LTR should #GP when loading NULL selector

fixed check for SYSENTER/SYSEXIT instructions
according to new Intel references

bochs/cpu/bcd.cc

@@ -1,5 +1,5 @@
 /////////////////////////////////////////////////////////////////////////
-// $Id: bcd.cc,v 1.15 2005-05-20 20:06:50 sshwarts Exp $
+// $Id: bcd.cc,v 1.16 2005-10-01 07:47:00 sshwarts Exp $
 /////////////////////////////////////////////////////////////////////////
 //
 //  Copyright (C) 2002  MandrakeSoft S.A.
@@ -122,9 +122,9 @@ void BX_CPU_C::AAM(bxInstruction_c *i)
 
   /* The following behaviour seems to match the P6 and 
      its derived processors. */
-  set_OF(0);	/* undocumented flag modification */
-  set_AF(0);
-  set_CF(0);
+  clear_OF();	/* undocumented flag modification */
+  clear_AF();
+  clear_CF();
 
   /* AAM affects the following flags: S,Z,P */
   set_SF(AL >= 0x80);
@@ -148,9 +148,9 @@ void BX_CPU_C::AAD(bxInstruction_c *i)
 
   /* The following behaviour seems to match the P6 and 
      its derived processors. */
-  set_OF(0);	/* undocumented flag modification */
-  set_AF(0);
-  set_CF(0);
+  clear_OF();	/* undocumented flag modification */
+  clear_AF();
+  clear_CF();
 
   set_SF(AL >= 0x80);
   set_ZF(AL == 0);

bochs/cpu/proc_ctrl.cc

@@ -1,5 +1,5 @@
 /////////////////////////////////////////////////////////////////////////
-// $Id: proc_ctrl.cc,v 1.114 2005-09-29 17:32:32 sshwarts Exp $
+// $Id: proc_ctrl.cc,v 1.115 2005-10-01 07:47:00 sshwarts Exp $
 /////////////////////////////////////////////////////////////////////////
 //
 //  Copyright (C) 2001  MandrakeSoft S.A.
@@ -1822,7 +1822,7 @@ void BX_CPU_C::SYSENTER (bxInstruction_c *i)
     exception (BX_GP_EXCEPTION, 0, 0);
     return;
   }
-  if (BX_CPU_THIS_PTR sysenter_cs_msr == 0) {
+  if (BX_SELECTOR_RPL_MASK(BX_CPU_THIS_PTR sysenter_cs_msr) == 0) {
     BX_INFO (("sysenter with zero sysenter_cs_msr"));
     exception (BX_GP_EXCEPTION, 0, 0);
     return;
@@ -1882,7 +1882,7 @@ void BX_CPU_C::SYSEXIT (bxInstruction_c *i)
     exception (BX_GP_EXCEPTION, 0, 0);
     return;
   }
-  if (BX_CPU_THIS_PTR sysenter_cs_msr == 0) {
+  if (BX_SELECTOR_RPL_MASK(BX_CPU_THIS_PTR sysenter_cs_msr) == 0) {
     BX_INFO (("sysexit with zero sysenter_cs_msr"));
     exception (BX_GP_EXCEPTION, 0, 0);
     return;

bochs/cpu/protect_ctrl.cc

@@ -1,5 +1,5 @@
 /////////////////////////////////////////////////////////////////////////
-// $Id: protect_ctrl.cc,v 1.41 2005-08-21 18:23:36 sshwarts Exp $
+// $Id: protect_ctrl.cc,v 1.42 2005-10-01 07:47:00 sshwarts Exp $
 /////////////////////////////////////////////////////////////////////////
 //
 //  Copyright (C) 2001  MandrakeSoft S.A.
@@ -419,13 +419,9 @@ void BX_CPU_C::LTR_Ew(bxInstruction_c *i)
   }
 
   /* if selector is NULL, invalidate and done */
-  if ((raw_selector & 0xfffc) == 0) {
-    BX_PANIC(("LTR: loading with NULL selector!"));
-    /* if this is OK, then invalidate and load selector & descriptor cache */
-    /* load here */
-    BX_CPU_THIS_PTR tr.selector.value = raw_selector;
-    BX_CPU_THIS_PTR tr.cache.valid = 0;
-    return;
+  if (BX_SELECTOR_RPL_MASK(raw_selector) == 0) {
+    BX_ERROR(("LTR: loading with NULL selector!"));
+    exception(BX_GP_EXCEPTION, 0, 0);
   }
 
   /* parse fields in selector, then check for null selector */
@@ -434,7 +430,6 @@ void BX_CPU_C::LTR_Ew(bxInstruction_c *i)
   if (selector.ti) {
     BX_ERROR(("LTR: selector.ti != 0"));
     exception(BX_GP_EXCEPTION, raw_selector & 0xfffc, 0);
-    return;
   }
 
   /* fetch 2 dwords of descriptor; call handles out of limits checks */
@@ -459,14 +454,12 @@ void BX_CPU_C::LTR_Ew(bxInstruction_c *i)
   {
     BX_ERROR(("LTR: doesn't point to an available TSS descriptor!"));
     exception(BX_GP_EXCEPTION, raw_selector & 0xfffc, 0);
-    return;
   }
 
   /* #NP(selector) if TSS descriptor is not present */
   if (! IS_PRESENT(descriptor)) {
     BX_ERROR(("LTR: LDT descriptor not present!"));
     exception(BX_NP_EXCEPTION, raw_selector & 0xfffc, 0);
-    return;
   }
 
 /*