PowerNV: No rate limit for kernel error "KVM can't copy data from"

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Patch for the Kernel Team to evaluate.

                      Michael

On 02/23/2017 10:11 AM, Launchpad Bug Tracker wrote:
> bugproxy (bugproxy) has assigned this bug to you for Ubuntu:
>
> == Comment: #0 - MIKHAIL S. MEDVEDEV <email address hidden> - 2017-02-03 14:40:58 ==
> ---Problem Description---
> I am experiencing a problem with KVM on Power with a symptom of "KVM can't copy data" message being spammed to kern.log at about 100000 messages a second. Apart from original problem that triggers the error, the printk is a problem on its own. System might run out of space for logs, and would have high CPU load caused by journald.
>
> This bug is to address an absence of rate limiter on printk at
> https://github.com/torvalds/linux/blob/f64e8084c94bb0449177364856d8117e2f14c4c0/arch/powerpc/kvm/book3s_64_mmu.c#L268
>
> Maybe wrapping the printk in printk_ratelimit() is all that is required?
>
> if(printk_ratelimit()){
> printk("KVM can't copy");
> }
>
> Contact Information = Mikhail Medvedev / <email address hidden>, Rafael Folco / <email address hidden>
>
> ---uname output---
> 4.8.0-34-generic #36~16.04.1-Ubuntu SMP Wed Dec 21 18:53:20 UTC 2016 ppc64le ppc64le ppc64le GNU/Linux
>
> Machine Type = KVM guest on P8 8247 21L
>
> ---Debugger---
> A debugger is not configured
>
> ---Steps to Reproduce---
> 1. Deploy OpenStack with devstack
> 2. Run simultaneously between 4 and 6 instances of a script that
> - boots a VM (openstack server create)
> - immediately creates the backup of the VM (openstack server backup create)
>
> This is not a very good way to reproduce it. I am still unable to
> reproduce the problem just by using libvirt and qemu.
>
>
> == Comment: #5 - VIPIN K. PARASHAR <email address hidden> - 2017-02-07 09:42:31 ==
>
> >From kernel logs
> ===========
>
> [852719.001593] KVM can't copy data from 0x3fff86683c80!
> [852719.001614] KVM can't copy data from 0x3fff86683c80!
> [852719.001617] KVM can't copy data from 0x3fff66a83c80!
> [852719.001624] KVM can't copy data from 0x3fff86683c80!
> [852719.001634] KVM can't copy data from 0x3fff86683c80!
> [852719.001637] KVM can't copy data from 0x3fff66a83c80!
> [852719.001645] KVM can't copy data from 0x3fff86683c80!
> [852719.001655] KVM can't copy data from 0x3fff86683c80!
> [852719.001658] KVM can't copy data from 0x3fff66a83c80!
> [852719.001665] KVM can't copy data from 0x3fff86683c80!
> [852719.001668] KVM can't copy data from 0x3fff66a83c80!
> [852719.001678] KVM can't copy data from 0x3fff66a83c80!
> [852719.001686] KVM can't copy data from 0x3fff86683c80!
>
>
> "KVM can't copy data from" error is being logged at very high rate
> by kernel. rate limiting this error should fix this issue.
>
>
> == Comment: #20 - VIPIN K. PARASHAR <email address hidden> - 2017-02-23 12:01:26 ==
> Fix for this is submitted to PowerPC mailing list
> and is available at below location:
>
> https://patchwork.ozlabs.org/patch/728831/
>
> It reads:
>
> "KVM: PPC: Book3S: Ratelimit copy data failure error messages"
>
> ** Affects: ubuntu
> Importance: Undecided
> Assignee: Taco Screen team (taco-screen-team)
> Status: New
>
>
> ** Tags: architecture-ppc64le bug...

------- Comment From <email address hidden> 2017-02-23 13:39 EDT-------
Please include this for Ubuntu 16.10, 16.04.02 along with Ubuntu 17.04 release.

https://lists.ubuntu.com/archives/kernel-team/2017-February/082695.html

== Comment: #0 - MIKHAIL S. MEDVEDEV <email address hidden> - 2017-02-03 14:40:58 ==
---Problem Description---
I am experiencing a problem with KVM on Power with a symptom of "KVM can't copy data" message being spammed to kern.log at about 100000 messages a second. Apart from original problem that triggers the error, the printk is a problem on its own. System might run out of space for logs, and would have high CPU load caused by journald.

