Ah. Thanks for looking into it. Smatch can't understand bit flags like that yet. And it also still doesn't track pointers very well. Eventually those things will be improved.
I see now that this out of bounds is also prevented in vfs_load_quota_inode(). We don't allow "(type == PRJQUOTA && sb->dq_op->get_projid == NULL)". Since, ->get_projid() is always NULL for OCFS2 that means "type" can't equal to PRJQUOTA (2). Hm.. is ->get_projid set anywhere? Cscope and smatch can't find it if it is. I haven't investigated v1_read_file_info() but presumably it's the same. regards, dan carpenter _______________________________________________ Ocfs2-devel mailing list Ocfs2-devel@oss.oracle.com https://oss.oracle.com/mailman/listinfo/ocfs2-devel
