[QEMU] Running Linux 2.6.33 ARM versatilepb

Compiling Linux kernel for QEMU ARM emulator
http://balau82.wordpress.com/2010/03/22/compiling-linux-kernel-for-qemu-arm-emulator/
versatilepb has 4 PrimeCell UART (PL011)(ttyAMA0-3), LCD tty0.

2.6.33 (2.6.34, failed at 2.6.35 and after), 2010q1
make ARCH=arm versatile_defconfig
make ARCH=arm menuconfig

If RAMdisk size might > 4MB, change CONFIG_BLK_DEV_RAM_SIZE to higher value.
Enable CONFIG_AEABI, disable CONFIG_MODULES. Build zImage

make ARCH=arm CROSS_COMPILE=arm-none-linux-gnueabi- all

Booting should be fine, but lack of rootfs.

qemu-system-arm -M versatilepb -m 128M -kernel zImage

Create a CPIO rootfs
The CPIO rootfs doesn't need /dev/console.

cat > test.c << eof
#include <stdio.h>
void main() {
printf("Hello World!\n");
while(1);
}
eof
arm-none-linux-gnueabi-gcc -static test.c -o test
echo test | cpio -o --format=newc > rootfs

CPIO: Both kernel and user space message goes to tty0 by default.

qemu-system-arm -M versatilepb -m 128M -kernel zImage -initrd rootfs -append "root=/dev/ram rdinit=/test"

CPIO: Both kernel and user space message goes to ttyAMA0

qemu-system-arm -M versatilepb -m 128M -kernel zImage -initrd rootf -append "root=/dev/ram rdinit=/test console=ttyAMA0" -nographic

---

ERROR: I had no issue booting zImage, but ran into following error while running userspace programs, no matter the "hello world" test or busybox, with my old CodeSoucery toolchain:

test (1): undefined instruction: pc=00017104
Code: e3a0e000 e1a0c00e e5d03000 e2433030 (e6ef2073)

After a lot of try-and-error, I finally found that the old CodeSoucery toolchain that I downloaded long times ago doesn't work, while the one downloaded recently does, WTF....
arm-2009q1-203-arm-none-linux-gnueabi-i686-pc-linux-gnu.tar.bz2

old downloaded md5sum: a88fb553950d1b47ecefa9929dea04a8
recently downloaded md5sum: 1a6e88782f08b09a0e6cef545a1712ec

It might be caused by the default ARM arch used by the compiler.

I use buildroot to build rootfs and lib, BR2_generic_arm must be set. Enabling BR2_arm1136jf_s would cause similar issue. It might be caused by unsupported instruction of new arch.

---

In RAM disk, if /dev/console is missing, both tty0 or ttyAMA0 will not see "Hello World". /dev/console can be created by

# mknod dev/console c 5 1

(TODO: start from busybox download?)

1. basic rootfs: /etc, /dev, ...
2. library: /lib (or build all as static)
3. busybox, enable CONFIG_STATIC if no library


By default, both kernel and user space message goes to tty0

qemu-system-arm -M versatilepb -m 128M -kernel zImage -append "root=/dev/ram0 rw init=/test user_debug=31" -initrd ramdisk.img.gz
qemu-system-arm -M versatilepb -m 128M -kernel zImage -append "root=/dev/ram0 rw init=/test user_debug=31 console=tty0" -initrd ramdisk.img.gz

Both kernel and user space message goes to ttyAMA0

qemu-system-arm -M versatilepb -m 128M -kernel zImage -append "root=/dev/ram0 rw init=/test user_debug=31 console=ttyAMA0 " -initrd ramdisk.img.gz -nographic

kernel message will goes to both tty0 and ttyAMA0, but user space message only goes to the ttyAMA0(the last one)

qemu-system-arm -M versatilepb -m 128M -kernel zImage -append "root=/dev/ram0 rw init=/test user_debug=31 console=tty0 console=ttyAMA0 " -initrd ramdisk.img.gz -nographic

Enable ethernet:

qemu-system-arm -M versatilepb -m 256M -kernel output/zImage -append "root=/dev/ram0 rw init=/linuxrc user_debug=31 console=ttyAMA0" --nographic -initrd output/ramdisk.img.gz -net nic,macaddr=00:00:00:00:02:00 -net tap,ifname=tap2,script=no

Eanble 2 ethernet result in Segmentation fault of QEMU:

qemu-system-arm -M versatilepb -m 256M -kernel output/zImage -append "root=/dev/ram0 rw init=/linuxrc user_debug=31 console=ttyAMA0" --nographic -initrd output/ramdisk.img.gz -net nic,macaddr=00:00:00:00:02:00 -net tap,ifname=tap0,script=no -net nic,macaddr=00:00:00:00:01:00 -net tap,ifname=tap1,script=no

Eanble PCI and E1000 result in emulated Linux panic:

qemu-system-arm -M versatilepb -m 256M -kernel output/zImage -append "root=/dev/ram0 rw init=/linuxrc user_debug=31 console=ttyAMA0" --nographic -initrd output/ramdisk.img.gz -net nic,macaddr=00:00:00:00:02:00 -net tap,ifname=tap0,script=no -net nic,model=e1000,macaddr=00:00:00:00:01:00 -net tap,ifname=tap1,script=no

Kernel panic:

Intel(R) PRO/1000 Network Driver - version 7.3.21-k5-NAPI
Copyright (c) 1999-2006 Intel Corporation.
PCI: enabling device 0000:00:0c.0 (0000 -> 0003)
Unable to handle kernel paging request at virtual address 44000400
(...............)
[<c01ab10c>] (e1000_io_write+0x0/0x8) from [<c01b4a6c>] (e1000_reset_hw+0xc0/0x1f4)
[<c01b4a6c>] (e1000_reset_hw+0xc0/0x1f4) from [<c028b9bc>] (e1000_probe+0x3d0/0xa98)
[<c028b9bc>] (e1000_probe+0x3d0/0xa98) from [<c0163b58>] (local_pci_probe+0x18/0x1c)
[<c0163b58>] (local_pci_probe+0x18/0x1c) from [<c01642fc>] (pci_device_probe+0x58/0x8c)
[<c01642fc>] (pci_device_probe+0x58/0x8c) from [<c0198f38>] (driver_probe_device+0xa8/0x15c)
[<c0198f38>] (driver_probe_device+0xa8/0x15c) from [<c019904c>] (__driver_attach+0x60/0x84)
[<c019904c>] (__driver_attach+0x60/0x84) from [<c0198800>] (bus_for_each_dev+0x44/0x74)
[<c0198800>] (bus_for_each_dev+0x44/0x74) from [<c0198168>] (bus_add_driver+0x9c/0x218)
[<c0198168>] (bus_add_driver+0x9c/0x218) from [<c0199320>] (driver_register+0xa8/0x134)
[<c0199320>] (driver_register+0xa8/0x134) from [<c0164528>] (__pci_register_driver+0x38/0xac)
[<c0164528>] (__pci_register_driver+0x38/0xac) from [<c001a040>] (e1000_init_module+0x34/0x88)
[<c001a040>] (e1000_init_module+0x34/0x88) from [<c002438c>] (do_one_initcall+0x5c/0x1bc)
[<c002438c>] (do_one_initcall+0x5c/0x1bc) from [<c0008574>] (kernel_init+0x90/0x144)
[<c0008574>] (kernel_init+0x90/0x144) from [<c0025e38>] (kernel_thread_exit+0x0/0x8)