mm: check for no mmaps in exit_mmap()
When dup_mmap() ooms we can end up with mm->mmap == NULL. The error path does mmput() and unmap_vmas() gets a NULL vma which it dereferences. In exit_mmap() there is nothing to do at all for this case, we can cancel the callpath right there. [akpm@linux-foundation.org: add sorely-needed comment] Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Reported-by: Akinobu Mita <akinobu.mita@gmail.com> Cc: Nick Piggin <nickpiggin@yahoo.com.au> Cc: Hugh Dickins <hugh@veritas.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
084f71ae5c
commit
dcd4a049b9
1 changed files with 3 additions and 0 deletions
|
@ -2090,6 +2090,9 @@ void exit_mmap(struct mm_struct *mm)
|
|||
arch_exit_mmap(mm);
|
||||
mmu_notifier_release(mm);
|
||||
|
||||
if (!mm->mmap) /* Can happen if dup_mmap() received an OOM */
|
||||
return;
|
||||
|
||||
if (mm->locked_vm) {
|
||||
vma = mm->mmap;
|
||||
while (vma) {
|
||||
|
|
Loading…
Reference in a new issue