其特征在于,所述根据所述资源数据的数据操作类型以及预设的资源匹配规则,对所述资源数据进行匹配,包括:The method according to claim 1, wherein the matching the resource data according to the data operation type of the resource data and a preset resource matching rule includes: 若所述资源数据的数据操作类型为资源申请操作,则将所述资源数据添加到活跃资源列表;If the data operation type of the resource data is a resource application operation, add the resource data to the active resource list; 若所述资源数据的数据操作类型为资源释放操作,则对所述活跃资源列表进行扫描,查找与所述资源释放操作对应的资源数据的唯一标识一致的申请资源操作;若查找成功,则确定匹配成功,否则确定匹配失败。If the data operation type of the resource data is a resource release operation, the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined The match is successful, otherwise it is determined that the match failed. 如权利要求2所述的方法,其特征在于,所述方法还包括:The method of claim 2, wherein the method further comprises: 周期性的扫描所述活跃资源列表,检查所述活跃资源列表中是否存在时间超过预设阈值的资源数据,若存在,则确定所述资源数据存在资源泄露。The active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak. 如权利要求1至3任一项所述的方法,其特征在于,在确定所述资源数据存在异常之后,还包括:The method according to any one of claims 1 to 3, wherein after determining that the resource data has an abnormality, further comprising: 将所述资源数据删除,并发出预警信息。Delete the resource data and issue an early warning message. 如权利要求1至3任一项所述的方法,其特征在于,在所述获取资源数据之前,还包括:The method according to any one of claims 1 to 3, wherein before the acquiring resource data, the method further comprises: 在所述应用程序的预设代码位置上注入资源获取代码。Injecting resource acquisition code at the preset code position of the application program. 一种资源泄露检测的装置,其特征在于,包括:An apparatus for detecting resource leaks is characterized by comprising: 获取单元,用于获取资源数据,所述资源数据是位于应用程序的预设代 码位置上的资源获取代码发送的;所述资源数据包括数据操作类型和唯一标识;An acquiring unit, configured to acquire resource data, which is sent by a resource acquiring code located at a preset code position of an application; the resource data includes a data operation type and a unique identifier; 处理单元,用于根据所述资源数据的数据操作类型和唯一标识以及预设的资源匹配规则,对所述资源数据进行匹配;所述资源匹配规则是预先设置的资源申请操作与资源释放操作的对应关系;若匹配失败,则确定所述资源数据存在异常。The processing unit is configured to match the resource data according to the data operation type and unique identifier of the resource data and a preset resource matching rule; the resource matching rule is a preset resource application operation and resource release operation Correspondence; if the match fails, it is determined that the resource data is abnormal. 如权利要求6所述的装置,其特征在于,所述处理单元具体用于:The device according to claim 6, wherein the processing unit is specifically configured to: 若所述资源数据的数据操作类型为资源申请操作,则将所述资源数据添加到活跃资源列表;If the data operation type of the resource data is a resource application operation, add the resource data to the active resource list; 若所述资源数据的数据操作类型为资源释放操作,则对所述活跃资源列表进行扫描,查找与所述资源释放操作对应的资源数据的唯一标识一致的申请资源操作;若查找成功,则确定匹配成功,否则确定匹配失败。If the data operation type of the resource data is a resource release operation, the active resource list is scanned to find a resource application operation that matches the unique identifier of the resource data corresponding to the resource release operation; if the search is successful, it is determined The match is successful, otherwise it is determined that the match failed. 如权利要求7所述的装置,其特征在于,所述处理单元还用于:The apparatus according to claim 7, wherein the processing unit is further configured to: 周期性的扫描所述活跃资源列表,检查所述活跃资源列表中是否存在时间超过预设阈值的资源数据,若存在,则确定所述资源数据存在资源泄露。The active resource list is periodically scanned to check whether there is resource data in the active resource list whose time exceeds a preset threshold, and if there is, it is determined that the resource data has a resource leak. 如权利要求6至8任一项所述的装置,其特征在于,所述处理单元还用于:The device according to any one of claims 6 to 8, wherein the processing unit is further used to: 在确定所述资源数据存在异常之后,将所述资源数据删除,并发出预警信息。After determining that the resource data is abnormal, delete the resource data and issue an early warning message. 如权利要求6至8任一项所述的装置,其特征在于,所述处理单元还用于:The device according to any one of claims 6 to 8, wherein the processing unit is further used to: 在所述获取资源数据之前,在所述应用程序的预设代码位置上注入资源获取代码。Before the resource data is acquired, the resource acquisition code is injected into the preset code position of the application program. 一种计算机设备,其特征在于,包括:A computer device, characterized in that it includes: 存储器,用于存储程序指令;Memory, used to store program instructions; 处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行权利要求1至5任一项所述的方法。The processor is configured to call the program instructions stored in the memory and execute the method according to any one of claims 1 to 5 according to the obtained program. 一种计算机可读非易失性存储介质,其特征在于,包括计算机可读指令,当计算机读取并执行所述计算机可读指令时,使得计算机执行如权利要求1至5任一项所述的方法。A computer-readable non-volatile storage medium, characterized in that it includes computer-readable instructions, and when the computer reads and executes the computer-readable instructions, it causes the computer to execute any one of claims 1 to 5. Methods. 一种计算机程序产品,其特征在于,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行权利要求1~5任一所述方法。A computer program product, characterized in that the computer program product includes a calculation program stored on a non-transitory computer-readable storage medium, the computer program includes program instructions, and when the program instructions are executed by a computer, the The computer executes the method according to any one of claims 1 to 5.
PCT/CN2019/098711 2018-11-12 2019-07-31 Method and apparatus for resource leak detection Ceased WO2020098311A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811339180.0A CN109542778A (en) 2018-11-12 2018-11-12 A kind of method and device of resource leak detection
CN201811339180.0 2018-11-12

