Reading the code while porting my segment limit and type checks to
latest SVN made me stumble over this bug in the translator: 64-bit
lgs/lfs/lss was incorrectly reading only 32-bit offsets.
Signed-off-by: Jan Kiszka <address@hidden>
---
target-i386/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Index: b/target-i386/translate.c
===================================================================
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -4864,7 +4864,7 @@ static target_ulong disas_insn(DisasCont
case 0x1b5: /* lgs Gv */
op = R_GS;
do_lxx:
- ot = dflag ? OT_LONG : OT_WORD;
+ ot = dflag + OT_WORD;
modrm = ldub_code(s->pc++);
reg = ((modrm >> 3) & 7) | rex_r;
mod = (modrm >> 6) & 3;
@@ -4872,7 +4872,7 @@ static target_ulong disas_insn(DisasCont
goto illegal_op;
gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
gen_op_ld_T1_A0(ot + s->mem_index);
- gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
+ gen_add_A0_im(s, 1 << ot);
/* load the segment first to handle exceptions properly */
gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
gen_movl_seg_T0(s, op, pc_start - s->cs_base);