Unable to Boot Whonix-Workstation KVM

Nole · November 3, 2025, 8:16pm

Hi,

My Whonix-Workstation on QEMU/KVM (on Manjaro Linux) no longer boots.

It only booted the very first time, but after that it since hangs right after booting through the grub menu at the message sgx: There are zero EPC sections.

Whonix-Gateway also displays the same sgx message but it proceeds to boot normally.

After removing loglevel=0 and quiet, messages showed that the system times out at the dracut-initqueue.service hook.

After a couple of minutes, it appears that the system runs some timeout scripts while trying to do something with an encrypted volume (?).

Anyway, after the encryption / timeout messages are spammed for another couple of minutes, I finally get to messages where the system appears to stop a number of services and unmount volumes.

Right after, a “system halted” message appears and the system stays completely hung there.

As someone running this exact setup with Whonix on KVM in the past, I have never experienced anything like this before.

Perhaps (if related) I do remember before reinstalling Whonix, my previous (very outdated) Whonix-Workstation would only boot into CLI, regardless of how much RAM was assigned.

Any ideas?

Note: Bear in mind this was a fresh install, and all I did at first boot was login as user and tried to run upgrade-nonroot, which did not work I’m guessing due to the new sysmaint user. My host machine is LUKS encrypted, but I did not encrypt anything in the VM.

arraybolt3 · November 4, 2025, 5:27am

Successfully reproduced the issue on Manjaro KDE. (Curiously, neither Fedora KDE nor Kubuntu 24.04 has this problem.) After a bit of inspection, it looks like something is corrupting the partition table on the workstation, specifically by corrupting the value that specifies the end location of the root partition. I’m not entirely sure why yet, but that seems to be what’s happening. (Maybe systemd-repart is misbehaving?)

edit: Gah, I was able to reproduce this one time and now subsequent attempts to reproduce are failing. Will need to do more research on this later. For now, my advice would be that if you encounter this, try deleting the Whonix-Workstation VM entirely, then define it from the XML file and copy the qcow2 image to /var/lib/libvirt/images as described in the documentation. On the first boot, boot into “PERSISTENT Mode | SYSMAINT Session”, then install updates from there and reboot into a user session. It’s possible this is a semi-random glitch.

Nole · November 7, 2025, 1:14am

I actually did that the following day;

I created a new Whonix-Workstation with a fresh qcow2 image and immediately booted into sysmaint. I ran all updates and rebooted but sadly I ended up at the same issue.

I’ll redo this once more with a new image and report back.

In the meantime, could you look a bit into what’s corrupting the partition table? That behaviour is quite strange.

Note: To whoever edited the title, I don’t think the issue is due to the sgx message. As mentioned above, I receive the exact message in Whonix-Gateway without issue.

Patrick · November 7, 2025, 2:36pm

Maybe applicable: KVM, VM disk corruption after first boot

Nole · November 10, 2025, 9:52pm

Thanks for sharing.

After a number of attempts, I am still getting the same results.

If useful, I have the output of upgrade-nonroot from first boot:

