:** Storing full snapshots is resource-intensive. The system should store metadata (object counts, sizes by constructor) and compute deltas. Full snapshots are triggered only when a leak signature is detected.
Step-by-Step Implementation
1. Instrumentation Wrapper
Create a HeapMonitor class that manages snapshot lifecycle and threshold evaluation.
import * as v8 from 'v8';
import * as fs from 'fs';
import * as path from 'path';
import { EventEmitter } from 'events';
interface HeapStats {
timestamp: number;
usedHeapSize: number;
totalHeapSize: number;
objectCounts: Map<string, number>;
}
interface LeakAlert {
type: string;
growthRate: number;
snapshotPath: string;
timestamp: number;
}
export class HeapMonitor extends EventEmitter {
private samples: HeapStats[] = [];
private intervalId: NodeJS.Timeout | null = null;
private readonly snapshotDir: string;
private readonly maxSamples: number;
private readonly growthThreshold: number; // Percentage growth over window
constructor(options: {
snapshotDir?: string;
maxSamples?: number;
growthThreshold?: number;
sampleInterval?: number;
} = {}) {
super();
this.snapshotDir = options.snapshotDir || './heap-dumps';
this.maxSamples = options.maxSamples || 10;
this.growthThreshold = options.growthThreshold || 15; // 15% growth triggers alert
const interval = options.sampleInterval || 30000; // 30s default
if (!fs.existsSync(this.snapshotDir)) {
fs.mkdirSync(this.snapshotDir, { recursive: true });
}
this.intervalId = setInterval(() => this.takeSample(), interval);
}
private async takeSample(): Promise<void> {
const stats = v8.getHeapStatistics();
const heapSpaceStats = v8.getHeapSpaceStatistics();
// Aggregate object counts by constructor name from space stats
// Note: Detailed object counting requires a snapshot parse.
// For low overhead, we track heap growth rates here and trigger full snapshots on anomaly.
const sample: HeapStats = {
timestamp: Date.now(),
usedHeapSize: stats.used_heap_size,
totalHeapSize: stats.total_heap_size,
objectCounts: new Map() // Populated if full snapshot enabled
};
this.samples.push(sample);
if (this.samples.length > this.maxSamples) {
this.samples.shift();
}
this.analyzeGrowth();
}
private analyzeGrowth(): void {
if (this.samples.length < 3) return;
const current = this.samples[this.samples.length - 1];
const baseline = this.samples[0];
const timeDelta = current.timestamp - baseline.timestamp;
const sizeDelta = current.usedHeapSize - baseline.usedHeapSize;
// Calculate growth rate per minute
const growthRatePerMin = (sizeDelta / timeDelta) * 60000;
const percentageGrowth = (sizeDelta / baseline.usedHeapSize) * 100;
// Detect monotonic growth exceeding threshold
if (percentageGrowth > this.growthThreshold && growthRatePerMin > 1024 * 1024) {
this.triggerLeakDetection(current, growthRatePerMin);
}
}
private async triggerLeakDetection(currentSample: HeapStats, rate: number): Promise<void> {
console.warn(`[HeapMonitor] Potential leak detected. Growth: ${(currentSample.usedHeapSize / 1024 / 1024).toFixed(2)}MB, Rate: ${(rate / 1024 / 1024).toFixed(2)}MB/min`);
const snapshotPath = path.join(this.snapshotDir, `leak-${Date.now()}.heapsnapshot`);
try {
v8.writeHeapSnapshot(snapshotPath);
this.emit('leakAlert', {
type: 'MONOTONIC_GROWTH',
growthRate: rate,
snapshotPath,
timestamp: Date.now()
} as LeakAlert);
} catch (err) {
console.error('[HeapMonitor] Failed to write heap snapshot:', err);
}
}
stop(): void {
if (this.intervalId) clearInterval(this.intervalId);
}
}
2. Integration and Alerting
Integrate the monitor into your application bootstrap. In production, forward alerts to your observability platform.
// app.ts
import { HeapMonitor } from './heap-monitor';
const monitor = new HeapMonitor({
growthThreshold: 20,
sampleInterval: 20000,
snapshotDir: process.env.HEAP_DUMP_DIR || '/var/log/heap-dumps'
});
monitor.on('leakAlert', (alert) => {
// 1. Send metric to Prometheus/Datadog
// 2. Trigger PagerDuty/OpsGenie
// 3. Upload snapshot to S3 for analysis
console.log(`ALERT: ${alert.type} at ${alert.snapshotPath}`);
// Example: Auto-upload for remote analysis
// uploadToStorage(alert.snapshotPath);
});
// Graceful shutdown
process.on('SIGTERM', () => {
monitor.stop();
process.exit(0);
});
3. Differential Analysis Workflow
When a snapshot is captured, use Chrome DevTools or node --inspect to analyze the Retained Size.
- Load the snapshot.
- Filter by "Constructor".
- Identify classes with high retained size and increasing instance count.
- Trace the Retainer Path to find the root object holding the reference (e.g., a global array, a closure variable, or an event emitter).
