On Wed, Dec 4, 2024 at 12:11 AM Diego Nieto Cid <dnie...@gmail.com> wrote:
> 52<--47(pid1044)->io_write_request ("Hello World!\n" -1) = 0 15
On Wed, Dec 4, 2024 at 4:50 AM Diego Nieto Cid <dnie...@gmail.com> wrote:
> I traced it to the function `io_write` from `libhurduser.so.3` which
> is returning 1.
On Wed, Dec 4, 2024 at 6:09 AM Diego Nieto Cid <dnie...@gmail.com> wrote:
> (gdb) p *nbytes
> $23 = 13
> (gdb) p wrote
> $24 = 15
> (gdb) p err
> $25 = ESUCCESS
> (gdb)
> --->8-------->8----
>
> It's odd that the written bytes are greater than the requested to
> write bytes. Although I still don't know if that's the culprit.
That's it, great catch! And after that, _IO_new_file_write must be
trying to write out the remaining -2 bytes, and that fails. 1 is
likely KERN_INVALID_ADDRESS; the RPC doesn't go out which is why we
don't see it in rpctrace.
zero_write leaves *amount unset; its UB.
Sergey