Publications (1)

Publication Number Publication Date
WO2020098311A1 true WO2020098311A1 (en) 2020-05-22

Family

ID=65846804

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/098711 Ceased WO2020098311A1 (en) 2018-11-12 2019-07-31 Method and apparatus for resource leak detection

Country Status (2)

Country Link
CN (1) CN109542778A (en)
WO (1) WO2020098311A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115952006A (en) * 2023-03-13 2023-04-11 浪潮电子信息产业股份有限公司 Resource leak detection method, system, device, server and storage medium

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109542778A (en) * 2018-11-12 2019-03-29 中国银联股份有限公司 A kind of method and device of resource leak detection
CN111258752A (en) * 2020-01-08 2020-06-09 广州虎牙科技有限公司 Resource monitoring method and device, electronic equipment and storage medium
CN115373932A (en) * 2021-05-20 2022-11-22 北京字跳网络技术有限公司 Method and device for monitoring component operation
CN117195204B (en) * 2023-11-01 2024-02-13 建信金融科技有限责任公司 Abnormal data detection method, device, electronic equipment and computer readable medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060206885A1 (en) * 2005-03-10 2006-09-14 Seidman David I Identifying memory leaks in computer systems
CN102103541A (en) * 2011-02-28 2011-06-22 中国人民解放军国防科学技术大学 Kernel-module memory management method for preventing memory leaks and multiple memory releases
CN105912458A (en) * 2016-03-28 2016-08-31 中国电力科学研究院 Method and system for dynamically detecting C/C++ memory leak
CN108733567A (en) * 2018-05-24 2018-11-02 北京智芯微电子科技有限公司 The monitoring method and system of software resource leak case
CN109542778A (en) * 2018-11-12 2019-03-29 中国银联股份有限公司 A kind of method and device of resource leak detection

