[Bug 880599] New: nfsv3 + ext3 + quotas = error -5 when attempting revoke
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c0 Summary: nfsv3 + ext3 + quotas = error -5 when attempting revoke Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: x86-64 OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jimc@math.ucla.edu QAContact: qa-bugs@suse.de Found By: --- Blocker: --- Versions: kernel-desktop-3.11.10-11.1.x86_64, also 3.11.6, also kernel-default nfs-client-1.2.8-4.13.1.x86_64 nfs-kernel-server-1.2.8-4.13.1.x86_64 quota-4.01-2.1.2.x86_64 quota-nfs-4.01-2.1.2.x86_64 The problem occurs when all of these elements are present: 1. NFS server exports an ext3 (not ext4) filesystem. 2. User block quotas are turned on for this filesystem. 3. Client mounts it with Nfsvers=3 (not 4) in /etc/nfsmount.conf 4. The user, executing on the client, writes a lot of stuff to a file rapidly and runs himself over quota. In production, some X-Windows app spews error messages and fills up ~/.xsession-errors. In the test scenario I do dd if=/dev/zero of=oinkage.dat bs=1M . The correct outcome is that the writer should get EDQUOT (quota exceeded) and die. Two actual outcomes are seen. In the test scenario given below, the writer gets EIO (I/O error). In the more complex production environment, the user may not receive any error -- in one case, ~/.xsession-errors had 291Gb (GIGA bytes) of garbage. But the filesystem eventually remounts itself readonly and the homedir server has to be rebooted. In no case was any corruption ever found in the filesystem. In the test scenario, for a user with 750Mb quota, in a non-failing configuration, the user will get EDQUOT when the file has 770 or 780Mb, i.e. there is some overage committed to be written when the quota system realizes that the user is over quota. In a failing configuration the overage is much greater and more variable, for example 1.4Gb. In the production environment we don't have good statistics for what error the users received (beyond EROFS readonly filesystem) and how much over quota they went, but in at least one case the quota was completely ineffective. It is not proven whether rapidness is an essential element in setting off the bug. It is possible that a process writing slowly would be equally poisonous but would have been noticed and killed by the user before he went over quota. To set off the failure: 1. These notes were done on kernel 3.11.6-4 but 3.11.10-11.1 was later tested and behaved the same. 2. Create an ext3 filesystem on the NFS server. For us it's mounted on /s1 . 3. Create /s1/aquota.user and populate it with our standard quotas. For this test the user is mathtest and his soft block quota is 500Mb, hard quota is 750Mb. (And give mount option "quota" and do "quotaon /s1".) 3. Export /s1 in /etc/exports. 4. Executing on the client, create a directory for each of 500 users containing some random files totalling about 2Mb per user. Nobody is over quota. No errors reported. This step is probably not essential but I'm just documenting what I did. 5. Executing on the client, fill up Mathtest's file rapidly. The exact command line was: su -c "dd if=/dev/zero of=/net/ocelot/s1/fs-abuse.d/mathtest/oinkage.dat bs=1M" mathtest 6. The writer invariably gets EIO (I/O error), not EDQUOT (quota exceeded). 7. Not a peep in syslog. I'm assuming without proof that if I had continued to abuse the filesystem, or done some different sequence of I/O operations, I would have gotten the filesystem to remount readonly. The following information comes from the production failures. The home directory filesystems are on RAID-5 with Megaraid cards, formatted with ext3. Only two particular filesystems on two servers remount themselves readonly. When this happens, ~/.xsession-errors for two users (one per filesystem) is found to be bloated due to an error message loop in an X-Windows app they use. The problem began immediately after the servers were upgraded from OpenSuSE 11.4 with kernel 2.6.37, to OpenSuSE 13.1 with kernel 3.11.10-7.1. (Later downgraded to 3.11.6-4, didn't help.) See the attachment for syslog messages upon one of the remounts. Workarounds: 1. Fix the malfunctioning app so users don't go over quota. 2. Disable quotas on the affected filesystems. 3. Upgrade from ext3 to ext4 (big job). 4. Use the default NFS protocol of NFSv4. Bugfixes in 3.11.10-11.1 apparently have resolved the idmapd upcall problems that were messing us up formerly, and also, finishing upgrades to SuSE 13.1 make the name translation problems a non-issue. This is the workaround we are currently using. Success so far, cross fingers. