Fix opcode table over-read crash on Windows#8
Open
tbdye wants to merge 1 commit into
Open
Conversation
m68ki_build_opcode_table() scans past the end of the handler table because the first while loop expects mask 0xff00 as a sentinel, but m68kmake never generates entries with that mask. Add a zero-terminator guard so the loop stops at the end of the table. On Linux/macOS the over-read lands in zero-filled BSS and happens to work. On Windows the read crosses into unmapped memory and crashes with ACCESS_VIOLATION.
0dfc461 to
47bde6c
Compare
This was referenced Apr 7, 2026
tbdye
added a commit
to tbdye/AmiFUSE
that referenced
this pull request
Apr 12, 2026
Add windows-latest to the os matrix for integration-tests and tools-smoke jobs, with exclude blocks that prevent them from running. This puts the infrastructure in place so that enabling Windows CI is a single-block deletion once the upstream machine68k fixes land (cnvogelg/machine68k#8, reinauer#9).
5 tasks
reinauer
pushed a commit
to reinauer/AmiFUSE
that referenced
this pull request
Apr 12, 2026
Add windows-latest to the os matrix for integration-tests and tools-smoke jobs, with exclude blocks that prevent them from running. This puts the infrastructure in place so that enabling Windows CI is a single-block deletion once the upstream machine68k fixes land (cnvogelg/machine68k#8, #9).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
machine68k.CPU()crashes withACCESS_VIOLATIONon Windows. The segfault occurs duringm68k_init()→m68ki_build_opcode_table(), before any user code runs.Root cause
The opcode handler table is terminated by a zero sentinel
{0, 0, 0, {0,0,0,0,0}}. The firstwhileloop inm68ki_build_opcode_table()scans forward looking formask == 0xff00as a phase transition:However,
m68kmakenever generates entries with mask0xff00. The loop processes all ~1967 valid entries, reaches the zero terminator, evaluates0 != 0xff00as true, and continues reading past the end of the array.On Linux/macOS this happens to work — the over-read lands in zero-filled BSS, and the subsequent
==loops (mask == 0xf1f8,mask == 0xfff0, etc.) all exit immediately on mask=0, so the function completes despite the undefined behavior. On Windows, the.rdatasection layout places the const array near a page boundary, and the over-read crosses into unmapped memory.The subsequent loops are safe because they use
==checks, which naturally terminate when they encounter a different or zero mask value. Only the first loop, which scans forward with!=, has this problem.Fix
Add a zero-terminator guard to the first loop so it stops at the end of the table:
Verification
CPU(1)no longer segfaults on Windows (tested Python 3.13 and 3.14)Machine(1, 1024)works correctly[remote]/[greenlet]skip conditions)