summary refs log tree commit diff stats
path: root/results/classifier/no-thinking-deepseek-r1:70b/output/runtime/1774149
blob: 55ffb3347c4fc92659b8963b47d1bfd25cd31e7b (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

qemu-user x86_64 x86 gdb call function from gdb doesn't work

While running qemu user x86_64 x86 with gdb server, calling functions are not working.

Here is how to reproduce it:

run in a terminal:
$ qemu-x86_64 -g 12345 -L / /bin/ls

In another terminal run gdb:
(gdb) file /bin/ls
(gdb) target remote :12345
(gdb) b _init
(gdb) c
(gdb) call malloc(1)
Could not fetch register "fs_base"; remote failure reply 'E14'

In other cases we also got the error:
Could not fetch register "orig_rax"; remote failure reply 'E14'

Here is how I patched it (it is only a workaround):

diff --git a/gdbstub.c b/gdbstub.c
index 2a94030..5749efe 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -668,6 +668,11 @@ static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
             return r->get_reg(env, mem_buf, reg - r->base_reg);
         }
     }
+#ifdef TARGET_X86_64
+    return 8;
+#elif TARGET_I386
+    return 4;
+#endif
     return 0;
 }

(Our guess for this issue was, gdb is requesting for 'fake' registers to know register size)

Once we patched that, we got another problem while calling functions from gdb: We could call functions, but only once.

Here is how to reproduce it:
run in a terminal:
$ qemu-x86_64 -g 12345 -L / /bin/ls

In another terminal run gdb:
(gdb) file /bin/ls
(gdb) target remote :12345
(gdb) b _init
(gdb) c
(gdb) call malloc(1)
$1 = (void *) 0x620010
(gdb) call malloc(1)
Cannot access memory at address 0x40007ffb8f

Here is how we patched it to make it work:

diff --git a/exec.c b/exec.c
index 03238a3..d303922 100644
--- a/exec.c
+++ b/exec.c
@@ -2833,7 +2833,7 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
         if (!(flags & PAGE_VALID))
             return -1;
         if (is_write) {
-            if (!(flags & PAGE_WRITE))
+            if (!(flags & (PAGE_WRITE | PAGE_WRITE_ORG)))
                 return -1;
             /* XXX: this code should not depend on lock_user */
             if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))

From what we saw, there is a page which is passed to read-only after first execution, and gdb need to write on that page to put a breakpoint. (on the stack)

We suspect this is linked to this:
https://qemu.weilnetz.de/w64/2012/2012-06-28/qemu-tech.html#Self_002dmodifying-code-and-translated-code-invalidation