This code before the change seems to over-estimate the number of real
nodes which should be safe -- can you explain why it causes problem?
David
On Thu, Feb 2, 2012 at 6:13 PM, Sriraman Tallam <tmsri...@google.com> wrote:
> Fix a bug in the function reordering linker plugin where the number of nodes
> to be reordered is incremented in the wrong place. This caused a heap buffer
> to overflow under certain conditions.
>
> The linker plugin itself is only available in the google 4_6 branch and I will
> port it to other branches and make it available for review for trunk soon.
>
> * callgraph.c (parse_callgraph_section_contents): Remove increment
> to num_real_nodes.
> (set_node_type): Increment num_real_nodes.
>
> Index: function_reordering_plugin/callgraph.c
> ===================================================================
> --- function_reordering_plugin/callgraph.c (revision 183860)
> +++ function_reordering_plugin/callgraph.c (working copy)
> @@ -304,7 +304,6 @@ parse_callgraph_section_contents (unsigned char *s
> caller = caller + HEADER_LEN;
> curr_length = read_length;
> caller_node = get_function_node (caller);
> - num_real_nodes++;
>
> while (curr_length < length)
> {
> @@ -422,7 +421,10 @@ static void set_node_type (Node *n)
> char *name = n->name;
> slot = htab_find_with_hash (section_map, name, htab_hash_string (name));
> if (slot != NULL)
> - set_as_real_node (n);
> + {
> + set_as_real_node (n);
> + num_real_nodes++;
> + }
> }
>
> void
>
> --
> This patch is available for review at http://codereview.appspot.com/5623048
