Skip to content

Commit

Permalink
i386: hvf: Fix overrun of _decode_tbl1
Browse files Browse the repository at this point in the history
Single opcode instructions in ff group were incorrectly processed
because an overrun of _decode_tbl1[0xff] resulted in access of
_decode_tbl2[0x0]. Thus, decode_sldtgroup was called instead of
decode_ffgroup:
  7d71: decode_sldtgroup: 1
  Unimplemented handler (7d71) for 108 (ff 0)

While at it correct maximum length for _decode_tbl2 and _decode_tbl3.

Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
  • Loading branch information
Roman Bolshakov authored and pm215 committed Dec 3, 2018
1 parent 629457a commit 83ea23c
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions target/i386/hvf/x86_decode.c
Original file line number Diff line number Diff line change
Expand Up @@ -454,9 +454,9 @@ struct decode_x87_tbl {
struct decode_tbl invl_inst = {0x0, 0, 0, false, NULL, NULL, NULL, NULL,
decode_invalid};

struct decode_tbl _decode_tbl1[255];
struct decode_tbl _decode_tbl2[255];
struct decode_x87_tbl _decode_tbl3[255];
struct decode_tbl _decode_tbl1[256];
struct decode_tbl _decode_tbl2[256];
struct decode_x87_tbl _decode_tbl3[256];

static void decode_x87_ins(CPUX86State *env, struct x86_decode *decode)
{
Expand Down

0 comments on commit 83ea23c

Please sign in to comment.