lib/posix-fdtab: Add value assert in fmap_xchg

This change adds an assert to sanity-check the value to be exchanged
into the fmap. Exchanging in a NULL value is an invalid operation and
breaks the semantics of fmap, leaving the data structure in a
potentially unsound state.
Calling code should never normally do this; the assert serves as extra
precaution for future development.

Signed-off-by: Andrei Tatar <andrei@unikraft.io>
Approved-by: Michalis Pappas <michalis@unikraft.io>
Reviewed-by: Michalis Pappas <michalis@unikraft.io>
GitHub-Closes: #1278

diff --git a/lib/posix-fdtab/fmap.h b/lib/posix-fdtab/fmap.h
index da1d0056baec856a38f37d5c91127c76b37f497f..66e796c5471e8db9615a282f8e9ae1faf6afe1d7 100644 (file)
--- a/lib/posix-fdtab/fmap.h
+++ b/lib/posix-fdtab/fmap.h
@@ -385,6 +385,7 @@ int uk_fmap_xchg(const struct uk_fmap *m, int idx,
 {
        void *got;
 
+       UK_ASSERT(p); /* Cannot exchange with NULL, use uk_fmap_take instead */
        if (!_FMAP_INRANGE(m, idx))
                return -1;