aboutsummaryrefslogtreecommitdiff
path: root/gdbserver
diff options
context:
space:
mode:
authorTom Tromey <tromey@adacore.com>2020-10-20 10:28:58 -0600
committerTom Tromey <tromey@adacore.com>2020-10-20 10:36:04 -0600
commita9b45cb77662d0bb8d312140eee94146f34bd3ce (patch)
treeac3f78889d431f8b80a364f4cb1904199ec6bceb /gdbserver
parente0c45dedd909c7a0a6621bdc9061051c185123bb (diff)
downloadgdb-a9b45cb77662d0bb8d312140eee94146f34bd3ce.zip
gdb-a9b45cb77662d0bb8d312140eee94146f34bd3ce.tar.gz
gdb-a9b45cb77662d0bb8d312140eee94146f34bd3ce.tar.bz2
Fix undefined behavior in gdbserver
PR gdb/26742 points out some undefined behavior in gdbserver. The bug is that remove_thread does: free_one_thread (thread); if (current_thread == thread) current_thread = NULL; However, the equality check is undefined, because "thread" has already been freed. This patch fixes the bug by moving the check earlier. Tested on x86-64 Fedora 32. 2020-10-20 Tom Tromey <tromey@adacore.com> PR gdb/26742: * inferiors.cc (remove_thread): Clear current_thread before freeing the thread.
Diffstat (limited to 'gdbserver')
-rw-r--r--gdbserver/ChangeLog6
-rw-r--r--gdbserver/inferiors.cc2
2 files changed, 7 insertions, 1 deletions
diff --git a/gdbserver/ChangeLog b/gdbserver/ChangeLog
index e93e4ea..fd0a4bf 100644
--- a/gdbserver/ChangeLog
+++ b/gdbserver/ChangeLog
@@ -1,3 +1,9 @@
+2020-10-20 Tom Tromey <tromey@adacore.com>
+
+ PR gdb/26742:
+ * inferiors.cc (remove_thread): Clear current_thread before
+ freeing the thread.
+
2020-10-13 Kamil Rytarowski <n54@gmx.com>x
* netbsd-low.cc (netbsd_tdesc): Remove.
diff --git a/gdbserver/inferiors.cc b/gdbserver/inferiors.cc
index 861c9f3..9a1280d 100644
--- a/gdbserver/inferiors.cc
+++ b/gdbserver/inferiors.cc
@@ -103,9 +103,9 @@ remove_thread (struct thread_info *thread)
discard_queued_stop_replies (ptid_of (thread));
all_threads.remove (thread);
- free_one_thread (thread);
if (current_thread == thread)
current_thread = NULL;
+ free_one_thread (thread);
}
void *