Index: sys/amd64/amd64/support.S
===================================================================
--- sys/amd64/amd64/support.S
+++ sys/amd64/amd64/support.S
@@ -912,41 +912,7 @@
  *	EFAULT on protection violations. If lencopied is non-zero,
  *	return the actual length in *lencopied.
  */
-ENTRY(copyinstr_nosmap)
-	PUSH_FRAME_POINTER
-	movq	%rdx,%r8			/* %r8 = maxlen */
-	movq	%rcx,%r9			/* %r9 = *len */
-	xchgq	%rdi,%rsi			/* %rdi = from, %rsi = to */
-	movq	PCPU(CURPCB),%rcx
-	movq	$cpystrflt,PCB_ONFAULT(%rcx)
-
-	movq	$VM_MAXUSER_ADDRESS,%rax
-
-	/* make sure 'from' is within bounds */
-	subq	%rsi,%rax
-	jbe	cpystrflt
-
-	/* restrict maxlen to <= VM_MAXUSER_ADDRESS-from */
-	cmpq	%rdx,%rax
-	jae	1f
-	movq	%rax,%rdx
-	movq	%rax,%r8
-1:
-	incq	%rdx
-
-2:
-	decq	%rdx
-	jz	copyinstr_toolong
-
-	lodsb
-	stosb
-	orb	%al,%al
-	jnz	2b
-
-	jmp	copyinstr_succ
-END(copyinstr_nosmap)
-
-ENTRY(copyinstr_smap)
+.macro COPYINSTR smap
 	PUSH_FRAME_POINTER
 	movq	%rdx,%r8			/* %r8 = maxlen */
 	movq	%rcx,%r9			/* %r9 = *len */
@@ -960,7 +926,7 @@
 	subq	%rsi,%rax
 	jbe	cpystrflt
 
-	stac
+	SMAP_DISABLE \smap
 
 	/* restrict maxlen to <= VM_MAXUSER_ADDRESS-from */
 	cmpq	%rdx,%rax
@@ -972,20 +938,39 @@
 
 2:
 	decq	%rdx
+.if \smap == 0
+	jz	copyinstr_toolong
+.else
 	jz	copyinstr_toolong_smap
+.endif
 
 	lodsb
 	stosb
 	orb	%al,%al
 	jnz	2b
 
-	clac
+	SMAP_ENABLE \smap
 
-copyinstr_succ:
 	/* Success -- 0 byte reached */
 	decq	%rdx
 	xorl	%eax,%eax
 
+	/* set *lencopied and return %eax */
+	movq	PCPU(CURPCB),%rcx
+	movq	$0,PCB_ONFAULT(%rcx)
+
+	testq	%r9,%r9
+	jz	3f
+	subq	%rdx,%r8
+	movq	%r8,(%r9)
+3:
+	POP_FRAME_POINTER
+	ret
+.endm
+
+cpystrflt:
+	/* Fault entry clears PSL.AC */
+	movl	$EFAULT,%eax
 cpystrflt_x:
 	/* set *lencopied and return %eax */
 	movq	PCPU(CURPCB),%rcx
@@ -998,10 +983,6 @@
 1:
 	POP_FRAME_POINTER
 	ret
-	/* Fault entry clears PSL.AC */
-cpystrflt:
-	movq	$EFAULT,%rax
-	jmp	cpystrflt_x
 
 copyinstr_toolong_smap:
 	clac
@@ -1010,9 +991,15 @@
 	movq	$VM_MAXUSER_ADDRESS,%rax
 	cmpq	%rax,%rsi
 	jae	cpystrflt
-	movq	$ENAMETOOLONG,%rax
+	movl	$ENAMETOOLONG,%eax
 	jmp	cpystrflt_x
 
+ENTRY(copyinstr_nosmap)
+	COPYINSTR smap=0
+END(copyinstr_nosmap)
+
+ENTRY(copyinstr_smap)
+	COPYINSTR smap=1
 END(copyinstr_smap)
 
 /*