embox

1
/*
2
 * JFFS2 -- Journalling Flash File System, Version 2.
3
 *
4
 * Copyright (C) 2001-2003 Red Hat, Inc.
5
 *
6
 * Created by David Woodhouse <dwmw2@infradead.org>
7
 *
8
 * For licensing information, see the file 'LICENCE' in this directory.
9
 *
10
 * $Id: gc.c,v 1.152 2005/07/24 15:14:14 dedekind Exp $
11
 *
12
 */
13

14
#include <linux/kernel.h>
15
#include <linux/mtd/mtd.h>
16
#include <linux/slab.h>
17
#include <linux/pagemap.h>
18
#include <linux/crc32.h>
19
#include <linux/compiler.h>
20
#include <linux/stat.h>
21
#include "nodelist.h"
22
#include "compr.h"
23

24
#define jiffies ((unsigned long) clock_sys_ticks())
25

26
static int jffs2_garbage_collect_pristine(struct jffs2_sb_info *c,
27
					  struct jffs2_inode_cache *ic,
28
					  struct jffs2_raw_node_ref *raw);
29
static int jffs2_garbage_collect_metadata(struct jffs2_sb_info *c,
30
		struct jffs2_eraseblock *jeb,
31
		struct jffs2_inode_info *f, struct jffs2_full_dnode *fd);
32
static int jffs2_garbage_collect_dirent(struct jffs2_sb_info *c,
33
		struct jffs2_eraseblock *jeb,
34
		struct jffs2_inode_info *f, struct jffs2_full_dirent *fd);
35
static int jffs2_garbage_collect_deletion_dirent(struct jffs2_sb_info *c,
36
		struct jffs2_eraseblock *jeb,
37
		struct jffs2_inode_info *f, struct jffs2_full_dirent *fd);
38
static int jffs2_garbage_collect_hole(struct jffs2_sb_info *c,
39
		struct jffs2_eraseblock *jeb,
40
		struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
41
		uint32_t start, uint32_t end);
42
static int jffs2_garbage_collect_dnode(struct jffs2_sb_info *c,
43
		struct jffs2_eraseblock *jeb,
44
		struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
45
		uint32_t start, uint32_t end);
46
static int jffs2_garbage_collect_live(struct jffs2_sb_info *c,
47
		struct jffs2_eraseblock *jeb,
48
		struct jffs2_raw_node_ref *raw, struct jffs2_inode_info *f);
49

50
/* Called with erase_completion_lock held */
51
static struct jffs2_eraseblock *jffs2_find_gc_block(struct jffs2_sb_info *c) {
52
	struct jffs2_eraseblock *ret;
53
	struct list_head *nextlist = NULL;
54
	int n = jiffies % 128;
55

56
	/* Pick an eraseblock to garbage collect next. This is where we'll
57
	 * put the clever wear-levelling algorithms. Eventually.
58
	 * We possibly want to favour the dirtier blocks more when the
59
	 * number of free blocks is low.
60
	 */
61
again:
62
	if (!list_empty(&c->bad_used_list) &&
63
			c->nr_free_blocks > c->resv_blocks_gcbad) {
64
		D1(printk( "Picking block from bad_used_list to GC next\n"));
65
		nextlist = &c->bad_used_list;
66
	} else if (n < 50 && !list_empty(&c->erasable_list)) {
67
		/* Note that most of them will have gone directly to be erased.
68
		 * So don't favour the erasable_list _too_ much.
69
		 */
70
		D1(printk( "Picking block from erasable_list to GC next\n"));
71
		nextlist = &c->erasable_list;
72
	} else if (n < 110 && !list_empty(&c->very_dirty_list)) {
73
		/* Most of the time, pick one off the very_dirty list */
74
		D1(printk( "Picking block from very_dirty_list to GC next\n"));
75
		nextlist = &c->very_dirty_list;
76
	} else if (n < 126 && !list_empty(&c->dirty_list)) {
77
		D1(printk( "Picking block from dirty_list to GC next\n"));
78
		nextlist = &c->dirty_list;
79
	} else if (!list_empty(&c->clean_list)) {
80
		D1(printk( "Picking block from clean_list to GC next\n"));
81
		nextlist = &c->clean_list;
82
	} else if (!list_empty(&c->dirty_list)) {
83
		D1(printk( "Picking block from dirty_list to GC next (clean_list was empty)\n"));
84

85
		nextlist = &c->dirty_list;
86
	} else if (!list_empty(&c->very_dirty_list)) {
87
		D1(printk( "Picking block from very_dirty_list to GC next (clean_list and dirty_list were empty)\n"));
88
		nextlist = &c->very_dirty_list;
89
	} else if (!list_empty(&c->erasable_list)) {
90
		D1(printk( "Picking block from erasable_list to GC next (clean_list and {very_,}dirty_list were empty)\n"));
91

92
		nextlist = &c->erasable_list;
93
	} else if (!list_empty(&c->erasable_pending_wbuf_list)) {
94
		/* There are blocks are wating for the wbuf sync */
95
		D1(printk( "Synching wbuf in order to reuse erasable_pending_wbuf_list blocks\n"));
96
		spin_unlock(&c->erase_completion_lock);
97
		jffs2_flush_wbuf_pad(c);
98
		spin_lock(&c->erase_completion_lock);
99
		goto again;
100
	} else {
101
		/* Eep. All were empty */
102
		D1(printk(KERN_NOTICE "jffs2: No clean, dirty _or_ erasable blocks to GC from! Where are they all?\n"));
103
		return NULL;
104
	}
105

106
	ret = list_entry(nextlist->next, struct jffs2_eraseblock, list);
107
	list_del(&ret->list);
108
	c->gcblock = ret;
109
	ret->gc_node = ret->first_node;
110
	if (!ret->gc_node) {
111
		printk( "Eep. ret->gc_node for block at 0x%08x is NULL\n", ret->offset);
112
		BUG();
113
	}
114

115
	/* Have we accidentally picked a clean block with wasted space ? */
116
	if (ret->wasted_size) {
117
		D1(printk( "Converting wasted_size %08x to dirty_size\n", ret->wasted_size));
118
		ret->dirty_size += ret->wasted_size;
119
		c->wasted_size -= ret->wasted_size;
120
		c->dirty_size += ret->wasted_size;
121
		ret->wasted_size = 0;
122
	}
123

124
	return ret;
125
}
126

127
/* jffs2_garbage_collect_pass
128
 * Make a single attempt to progress GC. Move one node, and possibly
129
 * start erasing one eraseblock.
130
 */
131
int jffs2_garbage_collect_pass(struct jffs2_sb_info *c) {
132
	struct jffs2_inode_info *f;
133
	struct jffs2_inode_cache *ic;
134
	struct jffs2_eraseblock *jeb;
135
	struct jffs2_raw_node_ref *raw;
136
	int ret = 0, inum, nlink;
137

138
	if (down_interruptible(&c->alloc_sem)) {
139
		return -EINTR;
140
	}
141

142
	for (;;) {
143
		spin_lock(&c->erase_completion_lock);
144
		if (!c->unchecked_size) {
145
			break;
146
		}
147

148
		/* We can't start doing GC yet. We haven't finished checking
149
		 * the node CRCs etc. Do it now.
150
		 *
151
		 * checked_ino is protected by the alloc_sem
152
		 */
153
		if (c->checked_ino > c->highest_ino) {
154
			printk(KERN_CRIT "Checked all inodes but still 0x%x bytes of unchecked space?\n",
155
			       c->unchecked_size);
156
			jffs2_dbg_dump_block_lists_nolock(c);
157
			spin_unlock(&c->erase_completion_lock);
158
			BUG();
159
		}
160

