diff options
author | Scott Wood <scottwood@freescale.com> | 2012-06-18 21:31:36 -0500 |
---|---|---|
committer | Blue Swirl <blauwirbel@gmail.com> | 2012-06-24 12:19:24 +0000 |
commit | 3c01ae0ea29915d165c384d0bd1cbafcf4364a4d (patch) | |
tree | 42f6c9dcdc296a898a180a037a615489f04fc373 /tcg | |
parent | a483bdae10840e69457b55dc01df5eef8fc5c6b0 (diff) | |
download | qemu-3c01ae0ea29915d165c384d0bd1cbafcf4364a4d.zip qemu-3c01ae0ea29915d165c384d0bd1cbafcf4364a4d.tar.gz qemu-3c01ae0ea29915d165c384d0bd1cbafcf4364a4d.tar.bz2 |
tci: don't write zero for reloc in tci_out_label
If tci_out_label is called in the context of tcg_gen_code_search_pc, we
could be overwriting an already patched relocation with zero -- and not
repatch it because the set_label is past search_pc, causing a QEMU crash
when it tries to branch to a zero label.
Not writing anything to the relocation area seems to be in line with what
other backends do from the couple I looked at (x86, ppc).
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Diffstat (limited to 'tcg')
-rw-r--r-- | tcg/tci/tcg-target.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tcg/tci/tcg-target.c b/tcg/tci/tcg-target.c index d0a368d..ef8580f 100644 --- a/tcg/tci/tcg-target.c +++ b/tcg/tci/tcg-target.c @@ -487,7 +487,7 @@ static void tci_out_label(TCGContext *s, TCGArg arg) assert(label->u.value); } else { tcg_out_reloc(s, s->code_ptr, sizeof(tcg_target_ulong), arg, 0); - tcg_out_i(s, 0); + s->code_ptr += sizeof(tcg_target_ulong); } } |