diff options
author | Andrew Morton <akpm@osdl.org> | 2004-05-22 08:05:24 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2004-05-22 08:05:24 -0700 |
commit | e1e71f9b6c8dd34be36573346ecbbb00f34a7a0a (patch) | |
tree | 2ac01f7cf3a995381bc889efef7a1b02a70085b0 /mm | |
parent | e8a2ef16fd2fbcf65d423a137290f94bd7f2bb02 (diff) | |
download | history-e1e71f9b6c8dd34be36573346ecbbb00f34a7a0a.tar.gz |
[PATCH] numa api: fix end of memory handling in mbind
From: Andi Kleen <ak@suse.de>
This fixes a user triggerable crash in mbind() in NUMA API. It would oops
when running into the end of memory. Actually not really oops, because a
oops with the mm sem hold for writing always deadlocks.
Diffstat (limited to 'mm')
-rw-r--r-- | mm/mempolicy.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index d4c9c9b922327e..25385bff72aaec 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -271,7 +271,7 @@ check_range(struct mm_struct *mm, unsigned long start, unsigned long end, if (!first) return ERR_PTR(-EFAULT); prev = NULL; - for (vma = first; vma->vm_start < end; vma = vma->vm_next) { + for (vma = first; vma && vma->vm_start < end; vma = vma->vm_next) { if (!vma->vm_next && vma->vm_end < end) return ERR_PTR(-EFAULT); if (prev && prev->vm_end < vma->vm_start) @@ -317,7 +317,7 @@ static int mbind_range(struct vm_area_struct *vma, unsigned long start, int err; err = 0; - for (; vma->vm_start < end; vma = next) { + for (; vma && vma->vm_start < end; vma = next) { next = vma->vm_next; if (vma->vm_start < start) err = split_vma(vma->vm_mm, vma, start, 1); |