From: Chris Mason <mason@suse.com>

On small filesystems (<128M), make sure not to reference bitmap blocks that
don't exist.

Thanks to Jan Kara for finding this bug.

Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/fs/reiserfs/bitmap.c |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletion(-)

diff -puN fs/reiserfs/bitmap.c~reiserfs-small-filesystem-fix fs/reiserfs/bitmap.c
--- 25/fs/reiserfs/bitmap.c~reiserfs-small-filesystem-fix	2004-10-04 18:18:18.100251696 -0700
+++ 25-akpm/fs/reiserfs/bitmap.c	2004-10-04 18:18:18.107250632 -0700
@@ -236,6 +236,9 @@ static int bmap_hash_id(struct super_blo
 	if (!bm)
 	    bm = 1;
     }
+    /* this can only be true when SB_BMAP_NR = 1 */
+    if (bm >= SB_BMAP_NR(s))
+    	bm = 0;
     return bm;
 }
 
@@ -293,6 +296,10 @@ static int scan_bitmap (struct reiserfs_
 
     get_bit_address (s, *start, &bm, &off);
     get_bit_address (s, finish, &end_bm, &end_off);
+    if (bm > SB_BMAP_NR(s))
+        return 0;
+    if (end_bm > SB_BMAP_NR(s))
+        end_bm = SB_BMAP_NR(s);
 
     /* When the bitmap is more than 10% free, anyone can allocate.
      * When it's less than 10% free, only files that already use the
@@ -313,6 +320,7 @@ static int scan_bitmap (struct reiserfs_
 	    if (nr_allocated)
 		goto ret;
         }
+	/* we know from above that start is a reasonable number */
 	get_bit_address (s, *start, &bm, &off);
     }
 
@@ -1050,9 +1058,10 @@ int reiserfs_allocate_blocknrs(reiserfs_
 {
     int initial_amount_needed = amount_needed;
     int ret;
+    struct super_block *s = hint->th->t_super;
 
     /* Check if there is enough space, taking into account reserved space */
-    if ( SB_FREE_BLOCKS(hint->th->t_super) - REISERFS_SB(hint->th->t_super)->reserved_blocks <
+    if ( SB_FREE_BLOCKS(s) - REISERFS_SB(s)->reserved_blocks <
 	 amount_needed - reserved_by_us)
         return NO_DISK_SPACE;
     /* should this be if !hint->inode &&  hint->preallocate? */
@@ -1072,6 +1081,8 @@ int reiserfs_allocate_blocknrs(reiserfs_
 
     /* find search start and save it in hint structure */
     determine_search_start(hint, amount_needed);
+    if (hint->search_start >= SB_BLOCK_COUNT(s))
+        hint->search_start = SB_BLOCK_COUNT(s) - 1;
 
     /* allocation itself; fill new_blocknrs and preallocation arrays */
     ret = blocknrs_and_prealloc_arrays_from_search_start
_