ref: 149250dce5040e5ca3c13461fbaf82860ec5ac09
parent: a370fc226acab266372a62ae4107c2d3f848ab17
author: Ori Bernstein <ori@eigenstate.org>
date: Mon Jul 7 15:44:47 EDT 2025
gefs: tighten assertion on btupsert When inserting a sequence of messages targeted at a key, if the key doesn't already exist, we must start with an Oinsert message to create the key. If a bug elsewhere in the code leads to a key being updated without first being created, we could end up with malformed keys being put into the tree. This shouldn't happen, but if it does, it's better to crash here, before the data has been committed to disk, than after we've already written it out and we noticed that it was invalid.
--- a/sys/src/cmd/gefs/tree.c
+++ b/sys/src/cmd/gefs/tree.c
@@ -545,6 +545,8 @@
cpkvp(&v, &m, buf, sizeof(buf));
ok = 0;
if(m.op != Oclearb && m.op != Oclobber){+ /* New keys need to start off with Oinsert */
+ assert(m.op == Oinsert);
spc -= valsz(&m);
p->pullsz += msgsz(&m);
ok = 1;
@@ -749,6 +751,8 @@
copied += valsz(&v);
ok = 0;
if(m.op != Oclearb && m.op != Oclobber){+ /* New keys need to start off with Oinsert */
+ assert(m.op == Oinsert);
spc -= valsz(&m);
p->pullsz += msgsz(&m);
ok = 1;
--
⑨