qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] i386 emulation bug: mov reg, [addr]

From: Jamie Lokier
Subject: Re: [Qemu-devel] i386 emulation bug: mov reg, [addr]
Date: Tue, 15 Dec 2009 21:26:57 +0000
User-agent: Mutt/1.5.13 (2006-08-11) 
Clemens Kolbitsch wrote:
>         /* XXX: index == 4 is always invalid */
>         if (havesib && (index != 4 || scale != 0)) {
> #ifdef TARGET_X86_64
>             if (s->aflag == 2) {
>                 gen_op_addq_A0_reg_sN(scale, index);
>             } else
> #endif
>             {
>                 /// !!!!!!!!!! this does the evil !!!!!!!!!!!!!!
>                 gen_op_addl_A0_reg_sN(scale, index);
>             }
>         }

This is indeed a bug.  Avi's explained why it doesn't trigger in
normal code.

When the index register is 4, which normally means %esp, in the SIB
encoding it means "no index".  Independent of the shift (scale).

So it should say:

         /* index == 4 means no index. */
         if (havesib && index != 4) {

But that said, I'm not sure if this line from earlier breaks the test:

            index = ((code >> 3) & 7) | REX_X(s);

When is REX_X(s) not zero, and does it break the index != 4 test?

-- Jamie
reply via email to
[Prev in Thread] Current Thread [Next in Thread]