Created attachment 274733 [details] reproducer Summary: When the new xattr value will not fit in short form, conversion to leaf takes place. XFS first removes the old value, converts, then tries to add the new name. But if the request has XATTR_REPLACE, XFS gives up and returns ENOATTR. The file is left with the xattr removed, and filesystem metadata seems to be corrupted. How to reproduce: Run attached setattr.c. It will 1. Create a file /mnt/xfs/hello or whatever. 2. Add xattr "world" with value "0". This will be in short form. 3. Replace the xattr with value 2048 bytes. This forces conversion to leaf. 4. setxattr fails with ENOATTR. The file loses xattr "world" and you need fsrepair. Patch proposal against 4.16.0-rc5+: diff --git a/fs/xfs/libxfs/xfs_attr.c b/fs/xfs/libxfs/xfs_attr.c index ce4a34a..ab55f2a 100644 --- a/fs/xfs/libxfs/xfs_attr.c +++ b/fs/xfs/libxfs/xfs_attr.c @@ -512,6 +512,12 @@ return retval; retval = xfs_attr_shortform_remove(args); ASSERT(retval == 0); + /* + * Since we have removed the old attr here, + * further lookup will fail with ENOATTR. + * Ignore this was a replace and go on creating new attr. + */ + args->flags &= ~ATTR_REPLACE; } if (args->namelen >= XFS_ATTR_SF_ENTSIZE_MAX || Logs and details: $ uname -a Linux centos7 4.16.0-rc5+ #2 SMP Thu Mar 15 12:29:21 JST 2018 x86_64 x86_64 x86_64 GNU/Linux $ ./setattr /mnt/xfs/hello No data available error=61 at line 43 $ attr -l /mnt/xfs/hello attr_list: Input/output error Could not list "(null)" for /mnt/xfs/hello $ dmesg | tail [ 266.127606] XFS (sdb): Metadata corruption detected at xfs_attr3_leaf_verify+0x176/0x1c0 [xfs], xfs_attr3_leaf block 0x80 [ 266.127615] XFS (sdb): Unmount and run xfs_repair [ 266.127619] XFS (sdb): First 128 bytes of corrupted metadata buffer: [ 266.127625] 00000000c1ae7fd0: 00 00 00 00 00 00 00 00 3b ee 00 00 00 00 00 00 ........;....... [ 266.127628] 00000000a08d03c3: 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 ................ [ 266.127631] 00000000d5fca99a: 9d 1e 97 53 a7 a1 40 63 ad 1d f7 95 ba 21 cc f5 ...S..@c.....!.. [ 266.127634] 00000000b10a02e2: 00 00 00 00 00 00 00 43 00 00 00 00 10 00 00 00 .......C........ [ 266.127637] 00000000d191bf38: 00 50 0f b0 00 00 00 00 00 00 00 00 00 00 00 00 .P.............. [ 266.127640] 000000008af0f949: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 266.127643] 00000000c077a317: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 266.127645] 000000004401acf4: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 266.127651] XFS (sdb): xfs_do_force_shutdown(0x8) called from line 1372 of file fs/xfs/xfs_buf.c. Return address = ffffffffc02b6589 [ 266.127659] XFS (sdb): Corruption of in-memory data detected. Shutting down filesystem [ 266.127662] XFS (sdb): Please umount the filesystem and rectify the problem(s) After the fix: # ls -l xfs.ko -rw-rw-r-- 1 kanda kanda 33354536 Mar 15 12:55 xfs.ko # insmod xfs.ko [ 1157.687708] SGI XFS with ACLs, security attributes, debug enabled $ ./setattr /mnt/xfs/hello $ attr -l /mnt/xfs/hello Attribute "world" has a 2048 byte value for /mnt/xfs/hello
Yep, that looks like a bug, will send out test case and patch shortly. Thank you for reporting this! (Sorry for taking so long on this, evidently bug reports don't get auto-cc'd to the xfs mailing list(!) For speedier response in the future, please email linux-xfs@vger.kernel.org to let us know.)