> > +/*
> > + * Receive and process one incoming message.
> > + *
> > + * For replies, find matching outgoing request and wake any waiters.
> > + * For requests, queue in incoming list and run request BH.
> > + */
> > +static int vfio_user_recv_one(VFIOProxy *proxy)
> > +{
> > + VFIOUserMsg *msg = NULL;
> > + g_autofree int *fdp = NULL;
> > + VFIOUserFDs *reqfds;
> > + VFIOUserHdr hdr;
> > + struct iovec iov = {
> > + .iov_base = &hdr,
> > + .iov_len = sizeof(hdr),
> > + };
> > + bool isreply = false;
> > + int i, ret;
> > + size_t msgleft, numfds = 0;
> > + char *data = NULL;
> > + char *buf = NULL;
> > + Error *local_err = NULL;
> > +
> > + /*
> > + * Read header
> > + */
> > + ret = qio_channel_readv_full(proxy->ioc, &iov, 1, &fdp, &numfds,
> > + &local_err);
> > + if (ret == QIO_CHANNEL_ERR_BLOCK) {
> > + return ret;
> > + }
> > + if (ret <= 0) {
> > + /* read error or other side closed connection */
> > + if (ret == 0) {
> > + error_setg(&local_err, "vfio_user_recv server closed socket");
> > + } else {
> > + error_prepend(&local_err, "vfio_user_recv");
> > + }
> > + goto fatal;
> > + }
> > + if (ret < sizeof(msg)) {
> > + error_setg(&local_err, "vfio_user_recv short read of header");
> > + goto fatal;
> > + }
>
> Print received size for debug purposes?
>
> > +
> > + /*
> > + * Validate header
> > + */
> > + if (hdr.size < sizeof(VFIOUserHdr)) {
> > + error_setg(&local_err, "vfio_user_recv bad header size");
> > + goto fatal;
> > + }
>
> Print header size?
>
> > + switch (hdr.flags & VFIO_USER_TYPE) {
> > + case VFIO_USER_REQUEST:
> > + isreply = false;
> > + break;
> > + case VFIO_USER_REPLY:
> > + isreply = true;
> > + break;
> > + default:
> > + error_setg(&local_err, "vfio_user_recv unknown message type");
> > + goto fatal;
> > + }
>
> Print message type?
>
> > +
> > + /*
> > + * For replies, find the matching pending request.
> > + * For requests, reap incoming FDs.
> > + */
> > + if (isreply) {
> > + QTAILQ_FOREACH(msg, &proxy->pending, next) {
> > + if (hdr.id == msg->id) {
> > + break;
> > + }
> > + }
> > + if (msg == NULL) {
> > + error_setg(&local_err, "vfio_user_recv unexpected reply");
> > + goto err;
> > + }
> > + QTAILQ_REMOVE(&proxy->pending, msg, next);
> > +
> > + /*
> > + * Process any received FDs
> > + */
> > + if (numfds != 0) {
> > + if (msg->fds == NULL || msg->fds->recv_fds < numfds) {
> > + error_setg(&local_err, "vfio_user_recv unexpected FDs");
> > + goto err;
> > + }
> > + msg->fds->recv_fds = numfds;
> > + memcpy(msg->fds->fds, fdp, numfds * sizeof(int));
> > + }
> > + } else {
> > + if (numfds != 0) {
> > + reqfds = vfio_user_getfds(numfds);
> > + memcpy(reqfds->fds, fdp, numfds * sizeof(int));
> > + } else {
> > + reqfds = NULL;
> > + }
> > + }
> > +
> > + /*
> > + * Put the whole message into a single buffer.
> > + */
> > + if (isreply) {
> > + if (hdr.size > msg->rsize) {
> > + error_setg(&local_err,
> > + "vfio_user_recv reply larger than recv buffer");
> > + goto err;
> > + }
>
> Print hdr.size and msg->rsize?
>
> > + *msg->hdr = hdr;
> > + data = (char *)msg->hdr + sizeof(hdr);
> > + } else {
> > + if (hdr.size > max_xfer_size) {
> > + error_setg(&local_err, "vfio_user_recv request larger than
> > max");
> > + goto err;
> > + }
>
> Print hdr.size?
On second thought, should we dump the entire header in case of such errors? If
not by default then at least in debug builds?
