I'm running qemu-system-i386 -s -S -singlestep (and sometimes qemu-system-x86_64), and I connect to it over TCP to address 127.0.0.1:1234 using the GDB remote protocol. I issue the g command to get (some) register values, including CS and EIP.
How do I get the current code bit size value (16 for real mode and 16-bit protected mode, 32 for 32-bit protected mode and 64 for long mode) using the GDB remote protocol?
I know that I can also get it from the segment descriptor of CS (it's in the DB flag) for protected mode, and I can detect protected mode by checking the PE bit of CR0. However, I can't find any (direct) way to get either the segment descriptor of CS or CR0 using the GDB remote protocol.
FYI The respose for the command qXfer:features:read:target.xml:0,4096 contains the constant <architecture>i386</architecture>
no matter what the current mode is.
If the GDB server is gdb(1), then CR0 has register number 0x38 (for i386) or 0x48 (for amd64), so the command p38 or p48 returns its value. Also it's included in the result of g. Please note that in my case qemu-system-i386 is the GDB server, and it doesn't provide CR0 in g, and it doesn't support the p command.
It's possible to get the value of CR0 and the flags using the QEMU-specific GDB command qRcmd,696e666f20726567697374657273, where the hex string is the hex encoding of info registers, which is a QEMU monitor command. The response for that is multiple lines, including these:
CS =f000 ffff0000 0000ffff 00009b00
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
Knowing these values it's possible to figure out the mode.