diff options
author | Simon Marchi <simon.marchi@polymtl.ca> | 2020-07-13 22:27:00 -0400 |
---|---|---|
committer | Simon Marchi <simon.marchi@polymtl.ca> | 2020-07-13 22:27:01 -0400 |
commit | b315b67d7a57a0fd995cce5dfec77a4b61fa23d4 (patch) | |
tree | 9ef0b17812f0fdaa38e25cb683b206fe1db25cfe /gdbserver/server.cc | |
parent | 0a3a820f6ce861efa8c2a7aa5d0db11c6a7c3285 (diff) | |
download | gdb-b315b67d7a57a0fd995cce5dfec77a4b61fa23d4.zip gdb-b315b67d7a57a0fd995cce5dfec77a4b61fa23d4.tar.gz gdb-b315b67d7a57a0fd995cce5dfec77a4b61fa23d4.tar.bz2 |
gdbserver: fix memory leak when handling qsupported packet
When building gdbserver with AddressSanitizer, I get this annoying
little leak when gdbserver exits:
==307817==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 14 byte(s) in 1 object(s) allocated from:
#0 0x7f7fd4256459 in __interceptor_malloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x563bef981b80 in xmalloc /home/simark/src/binutils-gdb/gdbserver/../gdb/alloc.c:60
#2 0x563befb53301 in xstrdup /home/simark/src/binutils-gdb/libiberty/xstrdup.c:34
#3 0x563bef9d742b in handle_query /home/simark/src/binutils-gdb/gdbserver/server.cc:2286
#4 0x563bef9ed0b7 in process_serial_event /home/simark/src/binutils-gdb/gdbserver/server.cc:4061
#5 0x563bef9f1d9e in handle_serial_event(int, void*) /home/simark/src/binutils-gdb/gdbserver/server.cc:4402
#6 0x563befb0ec65 in handle_file_event /home/simark/src/binutils-gdb/gdbsupport/event-loop.cc:548
#7 0x563befb0f49f in gdb_wait_for_event /home/simark/src/binutils-gdb/gdbsupport/event-loop.cc:673
#8 0x563befb0d4a1 in gdb_do_one_event() /home/simark/src/binutils-gdb/gdbsupport/event-loop.cc:215
#9 0x563bef9e721a in start_event_loop /home/simark/src/binutils-gdb/gdbserver/server.cc:3484
#10 0x563bef9eb90a in captured_main /home/simark/src/binutils-gdb/gdbserver/server.cc:3875
#11 0x563bef9ec2c7 in main /home/simark/src/binutils-gdb/gdbserver/server.cc:3961
#12 0x7f7fd3330001 in __libc_start_main (/usr/lib/libc.so.6+0x27001)
SUMMARY: AddressSanitizer: 14 byte(s) leaked in 1 allocation(s).
This is due to the handling of unknown qsupported features in
handle_query. The `qsupported` vector is built, containing all the
feature names received from GDB. As we iterate on them, when we
encounter unknown ones, we move them at the beginning of the vector, in
preparation of passing this vector of unknown features down to the
target (which may know about them).
When moving these unknown features to other slots in the vector, we
overwrite other pointers without freeing them, which therefore leak.
An easy fix would be to add a `free` when doing the move. However, I
think this is a good opportunity to sprinkle a bit of automatic memory
management in this code.
So, use a vector of std::string which owns all the entries. And use a
separate vector (that doesn't own the entries) for the unknown ones,
which is then passed to target_process_qsupported.
Given that the `c_str` method of std::string returns a `const char *`,
it follows that process_stratum_target::process_qsupported must accept a
`const char **` instead of a `char **`. And while at it, change the
pointer + size paramters to use an array_view instead.
gdbserver/ChangeLog:
* server.cc (handle_query): Use std::vector of
std::string for `qsupported` vector. Use separate
vector for unknowns.
* target.h (class process_stratum_target) <process_qsupported>:
Change parameters to array_view of const char *.
(target_process_qsupported): Remove `count` parameter.
* target.cc (process_stratum_target::process_qsupported): Change
parameters to array_view of const char *.
