aboutsummaryrefslogtreecommitdiff
path: root/target-ppc/helper.c
diff options
context:
space:
mode:
authorAlexander Graf <agraf@suse.de>2012-01-25 16:27:26 +0100
committerAlexander Graf <agraf@suse.de>2012-02-02 02:47:46 +0100
commit3f162d119ef52fda714ebb498fcb4f4b7c354d38 (patch)
tree9d5a31eb5e617b8255fbd7a8d9f67169f61df6e3 /target-ppc/helper.c
parent6d3db821c18fdc9727108b5b4bbb38cb7ab5c0e6 (diff)
downloadqemu-3f162d119ef52fda714ebb498fcb4f4b7c354d38.zip
qemu-3f162d119ef52fda714ebb498fcb4f4b7c354d38.tar.gz
qemu-3f162d119ef52fda714ebb498fcb4f4b7c354d38.tar.bz2
PPC: booke206: Check for TLB overrun
Our internal helpers to fetch TLB entries were not able to tell us that an entry doesn't even exist. Pass an error out if we hit such a case to not accidently pass beyond the TLB array. Signed-off-by: Alexander Graf <agraf@suse.de>
Diffstat (limited to 'target-ppc/helper.c')
-rw-r--r--target-ppc/helper.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index 2ce2d92..672494c 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -1448,6 +1448,9 @@ static int mmubooke206_get_physical_address(CPUState *env, mmu_ctx_t *ctx,
for (j = 0; j < ways; j++) {
tlb = booke206_get_tlbm(env, i, address, j);
+ if (!tlb) {
+ continue;
+ }
ret = mmubooke206_check_tlb(env, tlb, &raddr, &ctx->prot, address,
rw, access_type);
if (ret != -1) {