x86_emulate: Correct RIP-relative addressing offset for SHLD/SHRD with

immediate byte third operand.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset:   16696:b5b3e27f1af3f709a7795d407b567a7b4db533f0
xen-unstable date:        Wed Jan 09 10:11:31 2008 +0000

x86_emulate: Fix handling of RIP-relative addressing.
The handling of SHLD/SHRD introduced in 16696:b5b3e27f1af3f7 was
incorrect; thanks to Gary Grebus @ Virtual Iron for spotting it.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset:   16699:7e400607cdd8aa810b96a832eaf8989f48dd6646
xen-unstable date:        Wed Jan 09 22:21:28 2008 +0000

diff --git a/xen/arch/x86/x86_emulate.c b/xen/arch/x86/x86_emulate.c
index a903290ec73b9ec56ea515816498fc3e1391635b..7d1a778642e881cd2732625303503e6c8ba4cab5 100644 (file)
--- a/xen/arch/x86/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate.c
@@ -936,11 +936,14 @@ x86_emulate(
                         ((op_bytes == 8) ? 4 : op_bytes);
                 else if ( (d & SrcMask) == SrcImmByte )
                     ea.mem.off += 1;
-                else if ( ((b == 0xf6) || (b == 0xf7)) &&
+                else if ( !twobyte && ((b & 0xfe) == 0xf6) &&
                           ((modrm_reg & 7) <= 1) )
                     /* Special case in Grp3: test has immediate operand. */
                     ea.mem.off += (d & ByteOp) ? 1
                         : ((op_bytes == 8) ? 4 : op_bytes);
+                else if ( twobyte && ((b & 0xf7) == 0xa4) )
+                    /* SHLD/SHRD with immediate byte third operand. */
+                    ea.mem.off++;
                 break;
             case 1:
                 ea.mem.off += insn_fetch_type(int8_t);