This bug is to address an absence of rate limiter on printk at https://github.com/torvalds/linux/blob/f64e8084c94bb0449177364856d8117e2f14c4c0/arch/powerpc/kvm/book3s_64_mmu.c#L268

Maybe wrapping the printk in printk_ratelimit() is all that is required?

if(printk_ratelimit()){
printk("KVM can't copy");
}

Contact Information = Mikhail Medvedev / <email address hidden>, Rafael Folco / <email address hidden>

---uname output---
4.8.0-34-generic #36~16.04.1-Ubuntu SMP Wed Dec 21 18:53:20 UTC 2016 ppc64le ppc64le ppc64le GNU/Linux

Machine Type = KVM guest on P8 8247 21L

---Debugger---
A debugger is not configured

---Steps to Reproduce---
1. Deploy OpenStack with devstack
2. Run simultaneously between 4 and 6 instances of a script that
- boots a VM (openstack server create)
- immediately creates the backup of the VM (openstack server backup create)

This is not a very good way to reproduce it. I am still unable to reproduce the problem just by using libvirt and qemu.

== Comment: #5 - VIPIN K. PARASHAR <email address hidden> - 2017-02-07 09:42:31 ==

From kernel logs
===========

[852719.001593] KVM can't copy data from 0x3fff86683c80!
[852719.001614] KVM can't copy data from 0x3fff86683c80!
[852719.001617] KVM can't copy data from 0x3fff66a83c80!
[852719.001624] KVM can't copy data from 0x3fff86683c80!
[852719.001634] KVM can't copy data from 0x3fff86683c80!
[852719.001637] KVM can't copy data from 0x3fff66a83c80!
[852719.001645] KVM can't copy data from 0x3fff86683c80!
[852719.001655] KVM can't copy data from 0x3fff86683c80!
[852719.001658] KVM can't copy data from 0x3fff66a83c80!
[852719.001665] KVM can't copy data from 0x3fff86683c80!
[852719.001668] KVM can't copy data from 0x3fff66a83c80!
[852719.001678] KVM can't copy data from 0x3fff66a83c80!
[852719.001686] KVM can't copy data from 0x3fff86683c80!

"KVM can't copy data from" error is being logged at very high rate
by kernel. rate limiting this error should fix this issue.

== Comment: #20 - VIPIN K. PARASHAR <email address hidden> - 2017-02-23 12:01:26 ==
Fix for this is submitted to PowerPC mailing list
and is available at below location:

https://patchwork.ozlabs.org/patch/728831/

It reads:

"KVM: PPC: Book3S: Ratelimit copy data failure error messages"

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Default Comment by Bridge

Patch for the Kernel Team to evaluate.

Michael

On 02/23/2017 10:11 AM, Launchpad Bug Tracker wrote:
> bugproxy (bugproxy) has assigned this bug to you for Ubuntu:
>
> == Comment: #0 - MIKHAIL S. MEDVEDEV <email address hidden> - 2017-02-03 14:40:58 ==
> ---Problem Description---
> I am experiencing a problem with KVM on Power with a symptom of "...

------- Comment From <email address hidden> 2017-02-28 23:31 EDT-------
(In reply to comment #20)
> Fix for this is submitted to PowerPC mailing list
> and is available at below location:
>
> https://patchwork.ozlabs.org/patch/728831/
>
> It reads:
>
> "KVM: PPC: Book3S: Ratelimit copy data failure error messages"

Fix is accepted upstream as commit 4da934dc6515afa

4da934dc65 - KVM: PPC: Book3S PR: Ratelimit copy data failure error messages

This bug was fixed in the package linux - 4.10.0-11.13

---------------
linux (4.10.0-11.13) zesty; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1669127

  * linux-tools-common should Depends: lsb-release (LP: #1667571)
    - [Config] linux-tools-common depends on lsb-release

  * Ubuntu (Zesty): When we miss LSI/INTx interrupts on slot, message is too
    imprecise (LP: #1668382)
    - of/irq: improve error report on irq discovery process failure

