jffs2: Fix garbage collector BUG

Message ID 20170817040916.32570-1-mark.tomlinson@alliedtelesis.co.nz
State New
Delegated to: David Woodhouse
Headers show

Commit Message

Mark Tomlinson Aug. 17, 2017, 4:09 a.m.
During garbage collection, the state INO_STATE_CLEARING is possible, but
was not checked. Even though this state is transient, there is a chance
that the garbage collector will see an inode in this state and needs to
be able to deal with it. Previously the default case was hit, resulting
in BUG().

The only time an inode can be in clearing state is during clear_inode.
After this, the inode is either removed or put into CHECKEDABSENT state.
So the fix here is to simply treat clearing state the same as
CHECKEDABSENT, i.e. ignore this node and move to the next.

Note that this is not a new issue. For example, there is a bug report
here:

http://lists.infradead.org/pipermail/linux-mtd/2011-December/038850.html

Signed-off-by: Mark Tomlinson <mark.tomlinson@alliedtelesis.co.nz>
---
 fs/jffs2/gc.c | 4 ++++
 1 file changed, 4 insertions(+)

Patch

diff --git a/fs/jffs2/gc.c b/fs/jffs2/gc.c
index 9ed0f26cf023..e153ef699ae8 100644
--- a/fs/jffs2/gc.c
+++ b/fs/jffs2/gc.c
@@ -196,6 +196,10 @@  int jffs2_garbage_collect_pass(struct jffs2_sb_info *c)
 			continue;
 		}
 		switch(ic->state) {
+		case INO_STATE_CLEARING:
+			/* Once in CLEARING state, it will always transition to
+			 * CHECKEDABSENT, so may as well treat it as that now
+			 */
 		case INO_STATE_CHECKEDABSENT:
 		case INO_STATE_PRESENT:
 			spin_unlock(&c->inocache_lock);