Received: by 2002:a05:6358:e9c4:b0:b2:91dc:71ab with SMTP id hc4csp2243552rwb; Fri, 5 Aug 2022 16:37:39 -0700 (PDT) X-Google-Smtp-Source: AA6agR5Lv5+Cuf3LvDKIz+mHUTcIyXiuXzP3mu3xd/cpuVC3xoCaX3zNZr4j9jfLH7WRsqLS4fF1 X-Received: by 2002:a65:558c:0:b0:415:f20b:9261 with SMTP id j12-20020a65558c000000b00415f20b9261mr7213766pgs.63.1659742659535; Fri, 05 Aug 2022 16:37:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1659742659; cv=none; d=google.com; s=arc-20160816; b=RDJpo5DGJYbpDtv6ANmlEz6kZQLfiZ00uj8gABtdCWQTJiWPIMCHp+l3ZnLzYi0dw6 EkZlqjD5R0WJo4VHUnQt9MINu2QiTVz1PJICQGqy8Q4iN3Fvlq2sD4xlgkdIwMI8Cvae 5lcy/TLGHD+zIW0CluB/Ae2qEwe+6ML4MX+GOQOCRgVrt8LA8oXK52xcUl4Cu5a+5oHQ I3vYvuvDYX33pPL4ff2tpYqB9WHkBrMiTxLhCcJYD44ijyfqpOAYZbLwZEo4rIQDHo3K akVrYYXebWIaBqlFIehfi7PJQVSAjpRfI0sIp5h7wUbIsBSkVMhbJnXOMNHRJR1rklUS 8R1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:subject:message-id:date:from:mime-version :dkim-signature; bh=sLkqhWS0z1StVd37v6tEtv9+l8BvQZP/Jy1+OiWgKb4=; b=O8f/T0ly28kpbn7DbeLVjIc14QJrLexRHr4BQZ11oLhJcIyCpO31h2+IUqGzBnmA93 Tn1n6TjINVvzjNMH3SQscJWofHTpiBXLtDsMCS1pRMtWN/xnx8Tkzvk86VDLapHMTJN6 pzpXNANly3EsaiwORVlYu1pXWPOPxvyDQu9aIkFjDW4yoaePYgCUJDLrwto5qUkI7MNr qBK97lPFv1ySQp2EFqguqlUG0RhJu5YXrkK6B4x/euQnbI9iWlYxcJfuslYKn7zibO0a 7Qb0m8M3vMdlvu//g0vRvPCOIZgWRVD2ovUjwUpEHKtprl8j18cUodMbJrtRczvPQIq7 xg3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=dfsrVISd; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r2-20020a1709028bc200b0016a496aedefsi4840293plo.300.2022.08.05.16.37.12; Fri, 05 Aug 2022 16:37:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=dfsrVISd; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241576AbiHEXR7 (ORCPT + 99 others); Fri, 5 Aug 2022 19:17:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40670 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241449AbiHEXR6 (ORCPT ); Fri, 5 Aug 2022 19:17:58 -0400 Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A201811C0E for ; Fri, 5 Aug 2022 16:17:57 -0700 (PDT) Received: by mail-lf1-x12a.google.com with SMTP id t1so5317283lft.8 for ; Fri, 05 Aug 2022 16:17:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc; bh=sLkqhWS0z1StVd37v6tEtv9+l8BvQZP/Jy1+OiWgKb4=; b=dfsrVISdOklaGakzrtQrlHJ8V1tNkwzAsnG9RrJD5jhMNo/JkBIors/iIL36ImT9Q6 4Lef7XPnzkuIDP8VzJYa9fKQ0ANGsPeVtV66W1Hn6QokPhRzSh3a76ZmArY/9lYc7GRZ xOHWITJGofONn0CPzNQ4QX5yJr90M17wY4EBSmg8X01NohIlwTi/8pCx7z41YkgJ071O 0IjcM64LhGo2Jvntb3dBNYSuP+qFaRrPvqHX33ZKsZX4d+1Bqjhb4u8GHBYyd4ypfrit b7pnTpxm69WDc7nMTV48smfUdh7eZgEOw1oKa6N6ucsVvwajEe0Zv/8VSgYE9EosvG6W dpMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc; bh=sLkqhWS0z1StVd37v6tEtv9+l8BvQZP/Jy1+OiWgKb4=; b=dX/r7yQ6Q/Du3sBV4Y/7eKiEd4U7Z33f/Fc+aqbY7jDLO0kM09m97rrjbrtSNCyeRt 958BSg6Ezsugve5vho9fdWIXbVHWyb2ld37u6nOnf1hLUgL+Buu4aCwUpHadM5+xIZqN bQ5HgAfCFrJUvYRdzmRjLT0nVnNxQaMwomVyqSwDCV1JeH4CGSJMUB2o9cfKwtTm2Lzg q7oKp3mNU06Dnbsbpghi8r6JfLTBQZYYiEx5rR1OlthQ71umKmXVb4u0Z2sy3/L3gen5 jOm/A3B9iGBgBHf9Csudyr4wuWdk1e8HIu2SqgoODFp3aOC8ewEthwHQfmY1XDi4rIsF KCnQ== X-Gm-Message-State: ACgBeo2h/+WD/+xLvQ2QZ4L+1YGW80TgQDGy7Kttk4SzEk3Pvm8WhEk1 MqA0QtrAUnOSilQjxxGvSxA7lEm5iPCHUelTOFnthFBPwjA= X-Received: by 2002:a19:5e55:0:b0:48a:f08a:6c3c with SMTP id z21-20020a195e55000000b0048af08a6c3cmr3018940lfi.56.1659741475384; Fri, 05 Aug 2022 16:17:55 -0700 (PDT) MIME-Version: 1.0 From: Jan Kasiak Date: Fri, 5 Aug 2022 19:17:43 -0400 Message-ID: Subject: Question about nlmclnt_lock To: Linux NFS Mailing List Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org Hi, I was looking at the code for nlmclnt_lock and wanted to ask a question about how the Linux kernel client and the NLM 4 protocol handle some errors around certain edge cases. Specifically, I think there is a race condition around two threads of the same program acquiring a lock, one of the threads being interrupted, and the NFS client sending an unlock when none of the program threads called unlock. On NFS server machine S: there exists an unlocked file F On NFS client machine C: in program P: thread 1 tries to lock(F) with fd A thread 2 tries to lock(F) with fd B The Linux client will issue two NLM_LOCK calls with the same svid and same range, because it uses the program id to map to an svid. For whatever reason, assume the connection is broken (cable gets pulled etc...) and `status = nlmclnt_call(cred, req, NLMPROC_LOCK);` fails. The Linux client will retry the request, but at some point thread 1 receives a signal and nlmclnt_lock breaks out of its loop. Because the Linux client request failed, it will fall through and go to the out_unlock label, where it will want to send an unlock request. Assume that at some point the connection is reestablished. The Linux kernel client now has two outstanding lock requests to send to the remote server: one for a lock that thread 2 is still trying to acquire, and one for an unlock of thread 1 that failed and was interrupted. I'm worried that the Linux client may first send the lock request, and tell thread 2 that it acquired the lock, and then send an unlock request from the cancelled thread 1 request. The server will successfully process both requests, because the svid is the same for both, and the true server side state will be that the file is unlocked. One can talk about the wisdom of using multiple threads to acquire the same file lock, but this behavior is weird, because none of the threads called unlock. I have experimented with reproducing this, but have not been successful in triggering this ordering of events. I've also looked at the code of in clntproc.c and I don't see a spot where outstanding failed lock/unlock requests are checked while processing lock requests? Thanks, -Jan