Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core / 21824dddeb4474fadbb79c07fc76cd9f397d04f3 / . / llkd / libllkd.cpp
blob: 58c2ba8d23166df57e9acbb71cf7be55faf02e5c [file] [log] [blame]
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1/*
2 * Copyright (C) 2018 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "llkd.h"
18
19#include <ctype.h>
20#include <dirent.h> // opendir() and readdir()
21#include <errno.h>
22#include <fcntl.h>
23#include <pthread.h>
24#include <pwd.h> // getpwuid()
25#include <signal.h>
26#include <stdint.h>
27#include <sys/cdefs.h> // ___STRING, __predict_true() and _predict_false()
28#include <sys/mman.h> // mlockall()
29#include <sys/prctl.h>
30#include <sys/stat.h> // lstat()
31#include <sys/syscall.h> // __NR_getdents64
32#include <sys/sysinfo.h> // get_nprocs_conf()
33#include <sys/types.h>
34#include <time.h>
35#include <unistd.h>
36
37#include <chrono>
38#include <ios>
39#include <sstream>
40#include <string>
41#include <unordered_map>
42#include <unordered_set>
43
44#include <android-base/file.h>
45#include <android-base/logging.h>
46#include <android-base/parseint.h>
47#include <android-base/properties.h>
48#include <android-base/strings.h>
49#include <cutils/android_get_control_file.h>
50#include <log/log_main.h>
51
52#define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x)))
53
54#define TASK_COMM_LEN 16 // internal kernel, not uapi, from .../linux/include/linux/sched.h
55
56using namespace std::chrono_literals;
57using namespace std::chrono;
Mark Salyzyn52e54a62018-08-07 08:13:13 -0700[diff] [blame]58using namespace std::literals;
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]59
60namespace {
61
62constexpr pid_t kernelPid = 0;
63constexpr pid_t initPid = 1;
64constexpr pid_t kthreaddPid = 2;
65
66constexpr char procdir[] = "/proc/";
67
68// Configuration
69milliseconds llkUpdate; // last check ms signature
70milliseconds llkCycle; // ms to next thread check
71bool llkEnable = LLK_ENABLE_DEFAULT; // llk daemon enabled
72bool llkRunning = false; // thread is running
73bool llkMlockall = LLK_MLOCKALL_DEFAULT; // run mlocked
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]74bool llkTestWithKill = LLK_KILLTEST_DEFAULT; // issue test kills
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]75milliseconds llkTimeoutMs = LLK_TIMEOUT_MS_DEFAULT; // default timeout
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]76enum { // enum of state indexes
77 llkStateD, // Persistent 'D' state
78 llkStateZ, // Persistent 'Z' state
79#ifdef __PTRACE_ENABLED__ // Extra privileged states
80 llkStateStack, // stack signature
81#endif // End of extra privilege
82 llkNumStates, // Maxumum number of states
83}; // state indexes
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]84milliseconds llkStateTimeoutMs[llkNumStates]; // timeout override for each detection state
85milliseconds llkCheckMs; // checking interval to inspect any
86 // persistent live-locked states
87bool llkLowRam; // ro.config.low_ram
88bool khtEnable = LLK_ENABLE_DEFAULT; // [khungtaskd] panic
89// [khungtaskd] should have a timeout beyond the granularity of llkTimeoutMs.
90// Provides a wide angle of margin b/c khtTimeout is also its granularity.
91seconds khtTimeout = duration_cast<seconds>(llkTimeoutMs * (1 + LLK_CHECKS_PER_TIMEOUT_DEFAULT) /
92 LLK_CHECKS_PER_TIMEOUT_DEFAULT);
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]93#ifdef __PTRACE_ENABLED__
94// list of stack symbols to search for persistence.
95std::unordered_set<std::string> llkCheckStackSymbols;
96#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]97
98// Blacklist variables, initialized with comma separated lists of high false
99// positive and/or dangerous references, e.g. without self restart, for pid,
100// ppid, name and uid:
101
102// list of pids, or tids or names to skip. kernel pid (0), init pid (1),
103// [kthreadd] pid (2), ourselves, "init", "[kthreadd]", "lmkd", "llkd" or
104// combinations of watchdogd in kernel and user space.
105std::unordered_set<std::string> llkBlacklistProcess;
106// list of parent pids, comm or cmdline names to skip. default:
107// kernel pid (0), [kthreadd] (2), or ourselves, enforced and implied
108std::unordered_set<std::string> llkBlacklistParent;
109// list of uids, and uid names, to skip, default nothing
110std::unordered_set<std::string> llkBlacklistUid;
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]111#ifdef __PTRACE_ENABLED__
112// list of names to skip stack checking. "init", "lmkd", "llkd", "keystore" or
113// "logd" (if not userdebug).
114std::unordered_set<std::string> llkBlacklistStack;
115#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]116
117class dir {
118 public:
119 enum level { proc, task, numLevels };
120
121 private:
122 int fd;
123 size_t available_bytes;
124 dirent* next;
125 // each directory level picked to be just north of 4K in size
126 static constexpr size_t buffEntries = 15;
127 static dirent buff[numLevels][buffEntries];
128
129 bool fill(enum level index) {
130 if (index >= numLevels) return false;
131 if (available_bytes != 0) return true;
132 if (__predict_false(fd < 0)) return false;
133 // getdents64 has no libc wrapper
134 auto rc = TEMP_FAILURE_RETRY(syscall(__NR_getdents64, fd, buff[index], sizeof(buff[0]), 0));
135 if (rc <= 0) return false;
136 available_bytes = rc;
137 next = buff[index];
138 return true;
139 }
140
141 public:
142 dir() : fd(-1), available_bytes(0), next(nullptr) {}
143
144 explicit dir(const char* directory)
145 : fd(__predict_true(directory != nullptr)
146 ? ::open(directory, O_CLOEXEC | O_DIRECTORY | O_RDONLY)
147 : -1),
148 available_bytes(0),
149 next(nullptr) {}
150
151 explicit dir(const std::string&& directory)
152 : fd(::open(directory.c_str(), O_CLOEXEC | O_DIRECTORY | O_RDONLY)),
153 available_bytes(0),
154 next(nullptr) {}
155
156 explicit dir(const std::string& directory)
157 : fd(::open(directory.c_str(), O_CLOEXEC | O_DIRECTORY | O_RDONLY)),
158 available_bytes(0),
159 next(nullptr) {}
160
161 // Don't need any copy or move constructors.
162 explicit dir(const dir& c) = delete;
163 explicit dir(dir& c) = delete;
164 explicit dir(dir&& c) = delete;
165
166 ~dir() {
167 if (fd >= 0) {
168 ::close(fd);
169 }
170 }
171
172 operator bool() const { return fd >= 0; }
173
174 void reset(void) {
175 if (fd >= 0) {
176 ::close(fd);
177 fd = -1;
178 available_bytes = 0;
179 next = nullptr;
180 }
181 }
182
183 dir& reset(const char* directory) {
184 reset();
185 // available_bytes will _always_ be zero here as its value is
186 // intimately tied to fd < 0 or not.
