Bug 230976 - A timing window that causes double freeing file_lock entry
Summary: A timing window that causes double freeing file_lock entry
Status: CLOSED DUPLICATE of bug 234367
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
(Show other bugs)
Version: 4.4
Hardware: All Linux
medium
high
Target Milestone: ---
: ---
Assignee: Dave Anderson
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
: 230978 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-05 09:16 UTC by Tadashi Iwashita
Modified: 2007-11-17 01:14 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-16 21:30:28 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
crash "log" command output at kernel panic (24.62 KB, text/plain)
2007-03-05 09:16 UTC, Tadashi Iwashita
no flags Details
crash "log" command output at system hang (22.90 KB, text/plain)
2007-03-05 09:20 UTC, Tadashi Iwashita
no flags Details
flock patch (1.92 KB, patch)
2007-03-05 09:21 UTC, Tadashi Iwashita
no flags Details | Diff

Description Tadashi Iwashita 2007-03-05 09:16:48 UTC
Description of problem:
Encountered (1) a kernel panic and (2) a system hang on web server running 
with mod_jk when ApacheBench tool from another node started. 

(1) kernel panic
Panic at line 168 on fs/lock.c displaying "Attempting to free lock on active 
lock list" due to a bad fl_link. Please see the the output of crash "log" 
command (attached as kernel_panic.txt).
(2) system hang
Loop at line 737 on fs/lock.c with holding lock_kernel due to a self-linked 
fl_next. Please see the output of crash "log" command (attached as 
system_hang.txt).

Version-Release number of selected component (if applicable):
kernel-2.6.9-42.ELsmp
mod_jk-1.2.20

How reproducible:
Always

Steps to Reproduce:
Just run ApacheBench tool for SMP web server.
  
Additional info:
With some kinds of kernel trapper and by looking at the kernel dump, it is 
most likely that the problem was caused by double freeing file_lock entry at a 
timing window. Checked LKML, then found http://lkml.org/lkml/2006/5/17/261 and 
the patch for this issue has already been applied to upper version.

ApacheBench worked normally with the patch (attached flock.patch), so please 
consider applying this patch to the next stability updates or as a security 
update. Thanks.

Comment 1 Tadashi Iwashita 2007-03-05 09:16:48 UTC
Created attachment 149251 [details]
crash "log" command output at kernel panic

Comment 2 Tadashi Iwashita 2007-03-05 09:20:18 UTC
Created attachment 149253 [details]
crash "log" command output at system hang

Comment 3 Tadashi Iwashita 2007-03-05 09:21:43 UTC
Created attachment 149254 [details]
flock patch

Comment 4 Linda Wang 2007-03-09 16:37:34 UTC
*** Bug 230978 has been marked as a duplicate of this bug. ***

Comment 5 RHEL Product and Program Management 2007-05-09 06:58:34 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 6 Ernie Petrides 2007-05-16 21:30:28 UTC

*** This bug has been marked as a duplicate of 234367 ***


Note You need to log in before you can comment on or make changes to this bug.