dml2_policy_build_synthetic_soc_states() validates that several
derived maximum clock values are non-zero before constructing
synthetic SOC states.

However, max_fclk_mhz is not included in the validation despite
later logic assuming the presence of at least one valid FCLK level.
If all FCLK entries are zero, num_fclk_dpms remains zero, causing
an integer underflow (0 - 1) and out-of-bounds array access.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 7966f319c66d ("drm/amd/display: Introduce DML2")
Signed-off-by: Danila Chernetsov <listdansp@mail.ru>
---
 drivers/gpu/drm/amd/display/dc/dml2_0/dml2_policy.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/amd/display/dc/dml2_0/dml2_policy.c b/drivers/gpu/drm/amd/display/dc/dml2_0/dml2_policy.c
index ef693f608d59..70f418ee5dd2 100644
--- a/drivers/gpu/drm/amd/display/dc/dml2_0/dml2_policy.c
+++ b/drivers/gpu/drm/amd/display/dc/dml2_0/dml2_policy.c
@@ -157,7 +157,8 @@ int dml2_policy_build_synthetic_soc_states(struct dml2_policy_build_synthetic_so
 			num_uclk_dpms++;
 	}
 
-	if (!max_dcfclk_mhz || !max_dispclk_mhz || !max_dppclk_mhz || !max_phyclk_mhz || !max_dtbclk_mhz)
+	if (!max_dcfclk_mhz || !max_dispclk_mhz || !max_dppclk_mhz || !max_phyclk_mhz ||
+		!max_dtbclk_mhz || !max_fclk_mhz)
 		return -1;
 
 	p->out_states->num_states = 0;
-- 
2.25.1