Revision 08cea4ee target-i386/helper.c

b/target-i386/helper.c
1219 1219
}
1220 1220

  
1221 1221
/* protected mode jump */
1222
void helper_ljmp_protected_T0_T1(void)
1222
void helper_ljmp_protected_T0_T1(int next_eip)
1223 1223
{
1224 1224
    int new_cs, new_eip, gate_cs, type;
1225 1225
    uint32_t e1, e2, cpl, dpl, rpl, limit;
......
1267 1267
        case 5: /* task gate */
1268 1268
            if (dpl < cpl || dpl < rpl)
1269 1269
                raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1270
            /* XXX: check if it is really the current EIP */
1271
            switch_tss(new_cs, e1, e2, SWITCH_TSS_JMP, env->eip);
1270
            switch_tss(new_cs, e1, e2, SWITCH_TSS_JMP, next_eip);
1272 1271
            break;
1273 1272
        case 4: /* 286 call gate */
1274 1273
        case 12: /* 386 call gate */
......
1732 1731
    ESP = new_esp;
1733 1732
}
1734 1733

  
1735
void helper_iret_protected(int shift)
1734
void helper_iret_protected(int shift, int next_eip)
1736 1735
{
1737 1736
    int tss_selector, type;
1738 1737
    uint32_t e1, e2;
......
1748 1747
        /* NOTE: we check both segment and busy TSS */
1749 1748
        if (type != 3)
1750 1749
            raise_exception_err(EXCP0A_TSS, tss_selector & 0xfffc);
1751
        /* XXX: check if it is really the current EIP */
1752
        switch_tss(tss_selector, e1, e2, SWITCH_TSS_IRET, env->eip);
1750
        switch_tss(tss_selector, e1, e2, SWITCH_TSS_IRET, next_eip);
1753 1751
    } else {
1754 1752
        helper_ret_protected(shift, 1, 0);
1755 1753
    }

Also available in: Unified diff