]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f054cea) | patch
cpu-exec: fix icount out-of-bounds access
authorPaolo Bonzini <pbonzini@redhat.com>
Sun, 29 Jan 2017 11:00:59 +0000 (12:00 +0100)
committerMichael Roth <mdroth@linux.vnet.ibm.com>
Thu, 16 Mar 2017 17:10:40 +0000 (12:10 -0500)
commitd8dea6fbcbed177ca5d23ab77b3834a9437f0e88
tree566b3994638ad7bb7ef94033dd4a4d51beac5d47tree | snapshot
parentf054cead44cef75d330cfba39aa0c46be483813dcommit | diff
cpu-exec: fix icount out-of-bounds access

When icount is active, tb_add_jump is surprisingly called with an
out of bounds basic block index.  I have no idea how that can work,
but it does not seem like a good idea.  Clear *last_tb for all
TB_EXIT_ICOUNT_EXPIRED cases, even when all you have to do is
refill icount_extra.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 43d70ddf9f96b3ad037abe4d5f9f2768196b8c92)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
cpu-exec.c diff | blob | blame | history
include/exec/exec-all.h diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git