Bug 477744 - (CVE-2008-5713) CVE-2008-5713 kernel: soft lockup occurs when network load is very high
CVE-2008-5713 kernel: soft lockup occurs when network load is very high
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 471398 477745 477746
  Show dependency treegraph
Reported: 2008-12-23 04:08 EST by Eugene Teo (Security Response)
Modified: 2010-12-21 12:55 EST (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-12-21 12:55:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
reproducer (1.03 KB, text/plain)
2008-12-23 04:09 EST, Eugene Teo (Security Response)
no flags Details

  None (edit)
Description Eugene Teo (Security Response) 2008-12-23 04:08:04 EST
From Flavio Leitner:
On many core SMP machine (such as 16 core or more), soft lockup can occur when heavy network load are produced concurrently.

The lockup happens at __qdisc_run()(@net/sched/sch_generic.c:line 84). Because driver continue to send packet and return NETDEV_TX_OK, __qdisc_run() can't exit from qdisc_restart() loop.

This behavior may improve throughput, but some application can stuck over 10s.
This issue has been fixed on vanilla kernel.

Version-Release number of selected component:
kernel version: 2.6.18-92.el5 (RHEL5.2GA)

How reproducible:
It can be reproducible in dozens of seconds, on 16 core SMP box. This issue is easy to happen, when UDP workload is very high.

Steps to Reproduce:
On 16 core SMP machine, execute netperf in higher than 16 parallel with the following options, then it occurs at a client side.

# netperf -H <netserver_address> -l 60 -t UDP_STREAM -- -s 262144 -r 262144 -m

Actual results:
A lot of soft lockup messages are recorded into syslog, and performance problem appears in some applications.

Expected results:
In kernel, any CPU doesn't dedicate to some work without schedule() for a long time.

Hardware info:

Business impact:
It makes customer's applications unresponsive too long and it makes impossible to apply RHEL5.2 to performance/latency sensitive systems.

Additional info:
git patch: [NET]: Add preemption point in qdisc_run
Comment 1 Eugene Teo (Security Response) 2008-12-23 04:09:55 EST
Created attachment 327745 [details]
Comment 2 Eugene Teo (Security Response) 2008-12-23 04:10:23 EST
(In reply to comment #1)
> Created an attachment (id=327745) [details]
> reproducer

Note netperf must be installed. Reproducer triggers the loockup for me safely with 40 tasks (the second cmd line parameter) on 16cpu machine. The first parameter is hostname of computer where "netserver" (part of netperf package) is running.
Comment 10 Vincent Danen 2010-12-21 12:55:22 EST
This was addressed via:

Red Hat Enterprise Linux version 5 (RHSA-2009:0264)

Note You need to log in before you can comment on or make changes to this bug.