On 4/1/25 09:43, Philippe Mathieu-Daudé wrote:
Be sure to allocate the temp frame if it wasn't.Fixes: c896fe29d6c ("TCG code generator") Reported-by: Michael Tokarev <[email protected]> Reported-by: Helge Konetzka <[email protected]> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2891 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2899 Signed-off-by: Philippe Mathieu-Daudé <[email protected]> --- tcg/tcg.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tcg/tcg.c b/tcg/tcg.c index e8950df2ad3..dfd48b82642 100644 --- a/tcg/tcg.c +++ b/tcg/tcg.c @@ -4671,6 +4671,9 @@ static void temp_load(TCGContext *s, TCGTemp *ts, TCGRegSet desired_regs, ts->mem_coherent = 0; break; case TEMP_VAL_MEM: + if (!ts->mem_allocated) { + temp_allocate_frame(s, ts); + } reg = tcg_reg_alloc(s, desired_regs, allocated_regs, preferred_regs, ts->indirect_base); tcg_out_ld(s, ts->type, reg, ts->mem_base->reg, ts->mem_offset);
I suspect this is a read from a temporary that is uninitialized. Ordinarily the stack slot would have been allocated by the store.
I guess I should have a look at the testcase... r~