161
		spin_unlock(&c->erase_completion_lock);
162

163
		spin_lock(&c->inocache_lock);
164

165
		ic = jffs2_get_ino_cache(c, c->checked_ino++);
166

167
		if (!ic) {
168
			spin_unlock(&c->inocache_lock);
169
			continue;
170
		}
171

172
		if (!ic->nlink) {
173
			D1(printk( "Skipping check of ino #%d with nlink zero\n",
174
				  ic->ino));
175
			spin_unlock(&c->inocache_lock);
176
			continue;
177
		}
178
		switch(ic->state) {
179
		case INO_STATE_CHECKEDABSENT:
180
		case INO_STATE_PRESENT:
181
			D1(printk( "Skipping ino #%u already checked\n", ic->ino));
182
			spin_unlock(&c->inocache_lock);
183
			continue;
184

185
		case INO_STATE_GC:
186
		case INO_STATE_CHECKING:
187
			printk( "Inode #%u is in state %d during CRC check phase!\n", ic->ino, ic->state);
188
			spin_unlock(&c->inocache_lock);
189
			BUG();
190

191
		case INO_STATE_READING:
192
			/* We need to wait for it to finish, lest we move on
193
			 * and trigger the BUG() above while we haven't yet
194
			 * finished checking all its nodes
195
			 */
196
			D1(printk( "Waiting for ino #%u to finish reading\n", ic->ino));
197
			up(&c->alloc_sem);
198
			sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
199
			return 0;
200

201
		default:
202
			BUG();
203

204
		case INO_STATE_UNCHECKED:
205
			;
206
		}
207
		ic->state = INO_STATE_CHECKING;
208
		spin_unlock(&c->inocache_lock);
209

210
		D1(printk( "jffs2_garbage_collect_pass() triggering inode scan of ino#%u\n", ic->ino));
211

212
		ret = jffs2_do_crccheck_inode(c, ic);
213
		if (ret) {
214
			printk( "Returned error for crccheck of ino #%u. Expect badness...\n", ic->ino);
215
		}
216

217
		jffs2_set_inocache_state(c, ic, INO_STATE_CHECKEDABSENT);
218
		up(&c->alloc_sem);
219
		return ret;
220
	}
221

222
	/* First, work out which block we're garbage-collecting */
223
	jeb = c->gcblock;
224

225
	if (!jeb) {
226
		jeb = jffs2_find_gc_block(c);
227
	}
228

229
	if (!jeb) {
230
		D1 (printk(KERN_NOTICE "jffs2: Couldn't find erase block to garbage collect!\n"));
231
		spin_unlock(&c->erase_completion_lock);
232
		up(&c->alloc_sem);
233
		return -EIO;
234
	}
235

236
	D1(printk( "GC from block %08x, used_size %08x, dirty_size %08x, free_size %08x\n", jeb->offset, jeb->used_size, jeb->dirty_size, jeb->free_size));
237
	D1(if (c->nextblock)
238
	   printk( "Nextblock at  %08x, used_size %08x, dirty_size %08x, wasted_size %08x, free_size %08x\n", c->nextblock->offset, c->nextblock->used_size, c->nextblock->dirty_size, c->nextblock->wasted_size, c->nextblock->free_size));
239

240
	if (!jeb->used_size) {
241
		up(&c->alloc_sem);
242
		goto eraseit;
243
	}
244

245
	raw = jeb->gc_node;
246

247
	while(ref_obsolete(raw)) {
248
		D1(printk( "Node at 0x%08x is obsolete... skipping\n", ref_offset(raw)));
249
		raw = raw->next_phys;
250
		if (unlikely(!raw)) {
251
			printk( "eep. End of raw list while still supposedly nodes to GC\n");
252
			printk( "erase block at 0x%08x. free_size 0x%08x, dirty_size 0x%08x, used_size 0x%08x\n",
253
			       jeb->offset, jeb->free_size, jeb->dirty_size, jeb->used_size);
254
			jeb->gc_node = raw;
255
			spin_unlock(&c->erase_completion_lock);
256
			up(&c->alloc_sem);
257
			BUG();
258
		}
259
	}
260
	jeb->gc_node = raw;
261

262
	D1(printk( "Going to garbage collect node at 0x%08x\n", ref_offset(raw)));
263

264
	if (!raw->next_in_ino) {
265
		/* Inode-less node. Clean marker, snapshot or something like that */
266
		/* FIXME: If it's something that needs to be copied, including something
267
		 * we don't grok that has JFFS2_NODETYPE_RWCOMPAT_COPY, we should do so
268
		 */
269
		spin_unlock(&c->erase_completion_lock);
270
		jffs2_mark_node_obsolete(c, raw);
271
		up(&c->alloc_sem);
272
		goto eraseit_lock;
273
	}
274

275
	ic = jffs2_raw_ref_to_ic(raw);
276

277
	/* We need to hold the inocache. Either the erase_completion_lock or
278
	 * the inocache_lock are sufficient; we trade down since the inocache_lock
279
	 * causes less contention.
280
	 */
281
	spin_lock(&c->inocache_lock);
282

283
	spin_unlock(&c->erase_completion_lock);
284

285
	D1(printk( "jffs2_garbage_collect_pass collecting from block @0x%08x. Node @0x%08x(%d), ino #%u\n", jeb->offset, ref_offset(raw), ref_flags(raw), ic->ino));
286

287
	/* Three possibilities:
288
	 * 1. Inode is already in-core. We must iget it and do proper
289
	 *    updating to its fragtree, etc.
290
	 * 2. Inode is not in-core, node is REF_PRISTINE. We lock the
291
	 *    inocache to prevent a read_inode(), copy the node intact.
292
	 * 3. Inode is not in-core, node is not pristine. We must iget()
293
	 *    and take the slow path.
294
	 */
295
	switch(ic->state) {
296
	case INO_STATE_CHECKEDABSENT:
297
		/* It's been checked, but it's not currently in-core.
298
		 * We can just copy any pristine nodes, but have
299
		 * to prevent anyone else from doing read_inode() while
300
		 * we're at it, so we set the state accordingly
301
		 */
302
		if (ref_flags(raw) == REF_PRISTINE) {
303
			ic->state = INO_STATE_GC;
304
		} else {
305
			D1(printk( "Ino #%u is absent but node not REF_PRISTINE. Reading.\n",
306
				  ic->ino));
307
		}
308
		break;
309

310
	case INO_STATE_PRESENT:
311
		/* It's in-core. GC must iget() it. */
312
		break;
313

314
	case INO_STATE_UNCHECKED:
315
	case INO_STATE_CHECKING:
316
	case INO_STATE_GC:
317
		/* Should never happen. We should have finished checking
318
		 * by the time we actually start doing any GC, and since
319
		 * we're holding the alloc_sem, no other garbage collection
320
		 * can happen.
321
		 */
322
		printk(KERN_CRIT "Inode #%u already in state %d in jffs2_garbage_collect_pass()!\n",
323
		       ic->ino, ic->state);
324
		up(&c->alloc_sem);
325
		spin_unlock(&c->inocache_lock);
326
		BUG();
327

