1. Patchew
  2. linux
  3. View series

[PATCH] xfs: fix unreachable BIGTIME check in dquot flush validation

Alexey Nepomnyashih posted 1 patch 4 days, 12 hours ago 
fs/xfs/xfs_dquot.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
[PATCH] xfs: fix unreachable BIGTIME check in dquot flush validation
Posted by Alexey Nepomnyashih 4 days, 12 hours ago 
The dqp->q_id == 0 check inside the XFS_DQTYPE_BIGTIME block is
unreachable because root dquots return successfully earlier. Reject root
dquots with XFS_DQTYPE_BIGTIME before that early return, preserving the
intended validation and removing the unreachable condition.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 4ea1ff3b4968 ("xfs: widen ondisk quota expiration timestamps to handle y2038+")
Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Alexey Nepomnyashih <sdl@nppct.ru>
---
 fs/xfs/xfs_dquot.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/fs/xfs/xfs_dquot.c b/fs/xfs/xfs_dquot.c
index 69e9bc588c8b..c311f61d9554 100644
--- a/fs/xfs/xfs_dquot.c
+++ b/fs/xfs/xfs_dquot.c
@@ -1216,6 +1216,14 @@ xfs_qm_dqflush_check(
 	    type != XFS_DQTYPE_PROJ)
 		return __this_address;
 
+	/* bigtime flag should never be set on root dquots */
+	if (dqp->q_type & XFS_DQTYPE_BIGTIME) {
+		if (!xfs_has_bigtime(dqp->q_mount))
+			return __this_address;
+		if (dqp->q_id == 0)
+			return __this_address;
+	}
+
 	if (dqp->q_id == 0)
 		return NULL;
 
@@ -1231,14 +1239,6 @@ xfs_qm_dqflush_check(
 	    !dqp->q_rtb.timer)
 		return __this_address;
 
-	/* bigtime flag should never be set on root dquots */
-	if (dqp->q_type & XFS_DQTYPE_BIGTIME) {
-		if (!xfs_has_bigtime(dqp->q_mount))
-			return __this_address;
-		if (dqp->q_id == 0)
-			return __this_address;
-	}
-
 	return NULL;
 }
 
-- 
2.43.0
Re: [PATCH] xfs: fix unreachable BIGTIME check in dquot flush validation
Posted by Darrick J. Wong 4 days, 11 hours ago 
[fix some addresses]

On Wed, Jun 03, 2026 at 08:41:47PM +0000, Alexey Nepomnyashih wrote:
> The dqp->q_id == 0 check inside the XFS_DQTYPE_BIGTIME block is
> unreachable because root dquots return successfully earlier. Reject root
> dquots with XFS_DQTYPE_BIGTIME before that early return, preserving the
> intended validation and removing the unreachable condition.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Fixes: 4ea1ff3b4968 ("xfs: widen ondisk quota expiration timestamps to handle y2038+")
> Cc: stable@vger.kernel.org # v5.10+
> Signed-off-by: Alexey Nepomnyashih <sdl@nppct.ru>

Yeah, that looks like a screwup...
Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>

--D

> ---
>  fs/xfs/xfs_dquot.c | 16 ++++++++--------
>  1 file changed, 8 insertions(+), 8 deletions(-)
> 
> diff --git a/fs/xfs/xfs_dquot.c b/fs/xfs/xfs_dquot.c
> index 69e9bc588c8b..c311f61d9554 100644
> --- a/fs/xfs/xfs_dquot.c
> +++ b/fs/xfs/xfs_dquot.c
> @@ -1216,6 +1216,14 @@ xfs_qm_dqflush_check(
>  	    type != XFS_DQTYPE_PROJ)
>  		return __this_address;
>  
> +	/* bigtime flag should never be set on root dquots */
> +	if (dqp->q_type & XFS_DQTYPE_BIGTIME) {
> +		if (!xfs_has_bigtime(dqp->q_mount))
> +			return __this_address;
> +		if (dqp->q_id == 0)
> +			return __this_address;
> +	}
> +
>  	if (dqp->q_id == 0)
>  		return NULL;
>  
> @@ -1231,14 +1239,6 @@ xfs_qm_dqflush_check(
>  	    !dqp->q_rtb.timer)
>  		return __this_address;
>  
> -	/* bigtime flag should never be set on root dquots */
> -	if (dqp->q_type & XFS_DQTYPE_BIGTIME) {
> -		if (!xfs_has_bigtime(dqp->q_mount))
> -			return __this_address;
> -		if (dqp->q_id == 0)
> -			return __this_address;
> -	}
> -
>  	return NULL;
>  }
>  
> -- 
> 2.43.0
> 
>
Re: [PATCH] xfs: fix unreachable BIGTIME check in dquot flush validation
Posted by Allison Henderson 3 days, 4 hours ago 
On Wed, 2026-06-03 at 14:08 -0700, Darrick J. Wong wrote:
> [fix some addresses]
> 
> On Wed, Jun 03, 2026 at 08:41:47PM +0000, Alexey Nepomnyashih wrote:
> > The dqp->q_id == 0 check inside the XFS_DQTYPE_BIGTIME block is
> > unreachable because root dquots return successfully earlier. Reject root
> > dquots with XFS_DQTYPE_BIGTIME before that early return, preserving the
> > intended validation and removing the unreachable condition.
> > 
> > Found by Linux Verification Center (linuxtesting.org) with SVACE.
> > 
> > Fixes: 4ea1ff3b4968 ("xfs: widen ondisk quota expiration timestamps to handle y2038+")
> > Cc: stable@vger.kernel.org # v5.10+
> > Signed-off-by: Alexey Nepomnyashih <sdl@nppct.ru>
Hi Alexey,

Looks good, thanks for catching this!
Reviewed-by: Allison Henderson <achender@kernel.org>

> 
> Yeah, that looks like a screwup...
> Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>
> 
> --D
> 
> > ---
> >  fs/xfs/xfs_dquot.c | 16 ++++++++--------
> >  1 file changed, 8 insertions(+), 8 deletions(-)
> > 
> > diff --git a/fs/xfs/xfs_dquot.c b/fs/xfs/xfs_dquot.c
> > index 69e9bc588c8b..c311f61d9554 100644
> > --- a/fs/xfs/xfs_dquot.c
> > +++ b/fs/xfs/xfs_dquot.c
> > @@ -1216,6 +1216,14 @@ xfs_qm_dqflush_check(
> >  	    type != XFS_DQTYPE_PROJ)
> >  		return __this_address;
> >  
> > +	/* bigtime flag should never be set on root dquots */
> > +	if (dqp->q_type & XFS_DQTYPE_BIGTIME) {
> > +		if (!xfs_has_bigtime(dqp->q_mount))
> > +			return __this_address;
> > +		if (dqp->q_id == 0)
> > +			return __this_address;
> > +	}
> > +
> >  	if (dqp->q_id == 0)
> >  		return NULL;
> >  
> > @@ -1231,14 +1239,6 @@ xfs_qm_dqflush_check(
> >  	    !dqp->q_rtb.timer)
> >  		return __this_address;
> >  
> > -	/* bigtime flag should never be set on root dquots */
> > -	if (dqp->q_type & XFS_DQTYPE_BIGTIME) {
> > -		if (!xfs_has_bigtime(dqp->q_mount))
> > -			return __this_address;
> > -		if (dqp->q_id == 0)
> > -			return __this_address;
> > -	}
> > -
> >  	return NULL;
> >  }
> >  
> > -- 
> > 2.43.0
> > 
> >

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.