The issue is found when calling flush_cache() with zero "size" argument. The bound of loop is miscalculated in this case and flush_cache() enters a wrong flushing loop. To fix this issue I skipped the operations when "size" is found to be zero.
Signed-off-by: Yao Cheng saturdaycoder@gmail.com Cc: Shinya Kuribayashi skuribay@pobox.com Cc: Sergei Shtylyov sshtylyov@mvista.com Cc: Mike Frysinger vapier@gentoo.org --- Changes for v2: - Coding style cleanup - Move code after declarations to avoid warning Changes for v3: - Coding style cleanup - Add prefix "mips32" to the subject
arch/mips/cpu/mips32/cpu.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/arch/mips/cpu/mips32/cpu.c b/arch/mips/cpu/mips32/cpu.c index 3ae397c..7b49e1b 100644 --- a/arch/mips/cpu/mips32/cpu.c +++ b/arch/mips/cpu/mips32/cpu.c @@ -56,6 +56,10 @@ void flush_cache(ulong start_addr, ulong size) unsigned long addr = start_addr & ~(lsize - 1); unsigned long aend = (start_addr + size - 1) & ~(lsize - 1);
+ /* aend will be miscalculated when size is zero, so we return here */ + if (size == 0) + return; + while (1) { cache_op(Hit_Writeback_Inv_D, addr); cache_op(Hit_Invalidate_I, addr);