187 fd = ::open(directory, O_CLOEXEC | O_DIRECTORY | O_RDONLY);
188 return *this;
189 }
190
191 void rewind(void) {
192 if (fd >= 0) {
193 ::lseek(fd, off_t(0), SEEK_SET);
194 available_bytes = 0;
195 next = nullptr;
196 }
197 }
198
199 dirent* read(enum level index = proc, dirent* def = nullptr) {
200 if (!fill(index)) return def;
201 auto ret = next;
202 available_bytes -= next->d_reclen;
203 next = reinterpret_cast<dirent*>(reinterpret_cast<char*>(next) + next->d_reclen);
204 return ret;
205 }
206} llkTopDirectory;
207
208dirent dir::buff[dir::numLevels][dir::buffEntries];
209
210// helper functions
211
212bool llkIsMissingExeLink(pid_t tid) {
213 char c;
214 // CAP_SYS_PTRACE is required to prevent ret == -1, but ENOENT is signal
215 auto ret = ::readlink((procdir + std::to_string(tid) + "/exe").c_str(), &c, sizeof(c));
216 return (ret == -1) && (errno == ENOENT);
217}
218
219// Common routine where caller accepts empty content as error/passthrough.
220// Reduces the churn of reporting read errors in the callers.
221std::string ReadFile(std::string&& path) {
222 std::string content;
223 if (!android::base::ReadFileToString(path, &content)) {
224 PLOG(DEBUG) << "Read " << path << " failed";
225 content = "";
226 }
227 return content;
228}
229
230std::string llkProcGetName(pid_t tid, const char* node = "/cmdline") {
231 std::string content = ReadFile(procdir + std::to_string(tid) + node);
232 static constexpr char needles[] = " \t\r\n"; // including trailing nul
233 auto pos = content.find_first_of(needles, 0, sizeof(needles));
234 if (pos != std::string::npos) {
235 content.erase(pos);
236 }
237 return content;
238}
239
240uid_t llkProcGetUid(pid_t tid) {
241 // Get the process' uid. The following read from /status is admittedly
242 // racy, prone to corruption due to shape-changes. The consequences are
243 // not catastrophic as we sample a few times before taking action.
244 //
245 // If /loginuid worked on reliably, or on Android (all tasks report -1)...
246 // Android lmkd causes /cgroup to contain memory:/<dom>/uid_<uid>/pid_<pid>
247 // which is tighter, but also not reliable.
248 std::string content = ReadFile(procdir + std::to_string(tid) + "/status");
249 static constexpr char Uid[] = "\nUid:";
250 auto pos = content.find(Uid);
251 if (pos == std::string::npos) {
252 return -1;
253 }
254 pos += ::strlen(Uid);
255 while ((pos < content.size()) && ::isblank(content[pos])) {
256 ++pos;
257 }
258 content.erase(0, pos);
259 for (pos = 0; (pos < content.size()) && ::isdigit(content[pos]); ++pos) {
260 ;
261 }
262 // Content of form 'Uid: 0 0 0 0', newline is error
263 if ((pos >= content.size()) || !::isblank(content[pos])) {
264 return -1;
265 }
266 content.erase(pos);
267 uid_t ret;
268 if (!android::base::ParseInt(content, &ret, uid_t(0))) {
269 return -1;
270 }
271 return ret;
272}
273
274struct proc {
275 pid_t tid; // monitored thread id (in Z or D state).
276 nanoseconds schedUpdate; // /proc/<tid>/sched "se.avg.lastUpdateTime",
277 uint64_t nrSwitches; // /proc/<tid>/sched "nr_switches" for
278 // refined ABA problem detection, determine
279 // forward scheduling progress.
280 milliseconds update; // llkUpdate millisecond signature of last.
281 milliseconds count; // duration in state.
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]282#ifdef __PTRACE_ENABLED__ // Privileged state checking
283 milliseconds count_stack; // duration where stack is stagnant.
284#endif // End privilege
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]285 pid_t pid; // /proc/<pid> before iterating through
286 // /proc/<pid>/task/<tid> for threads.
287 pid_t ppid; // /proc/<tid>/stat field 4 parent pid.
288 uid_t uid; // /proc/<tid>/status Uid: field.
289 unsigned time; // sum of /proc/<tid>/stat field 14 utime &
290 // 15 stime for coarse ABA problem detection.
291 std::string cmdline; // cached /cmdline content
292 char state; // /proc/<tid>/stat field 3: Z or D
293 // (others we do not monitor: S, R, T or ?)
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]294#ifdef __PTRACE_ENABLED__ // Privileged state checking
295 char stack; // index in llkCheckStackSymbols for matches
296#endif // and with maximum index PROP_VALUE_MAX/2.
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]297 char comm[TASK_COMM_LEN + 3]; // space for adding '[' and ']'
298 bool exeMissingValid; // exeMissing has been cached
299 bool cmdlineValid; // cmdline has been cached
300 bool updated; // cleared before monitoring pass.
301 bool killed; // sent a kill to this thread, next panic...
302
303 void setComm(const char* _comm) { strncpy(comm + 1, _comm, sizeof(comm) - 2); }
304
305 proc(pid_t tid, pid_t pid, pid_t ppid, const char* _comm, int time, char state)
306 : tid(tid),
307 schedUpdate(0),
308 nrSwitches(0),
309 update(llkUpdate),
Mark Salyzynacecaf72018-08-10 08:15:57 -0700[diff] [blame]310 count(0ms),
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]311#ifdef __PTRACE_ENABLED__
312 count_stack(0ms),
313#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]314 pid(pid),
315 ppid(ppid),
316 uid(-1),
317 time(time),
318 state(state),
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]319#ifdef __PTRACE_ENABLED__
320 stack(-1),
321#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]322 exeMissingValid(false),
323 cmdlineValid(false),
324 updated(true),
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]325 killed(!llkTestWithKill) {
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]326 memset(comm, '\0', sizeof(comm));
327 setComm(_comm);
328 }
329
330 const char* getComm(void) {
331 if (comm[1] == '\0') { // comm Valid?
