From: Stephen Boyd <sboyd@kernel.org>
To: "André Draszik" <andre.draszik@linaro.org>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
"Kees Cook" <kees@kernel.org>,
"Krzysztof Kozlowski" <krzk@kernel.org>,
"Michael Turquette" <mturquette@baylibre.com>
Cc: linux-kernel@vger.kernel.org, linux-samsung-soc@vger.kernel.org,
linux-clk@vger.kernel.org, linux-hardening@vger.kernel.org,
stable@vger.kernel.org,
"André Draszik" <andre.draszik@linaro.org>
Subject: Re: [PATCH] clk: s2mps11: initialise clk_hw_onecell_data::num before accessing ::hws[] in probe()
Date: Thu, 08 May 2025 14:01:52 -0700 [thread overview]
Message-ID: <43a26fb44baa417a4fe2663d86909c0e@kernel.org> (raw)
In-Reply-To: <20250326-s2mps11-ubsan-v1-1-fcc6fce5c8a9@linaro.org>
Quoting André Draszik (2025-03-26 05:08:00)
> With UBSAN enabled, we're getting the following trace:
>
> UBSAN: array-index-out-of-bounds in .../drivers/clk/clk-s2mps11.c:186:3
> index 0 is out of range for type 'struct clk_hw *[] __counted_by(num)' (aka 'struct clk_hw *[]')
>
> This is because commit f316cdff8d67 ("clk: Annotate struct
> clk_hw_onecell_data with __counted_by") annotated the hws member of
> that struct with __counted_by, which informs the bounds sanitizer about
> the number of elements in hws, so that it can warn when hws is accessed
> out of bounds.
>
> As noted in that change, the __counted_by member must be initialised
> with the number of elements before the first array access happens,
> otherwise there will be a warning from each access prior to the
> initialisation because the number of elements is zero. This occurs in
> s2mps11_clk_probe() due to ::num being assigned after ::hws access.
>
> Move the assignment to satisfy the requirement of assign-before-access.
>
> Cc: stable@vger.kernel.org
> Fixes: f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by")
> Signed-off-by: André Draszik <andre.draszik@linaro.org>
> ---
Applied to clk-fixes
prev parent reply other threads:[~2025-05-08 21:01 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-26 12:08 [PATCH] clk: s2mps11: initialise clk_hw_onecell_data::num before accessing ::hws[] in probe() André Draszik
2025-03-26 14:12 ` Krzysztof Kozlowski
2025-05-08 21:01 ` Stephen Boyd [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43a26fb44baa417a4fe2663d86909c0e@kernel.org \
--to=sboyd@kernel.org \
--cc=andre.draszik@linaro.org \
--cc=gustavoars@kernel.org \
--cc=kees@kernel.org \
--cc=krzk@kernel.org \
--cc=linux-clk@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=mturquette@baylibre.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.