[PATCH] xfs: fix double IRELE in xfs_dqrele_inode

Mon Oct 12 18:42:10 CDT 2009

xfs_dqrele_inode calls xfs_iput to release the ilock and a reference
and then also calls IRELE which does a second decrement of the reference
count.  This leads to a premature freeing of inodes when quotas were turned
off while the filesystem was mounted.

Thanks to Utako Kusaka for reporting the bug and provinding a good testcase.

Signed-off-by: Christoph Hellwig <hch at lst.de>
Reported-by: Utako Kusaka <u-kusaka at wm.jp.nec.com>

Index: xfs/fs/xfs/quota/xfs_qm_syscalls.c
===================================================================

--- xfs.orig/fs/xfs/quota/xfs_qm_syscalls.c	2009-10-11 13:41:52.932012023 -0300
+++ xfs/fs/xfs/quota/xfs_qm_syscalls.c	2009-10-11 13:42:04.060016467 -0300
@@ -876,7 +876,6 @@ xfs_dqrele_inode(
 		ip->i_gdquot = NULL;
 	}
 	xfs_iput(ip, XFS_ILOCK_EXCL);
-	IRELE(ip);
 
 	return 0;
 }