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c1 --- Comment #1 from James Carter <jimc@math.ucla.edu> 2014-05-29 19:06:10 UTC --- Created an attachment (id=592619) --> (http://bugzilla.novell.com/attachment.cgi?id=592619) Syslog messages when the filesystem remounted readonly Note that the filesystem really is ext3 even though EXT4-fs is reporting the errors and is named in the backtrace. The remount was noticed and the host was rebooted an hour later. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c zhang jiajun <jzhang@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jzhang@suse.com AssignedTo|bnc-team-screening@forge.pr |nfbrown@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c2 Neil Brown <nfbrown@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nfbrown@suse.com AssignedTo|nfbrown@suse.com |jack@suse.com --- Comment #2 from Neil Brown <nfbrown@suse.com> 2014-06-05 01:38:39 UTC --- Re-assigning to Jack as this seems to be an ext[34]/quotas problem more than an NFS problem. With NFSv3, the client doesn't find out about quota problems until the data is actually sent to the server, and that can be delayed quite a while as writes are cached on the client and sent lazily. If you were to mount with "-o sync" you would get quota errors immediately, but performance would be terrible, so that isn't a good idea. If you reduce /proc/sys/vm/dirty_bytes to a few hundred meg, that would limit the overage to a few hundred meg without hurting performance too much. However that may still be more overage than you would like. How much memory does your client have? I cannot really see why NFSv4 would make a difference. It does have some knowledge of quotas, were NFSv3 has none, but the Linux code doesn't appear to use that at all. I might try some experiments myself to see what happens when you exceed quotas via NFS. However I think we need to start by resolving the ext3/4 issue as that seems to be the main problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c3 Jan Kara <jack@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P2 - High Status|NEW |ASSIGNED --- Comment #3 from Jan Kara <jack@suse.com> 2014-06-05 08:50:54 UTC --- Yeah, this looks really weird. Thanks for report! So I see where the problem is with ext3/4 failure but it's only indirectly related to the quota problem - due to quota we fail in the middle of allocating indirect blocks and cleanup path has a bug in it which trips up assertion in JBD2. Anyway, I'll attach here a fix for the ext4 bug in a moment so that we can concentrate on the quota problem afterwards. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c4 --- Comment #4 from Jan Kara <jack@suse.com> 2014-06-05 09:44:14 UTC --- Created an attachment (id=593464) --> (http://bugzilla.novell.com/attachment.cgi?id=593464) [PATCH] ext4: Fix buffer double free in ext4_alloc_branch() This patch should fix the problem with filesystem getting remounted read-only. I'll publish a test kernel for you in a while. And thanks again for your report because I've been scratching my head over another manifestation of this bug for quite some time already :). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c5 Jan Kara <jack@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |jimc@math.ucla.edu --- Comment #5 from Jan Kara <jack@suse.com> 2014-06-05 10:25:30 UTC --- OK, built kernel with patch from comment 4 should soon appear at http://beta.suse.com/private/jack/880599/. Can you please test it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c6 James Carter <jimc@math.ucla.edu> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|jimc@math.ucla.edu | --- Comment #6 from James Carter <jimc@math.ucla.edu> 2014-06-09 20:11:16 UTC --- Sorry to be slow testing the patched kernel, but we had to respond to CVE-2014-0224, and then the issues came up described in bug 881912, which may or may not be related to this one. The production and test servers are set up as i686 (vs. x86_64). I installed the patched iernel (kernel-default-3.11.10-0.x86_64.rpm) on a x86_64 test machine and got different results, plus I re-did my tests on the i686 server and got similar but not identical results. By the way, I'm not concerned if the user succeeds in writing significantly beyond his quota, but it seems like a useful piece of data for analysing the problem, so I report it when it happens. I'm still using "dd if=/dev/zero of=$dir/oinkage.dat