memfd | Ruby wrapper around the memfd_create system call | Cryptography library

Found the solution here: Does Flow work well on Apple Silicon M1 Macs?

In my .flowconfig file I needed to add the option:

As you see exception, you get idea that you application is consuming plenty of RAM of device.

You need to manage that memory leak in your flutter application.

Android and iOS OS allocate every application limited amount of RAM in order to manage all process at same time.

If any of application uses more RAM then their allocation, OS stops all process of that application. and we see it as crash.

In your case, you are plying multiple videos in your application, and all videos are caught videos. As they are caught videos, they are temporarily saved in RAM, and as you see more and more video, you are using more and more RAM.

You need to optimise your application, you can clear video after page changes.

With that you can control your memory leak.

basically the solution is to add an android dependency that's opt-in for exoplayer. Either you or the lib author should do it.

At this moment I'm not sure if it's you or them inserting ads (In-Media-Advertising? sic), or if there's some sort of video_player_ima dependency out there.

A quick fix for you is add this to android/app/build.gradle in the dependencies section. But it should really be done in either video_player or a more appropriate lib. implementation("com.google.android.exoplayer:extension-ima:") make sure to match version, get a peek at the other exoplayer deps with

(Note that this answer is not directed only to OP, but to anyone who encounters a similar problem.)

The problem OP is seeing occurs in different processes, and the underlying issue is how to pass a file descriptor between processes.

• File descriptor is a number used by a process to refer to a file description, when dealing with files, sockets, FIFOs, or anything file-like in a Unix or POSIX system.

• File description is the internal kernel data structure that refers to a file-like object, and includes position (if seekable), record locks, and so on.

• File descriptors are specific to a process. That is, descriptor 3 in one process has nothing to do with descriptor 3 in another process, unless they happen to refer to the same object.

• Processes can share the same file description. Unix Domain sockets can be used to pass a file descriptor from one end to the other, between processes. This is not just passing a number; it is a special technique using ancillary data that the OS kernel supports. Essentially, the OS kernel ensures that (usually different) file descriptors refer to the same file description, even when they are in different processes. This also means that the descriptor number gets modified by the kernel in-flight.

• There are two different types of Unix Domain sockets: stream and datagram. Stream is very similar to a bidirectional pipe or a TCP stream: there are no messages or message boundaries, just a sequential stream of data. Datagrams are "packets", with each having a specific length. (Please avoid zero-length datagrams.)

• Instead of a pipe between a parent and a child process, an Unix Domain stream socket can almost always be used instead: their behaviour is so similar.

• If a receiving process uses recv() or read() and not recvmsg() (i.e. is not prepared to receive ancillary data, and only recvmsg() and the Linux extension recvmmsg() handle ancillary data), current Linux C library and kernel do not create the file descriptor on the receiving end. That is, a malicious end cannot spam any number of descriptors to an unsuspecting end; the receiving end can only receive descriptors if it is prepared to do so (by using recvmsg() or recvmmsg()).

In Linux, when the procfs is available, each file descriptor does have a system-accessible name, /proc/PID/fd/FD, where PID is the process ID, and FD is the file descriptor number in that process. (procfs and sysfs, usually mounted at /proc and /sys, respectively, are not physically stored on any media, but are dynamically generated by the OS kernel as they are accessed. Because of this, they are often called pseudofiles or pseudofilesystems: they behave like files in most ways (although their length is usually reported as zero, because the contents do not exist before you read it), but really aren't.)

However, the /proc/PID/ directories are typically only accessible to the user account that particular process is running as; and can be even further restricted if Linux Security Modules like SELinux are used. This is an important security feature, and any attempt to bypass this should be considered a serious potential risk – likely nefarious, in my opinion.

So, there are two possible approaches in Linux: Pass the procfs path to the file descriptor (/proc/PID/fd/FD), and hope the other end can access that, or use an Unix Domain socket (stream or datagram) between the two, and use that to pass the descriptor.

For details on ancillary data management, see man 2 sendmsg and man 3 cmsg.

I personally recommend the descriptor passing approach. Not only is it more robust, but it is also portable between Linux and many Unixy systems, for example the BSD variants (including Mac OS).

This is also the reason why many privileged services that use unprivileged or restricted child processes, like Apache and Nginx HTTP daemons (for example for fastcgi implementation), use Unix domain sockets for interprocess communication.

(Another reason is SCM_CREDENTIALS ancillary data, which consists of the process ID, user ID, and a group ID of the sending process, which the kernel verifies; that allows a receiver to verify the identity of the sender of a particular message, at the moment of sending. This wording may sound oddly complex, but since the sender process may have replaced itself with something new as soon as the message was received but not processed yet, we must be careful and understand the situation correctly to not leave gaping security holes in our software.)

It is unfortunate that OP has already implemented interprocess communication using POSIX message queues (see man 7 mq_overview), but they do not support ancillary data or passing descriptors. A refactoring is in order.

Since you're using the default UnityActivity, I doubt your manifest will cause an issue (it looks like you're using messaging, so see the related documentation).

My guess is that something may have gone wrong with the Play Services Resolver. Make sure that you haven't disabled it, and do a force resolve to make sure everything's in the right place. I did a writeup of the system here if it helps.

I don't see anything in your samples that look like they could break threading in Unity, but it's generally safer to use ContinueWithOnMainThread over ContinueWith. If there's something you haven't shared in the continuation, that could fix a related issue. I made a related writeup on this as well.

Finally, since to my reading you're not doing anything special with the Android Manifest, you might want to just delete it (if you made your own under Assets/Plugins/Android (leave the one alone in Assets/Plugins/Android/Firebase).

I do notice that you say "a short time after calling". It's also possible that you might be accessing a Firebase object without waiting on the result of CheckAndFixDependenciesAsync. This is generally ok if you were going to get DependencyStatus.Available, but if you weren't you'll get a null reference (usually you'll fail if your google play services needs an update or it isn't available on your device). I personally find that if I turn that logic into a Coroutine (or use async/await), it helps me reason about what's waiting on what. But I don't expect that this your issue.

I hope something here helps. And if you think you've run into an actual bug, don't forget to reach out to support. Issues that go up there will often make their way all the way to the engineering team, so it's not as "yelling into the void" as you might think :D.

--Patrick