Hello, As the subject says, kvm crashes for me, when I'm trying to use an Aladdin HASP USB dongle. Short background: for over a year I have used kvm to run a Windows XP Professional 32bit SP2 install with the EnCase software package, which requires an Aladdin HASP USB dongle. The last working installation used Debian unstable's kvm-72 and qemu 0.10.5 packages, together with linux 2.6.29.4 (and Win XP 32 bit SP2, EnCase 6.13 (I have prevoiusly also successfully used EnCase 4.22a with an older Aladdin HASP USB dongle)). In an attempt to increase disk performance I upgraded to kvm-87, and then my problems began. Running kvm-87 works fine up until the point when the Aladdin HASP driver wants to talk to the dongle. For example, I did one test run with a clean Windows install where I installed EnCase 6.13 and the dongle drivers, started up EnCase in Acquisition Mode, acquired the running virtual hard disk while playing Solitaire (to keep both disk and graphics going), and it went fine. Then, when I enter "usb_add host:0529:0001" in the qemu monitor it takes somewhere between a few seconds up to a minute or two before kvm crashes and dumps core. Only installing the drivers without entering "usb_add host:0529:0001" in the qemu monitor does not cause problems, I can keep on using the system (as just described in previous paragraph). Only entering "usb_add host:0529:0001" in the qemu monitor (and then having "Found new hardware" pop up and selecting "Cancel") without having the drivers installed does not cause problems, I can keep on using the system. I have tried out the things described at http://www.linux-kvm.org/page/Bugs ; -no-kvm-irqchip and -no-kvm-pit only slows the system down, it still crashes. -no-kvm crashes on startup (see the attached file crash3.txt). All these test runs make me guess that the problem lies somewhere in kvm's USB code, and is triggered by the Aladdin HASP drivers, unless there is something fundamentally wrong with my install (the immediate crash with -no-kvm might indicate that). I can however see nothing obviously wrong with my install and therefore suspect kvm. Three files, describing three different test runs (including gdb backtraces) which all crash at some point, are attached to this mail. They are generated on a Fujitsu Siemens Celsius workstation with an "Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz" (according to /proc/cpuinfo), 4GB RAM, running Linux 2.6.30 x86_64, and kvm-87 and qemu-kvm-0.10.5 downloaded from Sourceforce using the link on http://www.linux-kvm.org/page/Downloads . No Debian kvm or qemu packages installed, and I have made sure that I really use the kvm-87 kernel modules and not the ones that come with the kernel. The exact same problems also show up when running the same kvm/qemu versions and the same virtualized versions (of Win and EnCase), and on both Linux 2.6.29.4 and 2.6.30, on a HP ProLiant DL380 G5 with 12GB RAM and an Intel Xeon 5160 (don't know if it's a quad core or two dual cores; in any case, it's four cores total). That is the intended production system, and the system on which I have successfully been running Windows and EnCase on older kvm versions (kvm-72 is working, I don't remember if I've used any version before that). qemu-kvm-0.10.5 is installed like this: ./configure make make install kvm-87 is installed like this: ./configure --enable-debug make make install I see nothing wrong with those installation methods, although I get no "kvm" binary, and instead have to use qemu-system-x86_64 to run. I'd be happy to do more test runs using any flags you want me to try in order to pin this problem down. Unless, of course, I've done something wrong, in which case I will gladly receive instructions on how to correctly use kvm to get this working (but it's working with kvm-72...). I have already tried several earlier versions of kvm such as Debian unstable's kvm-85, kvm-83, and kvm-79, using the kvm modules from the kernel tree, and they all crash too. But kvm-72 works with the kvm modules from the kernel. I can also supply more output from kvm compilation, kernel config etc. in case that would be of any help. Thanks in advance.
