From: Andre Noll Date: Wed, 13 Jan 2010 23:11:46 +0000 (+0100) Subject: [btr] Fix merge_input_pool(). X-Git-Tag: v0.4.2~103 X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=commitdiff_plain;h=8fa697a6fc4430625cfd66fdce6e36bd8aec739b;ds=sidebyside [btr] Fix merge_input_pool(). This function contained the following bug: wbr, buf1 and sz1 could be used without being initialized. This was sometimes hitting the assertion (buf1 && buf2). Fix this by initializing these variables at the top. --- diff --git a/buffer_tree.c b/buffer_tree.c index dfecf10a..40079c2f 100644 --- a/buffer_tree.c +++ b/buffer_tree.c @@ -582,18 +582,20 @@ static bool need_buffer_pool_merge(struct btr_node *btrn) static void merge_input_pool(struct btr_node *btrn, size_t dest_size) { - struct btr_buffer_reference *br, *wbr; + struct btr_buffer_reference *br, *wbr = NULL; int num_refs; /* including wrap buffer */ - char *buf, *buf1, *buf2 = NULL; - size_t sz, sz1, sz2 = 0, wsz; + char *buf, *buf1 = NULL, *buf2 = NULL; + size_t sz, sz1 = 0, sz2 = 0, wsz; - if (list_empty(&btrn->input_queue)) + br = get_first_input_br(btrn); + if (!br || br_available_bytes(br) >= dest_size) return; - num_refs = 0; FOR_EACH_BUFFER_REF(br, btrn) { num_refs++; sz = btr_get_buffer_by_reference(br, &buf); + if (sz == 0) + break; if (br->wrap_count != 0) { assert(!wbr); assert(num_refs == 1); @@ -622,15 +624,15 @@ next: if (sz1 + sz2 >= dest_size) break; } + if (!buf2) /* nothing to do */ + return; + assert(buf1 && sz2 > 0); /* * If the second buffer is large, we only take the first part of it to * avoid having to memcpy() huge buffers. */ sz2 = PARA_MIN(sz2, (size_t)(64 * 1024)); if (!wbr) { - assert(buf1); - if (!buf2) /* nothing to do */ - return; /* Make a new wrap buffer combining buf1 and buf2. */ sz = sz1 + sz2; buf = para_malloc(sz); @@ -647,6 +649,7 @@ next: para_list_add(&br->node, &btrn->input_queue); return; } + PARA_DEBUG_LOG("increasing wrap buffer, sz1: %zu, sz2: %zu\n", sz1, sz2); /* * We already have a wrap buffer, but it is too small. It might be * partially used. @@ -654,10 +657,8 @@ next: wsz = br_available_bytes(wbr); if (wbr->wrap_count == sz1 && wbr->btrb->size >= sz1 + sz2) /* nothing we can do about it */ return; - assert(buf1 && buf2); sz = sz1 + sz2 - wbr->btrb->size; /* amount of new data */ wbr->btrb->size += sz; - PARA_DEBUG_LOG("increasing wrap buffer to %zu\n", wbr->btrb->size); wbr->btrb->buf = para_realloc(wbr->btrb->buf, wbr->btrb->size); /* copy the new data to the end of the reallocated buffer */ assert(sz2 >= sz);