bs=1M", executing on the client as the user (mathtest), to try to set off the bug(s). In this table, Kernel = what the server uses (11-0 = Jack's test kernel, 11-10 = distro's updated standard kernel), and NFSv = the NFS version that the client is using. For the first 8 tests, both the servers and the clients were x86_64. For the last 2 the server was i686, clients were x86_64. Kernel NFSv Fsys Outcome 10-0 4 ext4 EDQUOT (good), cut at 750Mb, very little overage 10-11 4 ext4 No signal (bad), had to kill writer 10-0 3 ext4 EDQUOT (good), "quota -v -l mathtest" claims to be using 750000 blocks, but the file is 1180467200 bytes or 1.18Gb. After I ran quotacheck, says 750004 blocks. 10-11 3 ext4 EDQUOT (good), "quota -v -l mathtest" claims to be using 750000 blocks, but the file is 888827904 bytes or 889Mb. After quotacheck, still says 750000 blocks. 10-0 3 ext3 EDQUOT (good), cut off at 1.4Gb, quota says 750Mb 10-11 3 ext3 EDQUOT (good), cut off at 750Mb, very little over Repetitions: ***** 5 all the same exc. overage 10-0 4 ext3 EDQUOT (good), cut off at 750Mb, very little over Repetitions: ***** 5 all the same exc. overage 10-11 3 i686 ext3 EDQUOT (good), cut at 1.1Gb (from 10-11 x86_64) More repetitions: EDQUOT EDQUOT 10-11 3 i686 ext3 EDQUOT (good), cut at 750Mb+ (from 10-0 x86_64) More repetitions: EIO EIO The client that gets EDQUOT is about 1.3x faster than the one getting EIO. All 3 machines are connected by a gigabit hub with little competing traffic, so network speed likely does not affect the results. Conclusion: The originally reported scenario on i686 has not self-healed, but instead of failing "every" time, it fails "most of the time" on the original client but never on a different client. When testing on x86_64 and ext3 I got no failures at all, either on the patched kernel or the standard kernel, but I got one failure (no EDQUOT, no EIO, no signal at all) with the combination of ext4, NFSv4, standard kernel, neither of which had failed before. Odysseus successfully squeezed information out of the god Proteus, and I think we need to learn from him to solve this bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c7 --- Comment #7 from Neil Brown <nfbrown@suse.com> 2014-06-10 00:48:01 UTC --- When quota reports a smaller size than the file is it is probably due to "holes" in the file. You can confirm this with "ls -ls" which reports the amount of space allocated (in a new column at the start of each line) and the index just beyond the last byte in the file (normal 'size' value). NFS will not always write blocks in the order you would expect. If it writes the last block while the user is still under quota, then writes the earlier blocks some of those writes could fail leaving the total allocate space small while the index-of-last-byte is still large. If this explanation is correct, then it looks like the new kernel - 10-0 - is working correctly.(?) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c8 --- Comment #8 from James Carter <jimc@math.ucla.edu> 2014-06-10 05:49:57 UTC --- Thanks for that explanation; I didn't think of writing blocks out of order. Next time I run the test I'll check the file for sparseness. No fault was seen with Jack's patched kernel (3.11.10-0). But that doesn't answer your question -- I was unhappy to find that my test procedure does not reliably set off the bug on command, but rather has contingencies suggesting a race condition. Next time let's test on kernel-desktop for i686, to use the machine most likely to fail on the standard kernel. And I was also unhappy to discover that it could still mess up even though NFSv4 was used. I thought that would be an intervention that would bypass the bug -- evidently not. Better to discover that in testing rather than in production. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c9 Jan Kara <jack@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |jimc@math.ucla.edu --- Comment #9 from Jan Kara <jack@suse.com> 2014-06-11 13:17:39 UTC --- Ok, thanks for testing! I've pushed the fix to openSUSE 13.1 kernel. So is there anything else we should look into or can I close this bug? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c10 James Carter <jimc@math.ucla.edu> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|jimc@math.ucla.edu | --- Comment #10 from James Carter <jimc@math.ucla.edu> 2014-06-11 17:15:53 UTC --- Thanks for your work on this. It looks like the patch should solve the problem. But just for paranoia's sake, could you build us a test kernel for i686, because the particular client and i686 server fails almost all the time. If the problem disappears with that combination, I would have more confidence that we had caught "THE shark" rather than just "a shark". I don't like problems which require unknown and uncontrollable timing contingencies to be reproduced. