From patchwork Mon Feb 27 10:24:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arseniy Krasnov X-Patchwork-Id: 61902 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp2343070wrd; Mon, 27 Feb 2023 02:42:42 -0800 (PST) X-Google-Smtp-Source: AK7set9nye1weJ3VgIJZtdYtwrpVMbI3xFaK+PhqxgsUM7ODq/2vOr4ddPV9nnDMT3oHVZZJR3ao X-Received: by 2002:a05:6a20:1451:b0:cb:c015:92a6 with SMTP id a17-20020a056a20145100b000cbc01592a6mr8971974pzi.7.1677494561831; Mon, 27 Feb 2023 02:42:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677494561; cv=none; d=google.com; s=arc-20160816; b=nlOkwhl+RJKEj2UGmhSqgARWmfh4AzJToVeUKc/4nw1h83xA0G96Ph71aEwiQTCuFT MbeCS2q1kl8tfsjppMxADzrhU2Oa+4XLOiVo7rTg36E16acnP5qpzjrTGWsXjX6tmTMf Rx4OeKZEFlJBif8oQX7LJjO336u28SIMsKE5+g4KuESVfzkeWVD66YrRSW9t9U+k2JWN wwrF1+eBDq96rxhvC0+prmyYWmpfAyBZql25vW2DgkKLGyQytqzbpBxEBQuz9aSQD9I3 VohSSetMAkz4D6tzPG8B9D6JyYJEM15OOJ+P59LOXZu/uvYkWl3b0eV+K1U86HD4bXB+ rRJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=MppIxpko7T4GyVpYzjU00G1Fh//Y3U4fwtIp1SQRQQs=; b=z8jL49kjscah+SMPTHTo/2oKA17jvMKvDUxgWn4ED/3PaFGGwOSkLRaHCh3UDQg58Q 6QXlX45u5CEJgR+RbmyNsaeT67L9SeUq9RwOe8ndDfF+dm2LinQxXoCWMfU6EsQpnYCo bj/rYHeV4Ifn9/1WRaR3RmVQOICXc5m6BOeuT0fGnd1NRfhPuEAYWLktV4CP/qjCefMp weZZk9SkgAAfAfIWL5HK2Wy8J1G/Dc2v77GgLQaAkw/addSCQhH/KhCQBFWy1LdjGpyA 9wibTUD//fDiX4kMMP3ITNGYuYvT72zxZwaj56wdIuw5b6M17hjV6ZbpvD4PWm6fcDxH WYRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sberdevices.ru header.s=mail header.b=f2zOtEnY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=sberdevices.ru Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n29-20020a63a51d000000b00502d6decabesi6467342pgf.218.2023.02.27.02.42.28; Mon, 27 Feb 2023 02:42:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@sberdevices.ru header.s=mail header.b=f2zOtEnY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=sberdevices.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229615AbjB0K13 (ORCPT + 99 others); Mon, 27 Feb 2023 05:27:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229737AbjB0K11 (ORCPT ); Mon, 27 Feb 2023 05:27:27 -0500 Received: from mx.sberdevices.ru (mx.sberdevices.ru [45.89.227.171]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B53C2055B for ; Mon, 27 Feb 2023 02:27:23 -0800 (PST) Received: from s-lin-edge02.sberdevices.ru (localhost [127.0.0.1]) by mx.sberdevices.ru (Postfix) with ESMTP id B35CD5FD10; Mon, 27 Feb 2023 13:27:21 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sberdevices.ru; s=mail; t=1677493641; bh=MppIxpko7T4GyVpYzjU00G1Fh//Y3U4fwtIp1SQRQQs=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; b=f2zOtEnYwDtmf4p/2hvUN+8nu7fNT4bz4kUP4hesggNnrWUVp+T7FX3kzffzdZgS9 K6bTHUazjr3jxPPjxccAL53iH59c5SaSb6yBLuy2FfBTsZLacytXn/lSd84pJoS7XL RW15ufVODD+fkzSKh0piYhpwKO6G5+o/TckjovR5SDv1+e4zHDRc4b1t7s83Y/HXuZ BLUeWtZvsDvKN0HeqEEVk26zcbBzPaSKpZNOTf9xqP06nFZ7mJqYViDiMKUEprh4KV l2RrfyIGOXIc/y+pLwJ/bBR4q3syVhodpdhimUhpRmgUDVBBevO7EWd09U07hXOWlO 5wsHW5lm4SY+g== Received: from S-MS-EXCH01.sberdevices.ru (S-MS-EXCH01.sberdevices.ru [172.16.1.4]) by mx.sberdevices.ru (Postfix) with ESMTP; Mon, 27 Feb 2023 13:27:20 +0300 (MSK) From: Arseniy Krasnov To: Liang Yang , Miquel Raynal , Richard Weinberger , Vignesh Raghavendra , Neil Armstrong , Kevin Hilman , Jerome Brunet , Martin Blumenstingl CC: , , , , , , Arseniy Krasnov Subject: [PATCH v4] mtd: rawnand: meson: initialize struct with zeroes Date: Mon, 27 Feb 2023 13:24:25 +0300 Message-ID: <20230227102425.793841-1-AVKrasnov@sberdevices.ru> X-Mailer: git-send-email 2.35.0 MIME-Version: 1.0 X-Originating-IP: [172.16.1.6] X-ClientProxiedBy: S-MS-EXCH02.sberdevices.ru (172.16.1.5) To S-MS-EXCH01.sberdevices.ru (172.16.1.4) X-KSMG-Rule-ID: 4 X-KSMG-Message-Action: clean X-KSMG-AntiSpam-Status: not scanned, disabled by settings X-KSMG-AntiSpam-Interceptor-Info: not scanned X-KSMG-AntiPhishing: not scanned, disabled by settings X-KSMG-AntiVirus: Kaspersky Secure Mail Gateway, version 1.1.2.30, bases: 2023/02/27 08:09:00 #20900247 X-KSMG-AntiVirus-Status: Clean, skipped X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758980538073529682?= X-GMAIL-MSGID: =?utf-8?q?1758980538073529682?= This structure must be zeroed, because it's field 'hw->core' is used as 'parent' in 'clk_core_fill_parent_index()', but it will be uninitialized. This happens, because when this struct is not zeroed, pointer 'hw' is "initialized" by garbage, which is valid pointer, but points to some garbage. So 'hw' will be dereferenced, but 'core' contains some random data which will be interpreted as a pointer. The following backtrace is result of dereference of such pointer: [ 1.081319] __clk_register+0x414/0x820 [ 1.085113] devm_clk_register+0x64/0xd0 [ 1.088995] meson_nfc_probe+0x258/0x6ec [ 1.092875] platform_probe+0x70/0xf0 [ 1.096498] really_probe+0xc8/0x3e0 [ 1.100034] __driver_probe_device+0x84/0x190 [ 1.104346] driver_probe_device+0x44/0x120 [ 1.108487] __driver_attach+0xb4/0x220 [ 1.112282] bus_for_each_dev+0x78/0xd0 [ 1.116077] driver_attach+0x2c/0x40 [ 1.119613] bus_add_driver+0x184/0x240 [ 1.123408] driver_register+0x80/0x140 [ 1.127203] __platform_driver_register+0x30/0x40 [ 1.131860] meson_nfc_driver_init+0x24/0x30 Changelog: v1 -> v2: * More details in the commit message. v2 -> v3: * Add 'a' article to "interpreted as a pointer". v3 -> v4: * Add changelog. Fixes: 1e4d3ba66888 ("mtd: rawnand: meson: fix the clock") Signed-off-by: Arseniy Krasnov Acked-by: Martin Blumenstingl Reviewed-by: Neil Armstrong --- drivers/mtd/nand/raw/meson_nand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/meson_nand.c b/drivers/mtd/nand/raw/meson_nand.c index 5ee01231ac4c..30e326adabfc 100644 --- a/drivers/mtd/nand/raw/meson_nand.c +++ b/drivers/mtd/nand/raw/meson_nand.c @@ -991,7 +991,7 @@ static const struct mtd_ooblayout_ops meson_ooblayout_ops = { static int meson_nfc_clk_init(struct meson_nfc *nfc) { - struct clk_parent_data nfc_divider_parent_data[1]; + struct clk_parent_data nfc_divider_parent_data[1] = {0}; struct clk_init_data init = {0}; int ret;