Bug 35808 - KVM: x86: handle idiv overflow at kvm_write_tsc for stable-3.10
KVM: x86: handle idiv overflow at kvm_write_tsc for stable-3.10
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Kernel
UCS 3.2
i386 Linux
: P5 normal (vote)
: UCS 3.2-3-errata
Assigned To: Philipp Hahn
Erik Damrose
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-09-03 10:18 CEST by Philipp Hahn
Modified: 2014-10-16 13:43 CEST (History)
4 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
hahn: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2014-09-03 10:18:23 CEST
Ticket#: 2014090221000245 ] Kernel OOPS beim Resume von KVM-Instanzen

can we please 8915aa27d5efbb9185357175b0acf884325565f9 get applied to
3.10 too?

> commit 8915aa27d5efbb9185357175b0acf884325565f9
> Author: Marcelo Tosatti <mtosatti@redhat.com>
> Date:   Tue Jun 11 23:31:12 2013 -0300
>
>     KVM: x86: handle idiv overflow at kvm_write_tsc
>
>     Its possible that idivl overflows (due to large delta stored in
usdiff,
>     valid scenario).
>
>     Create an exception handler to catch the overflow exception
(division by zero
>     is protected by vcpu->arch.virtual_tsc_khz check), and interpret
it accordingly
>     (delta is larger than USEC_PER_SEC).
>
>     Fixes https://bugzilla.redhat.com/show_bug.cgi?id=969644
>
>     Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
>     Signed-off-by: Gleb Natapov <gleb@redhat.com>

We received severals OOPSs like the following, which is also reported in
<https://bugzilla.redhat.com/show_bug.cgi?id=969644>:

> [196075.453859] divide error: 0000 [#1] SMP 
...
> [196075.468418] task: dc005280 ti: e96d6000 task.ti: e96d6000
> [196075.469794] EIP: 0060:[<f91f61cc>] EFLAGS: 00210002 CPU: 0
> [196075.471187] EIP is at kvm_write_tsc+0xcd/0x3df [kvm]
> [196075.472555] EAX: c4cc0960 EBX: 1a575996 ECX: 0000b26c EDX: 19ef2051
> [196075.473917] ESI: 02108c94 EDI: 2551199c EBP: 0212ed58 ESP: e96d7d60
> [196075.475295]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
> [196075.476680] CR0: 80050033 CR2: 0a0ef000 CR3: 1c473000 CR4: 000427f0
> [196075.478080] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [196075.479491] DR6: ffff0ff0 DR7: 00000400
> [196075.480895] Stack:
> [196075.482296]  c100963a 00000003 db774000 f61fc040 86ef35ef 0000b26a c4cc0960 19ef2051
> [196075.483754]  9ee6c521 0000b26c 00340e1a 00000000 f91f7367 db7755ac e96d7dd8 00200286
> [196075.485226]  f61fc040 2551199c 00000010 f6ecb000 f951435f e96d7dd8 00000003 0212ed58
> [196075.486680] Call Trace:
> [196075.488091]  [<c100963a>] ? __switch_to+0x17d/0x297
> [196075.489528]  [<f91f7367>] ? kvm_set_msr_common+0x589/0xd84 [kvm]
> [196075.490961]  [<f951435f>] ? vmx_set_msr+0x94/0x18b [kvm_intel]
> [196075.492408]  [<f91efdb8>] ? do_set_msr+0x24/0x29 [kvm]
> [196075.493849]  [<f91f557e>] ? msr_io+0x7b/0xcc [kvm]
> [196075.495256]  [<f91efd94>] ? kvm_set_msr+0xa/0xa [kvm]
> [196075.496630]  [<f91f8425>] ? kvm_arch_vcpu_ioctl+0x331/0xa5c [kvm]
> [196075.497991]  [<f9511086>] ? vmx_set_segment+0xe4/0x101 [kvm_intel]
> [196075.499302]  [<f91f3ee7>] ? update_cr8_intercept+0x52/0x55 [kvm]
> [196075.500618]  [<f91f6da1>] ? kvm_arch_vcpu_ioctl_set_sregs+0x320/0x35d [kvm]
> [196075.501954]  [<f91f57b5>] ? kvm_arch_vcpu_load+0xab/0x18b [kvm]
> [196075.503291]  [<f91ed1b6>] ? kvm_vcpu_ioctl+0x3a8/0x401 [kvm]
> [196075.504625]  [<f8f55506>] ? tun_chr_ioctl+0xb3d/0x1637 [tun]
> [196075.505949]  [<c10401d1>] ? __lock_task_sighand+0x3a/0x5c
> [196075.507256]  [<f91ece0e>] ? kvm_dev_ioctl+0x328/0x328 [kvm]
> [196075.508547]  [<c10f37c0>] ? do_vfs_ioctl+0x46a/0x4ae
> [196075.509842]  [<c132a4e3>] ? __do_page_fault+0x396/0x3b2
> [196075.511061]  [<c132a4c3>] ? __do_page_fault+0x376/0x3b2
> [196075.512260]  [<c104ebc3>] ? hrtimer_interrupt+0x173/0x238
> [196075.513542]  [<c10f3852>] ? SyS_ioctl+0x4e/0x6f
> [196075.514910]  [<c132c0cd>] ? sysenter_do_call+0x12/0x16
> [196075.516289] Code: b8 e8 03 00 00 8b 4c 24 2c f7 64 24 18 c7 44 24 2c 00 00 00 00 01 ca 8b 4c 24 24 89 44 24 18 8b 44 24 18 89 54 24 1c 8b 54 24 1c <f7> 7c 24 28 31 d2 89 54 24 1c 8b 54 24 20 2b 54 24 10 1b 4c 24
> [196075.519318] EIP: [<f91f61cc>] kvm_write_tsc+0xcd/0x3df [kvm] SS:ESP 0068:e96d7d60
> [196075.525677] ---[ end trace 70946d57c8795610 ]---