328
	case INO_STATE_READING:
329
		/* Someone's currently trying to read it. We must wait for
330
		 * them to finish and then go through the full iget() route
331
		 * to do the GC. However, sometimes read_inode() needs to get
332
		 * the alloc_sem() (for marking nodes invalid) so we must
333
		 * drop the alloc_sem before sleeping.
334
		 */
335

336
		up(&c->alloc_sem);
337
		D1(printk( "jffs2_garbage_collect_pass() waiting for ino #%u in state %d\n",
338
			  ic->ino, ic->state));
339
		sleep_on_spinunlock(&c->inocache_wq, &c->inocache_lock);
340
		/* And because we dropped the alloc_sem we must start again from the
341
		 * beginning. Ponder chance of livelock here -- we're returning success
342
		 * without actually making any progress.
343
		 * Q: What are the chances that the inode is back in INO_STATE_READING
344
		 * again by the time we next enter this function? And that this happens
345
		 * enough times to cause a real delay?
346
		 * A: Small enough that I don't care :)
347
		 */
348
		return 0;
349
	}
350

351
	/* OK. Now if the inode is in state INO_STATE_GC, we are going to copy the
352
	 * node intact, and we don't have to muck about with the fragtree etc.
353
	 * because we know it's not in-core. If it _was_ in-core, we go through
354
	 * all the iget() crap anyway
355
	 * */
356

357
	if (ic->state == INO_STATE_GC) {
358
		spin_unlock(&c->inocache_lock);
359

360
		ret = jffs2_garbage_collect_pristine(c, ic, raw);
361

362
		spin_lock(&c->inocache_lock);
363
		ic->state = INO_STATE_CHECKEDABSENT;
364
		wake_up(&c->inocache_wq);
365

366
		if (ret != -EBADFD) {
367
			spin_unlock(&c->inocache_lock);
368
			goto release_sem;
369
		}
370

371
		/* Fall through if it wanted us to, with inocache_lock held */
372
	}
373

374
	/* Prevent the fairly unlikely race where the gcblock is
375
	 * entirely obsoleted by the final close of a file which had
376
	 * the only valid nodes in the block, followed by erasure,
377
	 * followed by freeing of the ic because the erased block(s)
378
	 * held _all_ the nodes of that inode.... never been seen but
379
	 * it's vaguely possible.
380
	 */
381

382
	inum = ic->ino;
383
	nlink = ic->nlink;
384
	spin_unlock(&c->inocache_lock);
385

386
	f = jffs2_gc_fetch_inode(c, inum, nlink);
387
	if (IS_ERR(f)) {
388
		ret = PTR_ERR(f);
389
		goto release_sem;
390
	}
391
	if (!f) {
392
		ret = 0;
393
		goto release_sem;
394
	}
395

396
	ret = jffs2_garbage_collect_live(c, jeb, raw, f);
397

398
	jffs2_gc_release_inode(c, f);
399

400
 release_sem:
401
	up(&c->alloc_sem);
402

403
 eraseit_lock:
404
	/* If we've finished this block, start it erasing */
405
	spin_lock(&c->erase_completion_lock);
406

407
 eraseit:
408
	if (c->gcblock && !c->gcblock->used_size) {
409
		D1(printk( "Block at 0x%08x completely obsoleted by GC. Moving to erase_pending_list\n", c->gcblock->offset));
410
		/* We're GC'ing an empty block? */
411
		list_add_tail(&c->gcblock->list, &c->erase_pending_list);
412
		c->gcblock = NULL;
413
		c->nr_erasing_blocks++;
414
		jffs2_erase_pending_trigger(c);
415
	}
416
	spin_unlock(&c->erase_completion_lock);
417

418
	return ret;
419
}
420

421
static int jffs2_garbage_collect_live(struct jffs2_sb_info *c,
422
		struct jffs2_eraseblock *jeb,
423
		struct jffs2_raw_node_ref *raw, struct jffs2_inode_info *f) {
424
	struct jffs2_node_frag *frag;
425
	struct jffs2_full_dnode *fn = NULL;
426
	struct jffs2_full_dirent *fd;
427
	uint32_t start = 0, end = 0, nrfrags = 0;
428
	int ret = 0;
429

430
	down(&f->sem);
431

432
	/* Now we have the lock for this inode.
433
	 * Check that it's still the one at the head of the list.
434
	 */
435
	spin_lock(&c->erase_completion_lock);
436

437
	if (c->gcblock != jeb) {
438
		spin_unlock(&c->erase_completion_lock);
439
		D1(printk( "GC block is no longer gcblock. Restart\n"));
440
		goto upnout;
441
	}
442
	if (ref_obsolete(raw)) {
443
		spin_unlock(&c->erase_completion_lock);
444
		D1(printk( "node to be GC'd was obsoleted in the meantime.\n"));
445
		/* They'll call again */
446
		goto upnout;
447
	}
448
	spin_unlock(&c->erase_completion_lock);
449

450
	/* OK. Looks safe. And nobody can get us now because we have the semaphore. Move the block */
451
	if (f->metadata && f->metadata->raw == raw) {
452
		fn = f->metadata;
453
		ret = jffs2_garbage_collect_metadata(c, jeb, f, fn);
454
		goto upnout;
455
	}
456

457
	/* FIXME. Read node and do lookup? */
458
	for (frag = frag_first(&f->fragtree); frag; frag = frag_next(frag)) {
459
		if (frag->node && frag->node->raw == raw) {
460
			fn = frag->node;
461
			end = frag->ofs + frag->size;
462
			if (!nrfrags++) {
463
				start = frag->ofs;
464
			}
465
			if (nrfrags == frag->node->frags) {
466
				break; /* We've found them all */
467
			}
468
		}
469
	}
470
	if (fn) {
471
		if (ref_flags(raw) == REF_PRISTINE) {
472
			ret = jffs2_garbage_collect_pristine(c, f->inocache, raw);
473
			if (!ret) {
474
				/* Urgh. Return it sensibly. */
475
				frag->node->raw = f->inocache->nodes;
476
			}
477
			if (ret != -EBADFD) {
478
				goto upnout;
479
			}
480
		}
481
		/* We found a datanode. Do the GC */
482
		if((start >> PAGE_CACHE_SHIFT) < ((end-1) >> PAGE_CACHE_SHIFT)) {
483
			/* It crosses a page boundary. Therefore, it must be a hole. */
484
			ret = jffs2_garbage_collect_hole(c, jeb, f, fn, start, end);
485
		} else {
486
			/* It could still be a hole. But we GC the page this way anyway */
487
			ret = jffs2_garbage_collect_dnode(c, jeb, f, fn, start, end);
488
		}
489
		goto upnout;
490
	}
491

492
	/* Wasn't a dnode. Try dirent */
493
	for (fd = f->dents; fd; fd=fd->next) {
494
		if (fd->raw == raw) {
495
			break;
496
		}
497
	}
498

499
	if (fd && fd->ino) {
500
		ret = jffs2_garbage_collect_dirent(c, jeb, f, fd);
501
	} else if (fd) {
502
		ret = jffs2_garbage_collect_deletion_dirent(c, jeb, f, fd);
503
	} else {
504
		printk( "Raw node at 0x%08x wasn't in node lists for ino #%u\n",
505
		       ref_offset(raw), f->inocache->ino);
506
		if (ref_obsolete(raw)) {
507
			printk( "But it's obsolete so we don't mind too much\n");
508
		} else {
509
			jffs2_dbg_dump_node(c, ref_offset(raw));
510
			BUG();
511
		}
512
	}
513
 upnout:
514
	up(&f->sem);
515