Scenario: install EnCase 6.13, acquire the virtual hd in which we are running while playing minesweeper and solitaire. No problems until I enter usb_add host:0529:0001 in the qemu monitor. % qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic -net user -usb -usbdevice tablet -monitor stdio QEMU 0.10.50 monitor - type 'help' for more information (qemu) usb_add host:0529:0001 husb: using sys file-system with /dev/bus/usb husb: open device 4.4 husb: config #1 need -1 husb: 1 interfaces claimed for configuration 1 husb: grabbed usb device 4.4 (qemu) husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 Segmentation fault (core dumped) % gdb /usr/local/bin/qemu-system-x86_64 core-qemu-system-x86-20592-1000-1000-11-1246535207 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu"... warning: core file may not match specified executable file. warning: Can't read pathname for load map: Input/output error. Reading symbols from /lib/libm.so.6...done. Loaded symbols for /lib/libm.so.6 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 [snip] Loaded symbols for /usr/lib/libXfixes.so.3 Core was generated by `qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic -ne'. Program terminated with signal 11, Segmentation fault. [New process 20592] [New process 20676] [New process 20593] #0 0x00000000004c1f2a in async_complete (opaque=0x1fb0010) at usb-linux.c:271 271 p->len = aurb->urb.actual_length; (gdb) info threads 3 process 20593 0x00007fa004671977 in ioctl () from /lib/libc.so.6 2 process 20676 0x00007fa005552ded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 * 1 process 20592 0x00000000004c1f2a in async_complete (opaque=0x1fb0010) at usb-linux.c:271 (gdb) thread 3 [Switching to thread 3 (process 20593)]#0 0x00007fa004671977 in ioctl () from /lib/libc.so.6 (gdb) bt #0 0x00007fa004671977 in ioctl () from /lib/libc.so.6 #1 0x000000000053ee66 in kvm_run (vcpu=0xd67560, env=0xd552a0) at /usr/src/kvm-87/qemu-kvm.c:979 #2 0x00000000005401db in kvm_cpu_exec (env=0xd552a0) at /usr/src/kvm-87/qemu-kvm.c:1745 #3 0x000000000054088d in kvm_main_loop_cpu (env=0xd552a0) at /usr/src/kvm-87/qemu-kvm.c:1954 #4 0x00000000005409ab in ap_main_loop (_env=0xd552a0) at /usr/src/kvm-87/qemu-kvm.c:1989 #5 0x00007fa00554ef7a in start_thread () from /lib/libpthread.so.0 #6 0x00007fa004678a4d in clone () from /lib/libc.so.6 #7 0x0000000000000000 in ?? () (gdb) thread 2 [Switching to thread 2 (process 20676)]#0 0x00007fa005552ded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 (gdb) bt #0 0x00007fa005552ded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 #1 0x00000000004aa9ae in cond_timedwait (cond=0xbd3340, mutex=0xbd3300, ts=0x7f9efdb5d030) at posix-aio-compat.c:68 #2 0x00000000004aaf96 in aio_thread (unused=0x0) at posix-aio-compat.c:301 #3 0x00007fa00554ef7a in start_thread () from /lib/libpthread.so.0 #4 0x00007fa004678a4d in clone () from /lib/libc.so.6 #5 0x0000000000000000 in ?? () (gdb) thread 1 [Switching to thread 1 (process 20592)]#0 0x00000000004c1f2a in async_complete (opaque=0x1fb0010) at usb-linux.c:271 271 p->len = aurb->urb.actual_length; (gdb) bt #0 0x00000000004c1f2a in async_complete (opaque=0x1fb0010) at usb-linux.c:271 #1 0x000000000040def9 in main_loop_wait (timeout=1000) at /usr/src/kvm-87/vl.c:4329 #2 0x0000000000540d8f in kvm_main_loop () at /usr/src/kvm-87/qemu-kvm.c:2139 #3 0x000000000040e56e in main_loop () at /usr/src/kvm-87/vl.c:4537 #4 0x0000000000411a6c in main (argc=15, argv=0x7fff3277d378, envp=0x7fff3277d3f8) at /usr/src/kvm-87/vl.c:6419
