0132_Qemu.md

Qemu

尝试一下Qemu启动init文件系统

参考文档

• Ubuntu 16.04 利用qemu模拟ARM开发板
• 使用qemu搭建linux内核开发环境详细教程

Kernel run

• cd linux-rpi-4.19.y
  • make CROSS_COMPILE=arm-linux-gnueabihf- ARCH=arm vexpress_defconfig
  • make CROSS_COMPILE=arm-linux-gnueabihf- ARCH=arm -j4
• cp linux-rpi-4.19.y/arch/arm/boot/zImage images/
• cp linux-rpi-4.19.y/arch/arm/boot/dts/vexpress-v2p-ca9.dtb images/
• pulseaudio -D
• mkdir init && cd init
  • cat init.c

    #include <stdio.h>
    
    void main()
    {
        printf("welcome to qemu test init\n");
        while(1);
    }

  • arm-linux-gnueabihf-gcc -static -o init init.c
  • echo init | cpio -o --format=newc > initramfs
• qemu-system-arm -M vexpress-a9 -m 512M -dtb ./images/vexpress-v2p-ca9.dtb -kernel ./images/zImage -nographic -append "init=/init rw console=ttyAMA0" -initrd ./images/initramfs

  pulseaudio: set_sink_input_volume() failed
  pulseaudio: Reason: Invalid argument
  pulseaudio: set_sink_input_mute() failed
  pulseaudio: Reason: Invalid argument
  Booting Linux on physical CPU 0x0
  Linux version 4.19.122 (pi@raspberrypi) (gcc version 8.3.0 (Raspbian 8.3.0-6+rpi1)) #2 SMP Tue Jul 21 15:18:03 CST 2020
  CPU: ARMv7 Processor [410fc090] revision 0 (ARMv7), cr=10c5387d
  CPU: PIPT / VIPT nonaliasing data cache, VIPT nonaliasing instruction cache
  OF: fdt: Machine model: V2P-CA9
  Memory policy: Data cache writeback
  CPU: All CPU(s) started in SVC mode.
  random: get_random_bytes called from start_kernel+0x98/0x470 with crng_init=0
  percpu: Embedded 16 pages/cpu s32780 r8192 d24564 u65536
  Built 1 zonelists, mobility grouping on.  Total pages: 130048
  Kernel command line: init=/init rw console=ttyAMA0
  log_buf_len individual max cpu contribution: 4096 bytes
  log_buf_len total cpu_extra contributions: 12288 bytes
  log_buf_len min size: 16384 bytes
  log_buf_len: 32768 bytes
  early log buf free: 15028(91%)
  Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
  Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
  Memory: 509140K/524288K available (6144K kernel code, 397K rwdata, 1404K rodata, 1024K init, 156K bss, 15148K reserved, 0K cma-reserved)
  Virtual kernel memory layout:
      vector  : 0xffff0000 - 0xffff1000   (   4 kB)
      fixmap  : 0xffc00000 - 0xfff00000   (3072 kB)
      vmalloc : 0xa0800000 - 0xff800000   (1520 MB)
      lowmem  : 0x80000000 - 0xa0000000   ( 512 MB)
      modules : 0x7f000000 - 0x80000000   (  16 MB)
        .text : 0x(ptrval) - 0x(ptrval)   (7136 kB)
        .init : 0x(ptrval) - 0x(ptrval)   (1024 kB)
        .data : 0x(ptrval) - 0x(ptrval)   ( 398 kB)
         .bss : 0x(ptrval) - 0x(ptrval)   ( 157 kB)
  SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1
  rcu: Hierarchical RCU implementation.
  rcu:    RCU event tracing is enabled.
  rcu:    RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=4.
  rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4
  NR_IRQS: 16, nr_irqs: 16, preallocated irqs: 16
  GIC CPU mask not found - kernel will fail to boot.
  GIC CPU mask not found - kernel will fail to boot.
  L2C: platform modifies aux control register: 0x02020000 -> 0x02420000
  L2C: DT/platform modifies aux control register: 0x02020000 -> 0x02420000
  L2C-310 enabling early BRESP for Cortex-A9
  L2C-310 full line of zeros enabled for Cortex-A9
  L2C-310 dynamic clock gating disabled, standby mode disabled
  L2C-310 cache controller enabled, 8 ways, 128 kB
  L2C-310: CACHE_ID 0x410000c8, AUX_CTRL 0x46420001
  sched_clock: 32 bits at 24MHz, resolution 41ns, wraps every 89478484971ns
  clocksource: arm,sp804: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275 ns
  Failed to initialize '/smb@4000000/motherboard/iofpga@7,00000000/timer@12000': -22
  smp_twd: clock not found -2
  Console: colour dummy device 80x30
  Calibrating local timer... 99.64MHz.
  Calibrating delay loop... 356.35 BogoMIPS (lpj=1781760)
  pid_max: default: 32768 minimum: 301
  Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
  Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
  CPU: Testing write buffer coherency: ok
  CPU0: Spectre v2: using BPIALL workaround
  CPU0: thread -1, cpu 0, socket 0, mpidr 80000000
  Setting up static identity map for 0x60100000 - 0x60100060
  rcu: Hierarchical SRCU implementation.
  smp: Bringing up secondary CPUs ...
  smp: Brought up 1 node, 1 CPU
  SMP: Total of 1 processors activated (356.35 BogoMIPS).
  CPU: All CPU(s) started in SVC mode.
  devtmpfs: initialized
  VFP support v0.3: implementor 41 architecture 3 part 30 variant 9 rev 0
  clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
  futex hash table entries: 1024 (order: 4, 65536 bytes)
  NET: Registered protocol family 16
  DMA: preallocated 256 KiB pool for atomic coherent allocations
  cpuidle: using governor ladder
  hw-breakpoint: debug architecture 0x4 unsupported.
