Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> writes: > On 2020/06/30 5:19, Eric W. Biederman wrote: >> Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> writes: >> >>> On 2020/06/29 4:44, Alexei Starovoitov wrote: >>>> But all the defensive programming kinda goes against general kernel style. >>>> I wouldn't do it. Especially pr_info() ?! >>>> Though I don't feel strongly about it. >>> >>> Honestly speaking, caller should check for errors and print appropriate >>> messages. info->wd.mnt->mnt_root != info->wd.dentry indicates that something >>> went wrong (maybe memory corruption). But other conditions are not fatal. >>> That is, I consider even pr_info() here should be unnecessary. >> >> They were all should never happen cases. Which is why my patches do: >> if (WARN_ON_ONCE(...)) > > No. Fuzz testing (which uses panic_on_warn=1) will trivially hit them. > This bug was unfortunately not found by syzkaller because this path is > not easily reachable via syscall interface. Absolutely yes. These are cases that should never happen. They should never be reachable by userspace. It is absolutely a bug if these are hit by userspace. Now if fuzzers want horrible cases to be even more horrible and change a nice friendly warn into a panic that is their problem. The issue being do they capture the information the rest of us need to fix. Eric
