Enable GDB Server on QEMU

There are two ways to enable the GDB server on QEMU.

  1. Adding -s -S option to the QEMU command line. If you use run-blackbox.sh, you can simply pass --debug to the script. QEMU will then wait until you connect a GDB session to it to start the VM.
  2. When the VM is running, press Ctrl-a c to toggle the QEMU monitor and then use gdbserver. You can then press Ctrl-a c to exit the QEMU monitor to drop back to the serial console.

Either way, QEMU will start a GDB server at port 1234 and wait for a GDB session.

Connect to the GDB Server

Once you have the GDB server enabled on QEMU, you can connect a GDB session to it. If you are using x86 machine, you will need to install gdb-multiarch from apt and use gdb-multiarch for the rest of the page.

root $ gdb vmlinux
....
(gdb)

Once you get to the gdb command line, use

(gdb) tar rem :1234

to connect to the GDB server. You can then check each CPU of the emulated machine by

(gdb) info threads
  Id   Target Id                    Frame 
* 1    Thread 1.1 (CPU#0 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126
  2    Thread 1.2 (CPU#1 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126
  3    Thread 1.3 (CPU#2 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126
  4    Thread 1.4 (CPU#3 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126

You can switch to a different CPU by thread n

(gdb) thread 2
[Switching to thread 2 (Thread 1.2)]
#0  arch_cpu_idle () at arch/arm64/kernel/process.c:126
126             local_irq_enable();
(gdb) info thread
  Id   Target Id                    Frame 
  1    Thread 1.1 (CPU#0 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126
* 2    Thread 1.2 (CPU#1 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126
  3    Thread 1.3 (CPU#2 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126
  4    Thread 1.4 (CPU#3 [halted ]) arch_cpu_idle () at arch/arm64/kernel/process.c:126

The VM is now halted by GDB. To continue the execution, use c

(gdb) c
Continuing.

To halt the VM again, use Ctrl-c

(gdb) c
Continuing.
^C
Thread 1 received signal SIGINT, Interrupt.
[Switching to Thread 1.1]
arch_cpu_idle () at arch/arm64/kernel/process.c:126
126             local_irq_enable();
(gdb)

Set Breakpoint for QEMU

There are many detailed instructions for using GDB online. Just Google(DuckDuckGo, Bing, etc.) it. For kernel and BlackBox debugging, there are a few caveats.