Using qemu to debug kernel

The qemu when used in the system mode can be used to run a complete operating system in another. For e.g. if we want to test a kernel image compiled for ARM on the x86 we can do it using the qemu in system mode

Another use of qemu is to debug or single step through the kernel code to debug it or to just understand the code.

To be able to debug the kernel running inside the qemu we will first need to have a kernel that is compiled with debug info, i.e. the option CONFIG_DEBUG_INFO should be set which done as follows:

Download the source code from
Create default config using

Launch the configuration menu using

Now go to option kernel hacking and select the option compile kernel with debug info

Note: You will require package ncurses-devel to be installed .

If menuconfig does not launch then you cna open the .config file using any editor and search for CONFIG_DEBUG_INFO and set it to y
Now run :

If there are no errors the bzimage would have got generated in arch/x86/boot under the source tree which we compiled.

Now let us boot this kernel using qemu and see how we can debug it. To just run the newly compiled kernel we can use the command

But to be able to debug the we will have to add the following options :

S: to ask the qemu to stop as soon as it starts,so that we can single execute when we are ready with the gdb connection s: to inform qemu to wait for HSBC connection on port 1234 kernel: To point to the bzimage that we wish to boot. The command with the options will be:

After executing the command,a qemu window is launched,which stops booting because of the S option.We can see the message stopped written in the top title bar of qemu.

Now open a new terminal and launch gdb passing to it the vmlinux that got created as a result of the kernel compilation

The gdb will read the debugging symbols that have got compiled with the kernel from vmlinux thus help us in debugging the kernel.

Now we need to connect this gdb session with the qemu session launched previously, which can be done by using the following command in gdb prompt

This connects the gdb to the qemu.
To set a breakpoint for a kernel function use the command break in the gdb prompt. For eg

This will set a break point for the function kernel_init
To start execution of qemu use the command c which stands for continue.

The other gdb commands and their working can be found in the post "Introduction to gdb" .

To stop debugging use the command quit in gdb, which will also kill the qemu session.

Follow by Email