svn commit: r363459 - head/sys/riscv/riscv
John Baldwin
jhb at FreeBSD.org
Thu Jul 23 21:33:11 UTC 2020
Author: jhb
Date: Thu Jul 23 21:33:10 2020
New Revision: 363459
URL: https://svnweb.freebsd.org/changeset/base/363459
Log:
Pass the right size to memcpy() when copying the array of FP registers.
The size of the containing structure was passed instead of the size of
the array. This happened to be harmless as the extra word copied is
one we copy in the next line anyway.
Reported by: CHERI (bounds check violation)
Reviewed by: brooks, imp
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D25791
Modified:
head/sys/riscv/riscv/machdep.c
Modified: head/sys/riscv/riscv/machdep.c
==============================================================================
--- head/sys/riscv/riscv/machdep.c Thu Jul 23 20:08:42 2020 (r363458)
+++ head/sys/riscv/riscv/machdep.c Thu Jul 23 21:33:10 2020 (r363459)
@@ -419,7 +419,7 @@ get_fpcontext(struct thread *td, mcontext_t *mcp)
KASSERT((curpcb->pcb_fpflags & ~PCB_FP_USERMASK) == 0,
("Non-userspace FPE flags set in get_fpcontext"));
memcpy(mcp->mc_fpregs.fp_x, curpcb->pcb_x,
- sizeof(mcp->mc_fpregs));
+ sizeof(mcp->mc_fpregs.fp_x));
mcp->mc_fpregs.fp_fcsr = curpcb->pcb_fcsr;
mcp->mc_fpregs.fp_flags = curpcb->pcb_fpflags;
mcp->mc_flags |= _MC_FP_VALID;
@@ -446,7 +446,7 @@ set_fpcontext(struct thread *td, mcontext_t *mcp)
curpcb = curthread->td_pcb;
/* FPE usage is enabled, override registers. */
memcpy(curpcb->pcb_x, mcp->mc_fpregs.fp_x,
- sizeof(mcp->mc_fpregs));
+ sizeof(mcp->mc_fpregs.fp_x));
curpcb->pcb_fcsr = mcp->mc_fpregs.fp_fcsr;
curpcb->pcb_fpflags = mcp->mc_fpregs.fp_flags & PCB_FP_USERMASK;
td->td_frame->tf_sstatus |= SSTATUS_FS_CLEAN;
More information about the svn-src-head
mailing list