From f06328d7721ad3852c45eb2a10a0c8f9439b5f33 Mon Sep 17 00:00:00 2001 From: Prasad Joshi Date: Tue, 21 Dec 2010 17:24:20 -0800 Subject: [PATCH] logfs: fix "Kernel BUG at readwrite.c:1193" This happens when __logfs_create() tries to write a new inode to the disk which is full. __logfs_create() associates the transaction pointer with inode. During the logfs_write_inode() function call chain this transaction pointer is moved from inode to page->private using function move_inode_to_page (do_write_inode() -> inode_to_page() -> move_inode_to_page) When the write inode fails, the transaction is aborted and iput is called on the failed inode. During delete_inode the same transaction pointer associated with the page is getting used. Thus causing kernel BUG. The patch checks for error in write_inode() and restores the page->private to NULL. Addresses https://bugzilla.kernel.org/show_bug.cgi?id=20162 Signed-off-by: Prasad Joshi Cc: Joern Engel Cc: Florian Mickler Cc: "Rafael J. Wysocki" Cc: Maciej Rutecki Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/logfs/readwrite.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/logfs/readwrite.c b/fs/logfs/readwrite.c index 6127baf0e188..ee99a9f5dfd3 100644 --- a/fs/logfs/readwrite.c +++ b/fs/logfs/readwrite.c @@ -1994,6 +1994,9 @@ static int do_write_inode(struct inode *inode) /* FIXME: transaction is part of logfs_block now. Is that enough? */ err = logfs_write_buf(master_inode, page, 0); + if (err) + move_page_to_inode(inode, page); + logfs_put_write_page(page); return err; }