diff --git a/mm/vma.c b/mm/vma.c
index 365d49e0..211bffcb 100644
--- a/mm/vma.c
+++ b/mm/vma.c
@@ -190,8 +190,6 @@ int vma_add(size_t start, size_t end, uint32_t flags)
 	spinlock_t* lock;
 	vma_t** list;
 
-	kprintf("vma_add(0x%lx, 0x%lx, 0x%x)\n", start, end, flags);
-
 	if (BUILTIN_EXPECT(start >= end, 0))
 		return -EINVAL;
 
@@ -217,16 +215,20 @@ int vma_add(size_t start, size_t end, uint32_t flags)
 	// search gap
 	vma_t* pred = NULL;
 	vma_t* succ = *list;
-	do {
+
+	while (pred || succ) {
 		if ((!pred || pred->end <= start) &&
 		    (!succ || succ->start >= end))
 			break;
 
 		pred = succ;
-		succ = succ->next;
-	} while (pred || succ);
+		succ = (succ) ? succ->next : NULL;
+	}
 
-	// TODO: check bounds
+	if (BUILTIN_EXPECT(*list && !pred && !succ, 0)) {
+		spinlock_unlock(lock);
+		return -EINVAL;
+	}
 
 	// insert new VMA
 	vma_t* new = kmalloc(sizeof(vma_t));
@@ -258,13 +260,14 @@ int copy_vma_list(task_t* task)
 	task_t* parent_task = per_core(current_task);
 
 	spinlock_init(&task->vma_lock);
+
 	spinlock_lock(&parent_task->vma_lock);
 	spinlock_lock(&task->vma_lock);
 
 	vma_t* last = NULL;
-	vma_t* parent = parent_task->vma_list;
 
-	while (parent) {
+	vma_t* parent;
+	for (parent=parent_task->vma_list; parent; parent=parent->next) {
 		vma_t *new = kmalloc(sizeof(vma_t));
 		if (BUILTIN_EXPECT(!new, 0)) {
 			spinlock_unlock(&task->vma_lock);
@@ -283,9 +286,11 @@ int copy_vma_list(task_t* task)
 			task->vma_list = new;
 
 		last = new;
-		parent = parent->next;
 	}
 
+	spinlock_unlock(&task->vma_lock);
+	spinlock_unlock(&parent_task->vma_lock);
+
 	return 0;
 }
 
@@ -294,8 +299,6 @@ int drop_vma_list()
 	task_t* task = per_core(current_task);
 	vma_t* vma;
 
-	kprintf("drop_vma_list: task = %u\n", task->id); // TODO: remove
-
 	spinlock_lock(&task->vma_lock);
 
 	while ((vma = task->vma_list)) {