From: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Date: Tue, 2 Aug 2016 09:41:20 +0000 (+0300)
Subject: util: Fix assertion in iov_copy() upon zero 'bytes' and non-zero 'offset'
X-Git-Tag: v2.7.1~132^2
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=e911765cbb9e9ddf5d952c88bb52180a62c6cea0;p=mirror_qemu.git

util: Fix assertion in iov_copy() upon zero 'bytes' and non-zero 'offset'

In cases where iov_copy() is passed with zero 'bytes' argument and a
non-zero 'offset' argument, nothing gets copied - as expected.

However no copy iterations are performed, so 'offset' is left
unaltered, leading to the final assert(offset == 0) to fail.

Instead, change the loop condition to continue as long as 'offset || bytes',
similar to other iov_* functions.

This ensures 'offset' gets zeroed (even if no actual copy is made),
unless it is beyond end of source iov - which is asserted.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1470130880-1050-1-git-send-email-shmulik.ladkani@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---

diff --git a/util/iov.c b/util/iov.c
index 003fcce66f..74e6ca8ed7 100644
--- a/util/iov.c
+++ b/util/iov.c
@@ -247,7 +247,8 @@ unsigned iov_copy(struct iovec *dst_iov, unsigned int dst_iov_cnt,
 {
     size_t len;
     unsigned int i, j;
-    for (i = 0, j = 0; i < iov_cnt && j < dst_iov_cnt && bytes; i++) {
+    for (i = 0, j = 0;
+         i < iov_cnt && j < dst_iov_cnt && (offset || bytes); i++) {
         if (offset >= iov[i].iov_len) {
             offset -= iov[i].iov_len;
             continue;