Fix prof_alloc_rollback().
Fix prof_alloc_rollback() to read tdata from thread-specific data rather
than dereferencing a potentially invalid tctx.
diff --git a/ChangeLog b/ChangeLog
index b5e10c4..fb376b2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,8 @@
so this fix removes buggy code without loss of generality.
- Fix irallocx_prof_sample() to always allocate large regions, even when
alignment is non-zero.
+ - Fix prof_alloc_rollback() to read tdata from thread-specific data rather
+ than dereferencing a potentially invalid tctx.
* 4.0.1 (September 15, 2015)
diff --git a/src/prof.c b/src/prof.c
index d68478f..0a08062 100644
--- a/src/prof.c
+++ b/src/prof.c
@@ -209,7 +209,7 @@
*/
tdata = prof_tdata_get(tsd, true);
if (tdata != NULL)
- prof_sample_threshold_update(tctx->tdata);
+ prof_sample_threshold_update(tdata);
}
if ((uintptr_t)tctx > (uintptr_t)1U) {