summary refs log tree commit diff stats
path: root/gitlab/issues/target_missing/host_missing/accel_missing/2238.toml
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues/target_missing/host_missing/accel_missing/2238.toml')
-rw-r--r--gitlab/issues/target_missing/host_missing/accel_missing/2238.toml55
1 files changed, 55 insertions, 0 deletions
diff --git a/gitlab/issues/target_missing/host_missing/accel_missing/2238.toml b/gitlab/issues/target_missing/host_missing/accel_missing/2238.toml
new file mode 100644
index 00000000..697c7adb
--- /dev/null
+++ b/gitlab/issues/target_missing/host_missing/accel_missing/2238.toml
@@ -0,0 +1,55 @@
+id = 2238
+title = "The `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` is not properly honored"
+state = "closed"
+created_at = "2024-03-22T10:19:51.104Z"
+closed_at = "2024-07-23T09:26:30.165Z"
+labels = ["TCG plugins"]
+url = "https://gitlab.com/qemu-project/qemu/-/issues/2238"
+host-os = "Debian Bookworm"
+host-arch = "amd64"
+qemu-version = "8.2.50"
+guest-os = "Android"
+guest-arch = "ARM"
+description = """The `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` is not properly honored."""
+reproduce = """1. Register a callback with `qemu_plugin_register_vcpu_mem_cb()`
+2. In the callback, print the return of `qemu_plugin_mem_is_store()` (either `true` or `false`)
+3. Change the value of `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` and look whether the callback prints `true` and/or `false` to determine if this is inline with `rw`.
+
+In the callback, we don't we get what we asked for.
+
+| Requested with rw   | Observed in the callback   |
+|---------------------|----------------------------|
+| QEMU_PLUGIN_MEM_R   | Only writes                |
+| QEMU_PLUGIN_MEM_W   | Both reads and writes      |
+| QEMU_PLUGIN_MEM_RW  | Both reads and writes      |"""
+additional = """In `plugin-gen.c`, line 497, there is the following function:
+
+```cpp
+static bool op_rw(const TCGOp *op, const struct qemu_plugin_dyn_cb *cb)
+{
+    int w;
+
+    w = op->args[2];
+    return !!(cb->rw & (w + 1));
+}
+```
+
+The issue described above seems to be caused by the `+ 1`. I removed it and got the expected results.
+
+This function is used in the same file, line 526, like this:
+
+```cpp
+        if (!ok(begin_op, cb)) {
+            continue;
+        }
+```
+
+This isn't consistent with `core.c`, line 509, where the same flag is checked like this:
+
+```cpp
+        if (!(rw & cb->rw)) {
+                break;
+        }
+```
+
+Inconsistent because of the `+1` and also because of `break`/`continue`."""