Month: June 2013

GDB two-breakpoints inter-communication between gdb and gdbstub of qemu

$tcpflow -c -i lo0 port 1234

tcpflow[5508]: 127.000.000.001.01234-127.000.000.001.58366: new flow
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qSupported:multiprocess+;xmlRegisters=i386;qRelocInsn+#b5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $PacketSize=1000#f1
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $Hg0#df
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $?#3f
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $T05thread:01;#07
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $Hc-1#09
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qC#b4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $QC1#c5
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qAttached#8f
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $#00
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $g#67
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $0000000000000000230600000000000000000000000000000000000000000000f0ff00000200000000f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000801f0000#e4
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,1#2c
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,1#2c
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,1#2c
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,1#2c
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,1#2c
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,1#2c
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,8#33
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $0000000000000000#00
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $mfff0,7#32
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00000000000000#a0
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qTStatus#49
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $#00
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qTStatus#49
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $#00
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $00#60
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qTStatus#49
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $#00
127.000.000.001.58366-127.000.000.001.01234: +

 

 Reach 0x7c00

127.000.000.001.58366-127.000.000.001.01234: $qTStatus#49
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $#00
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $Z0,7c00,1#0d
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $Z0,7c01,1#0e
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $vCont?#49
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $vCont;c;C;s;S#62
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $vCont;c#a8
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $T05thread:01;#07
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $g#67
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $55aa00000000000080000000000000001c6f0000000000000000000000000000007c00000202000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000801f0000#21
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $z0,7c00,1#2d
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $z0,7c01,1#2e
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $fa#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $fa#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $fa#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $fa#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $fa#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,1#c4
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $fa#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,8#cb
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $faeb6c0000004c49#4b
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c00,7#ca
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $faeb6c0000004c#de
127.000.000.001.58366-127.000.000.001.01234: +

 Reach 0x7c01
127.000.000.001.58366-127.000.000.001.01234: $vCont;s:1#23
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $T05thread:01;#07
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $g#67
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $55aa00000000000080000000000000001c6f0000000000000000000000000000017c00000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000801f0000#20
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,1#c5
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb#c7
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,8#cc
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb6c0000004c494c#1b
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $m7c01,7#cb
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $eb6c0000004c49#84
127.000.000.001.58366-127.000.000.001.01234: +

  Last “c”

127.000.000.001.58366-127.000.000.001.01234: $vCont;s:1#23
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $T05thread:01;#07
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $g#67
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $55aa00000000000080000000000000001c6f00000000000000000000000000006f7c00000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000801f0000#5b
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $qTStatus#49
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $#00
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $Z0,7c00,1#0d
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $Z0,7c01,1#0e
127.000.000.001.01234-127.000.000.001.58366: +
127.000.000.001.01234-127.000.000.001.58366: $OK#9a
127.000.000.001.58366-127.000.000.001.01234: +
127.000.000.001.58366-127.000.000.001.01234: $vCont;c#a8
127.000.000.001.01234-127.000.000.001.58366: +
^Ctcpflow[5508]: terminating

read count : 637

gdb – qemu : two breakpoints flowchart

This is the flowchart for qemu-gdb after i insert two breakpoints at 0x7c00 and 0x7c01, you can see everytime gdb hit a breakpoints, it will remove all breakpoints. And if the current address is the address that hit the breakpoint, when you want to “cont”, gdb will send a “s” command first.

gdb - qemu two breakpoints flowchart

read count : 790

gdb crash, for another debug server

if you are create your own debug server,  gdb will crash, take a look:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffebfff700 (LWP 32202)]
0x000055555577632b in gdb_set_stop_cpu (env=env@entry=0x5555564f6d20) at /root/workspace/qemu-1.5.0/gdbstub.c:2510
2510 gdbserver_state->c_cpu = env;
Missing separate debuginfos, use: debuginfo-install SDL-1.2.15-3.fc18.x86_64 cyrus-sasl-lib-2.1.23-37.fc18.x86_64 glib2-2.34.2-2.fc18.x86_64 glibc-2.16-28.fc18.x86_64 libX11-1.5.0-3.fc18.x86_64 libXau-1.0.6-4.fc18.x86_64 libXcursor-1.1.13-2.fc18.x86_64 libXext-1.3.1-2.fc18.x86_64 libXfixes-5.0-3.fc18.x86_64 libXrandr-1.4.0-1.fc18.x86_64 libXrender-0.9.7-2.fc18.x86_64 libpng-1.5.13-1.fc18.x86_64 libxcb-1.9-1.fc18.x86_64 nss-softokn-freebl-3.14.3-1.fc18.x86_64 pixman-0.28.0-1.fc18.x86_64 zlib-1.2.7-9.fc18.x86_64
(gdb) bt
#0 0x000055555577632b in gdb_set_stop_cpu (env=env@entry=0x5555564f6d20) at /root/workspace/qemu-1.5.0/gdbstub.c:2510
#1 0x000055555575723c in cpu_handle_guest_debug (env=env@entry=0x5555564f6d20) at /root/workspace/qemu-1.5.0/cpus.c:468
#2 0x0000555555758587 in tcg_exec_all () at /root/workspace/qemu-1.5.0/cpus.c:1179
#3 qemu_tcg_cpu_thread_fn (arg=<optimized out>) at /root/workspace/qemu-1.5.0/cpus.c:844
#4 0x00007ffff6bb7d15 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffff5e0146d in clone () from /lib64/libc.so.6

Even the gdbserver if not started (because you started your own debug server, so you mustn’t start the gdbserver in qemu), qemu will still call gdb_set_stop_cpu(env); in cpus.c line 468. This will crash qemu.

read count : 549