On Thu, Jun 02, 2022 at 09:35:33AM -0700, Darrick J. Wong wrote:
> On Sat, May 28, 2022 at 05:47:15PM +0800, Zorro Lang wrote:
> > After we corrupted an attr leaf block (under node block), getxattr
> > might hit EFSCORRUPTED in xfs_attr_node_get when it does
> > xfs_attr_node_hasname. A known bug cause xfs_attr_node_get won't do
> > xfs_buf_trans release job, then a subsequent removexattr will hang.
> >
> > This case covers a1de97fe296c ("xfs: Fix the free logic of state in
> > xfs_attr_node_hasname")
> >
> > Signed-off-by: Zorro Lang <zlang@xxxxxxxxxx>
> > ---
> >
> > Hi,
> >
> > It's been long time past, since Yang Xu tried to cover a regression bug
> > by changing xfs/126 (be Nacked):
> > https://lore.kernel.org/fstests/1642407736-3898-1-git-send-email-xuyang2018.jy@xxxxxxxxxxx/
> >
> > As we (Red Hat) need to cover this regression issue too, and have waited so
> > long time. I think no one is doing this job now, so I'm trying to write a new one
> > case to cover it. If Yang has completed his test case but forgot to send out,
> > feel free to tell me :)
> >
> > Thanks,
> > Zorro
> >
> > tests/xfs/999 | 80 +++++++++++++++++++++++++++++++++++++++++++++++
> > tests/xfs/999.out | 2 ++
> > 2 files changed, 82 insertions(+)
> > create mode 100755 tests/xfs/999
> > create mode 100644 tests/xfs/999.out
> >
> > diff --git a/tests/xfs/999 b/tests/xfs/999
> > new file mode 100755
> > index 00000000..65d99883
> > --- /dev/null
> > +++ b/tests/xfs/999
> > @@ -0,0 +1,80 @@
> > +#! /bin/bash
> > +# SPDX-License-Identifier: GPL-2.0
> > +# Copyright (c) 2022 Red Hat, Inc. All Rights Reserved.
> > +#
> > +# FS QA Test No. 999
> > +#
> > +# This's a regression test for:
> > +# a1de97fe296c ("xfs: Fix the free logic of state in xfs_attr_node_hasname")
> > +#
> > +# After we corrupted an attr leaf block (under node block), getxattr might hit
> > +# EFSCORRUPTED in xfs_attr_node_get when it does xfs_attr_node_hasname. A bug
> > +# cause xfs_attr_node_get won't do xfs_buf_trans release job, then a subsequent
> > +# removexattr will hang.
> > +#
> > +. ./common/preamble
> > +_begin_fstest auto quick attr
> > +
> > +# Import common functions.
> > +. ./common/filter
> > +. ./common/attr
> > +. ./common/populate
> > +
> > +# real QA test starts here
> > +_supported_fs xfs
> > +_fixed_by_kernel_commit a1de97fe296c \
> > + "xfs: Fix the free logic of state in xfs_attr_node_hasname"
> > +
> > +_require_scratch_nocheck
> > +# Only test with v5 xfs on-disk format
> > +_require_scratch_xfs_crc
> > +_require_attrs
> > +_require_populate_commands
> > +_require_xfs_db_blocktrash_z_command
> > +
> > +_scratch_mkfs_xfs | _filter_mkfs >$seqres.full 2>$tmp.mkfs
> > +source $tmp.mkfs
> > +_scratch_mount
> > +
> > +# This case will use 10 bytes xattr namelen and 11+ bytes valuelen, so:
> > +# sizeof(xfs_attr_leaf_name_local) = 2 + 1 + 10 + 11 = 24,
> > +# sizeof(xfs_attr_leaf_entry) = 8
> > +# So count in the header, if I create more than $((dbsize / 32)) xattr entries,
> > +# it will out of a leaf block (not much), then get one node block and two or
> > +# more leaf blocks, that's the testing need.