/usr/bin/upgrade-nonroot
Hit:1 tor+https://deb.kicksecure.com bookworm InRelease                        
Get:2 tor+https://fasttrack.debian.net/debian-fasttrack bookworm-fasttrack InRelease [12.9 kB]
Hit:3 tor+https://deb.whonix.org bookworm InRelease                 
Hit:4 tor+https://deb.debian.org/debian bookworm InRelease          
Get:5 tor+https://fasttrack.debian.net/debian-fasttrack bookworm-backports-staging InRelease [12.9 kB]
Hit:6 tor+https://deb.debian.org/debian bookworm-updates InRelease
Hit:7 tor+https://deb.debian.org/debian-security bookworm-security InRelease
Hit:8 tor+https://deb.debian.org/debian bookworm-backports InRelease
Fetched 25.8 kB in 3s (9968 B/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
  libgssdp-1.6-0 libgstreamer-plugins-bad1.0-0 libgupnp-1.6-0 libgupnp-igd-1.0-4 libnice10
Use 'sudo apt autoremove' to remove them.
The following NEW packages will be installed:
  linux-headers-6.1.0-40-amd64 linux-headers-6.1.0-40-common linux-image-6.1.0-40-amd64
The following packages will be upgraded:
  base-files bash bind9-dnsutils bind9-host bind9-libs curl dirmngr distro-info-data dnsutils e2fsprogs ffmpeg gnupg
  gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpg-wks-server gpgconf gpgsm gpgv gstreamer1.0-plugins-base
  gstreamer1.0-plugins-good init init-system-helpers jq kpartx legacy-dist libaom3 libarchive-tools libarchive13
  libavcodec59 libavdevice59 libavfilter8 libavformat59 libavutil57 libbotan-2-19 libbpf1 libc-bin libc-dev-bin libc-l10n
  libc6 libc6-dev libcap2 libcap2-bin libcjson1 libcom-err2 libcups2 libcurl3-gnutls libcurl4 libexpat1 libext2fs2
  libglib2.0-0 libglib2.0-bin libglib2.0-data libgssapi-krb5-2 libgstreamer-gl1.0-0 libgstreamer-plugins-base1.0-0
  libjavascriptcoregtk-4.1-0 libjq1 libk5crypto3 libkrb5-3 libkrb5support0 libopenjp2-7 libpam-systemd libperl5.36
  libpostproc56 libsndfile1 libsoup-3.0-0 libsoup-3.0-common libsqlite3-0 libss2 libssl3 libswresample4 libswscale6
  libsystemd-shared libsystemd0 libtheora0 libtiff6 libudev1 libudisks2-0 libwebkit2gtk-4.1-0 libxml2 libxslt1.1
  libyaml-libyaml-perl linux-compiler-gcc-12-x86 linux-headers-amd64 linux-image-amd64 linux-kbuild-6.1 linux-libc-dev
  locales logsave openssl perl perl-base perl-modules-5.36 python3-pkg-resources python3-setuptools systemd systemd-sysv
  tb-updater tzdata udev udisks2 xserver-common xserver-xorg-core zsh
107 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 907 kB/196 MB of archives.
After this operation, 475 MB of additional disk space will be used.
Do you want to continue? [Y/n] 
Get:1 tor+https://deb.debian.org/debian bookworm/main amd64 zsh amd64 5.9-4+b7 [907 kB]
Fetched 907 kB in 2s (564 kB/s)
Extracting templates from packages: 100%
Preconfiguring packages ...
(Reading database ... 100657 files and directories currently installed.)
Preparing to unpack .../base-files_12.4+deb12u12_amd64.deb ...
Unpacking base-files (12.4+deb12u12) over (12.4+deb12u11) ...
Setting up base-files (12.4+deb12u12) ...
Installing new version of config file /etc/debian_version ...
(Reading database ... 100657 files and directories currently installed.)
Preparing to unpack .../bash_5.2.15-2+b9_amd64.deb ...
Unpacking bash (5.2.15-2+b9) over (5.2.15-2+b8) ...
Setting up bash (5.2.15-2+b9) ...
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode
(Reading database ... 100657 files and directories currently installed.)
Preparing to unpack .../libperl5.36_5.36.0-7+deb12u3_amd64.deb ...
Unpacking libperl5.36:amd64 (5.36.0-7+deb12u3) over (5.36.0-7+deb12u2) ...
Preparing to unpack .../perl_5.36.0-7+deb12u3_amd64.deb ...
Unpacking perl (5.36.0-7+deb12u3) over (5.36.0-7+deb12u2) ...
Preparing to unpack .../perl-base_5.36.0-7+deb12u3_amd64.deb ...
Unpacking perl-base (5.36.0-7+deb12u3) over (5.36.0-7+deb12u2) ...
Setting up perl-base (5.36.0-7+deb12u3) ...
(Reading database ... 100657 files and directories currently installed.)
Preparing to unpack .../perl-modules-5.36_5.36.0-7+deb12u3_all.deb ...
Unpacking perl-modules-5.36 (5.36.0-7+deb12u3) over (5.36.0-7+deb12u2) ...
Preparing to unpack .../libc6-dev_2.36-9+deb12u13_amd64.deb ...
Unpacking libc6-dev:amd64 (2.36-9+deb12u13) over (2.36-9+deb12u10) ...
Preparing to unpack .../libc-dev-bin_2.36-9+deb12u13_amd64.deb ...
Unpacking libc-dev-bin (2.36-9+deb12u13) over (2.36-9+deb12u10) ...
Preparing to unpack .../linux-libc-dev_6.1.153-1_amd64.deb ...
Unpacking linux-libc-dev:amd64 (6.1.153-1) over (6.1.140-1) ...
Preparing to unpack .../libc6_2.36-9+deb12u13_amd64.deb ...
Unpacking libc6:amd64 (2.36-9+deb12u13) over (2.36-9+deb12u10) ...
Setting up libc6:amd64 (2.36-9+deb12u13) ...
(Reading database ... 100657 files and directories currently installed.)
Preparing to unpack .../init-system-helpers_1.65.2+deb12u1_all.deb ...
Unpacking init-system-helpers (1.65.2+deb12u1) over (1.65.2) ...
Setting up init-system-helpers (1.65.2+deb12u1) ...
(Reading database ... 100658 files and directories currently installed.)
Preparing to unpack .../libc-bin_2.36-9+deb12u13_amd64.deb ...
Unpacking libc-bin (2.36-9+deb12u13) over (2.36-9+deb12u10) ...
