On Thu, 15 Dec 2022 12:39:30 +0300 Anastasia Belova <abelova@xxxxxxxxxxxxx> wrote: > Check unlocked for NULL before dereference. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > ... > > --- a/mm/gup.c > +++ b/mm/gup.c > @@ -1282,7 +1282,8 @@ int fixup_user_fault(struct mm_struct *mm, > * could tell the callers so they do not need to unlock. > */ > mmap_read_lock(mm); > - *unlocked = true; > + if (unlocked) > + *unlocked = true; > return 0; > } I don't believe this is necessary unless the caller passed FAULT_FLAG_KILLABLE or FAULT_FLAG_ALLOW_RETRY in fault_flags. It's clear as mud and some code comments would help.