* linux-x86-low.cc (class x86_target) <process_qsupported>:
Likewise.
Change-Id: I97f133825faa6d7abbf83a58504eb0ba77462812
Diffstat (limited to 'gdbserver/server.cc')
-rw-r--r-- | gdbserver/server.cc | 45 |
1 files changed, 16 insertions, 29 deletions
diff --git a/gdbserver/server.cc b/gdbserver/server.cc index 0313d18..ab5363e 100644 --- a/gdbserver/server.cc +++ b/gdbserver/server.cc @@ -2269,10 +2269,8 @@ handle_query (char *own_buf, int packet_len, int *new_packet_len_p) ';'. */ if (*p == ':') { - char **qsupported = NULL; - int count = 0; - int unknown = 0; - int i; + std::vector<std::string> qsupported; + std::vector<const char *> unknowns; /* Two passes, to avoid nested strtok calls in target_process_qsupported. */ @@ -2280,28 +2278,23 @@ handle_query (char *own_buf, int packet_len, int *new_packet_len_p) for (p = strtok_r (p + 1, ";", &saveptr); p != NULL; p = strtok_r (NULL, ";", &saveptr)) - { - count++; - qsupported = XRESIZEVEC (char *, qsupported, count); - qsupported[count - 1] = xstrdup (p); - } + qsupported.emplace_back (p); - for (i = 0; i < count; i++) + for (const std::string &feature : qsupported) { - p = qsupported[i]; - if (strcmp (p, "multiprocess+") == 0) + if (feature == "multiprocess+") { /* GDB supports and wants multi-process support if possible. */ if (target_supports_multi_process ()) cs.multi_process = 1; } - else if (strcmp (p, "qRelocInsn+") == 0) + else if (feature == "qRelocInsn+") { /* GDB supports relocate instruction requests. */ gdb_supports_qRelocInsn = 1; } - else if (strcmp (p, "swbreak+") == 0) + else if (feature == "swbreak+") { /* GDB wants us to report whether a trap is caused by a software breakpoint and for us to handle PC @@ -2309,36 +2302,36 @@ handle_query (char *own_buf, int packet_len, int *new_packet_len_p) if (target_supports_stopped_by_sw_breakpoint ()) cs.swbreak_feature = 1; } - else if (strcmp (p, "hwbreak+") == 0) + else if (feature == "hwbreak+") { /* GDB wants us to report whether a trap is caused by a hardware breakpoint. */ if (target_supports_stopped_by_hw_breakpoint ()) cs.hwbreak_feature = 1; } - else if (strcmp (p, "fork-events+") == 0) + else if (feature == "fork-events+") { /* GDB supports and wants fork events if possible. */ if (target_supports_fork_events ()) cs.report_fork_events = 1; } - else if (strcmp (p, "vfork-events+") == 0) + else if (feature == "vfork-events+") { /* GDB supports and wants vfork events if possible. */ if (target_supports_vfork_events ()) cs.report_vfork_events = 1; } - else if (strcmp (p, "exec-events+") == 0) + else if (feature == "exec-events+") { /* GDB supports and wants exec events if possible. */ if (target_supports_exec_events ()) cs.report_exec_events = 1; } - else if (strcmp (p, "vContSupported+") == 0) + else if (feature == "vContSupported+") cs.vCont_supported = 1; - else if (strcmp (p, "QThreadEvents+") == 0) + else if (feature == "QThreadEvents+") ; - else if (strcmp (p, "no-resumed+") == 0) + else if (feature == "no-resumed+") { /* GDB supports and wants TARGET_WAITKIND_NO_RESUMED events. */ @@ -2347,19 +2340,13 @@ handle_query (char *own_buf, int packet_len, int *new_packet_len_p) else { /* Move the unknown features all together. */ - qsupported[i] = NULL; - qsupported[unknown] = p; - unknown++; + unknowns.push_back (feature.c_str ()); } } /* Give the target backend a chance to process the unknown features. */ - target_process_qsupported (qsupported, unknown); - - for (i = 0; i < count; i++) - free (qsupported[i]); - free (qsupported); + target_process_qsupported (unknowns); } sprintf (own_buf, |