diff -urN vmware-modules-238.4/vmmon-only/linux/driver.c vmware-modules-238.5//vmmon-only/linux/driver.c
--- vmware-modules-238.4/vmmon-only/linux/driver.c	2011-03-26 13:37:28.000000000 +0800
+++ vmware-modules-238.5//vmmon-only/linux/driver.c	2011-09-24 10:44:32.000000000 +0800
@@ -171,8 +171,13 @@
  */
 static int LinuxDriver_Open(struct inode *inode, struct file *filp);
 
-static int LinuxDriver_Ioctl(struct inode *inode, struct file *filp,
-                           u_int iocmd, unsigned long ioarg);
+/*
+ * gcc-4.5+ can name-mangle LinuxDriver_Ioctl, but our stack-size
+ * script needs to find it.  So it shouldn't be static.  ("hidden"
+ * visibility would be OK.)
+ */
+int LinuxDriver_Ioctl(struct inode *inode, struct file *filp,
+                      u_int iocmd, unsigned long ioarg);
 #if defined(HAVE_UNLOCKED_IOCTL) || defined(HAVE_COMPAT_IOCTL)
 static long LinuxDriver_UnlockedIoctl(struct file *filp,
                            u_int iocmd, unsigned long ioarg);
@@ -1585,7 +1590,7 @@
  *-----------------------------------------------------------------------------
  */
 
-static int
+int
 LinuxDriver_Ioctl(struct inode *inode,
                   struct file *filp,
                   u_int iocmd,
@@ -1843,6 +1848,10 @@
       VA64 uAddr;
       MPN mpn;
 
+      if (vmLinux->vm == NULL) {
+	 retval = -EINVAL;
+	 break;
+      }
       retval = HostIF_CopyFromUser(&uAddr, (void *)ioarg, sizeof uAddr);
       if (retval) {
          break;
@@ -2101,6 +2110,10 @@
       break;
 
    case IOCTL_VMX86_ACK_USER_CALL:
+      if (vmLinux->vm == NULL) {
+         retval = -EINVAL;
+         break;
+      }
       vcpuid = (Vcpuid) ioarg;
       if (vcpuid >= vmLinux->vm->numVCPUs) {
          retval = -EINVAL;
@@ -2261,6 +2274,10 @@
 
    case IOCTL_VMX86_MARK_LOCKEDVARANGE_CLEAN: {
          struct VARange var;
+         if (vmLinux->vm == NULL) {
+            retval = -EINVAL;
+            break;
+         }
          if (HostIF_CopyFromUser(&var, (void *)ioarg, sizeof(struct VARange)) != 0) {
             retval = -EINVAL;
          } else {
@@ -2501,12 +2518,20 @@
    }
 
    case IOCTL_VMX86_USING_SWAPBACKED_PAGEFILE: {
+      if (vmLinux->vm == NULL) {
+         retval = -EINVAL;
+         break;
+      }
       retval = 0;
       vmLinux->vm->vmhost->swapBacked = TRUE;
       break;
    }
 
    case IOCTL_VMX86_USING_MLOCK: {
+      if (vmLinux->vm == NULL) {
+         retval = -EINVAL;
+         break;
+      }
       retval = 0;
       vmLinux->vm->vmhost->usingMlock = TRUE;
       break;
@@ -2523,11 +2548,19 @@
    }
 #ifdef HOSTED_IOMMU_SUPPORT
    case IOCTL_VMX86_IOMMU_SETUP_MMU: {
+      if (vmLinux->vm == NULL) {
+         retval = -EINVAL;
+         break;
+      }
       retval = IOMMU_SetupMMU(vmLinux, (PassthruIOMMUMap *)ioarg);
       break;
    }
 
    case IOCTL_VMX86_IOMMU_REGISTER_DEVICE: {
+      if (vmLinux->vm == NULL) {
+         retval = -EINVAL;
+         break;
+      }
       retval = IOMMU_RegisterDevice(vmLinux, (uint32)ioarg);
       break;
    }