ref: 66d17e5256e3f8554b42c208572653253783e8d5
parent: 78c2dfe8087d4808e13aeabb6a0e3d1dc696d728
author: Ori Bernstein <ori@eigenstate.org>
date: Mon Jul 7 15:44:47 EDT 2025
gefs: tighten assertion on btupsert When inserting a sequence of messages targeted at a key, if the key doesn't already exist, we must start with an Oinsert message to create the key. If a bug elsewhere in the code leads to a key being updated without first being created, we could end up with malformed keys being put into the tree. This shouldn't happen, but if it does, it's better to crash here, before the data has been committed to disk, than after we've already written it out and we noticed that it was invalid.
--- a/sys/src/cmd/gefs/tree.c
+++ b/sys/src/cmd/gefs/tree.c
@@ -545,6 +545,8 @@
cpkvp(&v, &m, buf, sizeof(buf));
ok = 0;
if(m.op != Oclearb && m.op != Oclobber){+ /* New keys need to start off with Oinsert */
+ assert(m.op == Oinsert);
spc -= valsz(&m);
p->pullsz += msgsz(&m);
ok = 1;
@@ -749,6 +751,8 @@
copied += valsz(&v);
ok = 0;
if(m.op != Oclearb && m.op != Oclobber){+ /* New keys need to start off with Oinsert */
+ assert(m.op == Oinsert);
spc -= valsz(&m);
p->pullsz += msgsz(&m);
ok = 1;
--
⑨