The system crashes very early after a few accesses. This is caused by
rw_verify_area() which gets an invalid dereference.

--- ./fs/evfs/evfs_core.c.bad	2006-02-26 22:49:55 +0100
+++ ./fs/evfs/evfs_core.c	2007-01-03 15:25:17 +0100
@@ -865,13 +865,13 @@
 /**************************************************************************
  Address space operations
  **************************************************************************/
-int evfs_do_read(struct file *file, long long *start, char *buf, size_t count)
+static int evfs_do_read(struct file *file, loff_t *start, char *buf, size_t count)
 {
 	int	ret = -EBADF;
 	mm_segment_t fs = get_fs();
 	set_fs(KERNEL_DS);
 
-	ret = rw_verify_area(READ, file, *start, count);
+	ret = rw_verify_area(READ, file, start, count);
 	if (!ret) {
 		ssize_t (*read)(struct file *, char *, size_t, loff_t *);
 		ret = -EINVAL;
@@ -885,14 +885,14 @@
 	return ret;
 }
 
-int evfs_do_write(struct file *file, long long *start, char *buf, size_t count)
+static int evfs_do_write(struct file *file, loff_t *start, char *buf, size_t count)
 {
 	int	ret = -EBADF;
 	mm_segment_t fs = get_fs();
 	set_fs(KERNEL_DS);
 
 	track();
-	ret = rw_verify_area(WRITE, file, *start, count);
+	ret = rw_verify_area(WRITE, file, start, count);
 	if (!ret) {
 		ssize_t (*write)(struct file *, const char *, size_t, loff_t *);
 		ret = -EINVAL;
@@ -912,7 +912,7 @@
 	struct address_space *mapping = page->mapping;
 	struct inode *inode = mapping->host;
 	char *buffer;
-	unsigned long long base;
+	loff_t base;
 	int count = PAGE_CACHE_SIZE;
 	int end_index = inode->i_size >> PAGE_CACHE_SHIFT;
 	int err;
@@ -927,7 +927,7 @@
 		count = (inode->i_size & (PAGE_CACHE_SIZE-1));
 
 	buffer = kmap(page);
-	base = ((unsigned long long) page->index) << PAGE_CACHE_SHIFT;
+	base = ((loff_t)page->index) << PAGE_CACHE_SHIFT;
 
 	evfs_aes_encrypt_str(&gk(inode)->aes, kbuf, buffer, (count+PADLEN) & ~PADLEN, get_salt(gk(inode), page->index, buf));
 	err = evfs_do_write(evfs_i(inode).fd, &base, kbuf, (count + PADLEN) & ~PADLEN);
@@ -961,7 +961,7 @@
 int evfs_readpage(struct file *file, struct page *page)
 {
 	char *buffer;
-	long long start, tmp;
+	loff_t start, tmp;
 	int err = 0;
 	struct	inode *inode = file->f_dentry->d_inode;
 	struct	file *f = file_evfs_i(file)->fd;
@@ -969,7 +969,7 @@
 	char buf[SALTLEN];
 
 	track();
-	start = (long long) page->index << PAGE_CACHE_SHIFT;
+	start = ((loff_t) page->index) << PAGE_CACHE_SHIFT;
 	buffer = kmap(page);
 	tmp = start;
 	err = evfs_do_read(f, &start, buffer,
@@ -1014,7 +1014,7 @@
 	struct address_space *mapping = page->mapping;
 	struct inode *inode = mapping->host;
 	char *buffer, *kbuf;
-	long long o, tmp, start;
+	loff_t o, tmp, start;
 	int err = 0;
 	int end_index = inode->i_size >> PAGE_CACHE_SHIFT;
 	char	buf[SALTLEN];
@@ -1024,7 +1024,7 @@
 		return -ENOMEM;
 
 	track();
-	o = tmp = start = (long long) (page->index << PAGE_CACHE_SHIFT);
+	o = tmp = start = ((loff_t) page->index) << PAGE_CACHE_SHIFT;
 	buffer = kmap(page);
 
 	memset(kbuf, 0, PAGE_CACHE_SIZE);