Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 230976

Summary: A timing window that causes double freeing file_lock entry
Product: Red Hat Enterprise Linux 4 Reporter: Tadashi Iwashita <tadashi.iwashita>
Component: kernelAssignee: Dave Anderson <anderson>
Status: CLOSED DUPLICATE QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 4.4CC: jbaron, lwang, staubach
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-05-16 21:30:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Attachments:
Description Flags
crash "log" command output at kernel panic
none
crash "log" command output at system hang
none
flock patch none

Description Tadashi Iwashita 2007-03-05 09:16:48 UTC
Description of problem:
Encountered (1) a kernel panic and (2) a system hang on web server running 
with mod_jk when ApacheBench tool from another node started. 

(1) kernel panic
Panic at line 168 on fs/lock.c displaying "Attempting to free lock on active 
lock list" due to a bad fl_link. Please see the the output of crash "log" 
command (attached as kernel_panic.txt).
(2) system hang
Loop at line 737 on fs/lock.c with holding lock_kernel due to a self-linked 
fl_next. Please see the output of crash "log" command (attached as 
system_hang.txt).

Version-Release number of selected component (if applicable):
kernel-2.6.9-42.ELsmp
mod_jk-1.2.20

How reproducible:
Always

Steps to Reproduce:
Just run ApacheBench tool for SMP web server.
  
Additional info:
With some kinds of kernel trapper and by looking at the kernel dump, it is 
most likely that the problem was caused by double freeing file_lock entry at a 
timing window. Checked LKML, then found http://lkml.org/lkml/2006/5/17/261 and 
the patch for this issue has already been applied to upper version.

ApacheBench worked normally with the patch (attached flock.patch), so please 
consider applying this patch to the next stability updates or as a security 
update. Thanks.

Comment 1 Tadashi Iwashita 2007-03-05 09:16:48 UTC
Created attachment 149251 [details]
crash "log" command output at kernel panic

Comment 2 Tadashi Iwashita 2007-03-05 09:20:18 UTC
Created attachment 149253 [details]
crash "log" command output at system hang

Comment 3 Tadashi Iwashita 2007-03-05 09:21:43 UTC
Created attachment 149254 [details]
flock patch

Comment 4 Linda Wang 2007-03-09 16:37:34 UTC
*** Bug 230978 has been marked as a duplicate of this bug. ***

Comment 5 RHEL Product and Program Management 2007-05-09 06:58:34 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 6 Ernie Petrides 2007-05-16 21:30:28 UTC

*** This bug has been marked as a duplicate of 234367 ***