Setting up libc-bin (2.36-9+deb12u13) ...
(Reading database ... 100658 files and directories currently installed.)
Preparing to unpack .../logsave_1.47.0-2+b2_amd64.deb ...
Unpacking logsave (1.47.0-2+b2) over (1.47.0-2) ...
Preparing to unpack .../libext2fs2_1.47.0-2+b2_amd64.deb ...
Unpacking libext2fs2:amd64 (1.47.0-2+b2) over (1.47.0-2) ...
Setting up libext2fs2:amd64 (1.47.0-2+b2) ...
(Reading database ... 100660 files and directories currently installed.)
Preparing to unpack .../e2fsprogs_1.47.0-2+b2_amd64.deb ...
Unpacking e2fsprogs (1.47.0-2+b2) over (1.47.0-2) ...
Preparing to unpack .../init_1.65.2+deb12u1_amd64.deb ...
Unpacking init (1.65.2+deb12u1) over (1.65.2) ...
Preparing to unpack .../libcap2_1%3a2.66-4+deb12u2_amd64.deb ...
Unpacking libcap2:amd64 (1:2.66-4+deb12u2) over (1:2.66-4+deb12u1) ...
Setting up libcap2:amd64 (1:2.66-4+deb12u2) ...
(Reading database ... 100661 files and directories currently installed.)
Preparing to unpack .../systemd-sysv_252.39-1~deb12u1_amd64.deb ...
Unpacking systemd-sysv (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Preparing to unpack .../libpam-systemd_252.39-1~deb12u1_amd64.deb ...
Unpacking libpam-systemd:amd64 (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Preparing to unpack .../xserver-common_2%3a21.1.7-3+deb12u11_all.deb ...
Unpacking xserver-common (2:21.1.7-3+deb12u11) over (2:21.1.7-3+deb12u10) ...
Preparing to unpack .../libsystemd-shared_252.39-1~deb12u1_amd64.deb ...
Unpacking libsystemd-shared:amd64 (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Preparing to unpack .../libsystemd0_252.39-1~deb12u1_amd64.deb ...
Unpacking libsystemd0:amd64 (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Setting up libsystemd0:amd64 (252.39-1~deb12u1) ...
(Reading database ... 100661 files and directories currently installed.)
Preparing to unpack .../xserver-xorg-core_2%3a21.1.7-3+deb12u11_amd64.deb ...
Unpacking xserver-xorg-core (2:21.1.7-3+deb12u11) over (2:21.1.7-3+deb12u10) ...
Preparing to unpack .../systemd_252.39-1~deb12u1_amd64.deb ...
Unpacking systemd (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Preparing to unpack .../udev_252.39-1~deb12u1_amd64.deb ...
Unpacking udev (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Preparing to unpack .../libudev1_252.39-1~deb12u1_amd64.deb ...
Unpacking libudev1:amd64 (252.39-1~deb12u1) over (252.38-1~deb12u1) ...
Setting up libudev1:amd64 (252.39-1~deb12u1) ...
(Reading database ... 100662 files and directories currently installed.)
Preparing to unpack .../libssl3_3.0.17-1~deb12u3_amd64.deb ...
Unpacking libssl3:amd64 (3.0.17-1~deb12u3) over (3.0.17-1~deb12u2) ...
Preparing to unpack .../gpgv_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpgv (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Setting up gpgv (2.2.40-1.1+deb12u1) ...
(Reading database ... 100662 files and directories currently installed.)
Preparing to unpack .../00-tzdata_2025b-0+deb12u2_all.deb ...
Unpacking tzdata (2025b-0+deb12u2) over (2025b-0+deb12u1) ...
Preparing to unpack .../01-libgssapi-krb5-2_1.20.1-2+deb12u4_amd64.deb ...
Unpacking libgssapi-krb5-2:amd64 (1.20.1-2+deb12u4) over (1.20.1-2+deb12u3) ...
Preparing to unpack .../02-libkrb5-3_1.20.1-2+deb12u4_amd64.deb ...
Unpacking libkrb5-3:amd64 (1.20.1-2+deb12u4) over (1.20.1-2+deb12u3) ...
Preparing to unpack .../03-libkrb5support0_1.20.1-2+deb12u4_amd64.deb ...
Unpacking libkrb5support0:amd64 (1.20.1-2+deb12u4) over (1.20.1-2+deb12u3) ...
Preparing to unpack .../04-libk5crypto3_1.20.1-2+deb12u4_amd64.deb ...
Unpacking libk5crypto3:amd64 (1.20.1-2+deb12u4) over (1.20.1-2+deb12u3) ...
Preparing to unpack .../05-libcom-err2_1.47.0-2+b2_amd64.deb ...
Unpacking libcom-err2:amd64 (1.47.0-2+b2) over (1.47.0-2) ...
Preparing to unpack .../06-libxml2_2.9.14+dfsg-1.3~deb12u4_amd64.deb ...
Unpacking libxml2:amd64 (2.9.14+dfsg-1.3~deb12u4) over (2.9.14+dfsg-1.3~deb12u2) ...
Preparing to unpack .../07-bind9-host_1%3a9.18.41-1~deb12u1_amd64.deb ...
Unpacking bind9-host (1:9.18.41-1~deb12u1) over (1:9.18.33-1~deb12u2) ...
Preparing to unpack .../08-bind9-dnsutils_1%3a9.18.41-1~deb12u1_amd64.deb ...
Unpacking bind9-dnsutils (1:9.18.41-1~deb12u1) over (1:9.18.33-1~deb12u2) ...
Preparing to unpack .../09-bind9-libs_1%3a9.18.41-1~deb12u1_amd64.deb ...
Unpacking bind9-libs:amd64 (1:9.18.41-1~deb12u1) over (1:9.18.33-1~deb12u2) ...
Preparing to unpack .../10-libc-l10n_2.36-9+deb12u13_all.deb ...
Unpacking libc-l10n (2.36-9+deb12u13) over (2.36-9+deb12u10) ...
Preparing to unpack .../11-locales_2.36-9+deb12u13_all.deb ...
Unpacking locales (2.36-9+deb12u13) over (2.36-9+deb12u10) ...
Preparing to unpack .../12-curl_7.88.1-10+deb12u14_amd64.deb ...
Unpacking curl (7.88.1-10+deb12u14) over (7.88.1-10+deb12u12) ...
Preparing to unpack .../13-libcurl4_7.88.1-10+deb12u14_amd64.deb ...
Unpacking libcurl4:amd64 (7.88.1-10+deb12u14) over (7.88.1-10+deb12u12) ...
