When using the VMA iterator, the final execution will set the variable
'next' to NULL which causes the function to fail out. Restore the break
in the loop to exit the VMA iterator early without clearing NULL fixes
the issue.
Link: https://lore.kernel.org/lkml/29344.1666681759@jrobl/
Fixes: 763ecb035029 (mm: remove the vma linked list)
Reported-by: "J. R. Okajima" <[email protected]>
Signed-off-by: Liam R. Howlett <[email protected]>
---
mm/mmap.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/mm/mmap.c b/mm/mmap.c
index 22010e13f1a1..ff670e88b6d0 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -2851,6 +2851,9 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
if (next->vm_flags != vma->vm_flags)
goto out;
+ if (start + size <= next->vm_end)
+ break;
+
prev = next;
}
--
2.35.1
Liam Howlett:
> When using the VMA iterator, the final execution will set the variable
> 'next' to NULL which causes the function to fail out. Restore the break
> in the loop to exit the VMA iterator early without clearing NULL fixes
> the issue.
Thaks, it passed the test.
J. R. Okajima