  Serial: AMBA PL011 UART driver
  10009000.uart: ttyAMA0 at MMIO 0x10009000 (irq = 29, base_baud = 0) is a PL011 rev1
  console [ttyAMA0] enabled
  1000a000.uart: ttyAMA1 at MMIO 0x1000a000 (irq = 30, base_baud = 0) is a PL011 rev1
  1000b000.uart: ttyAMA2 at MMIO 0x1000b000 (irq = 31, base_baud = 0) is a PL011 rev1
  1000c000.uart: ttyAMA3 at MMIO 0x1000c000 (irq = 32, base_baud = 0) is a PL011 rev1
  OF: amba_device_add() failed (-19) for /smb@4000000/motherboard/iofpga@7,00000000/wdt@f000
  OF: amba_device_add() failed (-19) for /memory-controller@100e0000
  OF: amba_device_add() failed (-19) for /memory-controller@100e1000
  OF: amba_device_add() failed (-19) for /watchdog@100e5000
  irq: type mismatch, failed to map hwirq-75 for interrupt-controller@1e001000!
  SCSI subsystem initialized
  usbcore: registered new interface driver usbfs
  usbcore: registered new interface driver hub
  usbcore: registered new device driver usb
  Advanced Linux Sound Architecture Driver Initialized.
  clocksource: Switched to clocksource arm,sp804
  NET: Registered protocol family 2
  tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 6144 bytes)
  TCP established hash table entries: 4096 (order: 2, 16384 bytes)
  TCP bind hash table entries: 4096 (order: 3, 32768 bytes)
  TCP: Hash tables configured (established 4096 bind 4096)
  UDP hash table entries: 256 (order: 1, 8192 bytes)
  UDP-Lite hash table entries: 256 (order: 1, 8192 bytes)
  NET: Registered protocol family 1
  RPC: Registered named UNIX socket transport module.
  RPC: Registered udp transport module.
  RPC: Registered tcp transport module.
  RPC: Registered tcp NFSv4.1 backchannel transport module.
  Unpacking initramfs...
  Freeing initrd memory: 484K
  hw perfevents: enabled with armv7_cortex_a9 PMU driver, 1 counters available
  workingset: timestamp_bits=30 max_order=17 bucket_order=0
  squashfs: version 4.0 (2009/01/31) Phillip Lougher
  jffs2: version 2.2. (NAND) © 2001-2006 Red Hat, Inc.
  9p: Installing v9fs 9p2000 file system support
  io scheduler noop registered (default)
  io scheduler mq-deadline registered
  io scheduler kyber registered
  clcd-pl11x 1001f000.clcd: PL111 designer 41 rev2 at 0x1001f000
  clcd-pl11x 1001f000.clcd: clcd@1f000 hardware, 640x480@59 display
  Console: switching to colour frame buffer device 80x30
  clcd-pl11x 10020000.clcd: PL111 designer 41 rev2 at 0x10020000
  clcd-pl11x 10020000.clcd: clcd@10020000 hardware, 1024x768@59 display
  40000000.flash: Found 2 x16 devices at 0x0 in 32-bit bank. Manufacturer ID 0x000000 Chip ID 0x000000
  Intel/Sharp Extended Query Table at 0x0031
  Using buffer write method
  40000000.flash: Found 2 x16 devices at 0x0 in 32-bit bank. Manufacturer ID 0x000000 Chip ID 0x000000
  Intel/Sharp Extended Query Table at 0x0031
  Using buffer write method
  Concatenating MTD devices:
  (0): "40000000.flash"
  (1): "40000000.flash"
  into device "40000000.flash"
  libphy: Fixed MDIO Bus: probed
  smsc911x 4e000000.ethernet: Linked as a consumer to regulator.1
  libphy: smsc911x-mdio: probed
  smsc911x 4e000000.ethernet eth0: MAC Address: 52:54:00:12:34:56
  isp1760 4f000000.usb: bus width: 32, oc: digital
  isp1760 4f000000.usb: NXP ISP1760 USB Host Controller
  isp1760 4f000000.usb: new USB bus registered, assigned bus number 1
  isp1760 4f000000.usb: Scratch test failed.
  isp1760 4f000000.usb: can't setup: -19
  isp1760 4f000000.usb: USB bus 1 deregistered
  usbcore: registered new interface driver usb-storage
  rtc-pl031 10017000.rtc: rtc core: registered pl031 as rtc0
  mmci-pl18x 10005000.mmci: /aliases ID not available
  mmci-pl18x 10005000.mmci: Got CD GPIO
  mmci-pl18x 10005000.mmci: Got WP GPIO
  mmci-pl18x 10005000.mmci: Linked as a consumer to regulator.1
  mmci-pl18x 10005000.mmci: mmc0: PL181 manf 41 rev0 at 0x10005000 irq 25,26 (pio)
  input: AT Raw Set 2 keyboard as /devices/platform/smb@4000000/smb@4000000:motherboard/smb@4000000:motherboard:iofpga@7,00000000/10006000.kmi/serio0/input/input0
  ledtrig-cpu: registered to indicate activity on CPUs
  usbcore: registered new interface driver usbhid
  usbhid: USB HID core driver
  aaci-pl041 10004000.aaci: ARM AC'97 Interface PL041 rev0 at 0x10004000, irq 24
  aaci-pl041 10004000.aaci: FIFO 512 entries
  oprofile: using arm/armv7-ca9
  NET: Registered protocol family 17
  9pnet: Installing 9P2000 support
  Registering SWP/SWPB emulation handler
  rtc-pl031 10017000.rtc: setting system clock to 2020-07-21 07:57:00 UTC (1595318220)
  ALSA device list:
    #0: ARM AC'97 Interface PL041 rev0 at 0x10004000, irq 24
  Freeing unused kernel memory: 1024K
  Run /init as init process
  welcome to qemu test init
  input: ImExPS/2 Generic Explorer Mouse as /devices/platform/smb@4000000/smb@4000000:motherboard/smb@4000000:motherboard:iofpga@7,00000000/10007000.kmi/serio1/input/input2
  

