Bug 986586 - out of memory (oom) during boot on "modprobe xenblk" (non xen kernel)
out of memory (oom) during boot on "modprobe xenblk" (non xen kernel)
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE 13.1
Classification: openSUSE
Component: Xen
Final
Other Other
: P5 - None : Normal (vote)
: ---
Assigned To: Michal Marek
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-06-27 07:31 UTC by Markus Greger
Modified: 2016-10-13 19:17 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Greger 2016-06-27 07:31:58 UTC
I've built kernel 4.6.2 and on booting I noticed a long wait and an oom issue.

It turned out that /etc/modprobe.d/50-xen.conf contained
install xen-blkfront /sbin/modprobe xenblk

xen-blkfront wouldn't load (no such device) and as the line was missing "--ignore-install" a recursive loop resulted which lead to out of memory.
Comment 1 Takashi Iwai 2016-06-27 09:46:42 UTC
Who provides /etc/modprobe.d/50-xen.conf?  This doesn't look like a kernel problem.
Comment 2 Mike Latimer 2016-07-05 22:23:27 UTC
(In reply to Takashi Iwai from comment #1)
> Who provides /etc/modprobe.d/50-xen.conf?  This doesn't look like a kernel
> problem.

This file was originally created to deal with the indirect descriptor problem in AWS environments (for example, bug 957986). However, this problem is specific to pre-pvops enabled kernels - such SLES12SP1 (3.12) or openSUSE 13.2 (3.16). SLES12SP2 and Tumbleweed (>=4.x kernels) do not need these rules.  In other words, I am not sure why this rule exists in a 4.6.2 tree.

Also, the contents of the file described in comment #0 seems to come from the PV version of this file - which (again) should not exist in a pvops enabled kernel.

Maybe Michal can fill in some gaps here?
Comment 3 Mike Latimer 2016-07-05 22:26:09 UTC
(In reply to Markus Greger from comment #0)
> install xen-blkfront /sbin/modprobe xenblk
> 
> xen-blkfront wouldn't load (no such device) and as the line was missing
> "--ignore-install" a recursive loop resulted which lead to out of memory.

Regarding this issue, to be safe, it is likely more correct to modify these rules to include the --ignore-install option. If we decide to go this route, we'd need to change all 4 possible rule combinations to be something like:

> install xen-blkfront /sbin/modprobe xenblk 2>&1 |:; /sbin/modprobe --ignore-install xen-blkfront

Do you agree with this change, Michal?
Comment 4 Takashi Iwai 2016-07-06 06:14:23 UTC
Michal is on vacation in this week.

Now looking at the bug description, I noticed that the reporter *built* the kernel: so 50-xen.conf might remain from the old (openSUSE 13.1?) system, and no wonder that it doesn't fit any longer.

In anyway, it sounds like a good idea to make it robust, especially for SLE12.  User may want just to try SP2 kernel on SP1 system like this case.
Comment 5 Michal Marek 2016-07-11 15:19:55 UTC
What is the exact content of your /etc/modprobe.d/50-xen.conf? Normally, only one of the lines is enabled and there is no loop and no need for --ignore-install. Sure, if you have the SP1 kernel installed and build a newer kernel, it might block loading of the xen-blkfront module.
Comment 6 Markus Greger 2016-07-12 15:06:04 UTC
/etc/modprobe.d/50-xen.conf is now like below. Without "--ignore-install" it leads to a loop in cases when xen-blkfront won't load.