516
	return ret;
517
}
518

519
static int jffs2_garbage_collect_pristine(struct jffs2_sb_info *c,
520
					  struct jffs2_inode_cache *ic,
521
					  struct jffs2_raw_node_ref *raw) {
522
	union jffs2_node_union *node;
523
	struct jffs2_raw_node_ref *nraw;
524
	size_t retlen;
525
	int ret;
526
	uint32_t phys_ofs, alloclen;
527
	uint32_t crc, rawlen;
528
	int retried = 0;
529

530
	D1(printk( "Going to GC REF_PRISTINE node at 0x%08x\n", ref_offset(raw)));
531

532
	rawlen = ref_totlen(c, c->gcblock, raw);
533

534
	/* Ask for a small amount of space (or the totlen if smaller) because we
535
	 * don't want to force wastage of the end of a block if splitting would
536
	 * work.
537
	 */
538
	ret = jffs2_reserve_space_gc(c, min_t(uint32_t,
539
			sizeof(struct jffs2_raw_inode) + JFFS2_MIN_DATA_LEN,
540
					      rawlen), &phys_ofs, &alloclen);
541
	if (ret) {
542
		return ret;
543
	}
544

545
	if (alloclen < rawlen) {
546
		/* Doesn't fit untouched. We'll go the old route and split it */
547
		return -EBADFD;
548
	}
549

550
	node = kmalloc(rawlen, GFP_KERNEL);
551
	if ( !node) {
552
		return -ENOMEM;
553
	}
554

555
	ret = jffs2_flash_read(c, ref_offset(raw),
556
			rawlen, &retlen, (unsigned char *)node);
557
	if (!ret && retlen != rawlen) {
558
		ret = -EIO;
559
	}
560
	if (ret) {
561
		goto out_node;
562
	}
563

564
	crc = crc32(0, node, sizeof(struct jffs2_unknown_node)-4);
565
	if (je32_to_cpu(node->u.hdr_crc) != crc) {
566
		printk( "Header CRC failed on REF_PRISTINE node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
567
		       ref_offset(raw), je32_to_cpu(node->u.hdr_crc), crc);
568
		goto bail;
569
	}
570

571
	switch(je16_to_cpu(node->u.nodetype)) {
572
	case JFFS2_NODETYPE_INODE:
573
		crc = crc32(0, node, sizeof(node->i)-8);
574
		if (je32_to_cpu(node->i.node_crc) != crc) {
575
			printk( "Node CRC failed on REF_PRISTINE data node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
576
			       ref_offset(raw), je32_to_cpu(node->i.node_crc), crc);
577
			goto bail;
578
		}
579

580
		if (je32_to_cpu(node->i.dsize)) {
581
			crc = crc32(0, node->i.data, je32_to_cpu(node->i.csize));
582
			if (je32_to_cpu(node->i.data_crc) != crc) {
583
				printk( "Data CRC failed on REF_PRISTINE data node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
584
				       ref_offset(raw), je32_to_cpu(node->i.data_crc), crc);
585
				goto bail;
586
			}
587
		}
588
		break;
589

590
	case JFFS2_NODETYPE_DIRENT:
591
		crc = crc32(0, node, sizeof(node->d)-8);
592
		if (je32_to_cpu(node->d.node_crc) != crc) {
593
			printk( "Node CRC failed on REF_PRISTINE dirent node at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
594
			       ref_offset(raw), je32_to_cpu(node->d.node_crc), crc);
595
			goto bail;
596
		}
597

598
		if (node->d.nsize) {
599
			crc = crc32(0, node->d.name, node->d.nsize);
600
			if (je32_to_cpu(node->d.name_crc) != crc) {
601
				printk( "Name CRC failed on REF_PRISTINE dirent ode at 0x%08x: Read 0x%08x, calculated 0x%08x\n",
602
				       ref_offset(raw), je32_to_cpu(node->d.name_crc), crc);
603
				goto bail;
604
			}
605
		}
606
		break;
607
	default:
608
		printk( "Unknown node type for REF_PRISTINE node at 0x%08x: 0x%04x\n",
609
		       ref_offset(raw), je16_to_cpu(node->u.nodetype));
610
		goto bail;
611
	}
612

613
	nraw = jffs2_alloc_raw_node_ref();
614
	if (!nraw) {
615
		ret = -ENOMEM;
616
		goto out_node;
617
	}
618

619
	/* OK, all the CRCs are good; this node can just be copied as-is. */
620
 retry:
621
	nraw->flash_offset = phys_ofs;
622
	nraw->__totlen = rawlen;
623
	nraw->next_phys = NULL;
624

625
	ret = jffs2_flash_write(c, phys_ofs, rawlen, &retlen, (unsigned char *)node);
626

627
	if (ret || (retlen != rawlen)) {
628
		printk(KERN_NOTICE "Write of %d bytes at 0x%08x failed. returned %d, retlen %zd\n",
629
                       rawlen, phys_ofs, ret, retlen);
630
		if (retlen) {
631
                        /* Doesn't belong to any inode */
632
			nraw->next_in_ino = NULL;
633

634
			nraw->flash_offset |= REF_OBSOLETE;
635
			jffs2_add_physical_node_ref(c, nraw);
636
			jffs2_mark_node_obsolete(c, nraw);
637
		} else {
638
			printk(KERN_NOTICE "Not marking the space at 0x%08x as dirty because the flash driver returned retlen zero\n", nraw->flash_offset);
639
                        jffs2_free_raw_node_ref(nraw);
640
		}
641
		if (!retried && (nraw = jffs2_alloc_raw_node_ref())) {
642
			/* Try to reallocate space and retry */
643
			uint32_t dummy;
644
			struct jffs2_eraseblock *jeb = &c->blocks[phys_ofs / c->sector_size];
645

646
			retried = 1;
647

648
			D1(printk( "Retrying failed write of REF_PRISTINE node.\n"));
649

650
			jffs2_dbg_acct_sanity_check(c,jeb);
651
			jffs2_dbg_acct_paranoia_check(c, jeb);
652

653
			ret = jffs2_reserve_space_gc(c, rawlen, &phys_ofs, &dummy);
654

655
			if (!ret) {
656
				D1(printk( "Allocated space at 0x%08x to retry failed write.\n", phys_ofs));
657

658
				jffs2_dbg_acct_sanity_check(c,jeb);
659
				jffs2_dbg_acct_paranoia_check(c, jeb);
660

661
				goto retry;
662
			}
663
			D1(printk( "Failed to allocate space to retry failed write: %d!\n", ret));
664
			jffs2_free_raw_node_ref(nraw);
665
		}
666

667
		jffs2_free_raw_node_ref(nraw);
668
		if (!ret) {
669
			ret = -EIO;
670
		}
671
		goto out_node;
672
	}
673
	nraw->flash_offset |= REF_PRISTINE;
674
	jffs2_add_physical_node_ref(c, nraw);
675

676
	/* Link into per-inode list. This is safe because of the ic
677
	 * state being INO_STATE_GC. Note that if we're doing this
678
	 * for an inode which is in-core, the 'nraw' pointer is then
679
	 * going to be fetched from ic->nodes by our caller.
680
	 */
681
	spin_lock(&c->erase_completion_lock);
682
    nraw->next_in_ino = ic->nodes;
683
    ic->nodes = nraw;
684
	spin_unlock(&c->erase_completion_lock);
685

