[Bf-blender-cvs] SVN commit: /data/svn/bf-blender [59001] trunk/blender/source/blender/ blenloader/intern/readfile.c: Fix crashes that could still happen opening files with the outliner bug that existed

Brecht Van Lommel brechtvanlommel at pandora.be
Wed Aug 7 21:29:15 CEST 2013 

Revision: 59001
          http://projects.blender.org/scm/viewvc.php?view=rev&root=bf-blender&revision=59001
Author:   blendix
Date:     2013-08-07 19:29:15 +0000 (Wed, 07 Aug 2013)
Log Message:
-----------
Fix crashes that could still happen opening files with the outliner bug that existed
between revision 58855 and 58959. Now it ensures the memory is not freed before reading.

Revision Links:
--------------
    http://projects.blender.org/scm/viewvc.php?view=rev&root=bf-blender&revision=58855

Modified Paths:
--------------
    trunk/blender/source/blender/blenloader/intern/readfile.c

Modified: trunk/blender/source/blender/blenloader/intern/readfile.c
===================================================================
--- trunk/blender/source/blender/blenloader/intern/readfile.c	2013-08-07 19:11:37 UTC (rev 59000)
+++ trunk/blender/source/blender/blenloader/intern/readfile.c	2013-08-07 19:29:15 UTC (rev 59001)
@@ -328,7 +328,7 @@
 	oldnewmap_insert(onm, oldaddr, newaddr, nr);
 }
 
-static void *oldnewmap_lookup_and_inc(OldNewMap *onm, void *addr) 
+static void *oldnewmap_lookup_and_inc(OldNewMap *onm, void *addr, bool increase_users) 
 {
 	int i;
 	
@@ -338,7 +338,8 @@
 		OldNew *entry = &onm->entries[++onm->lasthit];
 		
 		if (entry->old == addr) {
-			entry->nr++;
+			if (increase_users)
+				entry->nr++;
 			return entry->newp;
 		}
 	}
@@ -349,7 +350,8 @@
 		if (entry->old == addr) {
 			onm->lasthit = i;
 			
-			entry->nr++;
+			if (increase_users)
+				entry->nr++;
 			return entry->newp;
 		}
 	}
@@ -1201,34 +1203,39 @@
 
 static void *newdataadr(FileData *fd, void *adr)		/* only direct databocks */
 {
-	return oldnewmap_lookup_and_inc(fd->datamap, adr);
+	return oldnewmap_lookup_and_inc(fd->datamap, adr, true);
 }
 
+static void *newdataadr_no_us(FileData *fd, void *adr)		/* only direct databocks */
+{
+	return oldnewmap_lookup_and_inc(fd->datamap, adr, false);
+}
+
 static void *newglobadr(FileData *fd, void *adr)	    /* direct datablocks with global linking */
 {
-	return oldnewmap_lookup_and_inc(fd->globmap, adr);
+	return oldnewmap_lookup_and_inc(fd->globmap, adr, true);
 }
 
 static void *newimaadr(FileData *fd, void *adr)		    /* used to restore image data after undo */
 {
 	if (fd->imamap && adr)
-		return oldnewmap_lookup_and_inc(fd->imamap, adr);
+		return oldnewmap_lookup_and_inc(fd->imamap, adr, true);
 	return NULL;
 }
 
 static void *newmclipadr(FileData *fd, void *adr)      /* used to restore movie clip data after undo */
 {
 	if (fd->movieclipmap && adr)
-		return oldnewmap_lookup_and_inc(fd->movieclipmap, adr);
+		return oldnewmap_lookup_and_inc(fd->movieclipmap, adr, true);
 	return NULL;
 }
 
 static void *newpackedadr(FileData *fd, void *adr)      /* used to restore packed data after undo */
 {
 	if (fd->packedmap && adr)
-		return oldnewmap_lookup_and_inc(fd->packedmap, adr);
+		return oldnewmap_lookup_and_inc(fd->packedmap, adr, true);
 	
-	return oldnewmap_lookup_and_inc(fd->datamap, adr);
+	return oldnewmap_lookup_and_inc(fd->datamap, adr, true);
 }
 
 
@@ -6301,10 +6308,14 @@
 			else if (sl->spacetype == SPACE_OUTLINER) {
 				SpaceOops *soops = (SpaceOops *) sl;
 				
-				TreeStore *ts = newdataadr(fd, soops->treestore);
+				/* use newdataadr_no_us and do not free old memory avoidign double
+				 * frees and use of freed memory. this could happen because of a
+				 * bug fixed in revision 58959 where the treestore memory address
+				 * was not unique */
+				TreeStore *ts = newdataadr_no_us(fd, soops->treestore);
 				soops->treestore = NULL;
 				if (ts) {
-					TreeStoreElem *elems = newdataadr(fd, ts->data);
+					TreeStoreElem *elems = newdataadr_no_us(fd, ts->data);
 					
 					soops->treestore = BLI_mempool_create(sizeof(TreeStoreElem), ts->usedelem,
 					                                      512, BLI_MEMPOOL_ALLOW_ITER);
@@ -6314,12 +6325,9 @@
 							TreeStoreElem *new_elem = BLI_mempool_alloc(soops->treestore);
 							*new_elem = elems[i];
 						}
-						MEM_freeN(elems);
 					}
 					/* we only saved what was used */
 					soops->storeflag |= SO_TREESTORE_CLEANUP;	// at first draw
-					
-					MEM_freeN(ts);
 				}
 				soops->treehash = NULL;
 				soops->tree.first = soops->tree.last= NULL;

More information about the Bf-blender-cvs mailing list