On 2019/08/05 23:06, Joerg Sonnenberger wrote:
> On Mon, Aug 05, 2019 at 10:12:04AM +0000, SAITOH Masanobu wrote:
>> Module Name: src
>> Committed By: msaitoh
>> Date: Mon Aug 5 10:12:04 UTC 2019
>>
>> Modified Files:
>> src/sys/dev/acpi: acpi_ec.c
>>
>> Log Message:
>> - Fix a bug that acpiec_space_handler() doesn't access more than 64bit
>> correctly. Found by kUBSan on Thinkpad X220. acpiec0 accessed 128bits from
>> address 0xa0. The error message was:
>>
>> UBSan: Undefined Behavior in ../../../../dev/acpi/acpi_ec.c:672:32,
>> shift exponent 64 is too large for 64-bit type 'long unsigned int'
>
> Ignore all the gracious changes that make the diff harder to read than
> necessary, doesn't this break the case of width == 0?
Oh, you're correct. When I noticed our code didn't increment the address,
I read FreeBSD's acpi_ec.c and did the same way. It seems old NetBSD,
OpenBSD and linux do the same way but FreeBSD doesn't.
I committed the change to keep the old behavior.
Thanks.
> Joerg
>
--
-----------------------------------------------
SAITOH Masanobu (msai...@execsw.org
msai...@netbsd.org)
