Re: [BUGFIX] NULL pointer dereference in __vm_enough_memory()

[Cyrill Gorcunov <gorcunov@gmail.com>]

[Fengguang Wu - Sun, Aug 12, 2007 at 01:29:15PM +0800]
| On Sat, Aug 11, 2007 at 06:17:14PM +0400, Cyrill Gorcunov wrote:
| > [Fengguang Wu - Sat, Aug 11, 2007 at 09:21:31PM +0800]
| > | Andrew,
| > | 
| > | I'm not sure if this patch is the right fix for the bug.  But it do
| > | stops the oops message. The bug also happens in 2.6.23-rc1-mm2/2.6.23-rc2-mm2.
| > | I'm running debian/sid. The .config is attached.
| > | 
| > |
| > 
| > [...snip...]
| > 
| > Even if you're right you have to make the same patch for
| > mm/nommu.c but I've an anticipation the problem is growing
| > up from another point (and I'm really hoping that I'm wrong ;)
| 
| Thank you, the patch is updated to:
| ===
| 
| Fix possible NULL pointer deference on __vm_enough_memory().
| 
| Cc: Cyrill Gorcunov <gorcunov@gmail.com>
| Signed-off-by: Fengguang Wu <wfg@mail.ustc.edu.cn>
| ---
|  mm/mmap.c  |    3 ++-
|  mm/nommu.c |    3 ++-
|  2 files changed, 4 insertions(+), 2 deletions(-)
| 
| --- linux-2.6.23-rc2-mm2.orig/mm/mmap.c
| +++ linux-2.6.23-rc2-mm2/mm/mmap.c
| @@ -166,7 +166,8 @@ int __vm_enough_memory(long pages, int c
|  
|  	/* Don't let a single process grow too big:
|  	   leave 3% of the size of this process for other processes */
| -	allowed -= current->mm->total_vm / 32;
| +	if (current->mm)
| +		allowed -= current->mm->total_vm / 32;
|  
|  	/*
|  	 * cast `allowed' as a signed long because vm_committed_space
| --- linux-2.6.23-rc2-mm2.orig/mm/nommu.c
| +++ linux-2.6.23-rc2-mm2/mm/nommu.c
| @@ -1342,7 +1342,8 @@ int __vm_enough_memory(long pages, int c
|  
|  	/* Don't let a single process grow too big:
|  	   leave 3% of the size of this process for other processes */
| -	allowed -= current->mm->total_vm / 32;
| +	if (current->mm)
| +		allowed -= current->mm->total_vm / 32;
|  
|  	/*
|  	 * cast `allowed' as a signed long because vm_committed_space
| 

ok, lets wait for some mature developer comments

		Cyrill