1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include <inttypes.h>
30 #include <stdint.h>
31 
32 #include <array>
33 #include <mutex>
34 #include <thread>
35 #include <utility>
36 #include <vector>
37 
38 #include <android/fdsan.h>
39 #include <android/set_abort_message.h>
40 #include <bionic/fdtrack.h>
41 
42 #include <android-base/no_destructor.h>
43 #include <android-base/thread_annotations.h>
44 #include <async_safe/log.h>
45 #include <bionic/reserved_signals.h>
46 #include <unwindstack/LocalUnwinder.h>
47 
48 struct FdEntry {
49   std::mutex mutex;
50   std::vector<unwindstack::LocalFrameData> backtrace GUARDED_BY(mutex);
51 };
52 
53 extern "C" void fdtrack_dump();
54 extern "C" void fdtrack_dump_fatal();
55 
56 using fdtrack_callback_t = bool (*)(int fd, const char* const* function_names,
57                                     const uint64_t* function_offsets, size_t count, void* arg);
58 extern "C" void fdtrack_iterate(fdtrack_callback_t callback, void* arg);
59 
60 static void fd_hook(android_fdtrack_event* event);
61 
62 // Backtraces for the first 4k file descriptors ought to be enough to diagnose an fd leak.
63 static constexpr size_t kFdTableSize = 4096;
64 
65 // 32 frames, plus two to skip from fdtrack itself.
66 static constexpr size_t kStackDepth = 34;
67 static constexpr size_t kStackFrameSkip = 2;
68 
69 static bool installed = false;
70 static std::array<FdEntry, kFdTableSize> stack_traces [[clang::no_destroy]];
Unwinder()71 static unwindstack::LocalUnwinder& Unwinder() {
72   static android::base::NoDestructor<unwindstack::LocalUnwinder> unwinder;
73   return *unwinder.get();
74 }
75 
ctor()76 __attribute__((constructor)) static void ctor() {
77   for (auto& entry : stack_traces) {
78     entry.backtrace.reserve(kStackDepth);
79   }
80 
81   struct sigaction sa = {};
82   sa.sa_sigaction = [](int, siginfo_t* siginfo, void*) {
83     if (siginfo->si_code == SI_QUEUE && siginfo->si_int == 1) {
84       fdtrack_dump_fatal();
85     } else {
86       fdtrack_dump();
87     }
88   };
89   sa.sa_flags = SA_SIGINFO | SA_ONSTACK;
90   sigaction(BIONIC_SIGNAL_FDTRACK, &sa, nullptr);
91 
92   if (Unwinder().Init()) {
93     android_fdtrack_hook_t expected = nullptr;
94     installed = android_fdtrack_compare_exchange_hook(&expected, &fd_hook);
95   }
96 
97   android_fdtrack_set_globally_enabled(true);
98 }
99 
dtor()100 __attribute__((destructor)) static void dtor() {
101   if (installed) {
102     android_fdtrack_hook_t expected = &fd_hook;
103     android_fdtrack_compare_exchange_hook(&expected, nullptr);
104   }
105 }
106 
GetFdEntry(int fd)107 FdEntry* GetFdEntry(int fd) {
108   if (fd >= 0 && fd < static_cast<int>(kFdTableSize)) {
109     return &stack_traces[fd];
110   }
111   return nullptr;
112 }
113 
fd_hook(android_fdtrack_event * event)114 static void fd_hook(android_fdtrack_event* event) {
115   if (event->type == ANDROID_FDTRACK_EVENT_TYPE_CREATE) {
116     if (FdEntry* entry = GetFdEntry(event->fd); entry) {
117       std::lock_guard<std::mutex> lock(entry->mutex);
118       entry->backtrace.clear();
119       Unwinder().Unwind(&entry->backtrace, kStackDepth);
120     }
121   } else if (event->type == ANDROID_FDTRACK_EVENT_TYPE_CLOSE) {
122     if (FdEntry* entry = GetFdEntry(event->fd); entry) {
123       std::lock_guard<std::mutex> lock(entry->mutex);
124       entry->backtrace.clear();
125     }
126   }
127 }
128 
fdtrack_iterate(fdtrack_callback_t callback,void * arg)129 void fdtrack_iterate(fdtrack_callback_t callback, void* arg) {
130   bool prev = android_fdtrack_set_enabled(false);
131 
132   for (int fd = 0; fd < static_cast<int>(stack_traces.size()); ++fd) {
133     const char* function_names[kStackDepth];
134     uint64_t function_offsets[kStackDepth];
135     FdEntry* entry = GetFdEntry(fd);
136     if (!entry) {
137       continue;
138     }
139 
140     if (!entry->mutex.try_lock()) {
141       async_safe_format_log(ANDROID_LOG_WARN, "fdtrack", "fd %d locked, skipping", fd);
142       continue;
143     }
144 
145     if (entry->backtrace.empty()) {
146       entry->mutex.unlock();
147       continue;
148     } else if (entry->backtrace.size() < 2) {
149       async_safe_format_log(ANDROID_LOG_WARN, "fdtrack", "fd %d missing frames: size = %zu", fd,
150                             entry->backtrace.size());
151 
152       entry->mutex.unlock();
153       continue;
154     }
155 
156     for (size_t i = kStackFrameSkip; i < entry->backtrace.size(); ++i) {
157       size_t j = i - kStackFrameSkip;
158       function_names[j] = entry->backtrace[i].function_name.c_str();
159       function_offsets[j] = entry->backtrace[i].function_offset;
160     }
161 
162     bool should_continue = callback(fd, function_names, function_offsets,
163                                     entry->backtrace.size() - kStackFrameSkip, arg);
164 
165     entry->mutex.unlock();
166 
167     if (!should_continue) {
168       break;
169     }
170   }
171 
172   android_fdtrack_set_enabled(prev);
173 }
174 
hash_stack(const char * const * function_names,const uint64_t * function_offsets,size_t stack_depth)175 static size_t hash_stack(const char* const* function_names, const uint64_t* function_offsets,
176                          size_t stack_depth) {
177   size_t hash = 0;
178   for (size_t i = 0; i < stack_depth; ++i) {
179     // To future maintainers: if a libc++ update ever makes this invalid, replace this with +.
