1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include <inttypes.h>
30 #include <stdint.h>
31 
32 #include <array>
33 #include <mutex>
34 #include <vector>
35 
36 #include <android/fdsan.h>
37 #include <bionic/fdtrack.h>
38 
39 #include <android-base/no_destructor.h>
40 #include <android-base/thread_annotations.h>
41 #include <async_safe/log.h>
42 #include <bionic/reserved_signals.h>
43 #include <unwindstack/LocalUnwinder.h>
44 
45 struct FdEntry {
46   std::mutex mutex;
47   std::vector<unwindstack::LocalFrameData> backtrace GUARDED_BY(mutex);
48 };
49 
50 extern "C" void fdtrack_dump();
51 
52 using fdtrack_callback_t = bool (*)(int fd, const char* const* function_names,
53                                     const uint64_t* function_offsets, size_t count, void* arg);
54 extern "C" void fdtrack_iterate(fdtrack_callback_t callback, void* arg);
55 
56 static void fd_hook(android_fdtrack_event* event);
57 
58 // Backtraces for the first 4k file descriptors ought to be enough to diagnose an fd leak.
59 static constexpr size_t kFdTableSize = 4096;
60 
61 // 32 frames, plus two to skip from fdtrack itself.
62 static constexpr size_t kStackDepth = 34;
63 static constexpr size_t kStackFrameSkip = 2;
64 
65 static bool installed = false;
66 static std::array<FdEntry, kFdTableSize> stack_traces [[clang::no_destroy]];
Unwinder()67 static unwindstack::LocalUnwinder& Unwinder() {
68   static android::base::NoDestructor<unwindstack::LocalUnwinder> unwinder;
69   return *unwinder.get();
70 }
71 
ctor()72 __attribute__((constructor)) static void ctor() {
73   for (auto& entry : stack_traces) {
74     entry.backtrace.reserve(kStackDepth);
75   }
76 
77   signal(BIONIC_SIGNAL_FDTRACK, [](int) { fdtrack_dump(); });
78   if (Unwinder().Init()) {
79     android_fdtrack_hook_t expected = nullptr;
80     installed = android_fdtrack_compare_exchange_hook(&expected, &fd_hook);
81   }
82 }
83 
dtor()84 __attribute__((destructor)) static void dtor() {
85   if (installed) {
86     android_fdtrack_hook_t expected = &fd_hook;
87     android_fdtrack_compare_exchange_hook(&expected, nullptr);
88   }
89 }
90 
GetFdEntry(int fd)91 FdEntry* GetFdEntry(int fd) {
92   if (fd >= 0 && fd < static_cast<int>(kFdTableSize)) {
93     return &stack_traces[fd];
94   }
95   return nullptr;
96 }
97 
fd_hook(android_fdtrack_event * event)98 static void fd_hook(android_fdtrack_event* event) {
99   if (event->type == ANDROID_FDTRACK_EVENT_TYPE_CREATE) {
100     if (FdEntry* entry = GetFdEntry(event->fd); entry) {
101       std::lock_guard<std::mutex> lock(entry->mutex);
102       entry->backtrace.clear();
103       Unwinder().Unwind(&entry->backtrace, kStackDepth);
104     }
105   } else if (event->type == ANDROID_FDTRACK_EVENT_TYPE_CLOSE) {
106     if (FdEntry* entry = GetFdEntry(event->fd); entry) {
107       std::lock_guard<std::mutex> lock(entry->mutex);
108       entry->backtrace.clear();
109     }
110   }
111 }
112 
fdtrack_iterate(fdtrack_callback_t callback,void * arg)113 void fdtrack_iterate(fdtrack_callback_t callback, void* arg) {
114   bool prev = android_fdtrack_set_enabled(false);
115 
116   for (int fd = 0; fd < static_cast<int>(stack_traces.size()); ++fd) {
117     const char* function_names[kStackDepth];
118     uint64_t function_offsets[kStackDepth];
119     FdEntry* entry = GetFdEntry(fd);
120     if (!entry) {
121       continue;
122     }
123 
124     if (!entry->mutex.try_lock()) {
125       async_safe_format_log(ANDROID_LOG_WARN, "fdtrack", "fd %d locked, skipping", fd);
126       continue;
127     }
128 
129     if (entry->backtrace.empty()) {
130       entry->mutex.unlock();
131       continue;
132     } else if (entry->backtrace.size() < 2) {
133       async_safe_format_log(ANDROID_LOG_WARN, "fdtrack", "fd %d missing frames: size = %zu", fd,
134                             entry->backtrace.size());
135 
136       entry->mutex.unlock();
137       continue;
138     }
139 
140     for (size_t i = kStackFrameSkip; i < entry->backtrace.size(); ++i) {
141       size_t j = i - kStackFrameSkip;
142       function_names[j] = entry->backtrace[i].function_name.c_str();
143       function_offsets[j] = entry->backtrace[i].function_offset;
144     }
145 
146     bool should_continue = callback(fd, function_names, function_offsets,
147                                     entry->backtrace.size() - kStackFrameSkip, arg);
148 
149     entry->mutex.unlock();
150 
151     if (!should_continue) {
152       break;
153     }
154   }
155 
156   android_fdtrack_set_enabled(prev);
157 }
158 
fdtrack_dump()159 void fdtrack_dump() {
160   if (!installed) {
161     async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fdtrack not installed");
162   } else {
163     async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fdtrack dumping...");
164   }
165 
166   fdtrack_iterate(
167       [](int fd, const char* const* function_names, const uint64_t* function_offsets, size_t count,
168          void*) {
169         uint64_t fdsan_owner = android_fdsan_get_owner_tag(fd);
170         if (fdsan_owner != 0) {
171           async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fd %d: (owner = 0x%" PRIx64 ")", fd,
172                                 fdsan_owner);
173         } else {
174           async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "fd %d: (unowned)", fd);
175         }
176 
177         for (size_t i = 0; i < count; ++i) {
178           async_safe_format_log(ANDROID_LOG_INFO, "fdtrack", "  %zu: %s+%" PRIu64, i,
179                                 function_names[i], function_offsets[i]);
180         }
181 
182         return true;
183       },
184       nullptr);
185 }
186