Date: Tue, 30 Dec 2025 17:59:17 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 292049] Lock resource exhaustion can lead to system degradation Message-ID: <bug-292049-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292049 Bug ID: 292049 Summary: Lock resource exhaustion can lead to system degradation Product: Base System Version: 15.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: chwoithe@yahoo.com Attachment #266656 text/plain mime type: Created attachment 266656 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=266656&action=edit Proof of concept The attached sample program can exhaust system resources by endlessly creating locks. A user with system access can quickly degrade the system's performance. Although this takes longer than for a local user, a remote user accessing an NFSv3 lockd‑enabled share can also exhaust the remote system's resources. # kernel stack without NFSv3 (local) kernel`lf_advlock+0x45 kernel`vop_stdadvlock+0x191 kernel`VOP_ADVLOCK+0x3a kernel`kern_fcntl+0xd17 kernel`kern_fcntl_freebsd+0xa3 kernel`amd64_syscall+0x126 kernel`0xffffffff8105080b # user stack without NFSv3 (local) libsys.so.7`_fcntl+0xa a.out`main+0x11a libc.so.7`__libc_start1+0x12f a.out`_start+0x24 `0x1a4a59003008 # kernel stack with NFSv3 kernel`lf_advlock+0x45 kernel`vop_stdadvlock+0x175 kernel`VOP_ADVLOCK_APV+0x51 kernel`nlm_do_lock+0x365 kernel`nlm4_lock_4_svc+0x11 kernel`nlm_prog_4+0x26c kernel`svc_run_internal+0xaa8 kernel`svc_run+0x280 kernel`sys_nlm_syscall+0x75c kernel`amd64_syscall+0x169 kernel`0xffffffff810bf9ab # user stack with NFSv3 libsys.so.7`nlm_syscall+0xa libc.so.7`__libc_start1+0x12f rpc.lockd`_start+0x21 `0x59ca90603008 # rc.conf mountd_enable="YES" nfs_server_enable="YES" nfsv4_server_enable="NO" rpcbind_enable="YES" rpc_lockd_enable="YES" rpc_statd_enable="YES" # sysctl.conf vfs.nfsd.server_min_nfsvers=3 vfs.nfsd.server_max_nfsvers=3 For convenience, the client machine mounting the NFSv3 share had more system memory than the remote NFSv3 server. If necessary, multiple instances of the sample program can be run on the client machine to speed up lock acquisition. I was unable to cause system degradation with NFSv4. I believe this is limited by vfs.nfsd.v4statelimit. OpenBSD and NetBSD may already enforce some limits, although I have not tested this. OpenBSD: https://man.openbsd.org/sysctl.2#KERN_MAXLOCKSPERUID~2 https://github.com/openbsd/src/blob/8f537029576d9ea2ca0aba908b4f5e7fe29aeacf/sys/kern/kern_sysctl.c#L393 https://github.com/openbsd/src/blob/8f537029576d9ea2ca0aba908b4f5e7fe29aeacf/sys/kern/vfs_lockf.c#L156-L189 NetBSD: https://github.com/NetBSD/src/blob/7ef4a0317b218d1df5ce1956f4cc84392e0bb9a8/sys/kern/vfs_lockf.c#L118-L128 https://github.com/NetBSD/src/blob/7ef4a0317b218d1df5ce1956f4cc84392e0bb9a8/sys/kern/vfs_lockf.c#L191-L215 -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-292049-227>