Original code has one thing to process (cur_len), requests to
convert from iovec to buf another thing (len which is actually max_len),
and processes something else (copied). Whole thing is very difficult
to understand, even if it does a right thing. The iov_to_buf()
conversion in this case will always return cur_len, because it is
the length of the iovec it was asked to process, and the size we
asked to convert is the same or larger, and iov_to_buf() will stop
at reaching either iov or buf.
Make the code saner by doing the only sane thing: dropping `copied'
which is always the same as `cur_len' but just introduces questions.
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
---
hw/virtio-serial-bus.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index e22940e..abe48ec 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -454,7 +454,7 @@ static void control_out(VirtIODevice *vdev, VirtQueue *vq)
len = 0;
buf = NULL;
while (virtqueue_pop(vq, &elem)) {
- size_t cur_len, copied;
+ size_t cur_len;
cur_len = iov_size(elem.out_sg, elem.out_num);
/*
@@ -467,9 +467,9 @@ static void control_out(VirtIODevice *vdev, VirtQueue *vq)
buf = g_malloc(cur_len);
len = cur_len;
}
- copied = iov_to_buf(elem.out_sg, elem.out_num, buf, 0, len);
+ iov_to_buf(elem.out_sg, elem.out_num, buf, 0, cur_len);
- handle_control_message(vser, buf, copied);
+ handle_control_message(vser, buf, cur_len);
virtqueue_push(vq, &elem, 0);
}
g_free(buf);
--
1.7.9.1