686
	jffs2_mark_node_obsolete(c, raw);
687
	D1(printk( "WHEEE! GC REF_PRISTINE node at 0x%08x succeeded\n", ref_offset(raw)));
688

689
 out_node:
690
	kfree(node);
691
	return ret;
692
 bail:
693
	ret = -EBADFD;
694
	goto out_node;
695
}
696

697
static int jffs2_garbage_collect_metadata(struct jffs2_sb_info *c,
698
		struct jffs2_eraseblock *jeb,
699
		struct jffs2_inode_info *f, struct jffs2_full_dnode *fn) {
700
	struct jffs2_full_dnode *new_fn;
701
	struct jffs2_raw_inode ri;
702
	struct jffs2_node_frag *last_frag;
703
	jint16_t dev;
704
	char *mdata = NULL, mdatalen = 0;
705
	uint32_t alloclen, phys_ofs, ilen;
706
	int ret;
707

708
	if (S_ISBLK(JFFS2_F_I_MODE(f)) ||
709
	    S_ISCHR(JFFS2_F_I_MODE(f)) ) {
710
		/* For these, we don't actually need to read the old node */
711
		/* FIXME: for minor or major > 255. */
712
		dev = cpu_to_je16(((JFFS2_F_I_RDEV_MAJ(f) << 8) |
713
			JFFS2_F_I_RDEV_MIN(f)));
714
		mdata = (char *)&dev;
715
		mdatalen = sizeof(dev);
716
		D1(printk( "jffs2_garbage_collect_metadata(): Writing %d bytes of kdev_t\n", mdatalen));
717
	} else if (S_ISLNK(JFFS2_F_I_MODE(f))) {
718
		mdatalen = fn->size;
719
		mdata = kmalloc(fn->size, GFP_KERNEL);
720
		if (!mdata) {
721
			printk( "kmalloc of mdata failed in jffs2_garbage_collect_metadata()\n");
722
			return -ENOMEM;
723
		}
724
		ret = jffs2_read_dnode(c, f, fn, (unsigned char *) mdata, 0, mdatalen);
725
		if (ret) {
726
			printk( "read of old metadata failed in jffs2_garbage_collect_metadata(): %d\n", ret);
727
			kfree(mdata);
728
			return ret;
729
		}
730
		D1(printk( "jffs2_garbage_collect_metadata(): Writing %d bites of symlink target\n", mdatalen));
731

732
	}
733

734
	ret = jffs2_reserve_space_gc(c, sizeof(ri) + mdatalen,
735
			&phys_ofs, &alloclen);
736
	if (ret) {
737
		printk( "jffs2_reserve_space_gc of %zd bytes for garbage_collect_metadata failed: %d\n",
738
		       sizeof(ri)+ mdatalen, ret);
739
		goto out;
740
	}
741

742
	last_frag = frag_last(&f->fragtree);
743
	if (last_frag) {
744
		/* Fetch the inode length from the fragtree rather then
745
		 * from i_size since i_size may have not been updated yet */
746
		ilen = last_frag->ofs + last_frag->size;
747
	} else {
748
		ilen = JFFS2_F_I_SIZE(f);
749
	}
750

751
	memset(&ri, 0, sizeof(ri));
752
	ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
753
	ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
754
	ri.totlen = cpu_to_je32(sizeof(ri) + mdatalen);
755
	ri.hdr_crc = cpu_to_je32(crc32(0, &ri,
756
			sizeof(struct jffs2_unknown_node) - 4));
757

758
	ri.ino = cpu_to_je32(f->inocache->ino);
759
	ri.version = cpu_to_je32(++f->highest_version);
760
	ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
761
	ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
762
	ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
763
	ri.isize = cpu_to_je32(ilen);
764
	ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
765
	ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
766
	ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
767
	ri.offset = cpu_to_je32(0);
768
	ri.csize = cpu_to_je32(mdatalen);
769
	ri.dsize = cpu_to_je32(mdatalen);
770
	ri.compr = JFFS2_COMPR_NONE;
771
	ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
772
	ri.data_crc = cpu_to_je32(crc32(0, mdata, mdatalen));
773

774
	new_fn = jffs2_write_dnode(c, f, &ri,
775
			(const unsigned char *)mdata, mdatalen, phys_ofs, ALLOC_GC);
776

777
	if (IS_ERR(new_fn)) {
778
		printk( "Error writing new dnode: %lu\n", PTR_ERR(new_fn));
779
		ret = PTR_ERR(new_fn);
780
		goto out;
781
	}
782
	jffs2_mark_node_obsolete(c, fn->raw);
783
	jffs2_free_full_dnode(fn);
784
	f->metadata = new_fn;
785
 out:
786
	if (S_ISLNK(JFFS2_F_I_MODE(f))) {
787
		kfree(mdata);
788
	}
789
	return ret;
790
}
791

792
static int jffs2_garbage_collect_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
793
					struct jffs2_inode_info *f, struct jffs2_full_dirent *fd)
794
{
795
	struct jffs2_full_dirent *new_fd;
796
	struct jffs2_raw_dirent rd;
797
	uint32_t alloclen, phys_ofs;
798
	int ret;
799

800
	rd.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
801
	rd.nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
802
	rd.nsize = strlen((const char *)fd->name);
803
	rd.totlen = cpu_to_je32(sizeof(rd) + rd.nsize);
804
	rd.hdr_crc = cpu_to_je32(crc32(0, &rd, sizeof(struct jffs2_unknown_node)-4));
805

806
	rd.pino = cpu_to_je32(f->inocache->ino);
807
	rd.version = cpu_to_je32(++f->highest_version);
808
	rd.ino = cpu_to_je32(fd->ino);
809
	rd.mctime = cpu_to_je32(max(JFFS2_F_I_MTIME(f), JFFS2_F_I_CTIME(f)));
810
	rd.type = fd->type;
811
	rd.node_crc = cpu_to_je32(crc32(0, &rd, sizeof(rd)-8));
812
	rd.name_crc = cpu_to_je32(crc32(0, fd->name, rd.nsize));
813

814
	ret = jffs2_reserve_space_gc(c, sizeof(rd)+rd.nsize, &phys_ofs, &alloclen);
815
	if (ret) {
816
		printk( "jffs2_reserve_space_gc of %zd bytes for garbage_collect_dirent failed: %d\n",
817
		       sizeof(rd)+rd.nsize, ret);
818
		return ret;
819
	}
820
	new_fd = jffs2_write_dirent(c, f, &rd, fd->name, rd.nsize, phys_ofs, ALLOC_GC);
821

822
	if (IS_ERR(new_fd)) {
823
		printk( "jffs2_write_dirent in garbage_collect_dirent failed: %lu\n", PTR_ERR(new_fd));
824
		return PTR_ERR(new_fd);
825
	}
826
	jffs2_add_fd_to_list(c, new_fd, &f->dents);
827
	return 0;
828
}
829

830
static int jffs2_garbage_collect_deletion_dirent(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
831
					struct jffs2_inode_info *f, struct jffs2_full_dirent *fd)
832
{
833
	struct jffs2_full_dirent **fdp = &f->dents;
834
	int found = 0;
835

