fs/cramfs/inode.c: initialize file_ra_state

file_ra_state_init() assumes that the file_ra_state has been zeroed out.
Fixes a KMSAN used-unintialized issue (at least).

Fixes: cf948cbc35e80 ("cramfs: read_mapping_page() is synchronous")
Reported-by: syzbot <syzbot+8ce7f8308d91e6b8bbe2@syzkaller.appspotmail.com>
Link: https://lkml.kernel.org/r/0000000000008f74e905f56df987@google.com
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Nicolas Pitre <nico@fluxnic.net>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

diff --git a/fs/cramfs/inode.c b/fs/cramfs/inode.c
index e3d1689..006ef68 100644 (file)
--- a/fs/cramfs/inode.c
+++ b/fs/cramfs/inode.c
@@ -183,7 +183,7 @@ static void *cramfs_blkdev_read(struct super_block *sb, unsigned int offset,
                                unsigned int len)
 {
        struct address_space *mapping = sb->s_bdev->bd_inode->i_mapping;
-       struct file_ra_state ra;
+       struct file_ra_state ra = {};
        struct page *pages[BLKS_PER_BUF];
        unsigned i, blocknr, buffer;
        unsigned long devsize;