# Two different versions of the xen frontend block driver exist:
#
#   traditional implementation
#   pvops-based implementation
#
# In order to enable indirect descriptors with some non-SUSE hypervisor
# environments, it may be necessary to switch from the traditional
# implementation to the pvops-based implementation. To do this, ensure
# the appropriate section below is uncommented, and rebuild the initrd.
#
### Enable the traditional implementation of blkfront
install xen-blkfront /sbin/modprobe --ignore-install xenblk
#
### Enable the pvops-based implementation of blkfront
#install xenblk /sbin/modprobe xen-blkfront
Comment 7 Michal Marek 2016-08-17 14:54:03 UTC
I see the problem now: xen-blkfront has a "xenblk" alias for compatibility with the out of tree drivers :(
Comment 8 Swamp Workflow Management 2016-08-17 16:17:37 UTC
SUSE-SU-2016:2093-1: An update that solves 27 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 900418,949889,953339,953362,953518,954872,957986,958848,961600,963161,964427,973188,973631,974038,975130,975138,975907,976058,976111,978164,978295,978413,979620,979670,980716,980724,981264,981276,982024,982025,982026,982224,982225,982286,982695,982960,983973,983984,984981,985503,986586,988675,988676,990843,990923
CVE References: CVE-2014-3672,CVE-2016-3158,CVE-2016-3159,CVE-2016-3710,CVE-2016-3960,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441,CVE-2016-4453,CVE-2016-4454,CVE-2016-4952,CVE-2016-4962,CVE-2016-4963,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6258,CVE-2016-6259,CVE-2016-6351
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    xen-4.5.3_08-17.1
SUSE Linux Enterprise Server 12-SP1 (src):    xen-4.5.3_08-17.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    xen-4.5.3_08-17.1
Comment 9 Mike Latimer 2016-08-17 23:41:11 UTC
(In reply to Michal Marek from comment #7)
> I see the problem now: xen-blkfront has a "xenblk" alias for compatibility
> with the out of tree drivers :(

I would have still expected the existing rule to work (and it does for me). Regardless, the changes in comment #3 should address this. Michal - Is this something you can take care of?
Comment 10 Michal Marek 2016-08-18 11:18:20 UTC
The problem is, if we modify the file in the kernel-xen package, it will conflict with previous versions of kernel-xen. We could add a %post hack to edit the file maybe.
Comment 11 Swamp Workflow Management 2016-08-18 16:19:21 UTC
SUSE-SU-2016:2100-1: An update that solves 26 vulnerabilities and has 16 fixes is now available.

Category: security (important)
Bug References: 954872,955399,957986,958848,961600,963161,964427,967630,973188,974038,974912,975130,975138,975907,976058,976111,978164,978295,978413,979035,979620,979670,980716,980724,981264,981276,982024,982025,982026,982224,982225,982286,982695,982960,983973,983984,985503,986586,988675,989235,990843,990923
CVE References: CVE-2014-3672,CVE-2016-3158,CVE-2016-3159,CVE-2016-3710,CVE-2016-3960,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441,CVE-2016-4453,CVE-2016-4454,CVE-2016-4952,CVE-2016-4962,CVE-2016-4963,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6258,CVE-2016-6351
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    xen-4.4.4_07-37.1
SUSE Linux Enterprise Server 11-SP4 (src):    xen-4.4.4_07-37.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    xen-4.4.4_07-37.1
Comment 12 Swamp Workflow Management 2016-10-11 17:16:57 UTC
openSUSE-SU-2016:2494-1: An update that solves 46 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 900418,949889,953339,953362,953518,954872,955104,958848,959330,959552,961100,961600,963161,964427,970135,971949,973188,973631,974038,975130,975138,975907,976058,976111,978164,978295,978413,979620,979670,980716,980724,981264,981276,982024,982025,982026,982224,982225,982286,982695,982960,983973,983984,984981,985503,986586,988675,988676,990500,990843,990923,990970,991934,992224,993665,994421,994625,994761,994772,994775,995785,995789,995792
CVE References: CVE-2014-3615,CVE-2014-3672,CVE-2015-7512,CVE-2015-8504,CVE-2015-8558,CVE-2015-8568,CVE-2015-8613,CVE-2015-8743,CVE-2016-1714,CVE-2016-1981,CVE-2016-3158,CVE-2016-3159,CVE-2016-3710,CVE-2016-3712,CVE-2016-3960,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441,CVE-2016-4453,CVE-2016-4454,CVE-2016-4480,CVE-2016-4952,CVE-2016-4962,CVE-2016-4963,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6258,CVE-2016-6259,CVE-2016-6351,CVE-2016-6833,CVE-2016-6834,CVE-2016-6835,CVE-2016-6836,CVE-2016-6888,CVE-2016-7092,CVE-2016-7093,CVE-2016-7094
Sources used:
openSUSE Leap 42.1 (src):    xen-4.5.3_10-15.2
Comment 13 Swamp Workflow Management 2016-10-11 17:28:05 UTC
openSUSE-SU-2016:2497-1: An update that solves 38 vulnerabilities and has 20 fixes is now available.

