Occasionally during boot the Qualcomm cpufreq driver was able to cause an invalid memory access in topology_update_thermal_pressure() on the line: if (max_freq <= capped_freq) It turns out that this was caused by a race, which resulted in the cpumask passed to the function being empty, in which case cpumask_first() will return a cpu beyond the number of valid cpus, which when used to access the per_cpu max_freq would return invalid pointer. The bug in the Qualcomm cpufreq driver is being fixed, but having a sanity check of the arguments would have saved quite a bit of time and it's not unlikely that others will run into the same issue. Signed-off-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx> --- drivers/base/arch_topology.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/base/arch_topology.c b/drivers/base/arch_topology.c index 976154140f0b..6560a0c3b969 100644 --- a/drivers/base/arch_topology.c +++ b/drivers/base/arch_topology.c @@ -177,6 +177,9 @@ void topology_update_thermal_pressure(const struct cpumask *cpus, u32 max_freq; int cpu; + if (WARN_ON(cpumask_empty(cpus))) + return; + cpu = cpumask_first(cpus); max_capacity = arch_scale_cpu_capacity(cpu); max_freq = per_cpu(freq_factor, cpu); -- 2.33.1