From 9f5a6dff424bb9a83c1049285ec527673db8ff5f Mon Sep 17 00:00:00 2001 From: wuchi Date: Sat, 18 Jun 2022 16:25:21 +0800 Subject: [PATCH] lib/lru_cache: fix error free handing in lc_create When kmem_cache_alloc in function lc_create returns null, we will free the memory already allocated. The loop of kmem_cache_free is wrong, especially: i = 0 ==> do wrong loop i > 0 ==> do not free element[0] Link: https://lkml.kernel.org/r/20220618082521.7082-1-wuchi.zero@gmail.com Signed-off-by: wuchi Cc: Philipp Reisner Cc: Lars Ellenberg Cc: Christoph Bhmwalder Signed-off-by: Andrew Morton --- lib/lru_cache.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/lru_cache.c b/lib/lru_cache.c index 52313acbfa62..dc35464216d3 100644 --- a/lib/lru_cache.c +++ b/lib/lru_cache.c @@ -147,8 +147,8 @@ struct lru_cache *lc_create(const char *name, struct kmem_cache *cache, return lc; /* else: could not allocate all elements, give up */ - for (i--; i; i--) { - void *p = element[i]; + while (i) { + void *p = element[--i]; kmem_cache_free(cache, p - e_off); } kfree(lc);