altos: Add sanity checking to busy counts in bufio driver

Make sure the busy counts don't underflow or overflow.

Signed-off-by: Keith Packard <keithp@keithp.com>

diff --git a/src/drivers/ao_bufio.c b/src/drivers/ao_bufio.c
index 9a5e801ba5830390baaee986774082861b9a3b3a..10b32ceb41a9fba365826e31cadadc0d11721cb6 100644 (file)
--- a/src/drivers/ao_bufio.c
+++ b/src/drivers/ao_bufio.c
@@ -205,10 +205,13 @@ ao_bufio_get(uint32_t block)
                                bufio->block = 0xffffffff;
                                bufio = NULL;
                        }
-               }
+               } else
+                       ao_panic(AO_PANIC_BUFIO);
        }
        if (bufio) {
                bufio->busy++;
+               if (!bufio->busy)
+                       ao_panic(AO_PANIC_BUFIO);
                buf = ao_bufio_to_buf(bufio);
        }
        ao_bufio_unlock();
@@ -227,6 +230,9 @@ ao_bufio_put(uint8_t *buf, uint8_t write)
        ao_bufio_lock();
        bufio = ao_buf_to_bufio(buf);
        
+       if (!bufio->busy)
+               ao_panic(AO_PANIC_BUFIO);
+
        DBG ("idle buffer %d write %d\n", ao_bufio_to_num(bufio), write);
        bufio->dirty |= write;
        if (!--bufio->busy) {