[Spice-devel] [PATCH 1/2] iovec: add sanity check

[Gerd Hoffmann]

Adds sanity check to iovec setup.  In theory this should never ever
trigger.  In practice guest driver bugs can make it trigger.  This
patch avoids qemu burning cpu in a endless loop, instead we'll print a
message and abort.  Not sure whenever there is a more graceful way to
handle the situation ...

Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
---
 server/red_worker.c |   10 ++++++++--
 1 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/server/red_worker.c b/server/red_worker.c
index a39df12..b8afff5 100644
--- a/server/red_worker.c
+++ b/server/red_worker.c
@@ -6670,7 +6670,7 @@ static inline uint32_t __fill_iovec(RedWorker *worker, BufDescriptor *buf, int s
 
 static inline void fill_iovec(RedChannel *channel, struct iovec *vec, int *vec_size)
 {
-    int vec_index = 0;
+    int rc, vec_index = 0;
     uint32_t pos = channel->send_data.pos;
 
     ASSERT(channel->send_data.size != pos && channel->send_data.size > pos);
@@ -6681,7 +6681,13 @@ static inline void fill_iovec(RedChannel *channel, struct iovec *vec, int *vec_s
 
         buf = find_buf(channel, pos, &buf_offset);
         ASSERT(buf);
-        pos += __fill_iovec(channel->worker, buf, buf_offset, vec, &vec_index);
+        rc = __fill_iovec(channel->worker, buf, buf_offset, vec, &vec_index);
+        if (rc == 0) {
+            fprintf(stderr, "%s: got only %d of %d bytes\n", __FUNCTION__, 
+                    pos, channel->send_data.size);
+            abort();
+        }
+        pos += rc;
     } while (vec_index < MAX_SEND_VEC && pos != channel->send_data.size);
     *vec_size = vec_index;
 }
-- 
1.6.6.1