MINOR: shctx: add a few BUG_ON() for consistency checks
The shctx code relies on sensitive conditions that are hard to infer
from the code itself, let's add some BUG_ON() to verify them. They
helped spot the previous bugs.
diff --git a/src/shctx.c b/src/shctx.c
index f675d81..d114d46 100644
--- a/src/shctx.c
+++ b/src/shctx.c
@@ -34,6 +34,8 @@
int freed = 0;
int remain;
+ BUG_ON(data_len < 0);
+
/* not enough usable blocks */
if (data_len > shctx->nbav * shctx->block_size)
goto out;
@@ -93,6 +95,8 @@
block->len = 0;
freed++;
+
+ BUG_ON(data_len < 0);
data_len -= shctx->block_size;
if (data_len > 0 || !enough) {
@@ -213,6 +217,8 @@
/* remaining written bytes in the current block. */
remain = (shctx->block_size * first->block_count - first->len) % shctx->block_size;
+ BUG_ON(remain < 0);
+
/* if remain == 0, previous buffers are full, or first->len == 0 */
if (!remain) {
remain = shctx->block_size;
@@ -221,6 +227,7 @@
else {
/* start must be calculated before remain is modified */
start = shctx->block_size - remain;
+ BUG_ON(start < 0);
}
/* must not try to copy more than len */
@@ -270,8 +277,11 @@
if (start == -1)
start = offset - (count - 1) * shctx->block_size;
+ BUG_ON(start < 0);
+
/* size can be lower than a block when copying the last block */
size = MIN(shctx->block_size - start, len);
+ BUG_ON(size < 0);
memcpy(dst, block->data + start, size);
dst += size;