Preparing to unpack .../14-gpgsm_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpgsm (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../15-gpg-wks-client_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpg-wks-client (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../16-gpg-wks-server_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpg-wks-server (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../17-gpg_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpg (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../18-gnupg-utils_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gnupg-utils (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../19-gnupg-l10n_2.2.40-1.1+deb12u1_all.deb ...
Unpacking gnupg-l10n (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../20-dirmngr_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking dirmngr (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../21-gnupg_2.2.40-1.1+deb12u1_all.deb ...
Unpacking gnupg (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../22-gpg-agent_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpg-agent (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../23-gpgconf_2.2.40-1.1+deb12u1_amd64.deb ...
Unpacking gpgconf (2.2.40-1.1+deb12u1) over (2.2.40-1.1) ...
Preparing to unpack .../24-libsqlite3-0_3.40.1-2+deb12u2_amd64.deb ...
Unpacking libsqlite3-0:amd64 (3.40.1-2+deb12u2) over (3.40.1-2+deb12u1) ...
Preparing to unpack .../25-distro-info-data_0.58+deb12u5_all.deb ...
Unpacking distro-info-data (0.58+deb12u5) over (0.58+deb12u4) ...
Preparing to unpack .../26-dnsutils_1%3a9.18.41-1~deb12u1_all.deb ...
Unpacking dnsutils (1:9.18.41-1~deb12u1) over (1:9.18.33-1~deb12u2) ...
Preparing to unpack .../27-libswscale6_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libswscale6:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../28-libavfilter8_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libavfilter8:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../29-libavdevice59_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libavdevice59:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../30-libavformat59_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libavformat59:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../31-libavcodec59_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libavcodec59:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../32-libavutil57_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libavutil57:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../33-libpostproc56_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libpostproc56:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../34-libswresample4_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking libswresample4:amd64 (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../35-libaom3_3.6.0-1+deb12u2_amd64.deb ...
Unpacking libaom3:amd64 (3.6.0-1+deb12u2) over (3.6.0-1+deb12u1) ...
Preparing to unpack .../36-libglib2.0-data_2.74.6-2+deb12u7_all.deb ...
Unpacking libglib2.0-data (2.74.6-2+deb12u7) over (2.74.6-2+deb12u6) ...
Preparing to unpack .../37-libglib2.0-bin_2.74.6-2+deb12u7_amd64.deb ...
Unpacking libglib2.0-bin (2.74.6-2+deb12u7) over (2.74.6-2+deb12u6) ...
Preparing to unpack .../38-libglib2.0-0_2.74.6-2+deb12u7_amd64.deb ...
Unpacking libglib2.0-0:amd64 (2.74.6-2+deb12u7) over (2.74.6-2+deb12u6) ...
Preparing to unpack .../39-libopenjp2-7_2.5.0-2+deb12u2_amd64.deb ...
Unpacking libopenjp2-7:amd64 (2.5.0-2+deb12u2) over (2.5.0-2+deb12u1) ...
Preparing to unpack .../40-libtheora0_1.1.1+dfsg.1-16.1+deb12u1_amd64.deb ...
Unpacking libtheora0:amd64 (1.1.1+dfsg.1-16.1+deb12u1) over (1.1.1+dfsg.1-16.1+b1) ...
Preparing to unpack .../41-ffmpeg_7%3a5.1.7-0+deb12u1_amd64.deb ...
Unpacking ffmpeg (7:5.1.7-0+deb12u1) over (7:5.1.6-0+deb12u1) ...
Preparing to unpack .../42-libgstreamer-plugins-base1.0-0_1.22.0-3+deb12u5_amd64.deb ...
Unpacking libgstreamer-plugins-base1.0-0:amd64 (1.22.0-3+deb12u5) over (1.22.0-3+deb12u4) ...
Preparing to unpack .../43-gstreamer1.0-plugins-base_1.22.0-3+deb12u5_amd64.deb ...
Unpacking gstreamer1.0-plugins-base:amd64 (1.22.0-3+deb12u5) over (1.22.0-3+deb12u4) ...
Preparing to unpack .../44-libsoup-3.0-common_3.2.3-0+deb12u2_all.deb ...
Unpacking libsoup-3.0-common (3.2.3-0+deb12u2) over (3.2.2-2) ...
Preparing to unpack .../45-libsoup-3.0-0_3.2.3-0+deb12u2_amd64.deb ...
Unpacking libsoup-3.0-0:amd64 (3.2.3-0+deb12u2) over (3.2.2-2) ...
Preparing to unpack .../46-gstreamer1.0-plugins-good_1.22.0-5+deb12u3_amd64.deb ...
Unpacking gstreamer1.0-plugins-good:amd64 (1.22.0-5+deb12u3) over (1.22.0-5+deb12u2) ...
Preparing to unpack .../47-jq_1.6-2.1+deb12u1_amd64.deb ...
Unpacking jq (1.6-2.1+deb12u1) over (1.6-2.1) ...
Preparing to unpack .../48-libjq1_1.6-2.1+deb12u1_amd64.deb ...
Unpacking libjq1:amd64 (1.6-2.1+deb12u1) over (1.6-2.1) ...
Preparing to unpack .../49-kpartx_0.9.4-3+deb12u2_amd64.deb ...
Unpacking kpartx (0.9.4-3+deb12u2) over (0.9.4-3+deb12u1) ...
Preparing to unpack .../50-legacy-dist_3%3a18.1-1_all.deb ...
Unpacking legacy-dist (3:18.1-1) over (3:16.0-1) ...
Preparing to unpack .../51-libarchive-tools_3.6.2-1+deb12u3_amd64.deb ...
Unpacking libarchive-tools (3.6.2-1+deb12u3) over (3.6.2-1+deb12u2) ...
Preparing to unpack .../52-libarchive13_3.6.2-1+deb12u3_amd64.deb ...
