diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-06-03 12:04:13 +0000 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-06-03 12:04:13 +0000 |
| commit | 256709d2eb3fd80d768a99964be5caa61effa2a0 (patch) | |
| tree | 05b2352fba70923126836a64b6a0de43902e976a /results/classifier/105/graphic/2238 | |
| parent | 2ab14fa96a6c5484b5e4ba8337551bb8dcc79cc5 (diff) | |
| download | qemu-analysis-256709d2eb3fd80d768a99964be5caa61effa2a0.tar.gz qemu-analysis-256709d2eb3fd80d768a99964be5caa61effa2a0.zip | |
add new classifier result
Diffstat (limited to 'results/classifier/105/graphic/2238')
| -rw-r--r-- | results/classifier/105/graphic/2238 | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/results/classifier/105/graphic/2238 b/results/classifier/105/graphic/2238 new file mode 100644 index 000000000..8a5c1e081 --- /dev/null +++ b/results/classifier/105/graphic/2238 @@ -0,0 +1,60 @@ +graphic: 0.878 +instruction: 0.827 +device: 0.770 +semantic: 0.766 +network: 0.766 +socket: 0.747 +other: 0.697 +vnc: 0.692 +assembly: 0.654 +KVM: 0.627 +mistranslation: 0.621 +boot: 0.620 + +The `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` is not properly honored +Description of problem: +The `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` is not properly honored. +Steps to reproduce: +1. Register a callback with `qemu_plugin_register_vcpu_mem_cb()` +2. In the callback, print the return of `qemu_plugin_mem_is_store()` (either `true` or `false`) +3. Change the value of `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` and look whether the callback prints `true` and/or `false` to determine if this is inline with `rw`. + +In the callback, we don't we get what we asked for. + +| Requested with rw | Observed in the callback | +|---------------------|----------------------------| +| QEMU_PLUGIN_MEM_R | Only writes | +| QEMU_PLUGIN_MEM_W | Both reads and writes | +| QEMU_PLUGIN_MEM_RW | Both reads and writes | +Additional information: +In `plugin-gen.c`, line 497, there is the following function: + +```cpp +static bool op_rw(const TCGOp *op, const struct qemu_plugin_dyn_cb *cb) +{ + int w; + + w = op->args[2]; + return !!(cb->rw & (w + 1)); +} +``` + +The issue described above seems to be caused by the `+ 1`. I removed it and got the expected results. + +This function is used in the same file, line 526, like this: + +```cpp + if (!ok(begin_op, cb)) { + continue; + } +``` + +This isn't consistent with `core.c`, line 509, where the same flag is checked like this: + +```cpp + if (!(rw & cb->rw)) { + break; + } +``` + +Inconsistent because of the `+1` and also because of `break`/`continue`. |