.

t/qemu-runlinux

 #!/bin/sh -e
-# qemu-runlinux <kernel>
+# qemu-runlinux <kernel> <program> ...
 # run kernel in QEMU with root fs taken from host
 #
 # Useful to test/debug just compiled kernel via running programs
 # edited/compiled on host.
 
+# pid=1: we are running inside booted kernel as init.
+# mount /sys /proc etc and tail to the program.
+
+qshutdown() {
+	echo 1 >/proc/sys/kernel/sysrq
+	echo o >/proc/sysrq-trigger	# shutdown
+
+}
+
+qdie() {
+	echo "E: $*" 1>&2
+	qshutdown
+	sleep 1d # give time for shutdown to happen
+	exit 1	 # just in case
+}
+
+if [ $$ == 1 ]; then
+	echo "qinit ..."
+	mount -t sysfs      none /sys
+	mount -t debugfs    none /sys/kernel/debug
+	#mount -t bpf        none /sys/fs/bpf
+	mount -t proc       none /proc
+	mount -t devpts     none /dev/pts
+	mount -t mqueue     none /dev/mqueue
+	mount -t hugetlbfs  none /dev/hugepages
+	# XXX securityfs
+	# XXX udev?
+
+	mount -t tmpfs  none /dev/shm
+	mount -t tmpfs	none /run
+	mkdir /run/lock
+	mount -t tmpfs	none /run/lock
+	mount -t tmpfs	none /tmp
+
+	qrun=`grep -o 'QRUN=.*$' /proc/cmdline` || qdie "QRUN=?"
+	qrun=${qrun#QRUN=}	# QRUN=prog -> prog
+	test -n "$qrun" || qdie "QRUN empty"
+	set +e
+	$qrun
+	echo "exit code: $?"
+
+	qshutdown
+	qdie "unreachable"
+fi
+
 kernel=$1
 arch=`uname -m`
 test -z "$kernel" && kernel=arch/$arch/boot/bzImage
 
+shift
+prog="$@"
+
 
 # may be also useful:
 #   -serial  stdio
@@ -30,13 +78,13 @@ test -z "$kernel" && kernel=arch/$arch/boot/bzImage
 #   http://stackoverflow.com/questions/11408041/kernel-debugging-with-gdb-and-qemu
 qemu-system-$arch   \
     -enable-kvm \
+    -nographic	\
  \
     -fsdev  local,id=R,path=/,security_model=none,readonly  \
     -device virtio-9p-pci,fsdev=R,mount_tag=/dev/root   \
  \
     -kernel $kernel \
-    -append "ro rootfstype=9p rootflags=trans=virtio  console=ttyS0 init=/home/kirr/init.sh"
-
+    -append "ro rootfstype=9p rootflags=trans=virtio  console=ttyS0 init=$(realpath $0) QRUN=$prog"
 
 
 # \