| Message ID | 20250426125429.31838-1-pchelkin@ispras.ru |
|---|---|
| State | New |
| Headers | show |
| Series | clk: tegra: do not overallocate memory for bpmp clocks | expand |
Quoting Fedor Pchelkin (2025-04-26 05:54:28) > struct tegra_bpmp::clocks is a pointer to a dynamically allocated array > of pointers to 'struct tegra_bpmp_clk'. > > But the size of the allocated area is calculated like it is an array > containing actual 'struct tegra_bpmp_clk' objects - it's not true, there > are just pointers. > > Found by Linux Verification Center (linuxtesting.org) with Svace static > analysis tool. > > Fixes: 2db12b15c6f3 ("clk: tegra: Register clocks from root to leaf") > Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru> > --- Applied to clk-next
diff --git a/drivers/clk/tegra/clk-bpmp.c b/drivers/clk/tegra/clk-bpmp.c index b2323cb8eddc..77a2586dbe00 100644 --- a/drivers/clk/tegra/clk-bpmp.c +++ b/drivers/clk/tegra/clk-bpmp.c @@ -635,7 +635,7 @@ static int tegra_bpmp_register_clocks(struct tegra_bpmp *bpmp, bpmp->num_clocks = count; - bpmp->clocks = devm_kcalloc(bpmp->dev, count, sizeof(struct tegra_bpmp_clk), GFP_KERNEL); + bpmp->clocks = devm_kcalloc(bpmp->dev, count, sizeof(*bpmp->clocks), GFP_KERNEL); if (!bpmp->clocks) return -ENOMEM;
struct tegra_bpmp::clocks is a pointer to a dynamically allocated array of pointers to 'struct tegra_bpmp_clk'. But the size of the allocated area is calculated like it is an array containing actual 'struct tegra_bpmp_clk' objects - it's not true, there are just pointers. Found by Linux Verification Center (linuxtesting.org) with Svace static analysis tool. Fixes: 2db12b15c6f3 ("clk: tegra: Register clocks from root to leaf") Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru> --- drivers/clk/tegra/clk-bpmp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)