  * Zesty update to v4.10.1 stable release (LP: #1668993)
    - ptr_ring: fix race conditions when resizing
    - ip: fix IP_CHECKSUM handling
    - net: socket: fix recvmmsg not returning error from sock_error
    - tty: serial: msm: Fix module autoload
    - USB: serial: mos7840: fix another NULL-deref at open
    - USB: serial: cp210x: add new IDs for GE Bx50v3 boards
    - USB: serial: ftdi_sio: fix modem-status error handling
    - USB: serial: ftdi_sio: fix extreme low-latency setting
    - USB: serial: ftdi_sio: fix line-status over-reporting
    - USB: serial: spcp8x5: fix modem-status handling
    - USB: serial: opticon: fix CTS retrieval at open
    - USB: serial: ark3116: fix register-accessor error handling
    - USB: serial: console: fix uninitialised spinlock
    - x86/platform/goldfish: Prevent unconditional loading
    - goldfish: Sanitize the broken interrupt handler
    - netfilter: nf_ct_helper: warn when not applying default helper assignment
    - ACPICA: Linuxize: Restore and fix Intel compiler build
    - block: fix double-free in the failure path of cgwb_bdi_init()
    - rtlwifi: rtl_usb: Fix for URB leaking when doing ifconfig up/down
    - xfs: clear delalloc and cache on buffered write failure
    - Linux 4.10.1

  * [UBUNTU Zesty] mlx5 - Improve OVS offload driver (LP: #1668019)
    - net/sched: cls_flower: Disallow duplicate internal elements
    - net/sched: cls_flower: Properly handle classifier flags dumping
    - net/sched: cls_matchall: Dump the classifier flags
    - net/sched: Reflect HW offload status
    - net/sched: cls_flower: Reflect HW offload status
    - net/sched: cls_matchall: Reflect HW offloading status
    - net/sched: cls_u32: Reflect HW offload status
    - net/sched: cls_bpf: Reflect HW offload status
    - net/mlx5: Push min-inline mode resolution helper into the core
    - IB/mlx5: Enable Eth VFs to query their min-inline value for user-space
    - net/mlx5: Use exact encap header size for the FW input buffer
    - net/mlx5e: Add TC offloads matching on IPv6 encapsulation headers
    - net/mlx5e: TC ipv4 tunnel encap offload cosmetic changes
    - net/mlx5e: Use the full tunnel key info for encapsulation offload house- keeping
    - net/mlx5e: Maximize ip tunnel key usage on the TC offloading path
    - net/mlx5e: Support SRIOV TC encapsulation offloads for IPv6 tunnels
    - net/mlx5: E-Switch, Enlarge the FDB size for the switchdev mode
    - net/mlx5: Fix static checker warnings

  * [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups
    (LP: #1470250)
    - SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails

  * Ubuntu17.04: Need more patches for aacraid to bring up Bost...

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-yakkety' to 'verification-done-yakkety'. If the problem still exists, change the tag 'verification-needed-yakkety' to 'verification-failed-yakkety'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

The latest kernel from yakkety-proposed does not appear to fix the problem. Note that I did test it on Xenial, not Yakkety, because I do not have an easy way to reproduce the bug that excercises rate-limited printk on Yakkety.

I made sure that the proposed kernel was used by comparing what is getting installed on Yakkety vs Xenial:

On Yakkety
==========

$ sudo apt-get install -y linux-image-generic/yakkety-proposed

Selected version '4.8.0.44.56' (Ubuntu:16.10/yakkety-proposed [ppc64el]) for 'linux-image-generic'
The following additional packages will be installed:
  crda iw libnl-3-200 libnl-genl-3-200 linux-firmware linux-image-4.8.0-44-generic
  linux-image-extra-4.8.0-44-generic wireless-regdb
Suggested packages:
  fdutils linux-doc-4.8.0 | linux-source-4.8.0 linux-tools linux-headers-4.8.0-44-generic
The following NEW packages will be installed:
  crda iw libnl-3-200 libnl-genl-3-200 linux-firmware linux-image-4.8.0-44-generic
  linux-image-extra-4.8.0-44-generic linux-image-generic wireless-regdb

# uname -a
Linux mmedvede2-test-ratelimit-pkvmci836 4.8.0-44-generic #47-Ubuntu SMP Wed Mar 22 14:27:02 UTC 2017 ppc64le ppc64le ppc64le GNU/Linux

On Xenial
=========

$ sudo apt-get install -y linux-image-generic/yakkety-proposed
Selected version '4.8.0.44.56' (Ubuntu:16.10/yakkety-proposed [ppc64el]) for 'linux-image-generic'
The following additional packages will be installed:
  linux-image-4.8.0-44-generic linux-image-extra-4.8.0-44-generic
Suggested packages:
  fdutils linux-doc-4.8.0 | linux-source-4.8.0 linux-tools linux-headers-4.8.0-44-generic
The following NEW packages will be installed:
  linux-image-4.8.0-44-generic linux-image-extra-4.8.0-44-generic
The following packages will be upgraded:
  linux-image-generic

$ uname -a
Linux mmedvede-test-ratelimit-pkvmci8361 4.8.0-44-generic #47-Ubuntu SMP Wed Mar 22 14:27:02 UTC 2017 ppc64le ppc64le ppc64le GNU/Linux

And I was able to reproduce the printk spam on Xenial with the proposed kernel. Did the fix actually get into 4.8.0.44.56?

