From 9e36b0beb9dc6fe02d43b4c217841c8164f41774 Mon Sep 17 00:00:00 2001
From: teor <teor2345@gmail.com>
Date: Sun, 28 May 2017 22:12:09 +1000
Subject: [PATCH] Always check for usage underflow when removing a file in
 storage.c

Part of #22424.
---
 src/common/storagedir.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/common/storagedir.c b/src/common/storagedir.c
index 6457f3d009..9140ed29bd 100644
--- a/src/common/storagedir.c
+++ b/src/common/storagedir.c
@@ -425,7 +425,9 @@ storage_dir_remove_file(storage_dir_t *d,
     }
   }
   if (unlink(ipath) == 0) {
-    d->usage -= size;
+    if (! BUG(d->usage < size)) {
+      d->usage -= size;
+    }
   } else {
     log_warn(LD_FS, "Unable to unlink %s", escaped(path));
     tor_free(path);