Category: security (important)
Bug References: 953339,953362,953518,954872,955399,958848,961100,961600,963161,964427,970135,971949,973188,973631,974038,975130,975138,975907,976058,976111,978164,978295,978413,979035,979620,979670,980716,980724,981264,981276,982024,982025,982026,982224,982225,982286,982695,982960,983973,983984,984981,985503,986586,988675,990843,990923,990970,991934,992224,994421,994625,994761,994772,994775,995785,995789,995792,997731
CVE References: CVE-2014-3615,CVE-2014-3672,CVE-2016-3158,CVE-2016-3159,CVE-2016-3710,CVE-2016-3712,CVE-2016-3960,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441,CVE-2016-4453,CVE-2016-4454,CVE-2016-4480,CVE-2016-4952,CVE-2016-4962,CVE-2016-4963,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6258,CVE-2016-6351,CVE-2016-6833,CVE-2016-6834,CVE-2016-6835,CVE-2016-6836,CVE-2016-6888,CVE-2016-7092,CVE-2016-7093,CVE-2016-7094,CVE-2016-7154
Sources used:
openSUSE 13.2 (src):    xen-4.4.4_05-49.1
Comment 14 Andreas Stieger 2016-10-13 15:25:54 UTC
I'm showing this all all done
Comment 15 Swamp Workflow Management 2016-10-13 19:17:15 UTC
SUSE-SU-2016:2533-1: An update that solves 38 vulnerabilities and has 20 fixes is now available.

Category: security (important)
Bug References: 953339,953362,953518,954872,955399,957986,958848,961600,963161,964427,970135,971949,973188,973631,974038,975130,975138,975907,976058,976111,978164,978295,978413,979035,979620,979670,980716,980724,981264,981276,982024,982025,982026,982224,982225,982286,982695,982960,983973,983984,984981,985503,986586,988675,990843,990923,990970,991934,992224,994421,994625,994761,994772,994775,995785,995789,995792,997731
CVE References: CVE-2014-3615,CVE-2014-3672,CVE-2016-3158,CVE-2016-3159,CVE-2016-3710,CVE-2016-3712,CVE-2016-3960,CVE-2016-4001,CVE-2016-4002,CVE-2016-4020,CVE-2016-4037,CVE-2016-4439,CVE-2016-4441,CVE-2016-4453,CVE-2016-4454,CVE-2016-4480,CVE-2016-4952,CVE-2016-4962,CVE-2016-4963,CVE-2016-5105,CVE-2016-5106,CVE-2016-5107,CVE-2016-5126,CVE-2016-5238,CVE-2016-5337,CVE-2016-5338,CVE-2016-5403,CVE-2016-6258,CVE-2016-6351,CVE-2016-6833,CVE-2016-6834,CVE-2016-6835,CVE-2016-6836,CVE-2016-6888,CVE-2016-7092,CVE-2016-7093,CVE-2016-7094,CVE-2016-7154
Sources used:
SUSE Linux Enterprise Server for SAP 12 (src):    xen-4.4.4_04-22.22.2
SUSE Linux Enterprise Server 12-LTSS (src):    xen-4.4.4_04-22.22.2