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7325106B1 (en) * 2004-07-16 2008-01-29 Sun Microsystems, Inc. Method for monitoring heap for memory leaks
US7313661B1 (en) * 2005-03-18 2007-12-25 Sun Microsystems, Inc. Tool for identifying causes of memory leaks
US7870358B2 (en) * 2007-03-07 2011-01-11 Lsi Corporation Zero-penalty RAID controller memory leak detection and isolation method and system utilizing sequence numbers
CN101587455B (en) * 2008-12-11 2010-09-22 南京南瑞继保电气有限公司 Method for checking memory leak for vxWorks operating system
CN101814049A (en) * 2010-03-23 2010-08-25 北京大学 Memory leak detection method
CN106407114B (en) * 2016-09-20 2017-12-15 腾讯科技(深圳)有限公司 Memory overflow analysis method and device
CN108664390B (en) * 2017-03-31 2021-10-01 华为技术有限公司 A memory leak detection method and device
CN107423213B (en) * 2017-04-11 2020-12-18 腾讯科技(深圳)有限公司 File descriptor distribution detection method and device
CN107908539B (en) * 2017-07-24 2020-07-17 平安科技(深圳)有限公司 Method, terminal and computer readable storage medium for detecting memory leakage of application program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060206885A1 (en) * 2005-03-10 2006-09-14 Seidman David I Identifying memory leaks in computer systems
CN102103541A (en) * 2011-02-28 2011-06-22 中国人民解放军国防科学技术大学 Kernel-module memory management method for preventing memory leaks and multiple memory releases
CN105912458A (en) * 2016-03-28 2016-08-31 中国电力科学研究院 Method and system for dynamically detecting C/C++ memory leak
CN108733567A (en) * 2018-05-24 2018-11-02 北京智芯微电子科技有限公司 The monitoring method and system of software resource leak case
CN109542778A (en) * 2018-11-12 2019-03-29 中国银联股份有限公司 A kind of method and device of resource leak detection

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115952006A (en) * 2023-03-13 2023-04-11 浪潮电子信息产业股份有限公司 Resource leak detection method, system, device, server and storage medium

Also Published As

Publication number Publication date
CN109542778A (en) 2019-03-29

Similar Documents

Publication Publication Date Title
WO2020098311A1 (en) Method and apparatus for resource leak detection
US11360842B2 (en) Fault processing method, related apparatus, and computer
Wehaibi et al. Examining the impact of self-admitted technical debt on software quality
CN110674506B (en) Method and system for rapidly verifying vulnerability state of application program
CN106874755A (en) The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks
US20240220401A1 (en) Continuous integration automated test systems and methods, electronic devices, and storage media
CN107025224B (en) Method and equipment for monitoring task operation
CN111610989A (en) An application publishing/updating method and system for offline container cloud environment
CN112422581B (en) Webshell webpage detection method, device and equipment in JVM (Java virtual machine)
CN111611172A (en) Project test defect analysis method, device, equipment and storage medium
CN116842531B (en) Code vaccine-based vulnerability real-time verification method, device, equipment and medium
CN107589951A (en) A kind of cluster upgrade method and device
CN105988798A (en) Patch processing method and apparatus
CN107239292A (en) It is a kind of to automate the method and apparatus for building software version
CN113407419B (en) Memory leak detection method and device, computer equipment and storage medium
CN109635568A (en) A kind of concurrent leak detection method combined based on static analysis and fuzz testing
KR101324691B1 (en) System and method for detecting malicious mobile applications
WO2015067170A1 (en) Method and system for analyzing android application program
CN116451228A (en) Dynamic taint tracking method, device and related online taint propagation analysis system
CN112905199A (en) Code update detection method and device
CN113850664A (en) A data anomaly detection method and data reporting service
US20250021438A1 (en) Detecting an error in an updated software package by automatically rebuilding related downstream products
CN106502665A (en) Application program repairing method and device
CN114201407B (en) Wild pointer detection method, device, equipment and storage medium
CN111881459B (en) Equipment risk control system and detection method based on trusted computing environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19885373

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19885373

Country of ref document: EP

Kind code of ref document: A1