mm: fix anon_vma->degree underflow in anon_vma endless growing prevention

[pandora-kernel.git] / mm / rmap.c

diff --git a/mm/rmap.c b/mm/rmap.c
index 2c4ee3e..98f0bf7 100644 (file)
--- a/mm/rmap.c
+++ b/mm/rmap.c
@@ -295,6 +295,13 @@ int anon_vma_clone(struct vm_area_struct *dst, struct vm_area_struct *src)
        return 0;
 
  enomem_failure:
+       /*
+        * dst->anon_vma is dropped here otherwise its degree can be incorrectly
+        * decremented in unlink_anon_vmas().
+        * We can safely do this because callers of anon_vma_clone() don't care
+        * about dst->anon_vma if anon_vma_clone() failed.
+        */
+       dst->anon_vma = NULL;
        unlink_anon_vmas(dst);
        return -ENOMEM;
 }