[google][4.6]Bug fix to function reordering linker plugin (issue5623048)

Sriraman Tallam tmsriram@google.com
Fri Feb 3 02:13:00 GMT 2012


Fix a bug in the function reordering linker plugin where the number of nodes
to be reordered is incremented in the wrong place. This caused a heap buffer
to overflow under certain conditions.  

The linker plugin itself is only available in the google 4_6 branch and I will
port it to other branches and make it available for review for trunk soon.

	* callgraph.c (parse_callgraph_section_contents): Remove increment
	to num_real_nodes.
	(set_node_type): Increment num_real_nodes.

Index: function_reordering_plugin/callgraph.c
===================================================================
--- function_reordering_plugin/callgraph.c	(revision 183860)
+++ function_reordering_plugin/callgraph.c	(working copy)
@@ -304,7 +304,6 @@ parse_callgraph_section_contents (unsigned char *s
   caller = caller + HEADER_LEN;
   curr_length = read_length;
   caller_node = get_function_node (caller);
-  num_real_nodes++;
 
   while (curr_length < length)
     {
@@ -422,7 +421,10 @@ static void set_node_type (Node *n)
   char *name = n->name;
   slot = htab_find_with_hash (section_map, name, htab_hash_string (name));
   if (slot != NULL)
-    set_as_real_node (n);
+    {
+      set_as_real_node (n);
+      num_real_nodes++;
+    }
 }
 
 void

--
This patch is available for review at http://codereview.appspot.com/5623048



More information about the Gcc-patches mailing list