| commit | 43d70ddf9f96b3ad037abe4d5f9f2768196b8c92 | |
| author | Paolo Bonzini <pbonzini@redhat.com> | |
| Sun, 29 Jan 2017 11:00:59 +0000 (29 12:00 +0100) | ||
| committer | Paolo Bonzini <pbonzini@redhat.com> | |
| Thu, 16 Feb 2017 13:06:56 +0000 (16 14:06 +0100) | ||
| tree | 30df0ebeb3cac4120ade0cb8a0bbb152e58d058f | treesnapshot (tar.gz zip) |
| parent | d9ff1d35c5242d73e7923ae259e065739090db54 | commitdiff |
cpu-exec: fix icount out-of-bounds access
When icount is active, tb_add_jump is surprisingly called with an
out of bounds basic block index. I have no idea how that can work,
but it does not seem like a good idea. Clear *last_tb for all
TB_EXIT_ICOUNT_EXPIRED cases, even when all you have to do is
refill icount_extra.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When icount is active, tb_add_jump is surprisingly called with an
out of bounds basic block index. I have no idea how that can work,
but it does not seem like a good idea. Clear *last_tb for all
TB_EXIT_ICOUNT_EXPIRED cases, even when all you have to do is
refill icount_extra.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| cpu-exec.c | diffblobblamehistory | |
| include/exec/exec-all.h | diffblobblamehistory |