From: Paul Floyd <pjfloyd@wanadoo.fr>
Date: Sun, 14 Apr 2024 14:54:43 +0000 (+0200)
Subject: FreeBSD syscall: aio_error fails with EINVAL if the aiocb pointer is not accessible.
X-Git-Tag: VALGRIND_3_23_0~45
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e557fc2ec120bb3399828ea0adabb5e6f512785d;p=thirdparty%2Fvalgrind.git

FreeBSD syscall: aio_error fails with EINVAL if the aiocb pointer is not accessible.
---

diff --git a/coregrind/m_syswrap/syswrap-freebsd.c b/coregrind/m_syswrap/syswrap-freebsd.c
index 43c242806..a9efabe2e 100644
--- a/coregrind/m_syswrap/syswrap-freebsd.c
+++ b/coregrind/m_syswrap/syswrap-freebsd.c
@@ -3024,6 +3024,11 @@ PRE(sys_aio_error)
    PRINT("sys_aio_error ( %#" FMT_REGWORD "x )", ARG1);
    PRE_REG_READ1(ssize_t, "aio_error", struct aiocb *, iocb);
    PRE_MEM_READ("aio_error(iocb)", ARG1, sizeof(struct vki_aiocb));
+   if (ARG1) {
+      if (!ML_(safe_to_deref)((struct vki_aiocb *)ARG1, sizeof(struct vki_aiocb))) {
+         SET_STATUS_Failure(VKI_EINVAL);
+      }
+   }
 }
 
 // SYS_yield   321
diff --git a/memcheck/tests/freebsd/scalar.c b/memcheck/tests/freebsd/scalar.c
index 2cdc2241c..eb49e01ca 100644
--- a/memcheck/tests/freebsd/scalar.c
+++ b/memcheck/tests/freebsd/scalar.c
@@ -1061,7 +1061,7 @@ int main(void)
 
    /* SYS_aio_error               317 */
    GO(SYS_aio_error, "1s 1m");
-   SY(SYS_aio_error, x0+1); SUCC;
+   SY(SYS_aio_error, x0+1); FAIL;
 
    /* freebsd 6 aio_read          318 */