Handle "blr lr" correctly -- read the destination register

_before_ writing the return address in LR.

git-svn-id: svn://svn.valgrind.org/vex/trunk@2857

diff --git a/VEX/priv/guest_arm64_toIR.c b/VEX/priv/guest_arm64_toIR.c
index 57a2d4f8e71ba85b844044030a32ce166a8d7b04..862eb20e58686cc01a430ee2a42d8158ad09aed0 100644 (file)
--- a/VEX/priv/guest_arm64_toIR.c
+++ b/VEX/priv/guest_arm64_toIR.c
@@ -4453,8 +4453,10 @@ Bool dis_ARM64_branch_etc(/*MB_OUT*/DisResult* dres, UInt insn,
          return True;
       }
       if (branch_type == BITS2(0,1) /* CALL */) {
+         IRTemp dst = newTemp(Ity_I64);
+         assign(dst, getIReg64orZR(nn));
          putIReg64orSP(30, mkU64(guest_PC_curr_instr + 4));
-         putPC(getIReg64orZR(nn));
+         putPC(mkexpr(dst));
          dres->whatNext = Dis_StopHere;
          dres->jk_StopHere = Ijk_Call;
          DIP("blr %s\n", nameIReg64orZR(nn));