Bug 497429 - pwritev writes ramdom junk
Summary: pwritev writes ramdom junk
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: glibc
Version: rawhide
Hardware: All
OS: Linux
high
urgent
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: F11Blocker, F11FinalBlocker
TreeView+ depends on / blocked
 
Reported: 2009-04-23 20:49 UTC by Gerd Hoffmann
Modified: 2009-04-27 20:13 UTC (History)
3 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2009-04-27 20:13:27 UTC


Attachments (Terms of Use)
/usr/src/debug/glibc-20090416T1610/sysdeps/posix/pwritev.c (3.09 KB, text/plain)
2009-04-23 20:49 UTC, Gerd Hoffmann
no flags Details
glibc-pwritev.patch (7.25 KB, patch)
2009-04-23 21:25 UTC, Jakub Jelinek
no flags Details | Diff

Description Gerd Hoffmann 2009-04-23 20:49:26 UTC
Created attachment 341009 [details]
/usr/src/debug/glibc-20090416T1610/sysdeps/posix/pwritev.c

Description of problem:
__atomic_pwritev_replacement is broken.

Version-Release number of selected component (if applicable):
glibc-2.9.90-19

How reproducible:
Grab a qemu git checkout, build it, try to use it.
Don't use a valuable guest image.

Actual results:
pwritev writes random data.

Expected results:
pwritev acts as documented.

Comment 1 Gerd Hoffmann 2009-04-23 20:54:07 UTC
Just look at the source code, it is obvious.

pwritev was copyed from preadv with a simple s/read/write/.  That isn't correct though, the buffer copying must be adjusted.

preadv has to do (and does that correctly):
  * alloc buffer
  * pread()
  * copy data to iovec
  * free buffer

pwritev has to do:
  * alloc buffer
  * copy data from iovec
  * pwrite()
  * free buffer.

pwritev actually does:
  * alloc buffer
  * pwritev()             <= writes random data
  * copy data to iovec    <= fills iovec with random data
  * free buffer.

Comment 2 Jakub Jelinek 2009-04-23 21:25:26 UTC
Created attachment 341021 [details]
glibc-pwritev.patch

Patch I'm about to test.

Comment 3 Gerd Hoffmann 2009-04-23 21:48:36 UTC
Patch looks good to me.

Comment 4 Mark McLoughlin 2009-04-24 08:49:19 UTC
Nice catch

Adding to F11Blocker - it doesn't affect F11 qemu, but we still shouldn't ship with a completely broken pwritev()

Comment 5 Mark McLoughlin 2009-04-27 15:33:03 UTC
Fix is in rpms/glibc/F-11 but not yet dist-f11:

* Fri Apr 24 2009 Jakub Jelinek <jakub@redhat.com> 2.9.90-20
- update from trunk
  - fix p{read,write}v{,64} (#497429, #497434)
  - fix strfmon (#496386)

Comment 6 Jakub Jelinek 2009-04-27 20:13:27 UTC
Should be fixed in glibc-2.9.90-22.


Note You need to log in before you can comment on or make changes to this bug.