1. Patchew
  2. linux
  3. View series

[PATCH] xfs: scrub: unlock dquot before early return in quota scrub

hongao posted 1 patch 3 weeks, 5 days ago
[PATCH] xfs: scrub: unlock dquot before early return in quota scrub
Posted by hongao 3 weeks, 5 days ago 
xchk_quota_item can return early after calling xchk_fblock_process_error.
When that helper returns false, the function returned immediately without
dropping dq->q_qlock, which can leave the dquot lock held and risk lock
leaks or deadlocks in later quota operations.

Fix this by unlocking dq->q_qlock before the early return.

Signed-off-by: hongao <hongao@uniontech.com>

diff --git a/fs/xfs/scrub/quota.c b/fs/xfs/scrub/quota.c
index 1d25bd5b892e..222812fe202c 100644
--- a/fs/xfs/scrub/quota.c
+++ b/fs/xfs/scrub/quota.c
@@ -171,8 +171,10 @@ xchk_quota_item(
 
 	error = xchk_quota_item_bmap(sc, dq, offset);
 	xchk_iunlock(sc, XFS_ILOCK_SHARED);
-	if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, offset, &error))
+	if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, offset, &error)) {
+		mutex_unlock(&dq->q_qlock);
 		return error;
+	}
 
 	/*
 	 * Warn if the hard limits are larger than the fs.
-- 
2.51.0
Re: [PATCH] xfs: scrub: unlock dquot before early return in quota scrub
Posted by Carlos Maiolino 2 weeks, 6 days ago 
On Thu, 12 Mar 2026 20:10:26 +0800, hongao wrote:
> xchk_quota_item can return early after calling xchk_fblock_process_error.
> When that helper returns false, the function returned immediately without
> dropping dq->q_qlock, which can leave the dquot lock held and risk lock
> leaks or deadlocks in later quota operations.
> 
> Fix this by unlocking dq->q_qlock before the early return.
> 
> [...]

Applied to for-next, thanks!

[1/1] xfs: scrub: unlock dquot before early return in quota scrub
      commit: 268378b6ad20569af0d1957992de1c8b16c6e900

Best regards,
-- 
Carlos Maiolino <cem@kernel.org>
Re: [PATCH] xfs: scrub: unlock dquot before early return in quota scrub
Posted by Darrick J. Wong 3 weeks, 5 days ago 
On Thu, Mar 12, 2026 at 08:10:26PM +0800, hongao wrote:
> xchk_quota_item can return early after calling xchk_fblock_process_error.
> When that helper returns false, the function returned immediately without
> dropping dq->q_qlock, which can leave the dquot lock held and risk lock
> leaks or deadlocks in later quota operations.
> 
> Fix this by unlocking dq->q_qlock before the early return.
> 
> Signed-off-by: hongao <hongao@uniontech.com>

Yep, that's a bug.

Cc: <stable@vger.kernel.org> # v6.8
Fixes: 7d1f0e167a067e ("xfs: check the ondisk space mapping behind a dquot")
Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>

--D

> diff --git a/fs/xfs/scrub/quota.c b/fs/xfs/scrub/quota.c
> index 1d25bd5b892e..222812fe202c 100644
> --- a/fs/xfs/scrub/quota.c
> +++ b/fs/xfs/scrub/quota.c
> @@ -171,8 +171,10 @@ xchk_quota_item(
>  
>  	error = xchk_quota_item_bmap(sc, dq, offset);
>  	xchk_iunlock(sc, XFS_ILOCK_SHARED);
> -	if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, offset, &error))
> +	if (!xchk_fblock_process_error(sc, XFS_DATA_FORK, offset, &error)) {
> +		mutex_unlock(&dq->q_qlock);
>  		return error;
> +	}
>  
>  	/*
>  	 * Warn if the hard limits are larger than the fs.
> -- 
> 2.51.0
> 
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.