diff options
Diffstat (limited to 'target-i386')
| -rw-r--r-- | target-i386/helper.c | 8 | ||||
| -rw-r--r-- | target-i386/op_helper.c | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/target-i386/helper.c b/target-i386/helper.c index c0fc556c70..82137039d1 100644 --- a/target-i386/helper.c +++ b/target-i386/helper.c @@ -1421,10 +1421,10 @@ static void host_cpuid(uint32_t function, uint32_t count, #else asm volatile("pusha \n\t" "cpuid \n\t" - "mov %%eax, 0(%1) \n\t" - "mov %%ebx, 4(%1) \n\t" - "mov %%ecx, 8(%1) \n\t" - "mov %%edx, 12(%1) \n\t" + "mov %%eax, 0(%2) \n\t" + "mov %%ebx, 4(%2) \n\t" + "mov %%ecx, 8(%2) \n\t" + "mov %%edx, 12(%2) \n\t" "popa" : : "a"(function), "c"(count), "S"(vec) : "memory", "cc"); diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c index 25e079b8fd..be092637a0 100644 --- a/target-i386/op_helper.c +++ b/target-i386/op_helper.c @@ -3241,6 +3241,8 @@ target_ulong helper_lsl(target_ulong selector1) selector = selector1 & 0xffff; eflags = helper_cc_compute_all(CC_OP); + if ((selector & 0xfffc) == 0) + goto fail; if (load_segment(&e1, &e2, selector) != 0) goto fail; rpl = selector & 3; |