summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHui Yu <huiyu@google.com>2019-05-17 20:39:52 (GMT)
committerandroid-build-team Robot <android-build-team-robot@google.com>2019-06-11 21:04:20 (GMT)
commit3bdb6f51b683a7869e9e4065a552fc106d462d9e (patch)
tree8bbddb102a6c38a01170f86e17dee028ba58d44a
parent3c09ad74e8eee24324d7de567e4b03674c48f88d (diff)
downloadframeworks_base-3bdb6f51b683a7869e9e4065a552fc106d462d9e.zip
frameworks_base-3bdb6f51b683a7869e9e4065a552fc106d462d9e.tar.gz
frameworks_base-3bdb6f51b683a7869e9e4065a552fc106d462d9e.tar.bz2
Clean up ProcessRecord when reuse a pid.
When Zygote starts a process with a pid, system_server may have this pid associate with a old process which is killed by the OS but system_server has not finished cleanup. In this case, clean up the old ProcessRecord so the new process can use the pid. This problem is exposed because the asynchronous process start change. attachApplicationLocked() may happen before handleProcessStartedLocked() and the mPidsSelfLocked may still have the old ProcessRecord associate with the new process's pid. Bug: 131105245 Test: POC test steps in b/131105245. Change-Id: I775acda5147291d0cf9836b6ffb3f52d1bf9bffe Merged-In: I775acda5147291d0cf9836b6ffb3f52d1bf9bffe Merged-In: I5d421f6c68f6b3437d51c94f4aef77e08a7bf002 (cherry picked from commit 3d47e0ceca4e6528a1bec2a7e94a833b8951d93a)
-rw-r--r--services/core/java/com/android/server/am/ActivityManagerService.java38
1 files changed, 35 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
index a1d42c0..32cc605 100644
--- a/services/core/java/com/android/server/am/ActivityManagerService.java
+++ b/services/core/java/com/android/server/am/ActivityManagerService.java
@@ -4224,6 +4224,7 @@ public class ActivityManagerService extends IActivityManager.Stub
}
checkTime(startTime, "startProcess: done removing from pids map");
app.setPid(0);
+ app.startSeq = 0;
}
if (DEBUG_PROCESSES && mProcessesOnHold.contains(app)) Slog.v(TAG_PROCESSES,
@@ -4414,6 +4415,14 @@ public class ActivityManagerService extends IActivityManager.Stub
app.killedByAm = false;
app.removed = false;
app.killed = false;
+ if (app.startSeq != 0) {
+ Slog.wtf(TAG, "startProcessLocked processName:" + app.processName
+ + " with non-zero startSeq:" + app.startSeq);
+ }
+ if (app.pid != 0) {
+ Slog.wtf(TAG, "startProcessLocked processName:" + app.processName
+ + " with non-zero pid:" + app.pid);
+ }
final long startSeq = app.startSeq = ++mProcStartSeqCounter;
app.setStartParams(uid, hostingType, hostingNameStr, seInfo, startTime);
if (mConstants.FLAG_PROCESS_START_ASYNC) {
@@ -4599,8 +4608,11 @@ public class ActivityManagerService extends IActivityManager.Stub
// If there is already an app occupying that pid that hasn't been cleaned up
if (oldApp != null && !app.isolated) {
// Clean up anything relating to this pid first
- Slog.w(TAG, "Reusing pid " + pid
- + " while app is still mapped to it");
+ Slog.wtf(TAG, "handleProcessStartedLocked process:" + app.processName
+ + " startSeq:" + app.startSeq
+ + " pid:" + pid
+ + " belongs to another existing app:" + oldApp.processName
+ + " startSeq:" + oldApp.startSeq);
cleanUpApplicationRecordLocked(oldApp, false, false, -1,
true /*replacingPid*/);
}
@@ -7591,6 +7603,26 @@ public class ActivityManagerService extends IActivityManager.Stub
synchronized (mPidsSelfLocked) {
app = mPidsSelfLocked.get(pid);
}
+ if (app != null && (app.startUid != callingUid || app.startSeq != startSeq)) {
+ String processName = null;
+ final ProcessRecord pending = mPendingStarts.get(startSeq);
+ if (pending != null) {
+ processName = pending.processName;
+ }
+ final String msg = "attachApplicationLocked process:" + processName
+ + " startSeq:" + startSeq
+ + " pid:" + pid
+ + " belongs to another existing app:" + app.processName
+ + " startSeq:" + app.startSeq;
+ Slog.wtf(TAG, msg);
+ // SafetyNet logging for b/131105245.
+ EventLog.writeEvent(0x534e4554, "131105245", app.startUid, msg);
+ // If there is already an app occupying that pid that hasn't been cleaned up
+ cleanUpApplicationRecordLocked(app, false, false, -1,
+ true /*replacingPid*/);
+ mPidsSelfLocked.remove(pid);
+ app = null;
+ }
} else {
app = null;
}
@@ -7599,7 +7631,7 @@ public class ActivityManagerService extends IActivityManager.Stub
// update the internal state.
if (app == null && startSeq > 0) {
final ProcessRecord pending = mPendingStarts.get(startSeq);
- if (pending != null && pending.startUid == callingUid
+ if (pending != null && pending.startUid == callingUid && pending.startSeq == startSeq
&& handleProcessStartedLocked(pending, pid, pending.usingWrapper,
startSeq, true)) {
app = pending;