Unpacking libarchive13:amd64 (3.6.2-1+deb12u3) over (3.6.2-1+deb12u2) ...
Preparing to unpack .../53-libbotan-2-19_2.19.3+dfsg-1+deb12u1_amd64.deb ...
Unpacking libbotan-2-19:amd64 (2.19.3+dfsg-1+deb12u1) over (2.19.3+dfsg-1) ...
Preparing to unpack .../54-libbpf1_1%3a1.1.2-0+deb12u1_amd64.deb ...
Unpacking libbpf1:amd64 (1:1.1.2-0+deb12u1) over (1:1.1.0-1) ...
Preparing to unpack .../55-libcap2-bin_1%3a2.66-4+deb12u2_amd64.deb ...
Unpacking libcap2-bin (1:2.66-4+deb12u2) over (1:2.66-4+deb12u1) ...
Preparing to unpack .../56-libcjson1_1.7.15-1+deb12u4_amd64.deb ...
Unpacking libcjson1:amd64 (1.7.15-1+deb12u4) over (1.7.15-1+deb12u2) ...
Preparing to unpack .../57-libcups2_2.4.2-3+deb12u9_amd64.deb ...
Unpacking libcups2:amd64 (2.4.2-3+deb12u9) over (2.4.2-3+deb12u8) ...
Preparing to unpack .../58-libcurl3-gnutls_7.88.1-10+deb12u14_amd64.deb ...
Unpacking libcurl3-gnutls:amd64 (7.88.1-10+deb12u14) over (7.88.1-10+deb12u12) ...
Preparing to unpack .../59-libexpat1_2.5.0-1+deb12u2_amd64.deb ...
Unpacking libexpat1:amd64 (2.5.0-1+deb12u2) over (2.5.0-1+deb12u1) ...
Preparing to unpack .../60-libgstreamer-gl1.0-0_1.22.0-3+deb12u5_amd64.deb ...
Unpacking libgstreamer-gl1.0-0:amd64 (1.22.0-3+deb12u5) over (1.22.0-3+deb12u4) ...
Preparing to unpack .../61-libxslt1.1_1.1.35-1+deb12u3_amd64.deb ...
Unpacking libxslt1.1:amd64 (1.1.35-1+deb12u3) over (1.1.35-1+deb12u1) ...
Preparing to unpack .../62-libwebkit2gtk-4.1-0_2.50.1-1~deb12u1_amd64.deb ...
Unpacking libwebkit2gtk-4.1-0:amd64 (2.50.1-1~deb12u1) over (2.48.3-1~deb12u1) ...
Preparing to unpack .../63-libjavascriptcoregtk-4.1-0_2.50.1-1~deb12u1_amd64.deb ...
Unpacking libjavascriptcoregtk-4.1-0:amd64 (2.50.1-1~deb12u1) over (2.48.3-1~deb12u1) ...
Preparing to unpack .../64-libsndfile1_1.2.0-1+deb12u1_amd64.deb ...
Unpacking libsndfile1:amd64 (1.2.0-1+deb12u1) over (1.2.0-1) ...
Preparing to unpack .../65-libss2_1.47.0-2+b2_amd64.deb ...
Unpacking libss2:amd64 (1.47.0-2+b2) over (1.47.0-2) ...
Preparing to unpack .../66-libtiff6_4.5.0-6+deb12u3_amd64.deb ...
Unpacking libtiff6:amd64 (4.5.0-6+deb12u3) over (4.5.0-6+deb12u2) ...
Preparing to unpack .../67-libudisks2-0_2.9.4-4+deb12u2_amd64.deb ...
Unpacking libudisks2-0:amd64 (2.9.4-4+deb12u2) over (2.9.4-4+deb12u1) ...
Preparing to unpack .../68-libyaml-libyaml-perl_0.86+ds-1+deb12u1_amd64.deb ...
Unpacking libyaml-libyaml-perl (0.86+ds-1+deb12u1) over (0.86+ds-1) ...
Preparing to unpack .../69-linux-compiler-gcc-12-x86_6.1.153-1_amd64.deb ...
Unpacking linux-compiler-gcc-12-x86 (6.1.153-1) over (6.1.140-1) ...
Selecting previously unselected package linux-headers-6.1.0-40-common.
Preparing to unpack .../70-linux-headers-6.1.0-40-common_6.1.153-1_all.deb ...
Unpacking linux-headers-6.1.0-40-common (6.1.153-1) ...
Preparing to unpack .../71-linux-kbuild-6.1_6.1.153-1_amd64.deb ...
Unpacking linux-kbuild-6.1 (6.1.153-1) over (6.1.140-1) ...
Selecting previously unselected package linux-headers-6.1.0-40-amd64.
Preparing to unpack .../72-linux-headers-6.1.0-40-amd64_6.1.153-1_amd64.deb ...
Unpacking linux-headers-6.1.0-40-amd64 (6.1.153-1) ...
Preparing to unpack .../73-linux-headers-amd64_6.1.153-1_amd64.deb ...
Unpacking linux-headers-amd64 (6.1.153-1) over (6.1.140-1) ...
Selecting previously unselected package linux-image-6.1.0-40-amd64.
Preparing to unpack .../74-linux-image-6.1.0-40-amd64_6.1.153-1_amd64.deb ...
Unpacking linux-image-6.1.0-40-amd64 (6.1.153-1) ...
Preparing to unpack .../75-linux-image-amd64_6.1.153-1_amd64.deb ...
Unpacking linux-image-amd64 (6.1.153-1) over (6.1.140-1) ...
Preparing to unpack .../76-openssl_3.0.17-1~deb12u3_amd64.deb ...
Unpacking openssl (3.0.17-1~deb12u3) over (3.0.17-1~deb12u2) ...
Preparing to unpack .../77-python3-setuptools_66.1.1-1+deb12u2_all.deb ...
Unpacking python3-setuptools (66.1.1-1+deb12u2) over (66.1.1-1+deb12u1) ...
Preparing to unpack .../78-python3-pkg-resources_66.1.1-1+deb12u2_all.deb ...
Unpacking python3-pkg-resources (66.1.1-1+deb12u2) over (66.1.1-1+deb12u1) ...
Preparing to unpack .../79-tb-updater_3%3a39.4-1_all.deb ...
Unpacking tb-updater (3:39.4-1) over (3:39.3-1) ...
Preparing to unpack .../80-udisks2_2.9.4-4+deb12u2_amd64.deb ...
Unpacking udisks2 (2.9.4-4+deb12u2) over (2.9.4-4+deb12u1) ...
Preparing to unpack .../81-zsh_5.9-4+b7_amd64.deb ...
Unpacking zsh (5.9-4+b7) over (5.9-4+b6) ...
Setting up python3-pkg-resources (66.1.1-1+deb12u2) ...
Setting up libexpat1:amd64 (2.5.0-1+deb12u2) ...
Setting up linux-image-6.1.0-40-amd64 (6.1.153-1) ...
I: /vmlinuz is now a symlink to boot/vmlinuz-6.1.0-40-amd64
I: /initrd.img is now a symlink to boot/initrd.img-6.1.0-40-amd64
/etc/kernel/postinst.d/30_remove-system-map:
INFO: Deleting system.map files...
INFO: removed '/boot/System.map-6.1.0-40-amd64'
INFO: Done. Success.
/etc/kernel/postinst.d/dkms:
dkms: running auto installation service for kernel 6.1.0-40-amd64.
Sign command: /usr/lib/linux-kbuild-6.1/scripts/sign-file
Signing key: /var/lib/dkms/mok.key
Public certificate (MOK): /var/lib/dkms/mok.pub
Certificate or key are missing, generating self signed certificate for MOK...

