6977467ed7
From the author (see bug #663320) : In the code there is a check to verify that an IO bitmap is defined (io_base > BX_CPU_THIS_PTR tr.cache.u.tss386.limit_scaled) but there is no check if an accessed IO port's address actually falls within the defined limit of the TSS segment. So if I define an IO bitmap with 100 entries, port 101 may or may not be allowed depending on whatever bytes follow the TSS in memory