332 strncpy(comm + 1, llkProcGetName(tid, "/comm").c_str(), sizeof(comm) - 2);
333 }
334 if (!exeMissingValid) {
335 if (llkIsMissingExeLink(tid)) {
336 comm[0] = '[';
337 }
338 exeMissingValid = true;
339 }
340 size_t len = strlen(comm + 1);
341 if (__predict_true(len < (sizeof(comm) - 1))) {
342 if (comm[0] == '[') {
343 if ((comm[len] != ']') && __predict_true(len < (sizeof(comm) - 2))) {
344 comm[++len] = ']';
345 comm[++len] = '\0';
346 }
347 } else {
348 if (comm[len] == ']') {
349 comm[len] = '\0';
350 }
351 }
352 }
353 return &comm[comm[0] != '['];
354 }
355
356 const char* getCmdline(void) {
357 if (!cmdlineValid) {
358 cmdline = llkProcGetName(tid);
359 cmdlineValid = true;
360 }
361 return cmdline.c_str();
362 }
363
364 uid_t getUid(void) {
365 if (uid <= 0) { // Churn on root user, because most likely to setuid()
366 uid = llkProcGetUid(tid);
367 }
368 return uid;
369 }
370
371 void reset(void) { // reset cache, if we detected pid rollover
372 uid = -1;
373 state = '?';
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]374#ifdef __PTRACE_ENABLED__
375 count_stack = 0ms;
376 stack = -1;
377#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]378 cmdline = "";
379 comm[0] = '\0';
380 exeMissingValid = false;
381 cmdlineValid = false;
382 }
383};
384
385std::unordered_map<pid_t, proc> tids;
386
387// Check range and setup defaults, in order of propagation:
388// llkTimeoutMs
389// llkCheckMs
390// ...
391// KISS to keep it all self-contained, and called multiple times as parameters
392// are interpreted so that defaults, llkCheckMs and llkCycle make sense.
393void llkValidate() {
394 if (llkTimeoutMs == 0ms) {
395 llkTimeoutMs = LLK_TIMEOUT_MS_DEFAULT;
396 }
397 llkTimeoutMs = std::max(llkTimeoutMs, LLK_TIMEOUT_MS_MINIMUM);
398 if (llkCheckMs == 0ms) {
399 llkCheckMs = llkTimeoutMs / LLK_CHECKS_PER_TIMEOUT_DEFAULT;
400 }
401 llkCheckMs = std::min(llkCheckMs, llkTimeoutMs);
402
403 for (size_t state = 0; state < ARRAY_SIZE(llkStateTimeoutMs); ++state) {
404 if (llkStateTimeoutMs[state] == 0ms) {
405 llkStateTimeoutMs[state] = llkTimeoutMs;
406 }
407 llkStateTimeoutMs[state] =
408 std::min(std::max(llkStateTimeoutMs[state], LLK_TIMEOUT_MS_MINIMUM), llkTimeoutMs);
409 llkCheckMs = std::min(llkCheckMs, llkStateTimeoutMs[state]);
410 }
411
412 llkCheckMs = std::max(llkCheckMs, LLK_CHECK_MS_MINIMUM);
413 if (llkCycle == 0ms) {
414 llkCycle = llkCheckMs;
415 }
416 llkCycle = std::min(llkCycle, llkCheckMs);
417}
418
419milliseconds llkGetTimespecDiffMs(timespec* from, timespec* to) {
420 return duration_cast<milliseconds>(seconds(to->tv_sec - from->tv_sec)) +
421 duration_cast<milliseconds>(nanoseconds(to->tv_nsec - from->tv_nsec));
422}
423
424std::string llkProcGetName(pid_t tid, const char* comm, const char* cmdline) {
425 if ((cmdline != nullptr) && (*cmdline != '\0')) {
426 return cmdline;
427 }
428 if ((comm != nullptr) && (*comm != '\0')) {
429 return comm;
430 }
431
432 // UNLIKELY! Here because killed before we kill it?
433 // Assume change is afoot, do not call llkTidAlloc
434
435 // cmdline ?
436 std::string content = llkProcGetName(tid);
437 if (content.size() != 0) {
438 return content;
439 }
440 // Comm instead?
441 content = llkProcGetName(tid, "/comm");
442 if (llkIsMissingExeLink(tid) && (content.size() != 0)) {
443 return '[' + content + ']';
444 }
445 return content;
446}
447
448int llkKillOneProcess(pid_t pid, char state, pid_t tid, const char* tcomm = nullptr,
449 const char* tcmdline = nullptr, const char* pcomm = nullptr,
450 const char* pcmdline = nullptr) {
451 std::string forTid;
452 if (tid != pid) {
453 forTid = " for '" + llkProcGetName(tid, tcomm, tcmdline) + "' (" + std::to_string(tid) + ")";
454 }
455 LOG(INFO) << "Killing '" << llkProcGetName(pid, pcomm, pcmdline) << "' (" << pid
456 << ") to check forward scheduling progress in " << state << " state" << forTid;
457 // CAP_KILL required
458 errno = 0;
459 auto r = ::kill(pid, SIGKILL);
460 if (r) {
461 PLOG(ERROR) << "kill(" << pid << ")=" << r << ' ';
462 }
463
464 return r;
465}
466
467// Kill one process
468int llkKillOneProcess(pid_t pid, proc* tprocp) {
469 return llkKillOneProcess(pid, tprocp->state, tprocp->tid, tprocp->getComm(),
470 tprocp->getCmdline());
471}
472
473// Kill one process specified by kprocp
474int llkKillOneProcess(proc* kprocp, proc* tprocp) {
475 if (kprocp == nullptr) {
476 return -2;
477 }
478
479 return llkKillOneProcess(kprocp->tid, tprocp->state, tprocp->tid, tprocp->getComm(),
480 tprocp->getCmdline(), kprocp->getComm(), kprocp->getCmdline());
481}
482
483// Acquire file descriptor from environment, or open and cache it.
484// NB: cache is unnecessary in our current context, pedantically
485// required to prevent leakage of file descriptors in the future.
486int llkFileToWriteFd(const std::string& file) {
487 static std::unordered_map<std::string, int> cache;
488 auto search = cache.find(file);
489 if (search != cache.end()) return search->second;
490 auto fd = android_get_control_file(file.c_str());
491 if (fd >= 0) return fd;
492 fd = TEMP_FAILURE_RETRY(::open(file.c_str(), O_WRONLY | O_CLOEXEC));
493 if (fd >= 0) cache.emplace(std::make_pair(file, fd));
494 return fd;
495}
496
497// Wrap android::base::WriteStringToFile to use android_get_control_file.
498bool llkWriteStringToFile(const std::string& string, const std::string& file) {
499 auto fd = llkFileToWriteFd(file);
500 if (fd < 0) return false;
501 return android::base::WriteStringToFd(string, fd);
502}
503
504bool llkWriteStringToFileConfirm(const std::string& string, const std::string& file) {
505 auto fd = llkFileToWriteFd(file);
506 auto ret = (fd < 0) ? false : android::base::WriteStringToFd(string, fd);
507 std::string content;
508 if (!android::base::ReadFileToString(file, &content)) return ret;
509 return android::base::Trim(content) == string;
510}
511
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]512void llkPanicKernel(bool dump, pid_t tid, const char* state) __noreturn;
513void llkPanicKernel(bool dump, pid_t tid, const char* state) {
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]514 auto sysrqTriggerFd = llkFileToWriteFd("/proc/sysrq-trigger");
515 if (sysrqTriggerFd < 0) {
516 // DYB
517 llkKillOneProcess(initPid, 'R', tid);
518 // The answer to life, the universe and everything
519 ::exit(42);
520 // NOTREACHED
521 }
522 ::sync();
523 if (dump) {
524 // Show all locks that are held
525 android::base::WriteStringToFd("d", sysrqTriggerFd);
526 // This can trigger hardware watchdog, that is somewhat _ok_.