rootfs

• mkdir rootfs && cd rootfs
  • mkdir tmpfs
  • dd if=/dev/zero of=a9rootfs.ext4 bs=1M count=32
  • sudo mount -t ext4 a9rootfs.ext4 tmpfs/ -o loop
  • mkfs.ext4 a9rootfs.ext4
  • sudo cp ../init/init tmpfs
  • tree

    .
    ├── a9rootfs.ext4
    └── tmpfs
        ├── init
        └── lost+found [error opening dir]
    
    2 directory, 2 files
    

  • sudo umount tmpfs
• qemu-system-arm -M vexpress-a9 -m 512M -dtb ./images/vexpress-v2p-ca9.dtb -kernel ./images/zImage -nographic -append "init=/init root=/dev/mmcblk0 rootfstype=ext4 rw console=ttyAMA0" -sd rootfs/a9rootfs.ext4

qemu gdb

• qemu-system-arm -M vexpress-a9 -m 512M -dtb ./images/vexpress-v2p-ca9.dtb -kernel ./images/zImage -nographic -append "init=/init root=/dev/mmcblk0 rootfstype=ext4 rw console=ttyAMA0" -sd rootfs/a9rootfs.ext4 -S -s
  • -S: 就是挂起gdbserver，让gdb remote connect it。 　　
  • -s: 默认使用1234端口进行远程调试，和-gdb tcp::1234类似。
• cd linux-rpi-4.19.y && gdb ./vmlinux
  • 网口
    • target remote:1234 (默认端口是1234，进行远程连接)
    • target remote the-target:1234
  • 串口(kgdb)
    • stty ispeed 921600 ospeed 921600 -F /dev/ttyUSB1
    • target remote /dev/ttyUSB1
  • b start_kernel (设置断点) * l (list代码)
  • n (运行next line)
  • c (continue 运行到断点处)