From patchwork Thu Nov 20 14:22:31 2008
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Brijesh Singh <brij.singh@samsung.com>
X-Patchwork-Id: 10010
Return-Path: 
 <linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from bombadil.infradead.org (bombadil.infradead.org [18.85.46.34])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id E6246DDE9E
	for <incoming@patchwork.ozlabs.org>;
	Sat, 22 Nov 2008 01:01:13 +1100 (EST)
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.68 #1 (Red Hat Linux))
	id 1L3WXE-0008Rj-Gi; Fri, 21 Nov 2008 13:59:00 +0000
Received: from mailout4.samsung.com ([203.254.224.34])
	by bombadil.infradead.org with esmtp (Exim 4.68 #1 (Red Hat Linux))
	id 1L3ANJ-0006Yz-SC
	for linux-mtd@lists.infradead.org; Thu, 20 Nov 2008 14:19:18 +0000
Received: from epmmp2 (mailout4.samsung.com [203.254.224.34])
	by mailout4.samsung.com
	(iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004))
	with ESMTP id <0KAM00AHSYFYCC@mailout4.samsung.com> for
	linux-mtd@lists.infradead.org; Thu, 20 Nov 2008 23:19:11 +0900 (KST)
Received: from brijeshs ([107.108.214.195])
	by mmp2.samsung.com (iPlanet Messaging Server 5.2 Patch 2 (built Jul
	14 2004)) with ESMTPA id <0KAM00ENBYFXUQ@mmp2.samsung.com> for
	linux-mtd@lists.infradead.org; Thu, 20 Nov 2008 23:19:11 +0900 (KST)
Date: Thu, 20 Nov 2008 19:52:31 +0530
From: Brijesh Singh <brij.singh@samsung.com>
Subject: [PATCH] UBIFS: Fix Bulk read buf_len  intialization
To: dedekind@infradead.org
Message-id: <919AC938BD8D49A68F2667677F5034D1@sisodomain.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-Priority: 3
X-MSMail-priority: Normal
X-Spam-Score: -4.0 (----)
X-Spam-Report: SpamAssassin version 3.2.5 on bombadil.infradead.org summary:
	Content analysis details:   (-4.0 points)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	0.0 HTML_MESSAGE           BODY: HTML included in message
	-4.0 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/,
	medium trust [203.254.224.34 listed in list.dnswl.org]
X-Mailman-Approved-At: Fri, 21 Nov 2008 08:58:59 -0500
Cc: linux-mtd@lists.infradead.org
X-BeenThere: linux-mtd@lists.infradead.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Linux MTD discussion mailing list <linux-mtd.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/listinfo/linux-mtd>,
	<mailto:linux-mtd-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-mtd>
List-Post: <mailto:linux-mtd@lists.infradead.org>
List-Help: <mailto:linux-mtd-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-mtd>,
	<mailto:linux-mtd-request@lists.infradead.org?subject=subscribe>
Sender: linux-mtd-bounces@lists.infradead.org
Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

In function bu_init in super.c, after buffer allocation, initialization of buf_len parameter is not done. So buf_len=0;

This causes bulk_read to be skipped in all cases.

Here is the scenario:
ubifs_do_bulk_read() {
...
       err  = ubifs_tnc_get_bu_keys() ;
        if (err)
 	goto out_warn;
...
out_warn:
            ubifs_warn("ignoring error %d and skipping bulk-read", err);
            goto out_free;
}

And function:

ubifs_tnc_get_bu_keys() {
                                    ...
                            if (len > bu->buf_len) {
        			err = -EINVAL;
    			goto out;
                           }
...
}

ubifs_tnc_get_bu_keys()  returns error -EINVAL to ubifs_do_bulk_read. So it decides to skip this bulk_read.
 This condition holds forever as mutex will always be free in this case.

The following patch does the initialization....

------------------------------------------------------------------------------------------------------------------------------

diff -urN ubifs-2.6.orig/fs/ubifs/super.c ubifs-2.6/fs/ubifs/super.c
--- ubifs-2.6.orig/fs/ubifs/super.c 2008-11-21 00:33:25.000000000 +0530
+++ ubifs-2.6/fs/ubifs/super.c 2008-11-21 00:36:27.000000000 +0530
@@ -1046,6 +1046,7 @@
   c->bulk_read = 0;
   return;
  }
+ c->bu.buf_len = c->max_bu_buf_len;
 }
 
 /**