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c11 Jan Kara <jack@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |jimc@math.ucla.edu --- Comment #11 from Jan Kara <jack@suse.com> 2014-06-12 13:19:35 UTC --- OK, i586 kernels should soon appear at: http://beta.suse.com/private/jack/880599/ Please report whether they are fine as well. Thanks! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c12 --- Comment #12 from Bernhard Wiedemann <bwiedemann@suse.com> 2014-06-13 11:01:18 CEST --- This is an autogenerated message for OBS integration: This bug (880599) was mentioned in https://build.opensuse.org/request/show/237091 13.1 / kernel-source -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |obs:running:2876:important -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c13 James Carter <jimc@math.ucla.edu> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|jimc@math.ucla.edu | --- Comment #13 from James Carter <jimc@math.ucla.edu> 2014-06-15 01:11:28 UTC --- Curse, curse, my i686 test machine crashed and nobody is on site due to parents attending graduation ceremonies taking up all the parking.... You don't want to know. Anyway, I attempted to do tests on other i686 machines, similar but not identical. I did a lot of trials (dd if=/dev/zero of=/net/$HOST/mathtest/oink.dat bs=1M) with both kernel 3.11.10-11.1 and 3.11.10-0, The NFS client had 3.11.10-11.1 and mounted with Nfsvers=3 in /etc/nfsmount.conf. The target filesystem was ext3 but was actually a 1Gb file attached to a loop device, on both servers, whereas on Ocelot the bare metal was ext3. Hiss, boo. On 3.11.10-11.1, 77 trials. Most got EDQUOT (quota exceeded). Two got EIO (I/O error). 14 got Stale NFS Filehandle, but those shouldn't count because I removed the target file on the server before the client had closed it (even though the server was refusing to write anything because the user was over quota). (I messed up a test script.) I was hoping to get consistent misbehavior, which could then be shown to be cured by the test kernel, but that's not how it worked out. On 3.11.10-0, 12 trials, most got EDQUOT, one got EIO (I/O error). In all EDQUOT outcomes, writing was cut off exactly at the quota limit, although the files were sparse, i.e. the last written block was further along, sometimes quite a bit, i.e. over 1Gb when the quota was 750Mb. So the conclusion has to be, kernel 3.11.10-0 is no worse than 3.11.10-11.1, and given that you fixed a bug, we should move forward with this patch. But I'm afraid we haven't seen the last of the NFS problems. Next week when I can get at the original test machine (Ocelot) I'll re-test, and I'll post something if the results are significantly different from the above. If I hit something in the future and can come up with a procedure to reproduce it, I'll open a new bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c14 Jan Kara <jack@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #14 from Jan Kara <jack@suse.com> 2014-06-17 15:08:36 UTC --- OK, thanks. I'm closing the bug for now. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=880599 https://bugzilla.novell.com/show_bug.cgi?id=880599#c15 --- Comment #15 from Swamp Workflow Management <swamp@suse.de> 2014-06-25 07:09:36 UTC --- openSUSE-SU-2014:0840-1: An update that solves 9 vulnerabilities and has 15 fixes is now available. Category: security (important) Bug References: 851338,858067,868315,869563,870173,870576,871561,872715,873374,876102,876981,877257,877713,877721,878115,878274,879258,879792,880599,880613,880892,881697,881727,882648 CVE References: CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3153 Sources used: openSUSE 13.1 (src): cloop-2.639-11.10.1, crash-7.0.2-2.10.9, hdjmod-1.28-16.10.1, ipset-6.21.1-2.14.1, iscsitarget-1.4.20.3-13.10.1, kernel-docs-3.11.10-17.6, kernel-source-3.11.10-17.2, kernel-syms-3.11.10-17.1, ndiswrapper-1.58-10.1, pcfclock-0.44-258.10.1, vhba-kmp-20130607-2.11.1, virtualbox-4.2.18-2.15.2, xen-4.3.2_01-18.2, xtables-addons-2.3-2.10.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=880599 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:2876:important | -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com