885b7c44e4
In user-mode emulation env->idt.base memory is allocated in linux-user/main.c with size 8*512 = 4096 (for 64-bit). When fake interrupt EXCP_SYSCALL is thrown do_interrupt_user checks destination privilege level for this fake exception, and tries to read 4 bytes at address base + (256 * 2^4)=4096, that causes segfault. Privlege level was checked only for int's, so lets read dpl from memory only for this case. Signed-off-by: Stanislav Shmarov <snarpix@gmail.com> Message-Id: <1473773008-2588376-1-git-send-email-snarpix@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
|---|---|---|
| .. | ||
| Makefile.objs | ||
| TODO | ||
| arch_dump.c | ||
| arch_memory_mapping.c | ||
| bpt_helper.c | ||
| cc_helper.c | ||
| cc_helper_template.h | ||
| cpu-qom.h | ||
| cpu.c | ||
| cpu.h | ||
| excp_helper.c | ||
| fpu_helper.c | ||
| gdbstub.c | ||
| helper.c | ||
| helper.h | ||
| hyperv.c | ||
| hyperv.h | ||
| int_helper.c | ||
| kvm-stub.c | ||
| kvm.c | ||
| kvm_i386.h | ||
| machine.c | ||
| mem_helper.c | ||
| misc_helper.c | ||
| monitor.c | ||
| mpx_helper.c | ||
| ops_sse.h | ||
| ops_sse_header.h | ||
| seg_helper.c | ||
| shift_helper_template.h | ||
| smm_helper.c | ||
| svm.h | ||
| svm_helper.c | ||
| trace-events | ||
| translate.c | ||