527 // But useless if pstore configured for <256KB, low ram devices ...
528 if (!llkLowRam) {
529 android::base::WriteStringToFd("t", sysrqTriggerFd);
530 }
531 ::usleep(200000); // let everything settle
532 }
Mark Salyzyn52e54a62018-08-07 08:13:13 -0700[diff] [blame]533 llkWriteStringToFile("SysRq : Trigger a crash : 'livelock,"s + state + "'\n", "/dev/kmsg");
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]534 android::base::WriteStringToFd("c", sysrqTriggerFd);
535 // NOTREACHED
536 // DYB
537 llkKillOneProcess(initPid, 'R', tid);
538 // I sat at my desk, stared into the garden and thought '42 will do'.
539 // I typed it out. End of story
540 ::exit(42);
541 // NOTREACHED
542}
543
544void llkAlarmHandler(int) {
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]545 llkPanicKernel(false, ::getpid(), "alarm");
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]546}
547
548milliseconds GetUintProperty(const std::string& key, milliseconds def) {
549 return milliseconds(android::base::GetUintProperty(key, static_cast<uint64_t>(def.count()),
550 static_cast<uint64_t>(def.max().count())));
551}
552
553seconds GetUintProperty(const std::string& key, seconds def) {
554 return seconds(android::base::GetUintProperty(key, static_cast<uint64_t>(def.count()),
555 static_cast<uint64_t>(def.max().count())));
556}
557
558proc* llkTidLookup(pid_t tid) {
559 auto search = tids.find(tid);
560 if (search == tids.end()) {
561 return nullptr;
562 }
563 return &search->second;
564}
565
566void llkTidRemove(pid_t tid) {
567 tids.erase(tid);
568}
569
570proc* llkTidAlloc(pid_t tid, pid_t pid, pid_t ppid, const char* comm, int time, char state) {
571 auto it = tids.emplace(std::make_pair(tid, proc(tid, pid, ppid, comm, time, state)));
572 return &it.first->second;
573}
574
575std::string llkFormat(milliseconds ms) {
576 auto sec = duration_cast<seconds>(ms);
577 std::ostringstream s;
578 s << sec.count() << '.';
579 auto f = s.fill('0');
580 auto w = s.width(3);
581 s << std::right << (ms - sec).count();
582 s.width(w);
583 s.fill(f);
584 s << 's';
585 return s.str();
586}
587
588std::string llkFormat(seconds s) {
589 return std::to_string(s.count()) + 's';
590}
591
592std::string llkFormat(bool flag) {
593 return flag ? "true" : "false";
594}
595
596std::string llkFormat(const std::unordered_set<std::string>& blacklist) {
597 std::string ret;
598 for (auto entry : blacklist) {
599 if (ret.size()) {
600 ret += ",";
601 }
602 ret += entry;
603 }
604 return ret;
605}
606
607// We only officially support comma separators, but wetware being what they
608// are will take some liberty and I do not believe they should be punished.
Mark Salyzynacecaf72018-08-10 08:15:57 -0700[diff] [blame]609std::unordered_set<std::string> llkSplit(const std::string& s) {
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]610 std::unordered_set<std::string> result;
611
Mark Salyzynacecaf72018-08-10 08:15:57 -0700[diff] [blame]612 // Special case, allow boolean false to empty the list, otherwise expected
613 // source of input from android::base::GetProperty will supply the default
614 // value on empty content in the property.
615 if (s == "false") return result;
616
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]617 size_t base = 0;
Mark Salyzynacecaf72018-08-10 08:15:57 -0700[diff] [blame]618 while (s.size() > base) {
619 auto found = s.find_first_of(", \t:", base);
620 // Only emplace content, empty entries are not an option
621 if (found != base) result.emplace(s.substr(base, found - base));
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]622 if (found == s.npos) break;
623 base = found + 1;
624 }
625 return result;
626}
627
628bool llkSkipName(const std::string& name,
629 const std::unordered_set<std::string>& blacklist = llkBlacklistProcess) {
630 if ((name.size() == 0) || (blacklist.size() == 0)) {
631 return false;
632 }
633
634 return blacklist.find(name) != blacklist.end();
635}
636
637bool llkSkipPid(pid_t pid) {
638 return llkSkipName(std::to_string(pid), llkBlacklistProcess);
639}
640
641bool llkSkipPpid(pid_t ppid) {
642 return llkSkipName(std::to_string(ppid), llkBlacklistParent);
643}
644
645bool llkSkipUid(uid_t uid) {
646 // Match by number?
647 if (llkSkipName(std::to_string(uid), llkBlacklistUid)) {
648 return true;
649 }
650
651 // Match by name?
652 auto pwd = ::getpwuid(uid);
653 return (pwd != nullptr) && __predict_true(pwd->pw_name != nullptr) &&
654 __predict_true(pwd->pw_name[0] != '\0') && llkSkipName(pwd->pw_name, llkBlacklistUid);
655}
656
657bool getValidTidDir(dirent* dp, std::string* piddir) {
658 if (!::isdigit(dp->d_name[0])) {
659 return false;
660 }
661
662 // Corner case can not happen in reality b/c of above ::isdigit check
663 if (__predict_false(dp->d_type != DT_DIR)) {
664 if (__predict_false(dp->d_type == DT_UNKNOWN)) { // can't b/c procfs
665 struct stat st;
666 *piddir = procdir;
667 *piddir += dp->d_name;
668 return (lstat(piddir->c_str(), &st) == 0) && (st.st_mode & S_IFDIR);
669 }
670 return false;
671 }
672
673 *piddir = procdir;
674 *piddir += dp->d_name;
675 return true;
676}
677
678bool llkIsMonitorState(char state) {
679 return (state == 'Z') || (state == 'D');
680}
681
682// returns -1 if not found
683long long getSchedValue(const std::string& schedString, const char* key) {
684 auto pos = schedString.find(key);
685 if (pos == std::string::npos) {
686 return -1;
687 }
688 pos = schedString.find(':', pos);
689 if (__predict_false(pos == std::string::npos)) {
690 return -1;
691 }
692 while ((++pos < schedString.size()) && ::isblank(schedString[pos])) {
693 ;
694 }
695 long long ret;
696 if (!android::base::ParseInt(schedString.substr(pos), &ret, static_cast<long long>(0))) {
697 return -1;
698 }
699 return ret;
700}
701
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]702#ifdef __PTRACE_ENABLED__
703bool llkCheckStack(proc* procp, const std::string& piddir) {
704 if (llkCheckStackSymbols.empty()) return false;
705 if (procp->state == 'Z') { // No brains for Zombies
706 procp->stack = -1;
707 procp->count_stack = 0ms;
708 return false;
709 }
710
711 // Don't check process that are known to block ptrace, save sepolicy noise.
