Re: A NFS client partial file corruption problem in recent/current kernels

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2018-09-11 at 17:39 -0400, Chris Siebenmann wrote:
> > This has nothing to do with mount options. Buffered reads of a file
> > that is being written to over NFS without using locking is
> > inherently
> > unsafe. That always has been the case...
> > 
> > Both writes and reads can be reordered by the RPC layer on both the
> > client and the server, and they can be further reordered by the
> > NFS layer on the server. In practice, this means that you can find
> > yourself reading parts of the file that have not yet completed
> > being
> > written to, because, for example, a write that extended the file
> > from
> > offset 4096- 8191 completed before the write that was supposed to
> > extend it from offset 0-4095 was processed by the server.
> 
>  Our issue also happens when the writes are done on the fileserver,
> though, and they occur even if you allow plenty of time for the
> writes
> to settle. I can run my test program in a mode where it explicitly
> waits
> for me to tell it to continue, do the appending to the file on the
> fileserver, 'sync' on the fileserver, wait five minutes, and the NFS
> client will still see those zero bytes when it tries to read the new
> data.
> 
> (To make sure the 'five minutes' bit wasn't hyperbole, I just tested
> it.)
> 

That's happening because we're not optimising for the broken case, and
instead we assume that we can cache data for as long as the file is
open and unlocked as indeed the close-to-open cache consistency model
has always stated that we can do.

Trying to invalidate the cache on every unexpected attribute change
leads to a lot of unnecessary missed cached hits when doing ordinary
I/O because it means we toss out the cache on every reordered write,
every link, unlink, rename, etc of the file.
IOW it has a large performance impact following a number of operations
that are perfectly legal and indeed common under the close-to-open
model while failing to fix the problems of the close-to-open violating
model.

-- 
Trond Myklebust
Linux NFS client maintainer, Hammerspace
trond.myklebust@xxxxxxxxxxxxxxx






[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux