ufs_free_fragments(): fix the braino in sanity check

The function expects that all fragments it's been asked to free will
be within the same block.  And it even has a sanity check verifying
that - it takes the fragment number modulo the number of fragments
per block, adds the count and checks if that's too high.

Unfortunately, it misspells the upper limit - instead of ->s_fpb
(fragments per block) it says ->s_fpg (fragments per cylinder group).
So "too high" ends up being insanely lenient.

Had been that way since 2.1.112, when UFS write support had been
added.  27 years to spot a typo...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/fs/ufs/balloc.c b/fs/ufs/balloc.c
index 1793ce48df0a3d6aa4dcbdb8fb08c356860dd08b..82f1a4a128a2dcb0771a8d60bc009df66c4b36c9 100644 (file)
--- a/fs/ufs/balloc.c
+++ b/fs/ufs/balloc.c
@@ -50,7 +50,7 @@ void ufs_free_fragments(struct inode *inode, u64 fragment, unsigned count)
        UFSD("ENTER, fragment %llu, count %u\n",
             (unsigned long long)fragment, count);
        
-       if (ufs_fragnum(fragment) + count > uspi->s_fpg)
+       if (ufs_fragnum(fragment) + count > uspi->s_fpb)
                ufs_error (sb, "ufs_free_fragments", "internal error");
 
        mutex_lock(&UFS_SB(sb)->s_lock);