write function returning -1 in cookie_io_functions_t will crash the program

This program which is from
http://www.kernel.org/doc/man-pages...kie.3.html
It also stated that if error happens, write should return -1;

But I found that returning -1 will crash the program. The reason is
explained in this bugzilla report.
http://sourceware.org/bugzilla/show_bug.cgi?id 74

But glibc did fix the above bug.

Linux driver will also return negative value when error happens, Does
it have the same problem as the program here?


#define _GNU_SOURCE
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>

#define INIT_BUF_SIZE 4

struct memfile_cookie {
char *buf; /* Dynamically sized buffer for data */
size_t allocated; /* Size of buf */
size_t endpos; /* Number of characters in buf */
off_t offset; /* Current file offset in buf */
};

ssize_t
memfile_write(void *c, const char *buf, size_t size)
{

return -1;
}

ssize_t
memfile_read(void *c, char *buf, size_t size)
{
return 0;
}

int
memfile_seek(void *c, off64_t *offset, int whence)
{
return -1;
}

int
memfile_close(void *c)
{
struct memfile_cookie *cookie = c;

free(cookie->buf);
cookie->allocated = 0;
cookie->buf = NULL;

return 0;
}

int
main(int argc, char *argv[])
{
cookie_io_functions_t memfile_func = {
.read = memfile_read,
.write = memfile_write,
.seek = memfile_seek,
.close = memfile_close
};
FILE *fp;
struct memfile_cookie mycookie;
ssize_t nread;
long p;
int j;
enum CONST_HERE {BUFF_SIZE00};
char buf[BUFF_SIZE]="goout";

mycookie.buf = malloc(INIT_BUF_SIZE);
if (mycookie.buf == NULL) {
perror("malloc");
exit(EXIT_FAILURE);
}

mycookie.allocated = INIT_BUF_SIZE;
mycookie.offset = 0;
mycookie.endpos = 0;

fp = fopencookie(&mycookie,"w+", memfile_func);
if (fp == NULL) {
perror("fopencookie");
exit(EXIT_FAILURE);
}
size_t out=fwrite(buf,BUFF_SIZE,1,fp);
fprintf(stderr,"output-1 size:%d", out);
out= fputs (buf,fp );
fprintf(stderr,"output-2 size:%d", out);
fflush(fp);

exit(EXIT_SUCCESS);
}