LATX, fix: Fix segfault in tcg_tb_lookup_fast by validating buffer bo…

[LaurenIsACoder]

…unds

When iterating backwards through the translation block mini structures, the pointer tbm could potentially step outside the code generation buffer region. This would lead to an out-of-bounds memory access and a segfault when tcg_tb_lookup was called.

Add a check using in_code_gen_buffer() to ensure tbm stays within the valid buffer range. If the pointer falls outside the buffer, return NULL immediately.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a50f4027d6

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Stop the TBMini scan at region guard pages

In MTTCG configurations with multiple TCG regions, this bounds check still lets the backward scan step from the start of one region into the previous region's guard page: in_code_gen_buffer() only checks the whole JIT buffer, while tcg_region_init() installs guard pages between regions. When that happens the check returns true here, and the next while condition dereferences tbm in the guard page and can still segfault, so this needs to validate the current region bounds or otherwise stop before guard pages.

Useful? React with 👍 / 👎.