From: Peter Maydell <peter.mayd...@linaro.org> Linux returns success if pwrite64() or pread64() are called with a zero length NULL buffer, but QEMU was returning -TARGET_EFAULT.
This is the same bug that we fixed in commit 58cfa6c2e6eb51b23cc9 for the write syscall, and long before that in 38d840e6790c29f59 for the read syscall. Fixes: https://bugs.launchpad.net/qemu/+bug/1810433 Signed-off-by: Peter Maydell <peter.mayd...@linaro.org> Reviewed-by: Laurent Vivier <laur...@vivier.eu> Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com> Message-Id: <20190108184900.9654-1-peter.mayd...@linaro.org> Signed-off-by: Laurent Vivier <laur...@vivier.eu> (cherry picked from commit 2bd3f8998e1e7dcd9afc29fab252fb9936f9e956) *drop functional dep. on 2852aafd9d Signed-off-by: Michael Roth <mdr...@linux.vnet.ibm.com> --- linux-user/syscall.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 1477509cf2..0859739e9d 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -10910,8 +10910,15 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, arg4 = arg5; arg5 = arg6; } - if (!(p = lock_user(VERIFY_WRITE, arg2, arg3, 0))) - goto efault; + if (arg2 == 0 && arg3 == 0) { + /* Special-case NULL buffer and zero length, which should succeed */ + p = 0; + } else { + p = lock_user(VERIFY_WRITE, arg2, arg3, 0); + if (!p) { + goto efault; + } + } ret = get_errno(pread64(arg1, p, arg3, target_offset64(arg4, arg5))); unlock_user(p, arg2, ret); break; @@ -10920,8 +10927,15 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, arg4 = arg5; arg5 = arg6; } - if (!(p = lock_user(VERIFY_READ, arg2, arg3, 1))) - goto efault; + if (arg2 == 0 && arg3 == 0) { + /* Special-case NULL buffer and zero length, which should succeed */ + p = 0; + } else { + p = lock_user(VERIFY_READ, arg2, arg3, 1); + if (!p) { + goto efault; + } + } ret = get_errno(pwrite64(arg1, p, arg3, target_offset64(arg4, arg5))); unlock_user(p, arg2, 0); break; -- 2.17.1
