1/***
2  This file is part of PulseAudio.
3
4  Copyright 2004-2006 Lennart Poettering
5
6  PulseAudio is free software; you can redistribute it and/or modify
7  it under the terms of the GNU Lesser General Public License as
8  published by the Free Software Foundation; either version 2.1 of the
9  License, or (at your option) any later version.
10
11  PulseAudio is distributed in the hope that it will be useful, but
12  WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  General Public License for more details.
15
16  You should have received a copy of the GNU Lesser General Public
17  License along with PulseAudio; if not, see <http://www.gnu.org/licenses/>.
18***/
19
20#ifdef HAVE_CONFIG_H
21#include <config.h>
22#endif
23
24#include <pulse/rtclock.h>
25#include <pulse/timeval.h>
26
27#include <pulsecore/core-util.h>
28#include <pulsecore/core-error.h>
29#include <pulsecore/log.h>
30#include <pulsecore/macro.h>
31
32#include "cpulimit.h"
33
34#ifdef HAVE_SIGXCPU
35
36#include <errno.h>
37#include <stdio.h>
38#include <string.h>
39#include <unistd.h>
40#include <signal.h>
41
42#ifdef HAVE_SYS_RESOURCE_H
43#include <sys/resource.h>
44#endif
45
46/* This module implements a watchdog that makes sure that the current
47 * process doesn't consume more than 70% CPU time for 10 seconds. This
48 * is very useful when using SCHED_FIFO scheduling which effectively
49 * disables multitasking. */
50
51/* Method of operation: Using SIGXCPU a signal handler is called every
52 * 10s process CPU time. That function checks if less than 14s system
53 * time have passed. In that case, it tries to contact the main event
54 * loop through a pipe. After two additional seconds it is checked
55 * whether the main event loop contact was successful. If not, the
56 * program is terminated forcibly. */
57
58/* Utilize this much CPU time at maximum */
59#define CPUTIME_PERCENT 70
60
61/* Check every 10s */
62#define CPUTIME_INTERVAL_SOFT (10)
63
64/* Recheck after 5s */
65#define CPUTIME_INTERVAL_HARD (5)
66
67/* Time of the last CPU load check */
68static pa_usec_t last_time = 0;
69
70/* Pipe for communicating with the main loop */
71static int the_pipe[2] = {-1, -1};
72
73/* Main event loop and IO event for the FIFO */
74static pa_mainloop_api *api = NULL;
75static pa_io_event *io_event = NULL;
76
77/* Saved sigaction struct for SIGXCPU */
78static struct sigaction sigaction_prev;
79
80/* Nonzero after pa_cpu_limit_init() */
81static bool installed = false;
82
83/* The current state of operation */
84static enum {
85    PHASE_IDLE,   /* Normal state */
86    PHASE_SOFT    /* After CPU overload has been detected */
87} phase = PHASE_IDLE;
88
89/* Reset the SIGXCPU timer to the next t seconds */
90static void reset_cpu_time(int t) {
91    long n;
92    struct rlimit rl;
93    struct rusage ru;
94
95    /* Get the current CPU time of the current process */
96    pa_assert_se(getrusage(RUSAGE_SELF, &ru) >= 0);
97
98    n = ru.ru_utime.tv_sec + ru.ru_stime.tv_sec + t;
99    pa_assert_se(getrlimit(RLIMIT_CPU, &rl) >= 0);
100
101    rl.rlim_cur = (rlim_t) n;
102    pa_assert_se(setrlimit(RLIMIT_CPU, &rl) >= 0);
103}
104
105/* A simple, thread-safe puts() work-alike */
106static void write_err(const char *p) {
107    pa_loop_write(2, p, strlen(p), NULL);
108}
109
110/* The signal handler, called on every SIGXCPU */
111static void signal_handler(int sig) {
112    int saved_errno;
113
114    saved_errno = errno;
115    pa_assert(sig == SIGXCPU);
116
