diff --git a/mm/memory.c b/mm/memory.c
index 1235de20af739..10d497a5296c3 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -5254,6 +5254,10 @@ struct vm_area_struct *lock_vma_under_rcu(struct mm_struct *mm,
 	if (!vma_is_anonymous(vma))
 		goto inval;
 
+	/* find_mergeable_anon_vma uses adjacent vmas which are not locked */
+	if (!vma->anon_vma)
+		goto inval;
+
 	if (!vma_start_read(vma))
 		goto inval;