Hello,
As the subject says, kvm crashes for me, when I'm trying to use an
Aladdin HASP USB dongle.
Short background: for over a year I have used kvm to run a Windows XP
Professional 32bit SP2 install with the EnCase software package, which
requires an Aladdin HASP USB dongle. The last working installation
used Debian unstable's kvm-72 and qemu 0.10.5 packages, together with
linux 2.6.29.4 (and Win XP 32 bit SP2, EnCase 6.13 (I have prevoiusly
also successfully used EnCase 4.22a with an older Aladdin HASP USB
dongle)). In an attempt to increase disk performance I upgraded to
kvm-87, and then my problems began.
Running kvm-87 works fine up until the point when the Aladdin HASP
driver wants to talk to the dongle. For example, I did one test run
with a clean Windows install where I installed EnCase 6.13 and the
dongle drivers, started up EnCase in Acquisition Mode, acquired the
running virtual hard disk while playing Solitaire (to keep both disk
and graphics going), and it went fine. Then, when I enter "usb_add
host:0529:0001" in the qemu monitor it takes somewhere between a few
seconds up to a minute or two before kvm crashes and dumps core.
Only installing the drivers without entering "usb_add host:0529:0001"
in the qemu monitor does not cause problems, I can keep on using the
system (as just described in previous paragraph).
Only entering "usb_add host:0529:0001" in the qemu monitor (and then
having "Found new hardware" pop up and selecting "Cancel") without
having the drivers installed does not cause problems, I can keep on
using the system.
I have tried out the things described at http://www.linux-kvm.org/page/Bugs ;
-no-kvm-irqchip and -no-kvm-pit only slows the system down, it still crashes.
-no-kvm crashes on startup (see the attached file crash3.txt).
All these test runs make me guess that the problem lies somewhere in
kvm's USB code, and is triggered by the Aladdin HASP drivers, unless
there is something fundamentally wrong with my install (the immediate
crash with -no-kvm might indicate that). I can however see nothing
obviously wrong with my install and therefore suspect kvm.
Three files, describing three different test runs (including gdb
backtraces) which all crash at some point, are attached to this mail.
They are generated on a Fujitsu Siemens Celsius workstation with an
"Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz" (according to /proc/cpuinfo),
4GB RAM, running Linux 2.6.30 x86_64, and kvm-87 and qemu-kvm-0.10.5
downloaded from Sourceforce using the link on
http://www.linux-kvm.org/page/Downloads . No Debian kvm or qemu
packages installed, and I have made sure that I really use the kvm-87
kernel modules and not the ones that come with the kernel.
The exact same problems also show up when running the same kvm/qemu
versions and the same virtualized versions (of Win and EnCase), and on
both Linux 2.6.29.4 and 2.6.30, on a HP ProLiant DL380 G5 with 12GB
RAM and an Intel Xeon 5160 (don't know if it's a quad core or two dual
cores; in any case, it's four cores total). That is the intended
production system, and the system on which I have successfully been
running Windows and EnCase on older kvm versions (kvm-72 is working, I
don't remember if I've used any version before that).
qemu-kvm-0.10.5 is installed like this:
./configure
make
make install
kvm-87 is installed like this:
./configure --enable-debug
make
make install
I see nothing wrong with those installation methods, although I get no
"kvm" binary, and instead have to use qemu-system-x86_64 to run.
I'd be happy to do more test runs using any flags you want me to try
in order to pin this problem down. Unless, of course, I've done
something wrong, in which case I will gladly receive instructions on
how to correctly use kvm to get this working (but it's working with
kvm-72...). I have already tried several earlier versions of kvm such
as Debian unstable's kvm-85, kvm-83, and kvm-79, using the kvm modules
from the kernel tree, and they all crash too. But kvm-72 works with
the kvm modules from the kernel.
I can also supply more output from kvm compilation, kernel config etc.
in case that would be of any help.
Thanks in advance.
Scenario: install EnCase 6.13, acquire the virtual hd in which we are running
while playing minesweeper and solitaire. No problems until I enter
usb_add host:0529:0001
in the qemu monitor.
% qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic
-net user -usb -usbdevice tablet -monitor stdio
QEMU 0.10.50 monitor - type 'help' for more information
(qemu) usb_add host:0529:0001
husb: using sys file-system with /dev/bus/usb
husb: open device 4.4
husb: config #1 need -1
husb: 1 interfaces claimed for configuration 1
husb: grabbed usb device 4.4
(qemu) husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
Segmentation fault (core dumped)
% gdb /usr/local/bin/qemu-system-x86_64
core-qemu-system-x86-20592-1000-1000-11-1246535207
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
warning: core file may not match specified executable file.
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
[snip]
Loaded symbols for /usr/lib/libXfixes.so.3
Core was generated by `qemu-system-x86_64 -no-acpi -hda
WinXP_eng_32bit_kvm87.img -m 4096 -net nic -ne'.
Program terminated with signal 11, Segmentation fault.
[New process 20592]
[New process 20676]
[New process 20593]
#0 0x00000000004c1f2a in async_complete (opaque=0x1fb0010) at usb-linux.c:271
271 p->len = aurb->urb.actual_length;
(gdb) info threads
3 process 20593 0x00007fa004671977 in ioctl () from /lib/libc.so.6
2 process 20676 0x00007fa005552ded in pthread_cond_timedwait@@GLIBC_2.3.2 ()
from /lib/libpthread.so.0
* 1 process 20592 0x00000000004c1f2a in async_complete (opaque=0x1fb0010)
at usb-linux.c:271
(gdb) thread 3
[Switching to thread 3 (process 20593)]#0 0x00007fa004671977 in ioctl ()
from /lib/libc.so.6
(gdb) bt
#0 0x00007fa004671977 in ioctl () from /lib/libc.so.6
#1 0x000000000053ee66 in kvm_run (vcpu=0xd67560, env=0xd552a0)
at /usr/src/kvm-87/qemu-kvm.c:979
#2 0x00000000005401db in kvm_cpu_exec (env=0xd552a0)
at /usr/src/kvm-87/qemu-kvm.c:1745
#3 0x000000000054088d in kvm_main_loop_cpu (env=0xd552a0)
at /usr/src/kvm-87/qemu-kvm.c:1954
#4 0x00000000005409ab in ap_main_loop (_env=0xd552a0)
at /usr/src/kvm-87/qemu-kvm.c:1989
#5 0x00007fa00554ef7a in start_thread () from /lib/libpthread.so.0
#6 0x00007fa004678a4d in clone () from /lib/libc.so.6
#7 0x0000000000000000 in ?? ()
(gdb) thread 2
[Switching to thread 2 (process 20676)]#0 0x00007fa005552ded in
pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
(gdb) bt
#0 0x00007fa005552ded in pthread_cond_timedwait@@GLIBC_2.3.2 ()
from /lib/libpthread.so.0
#1 0x00000000004aa9ae in cond_timedwait (cond=0xbd3340, mutex=0xbd3300,
ts=0x7f9efdb5d030) at posix-aio-compat.c:68
#2 0x00000000004aaf96 in aio_thread (unused=0x0) at posix-aio-compat.c:301
#3 0x00007fa00554ef7a in start_thread () from /lib/libpthread.so.0
#4 0x00007fa004678a4d in clone () from /lib/libc.so.6
#5 0x0000000000000000 in ?? ()
(gdb) thread 1
[Switching to thread 1 (process 20592)]#0 0x00000000004c1f2a in async_complete
(opaque=0x1fb0010) at usb-linux.c:271
271 p->len = aurb->urb.actual_length;
(gdb) bt
#0 0x00000000004c1f2a in async_complete (opaque=0x1fb0010) at usb-linux.c:271
#1 0x000000000040def9 in main_loop_wait (timeout=1000)
at /usr/src/kvm-87/vl.c:4329
#2 0x0000000000540d8f in kvm_main_loop () at /usr/src/kvm-87/qemu-kvm.c:2139
#3 0x000000000040e56e in main_loop () at /usr/src/kvm-87/vl.c:4537
#4 0x0000000000411a6c in main (argc=15, argv=0x7fff3277d378,
envp=0x7fff3277d3f8) at /usr/src/kvm-87/vl.c:6419
Scenario: enter
usb_add host:0529:0001
in the qemu monitor directly after bootup, then install the Aladdin HASP SRM
drivers (version 5.70). kvm crashes while Windows is popping up bubbles in
lower right corner about new hardware, just towards the end of the driver
installation.
% qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic
-net user -usb -usbdevice tablet -monitor stdio
QEMU 0.10.50 monitor - type 'help' for more information
(qemu) usb_add host:0529:0001
husb: using sys file-system with /dev/bus/usb
husb: open device 4.4
husb: config #1 need -1
husb: 1 interfaces claimed for configuration 1
husb: grabbed usb device 4.4
(qemu) husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
Segmentation fault (core dumped)
% gdb /usr/local/bin/qemu-system-x86_64
core-qemu-system-x86-20727-1000-1000-11-1246538055
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
warning: core file may not match specified executable file.
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libm.so.6...done.
[snip]
Loaded symbols for /usr/lib/libXfixes.so.3
Core was generated by `qemu-system-x86_64 -no-acpi -hda
WinXP_eng_32bit_kvm87.img -m 4096 -net nic -ne'.
Program terminated with signal 11, Segmentation fault.
[New process 20727]
[New process 20732]
[New process 20728]
#0 0x00000000004c1f2a in async_complete (opaque=0x13aa010) at usb-linux.c:271
271 p->len = aurb->urb.actual_length;
(gdb) info threads
3 process 20728 0x00007f6c7ae3a977 in ioctl () from /lib/libc.so.6
2 process 20732 0x00007f6c7bd1bded in pthread_cond_timedwait@@GLIBC_2.3.2 ()
from /lib/libpthread.so.0
* 1 process 20727 0x00000000004c1f2a in async_complete (opaque=0x13aa010)
at usb-linux.c:271
(gdb) thread 3
[Switching to thread 3 (process 20728)]#0 0x00007f6c7ae3a977 in ioctl ()
from /lib/libc.so.6
(gdb) bt
#0 0x00007f6c7ae3a977 in ioctl () from /lib/libc.so.6
#1 0x000000000053ee66 in kvm_run (vcpu=0xf3d560, env=0xf2b2a0)
at /usr/src/kvm-87/qemu-kvm.c:979
#2 0x00000000005401db in kvm_cpu_exec (env=0xf2b2a0)
at /usr/src/kvm-87/qemu-kvm.c:1745
#3 0x000000000054088d in kvm_main_loop_cpu (env=0xf2b2a0)
at /usr/src/kvm-87/qemu-kvm.c:1954
#4 0x00000000005409ab in ap_main_loop (_env=0xf2b2a0)
at /usr/src/kvm-87/qemu-kvm.c:1989
#5 0x00007f6c7bd17f7a in start_thread () from /lib/libpthread.so.0
#6 0x00007f6c7ae41a4d in clone () from /lib/libc.so.6
#7 0x0000000000000000 in ?? ()
(gdb) thread 2
[Switching to thread 2 (process 20732)]#0 0x00007f6c7bd1bded in
pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
(gdb) bt
#0 0x00007f6c7bd1bded in pthread_cond_timedwait@@GLIBC_2.3.2 ()
from /lib/libpthread.so.0
#1 0x00000000004aa9ae in cond_timedwait (cond=0xbd3340, mutex=0xbd3300,
ts=0x7f6b74326030) at posix-aio-compat.c:68
#2 0x00000000004aaf96 in aio_thread (unused=0x0) at posix-aio-compat.c:301
#3 0x00007f6c7bd17f7a in start_thread () from /lib/libpthread.so.0
#4 0x00007f6c7ae41a4d in clone () from /lib/libc.so.6
#5 0x0000000000000000 in ?? ()
(gdb) thread 1
[Switching to thread 1 (process 20727)]#0 0x00000000004c1f2a in async_complete
(opaque=0x13aa010) at usb-linux.c:271
271 p->len = aurb->urb.actual_length;
(gdb) bt
#0 0x00000000004c1f2a in async_complete (opaque=0x13aa010) at usb-linux.c:271
#1 0x000000000040def9 in main_loop_wait (timeout=1000)
at /usr/src/kvm-87/vl.c:4329
#2 0x0000000000540d8f in kvm_main_loop () at /usr/src/kvm-87/qemu-kvm.c:2139
#3 0x000000000040e56e in main_loop () at /usr/src/kvm-87/vl.c:4537
#4 0x0000000000411a6c in main (argc=15, argv=0x7fffa2d41218,
envp=0x7fffa2d41298) at /usr/src/kvm-87/vl.c:6419
Scenario: starting with -no-kvm, crashes before it even displays a window.
% qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic
-net user -usb -usbdevice tablet -monitor stdio -no-kvm
QEMU 0.10.50 monitor - type 'help' for more information
(qemu) Segmentation fault (core dumped)
% gdb /usr/local/bin/qemu-system-x86_64
core-qemu-system-x86-20721-1000-1000-11-1246537720
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
warning: core file may not match specified executable file.
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /usr/lib/libz.so.1...done.
[snip]
Loaded symbols for /usr/lib/libXfixes.so.3
Core was generated by `qemu-system-x86_64 -no-acpi -hda
WinXP_eng_32bit_kvm87.img -m 4096 -net nic -ne'.
Program terminated with signal 11, Segmentation fault.
[New process 20721]
[New process 20722]
#0 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010, n=0,
page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142
1142 tb->page_next[n] = p->first_tb;
(gdb) info threads
2 process 20722 0x00007fbab644aded in pthread_cond_timedwait@@GLIBC_2.3.2 ()
from /lib/libpthread.so.0
* 1 process 20721 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010,
n=0, page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142
(gdb) thread 2
[Switching to thread 2 (process 20722)]#0 0x00007fbab644aded in
pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
(gdb) bt
#0 0x00007fbab644aded in pthread_cond_timedwait@@GLIBC_2.3.2 ()
from /lib/libpthread.so.0
#1 0x00000000004aa9ae in cond_timedwait (cond=0xbd3340, mutex=0xbd3300,
ts=0x7fb97d173030) at posix-aio-compat.c:68
#2 0x00000000004aaf96 in aio_thread (unused=0x0) at posix-aio-compat.c:301
#3 0x00007fbab6446f7a in start_thread () from /lib/libpthread.so.0
#4 0x00007fbab5570a4d in clone () from /lib/libc.so.6
#5 0x0000000000000000 in ?? ()
(gdb) thread 1
[Switching to thread 1 (process 20721)]#0 0x000000000050f82d in tb_alloc_page
(tb=0x7fba7df6c010, n=0, page_addr=4295094272)
at /usr/src/kvm-87/exec.c:1142
1142 tb->page_next[n] = p->first_tb;
(gdb) bt
#0 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010, n=0,
page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142
#1 0x000000000050f75e in tb_link_phys (tb=0x7fba7df6c010, phys_pc=4295098352,
phys_page2=18446744073709551615) at /usr/src/kvm-87/exec.c:1232
#2 0x000000000050f0a4 in tb_gen_code (env=0x11f8400, pc=4294967280,
cs_base=4294901760, flags=68, cflags=0) at /usr/src/kvm-87/exec.c:930
#3 0x0000000000515a6d in tb_find_slow (pc=4294967280, cs_base=4294901760,
flags=68) at /usr/src/kvm-87/cpu-exec.c:169
#4 0x00000000005166d2 in tb_find_fast () at /usr/src/kvm-87/cpu-exec.c:190
#5 0x0000000000516358 in cpu_x86_exec (env1=0x11f8400)
at /usr/src/kvm-87/cpu-exec.c:604
#6 0x000000000040e1b7 in qemu_cpu_exec (env=0x11f8400)
at /usr/src/kvm-87/vl.c:4403
#7 0x000000000040e29b in tcg_cpu_exec () at /usr/src/kvm-87/vl.c:4434
#8 0x000000000040e57d in main_loop () at /usr/src/kvm-87/vl.c:4553
#9 0x0000000000411a6c in main (argc=16, argv=0x7fff7c1f1428,
envp=0x7fff7c1f14b0) at /usr/src/kvm-87/vl.c:6419
