[PATCH] interconnect: qcom: icc-rpm: Set the count member before accessing the flex array
From: djakov
Date: Tue Dec 03 2024 - 17:34:10 EST
From: Georgi Djakov <djakov@xxxxxxxxxx>
The following UBSAN error is reported during boot on the db410c board on
a clang-19 build:
Internal error: UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP
...
pc : qnoc_probe+0x5f8/0x5fc
...
The cause of the error is that the counter member was not set before
accessing the annotated flexible array member, but after that. Fix this
by initializing it earlier.
Reported-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx>
Closes: https://lore.kernel.org/r/CA+G9fYs+2mBz1y2dAzxkj9-oiBJ2Acm1Sf1h2YQ3VmBqj_VX2g@xxxxxxxxxxxxxx
Fixes: dd4904f3b924 ("interconnect: qcom: Annotate struct icc_onecell_data with __counted_by")
Signed-off-by: Georgi Djakov <djakov@xxxxxxxxxx>
---
drivers/interconnect/qcom/icc-rpm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/interconnect/qcom/icc-rpm.c b/drivers/interconnect/qcom/icc-rpm.c
index a8ed435f696c..ea1042d38128 100644
--- a/drivers/interconnect/qcom/icc-rpm.c
+++ b/drivers/interconnect/qcom/icc-rpm.c
@@ -503,6 +503,7 @@ int qnoc_probe(struct platform_device *pdev)
GFP_KERNEL);
if (!data)
return -ENOMEM;
+ data->num_nodes = num_nodes;
qp->num_intf_clks = cd_num;
for (i = 0; i < cd_num; i++)
@@ -597,7 +598,6 @@ int qnoc_probe(struct platform_device *pdev)
data->nodes[i] = node;
}
- data->num_nodes = num_nodes;
clk_bulk_disable_unprepare(qp->num_intf_clks, qp->intf_clks);