On 20/02/2015 15:52, Michael Walle wrote:
>>>
>>> - i = 0;
>>> - while (pfpu_decode_insn(s)) {
>>> - /* decode at most MICROCODE_WORDS instructions */
>>> - if (i++ >= MICROCODE_WORDS) {
>>
>> Isn't the fix just to say "++i" instead of "i++"?
>
> In the first run, s->regs[R_PC] may have any value, therefore the "insn
> = s->microcode[pc]" from above may access out of bounds.
Then should pfpu_decode_insn access s->microcode[pc & (MICROCODE_WORDS -
1)]? That's likely what happens in hardware, and the purpose of the
error is just to avoid an infinite loop in device code.
Paolo