836
	/* On a medium where we can't actually mark nodes obsolete
837
	   pernamently, such as NAND flash, we need to work out
838
	   whether this deletion dirent is still needed to actively
839
	   delete a 'real' dirent with the same name that's still
840
	   somewhere else on the flash. */
841
	if (!jffs2_can_mark_obsolete(c)) {
842
		struct jffs2_raw_dirent *rd;
843
		struct jffs2_raw_node_ref *raw;
844
		int ret;
845
		size_t retlen;
846
		int name_len = strlen((const char *) fd->name);
847
		uint32_t name_crc = crc32(0, fd->name, name_len);
848
		uint32_t rawlen = ref_totlen(c, jeb, fd->raw);
849

850
		rd = kmalloc(rawlen, GFP_KERNEL);
851
		if (!rd)
852
			return -ENOMEM;
853

854
		/* Prevent the erase code from nicking the obsolete node refs while
855
		   we're looking at them. I really don't like this extra lock but
856
		   can't see any alternative. Suggestions on a postcard to... */
857
		down(&c->erase_free_sem);
858

859
		for (raw = f->inocache->nodes; raw != (void *)f->inocache; raw = raw->next_in_ino) {
860

861
			/* We only care about obsolete ones */
862
			if (!(ref_obsolete(raw)))
863
				continue;
864

865
			/* Any dirent with the same name is going to have the same length... */
866
			if (ref_totlen(c, NULL, raw) != rawlen)
867
				continue;
868

869
			/* Doesn't matter if there's one in the same erase block. We're going to
870
			   delete it too at the same time. */
871
			if (SECTOR_ADDR(raw->flash_offset) == SECTOR_ADDR(fd->raw->flash_offset))
872
				continue;
873

874
			D1(printk( "Check potential deletion dirent at %08x\n", ref_offset(raw)));
875

876
			/* This is an obsolete node belonging to the same directory, and it's of the right
877
			   length. We need to take a closer look...*/
878
			ret = jffs2_flash_read(c, ref_offset(raw), rawlen, &retlen, (unsigned char *)rd);
879
			if (ret) {
880
				printk( "jffs2_g_c_deletion_dirent(): Read error (%d) reading obsolete node at %08x\n", ret, ref_offset(raw));
881
				/* If we can't read it, we don't need to continue to obsolete it. Continue */
882
				continue;
883
			}
884
			if (retlen != rawlen) {
885
				printk( "jffs2_g_c_deletion_dirent(): Short read (%zd not %u) reading header from obsolete node at %08x\n",
886
				       retlen, rawlen, ref_offset(raw));
887
				continue;
888
			}
889

890
			if (je16_to_cpu(rd->nodetype) != JFFS2_NODETYPE_DIRENT)
891
				continue;
892

893
			/* If the name CRC doesn't match, skip */
894
			if (je32_to_cpu(rd->name_crc) != name_crc)
895
				continue;
896

897
			/* If the name length doesn't match, or it's another deletion dirent, skip */
898
			if (rd->nsize != name_len || !je32_to_cpu(rd->ino))
899
				continue;
900

901
			/* OK, check the actual name now */
902
			if (memcmp(rd->name, fd->name, name_len))
903
				continue;
904

905
			/* OK. The name really does match. There really is still an older node on
906
			   the flash which our deletion dirent obsoletes. So we have to write out
907
			   a new deletion dirent to replace it */
908
			up(&c->erase_free_sem);
909

910
			D1(printk( "Deletion dirent at %08x still obsoletes real dirent \"%s\" at %08x for ino #%u\n",
911
				  ref_offset(fd->raw), fd->name, ref_offset(raw), je32_to_cpu(rd->ino)));
912
			kfree(rd);
913

914
			return jffs2_garbage_collect_dirent(c, jeb, f, fd);
915
		}
916

917
		up(&c->erase_free_sem);
918
		kfree(rd);
919
	}
920

921
	/* No need for it any more. Just mark it obsolete and remove it from the list */
922
	while (*fdp) {
923
		if ((*fdp) == fd) {
924
			found = 1;
925
			*fdp = fd->next;
926
			break;
927
		}
928
		fdp = &(*fdp)->next;
929
	}
930
	if (!found) {
931
		printk( "Deletion dirent \"%s\" not found in list for ino #%u\n", fd->name, f->inocache->ino);
932
	}
933
	jffs2_mark_node_obsolete(c, fd->raw);
934
	jffs2_free_full_dirent(fd);
935
	return 0;
936
}
937

938
static int jffs2_garbage_collect_hole(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
939
				      struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
940
				      uint32_t start, uint32_t end)
941
{
942
	struct jffs2_raw_inode ri;
943
	struct jffs2_node_frag *frag;
944
	struct jffs2_full_dnode *new_fn;
945
	uint32_t alloclen, phys_ofs, ilen;
946
	int ret;
947

948
	D1(printk( "Writing replacement hole node for ino #%u from offset 0x%x to 0x%x\n",
949
		  f->inocache->ino, start, end));
950

951
	memset(&ri, 0, sizeof(ri));
952

953
	if(fn->frags > 1) {
954
		size_t readlen;
955
		uint32_t crc;
956
		/* It's partially obsoleted by a later write. So we have to
957
		   write it out again with the _same_ version as before */
958
		ret = jffs2_flash_read(c, ref_offset(fn->raw), sizeof(ri), &readlen, (unsigned char *)&ri);
959
		if (readlen != sizeof(ri) || ret) {
960
			printk( "Node read failed in jffs2_garbage_collect_hole. Ret %d, retlen %zd. Data will be lost by writing new hole node\n", ret, readlen);
961
			goto fill;
962
		}
963
		if (je16_to_cpu(ri.nodetype) != JFFS2_NODETYPE_INODE) {
964
			printk( "jffs2_garbage_collect_hole: Node at 0x%08x had node type 0x%04x instead of JFFS2_NODETYPE_INODE(0x%04x)\n",
965
			       ref_offset(fn->raw),
966
			       je16_to_cpu(ri.nodetype), JFFS2_NODETYPE_INODE);
967
			return -EIO;
968
		}
969
		if (je32_to_cpu(ri.totlen) != sizeof(ri)) {
970
			printk( "jffs2_garbage_collect_hole: Node at 0x%08x had totlen 0x%x instead of expected 0x%zx\n",
971
			       ref_offset(fn->raw),
972
			       je32_to_cpu(ri.totlen), sizeof(ri));
973
			return -EIO;
974
		}
975
		crc = crc32(0, &ri, sizeof(ri)-8);
976
		if (crc != je32_to_cpu(ri.node_crc)) {
977
			printk( "jffs2_garbage_collect_hole: Node at 0x%08x had CRC 0x%08x which doesn't match calculated CRC 0x%08x\n",
978
			       ref_offset(fn->raw),
979
			       je32_to_cpu(ri.node_crc), crc);
980
			/* FIXME: We could possibly deal with this by writing new holes for each frag */
981
			printk( "Data in the range 0x%08x to 0x%08x of inode #%u will be lost\n",
982
			       start, end, f->inocache->ino);
983
			goto fill;
984
		}
985
		if (ri.compr != JFFS2_COMPR_ZERO) {
986
			printk( "jffs2_garbage_collect_hole: Node 0x%08x wasn't a hole node!\n", ref_offset(fn->raw));
987
			printk( "Data in the range 0x%08x to 0x%08x of inode #%u will be lost\n",
988
			       start, end, f->inocache->ino);
989
			goto fill;
990
		}
991
	} else {
992
	fill:
993
		ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
994
		ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
995
		ri.totlen = cpu_to_je32(sizeof(ri));
996
		ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
997

