Hi Jens, I'm debugging an issue in nullb driver reported by KMSAN at QEMU startup. There are numerous reports like the one below when checking nullb for different partition types. Basically, read_dev_sector() allocates a cache page which is then wrapped into a bio and passed to the device driver, but never initialized. I've tracked the problem down to a call to null_handle_cmd(cmd, /*sector*/0, /*nr_sectors*/8, /*op*/0). Turns out all the if-branches in this function are skipped, so neither of null_handle_throttled(), null_handle_flush(), null_handle_badblocks(), null_handle_memory_backed(), null_handle_zoned() is executed, and we proceed directly to nullb_complete_cmd(). As a result, the pages read from the nullb device are never initialized, at least at boot time. How can we fix this? This bug may also have something to do with https://groups.google.com/d/topic/syzkaller-bugs/d0fmiL9Vi9k/discussion. KMSAN report follows: ===================================================== BUG: KMSAN: uninit-value in[< none >] adfspart_check_ICS+0xd08/0x1040 block/partitions/acorn.c:365 Call Trace: [< inline >] __dump_stack lib/dump_stack.c:77 [< none >] dump_stack+0x196/0x1f0 lib/dump_stack.c:113 [< none >] kmsan_report+0x127/0x220 mm/kmsan/kmsan_report.c:108 [< none >] __msan_warning+0x73/0xe0 mm/kmsan/kmsan_instr.c:245 [< none >] adfspart_check_ICS+0xd08/0x1040 block/partitions/acorn.c:365 [< none >] check_partition+0x58c/0xc20 block/partitions/check.c:167 [< none >] rescan_partitions+0x39b/0x1ff0 block/partition-generic.c:531 [< none >] __blkdev_get+0x14f1/0x2440 fs/block_dev.c:1600 [< none >] blkdev_get+0x237/0x6a0 fs/block_dev.c:1708 [< inline >] register_disk block/genhd.c:655 [< none >] __device_add_disk+0x1612/0x20f0 block/genhd.c:745 [< none >] device_add_disk+0x90/0xa0 block/genhd.c:763 [< inline >] add_disk ./include/linux/genhd.h:429 [< inline >] null_gendisk_register drivers/block/null_blk_main.c:1547 [< none >] null_add_dev+0x34c7/0x3b30 drivers/block/null_blk_main.c:1718 ... Uninit was created at: [< none >] kmsan_save_stack_with_flags+0x3f/0x90 mm/kmsan/kmsan.c:151 [< inline >] kmsan_internal_alloc_meta_for_pages mm/kmsan/kmsan_shadow.c:362 [< none >] kmsan_alloc_page+0x14e/0x360 mm/kmsan/kmsan_shadow.c:391 [< none >] __alloc_pages_nodemask+0x594e/0x6050 mm/page_alloc.c:4796 [< inline >] __alloc_pages ./include/linux/gfp.h:475 [< inline >] alloc_page_interleave mm/mempolicy.c:2058 [< none >] alloc_pages_current+0x2e7/0x990 mm/mempolicy.c:2186 [< inline >] alloc_pages ./include/linux/gfp.h:511 [< none >] __page_cache_alloc+0x95/0x310 mm/filemap.c:981 [< none >] do_read_cache_page+0x4d5/0x1520 mm/filemap.c:2788 [< none >] read_cache_page+0xf3/0x110 mm/filemap.c:2896 [< inline >] read_mapping_page ./include/linux/pagemap.h:396 [< none >] read_dev_sector+0xd6/0x390 block/partition-generic.c:668 [< inline >] read_part_sector block/partitions/check.h:38 [< none >] adfspart_check_ICS+0x117/0x1040 block/partitions/acorn.c:361 [< none >] check_partition+0x58c/0xc20 block/partitions/check.c:167 [< none >] rescan_partitions+0x39b/0x1ff0 block/partition-generic.c:531 [< none >] __blkdev_get+0x14f1/0x2440 fs/block_dev.c:1600 [< none >] blkdev_get+0x237/0x6a0 fs/block_dev.c:1708 [< inline >] register_disk block/genhd.c:655 ========================================== Thanks, Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