Building module:
Cleaning build area...
make -j1 KERNELRELEASE=6.1.0-40-amd64 all...
Signing module /var/lib/dkms/tirdad/0.1/build/module/tirdad.ko
Cleaning build area...

tirdad.ko:
Running module version sanity check.
 - Original module
   - No original module exists within this kernel
 - Installation
   - Installing to /lib/modules/6.1.0-40-amd64/updates/dkms/
depmod...
dkms: autoinstall for kernel: 6.1.0-40-amd64.
/etc/kernel/postinst.d/dracut:
dracut: Generating /boot/initrd.img-6.1.0-40-amd64
/etc/kernel/postinst.d/zz-update-grub:
Generating grub configuration file ...
Found theme: /boot/grub/themes/whonix-workstation/theme.txt
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
Found linux image: /boot/vmlinuz-6.1.0-40-amd64
Found initrd image: /boot/initrd.img-6.1.0-40-amd64
Found linux image: /boot/vmlinuz-6.1.0-37-amd64
Found initrd image: /boot/initrd.img-6.1.0-37-amd64
done
Setting up libaom3:amd64 (3.6.0-1+deb12u2) ...
Setting up libc-l10n (2.36-9+deb12u13) ...
Setting up linux-headers-6.1.0-40-common (6.1.153-1) ...
Setting up python3-setuptools (66.1.1-1+deb12u2) ...
Setting up libjq1:amd64 (1.6-2.1+deb12u1) ...
Setting up libglib2.0-0:amd64 (2.74.6-2+deb12u7) ...
Setting up distro-info-data (0.58+deb12u5) ...
Setting up libsqlite3-0:amd64 (3.40.1-2+deb12u2) ...
Setting up libssl3:amd64 (3.0.17-1~deb12u3) ...
Setting up linux-libc-dev:amd64 (6.1.153-1) ...
Setting up libgstreamer-plugins-base1.0-0:amd64 (1.22.0-3+deb12u5) ...
Setting up libcom-err2:amd64 (1.47.0-2+b2) ...
Setting up libsoup-3.0-common (3.2.3-0+deb12u2) ...
Setting up linux-image-amd64 (6.1.153-1) ...
Setting up libcjson1:amd64 (1.7.15-1+deb12u4) ...
Setting up locales (2.36-9+deb12u13) ...
Generating locales (this might take a while)...
  en_US.UTF-8... done
Generation complete.
Setting up legacy-dist (3:18.1-1) ...
Installing new version of config file /etc/xdg/autostart/legacy-dist-deprecation-notice.desktop ...
Setting up linux-compiler-gcc-12-x86 (6.1.153-1) ...
Setting up libkrb5support0:amd64 (1.20.1-2+deb12u4) ...
Setting up tzdata (2025b-0+deb12u2) ...

