diff options
| author | Aurelien Jarno | 2015-07-27 12:55:57 +0200 |
|---|---|---|
| committer | Richard Henderson | 2015-07-27 16:25:40 +0200 |
| commit | 7df69deadf2f25c19b3ac121404ee31f71dce845 (patch) | |
| tree | 1639adba3688a8987a2ff3d536524bad980c2ece | |
| parent | Merge remote-tracking branch 'remotes/jnsnow/tags/cve-2015-5154-pull-request'... (diff) | |
| download | qemu-7df69deadf2f25c19b3ac121404ee31f71dce845.tar.gz qemu-7df69deadf2f25c19b3ac121404ee31f71dce845.tar.xz qemu-7df69deadf2f25c19b3ac121404ee31f71dce845.zip | |
tcg: correctly mark dead inputs for mov with a constant
When tcg_reg_alloc_mov propagate a constant, we failed to correctly mark
a temp as dead if the liveness analysis hints so. This fixes the
following assert when configure with --enable-debug-tcg:
qemu-x86_64: tcg/tcg.c:1827: tcg_reg_alloc_bb_end: Assertion `ts->val_type == TEMP_VAL_DEAD' failed.
Cc: Richard Henderson <rth@twiddle.net>
Reported-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1437994568-7825-2-git-send-email-aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
| -rw-r--r-- | tcg/tcg.c | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -1920,6 +1920,9 @@ static void tcg_reg_alloc_mov(TCGContext *s, const TCGOpDef *def, } ots->val_type = TEMP_VAL_CONST; ots->val = ts->val; + if (IS_DEAD_ARG(1)) { + temp_dead(s, args[1]); + } } else { /* The code in the first if block should have moved the temp to a register. */ |