On Wed, Mar 25, 2020 at 04:03:59AM +0000, Al Viro wrote:
> Lovely. So
> * we really do get NULL nd->path.dentry there; I've not misread the
> trace.
> * on the entry into link_path_walk() nd->path.dentry is non-NULL.
> * *ALL* components should've been LAST_NORM ones
> * not a single symlink in sight, unless the setup is rather unusual
> * possibly not even a single mountpoint along the way (depending
> upon the userland used)
OK, I see one place where that could occur, but I really don't see how that
could be triggered on this pathname, short of very odd symlink layout in
the filesystem on the testbox. Does the following fix your reproducer?
diff --git a/fs/namei.c b/fs/namei.c
index 311e33dbac63..4082b70f32ff 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1805,6 +1805,8 @@ static const char *handle_dots(struct nameidata *nd, int type)
error = step_into(nd, WALK_NOFOLLOW,
parent, inode, seq);
}
+ if (unlikely(error))
+ return ERR_PTR(error);
if (unlikely(nd->flags & LOOKUP_IS_SCOPED)) {
/*