No, it didn't. There was a regression in a recent update, and the kernel that was in -proposed got replaced with one that only has the reverts necessary to fix the regression. That's the kernel you tested.

Sorry for the confusion. I'll remove the verification tags, and once a new kernel with the fix is in -proposed there will be another comment asking for testing.

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-yakkety' to 'verification-done-yakkety'. If the problem still exists, change the tag 'verification-needed-yakkety' to 'verification-failed-yakkety'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

I have triggered the error while using kernel image from proposed repository:

2017-04-13 21:55:41.868 | Selected version '4.8.0.48.60' (Ubuntu:16.10/yakkety-proposed [ppc64el]) for 'linux-image-generic'
$ uname -a
Linux mmedvede-test-ratelimit-pkvmci8401 4.8.0-48-generic #51-Ubuntu SMP Wed Apr 12 12:59:15 UTC 2017 ppc64le ppc64le ppc64le GNU/Linux

And confirmed that the printk is now ratelimited. From kernel log:

[ 1725.561053] kvmppc_mmu_book3s_64_xlate: 282675 callbacks suppressed
[ 1725.561057] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561068] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561078] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561088] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561099] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561109] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561119] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561130] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561140] KVM: Can't copy data from 0x3fff8b7bbc80!
[ 1725.561150] KVM: Can't copy data from 0x3fff8b7bbc80!

This bug was fixed in the package linux - 4.8.0-49.52

---------------
linux (4.8.0-49.52) yakkety; urgency=low

  * linux: 4.8.0-49.52 -proposed tracker (LP: #1684427)

  * [Hyper-V] hv: util: move waiting for release to hv_utils_transport itself
    (LP: #1682561)
    - Drivers: hv: util: move waiting for release to hv_utils_transport itself

linux (4.8.0-48.51) yakkety; urgency=low

  * linux: 4.8.0-48.51 -proposed tracker (LP: #1682034)

  * [Hyper-V] hv: vmbus: Raise retry/wait limits in vmbus_post_msg()
    (LP: #1681893)
    - Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()

linux (4.8.0-47.50) yakkety; urgency=low

  * linux: 4.8.0-47.50 -proposed tracker (LP: #1679678)

  * CVE-2017-6353
    - sctp: deny peeloff operation on asocs with threads sleeping on it

  * CVE-2017-5986
    - sctp: avoid BUG_ON on sctp_wait_for_sndbuf

  * vfat: missing iso8859-1 charset (LP: #1677230)
    - [Config] NLS_ISO8859_1=y

  * [Hyper-V] pci-hyperv: Use device serial number as PCI domain (LP: #1667527)
    - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs

  * Regression: KVM modules should be on main kernel package (LP: #1678099)
    - [Config] powerpc: Add kvm-hv and kvm-pr to the generic inclusion list

  * linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
    4.4.0-63.84~14.04.2 (LP: #1664912)
    - SAUCE: apparmor: fix link auditing failure due to, uninitialized var

  * regession tests failing after stackprofile test is run (LP: #1661030)
    - SAUCE: fix regression with domain change in complain mode

  * Permission denied and inconsistent behavior in complain mode with 'ip netns
    list' command (LP: #1648903)
    - SAUCE: fix regression with domain change in complain mode

  * unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
    from a unshared mount namespace (LP: #1656121)
    - SAUCE: apparmor: null profiles should inherit parent control flags

  * apparmor refcount leak of profile namespace when removing profiles
    (LP: #1660849)
    - SAUCE: apparmor: fix ns ref count link when removing profiles from policy

  * tor in lxd: apparmor="DENIED" operation="change_onexec"
    namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
    name="system_tor" (LP: #1648143)
    - SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
      namespaces

  * apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
    - SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails

  * apparmor auditing denied access of special apparmor .null fi\ le
    (LP: #1660836)
    - SAUCE: apparmor: Don't audit denied access of special apparmor .null file

  * apparmor label leak when new label is unused (LP: #1660834)
    - SAUCE: apparmor: fix label leak when new label is unused

  * apparmor reference count bug in label_merge_insert() (LP: #1660833)
    - SAUCE: apparmor: fix reference count bug in label_merge_insert()

  * apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
    - SAUCE: apparmor: fix replacement race in reading rawdata

  * unix domain socket cross permission check failing with n...