Sorry, my fault. It's already validated in unlock_anon_vma_root(). BR Leon -----Original Message----- From: Ma, Xindong Sent: Wednesday, May 07, 2014 10:32 AM To: akpm@xxxxxxxxxxxxxxxxxxxx; iamjoonsoo.kim@xxxxxxx; n-horiguchi@xxxxxxxxxxxxx; kirill.shutemov@xxxxxxxxxxxxxxx; gorcunov@xxxxxxxxx; linux-mm@xxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx Cc: Ma, Xindong Subject: [PATCH] rmap: validate pointer in anon_vma_clone If memory allocation failed in first loop, root will be NULL and will lead to kernel panic. Signed-off-by: Leon Ma <xindong.ma@xxxxxxxxx> --- mm/rmap.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mm/rmap.c b/mm/rmap.c index 9c3e773..6e53aed 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -246,8 +246,10 @@ int anon_vma_clone(struct vm_area_struct *dst, struct vm_area_struct *src) avc = anon_vma_chain_alloc(GFP_NOWAIT | __GFP_NOWARN); if (unlikely(!avc)) { - unlock_anon_vma_root(root); - root = NULL; + if (!root) { + unlock_anon_vma_root(root); + root = NULL; + } avc = anon_vma_chain_alloc(GFP_KERNEL); if (!avc) goto enomem_failure; -- 1.7.9.5 -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href