998
		ri.ino = cpu_to_je32(f->inocache->ino);
999
		ri.version = cpu_to_je32(++f->highest_version);
1000
		ri.offset = cpu_to_je32(start);
1001
		ri.dsize = cpu_to_je32(end - start);
1002
		ri.csize = cpu_to_je32(0);
1003
		ri.compr = JFFS2_COMPR_ZERO;
1004
	}
1005

1006
	frag = frag_last(&f->fragtree);
1007
	if (frag)
1008
		/* Fetch the inode length from the fragtree rather then
1009
		 * from i_size since i_size may have not been updated yet */
1010
		ilen = frag->ofs + frag->size;
1011
	else
1012
		ilen = JFFS2_F_I_SIZE(f);
1013

1014
	ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
1015
	ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
1016
	ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
1017
	ri.isize = cpu_to_je32(ilen);
1018
	ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
1019
	ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
1020
	ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
1021
	ri.data_crc = cpu_to_je32(0);
1022
	ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
1023

1024
	ret = jffs2_reserve_space_gc(c, sizeof(ri), &phys_ofs, &alloclen);
1025
	if (ret) {
1026
		printk( "jffs2_reserve_space_gc of %zd bytes for garbage_collect_hole failed: %d\n",
1027
		       sizeof(ri), ret);
1028
		return ret;
1029
	}
1030
	new_fn = jffs2_write_dnode(c, f, &ri, NULL, 0, phys_ofs, ALLOC_GC);
1031

1032
	if (IS_ERR(new_fn)) {
1033
		printk( "Error writing new hole node: %lu\n", PTR_ERR(new_fn));
1034
		return PTR_ERR(new_fn);
1035
	}
1036
	if (je32_to_cpu(ri.version) == f->highest_version) {
1037
		jffs2_add_full_dnode_to_inode(c, f, new_fn);
1038
		if (f->metadata) {
1039
			jffs2_mark_node_obsolete(c, f->metadata->raw);
1040
			jffs2_free_full_dnode(f->metadata);
1041
			f->metadata = NULL;
1042
		}
1043
		return 0;
1044
	}
1045

1046
	/*
1047
	 * We should only get here in the case where the node we are
1048
	 * replacing had more than one frag, so we kept the same version
1049
	 * number as before. (Except in case of error -- see 'goto fill;'
1050
	 * above.)
1051
	 */
1052
	D1(if(unlikely(fn->frags <= 1)) {
1053
		printk( "jffs2_garbage_collect_hole: Replacing fn with %d frag(s) but new ver %d != highest_version %d of ino #%d\n",
1054
		       fn->frags, je32_to_cpu(ri.version), f->highest_version,
1055
		       je32_to_cpu(ri.ino));
1056
	});
1057

1058
	/* This is a partially-overlapped hole node. Mark it REF_NORMAL not REF_PRISTINE */
1059
	mark_ref_normal(new_fn->raw);
1060

1061
	for (frag = jffs2_lookup_node_frag(&f->fragtree, fn->ofs);
1062
	     frag; frag = frag_next(frag)) {
1063
		if (frag->ofs > fn->size + fn->ofs)
1064
			break;
1065
		if (frag->node == fn) {
1066
			frag->node = new_fn;
1067
			new_fn->frags++;
1068
			fn->frags--;
1069
		}
1070
	}
1071
	if (fn->frags) {
1072
		printk( "jffs2_garbage_collect_hole: Old node still has frags!\n");
1073
		BUG();
1074
	}
1075
	if (!new_fn->frags) {
1076
		printk( "jffs2_garbage_collect_hole: New node has no frags!\n");
1077
		BUG();
1078
	}
1079

1080
	jffs2_mark_node_obsolete(c, fn->raw);
1081
	jffs2_free_full_dnode(fn);
1082

1083
	return 0;
1084
}
1085

1086
static int jffs2_garbage_collect_dnode(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb,
1087
				       struct jffs2_inode_info *f, struct jffs2_full_dnode *fn,
1088
				       uint32_t start, uint32_t end)
1089
{
1090
	struct jffs2_full_dnode *new_fn;
1091
	struct jffs2_raw_inode ri;
1092
	uint32_t alloclen, phys_ofs, offset, orig_end, orig_start;
1093
	int ret = 0;
1094
	unsigned char *comprbuf = NULL, *writebuf;
1095
	unsigned long pg;
1096
	unsigned char *pg_ptr;
1097

1098
	memset(&ri, 0, sizeof(ri));
1099

1100
	D1(printk( "Writing replacement dnode for ino #%u from offset 0x%x to 0x%x\n",
1101
		  f->inocache->ino, start, end));
1102

1103
	orig_end = end;
1104
	orig_start = start;
1105

1106
	if (c->nr_free_blocks + c->nr_erasing_blocks > c->resv_blocks_gcmerge) {
1107
		/* Attempt to do some merging. But only expand to cover logically
1108
		   adjacent frags if the block containing them is already considered
1109
		   to be dirty. Otherwise we end up with GC just going round in
1110
		   circles dirtying the nodes it already wrote out, especially
1111
		   on NAND where we have small eraseblocks and hence a much higher
1112
		   chance of nodes having to be split to cross boundaries. */
1113

1114
		struct jffs2_node_frag *frag;
1115
		uint32_t min, max;
1116

1117
		min = start & ~(PAGE_CACHE_SIZE-1);
1118
		max = min + PAGE_CACHE_SIZE;
1119

1120
		frag = jffs2_lookup_node_frag(&f->fragtree, start);
1121

1122
		/* BUG_ON(!frag) but that'll happen anyway... */
1123

1124
		BUG_ON(frag->ofs != start);
1125

1126
		/* First grow down... */
1127
		while((frag = frag_prev(frag)) && frag->ofs >= min) {
1128

1129
			/* If the previous frag doesn't even reach the beginning, there's
1130
			   excessive fragmentation. Just merge. */
1131
			if (frag->ofs > min) {
1132
				D1(printk( "Expanding down to cover partial frag (0x%x-0x%x)\n",
1133
					  frag->ofs, frag->ofs+frag->size));
1134
				start = frag->ofs;
1135
				continue;
1136
			}
1137
			/* OK. This frag holds the first byte of the page. */
1138
			if (!frag->node || !frag->node->raw) {
1139
				D1(printk( "First frag in page is hole (0x%x-0x%x). Not expanding down.\n",
1140
					  frag->ofs, frag->ofs+frag->size));
1141
				break;
1142
			} else {
1143

1144
				/* OK, it's a frag which extends to the beginning of the page. Does it live
1145
				   in a block which is still considered clean? If so, don't obsolete it.
1146
				   If not, cover it anyway. */
1147

1148
				struct jffs2_raw_node_ref *raw = frag->node->raw;
1149
				struct jffs2_eraseblock *jeb;
1150

1151
				jeb = &c->blocks[raw->flash_offset / c->sector_size];
1152

1153
				if (jeb == c->gcblock) {
1154
					D1(printk( "Expanding down to cover frag (0x%x-0x%x) in gcblock at %08x\n",
1155
						  frag->ofs, frag->ofs+frag->size, ref_offset(raw)));
1156
					start = frag->ofs;
1157
					break;
1158
				}
1159
				if (!ISDIRTY(jeb->dirty_size + jeb->wasted_size)) {
1160
					D1(printk( "Not expanding down to cover frag (0x%x-0x%x) in clean block %08x\n",
1161
						  frag->ofs, frag->ofs+frag->size, jeb->offset));
1162
					break;
1163
				}
1164

