qemu-ios icon indicating copy to clipboard operation
qemu-ios copied to clipboard

Published 20 hours ago verified publisher icon devos50

Kernel Panic During Boot (iPod Touch 2G)

Open NinjaCheetah opened this issue 9 months ago • 1 comments

Tried running the emulator as described to emulate the iPod Touch 2G, but I never get any visual output and I eventually just get a kernel panic. It's definitely possible I'm missing something obvious, though 😓

Host: M4 MacBook Pro OS: macOS 15.3.1

Logs from where it seems to hit the issue:

GINTSTS=00000000 GINTMSK=00000000 DAINT=00000000 DAINTMSK=00000000 GNPTXSTS=ffffffff
DCFG=00000000 DCTL=00000000 DSTS=00000000
EP80 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP00 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP81 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP82 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP83 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP01 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP02 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000

      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
Writing PMU register cmd 19 reg 49
Writing PMU register cmd 7 reg 49
isl29003dl_event Got event 1
isl29003dl_send Lightsensor ready
Writing lightsensor data 4
isl29003dl_event Got event 3
isl29003dl_event Got event 0
Reading lightsensor register 4
isl29003dl_event Got event 3
isl29003dl_event Got event 1
isl29003dl_send Lightsensor ready
Writing lightsensor data 5
Writing lightsensor data 5
isl29003dl_event Got event 3
isl29003dl_event Got event 1
isl29003dl_send Lightsensor ready
Writing lightsensor data 5
Writing lightsensor data 5
isl29003dl_event Got event 3
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
Wed Dec 31 16:02:07 iPod-touch configd[9] <Notice>: WiFi: Display off.  Adjusting scan intervals for dim screen.
Wed Dec 31 16:02:07 iPod-touch configd[9] <Notice>:
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
      Kernel loadable modules in backtrace (with dependencies):
         com.apple.iokit.IOHIDFamily(1.5.2)@0xc03b6000->0xc03d1fff
unexpected CLCD interrupt: 00000001
Writing PMU register cmd 7 reg 48
Writing PMU register cmd 0 reg 48
Writing PMU register cmd 0 reg 49
Writing PMU register cmd 0 reg 49
ApplePinotLCD::_lcdEnable: enable: 0
ipod_touch_mipi_dsi_read: read invalid location 0x00000008.
turning off screen

GINTSTS=00000000 GINTMSK=00000000 DAINT=00000000 DAINTMSK=00000000 GNPTXSTS=ffffffff
DCFG=00000000 DCTL=00000000 DSTS=00000000
EP80 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP00 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP81 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP82 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP83 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP01 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP02 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000


GINTSTS=00000000 GINTMSK=00000000 DAINT=00000000 DAINTMSK=00000000 GNPTXSTS=ffffffff
DCFG=00000000 DCTL=00000000 DSTS=00000000
EP80 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP00 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP81 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP82 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP83 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP01 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP02 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000


GINTSTS=00000000 GINTMSK=00000000 DAINT=00000000 DAINTMSK=00000000 GNPTXSTS=ffffffff
DCFG=00000000 DCTL=00000000 DSTS=00000000
EP80 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP00 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP81 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP82 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP83 DIEPCTL=00000000 DIEPINT=00000000 DIEPTSIZ=00000000 DIEPDMA=00000000
EP01 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000
EP02 DOEPCTL=00000000 DOEPINT=00000000 DOEPTSIZ=00000000 DOEPDMA=00000000

