interconnect: qcom: icc-rpm: Set the count member before accessing the flex array

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The following UBSAN error is reported during boot on the db410c board on
a clang-19 build:

Internal error: UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP
...
pc : qnoc_probe+0x5f8/0x5fc
...

The cause of the error is that the counter member was not set before
accessing the annotated flexible array member, but after that. Fix this
by initializing it earlier.

Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
Closes: https://lore.kernel.org/r/CA+G9fYs+2mBz1y2dAzxkj9-oiBJ2Acm1Sf1h2YQ3VmBqj_VX2g@mail.gmail.com
Fixes: dd4904f3b924 ("interconnect: qcom: Annotate struct icc_onecell_data with __counted_by")
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
Link: https://lore.kernel.org/r/20241203223334.233404-1-djakov@kernel.org
Signed-off-by: Georgi Djakov <djakov@kernel.org>

Georgi Djakov 1 year ago 00a973e0 40384c84

+1 -1

1 changed file

expand all

drivers

interconnect

qcom

icc-rpm.c

+1 -1

drivers/interconnect/qcom/icc-rpm.c

··· 503 503 GFP_KERNEL); 504 504 if (!data) 505 505 return -ENOMEM; 506 + data->num_nodes = num_nodes; 506 507 507 508 qp->num_intf_clks = cd_num; 508 509 for (i = 0; i < cd_num; i++) ··· 598 597 599 598 data->nodes[i] = node; 600 599 } 601 - data->num_nodes = num_nodes; 602 600 603 601 clk_bulk_disable_unprepare(qp->num_intf_clks, qp->intf_clks); 604 602