The patch went into 3.11, RedHat seems to have put it into their 3.9,
but its still missing in 3.10.53.

I verified that applying the patch fixes the problem.

Tested-by: Philipp Hahn <hahn@univention.de>
Comment 1 Philipp Hahn univentionstaff 2014-09-04 14:45:46 CEST
r13501: cherry-pick 8915aa27d5efbb9185357175b0acf884325565f9
Comment 2 Philipp Hahn univentionstaff 2014-09-04 15:05:49 CEST
r53370 | Bug #35808,Bug #35826: Kernel update for Xen & KVM
 branches/ucs-3.2/ucs-3.2-3/doc/errata/staging/2014-09-04-linux.yaml
 branches/ucs-3.2/ucs-3.2-3/doc/errata/staging/2014-09-04-univention-kernel-image.yaml
Comment 3 Philipp Hahn univentionstaff 2014-09-05 11:40:45 CEST
r53395 | Bug #35808,Bug #35826: Kernel update for Xen & KVM

FYI: KVM patch for Bug #35808 verified by customer.
OK: amd64 boots and KVM works.

$ /usr/sbin/announce_errata -V 2014-09-04-linux.yaml
"2014-09-04-linux.yaml" looks valid
$ /usr/sbin/announce_errata -V 2014-09-04-univention-kernel-image.yaml
"2014-09-04-univention-kernel-image.yaml" looks valid
Comment 4 Philipp Hahn univentionstaff 2014-10-14 16:07:59 CEST
Patch was applied in upstream stable 3.10 kernel: <https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.56>
commit bdbdc4076c10ae9d3a83b37c79fc74827e776bf9
<https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=bdbdc4076c10ae9d3a83b37c79fc74827e776bf9>
Comment 5 Erik Damrose univentionstaff 2014-10-15 14:46:04 CEST
OK i386 & amd64 update/reboot
OK virtualization functionality
OK yaml
Verified