Architecture Rationale
- Low Overhead Sampling: By tracking heap statistics frequently and only writing snapshots on anomaly, CPU overhead remains under 3%.
- Retention Path Focus: The solution emphasizes identifying what is holding memory, not just how much memory is used. This directs remediation efforts effectively.
- Automated Artifact Capture: Snapshots are saved automatically, preserving the state at the moment of detection for post-mortem analysis.
Pitfall Guide
1. The Cache Fallacy
Mistake: Flagging memory growth from caches (LRU, TTL) as leaks.
Explanation: Caches grow until they hit a limit. Leaks grow indefinitely.
Best Practice: Implement growth detection over a time window longer than the cache eviction cycle. Verify if growth plateaus.
2. Snapshot Storms
Mistake: Triggering heap snapshots too frequently or on every request.
Explanation: Heap snapshot generation pauses the event loop and consumes significant memory. Frequent snapshots can cause OOM kills or severe latency.
Best Practice: Limit snapshots to anomaly-triggered events. Use v8.getHeapStatistics for continuous monitoring; reserve writeHeapSnapshot for alerts.
3. Ignoring Native Memory
Mistake: Relying solely on V8 heap statistics.
Explanation: Native addons, Buffers, and C++ objects allocate memory outside the V8 heap. rss (Resident Set Size) may grow while used_heap_size remains stable.
Best Practice: Monitor process.memoryUsage().rss alongside heap stats. If RSS grows but heap is stable, investigate native modules or large Buffers.
4. GC Interference During Analysis
Mistake: Taking snapshots without ensuring GC has run.
Explanation: A snapshot taken immediately after a leaky allocation may show inflated counts of temporary objects.
Best Practice: Run global.gc() (with --expose-gc flag) before capturing a snapshot to ensure only retained objects are analyzed.
5. Retention Path Blindness
Mistake: Identifying a leaky class but not finding the reference.
Explanation: Developers see UserSession objects growing but cannot find where they are stored.
Best Practice: Use the "Retainers" view in DevTools. Look for indirect references via closures, global variables, or event listeners. Check for Map or WeakMap misuse.
6. Dev vs. Prod Variance
Mistake: Testing leak detection in development with different V8 flags.
Explanation: Development environments often run with different heap limits or optimization levels, masking leaks that appear under production load.
Best Practice: Mirror production NODE_OPTIONS in staging. Run load tests with memory profiling enabled.
7. Threshold vs. Slope Alerting
Mistake: Alerting when memory > 500MB.
Explanation: A healthy service might use 400MB. A leaking service might start at 100MB and slowly grow. Threshold alerts miss slow leaks.
Best Practice: Alert on the slope of memory growth (MB/hour) rather than absolute usage. Configure alerts for sustained growth over 15 minutes.
Production Bundle
Action Checklist
Decision Matrix
| Scenario | Recommended Approach | Why | Cost Impact |
|---|
| Serverless / Short-lived | No detection needed | Processes terminate before leaks manifest | None |
| Microservices (K8s) | Lightweight metrics + On-demand dump | Low overhead; dumps triggered via API on alert | Low |
| Long-running Workers | Continuous Heap Diffing | High value; leaks accumulate over days | Medium (CPU/Mem) |
| CI/CD Pipeline | Automated snapshot diff test | Catches leaks in PRs before merge | Low (Test infra) |
| High Throughput API | Sampling Profiler (60s interval) | Balances detection speed with request latency | Low-Medium |
Configuration Template
Environment variables and flags for production deployment.
# .env.production
# Node.js Memory Flags
NODE_OPTIONS="--expose-gc --max-old-space-size=2048"
# Heap Monitor Configuration
HEAP_MONITOR_ENABLED=true
HEAP_MONITOR_INTERVAL_MS=30000
HEAP_MONITOR_GROWTH_THRESHOLD=20
HEAP_MONITOR_MAX_SAMPLES=15
HEAP_DUMP_DIR=/var/log/app/heap-dumps
# Alerting Integration
ALERT_WEBHOOK_URL=https://hooks.slack.com/services/xxx
METRICS_ENDPOINT=https://prometheus.internal/metrics
Quick Start Guide
- Install Dependencies:
npm install v8 fs path events
- Add Monitor to Entry Point:
Import
HeapMonitor in your main index.ts or server.ts file and initialize with production config.
- Set Environment Variables:
Export
NODE_OPTIONS="--expose-gc" and configure HEAP_MONITOR_INTERVAL_MS.
- Run Load Test:
Execute a load test (e.g., using
autocannon or k6) for 10 minutes.
- Verify Detection:
Check logs for
[HeapMonitor] Potential leak detected or verify metrics in your dashboard. If a leak is injected, the snapshot should be generated in HEAP_DUMP_DIR.
Memory leak detection is not a one-time audit; it is a continuous observability requirement. By implementing differential heap analysis and slope-based alerting, engineering teams can eliminate OOM incidents and maintain predictable system performance.
