Don't dereference "mem" after it has been freed. Flip the
two kfree()s around to address this bug.
Fixes: 26ffb91fa5e0 ("swiotlb: split up the global swiotlb lock")
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
kernel/dma/swiotlb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
index bf2ae98a42b4..78af9e455c59 100644
--- a/kernel/dma/swiotlb.c
+++ b/kernel/dma/swiotlb.c
@@ -980,8 +980,8 @@ static int rmem_swiotlb_device_init(struct reserved_mem *rmem,
mem->areas = kcalloc(nareas, sizeof(*mem->areas),
GFP_KERNEL);
if (!mem->areas) {
- kfree(mem);
kfree(mem->slots);
+ kfree(mem);
return -ENOMEM;
}
--
2.35.1