Current default time zone: 'Etc/UTC'
Local time is now:      Mon Nov 10 21:39:49 UTC 2025.
Universal Time is now:  Mon Nov 10 21:39:49 UTC 2025.
Run 'dpkg-reconfigure tzdata' if you wish to change it.

Setting up libcap2-bin (1:2.66-4+deb12u2) ...
Setting up libavutil57:amd64 (7:5.1.7-0+deb12u1) ...
Setting up perl-modules-5.36 (5.36.0-7+deb12u3) ...
Setting up libgstreamer-gl1.0-0:amd64 (1.22.0-3+deb12u5) ...
Setting up libglib2.0-data (2.74.6-2+deb12u7) ...
Setting up libjavascriptcoregtk-4.1-0:amd64 (2.50.1-1~deb12u1) ...
Setting up gnupg-l10n (2.2.40-1.1+deb12u1) ...
Setting up libswresample4:amd64 (7:5.1.7-0+deb12u1) ...
Setting up udev (252.39-1~deb12u1) ...
Setting up libsystemd-shared:amd64 (252.39-1~deb12u1) ...
Setting up libss2:amd64 (1.47.0-2+b2) ...
Setting up libk5crypto3:amd64 (1.20.1-2+deb12u4) ...
Setting up logsave (1.47.0-2+b2) ...
Setting up libtiff6:amd64 (4.5.0-6+deb12u3) ...
Setting up kpartx (0.9.4-3+deb12u2) ...
Setting up jq (1.6-2.1+deb12u1) ...
Setting up libtheora0:amd64 (1.1.1+dfsg.1-16.1+deb12u1) ...
Setting up gpgconf (2.2.40-1.1+deb12u1) ...
Setting up libopenjp2-7:amd64 (2.5.0-2+deb12u2) ...
Setting up libkrb5-3:amd64 (1.20.1-2+deb12u4) ...
Setting up libpostproc56:amd64 (7:5.1.7-0+deb12u1) ...
Setting up libsndfile1:amd64 (1.2.0-1+deb12u1) ...
Setting up zsh (5.9-4+b7) ...
Setting up xserver-common (2:21.1.7-3+deb12u11) ...
Setting up linux-kbuild-6.1 (6.1.153-1) ...
Setting up libavcodec59:amd64 (7:5.1.7-0+deb12u1) ...
Setting up libc-dev-bin (2.36-9+deb12u13) ...
Setting up libswscale6:amd64 (7:5.1.7-0+deb12u1) ...
Setting up openssl (3.0.17-1~deb12u3) ...
Setting up libxml2:amd64 (2.9.14+dfsg-1.3~deb12u4) ...
Setting up libperl5.36:amd64 (5.36.0-7+deb12u3) ...
Setting up libbotan-2-19:amd64 (2.19.3+dfsg-1+deb12u1) ...
Setting up gpg (2.2.40-1.1+deb12u1) ...
Setting up libbpf1:amd64 (1:1.1.2-0+deb12u1) ...
Setting up libudisks2-0:amd64 (2.9.4-4+deb12u2) ...
Setting up gnupg-utils (2.2.40-1.1+deb12u1) ...
Setting up udisks2 (2.9.4-4+deb12u2) ...
Setting up gpg-agent (2.2.40-1.1+deb12u1) ...
Setting up libavformat59:amd64 (7:5.1.7-0+deb12u1) ...
Setting up libarchive13:amd64 (3.6.2-1+deb12u3) ...
Setting up gpgsm (2.2.40-1.1+deb12u1) ...
Setting up xserver-xorg-core (2:21.1.7-3+deb12u11) ...
Setting up libglib2.0-bin (2.74.6-2+deb12u7) ...
Setting up e2fsprogs (1.47.0-2+b2) ...
/usr/sbin/policy-rc.d returned 101, not running 'restart e2scrub_all.service e2scrub_all.timer e2scrub_reap.service'
Setting up systemd (252.39-1~deb12u1) ...
Setting up libavfilter8:amd64 (7:5.1.7-0+deb12u1) ...
Setting up dirmngr (2.2.40-1.1+deb12u1) ...
Setting up perl (5.36.0-7+deb12u3) ...
Setting up gstreamer1.0-plugins-base:amd64 (1.22.0-3+deb12u5) ...
Setting up libgssapi-krb5-2:amd64 (1.20.1-2+deb12u4) ...
Setting up linux-headers-6.1.0-40-amd64 (6.1.153-1) ...
/etc/kernel/header_postinst.d/dkms:
dkms: running auto installation service for kernel 6.1.0-40-amd64.
dkms: autoinstall for kernel: 6.1.0-40-amd64.
Setting up gpg-wks-server (2.2.40-1.1+deb12u1) ...
Setting up libcups2:amd64 (2.4.2-3+deb12u9) ...
Setting up libavdevice59:amd64 (7:5.1.7-0+deb12u1) ...
Setting up libxslt1.1:amd64 (1.1.35-1+deb12u3) ...
Setting up libcurl4:amd64 (7.88.1-10+deb12u14) ...
Setting up libc6-dev:amd64 (2.36-9+deb12u13) ...
Setting up curl (7.88.1-10+deb12u14) ...
Setting up ffmpeg (7:5.1.7-0+deb12u1) ...
Setting up libarchive-tools (3.6.2-1+deb12u3) ...
Setting up systemd-sysv (252.39-1~deb12u1) ...
Setting up gpg-wks-client (2.2.40-1.1+deb12u1) ...
Setting up init (1.65.2+deb12u1) ...
Setting up bind9-libs:amd64 (1:9.18.41-1~deb12u1) ...
Setting up linux-headers-amd64 (6.1.153-1) ...
Setting up gstreamer1.0-plugins-good:amd64 (1.22.0-5+deb12u3) ...
Setting up libyaml-libyaml-perl (0.86+ds-1+deb12u1) ...
Setting up libsoup-3.0-0:amd64 (3.2.3-0+deb12u2) ...
Setting up libcurl3-gnutls:amd64 (7.88.1-10+deb12u14) ...
Setting up tb-updater (3:39.4-1) ...
/usr/sbin/policy-rc.d returned 101, not running 'restart tb-updater-dispvm.service tb-updater-first-boot.service'
INFO: Using '--postinst' option but outside of Qubes Template, skipping, ok.
Setting up gnupg (2.2.40-1.1+deb12u1) ...
Setting up libpam-systemd:amd64 (252.39-1~deb12u1) ...
Setting up bind9-host (1:9.18.41-1~deb12u1) ...
Setting up libwebkit2gtk-4.1-0:amd64 (2.50.1-1~deb12u1) ...
Setting up bind9-dnsutils (1:9.18.41-1~deb12u1) ...
Setting up dnsutils (1:9.18.41-1~deb12u1) ...
Processing triggers for dbus (1.14.10-1~deb12u1) ...
Processing triggers for security-misc (3:47.0-1) ...
INFO: triggered security-misc: 'security-misc' security-misc DPKG_MAINTSCRIPT_NAME: 'postinst' $\*: 'triggered /usr' 2: '/usr'
/usr/libexec/security-misc/mmap-rnd-bits: INFO: Successfully written ASLR map config file:
/etc/sysctl.d/30_security-misc_aslr-mmap.conf
Running SUID Disabler and Permission Hardener... See also:
https://www.kicksecure.com/wiki/SUID_Disabler_and_Permission_Hardener
/var/lib/dpkg/info/security-misc.postinst: INFO: running: permission-hardener enable
permission-hardener: [NOTICE]: Executing: setcap -r /bin/ping
permission-hardener: [NOTICE]: To compare the current and previous permission modes, install 'meld' (or preferred diff tool) for comparison of file mode changes:
    sudo apt install --no-install-recommends meld
    meld /var/lib/permission-hardener-v2/existing_mode/statoverride /var/lib/permission-hardener-v2/new_mode/statoverride
/var/lib/dpkg/info/security-misc.postinst: INFO: Permission hardening success.
Processing triggers for dracut (059-4) ...
dracut: Generating /boot/initrd.img-6.1.0-37-amd64
dracut: Generating /boot/initrd.img-6.1.0-40-amd64
Processing triggers for debianutils (5.7-0.5~deb12u1) ...
Processing triggers for menu (2.1.49) ...
Processing triggers for mailcap (3.70+nmu1) ...
Processing triggers for privleap (3:3.8-1) ...
Processing triggers for desktop-file-utils (0.26-1) ...
Processing triggers for libc-bin (2.36-9+deb12u13) ...
Processing triggers for man-db (2.11.2-2) ...
terminal-wrapper-helper: [NOTICE]: Command exited with exit code '0'. You may close this window safely.