712 if (llkSkipName(std::to_string(procp->pid), llkBlacklistStack)) return false;
713 if (llkSkipName(procp->getComm(), llkBlacklistStack)) return false;
714 if (llkSkipName(procp->getCmdline(), llkBlacklistStack)) return false;
715
716 auto kernel_stack = ReadFile(piddir + "/stack");
717 if (kernel_stack.empty()) {
718 LOG(INFO) << piddir << "/stack empty comm=" << procp->getComm()
719 << " cmdline=" << procp->getCmdline();
720 return false;
721 }
722 // A scheduling incident that should not reset count_stack
723 if (kernel_stack.find(" cpu_worker_pools+0x") != std::string::npos) return false;
724 char idx = -1;
725 char match = -1;
726 for (const auto& stack : llkCheckStackSymbols) {
727 if (++idx < 0) break;
728 if (kernel_stack.find(" "s + stack + "+0x") != std::string::npos) {
729 match = idx;
730 break;
731 }
732 }
733 if (procp->stack != match) {
734 procp->stack = match;
735 procp->count_stack = 0ms;
736 return false;
737 }
738 if (match == char(-1)) return false;
739 procp->count_stack += llkCycle;
740 return procp->count_stack >= llkStateTimeoutMs[llkStateStack];
741}
742#endif
743
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]744// Primary ABA mitigation watching last time schedule activity happened
745void llkCheckSchedUpdate(proc* procp, const std::string& piddir) {
746 // Audit finds /proc/<tid>/sched is just over 1K, and
747 // is rarely larger than 2K, even less on Android.
748 // For example, the "se.avg.lastUpdateTime" field we are
749 // interested in typically within the primary set in
750 // the first 1K.
751 //
752 // Proc entries can not be read >1K atomically via libbase,
753 // but if there are problems we assume at least a few
754 // samples of reads occur before we take any real action.
755 std::string schedString = ReadFile(piddir + "/sched");
756 if (schedString.size() == 0) {
757 // /schedstat is not as standardized, but in 3.1+
758 // Android devices, the third field is nr_switches
759 // from /sched:
760 schedString = ReadFile(piddir + "/schedstat");
761 if (schedString.size() == 0) {
762 return;
763 }
764 auto val = static_cast<unsigned long long>(-1);
765 if (((::sscanf(schedString.c_str(), "%*d %*d %llu", &val)) == 1) &&
766 (val != static_cast<unsigned long long>(-1)) && (val != 0) &&
767 (val != procp->nrSwitches)) {
768 procp->nrSwitches = val;
769 procp->count = 0ms;
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]770 procp->killed = !llkTestWithKill;
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]771 }
772 return;
773 }
774
775 auto val = getSchedValue(schedString, "\nse.avg.lastUpdateTime");
776 if (val == -1) {
777 val = getSchedValue(schedString, "\nse.svg.last_update_time");
778 }
779 if (val != -1) {
780 auto schedUpdate = nanoseconds(val);
781 if (schedUpdate != procp->schedUpdate) {
782 procp->schedUpdate = schedUpdate;
783 procp->count = 0ms;
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]784 procp->killed = !llkTestWithKill;
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]785 }
786 }
787
788 val = getSchedValue(schedString, "\nnr_switches");
789 if (val != -1) {
790 if (static_cast<uint64_t>(val) != procp->nrSwitches) {
791 procp->nrSwitches = val;
792 procp->count = 0ms;
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]793 procp->killed = !llkTestWithKill;
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]794 }
795 }
796}
797
798void llkLogConfig(void) {
799 LOG(INFO) << "ro.config.low_ram=" << llkFormat(llkLowRam) << "\n"
800 << LLK_ENABLE_PROPERTY "=" << llkFormat(llkEnable) << "\n"
801 << KHT_ENABLE_PROPERTY "=" << llkFormat(khtEnable) << "\n"
802 << LLK_MLOCKALL_PROPERTY "=" << llkFormat(llkMlockall) << "\n"
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]803 << LLK_KILLTEST_PROPERTY "=" << llkFormat(llkTestWithKill) << "\n"
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]804 << KHT_TIMEOUT_PROPERTY "=" << llkFormat(khtTimeout) << "\n"
805 << LLK_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkTimeoutMs) << "\n"
806 << LLK_D_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkStateTimeoutMs[llkStateD]) << "\n"
807 << LLK_Z_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkStateTimeoutMs[llkStateZ]) << "\n"
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]808#ifdef __PTRACE_ENABLED__
809 << LLK_STACK_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkStateTimeoutMs[llkStateStack])
810 << "\n"
811#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]812 << LLK_CHECK_MS_PROPERTY "=" << llkFormat(llkCheckMs) << "\n"
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]813#ifdef __PTRACE_ENABLED__
814 << LLK_CHECK_STACK_PROPERTY "=" << llkFormat(llkCheckStackSymbols) << "\n"
815 << LLK_BLACKLIST_STACK_PROPERTY "=" << llkFormat(llkBlacklistStack) << "\n"
816#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]817 << LLK_BLACKLIST_PROCESS_PROPERTY "=" << llkFormat(llkBlacklistProcess) << "\n"
818 << LLK_BLACKLIST_PARENT_PROPERTY "=" << llkFormat(llkBlacklistParent) << "\n"
819 << LLK_BLACKLIST_UID_PROPERTY "=" << llkFormat(llkBlacklistUid);
820}
821
822void* llkThread(void* obj) {
Mark Salyzyn4832a8b2018-08-15 11:02:18 -0700[diff] [blame]823 prctl(PR_SET_DUMPABLE, 0);
824
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]825 LOG(INFO) << "started";
826
827 std::string name = std::to_string(::gettid());
828 if (!llkSkipName(name)) {
829 llkBlacklistProcess.emplace(name);
830 }
831 name = static_cast<const char*>(obj);
832 prctl(PR_SET_NAME, name.c_str());
833 if (__predict_false(!llkSkipName(name))) {
834 llkBlacklistProcess.insert(name);
835 }
836 // No longer modifying llkBlacklistProcess.
837 llkRunning = true;
838 llkLogConfig();
839 while (llkRunning) {
840 ::usleep(duration_cast<microseconds>(llkCheck(true)).count());
841 }
842 // NOTREACHED
843 LOG(INFO) << "exiting";
844 return nullptr;
845}
846
847} // namespace
848
849milliseconds llkCheck(bool checkRunning) {
850 if (!llkEnable || (checkRunning != llkRunning)) {
851 return milliseconds::max();
852 }
853
854 // Reset internal watchdog, which is a healthy engineering margin of
855 // double the maximum wait or cycle time for the mainloop that calls us.
856 //
857 // This alarm is effectively the live lock detection of llkd, as
858 // we understandably can not monitor ourselves otherwise.
