On 9/28/23 19:16, Liam R. Howlett wrote:
When tracing through the code in vma_merge(), it was not completely clear why the error return to a dup_anon_vma() call would not overwrite a previous attempt to the same function. This commit adds a comment specifying why it is safe.
Suggested-by: Jann Horn jannh@google.com Link: https://lore.kernel.org/linux-mm/CAG48ez3iDwFPR=Ed1BfrNuyUJPMK_=StjxhUsCkL6p... Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com
Acked-by: Vlastimil Babka vbabka@suse.cz
mm/mmap.c | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/mm/mmap.c b/mm/mmap.c index 2f0ee489db8a..3c78afb707cf 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -937,6 +937,11 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm, vma_start_write(curr); remove = curr; remove2 = next;
/** Note that the dup_anon_vma below cannot overwrite err* since the first caller would do nothing unless next* has an anon_vma.*/ if (!next->anon_vma) err = dup_anon_vma(prev, curr, &anon_dup);