Do not access device maps.
It's possible that a device map has memory controlled by a single entry
device driver. Thus, you can deadlock if a process is touching that
device memory and we try to unwind it and also touch that device memory.
Simply skip any attempts to step through, or get function names from
device memory maps.
Bug: 36130325
Test: Ran new unit tests, ran bionic unit tests, ran art ThreadStress.
Change-Id: Ibc62d7ec8106c619ee08968f05e04aea55d7cbfa
diff --git a/libbacktrace/UnwindPtrace.cpp b/libbacktrace/UnwindPtrace.cpp
index 5c73bd6..42ac1bc 100644
--- a/libbacktrace/UnwindPtrace.cpp
+++ b/libbacktrace/UnwindPtrace.cpp
@@ -136,12 +136,28 @@
FillInMap(frame->pc, &frame->map);
- frame->func_name = GetFunctionName(frame->pc, &frame->func_offset);
+ frame->func_name = GetFunctionName(frame->pc, &frame->func_offset, &frame->map);
num_frames++;
+ // If the pc is in a device map, then don't try to step.
+ if (frame->map.flags & PROT_DEVICE_MAP) {
+ break;
+ }
} else {
+ // If the pc is in a device map, then don't try to step.
+ backtrace_map_t map;
+ FillInMap(pc, &map);
+ if (map.flags & PROT_DEVICE_MAP) {
+ break;
+ }
num_ignore_frames--;
}
+ // Verify the sp is not in a device map.
+ backtrace_map_t map;
+ FillInMap(sp, &map);
+ if (map.flags & PROT_DEVICE_MAP) {
+ break;
+ }
ret = unw_step (&cursor);
} while (ret > 0 && num_frames < MAX_BACKTRACE_FRAMES);