The following commit has been merged in the linux branch: commit 05277c75f6dea8ecf59138cd1b6781fb54ae08bd Author: Christoph Hellwig hch@infradead.org Date: Mon Oct 12 23:42:10 2009 +0000
xfs: fix double IRELE in xfs_dqrele_inode
xfs_dqrele_inode calls xfs_iput to release the ilock and a reference and then also calls IRELE which does a second decrement of the reference count. This leads to a premature freeing of inodes when quotas were turned off while the filesystem was mounted.
Thanks to Utako Kusaka for reporting the bug and provinding a good testcase.
Signed-off-by: Christoph Hellwig hch@lst.de Reported-by: Utako Kusaka u-kusaka@wm.jp.nec.com Reviewed-by: Alex Elder aelder@sgi.com Signed-off-by: Alex Elder aelder@sgi.com
diff --git a/fs/xfs/quota/xfs_qm_syscalls.c b/fs/xfs/quota/xfs_qm_syscalls.c index 4e4276b..5d1a3b9 100644 --- a/fs/xfs/quota/xfs_qm_syscalls.c +++ b/fs/xfs/quota/xfs_qm_syscalls.c @@ -876,7 +876,6 @@ xfs_dqrele_inode( ip->i_gdquot = NULL; } xfs_iput(ip, XFS_ILOCK_EXCL); - IRELE(ip);
return 0; }