180     hash = std::__hash_combine(hash, std::hash<std::string_view>()(function_names[i]));
181     hash = std::__hash_combine(hash, std::hash<uint64_t>()(function_offsets[i]));
182   }
183   return hash;
184 }
185 
fdtrack_dump_impl(bool fatal)186 static void fdtrack_dump_impl(bool fatal) {
187   if (!installed) {
188     async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fdtrack not installed");
189   } else {
190     async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fdtrack dumping...");
191   }
192 
193   // If we're aborting, identify the most common stack in the hopes that it's the culprit,
194   // and emit that in the abort message so crash reporting can separate different fd leaks out.
195   // This is horrible and quadratic, but we need to avoid allocation since this can happen in
196   // response to a signal generated asynchronously. We're only going to dump 1k fds by default,
197   // and we're about to blow up the entire system, so this isn't too expensive.
198   struct StackInfo {
199     size_t hash = 0;
200     size_t count = 0;
201 
202     size_t stack_depth = 0;
203     const char* function_names[kStackDepth - kStackFrameSkip];
204     uint64_t function_offsets[kStackDepth - kStackFrameSkip];
205   };
206   struct StackList {
207     size_t count = 0;
208     std::array<StackInfo, 128> data;
209   };
210   static StackList stacks;
211 
212   fdtrack_iterate(
213       [](int fd, const char* const* function_names, const uint64_t* function_offsets,
214          size_t stack_depth, void* stacks_ptr) {
215         auto stacks = static_cast<StackList*>(stacks_ptr);
216         uint64_t fdsan_owner = android_fdsan_get_owner_tag(fd);
217         if (fdsan_owner != 0) {
218           async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fd %d: (owner = 0x%" PRIx64 ")", fd,
219                                 fdsan_owner);
220         } else {
221           async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fd %d: (unowned)", fd);
222         }
223 
224         for (size_t i = 0; i < stack_depth; ++i) {
225           async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "  %zu: %s+%" PRIu64, i,
226                                 function_names[i], function_offsets[i]);
227         }
228 
229         if (stacks) {
230           size_t hash = hash_stack(function_names, function_offsets, stack_depth);
231           bool found_stack = false;
232           for (size_t i = 0; i < stacks->count; ++i) {
233             if (stacks->data[i].hash == hash) {
234               ++stacks->data[i].count;
235               found_stack = true;
236               break;
237             }
238           }
239 
240           if (!found_stack) {
241             if (stacks->count < stacks->data.size()) {
242               auto& stack = stacks->data[stacks->count++];
243               stack.hash = hash;
244               stack.count = 1;
245               stack.stack_depth = stack_depth;
246               for (size_t i = 0; i < stack_depth; ++i) {
247                 stack.function_names[i] = function_names[i];
248                 stack.function_offsets[i] = function_offsets[i];
249               }
250             }
251           }
252         }
253 
254         return true;
255       },
256       fatal ? &stacks : nullptr);
257 
258   if (fatal) {
259     // Find the most common stack.
260     size_t max = 0;
261     StackInfo* stack = nullptr;
262     for (size_t i = 0; i < stacks.count; ++i) {
263       if (stacks.data[i].count > max) {
264         stack = &stacks.data[i];
265         max = stack->count;
266       }
267     }
268 
269     static char buf[1024];
270 
271     if (!stack) {
272       async_safe_format_buffer(buf, sizeof(buf),
273                                "aborting due to fd leak: failed to find most common stack");
274     } else {
275       char* p = buf;
276       p += async_safe_format_buffer(buf, sizeof(buf),
277                                     "aborting due to fd leak: most common stack =\n");
278 
279       for (size_t i = 0; i < stack->stack_depth; ++i) {
280         ssize_t bytes_left = buf + sizeof(buf) - p;
281         if (bytes_left > 0) {
282           p += async_safe_format_buffer(p, buf + sizeof(buf) - p, "  %zu: %s+%" PRIu64 "\n", i,
283                                         stack->function_names[i], stack->function_offsets[i]);
284         }
285       }
286     }
287 
288     android_set_abort_message(buf);
289 
290     // Abort on a different thread to avoid ART dumping runtime stacks.
291     std::thread([]() { abort(); }).join();
292   }
293 }
294 
fdtrack_dump()295 void fdtrack_dump() {
296   fdtrack_dump_impl(false);
297 }
298 
fdtrack_dump_fatal()299 void fdtrack_dump_fatal() {
300   fdtrack_dump_impl(true);
301 }
302