* [PATCH] tcg/optimize: fix uninitialized variable
@ 2024-02-28 11:06 Paolo Bonzini
2024-02-28 11:19 ` Philippe Mathieu-Daudé
0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2024-02-28 11:06 UTC (permalink / raw)
To: qemu-devel; +Cc: Richard Henderson
The variables uext_opc and sext_opc are used without initialization if
TCG_TARGET_extract_i{32,64}_valid returns false. The result, depending
on the compiler, might be the generation of extract and sextract opcodes
with invalid offset and count, or just random data in the TCG opcode
stream.
Fixes: ceb9ee06b71 ("tcg/optimize: Handle TCG_COND_TST{EQ,NE}", 2024-02-03)
Cc: Richard Henderson <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
tcg/optimize.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tcg/optimize.c b/tcg/optimize.c
index 79e701652bf..752cc5c56b6 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -2102,7 +2102,8 @@ static bool fold_remainder(OptContext *ctx, TCGOp *op)
static void fold_setcond_tst_pow2(OptContext *ctx, TCGOp *op, bool neg)
{
- TCGOpcode and_opc, sub_opc, xor_opc, neg_opc, shr_opc, uext_opc, sext_opc;
+ TCGOpcode and_opc, sub_opc, xor_opc, neg_opc, shr_opc;
+ TCGOpcode uext_opc = 0, sext_opc = 0;
TCGCond cond = op->args[3];
TCGArg ret, src1, src2;
TCGOp *op2;
--
2.43.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] tcg/optimize: fix uninitialized variable
2024-02-28 11:06 [PATCH] tcg/optimize: fix uninitialized variable Paolo Bonzini
@ 2024-02-28 11:19 ` Philippe Mathieu-Daudé
2024-02-28 12:20 ` Paolo Bonzini
0 siblings, 1 reply; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-02-28 11:19 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 28/2/24 12:06, Paolo Bonzini wrote:
> The variables uext_opc and sext_opc are used without initialization if
> TCG_TARGET_extract_i{32,64}_valid returns false. The result, depending
> on the compiler, might be the generation of extract and sextract opcodes
Shouldn't compilers bark?
> with invalid offset and count, or just random data in the TCG opcode
> stream.
>
> Fixes: ceb9ee06b71 ("tcg/optimize: Handle TCG_COND_TST{EQ,NE}", 2024-02-03)
> Cc: Richard Henderson <pbonzini@redhat.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> tcg/optimize.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] tcg/optimize: fix uninitialized variable
2024-02-28 11:19 ` Philippe Mathieu-Daudé
@ 2024-02-28 12:20 ` Paolo Bonzini
2024-02-28 19:29 ` Richard Henderson
0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2024-02-28 12:20 UTC (permalink / raw)
To: Philippe Mathieu-Daudé; +Cc: qemu-devel
On Wed, Feb 28, 2024 at 12:19 PM Philippe Mathieu-Daudé
<philmd@linaro.org> wrote:
>
> On 28/2/24 12:06, Paolo Bonzini wrote:
> > The variables uext_opc and sext_opc are used without initialization if
> > TCG_TARGET_extract_i{32,64}_valid returns false. The result, depending
> > on the compiler, might be the generation of extract and sextract opcodes
>
> Shouldn't compilers bark?
I expected that too...
Paolo
> > with invalid offset and count, or just random data in the TCG opcode
> > stream.
> >
> > Fixes: ceb9ee06b71 ("tcg/optimize: Handle TCG_COND_TST{EQ,NE}", 2024-02-03)
> > Cc: Richard Henderson <pbonzini@redhat.com>
> > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> > ---
> > tcg/optimize.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] tcg/optimize: fix uninitialized variable
2024-02-28 12:20 ` Paolo Bonzini
@ 2024-02-28 19:29 ` Richard Henderson
2024-02-29 21:37 ` Richard Henderson
0 siblings, 1 reply; 5+ messages in thread
From: Richard Henderson @ 2024-02-28 19:29 UTC (permalink / raw)
To: Paolo Bonzini, Philippe Mathieu-Daudé; +Cc: qemu-devel
On 2/28/24 02:20, Paolo Bonzini wrote:
> On Wed, Feb 28, 2024 at 12:19 PM Philippe Mathieu-Daudé
> <philmd@linaro.org> wrote:
>>
>> On 28/2/24 12:06, Paolo Bonzini wrote:
>>> The variables uext_opc and sext_opc are used without initialization if
>>> TCG_TARGET_extract_i{32,64}_valid returns false. The result, depending
>>> on the compiler, might be the generation of extract and sextract opcodes
>>
>> Shouldn't compilers bark?
>
> I expected that too...
Weird. Anyhoo,
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] tcg/optimize: fix uninitialized variable
2024-02-28 19:29 ` Richard Henderson
@ 2024-02-29 21:37 ` Richard Henderson
0 siblings, 0 replies; 5+ messages in thread
From: Richard Henderson @ 2024-02-29 21:37 UTC (permalink / raw)
To: Paolo Bonzini, Philippe Mathieu-Daudé; +Cc: qemu-devel
On 2/28/24 09:29, Richard Henderson wrote:
> On 2/28/24 02:20, Paolo Bonzini wrote:
>> On Wed, Feb 28, 2024 at 12:19 PM Philippe Mathieu-Daudé
>> <philmd@linaro.org> wrote:
>>>
>>> On 28/2/24 12:06, Paolo Bonzini wrote:
>>>> The variables uext_opc and sext_opc are used without initialization if
>>>> TCG_TARGET_extract_i{32,64}_valid returns false. The result, depending
>>>> on the compiler, might be the generation of extract and sextract opcodes
>>>
>>> Shouldn't compilers bark?
>>
>> I expected that too...
>
> Weird. Anyhoo,
>
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Queued, thanks.
r~
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-02-29 21:38 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-02-28 11:06 [PATCH] tcg/optimize: fix uninitialized variable Paolo Bonzini
2024-02-28 11:19 ` Philippe Mathieu-Daudé
2024-02-28 12:20 ` Paolo Bonzini
2024-02-28 19:29 ` Richard Henderson
2024-02-29 21:37 ` Richard Henderson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).