alwin.berger/FRET-qemu
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Fix tb->icount > TCG_MAX_INSNS for edges

Browse Source 
Aparently tcg_tb_alloc does not return a 0ed field,
which can cause icount to appear to have a value above the
maximum allowed number of instructions per tb.
This commit is contained in:
Alwin Berger 2021-12-02 03:17:06 +01:00
parent b781a3ebce
commit 9caef2e60f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
accel/tcg/translate-all.c
View File

@ -1815,6 +1815,7 @@ TranslationBlock *libafl_gen_edge(CPUState *cpu, target_ulong src_block,
tb->flags = flags;
tb->cflags = cflags;
tb->trace_vcpu_dstate = *cpu->trace_dstate;
tb->icount = 0;
tcg_ctx->tb_cflags = 0;
tcg_func_start(tcg_ctx);
@ -1935,6 +1936,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
tb->flags = flags;
tb->cflags = cflags;
tb->trace_vcpu_dstate = *cpu->trace_dstate;
tb->icount = 0;
tcg_ctx->tb_cflags = cflags;
tb_overflow: