linux-user/syscall.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Since Linux 6.11, statx() and fstatat() syscalls accept a null `pathname`.
Before this patch, qemu-*-linux-user failed with EFAULT when `pathname` was
specified as NULL, even for Linux kernel hosts > 6.10. This patch fixes this
issue by checking whether `arg2` is 0. If so, don't return EFAULT, but instead
perform the appropiate syscall and let the host's kernel handle null `pathname`.
Signed-off-by: Jean-Christian CÎRSTEA <jean.christian.cirstea@gmail.com>
---
linux-user/syscall.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 2060e561a2..e1b61f6dc5 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -12142,7 +12142,8 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
int flags = arg3;
p = lock_user_string(arg2);
- if (p == NULL) {
+ /* Since Linux 6.11, the path argument may be NULL */
+ if (arg2 != 0 && p == NULL) {
return -TARGET_EFAULT;
}
#if defined(__NR_statx)
--
2.51.0
On 12/26/25 02:39, Jean-Christian CÎRSTEA wrote:
> Since Linux 6.11, statx() and fstatat() syscalls accept a null `pathname`.
>
> Before this patch, qemu-*-linux-user failed with EFAULT when `pathname` was
> specified as NULL, even for Linux kernel hosts > 6.10. This patch fixes this
> issue by checking whether `arg2` is 0. If so, don't return EFAULT, but instead
> perform the appropiate syscall and let the host's kernel handle null `pathname`.
>
> Signed-off-by: Jean-Christian CÎRSTEA <jean.christian.cirstea@gmail.com>
> ---
> linux-user/syscall.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 2060e561a2..e1b61f6dc5 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -12142,7 +12142,8 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
> int flags = arg3;
>
> p = lock_user_string(arg2);
> - if (p == NULL) {
> + /* Since Linux 6.11, the path argument may be NULL */
> + if (arg2 != 0 && p == NULL) {
> return -TARGET_EFAULT;
> }
> #if defined(__NR_statx)
No need to call lock_user_string if arg2 == 0.
Better as
p = NULL;
if (arg2) {
p = lock_user_string(arg2);
if (p == NULL) {
return -TARGET_EFAULT;
}
}
r~
Le 25/12/2025 à 16:39, Jean-Christian CÎRSTEA a écrit :
> Since Linux 6.11, statx() and fstatat() syscalls accept a null `pathname`.
>
> Before this patch, qemu-*-linux-user failed with EFAULT when `pathname` was
> specified as NULL, even for Linux kernel hosts > 6.10. This patch fixes this
> issue by checking whether `arg2` is 0. If so, don't return EFAULT, but instead
> perform the appropiate syscall and let the host's kernel handle null `pathname`.
>
> Signed-off-by: Jean-Christian CÎRSTEA <jean.christian.cirstea@gmail.com>
> ---
> linux-user/syscall.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 2060e561a2..e1b61f6dc5 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -12142,7 +12142,8 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
> int flags = arg3;
>
> p = lock_user_string(arg2);
> - if (p == NULL) {
> + /* Since Linux 6.11, the path argument may be NULL */
> + if (arg2 != 0 && p == NULL) {
> return -TARGET_EFAULT;
> }
> #if defined(__NR_statx)
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
© 2016 - 2026 Red Hat, Inc.