SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix tb->icount > TCG_MAX_INSNS for edges

Browse Source 
Aparently tcg_tb_alloc does not return a 0ed field,
which can cause icount to appear to have a value above the
maximum allowed number of instructions per tb.
This commit is contained in:
Alwin Berger 2021-12-02 03:17:06 +01:00
parent e97deaae59
commit 0520e858eb
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
accel/tcg/translate-all.c
View File

@ -1792,6 +1792,7 @@ TranslationBlock *libafl_gen_edge(CPUState *cpu, target_ulong src_block,
tb->flags = flags; tb->flags = flags;
tb->cflags = cflags; tb->cflags = cflags;
tb->trace_vcpu_dstate = *cpu->trace_dstate; tb->trace_vcpu_dstate = *cpu->trace_dstate;
tb->icount = 0;
tcg_ctx->tb_cflags = 0; tcg_ctx->tb_cflags = 0;
tcg_func_start(tcg_ctx); tcg_func_start(tcg_ctx);
@ -1912,6 +1913,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
tb->flags = flags; tb->flags = flags;
tb->cflags = cflags; tb->cflags = cflags;
tb->trace_vcpu_dstate = *cpu->trace_dstate; tb->trace_vcpu_dstate = *cpu->trace_dstate;
tb->icount = 0;
tcg_ctx->tb_cflags = cflags; tcg_ctx->tb_cflags = cflags;
tb_overflow: tb_overflow: