[JFFS2] Locking issues in summary write code.
We can't use jffs2_scan_dirty_space() because it doesn't do any locking; it's
only for use at scan time -- hence the 'scan' in the name.
Also, don't allocate refs while we have c->erase_completion_lock held.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
diff --git a/fs/jffs2/summary.c b/fs/jffs2/summary.c
index 5a59c618..1451732 100644
--- a/fs/jffs2/summary.c
+++ b/fs/jffs2/summary.c
@@ -835,19 +835,32 @@
spin_unlock(&c->erase_completion_lock);
ret = jffs2_flash_writev(c, vecs, 2, jeb->offset + c->sector_size -
jeb->free_size, &retlen, 0);
- spin_lock(&c->erase_completion_lock);
-
if (ret || (retlen != infosize)) {
+ struct jffs2_raw_node_ref *ref;
+
JFFS2_WARNING("Write of %u bytes at 0x%08x failed. returned %d, retlen %zd\n",
infosize, jeb->offset + c->sector_size - jeb->free_size, ret, retlen);
+ /* Waste remaining space */
+ ref = jffs2_alloc_raw_node_ref();
+ if (ref) {
+ spin_lock(&c->erase_completion_lock);
+
+ ref->flash_offset = jeb->offset + c->sector_size - jeb->free_size;
+ ref->flash_offset |= REF_OBSOLETE;
+ ref->next_in_ino = 0;
+
+ jffs2_link_node_ref(c, jeb, ref, c->sector_size - jeb->free_size);
+ }
+
c->summary->sum_size = JFFS2_SUMMARY_NOSUM_SIZE;
- jffs2_scan_dirty_space(c, jeb, infosize);
return 1;
}
+ spin_lock(&c->erase_completion_lock);
+
return 0;
}
@@ -890,7 +903,6 @@
/* for ACCT_PARANOIA_CHECK */
spin_unlock(&c->erase_completion_lock);
summary_ref = jffs2_alloc_raw_node_ref();
- spin_lock(&c->erase_completion_lock);
if (!summary_ref) {
JFFS2_NOTICE("Failed to allocate node ref for summary\n");
@@ -900,6 +912,7 @@
summary_ref->next_in_ino = NULL;
summary_ref->flash_offset = (jeb->offset + c->sector_size - jeb->free_size) | REF_NORMAL;
+ spin_lock(&c->erase_completion_lock);
jffs2_link_node_ref(c, jeb, summary_ref, infosize);
return 0;