1165
				D1(printk( "Expanding down to cover frag (0x%x-0x%x) in dirty block %08x\n",
1166
						  frag->ofs, frag->ofs+frag->size, jeb->offset));
1167
				start = frag->ofs;
1168
				break;
1169
			}
1170
		}
1171

1172
		/* ... then up */
1173

1174
		/* Find last frag which is actually part of the node we're to GC. */
1175
		frag = jffs2_lookup_node_frag(&f->fragtree, end-1);
1176

1177
		while((frag = frag_next(frag)) && frag->ofs+frag->size <= max) {
1178

1179
			/* If the previous frag doesn't even reach the beginning, there's lots
1180
			   of fragmentation. Just merge. */
1181
			if (frag->ofs+frag->size < max) {
1182
				D1(printk( "Expanding up to cover partial frag (0x%x-0x%x)\n",
1183
					  frag->ofs, frag->ofs+frag->size));
1184
				end = frag->ofs + frag->size;
1185
				continue;
1186
			}
1187

1188
			if (!frag->node || !frag->node->raw) {
1189
				D1(printk( "Last frag in page is hole (0x%x-0x%x). Not expanding up.\n",
1190
					  frag->ofs, frag->ofs+frag->size));
1191
				break;
1192
			} else {
1193

1194
				/* OK, it's a frag which extends to the beginning of the page. Does it live
1195
				   in a block which is still considered clean? If so, don't obsolete it.
1196
				   If not, cover it anyway. */
1197

1198
				struct jffs2_raw_node_ref *raw = frag->node->raw;
1199
				struct jffs2_eraseblock *jeb;
1200

1201
				jeb = &c->blocks[raw->flash_offset / c->sector_size];
1202

1203
				if (jeb == c->gcblock) {
1204
					D1(printk( "Expanding up to cover frag (0x%x-0x%x) in gcblock at %08x\n",
1205
						  frag->ofs, frag->ofs+frag->size, ref_offset(raw)));
1206
					end = frag->ofs + frag->size;
1207
					break;
1208
				}
1209
				if (!ISDIRTY(jeb->dirty_size + jeb->wasted_size)) {
1210
					D1(printk( "Not expanding up to cover frag (0x%x-0x%x) in clean block %08x\n",
1211
						  frag->ofs, frag->ofs+frag->size, jeb->offset));
1212
					break;
1213
				}
1214

1215
				D1(printk( "Expanding up to cover frag (0x%x-0x%x) in dirty block %08x\n",
1216
						  frag->ofs, frag->ofs+frag->size, jeb->offset));
1217
				end = frag->ofs + frag->size;
1218
				break;
1219
			}
1220
		}
1221
		D1(printk( "Expanded dnode to write from (0x%x-0x%x) to (0x%x-0x%x)\n",
1222
			  orig_start, orig_end, start, end));
1223

1224
		D1(BUG_ON(end > frag_last(&f->fragtree)->ofs + frag_last(&f->fragtree)->size));
1225
		BUG_ON(end < orig_end);
1226
		BUG_ON(start > orig_start);
1227
	}
1228

1229
	/* First, use readpage() to read the appropriate page into the page cache */
1230
	/* Q: What happens if we actually try to GC the _same_ page for which commit_write()
1231
	 *    triggered garbage collection in the first place?
1232
	 * A: I _think_ it's OK. read_cache_page shouldn't deadlock, we'll write out the
1233
	 *    page OK. We'll actually write it out again in commit_write, which is a little
1234
	 *    suboptimal, but at least we're correct.
1235
	 */
1236
	pg_ptr = jffs2_gc_fetch_page(c, f, start, &pg);
1237

1238
	if (IS_ERR(pg_ptr)) {
1239
		printk( "read_cache_page() returned error: %lu\n", PTR_ERR(pg_ptr));
1240
		return PTR_ERR(pg_ptr);
1241
	}
1242

1243
	offset = start;
1244
	while(offset < orig_end) {
1245
		uint32_t datalen;
1246
		uint32_t cdatalen;
1247
		uint16_t comprtype = JFFS2_COMPR_NONE;
1248

1249
		ret = jffs2_reserve_space_gc(c, sizeof(ri) + JFFS2_MIN_DATA_LEN, &phys_ofs, &alloclen);
1250

1251
		if (ret) {
1252
			printk( "jffs2_reserve_space_gc of %zd bytes for garbage_collect_dnode failed: %d\n",
1253
			       sizeof(ri)+ JFFS2_MIN_DATA_LEN, ret);
1254
			break;
1255
		}
1256
		cdatalen = min_t(uint32_t, alloclen - sizeof(ri), end - offset);
1257
		datalen = end - offset;
1258

1259
		writebuf = pg_ptr + (offset & (PAGE_CACHE_SIZE -1));
1260

1261
		comprtype = jffs2_compress(c, f, writebuf, &comprbuf, &datalen, &cdatalen);
1262

1263
		ri.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
1264
		ri.nodetype = cpu_to_je16(JFFS2_NODETYPE_INODE);
1265
		ri.totlen = cpu_to_je32(sizeof(ri) + cdatalen);
1266
		ri.hdr_crc = cpu_to_je32(crc32(0, &ri, sizeof(struct jffs2_unknown_node)-4));
1267

1268
		ri.ino = cpu_to_je32(f->inocache->ino);
1269
		ri.version = cpu_to_je32(++f->highest_version);
1270
		ri.mode = cpu_to_jemode(JFFS2_F_I_MODE(f));
1271
		ri.uid = cpu_to_je16(JFFS2_F_I_UID(f));
1272
		ri.gid = cpu_to_je16(JFFS2_F_I_GID(f));
1273
		ri.isize = cpu_to_je32(JFFS2_F_I_SIZE(f));
1274
		ri.atime = cpu_to_je32(JFFS2_F_I_ATIME(f));
1275
		ri.ctime = cpu_to_je32(JFFS2_F_I_CTIME(f));
1276
		ri.mtime = cpu_to_je32(JFFS2_F_I_MTIME(f));
1277
		ri.offset = cpu_to_je32(offset);
1278
		ri.csize = cpu_to_je32(cdatalen);
1279
		ri.dsize = cpu_to_je32(datalen);
1280
		ri.compr = comprtype & 0xff;
1281
		ri.usercompr = (comprtype >> 8) & 0xff;
1282
		ri.node_crc = cpu_to_je32(crc32(0, &ri, sizeof(ri)-8));
1283
		ri.data_crc = cpu_to_je32(crc32(0, comprbuf, cdatalen));
1284

1285
		new_fn = jffs2_write_dnode(c, f, &ri, comprbuf, cdatalen, phys_ofs, ALLOC_GC);
1286

1287
		jffs2_free_comprbuf(comprbuf, writebuf);
1288

1289
		if (IS_ERR(new_fn)) {
1290
			printk( "Error writing new dnode: %lu\n", PTR_ERR(new_fn));
1291
			ret = PTR_ERR(new_fn);
1292
			break;
1293
		}
1294
		ret = jffs2_add_full_dnode_to_inode(c, f, new_fn);
1295
		offset += datalen;
1296
		if (f->metadata) {
1297
			jffs2_mark_node_obsolete(c, f->metadata->raw);
1298
			jffs2_free_full_dnode(f->metadata);
1299
			f->metadata = NULL;
1300
		}
1301
	}
1302

1303
	jffs2_gc_release_page(c, pg_ptr, &pg);
1304
	return ret;
1305
}
1306

1307