blob: 697c7adbf49af655741eece035af3defdcc1054a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
id = 2238
title = "The `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` is not properly honored"
state = "closed"
created_at = "2024-03-22T10:19:51.104Z"
closed_at = "2024-07-23T09:26:30.165Z"
labels = ["TCG plugins"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/2238"
host-os = "Debian Bookworm"
host-arch = "amd64"
qemu-version = "8.2.50"
guest-os = "Android"
guest-arch = "ARM"
description = """The `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` is not properly honored."""
reproduce = """1. Register a callback with `qemu_plugin_register_vcpu_mem_cb()`
2. In the callback, print the return of `qemu_plugin_mem_is_store()` (either `true` or `false`)
3. Change the value of `rw` parameter of `qemu_plugin_register_vcpu_mem_cb()` and look whether the callback prints `true` and/or `false` to determine if this is inline with `rw`.
In the callback, we don't we get what we asked for.
| Requested with rw | Observed in the callback |
|---------------------|----------------------------|
| QEMU_PLUGIN_MEM_R | Only writes |
| QEMU_PLUGIN_MEM_W | Both reads and writes |
| QEMU_PLUGIN_MEM_RW | Both reads and writes |"""
additional = """In `plugin-gen.c`, line 497, there is the following function:
```cpp
static bool op_rw(const TCGOp *op, const struct qemu_plugin_dyn_cb *cb)
{
int w;
w = op->args[2];
return !!(cb->rw & (w + 1));
}
```
The issue described above seems to be caused by the `+ 1`. I removed it and got the expected results.
This function is used in the same file, line 526, like this:
```cpp
if (!ok(begin_op, cb)) {
continue;
}
```
This isn't consistent with `core.c`, line 509, where the same flag is checked like this:
```cpp
if (!(rw & cb->rw)) {
break;
}
```
Inconsistent because of the `+1` and also because of `break`/`continue`."""
|