Scenario: enter usb_add host:0529:0001 in the qemu monitor directly after bootup, then install the Aladdin HASP SRM drivers (version 5.70). kvm crashes while Windows is popping up bubbles in lower right corner about new hardware, just towards the end of the driver installation. % qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic -net user -usb -usbdevice tablet -monitor stdio QEMU 0.10.50 monitor - type 'help' for more information (qemu) usb_add host:0529:0001 husb: using sys file-system with /dev/bus/usb husb: open device 4.4 husb: config #1 need -1 husb: 1 interfaces claimed for configuration 1 husb: grabbed usb device 4.4 (qemu) husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 husb: config #1 need 1 husb: 1 interfaces claimed for configuration 1 Segmentation fault (core dumped) % gdb /usr/local/bin/qemu-system-x86_64 core-qemu-system-x86-20727-1000-1000-11-1246538055 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu"... warning: core file may not match specified executable file. warning: Can't read pathname for load map: Input/output error. Reading symbols from /lib/libm.so.6...done. [snip] Loaded symbols for /usr/lib/libXfixes.so.3 Core was generated by `qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic -ne'. Program terminated with signal 11, Segmentation fault. [New process 20727] [New process 20732] [New process 20728] #0 0x00000000004c1f2a in async_complete (opaque=0x13aa010) at usb-linux.c:271 271 p->len = aurb->urb.actual_length; (gdb) info threads 3 process 20728 0x00007f6c7ae3a977 in ioctl () from /lib/libc.so.6 2 process 20732 0x00007f6c7bd1bded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 * 1 process 20727 0x00000000004c1f2a in async_complete (opaque=0x13aa010) at usb-linux.c:271 (gdb) thread 3 [Switching to thread 3 (process 20728)]#0 0x00007f6c7ae3a977 in ioctl () from /lib/libc.so.6 (gdb) bt #0 0x00007f6c7ae3a977 in ioctl () from /lib/libc.so.6 #1 0x000000000053ee66 in kvm_run (vcpu=0xf3d560, env=0xf2b2a0) at /usr/src/kvm-87/qemu-kvm.c:979 #2 0x00000000005401db in kvm_cpu_exec (env=0xf2b2a0) at /usr/src/kvm-87/qemu-kvm.c:1745 #3 0x000000000054088d in kvm_main_loop_cpu (env=0xf2b2a0) at /usr/src/kvm-87/qemu-kvm.c:1954 #4 0x00000000005409ab in ap_main_loop (_env=0xf2b2a0) at /usr/src/kvm-87/qemu-kvm.c:1989 #5 0x00007f6c7bd17f7a in start_thread () from /lib/libpthread.so.0 #6 0x00007f6c7ae41a4d in clone () from /lib/libc.so.6 #7 0x0000000000000000 in ?? () (gdb) thread 2 [Switching to thread 2 (process 20732)]#0 0x00007f6c7bd1bded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 (gdb) bt #0 0x00007f6c7bd1bded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 #1 0x00000000004aa9ae in cond_timedwait (cond=0xbd3340, mutex=0xbd3300, ts=0x7f6b74326030) at posix-aio-compat.c:68 #2 0x00000000004aaf96 in aio_thread (unused=0x0) at posix-aio-compat.c:301 #3 0x00007f6c7bd17f7a in start_thread () from /lib/libpthread.so.0 #4 0x00007f6c7ae41a4d in clone () from /lib/libc.so.6 #5 0x0000000000000000 in ?? () (gdb) thread 1 [Switching to thread 1 (process 20727)]#0 0x00000000004c1f2a in async_complete (opaque=0x13aa010) at usb-linux.c:271 271 p->len = aurb->urb.actual_length; (gdb) bt #0 0x00000000004c1f2a in async_complete (opaque=0x13aa010) at usb-linux.c:271 #1 0x000000000040def9 in main_loop_wait (timeout=1000) at /usr/src/kvm-87/vl.c:4329 #2 0x0000000000540d8f in kvm_main_loop () at /usr/src/kvm-87/qemu-kvm.c:2139 #3 0x000000000040e56e in main_loop () at /usr/src/kvm-87/vl.c:4537 #4 0x0000000000411a6c in main (argc=15, argv=0x7fffa2d41218, envp=0x7fffa2d41298) at /usr/src/kvm-87/vl.c:6419
