this was hell to find out so hope you can use it.

first you need the qemu package from

http://homepage3.nifty.com/takeda-toshiya/qemu/


these debuggers , are the settings down below , is for.


ARM_versatilepb
ARM Versatile/PB
ARM Integrator/CP
ARM Linux kernel
MIPS Malta Core LV (for snippets)
Linux mipsel (full Linux system)
PowerPC 405e (for snippets)
PPC (full Linux system)



Edit the gadb_arch.cfg in ida cfg folder and set the path so it match yours.
set QEMUFLAGS if you are using older version.

Code (Text):

; configurations for "run external program" option
 
.default ARM_versatilepb
 
; set various common parameters
set QEMUPATH  %ProgramFiles%\QEMU
set QEMUFLAGS  -S -gdb tcp::%p,ipv4
; use the following line for QEMU <= 0.10
; set QEMUFLAGS  -S -s -p %p
 
.ARM_versatilepb
name      QEMU: ARM Versatile/PB
cpu        arm
area      DATA RAM    0x00000000:0x08000000
area      IO  SYSREGS 0x10000000:0x10200000
initial_sp 0x08000000
 
; %i - input file from "Process Options" dialog
; %e - temporary ELF file created from database contents
; %p - port number
 
cmdline    "$(QEMUPATH)/qemu-system-arm" $(QEMUFLAGS) -kernel "%e" -M versatilepb -cpu cortex-a8
 
.ARM_integratorcp
name QEMU: ARM Integrator/CP
cpu  arm
area DATA RAM    0x00000000:0x08000000
area IO  SYSREGS 0x10000000:0x20000000
area DATA RAM    0x80000000:0xc0000000
initial_sp 0x08000000
cmdline "$(QEMUPATH)/qemu-system-arm" $(QEMUFLAGS) -kernel "%e" -M integratorcp -cpu cortex-a8
 
.ARM_Linux
name QEMU: ARM Linux kernel
cpu  arm
area DATA RAM    0x00000000:0x08000000
area IO  SYSREGS 0x10000000:0x20000000
area DATA RAM    0x80000000:0xc0000000
initial_sp 0x08000000
cmdline "$(QEMUPATH)/qemu-system-arm" $(QEMUFLAGS) -kernel "%i" -initrd arm_root.img -cpu cortex-a8
 
.mipsel_Malta
name QEMU: MIPS Malta Core LV (for snippets)
cpu  mips
area DATA RAM    0x00000000:0x08000000
area IO  ISABASE 0x10000000:0x14000000
area IO  ISAIO  0x14000000:0x14010000
area DATA RAM    0x1fbf0000:0x1fc00000
area DATA BIOS    0x1fc00000:0x20000000
area DATA kseg0  0x80000000:0xA0000000
area IO  kseg1  0xA0000000:0xC0000000
;area DATA kseg2  0xC0000000:0xFFFFFFFE
initial_sp 0x08000000
cmdline "$(QEMUPATH)/qemu-system-mipsel" $(QEMUFLAGS) -S -gdb tcp::%p,ipv4 -cpu 4Km -kernel "%e"
 
.mipsel_Linux
name QEMU: Linux mipsel (full Linux system)
cpu  mips
area DATA RAM    0x00000000:0x08000000
area IO  ISABASE 0x10000000:0x14000000
area IO  ISAIO  0x14000000:0x14010000
area DATA RAM    0x1fbf0000:0x1fc00000
area DATA BIOS    0x1fc00000:0x20000000
area DATA kseg0  0x80000000:0xA0000000
area IO  kseg1  0xA0000000:0xC0000000
area DATA kseg2  0xC0000000:0xFFFFFFFE
initial_sp 0x08000000
cmdline "$(QEMUPATH)/qemu-system-mipsel" $(QEMUFLAGS) -L . -M mips -kernel "%i" -initrd initrd.gz -hda hda.img -append "root=/dev/ram console=ttyS0"
 
.ppc_405e
name QEMU: PowerPC 405e (for snippets)
cpu  ppc
area DATA RAM    0x00000000:0x08000000
area IO  ISABASE 0x80000000:0x81000000
area IO  ISAIO  0xfe000000:0xfe200000
area IO  PCIIO  0xfec00000:0xfff00000
area DATA PROM    0xfff00000:0xFFFFFFFE
initial_sp 0x08000000
cmdline "$(QEMUPATH)/qemu-system-ppc" $(QEMUFLAGS) -kernel "%e"
 
.ppc_Linux
name QEMU: Linux PPC (full Linux system)
cpu  ppc
area DATA RAM    0x00000000:0x08000000
area IO  ISABASE 0x80000000:0x81000000
area IO  ISAIO  0xfe000000:0xfe200000
area IO  PCIIO  0xfec00000:0xfff00000
area DATA PROM    0xfff00000:0xFFFFFFFE
initial_sp 0x08000000
cmdline "$(QEMUPATH)/qemu-system-ppc" $(QEMUFLAGS) -L . -hdc debian_lenny_powerpc_small.qcow
 

small tut

1) load ida

2) load ELF mips file.

3) under options >>>> debugger options, there is an field called set specific options , press that.



the settings pops up we configured the gdb_arch.cfg.

choose wich you want.

4) go to options >>>> Proccesser option .

set the host to localhost and port 1234.

start debugging.

Code (Text):

qemu-system-ppc64.exe" -gdb tcp::%p,ipv4 "%e

have tried these settings for debugging PPC executable. still little buggy.
So cant set breakpoint in memory and run.
Works for code execution though.