files: fix clone_service_fd overlap handling

Though LOG_FD_OFF < IMG_FD_OFF, get_service_fd(LOG_FD_OFF) is > than
get_service_fd(IMG_FD_OFF), see __get_service_fd, so the check here
should be twisted. Also add bug_on to track possible __get_service_fd
change which can break these check again.

We have a problem when USERNSD_SK replaces LOG_FD_OFF, latter when
writing to log, instead we actually send crazy commands to usernsd,
which fails to handle them and BUGs or crashes.

https://jira.sw.ru/browse/PSBM-83472

Also we had similar problem when __userns_call receives bad repsonse,
likely it has the same background:

https://api.travis-ci.org/v3/job/352164661/log.txt

fixes commit 129bb14611c3 ("files: Prepare clone_service_fd() for
overlaping ranges.")

v2: move BUG_ON to main() to check it only once, use min+1 and max-1
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Acked-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>

criu/crtools.c

@@ -343,6 +343,9 @@ int main(int argc, char *argv[], char *envp[])
 	BUILD_BUG_ON(PAGE_SIZE != PAGE_IMAGE_SIZE);
 	BUILD_BUG_ON(CTL_32 != SYSCTL_TYPE__CTL_32);
 	BUILD_BUG_ON(__CTL_STR != SYSCTL_TYPE__CTL_STR);
+	/* We use it for fd overlap handling in clone_service_fd() */
+	BUG_ON(get_service_fd(SERVICE_FD_MIN+1) <
+	       get_service_fd(SERVICE_FD_MAX-1));
 
 	if (fault_injection_init())
 		return 1;

criu/util.c

@@ -622,7 +622,7 @@ int clone_service_fd(struct pstree_item *me)
 		return 0;
 
 	/* Dup sfds in memmove() style: they may overlap */
-	if (get_service_fd(LOG_FD_OFF) > new_base - LOG_FD_OFF - SERVICE_FD_MAX * id)
+	if (get_service_fd(LOG_FD_OFF) < new_base - LOG_FD_OFF - SERVICE_FD_MAX * id)
 		for (i = SERVICE_FD_MIN + 1; i < SERVICE_FD_MAX; i++)
 			move_service_fd(me, i, id, new_base);
 	else