After commit 94d7d9233951 ("mm: abstract the vma_merge()/split_vma()
pattern for mprotect() et al."), if vma_modify_flags() return error, the
vma is set to an error code. This will lead to an invalid prev be
returned.
Signed-off-by: Wei Yang <richard.weiyang@xxxxxxxxx>
CC: Lorenzo Stoakes <lorenzo.stoakes@xxxxxxxxxx>
---
mm/mlock.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/mm/mlock.c b/mm/mlock.c
index e3e3dc2b2956..8c3f9cf8f960 100644
--- a/mm/mlock.c
+++ b/mm/mlock.c
@@ -478,11 +478,12 @@ static int mlock_fixup(struct vma_iterator *vmi, struct vm_area_struct *vma,
/* don't set VM_LOCKED or VM_LOCKONFAULT and don't count */
goto out;
- vma = vma_modify_flags(vmi, *prev, vma, start, end, newflags);
- if (IS_ERR(vma)) {
- ret = PTR_ERR(vma);
+ *prev = vma_modify_flags(vmi, *prev, vma, start, end, newflags);
+ if (IS_ERR(*prev)) {
+ ret = PTR_ERR(*prev);
goto out;
}
+ vma = *prev;
/*
* Keep track of amount of locked VM.
--
2.34.1