May have to wait for Whonix 18 .

arraybolt3 · November 11, 2025, 1:52am

Another thing you might try is, on first boot, select PERSISTENT Mode | SYSMAINT Session | system maintenance tasks, but then press e to edit the command line (instead of pressing Enter like normal), then add the parameter single to the end of the linux command line. This will boot you into single-user mode. Then run sudo systemctl disable systemd-repart.service; sudo systemctl mask systemd-repart.service. Then reboot and try booting into the various modes (especially the PERSISTENT modes) to see if the corruption occurs again.

This will disable the automatic partition resize feature, so if you ever grow the disk image, you’ll have to manually grow the main partition to take advantage of disk space. I’m guessing this is probably the thing causing the issue, so turning it off might help.

James369 · November 25, 2025, 8:21pm

I think my issue is the same. I am on Fedora Silverblue. I am able to succesfully run KVM with other distro’s aka Debian. I successfully run both the Gateway and Workstation on first boot, however after I update both, (succesfully, no errors) then reboot, both workstation and gateway boot into a black screen with blinking cursor. This lasts for quite some time, then I get (I think) the same errors as OP. They seem to be dracut timeout errors pertaining to unable to find the volumes.
I have tried all kinds of xml edits, ie increasing RAM, CPU, diskspace, etc. I tried editing GRUB as above and still get the same black screen, blinking cursor. I have deleted, redownloaded, re-extracted, re imported etc. (from scratch) and got the same errors. I tried advanced options selecting all options and still get the same errors.