On Sun, Oct 27, 2024 at 05:53:47PM -0700, Andrew Morton wrote:
>On Sun, 27 Oct 2024 12:33:21 +0000 Wei Yang <richard.weiyang@xxxxxxxxx> wrote:
>
>> After commit 94d7d9233951 ("mm: abstract the vma_merge()/split_vma()
>> pattern for mprotect() et al."), if vma_modify_flags() return error, the
>> vma is set to an error code. This will lead to an invalid prev be
>> returned.
>>
>> Generally this shouldn't matter as the caller should treat an error as
>> indicating state is now invalidated, however unfortunately
>> apply_mlockall_flags() does not check for errors and assumes that
>> mlock_fixup() correctly maintains prev even if an error were to occur.
>
>And what is the userspace-visible effect when this occurs?
>
When error occurs, prev would be set to (-ENOMEM). And accessing this address
would lead to a kernel crash.
So looks no userspace-visible effect for this.
--
Wei Yang
Help you, Help me