859 ::alarm(duration_cast<seconds>(llkTimeoutMs * 2).count());
860
861 // kernel jiffy precision fastest acquisition
862 static timespec last;
863 timespec now;
864 ::clock_gettime(CLOCK_MONOTONIC_COARSE, &now);
865 auto ms = llkGetTimespecDiffMs(&last, &now);
866 if (ms < llkCycle) {
867 return llkCycle - ms;
868 }
869 last = now;
870
871 LOG(VERBOSE) << "opendir(\"" << procdir << "\")";
872 if (__predict_false(!llkTopDirectory)) {
873 // gid containing AID_READPROC required
874 llkTopDirectory.reset(procdir);
875 if (__predict_false(!llkTopDirectory)) {
876 // Most likely reason we could be here is a resource limit.
877 // Keep our processing down to a minimum, but not so low that
878 // we do not recover in a timely manner should the issue be
879 // transitory.
880 LOG(DEBUG) << "opendir(\"" << procdir << "\") failed";
881 return llkTimeoutMs;
882 }
883 }
884
885 for (auto& it : tids) {
886 it.second.updated = false;
887 }
888
889 auto prevUpdate = llkUpdate;
890 llkUpdate += ms;
891 ms -= llkCycle;
892 auto myPid = ::getpid();
893 auto myTid = ::gettid();
894 for (auto dp = llkTopDirectory.read(); dp != nullptr; dp = llkTopDirectory.read()) {
895 std::string piddir;
896
897 if (!getValidTidDir(dp, &piddir)) {
898 continue;
899 }
900
901 // Get the process tasks
902 std::string taskdir = piddir + "/task/";
903 int pid = -1;
904 LOG(VERBOSE) << "+opendir(\"" << taskdir << "\")";
905 dir taskDirectory(taskdir);
906 if (__predict_false(!taskDirectory)) {
907 LOG(DEBUG) << "+opendir(\"" << taskdir << "\") failed";
908 }
909 for (auto tp = taskDirectory.read(dir::task, dp); tp != nullptr;
910 tp = taskDirectory.read(dir::task)) {
911 if (!getValidTidDir(tp, &piddir)) {
912 continue;
913 }
914
915 // Get the process stat
916 std::string stat = ReadFile(piddir + "/stat");
917 if (stat.size() == 0) {
918 continue;
919 }
920 unsigned tid = -1;
921 char pdir[TASK_COMM_LEN + 1];
922 char state = '?';
923 unsigned ppid = -1;
924 unsigned utime = -1;
925 unsigned stime = -1;
926 int dummy;
927 pdir[0] = '\0';
928 // tid should not change value
929 auto match = ::sscanf(
930 stat.c_str(),
931 "%u (%" ___STRING(
932 TASK_COMM_LEN) "[^)]) %c %u %*d %*d %*d %*d %*d %*d %*d %*d %*d %u %u %d",
933 &tid, pdir, &state, &ppid, &utime, &stime, &dummy);
934 if (pid == -1) {
935 pid = tid;
936 }
937 LOG(VERBOSE) << "match " << match << ' ' << tid << " (" << pdir << ") " << state << ' '
938 << ppid << " ... " << utime << ' ' << stime << ' ' << dummy;
939 if (match != 7) {
940 continue;
941 }
942
943 auto procp = llkTidLookup(tid);
944 if (procp == nullptr) {
945 procp = llkTidAlloc(tid, pid, ppid, pdir, utime + stime, state);
946 } else {
947 // comm can change ...
948 procp->setComm(pdir);
949 procp->updated = true;
950 // pid/ppid/tid wrap?
951 if (((procp->update != prevUpdate) && (procp->update != llkUpdate)) ||
952 (procp->ppid != ppid) || (procp->pid != pid)) {
953 procp->reset();
954 } else if (procp->time != (utime + stime)) { // secondary ABA.
955 // watching utime+stime granularity jiffy
956 procp->state = '?';
957 }
958 procp->update = llkUpdate;
959 procp->pid = pid;
960 procp->ppid = ppid;
961 procp->time = utime + stime;
962 if (procp->state != state) {
963 procp->count = 0ms;
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]964 procp->killed = !llkTestWithKill;
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]965 procp->state = state;
966 } else {
967 procp->count += llkCycle;
968 }
969 }
970
971 // Filter checks in intuitive order of CPU cost to evaluate
972 // If tid unique continue, if ppid or pid unique break
973
974 if (pid == myPid) {
975 break;
976 }
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]977#ifdef __PTRACE_ENABLED__
978 // if no stack monitoring, we can quickly exit here
979 if (!llkIsMonitorState(state) && llkCheckStackSymbols.empty()) {
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]980 continue;
981 }
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]982#else
983 if (!llkIsMonitorState(state)) continue;
984#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]985 if ((tid == myTid) || llkSkipPid(tid)) {
986 continue;
987 }
988 if (llkSkipPpid(ppid)) {
989 break;
990 }
991
992 if (llkSkipName(procp->getComm())) {
993 continue;
994 }
995 if (llkSkipName(procp->getCmdline())) {
996 break;
997 }
998
999 auto pprocp = llkTidLookup(ppid);
1000 if (pprocp == nullptr) {
1001 pprocp = llkTidAlloc(ppid, ppid, 0, "", 0, '?');
1002 }
1003 if ((pprocp != nullptr) && (llkSkipName(pprocp->getComm(), llkBlacklistParent) ||
1004 llkSkipName(pprocp->getCmdline(), llkBlacklistParent))) {
1005 break;
1006 }
1007
1008 if ((llkBlacklistUid.size() != 0) && llkSkipUid(procp->getUid())) {
1009 continue;
1010 }
1011
1012 // ABA mitigation watching last time schedule activity happened
1013 llkCheckSchedUpdate(procp, piddir);
1014
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1015#ifdef __PTRACE_ENABLED__
1016 auto stuck = llkCheckStack(procp, piddir);
1017 if (llkIsMonitorState(state)) {
1018 if (procp->count >= llkStateTimeoutMs[(state == 'Z') ? llkStateZ : llkStateD]) {
1019 stuck = true;
1020 } else if (procp->count != 0ms) {
1021 LOG(VERBOSE) << state << ' ' << llkFormat(procp->count) << ' ' << ppid << "->"
1022 << pid << "->" << tid << ' ' << procp->getComm();
1023 }
1024 }
1025 if (!stuck) continue;
1026#else
1027 if (procp->count >= llkStateTimeoutMs[(state == 'Z') ? llkStateZ : llkStateD]) {
1028 if (procp->count != 0ms) {
1029 LOG(VERBOSE) << state << ' ' << llkFormat(procp->count) << ' ' << ppid << "->"
1030 << pid << "->" << tid << ' ' << procp->getComm();
1031 }
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1032 continue;
1033 }
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1034#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1035
1036 // We have to kill it to determine difference between live lock
1037 // and persistent state blocked on a resource. Is there something
1038 // wrong with a process that has no forward scheduling progress in
1039 // Z or D? Yes, generally means improper accounting in the
1040 // process, but not always ...
