From 752e2bdbd2caaba44846fb00b5f5ae90546b0c6a Mon Sep 17 00:00:00 2001
From: Arne Goedeke <el@laramies.com>
Date: Tue, 8 Sep 2015 10:39:34 +0200
Subject: [PATCH] block_allocator: fixed a bug in ba_sort_free_list

This could possibly happen after syntax errors when freeing
the compiler data.
---
 src/block_allocator.c | 35 +++++++++++++++++++++++------------
 1 file changed, 23 insertions(+), 12 deletions(-)

diff --git a/src/block_allocator.c b/src/block_allocator.c
index 7099dca615..2644e0b47c 100644
--- a/src/block_allocator.c
+++ b/src/block_allocator.c
@@ -425,21 +425,32 @@ static INLINE int bv_get(struct bitvector * bv, size_t n) {
 }
 
 static size_t bv_ctz(struct bitvector * bv, size_t n) {
-    size_t bit = n % BV_LENGTH;
-    size_t c = n / BV_LENGTH;
-    bv_int_t * _v = bv->v + c;
-    bv_int_t V = *_v & (~BV_NIL << bit);
-
-    bit = c * BV_LENGTH;
-
-    while (1) {
-        if (V) return bit + BV_CTZ(V);
+    size_t bit;
+    size_t c;
+    bv_int_t * _v;
+    bv_int_t V;
+
+    if (n < bv->length) {
+        bit = n % BV_LENGTH;
+        c = n / BV_LENGTH;
+        _v = bv->v + c;
+        V = *_v & (~BV_NIL << bit);
+
+        bit = c * BV_LENGTH;
+
+        while (1) {
+            if (V) {
+                bit += BV_CTZ(V);
+                if (bit >= bv->length) break;
+                return bit;
+            }
 
-        bit += BV_LENGTH;
+            bit += BV_LENGTH;
 
-        if (bit >= bv->length) break;
+            if (bit >= bv->length) break;
 
-        V = *(++_v);
+            V = *(++_v);
+        }
     }
 
     return (size_t)-1;
-- 
GitLab