From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HhrCV-0007dn-OU
	for qemu-devel@nongnu.org; Sat, 28 Apr 2007 13:59:15 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HhrCT-0007dY-9P
	for qemu-devel@nongnu.org; Sat, 28 Apr 2007 13:59:14 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HhrCT-0007dV-51
	for qemu-devel@nongnu.org; Sat, 28 Apr 2007 13:59:13 -0400
Received: from smtp-vbr15.xs4all.nl ([194.109.24.35])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <rjoris@xs4all.nl>) id 1Hhr6T-0001ot-Gy
	for qemu-devel@nongnu.org; Sat, 28 Apr 2007 13:53:01 -0400
Received: from xs2.xs4all.nl (xs2.xs4all.nl [194.109.21.3])
	by smtp-vbr15.xs4all.nl (8.13.8/8.13.8) with ESMTP id l3SHqwhF070399
	for <qemu-devel@nongnu.org>; Sat, 28 Apr 2007 19:52:58 +0200 (CEST)
	(envelope-from rjoris@xs4all.nl)
Received: from xs2.xs4all.nl (rjoris@localhost [127.0.0.1])
	by xs2.xs4all.nl (8.13.6/8.13.6) with ESMTP id l3SHqwmo029109
	for <qemu-devel@nongnu.org>; Sat, 28 Apr 2007 19:52:58 +0200 (CEST)
	(envelope-from rjoris@xs4all.nl)
Received: (from rjoris@localhost)
	by xs2.xs4all.nl (8.13.6/8.13.6/Submit) id l3SHqv0n029108
	for qemu-devel@nongnu.org; Sat, 28 Apr 2007 19:52:57 +0200 (CEST)
	(envelope-from rjoris)
Date: Sat, 28 Apr 2007 19:52:57 +0200
From: Joris van Rantwijk <jorispubl@xs4all.nl>
Message-ID: <20070428175257.GA28282@xs4all.nl>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: [Qemu-devel] Qemu crashes on AAM 0
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Qemu crashes with a floating point exception when emulating the "AAM 0"
instruction. By "crash", I mean that the whole qemu process actually
blows up (not just the program running inside Qemu).

A real i386 machine would trigger a divide exception on AAM 0.
This instruction form is undocumented of course, but blowing up the emulator
seems a bit drastic. I'm willing to write/test/provide a patch to fix this,
please let me know if that would be appreciated.

To trigger this bug, I run the qemu-0.9.0 binary distribution for
linux-i386 on Linux 2.6.21, without kqemu. I boot it with a FreeDOS
floppy image, start DEBUG, assemble the instruction AAM 0, execute it, boom.

By the way, Qemu is an amazing piece of work. I used it often and I'm quite
impressed by its overal quality and stability.

Thanks,
  Joris.