Scenario: starting with -no-kvm, crashes before it even displays a window. % qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic -net user -usb -usbdevice tablet -monitor stdio -no-kvm QEMU 0.10.50 monitor - type 'help' for more information (qemu) Segmentation fault (core dumped) % gdb /usr/local/bin/qemu-system-x86_64 core-qemu-system-x86-20721-1000-1000-11-1246537720 GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu"... warning: core file may not match specified executable file. warning: Can't read pathname for load map: Input/output error. Reading symbols from /lib/libm.so.6...done. Loaded symbols for /lib/libm.so.6 Reading symbols from /usr/lib/libz.so.1...done. [snip] Loaded symbols for /usr/lib/libXfixes.so.3 Core was generated by `qemu-system-x86_64 -no-acpi -hda WinXP_eng_32bit_kvm87.img -m 4096 -net nic -ne'. Program terminated with signal 11, Segmentation fault. [New process 20721] [New process 20722] #0 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010, n=0, page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142 1142 tb->page_next[n] = p->first_tb; (gdb) info threads 2 process 20722 0x00007fbab644aded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 * 1 process 20721 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010, n=0, page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142 (gdb) thread 2 [Switching to thread 2 (process 20722)]#0 0x00007fbab644aded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 (gdb) bt #0 0x00007fbab644aded in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0 #1 0x00000000004aa9ae in cond_timedwait (cond=0xbd3340, mutex=0xbd3300, ts=0x7fb97d173030) at posix-aio-compat.c:68 #2 0x00000000004aaf96 in aio_thread (unused=0x0) at posix-aio-compat.c:301 #3 0x00007fbab6446f7a in start_thread () from /lib/libpthread.so.0 #4 0x00007fbab5570a4d in clone () from /lib/libc.so.6 #5 0x0000000000000000 in ?? () (gdb) thread 1 [Switching to thread 1 (process 20721)]#0 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010, n=0, page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142 1142 tb->page_next[n] = p->first_tb; (gdb) bt #0 0x000000000050f82d in tb_alloc_page (tb=0x7fba7df6c010, n=0, page_addr=4295094272) at /usr/src/kvm-87/exec.c:1142 #1 0x000000000050f75e in tb_link_phys (tb=0x7fba7df6c010, phys_pc=4295098352, phys_page2=18446744073709551615) at /usr/src/kvm-87/exec.c:1232 #2 0x000000000050f0a4 in tb_gen_code (env=0x11f8400, pc=4294967280, cs_base=4294901760, flags=68, cflags=0) at /usr/src/kvm-87/exec.c:930 #3 0x0000000000515a6d in tb_find_slow (pc=4294967280, cs_base=4294901760, flags=68) at /usr/src/kvm-87/cpu-exec.c:169 #4 0x00000000005166d2 in tb_find_fast () at /usr/src/kvm-87/cpu-exec.c:190 #5 0x0000000000516358 in cpu_x86_exec (env1=0x11f8400) at /usr/src/kvm-87/cpu-exec.c:604 #6 0x000000000040e1b7 in qemu_cpu_exec (env=0x11f8400) at /usr/src/kvm-87/vl.c:4403 #7 0x000000000040e29b in tcg_cpu_exec () at /usr/src/kvm-87/vl.c:4434 #8 0x000000000040e57d in main_loop () at /usr/src/kvm-87/vl.c:4553 #9 0x0000000000411a6c in main (argc=16, argv=0x7fff7c1f1428, envp=0x7fff7c1f14b0) at /usr/src/kvm-87/vl.c:6419