[PATCH] [BLKMTD] : missing offset sometimes causes panics

Using JFFS2 on CompactFlash devices via blkmtd on kernel 2.4.32 causes
occasionnal kernel panics.

It happens that every few days (5-10 days), we encounter a kernel BUG in
set_bh_page() during a write because ->offset is bigger than PAGE_SIZE.
The call chain passes via jffs2 and blkmtd. I finally tracked it down to
the commit_pages() function in blkmtd not setting the ->offset member
in the kiovec structure. This one only gets initialized on a previous
read, because kiobuf_init() does not set it either.

I found it logical to set it to zero in commit_pages() because this
function also sets the ->length parameter to a page-aligned value.

2.6 does not have this problem, because it does not use kiovecs.

I suspect not many people use jffs2 on top of blkmtd, and even in this
case, the conditions to meet to trigger the bug are not common at all.

Signed-Off-By: Willy Tarreau <w@1wt.eu>
Ack-By: David Woodhouse <dwmw2@infradead.org>

diff --git a/drivers/mtd/devices/blkmtd.c b/drivers/mtd/devices/blkmtd.c
index f4280a1..9399d4e 100644 (file)
--- a/drivers/mtd/devices/blkmtd.c
+++ b/drivers/mtd/devices/blkmtd.c
@@ -195,6 +195,7 @@ static int commit_pages(struct blkmtd_dev *dev)
        int err = 0;
 
        iobuf->length = iobuf->nr_pages << PAGE_SHIFT;
+       iobuf->offset = 0;      /* all pages are aligned */
        iobuf->locked = 1;
        if(iobuf->length) {
                int i;