MIPS: mips32: fix wrong loop bound in flush_cache()

The issue is found when calling flush_cache() with zero "size" argument.
The bound of loop is miscalculated in this case and flush_cache() enters
a wrong flushing loop.

Signed-off-by: Yao Cheng <saturdaycoder@gmail.com>
Cc: Shinya Kuribayashi <skuribay@pobox.com>
Cc: Sergei Shtylyov <sshtylyov@mvista.com>
Cc: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Shinya Kuribayashi <skuribay@pobox.com>

diff --git a/arch/mips/cpu/mips32/cpu.c b/arch/mips/cpu/mips32/cpu.c
index 3ae397c8eff4160f6d37102016fbf7e634b591b1..7b49e1b612b70b876e6b78c27d4a52a7dc176b2b 100644 (file)
--- a/arch/mips/cpu/mips32/cpu.c
+++ b/arch/mips/cpu/mips32/cpu.c
@@ -56,6 +56,10 @@ void flush_cache(ulong start_addr, ulong size)
        unsigned long addr = start_addr & ~(lsize - 1);
        unsigned long aend = (start_addr + size - 1) & ~(lsize - 1);
 
+       /* aend will be miscalculated when size is zero, so we return here */
+       if (size == 0)
+               return;
+
        while (1) {
                cache_op(Hit_Writeback_Inv_D, addr);
                cache_op(Hit_Invalidate_I, addr);