1041 //
1042 // Whomever we hit with a test kill must accept the Android
1043 // Aphorism that everything can be burned to the ground and
1044 // must survive.
1045 if (procp->killed == false) {
1046 procp->killed = true;
1047 // confirm: re-read uid before committing to a panic.
1048 procp->uid = -1;
1049 switch (state) {
1050 case 'Z': // kill ppid to free up a Zombie
1051 // Killing init will kernel panic without diagnostics
1052 // so skip right to controlled kernel panic with
1053 // diagnostics.
1054 if (ppid == initPid) {
1055 break;
1056 }
1057 LOG(WARNING) << "Z " << llkFormat(procp->count) << ' ' << ppid << "->"
1058 << pid << "->" << tid << ' ' << procp->getComm() << " [kill]";
1059 if ((llkKillOneProcess(pprocp, procp) >= 0) ||
1060 (llkKillOneProcess(ppid, procp) >= 0)) {
1061 continue;
1062 }
1063 break;
1064
1065 case 'D': // kill tid to free up an uninterruptible D
1066 // If ABA is doing its job, we would not need or
1067 // want the following. Test kill is a Hail Mary
1068 // to make absolutely sure there is no forward
1069 // scheduling progress. The cost when ABA is
1070 // not working is we kill a process that likes to
1071 // stay in 'D' state, instead of panicing the
1072 // kernel (worse).
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1073 default:
1074 LOG(WARNING) << state << ' ' << llkFormat(procp->count) << ' ' << pid
1075 << "->" << tid << ' ' << procp->getComm() << " [kill]";
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1076 if ((llkKillOneProcess(llkTidLookup(pid), procp) >= 0) ||
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1077 (llkKillOneProcess(pid, state, tid) >= 0) ||
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1078 (llkKillOneProcess(procp, procp) >= 0) ||
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1079 (llkKillOneProcess(tid, state, tid) >= 0)) {
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1080 continue;
1081 }
1082 break;
1083 }
1084 }
1085 // We are here because we have confirmed kernel live-lock
1086 LOG(ERROR) << state << ' ' << llkFormat(procp->count) << ' ' << ppid << "->" << pid
1087 << "->" << tid << ' ' << procp->getComm() << " [panic]";
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1088 llkPanicKernel(true, tid,
1089 (state == 'Z') ? "zombie" : (state == 'D') ? "driver" : "sleeping");
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1090 }
1091 LOG(VERBOSE) << "+closedir()";
1092 }
1093 llkTopDirectory.rewind();
1094 LOG(VERBOSE) << "closedir()";
1095
1096 // garbage collection of old process references
1097 for (auto p = tids.begin(); p != tids.end();) {
1098 if (!p->second.updated) {
1099 IF_ALOG(LOG_VERBOSE, LOG_TAG) {
1100 std::string ppidCmdline = llkProcGetName(p->second.ppid, nullptr, nullptr);
1101 if (ppidCmdline.size()) {
1102 ppidCmdline = "(" + ppidCmdline + ")";
1103 }
1104 std::string pidCmdline;
1105 if (p->second.pid != p->second.tid) {
1106 pidCmdline = llkProcGetName(p->second.pid, nullptr, p->second.getCmdline());
1107 if (pidCmdline.size()) {
1108 pidCmdline = "(" + pidCmdline + ")";
1109 }
1110 }
1111 std::string tidCmdline =
1112 llkProcGetName(p->second.tid, p->second.getComm(), p->second.getCmdline());
1113 if (tidCmdline.size()) {
1114 tidCmdline = "(" + tidCmdline + ")";
1115 }
1116 LOG(VERBOSE) << "thread " << p->second.ppid << ppidCmdline << "->" << p->second.pid
1117 << pidCmdline << "->" << p->second.tid << tidCmdline << " removed";
1118 }
1119 p = tids.erase(p);
1120 } else {
1121 ++p;
1122 }
1123 }
1124 if (__predict_false(tids.empty())) {
1125 llkTopDirectory.reset();
1126 }
1127
1128 llkCycle = llkCheckMs;
1129
1130 timespec end;
1131 ::clock_gettime(CLOCK_MONOTONIC_COARSE, &end);
1132 auto milli = llkGetTimespecDiffMs(&now, &end);
1133 LOG((milli > 10s) ? ERROR : (milli > 1s) ? WARNING : VERBOSE) << "sample " << llkFormat(milli);
1134
1135 // cap to minimum sleep for 1 second since last cycle
1136 if (llkCycle < (ms + 1s)) {
1137 return 1s;
1138 }
1139 return llkCycle - ms;
1140}
1141
1142unsigned llkCheckMilliseconds() {
1143 return duration_cast<milliseconds>(llkCheck()).count();
1144}
1145
1146bool llkInit(const char* threadname) {
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1147 auto debuggable = android::base::GetBoolProperty("ro.debuggable", false);
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1148 llkLowRam = android::base::GetBoolProperty("ro.config.low_ram", false);
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1149 if (!LLK_ENABLE_DEFAULT && debuggable) {
Mark Salyzynd035dbb2018-03-26 08:23:00 -0700[diff] [blame]1150 llkEnable = android::base::GetProperty(LLK_ENABLE_PROPERTY, "eng") == "eng";
1151 khtEnable = android::base::GetProperty(KHT_ENABLE_PROPERTY, "eng") == "eng";
1152 }
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1153 llkEnable = android::base::GetBoolProperty(LLK_ENABLE_PROPERTY, llkEnable);
1154 if (llkEnable && !llkTopDirectory.reset(procdir)) {
1155 // Most likely reason we could be here is llkd was started
1156 // incorrectly without the readproc permissions. Keep our
1157 // processing down to a minimum.
1158 llkEnable = false;
1159 }
1160 khtEnable = android::base::GetBoolProperty(KHT_ENABLE_PROPERTY, khtEnable);
1161 llkMlockall = android::base::GetBoolProperty(LLK_MLOCKALL_PROPERTY, llkMlockall);
Mark Salyzynafd66f22018-03-19 15:16:29 -0700[diff] [blame]1162 llkTestWithKill = android::base::GetBoolProperty(LLK_KILLTEST_PROPERTY, llkTestWithKill);
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1163 // if LLK_TIMOUT_MS_PROPERTY was not set, we will use a set
1164 // KHT_TIMEOUT_PROPERTY as co-operative guidance for the default value.
