On 25/07/2016 13:43, Shmulik Ladkani wrote:
> From: Shmulik Ladkani <shmulik.ladk...@ravellosystems.com>
>
> In cases where iov_copy() is passed with zero 'bytes' argument and a
> non-zero 'offset' argument, nothing gets copied - as expected.
>
> However since no copy iterations are performed, 'offset' is left
> unaltered, leading to the final assert(offset == 0) to fail.
>
> Relax the assertion: if j (number of dst elements assigned) is zero, no
> need to err.
>
> Only if j!=0 (some dst elements assigned) AND offset!=0 we should err.
This is actually intended; the comment in qemu_iovec_concat_iov says why:
assert(soffset == 0); /* offset beyond end of src */
so the pedantic fix could be (if I understand the issue correctly) to
check for "offset || bytes" in the for condition. This is similar to
what the other functions do (e.g. iov_from_buf_full). The performance
effect should practically be absent.
Paolo
> Signed-off-by: Shmulik Ladkani <shmulik.ladk...@ravellosystems.com>
> ---
> util/iov.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> Flow that led to the assertion was:
> net_tx_pkt_rebuild_payload()
> iov_copy(... , pkt->payload_len)
>
> where pkt->payload_len was correctly calculated to be 0 (a packet
> carrying just ipv4 header, without any payload).
>
> An alternative is to place the below code, early in iov_copy():
> if (!bytes)
> return 0;
>
> diff --git a/util/iov.c b/util/iov.c
> index 003fcce..17de52d 100644
> --- a/util/iov.c
> +++ b/util/iov.c
> @@ -260,7 +260,7 @@ unsigned iov_copy(struct iovec *dst_iov, unsigned int
> dst_iov_cnt,
> bytes -= len;
> offset = 0;
> }
> - assert(offset == 0);
> + assert(j == 0 || offset == 0);
> return j;
> }
>
>