Writing PMU register cmd 0 reg 64
Writing PMU register cmd 35 reg 64
Writing PMU register cmd 35 reg 64
Writing PMU register cmd 19 reg 64
Writing PMU register cmd 19 reg 92
Reading PMU register 19
Reading PMU register 20
Reading PMU register 21
Reading PMU register 22
Writing PMU register cmd 23 reg 80
Writing PMU register cmd 113 reg 80
Writing PMU register cmd 0 reg 80
Writing PMU register cmd 0 reg 80
Writing PMU register cmd 1 reg 80
Writing PMU register cmd 1 reg 80
Writing PMU register cmd 70 reg 80
Writing PMU register cmd 0 reg 80
Writing PMU register cmd 0 reg 80
Writing PMU register cmd 2 reg 80
Writing PMU register cmd 1 reg 80
Writing PMU register cmd 70 reg 80
Writing PMU register cmd 70 reg 64
Writing PMU register cmd 35 reg 64
Writing PMU register cmd 35 reg 64
Writing PMU register cmd 19 reg 64
Registering: IOService:/AppleARMPE/dock/IOAccessoryManager
config(0): creating
Reading accelerometer register 32
Reading accelerometer register 33
Reading accelerometer register 34
+ AppleMPVDDriver[0xc0b60240]::setPowerStateGated()

kernel abort type 4: fault_type=0x3, fault_addr=0xec3fd01c
r0: 0xc0d77f40  r1: 0x00000000  r2: 0xec3fd000  r3: 0xffffffff
r4: 0xc05026fc  r5: 0x00000000  r6: 0xc0c4a050  r7: 0xea5dbec4
r8: 0xc04ff6f0  r9: 0xe030f510 r10: 0x00000000 r11: 0xc0b60240
12: 0xc018be50  sp: 0xc0c4a050  lr: 0xc04ff6b0  pc: 0xc04fef28
cpsr: 0x60000113 fsr: 0x00000808 far: 0xec3fd01c

Debugger message: Fatal Exception
OS version: 5F138
Kernel version: Darwin Kernel Version 9.4.1: Sun Aug 10 21:25:25 PDT 2008; root:xnu-1228.7.27~12/RELEASE_ARM_S5L8720X
iBoot version: iBoot-385.22
secure boot?: NO
Paniclog version: 1
Task 0xc09d6ce8: 1996 pages, 63 threads: pid 0: kernel_task
	thread 0xe030f510
		kernel backtrace: ea5dbd98
		  lr: 0xc00670b5  fp: 0xea5dbdc8
		  lr: 0xc00687bc  fp: 0xea5dbdd4
		  lr: 0xc0068cc8  fp: 0xea5dbe68
		  lr: 0xc006539c  fp: 0xea5dbec4
		  lr: 0xc04ff6b0  fp: 0xea5dbed4
		  lr: 0xc04ff734  fp: 0xea5dbee4
		  lr: 0xc016009b  fp: 0xea5dbf08
		  lr: 0xc05009e0  fp: 0xea5dbf28
		  lr: 0xc0158fe9  fp: 0xea5dbf64
		  lr: 0xc01591e7  fp: 0xea5dbf80
		  lr: 0xc00296e7  fp: 0xea5dbfa8
		  lr: 0xc00659f8  fp: 0x00000000

Task 0xc09d6b10: 113 pages, 3 threads: pid 1: launchd
Task 0xc09d6760: 361 pages, 3 threads: pid 8: lockdownd
Task 0xc09d6588: 448 pages, 4 threads: pid 9: configd
Task 0xc09d61d8: 2300 pages, 10 threads: pid 10: SpringBoard
Task 0xc09d6000: 94 pages, 2 threads: pid 11: notifyd
Memory access exception (1,0,0)
ethernet MAC address: 73:65:72:69:61:6c
ip address: 190.186.173.171

Waiting for remote debugger connection.

Please run: ~luna/bin/panicDebug -a arm localhost

Run Command:

./qemu-ios/build/arm-softmmu/qemu-system-arm -M iPod-Touch,bootrom=./bootrom_240_4,nand=./nand/,nor=./nor_n72ap.bin -serial mon:stdio -cpu max -m 2G -d unimp

(For the sake of testing, I did also try running the command inside the build directory and providing absolute paths to the bootrom/nand/nor.)

Full log as well, if needed: qemu.log

NinjaCheetah avatar Feb 18 '25 01:02 NinjaCheetah

You need to disable auto sleep in settings. Home screen is unreachable right now

daniilfigasystems avatar Feb 18 '25 04:02 daniilfigasystems