1165 khtTimeout = GetUintProperty(KHT_TIMEOUT_PROPERTY, khtTimeout);
1166 if (khtTimeout == 0s) {
1167 khtTimeout = duration_cast<seconds>(llkTimeoutMs * (1 + LLK_CHECKS_PER_TIMEOUT_DEFAULT) /
1168 LLK_CHECKS_PER_TIMEOUT_DEFAULT);
1169 }
1170 llkTimeoutMs =
1171 khtTimeout * LLK_CHECKS_PER_TIMEOUT_DEFAULT / (1 + LLK_CHECKS_PER_TIMEOUT_DEFAULT);
1172 llkTimeoutMs = GetUintProperty(LLK_TIMEOUT_MS_PROPERTY, llkTimeoutMs);
1173 llkValidate(); // validate llkTimeoutMs, llkCheckMs and llkCycle
1174 llkStateTimeoutMs[llkStateD] = GetUintProperty(LLK_D_TIMEOUT_MS_PROPERTY, llkTimeoutMs);
1175 llkStateTimeoutMs[llkStateZ] = GetUintProperty(LLK_Z_TIMEOUT_MS_PROPERTY, llkTimeoutMs);
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1176#ifdef __PTRACE_ENABLED__
1177 llkStateTimeoutMs[llkStateStack] = GetUintProperty(LLK_STACK_TIMEOUT_MS_PROPERTY, llkTimeoutMs);
1178#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1179 llkCheckMs = GetUintProperty(LLK_CHECK_MS_PROPERTY, llkCheckMs);
1180 llkValidate(); // validate all (effectively minus llkTimeoutMs)
Mark Salyzyn96505fa2018-08-07 08:13:13 -0700[diff] [blame]1181#ifdef __PTRACE_ENABLED__
1182 if (debuggable) {
1183 llkCheckStackSymbols = llkSplit(
1184 android::base::GetProperty(LLK_CHECK_STACK_PROPERTY, LLK_CHECK_STACK_DEFAULT));
1185 }
1186 std::string defaultBlacklistStack(LLK_BLACKLIST_STACK_DEFAULT);
1187 if (!debuggable) defaultBlacklistStack += ",logd,/system/bin/logd";
1188 llkBlacklistStack = llkSplit(
1189 android::base::GetProperty(LLK_BLACKLIST_STACK_PROPERTY, defaultBlacklistStack));
1190#endif
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1191 std::string defaultBlacklistProcess(
1192 std::to_string(kernelPid) + "," + std::to_string(initPid) + "," +
1193 std::to_string(kthreaddPid) + "," + std::to_string(::getpid()) + "," +
1194 std::to_string(::gettid()) + "," LLK_BLACKLIST_PROCESS_DEFAULT);
1195 if (threadname) {
Mark Salyzyn52e54a62018-08-07 08:13:13 -0700[diff] [blame]1196 defaultBlacklistProcess += ","s + threadname;
Mark Salyzynf089e142018-02-20 10:47:40 -0800[diff] [blame]1197 }
1198 for (int cpu = 1; cpu < get_nprocs_conf(); ++cpu) {
1199 defaultBlacklistProcess += ",[watchdog/" + std::to_string(cpu) + "]";
1200 }
1201 defaultBlacklistProcess =
1202 android::base::GetProperty(LLK_BLACKLIST_PROCESS_PROPERTY, defaultBlacklistProcess);
1203 llkBlacklistProcess = llkSplit(defaultBlacklistProcess);
1204 if (!llkSkipName("[khungtaskd]")) { // ALWAYS ignore as special
1205 llkBlacklistProcess.emplace("[khungtaskd]");
1206 }
1207 llkBlacklistParent = llkSplit(android::base::GetProperty(
1208 LLK_BLACKLIST_PARENT_PROPERTY, std::to_string(kernelPid) + "," + std::to_string(kthreaddPid) +
1209 "," LLK_BLACKLIST_PARENT_DEFAULT));
1210 llkBlacklistUid =
1211 llkSplit(android::base::GetProperty(LLK_BLACKLIST_UID_PROPERTY, LLK_BLACKLIST_UID_DEFAULT));
1212
1213 // internal watchdog
1214 ::signal(SIGALRM, llkAlarmHandler);
1215
1216 // kernel hung task configuration? Otherwise leave it as-is
1217 if (khtEnable) {
1218 // EUID must be AID_ROOT to write to /proc/sys/kernel/ nodes, there
1219 // are no capability overrides. For security reasons we do not want
1220 // to run as AID_ROOT. We may not be able to write them successfully,
1221 // we will try, but the least we can do is read the values back to
1222 // confirm expectations and report whether configured or not.
1223 auto configured = llkWriteStringToFileConfirm(std::to_string(khtTimeout.count()),
1224 "/proc/sys/kernel/hung_task_timeout_secs");
1225 if (configured) {
1226 llkWriteStringToFile("65535", "/proc/sys/kernel/hung_task_warnings");
1227 llkWriteStringToFile("65535", "/proc/sys/kernel/hung_task_check_count");
1228 configured = llkWriteStringToFileConfirm("1", "/proc/sys/kernel/hung_task_panic");
1229 }
1230 if (configured) {
1231 LOG(INFO) << "[khungtaskd] configured";
1232 } else {
1233 LOG(WARNING) << "[khungtaskd] not configurable";
1234 }
1235 }
1236
1237 bool logConfig = true;
1238 if (llkEnable) {
1239 if (llkMlockall &&
1240 // MCL_ONFAULT pins pages as they fault instead of loading
1241 // everything immediately all at once. (Which would be bad,
1242 // because as of this writing, we have a lot of mapped pages we
1243 // never use.) Old kernels will see MCL_ONFAULT and fail with
1244 // EINVAL; we ignore this failure.
1245 //
1246 // N.B. read the man page for mlockall. MCL_CURRENT | MCL_ONFAULT
1247 // pins ⊆ MCL_CURRENT, converging to just MCL_CURRENT as we fault
1248 // in pages.
1249
1250 // CAP_IPC_LOCK required
1251 mlockall(MCL_CURRENT | MCL_FUTURE | MCL_ONFAULT) && (errno != EINVAL)) {
1252 PLOG(WARNING) << "mlockall failed ";
1253 }
1254
1255 if (threadname) {
1256 pthread_attr_t attr;
1257
1258 if (!pthread_attr_init(&attr)) {
1259 sched_param param;
1260
1261 memset(&param, 0, sizeof(param));
1262 pthread_attr_setschedparam(&attr, &param);
1263 pthread_attr_setschedpolicy(&attr, SCHED_BATCH);
1264 if (!pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED)) {
1265 pthread_t thread;
1266 if (!pthread_create(&thread, &attr, llkThread, const_cast<char*>(threadname))) {
1267 // wait a second for thread to start
1268 for (auto retry = 50; retry && !llkRunning; --retry) {
1269 ::usleep(20000);
1270 }
1271 logConfig = !llkRunning; // printed in llkd context?
1272 } else {
1273 LOG(ERROR) << "failed to spawn llkd thread";
1274 }
1275 } else {
1276 LOG(ERROR) << "failed to detach llkd thread";
1277 }
1278 pthread_attr_destroy(&attr);
1279 } else {
1280 LOG(ERROR) << "failed to allocate attibutes for llkd thread";
1281 }
1282 }
1283 } else {
1284 LOG(DEBUG) << "[khungtaskd] left unconfigured";
1285 }
1286 if (logConfig) {
1287 llkLogConfig();
1288 }
1289
1290 return llkEnable;
1291}