117    if (phase == PHASE_IDLE) {
118        pa_usec_t now, elapsed;
119
120#ifdef PRINT_CPU_LOAD
121        char t[256];
122#endif
123
124        now = pa_rtclock_now();
125        elapsed = now - last_time;
126
127#ifdef PRINT_CPU_LOAD
128        pa_snprintf(t, sizeof(t), "Using %0.1f%% CPU\n", ((double) CPUTIME_INTERVAL_SOFT * (double) PA_USEC_PER_SEC) / (double) elapsed * 100.0);
129        write_err(t);
130#endif
131
132        if (((double) CPUTIME_INTERVAL_SOFT * (double) PA_USEC_PER_SEC) >= ((double) elapsed * (double) CPUTIME_PERCENT / 100.0)) {
133            static const char c = 'X';
134
135            write_err("Soft CPU time limit exhausted, terminating.\n");
136
137            /* Try a soft cleanup */
138            (void) pa_write(the_pipe[1], &c, sizeof(c), NULL);
139            phase = PHASE_SOFT;
140            reset_cpu_time(CPUTIME_INTERVAL_HARD);
141
142        } else {
143
144            /* Everything's fine */
145            reset_cpu_time(CPUTIME_INTERVAL_SOFT);
146            last_time = now;
147        }
148
149    } else if (phase == PHASE_SOFT) {
150        write_err("Hard CPU time limit exhausted, terminating forcibly.\n");
151        abort(); /* Forced exit */
152    }
153
154    errno = saved_errno;
155}
156
157/* Callback for IO events on the FIFO */
158static void callback(pa_mainloop_api*m, pa_io_event*e, int fd, pa_io_event_flags_t f, void *userdata) {
159    char c;
160    pa_assert(m);
161    pa_assert(e);
162    pa_assert(f == PA_IO_EVENT_INPUT);
163    pa_assert(e == io_event);
164    pa_assert(fd == the_pipe[0]);
165
166    pa_log("Received request to terminate due to CPU overload.");
167
168    (void) pa_read(the_pipe[0], &c, sizeof(c), NULL);
169    m->quit(m, 1); /* Quit the main loop */
170}
171
172/* Initializes CPU load limiter */
173int pa_cpu_limit_init(pa_mainloop_api *m) {
174    struct sigaction sa;
175
176    pa_assert(m);
177    pa_assert(!api);
178    pa_assert(!io_event);
179    pa_assert(the_pipe[0] == -1);
180    pa_assert(the_pipe[1] == -1);
181    pa_assert(!installed);
182
183    last_time = pa_rtclock_now();
184
185    /* Prepare the main loop pipe */
186    if (pa_pipe_cloexec(the_pipe) < 0) {
187        pa_log("pipe() failed: %s", pa_cstrerror(errno));
188        return -1;
189    }
190
191    pa_make_fd_nonblock(the_pipe[0]);
192    pa_make_fd_nonblock(the_pipe[1]);
193
194    api = m;
195    io_event = api->io_new(m, the_pipe[0], PA_IO_EVENT_INPUT, callback, NULL);
196
197    phase = PHASE_IDLE;
198
199    /* Install signal handler for SIGXCPU */
200    memset(&sa, 0, sizeof(sa));
201    sa.sa_handler = signal_handler;
202    sigemptyset(&sa.sa_mask);
203    sa.sa_flags = SA_RESTART;
204
205    if (sigaction(SIGXCPU, &sa, &sigaction_prev) < 0) {
206        pa_cpu_limit_done();
207        return -1;
208    }
209
210    installed = true;
211
212    reset_cpu_time(CPUTIME_INTERVAL_SOFT);
213
214    return 0;
215}
216
217/* Shutdown CPU load limiter */
218void pa_cpu_limit_done(void) {
219
220    if (io_event) {
221        pa_assert(api);
222        api->io_free(io_event);
223        io_event = NULL;
224        api = NULL;
225    }
226
227    pa_close_pipe(the_pipe);
228
229    if (installed) {
230        pa_assert_se(sigaction(SIGXCPU, &sigaction_prev, NULL) >= 0);
231        installed = false;
232    }
233}
234
235#else /* HAVE_SIGXCPU */
236
237int pa_cpu_limit_init(pa_mainloop_api *m) {
238    return 0;
239}
240
241void pa_cpu_limit_done(void) {
242}
243
244#endif
245