[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 15/33] target-ppc: Fix an invalid free in opcode tabl
From: |
Alexander Graf |
Subject: |
[Qemu-devel] [PULL 15/33] target-ppc: Fix an invalid free in opcode table handling code. |
Date: |
Tue, 4 Nov 2014 20:26:33 +0100 |
From: Bharata B Rao <address@hidden>
Opcode table has direct, indirect and double indirect handlers, but
ppc_cpu_unrealizefn() frees direct handlers which are never allocated
and never frees double indirect handlers.
Signed-off-by: Bharata B Rao <address@hidden>
Signed-off-by: Alexander Graf <address@hidden>
---
target-ppc/translate_init.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 3ff68ae..20d58c0 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -9132,11 +9132,24 @@ static void ppc_cpu_unrealizefn(DeviceState *dev, Error
**errp)
{
PowerPCCPU *cpu = POWERPC_CPU(dev);
CPUPPCState *env = &cpu->env;
- int i;
+ opc_handler_t **table;
+ int i, j;
for (i = 0; i < PPC_CPU_OPCODES_LEN; i++) {
- if (env->opcodes[i] != &invalid_handler) {
- g_free(env->opcodes[i]);
+ if (env->opcodes[i] == &invalid_handler) {
+ continue;
+ }
+ if (is_indirect_opcode(env->opcodes[i])) {
+ table = ind_table(env->opcodes[i]);
+ for (j = 0; j < PPC_CPU_INDIRECT_OPCODES_LEN; j++) {
+ if (table[j] != &invalid_handler &&
+ is_indirect_opcode(table[j])) {
+ g_free((opc_handler_t *)((uintptr_t)table[j] &
+ ~PPC_INDIRECT));
+ }
+ }
+ g_free((opc_handler_t *)((uintptr_t)env->opcodes[i] &
+ ~PPC_INDIRECT));
}
}
}
--
1.8.1.4
- [Qemu-devel] [PULL 12/33] target-ppc : Add new processor type 440x5wDFPU, (continued)
- [Qemu-devel] [PULL 12/33] target-ppc : Add new processor type 440x5wDFPU, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 18/33] PPC: E500: Hook up power off GPIO to GPIO controller, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 13/33] hw/pci/ppc4xx_pci.c: Remove unused pci4xx_cfgaddr_read/write/ops, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 04/33] ppc: rename gen_set_cr6_from_fpscr, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 08/33] target-ppc: virtex-ml507 machine type should depend on CONFIG_XILINX, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 17/33] PPC: E500: Instantiate MPC8XXX gpio controller on virt machine, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 14/33] target-ppc: Use macros in opcodes table handling code, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 24/33] sysbus: Make devices spawnable via -device, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 05/33] ppc: compute mask from BI using right shift, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 22/33] hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*), Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 15/33] target-ppc: Fix an invalid free in opcode table handling code.,
Alexander Graf <=
- [Qemu-devel] [PULL 26/33] sysbus: Expose MMIO enumeration helper, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 23/33] sysbus: Add dynamic sysbus device search, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 27/33] sysbus: Add new platform bus helper device, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 20/33] target-ppc: kvm: Fix memory overflow issue about strncat(), Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 30/33] target-ppc: simplify AES emulation, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 28/33] PPC: e500: Support dynamically spawned sysbus devices, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 09/33] spapr: Cleanup machine naming conventions, and prepare for 2.2 release, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 32/33] target-ppc: Fix vcmpbfp. Unordered Case, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 21/33] ppc: do not look at the MMU index to detect PR/HV mode, Alexander Graf, 2014/11/04
- [Qemu-devel] [PULL 25/33] sysbus: Expose IRQ enumeration helpers, Alexander Graf, 2014/11/04