>
> I think this last sentence could be clearer:
>
> "Create more than $((dbsize / 32)) xattr entries to force the creation
> of a node block, which we need for this test."
Hi Darrick,
Thanks for your reviewing! Sure, I'll remove redundant comments.
>
> > +nr_xattr="$((dbsize / 32))"
> > +localfile="${SCRATCH_MNT}/attrfile"
> > +touch $localfile
> > +for ((i=0; i<nr_xattr; i++));do
> > + $SETFATTR_PROG -n user.x$(printf "%.09d" "$i") -v "aaaaaaaaaaaaaaaa" $localfile
> > +done
> > +inumber="$(stat -c '%i' $localfile)"
>
> Though I also wonder, could you just steal this line:
>
> __populate_create_attr "${SCRATCH_MNT}/ATTR.FMT_NODE" "$((8 * blksz / 40))"
>
> from _scratch_xfs_populate?
Oh, I don't know there's a helper like that. But I'm wondering is it recommended
using a function begin with "__" directly?
BTW, may I ask why you prefer the number "40"? You use this number in some cases
likes x/124, x/125, x/126. Likes nr=((blksz / 40)) or nr = ((8 * blksz / 40)).
I tried to calculate, but didn't find anything match 40 bytes perfectly.
You used 9 bytes xattr name and 16 bytes xattr value, so the size of attr
leaf_name_local and leaf_entry is 28+8=36. So I think in order to make
attr entries out of a block, better to make the blksz divided by a
number <= 36. Why 40? I know I might miss something, so really hope to get
the details from you :)
>
> > +_scratch_unmount
> > +
> > +# Expect the ablock 0 is a node block, later ablocks(>=1) are leaf blocks, then corrupt
> > +# the last leaf block. (Don't corrupt node block, or can't reproduce the bug)
> > +magic=$(_scratch_xfs_get_metadata_field "hdr.info.hdr.magic" "inode $inumber" "ablock 0")
> > +level=$(_scratch_xfs_get_metadata_field "hdr.level" "inode $inumber" "ablock 0")
> > +count=$(_scratch_xfs_get_metadata_field "hdr.count" "inode $inumber" "ablock 0")
> > +if [ "$magic" = "0x3ebe" -a "$level" = "1" ];then
> > + # Corrupt the last leaf block
> > + _scratch_xfs_db -x -c "inode ${inumber}" -c "ablock $count" -c "stack" \
> > + -c "blocktrash -x 32 -y $((dbsize*8)) -3 -z" >> $seqres.full
> > +else
> > + _fail "The ablock 0 isn't a root node block, maybe case issue"
>
> Might want to capture the magic and level here so that we can diagnose
> test setup failures.
Sure
>
> > +fi
> > +
> > +# This's the real testing, expect removexattr won't hang or panic.
> > +if _try_scratch_mount >> $seqres.full 2>&1; then
> > + for ((i=0; i<nr_xattr; i++));do
> > + $GETFATTR_PROG -n user.x$(printf "%.09d" "$i") $localfile >/dev/null 2>&1
> > + $SETFATTR_PROG -x user.x$(printf "%.09d" "$i") $localfile 2>/dev/null
> > + done
> > +else
> > + _notrun "XFS refused to mount with this xattr corrutpion, test skipped"
>
> When does mount fail? Or is this a precaution?
Oh, it doesn't fail currently. But I can't be sure it always mount succeed,
especially I corrupt this fs manually. So add this judgement :)
Thanks,
Zorro
>
> --D
>
> > +fi
> > +
> > +echo "Silence is golden"
> > +# success, all done
> > +status=0
> > +exit
> > diff --git a/tests/xfs/999.out b/tests/xfs/999.out
> > new file mode 100644
> > index 00000000..3b276ca8
> > --- /dev/null
> > +++ b/tests/xfs/999.out
> > @@ -0,0 +1,2 @@
> > +QA output created by 999
> > +Silence is golden
> > --
> > 2.31.1
> >
>
