Use current pid not tid to create a backtrace map.
The BacktraceMap::Create() function assumes that the passed in
parameter is the current pid not tid. If a tid is passed in, then
the logic that creates the local map in libunwind is not used
and can bypass all of the special handling of local maps. The result
can be crashes if this map data gets out of sync with the real maps
found in the process.
Bug: 26676205
Bug: https://code.google.com/p/android/issues/detail?id=199219
Change-Id: Ibab9f7a7b99648a2cdaa185958bf6ffc368079ce
diff --git a/runtime/thread_list.cc b/runtime/thread_list.cc
index fc1a445..727ffe5 100644
--- a/runtime/thread_list.cc
+++ b/runtime/thread_list.cc
@@ -190,7 +190,7 @@
class DumpCheckpoint FINAL : public Closure {
public:
explicit DumpCheckpoint(std::ostream* os)
- : os_(os), barrier_(0), backtrace_map_(BacktraceMap::Create(GetTid())) {}
+ : os_(os), barrier_(0), backtrace_map_(BacktraceMap::Create(getpid())) {}
void Run(Thread* thread) OVERRIDE {
// Note thread and self may not be equal if thread was already suspended at the point of the
diff --git a/runtime/utils.cc b/runtime/utils.cc
index 8e9f12b..07f94c0 100644
--- a/runtime/utils.cc
+++ b/runtime/utils.cc
@@ -1115,7 +1115,7 @@
BacktraceMap* map = existing_map;
std::unique_ptr<BacktraceMap> tmp_map;
if (map == nullptr) {
- tmp_map.reset(BacktraceMap::Create(tid));
+ tmp_map.reset(BacktraceMap::Create(getpid()));
map = tmp_map.get();
}
std::unique_ptr<Backtrace> backtrace(Backtrace::Create(BACKTRACE_CURRENT_PROCESS, tid, map));