On Thu, Jan 27, 2011 at 7:59 AM, Baruch Siach <[email protected]> wrote:
> Another related problem that I've observed with echo goes as follows:
>
> ./strace-armv5l sh -c 'echo test > /dev/input/event0'
>
> shows:
>
> write(1, "test\n", 5) = 16
> write(1,
> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 2147483647) = -1 EFAULT (Bad address)
> write(1,
> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4095)
> = 4096
> write(1,
> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 2147483647) = -1 EFAULT (Bad address)
> write(1,
> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096)
> = 4096
>
> That is, the return value of write() is larger that the written buffer (is
> this legal?) so echo (or ash) tries again with a bogus count == -1.
I think this needs to be fixed in uClibc, but this looks like a grave
kernel bug.
A lot of programs will fail horribly when write returns such bogus count,
because they use something like this:
wlile (len) {
n = write(fd, buf, len);
if (n <= 0) break;
len -= n;
buf += n;
}
--
vda
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
