live kernel-debugging windows drivers in qemu from linux (no windbg, no whpx, no exdi)
โ a working recipe for breakpointing windows kernel drivers running in a qemu/kvm guest, driven entirely from a linux host over the qemu gdbstub. it sidesteps the usual windbg-over-kdnet/exdi and whpx pain: gdb attaches to the gdbstub directly, base+rva is resolved without pdbs, and the single rule that fixes "symbols resolve but my breakpoint never hits" is hardware breakpoints only. ends with a real captured ring-0 saved-rip overwrite.