* [syzbot] KMSAN: uninit-value in btrfs_clean_tree_block (2)
@ 2021-11-20 10:47 syzbot
2022-09-20 11:48 ` [PATCH] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block() Tetsuo Handa
0 siblings, 1 reply; 5+ messages in thread
From: syzbot @ 2021-11-20 10:47 UTC (permalink / raw)
To: clm, dsterba, glider, josef, linux-btrfs, linux-kernel, syzkaller-bugs
Hello,
syzbot found the following issue on:
HEAD commit: 412af9cd936d ioremap.c: move an #include around
git tree: https://github.com/google/kmsan.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=14365606b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=2d142cdf4204061
dashboard link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59
compiler: clang version 14.0.0 (git@github.com:llvm/llvm-project.git 0996585c8e3b3d409494eb5f1cad714b9e1f7fb5), GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: i386
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+fba8e2116a12609b6c59@syzkaller.appspotmail.com
=====================================================
BUG: KMSAN: uninit-value in btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4741 [inline]
btrfs_alloc_tree_block+0x745/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
commit_cowonly_roots+0x1c5/0x14c0 fs/btrfs/transaction.c:1241
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
commit_cowonly_roots+0x1c5/0x14c0 fs/btrfs/transaction.c:1241
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4741 [inline]
btrfs_alloc_tree_block+0x745/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:631 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x87d/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:631 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x87d/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:633 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x896/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:633 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x896/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:635 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x8d0/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:635 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x8d0/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in generic_bin_search+0x8e8/0xc30 fs/btrfs/ctree.c:779
generic_bin_search+0x8e8/0xc30 fs/btrfs/ctree.c:779
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in update_dev_stat_item fs/btrfs/volumes.c:7723 [inline]
BUG: KMSAN: uninit-value in btrfs_run_dev_stats+0xa6d/0x1350 fs/btrfs/volumes.c:7792
update_dev_stat_item fs/btrfs/volumes.c:7723 [inline]
btrfs_run_dev_stats+0xa6d/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in check_eb_range fs/btrfs/extent_io.c:6663 [inline]
BUG: KMSAN: uninit-value in write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
check_eb_range fs/btrfs/extent_io.c:6663 [inline]
write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xbfe/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xbfe/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xbfe/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in check_eb_range fs/btrfs/extent_io.c:6663 [inline]
BUG: KMSAN: uninit-value in write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
check_eb_range fs/btrfs/extent_io.c:6663 [inline]
write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xcb1/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xcb1/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xcb1/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in check_eb_range fs/btrfs/extent_io.c:6663 [inline]
BUG: KMSAN: uninit-value in write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
check_eb_range fs/btrfs/extent_io.c:6663 [inline]
write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xd61/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xd61/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xd61/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inlin
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block()
2021-11-20 10:47 [syzbot] KMSAN: uninit-value in btrfs_clean_tree_block (2) syzbot
@ 2022-09-20 11:48 ` Tetsuo Handa
2022-09-20 12:08 ` Johannes Thumshirn
0 siblings, 1 reply; 5+ messages in thread
From: Tetsuo Handa @ 2022-09-20 11:48 UTC (permalink / raw)
To: Chris Mason, Josef Bacik, David Sterba, Nikolay Borisov
Cc: linux-btrfs, syzbot, syzkaller-bugs, Alexander Potapenko
syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
not be moved to after clean_tree_block() because clean_tree_block() is
calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
Fix extent_buffer usage when nodesize != leafsize").
Link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59 [1]
Reported-by: syzbot <syzbot+fba8e2116a12609b6c59@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Fixes: bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
---
This patch is not tested due to lack of reproducer.
I don't know whether initializing only generation field is sufficient.
Please check before applying.
fs/btrfs/extent-tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 6914cd8024ba..9c7bf0ef6a5f 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -4895,6 +4895,7 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
*/
btrfs_set_buffer_lockdep_class(lockdep_owner, buf, level);
+ btrfs_set_header_generation(buf, trans->transid);
__btrfs_tree_lock(buf, nest);
btrfs_clean_tree_block(buf);
clear_bit(EXTENT_BUFFER_STALE, &buf->bflags);
@@ -4905,7 +4906,6 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
memzero_extent_buffer(buf, 0, sizeof(struct btrfs_header));
btrfs_set_header_level(buf, level);
btrfs_set_header_bytenr(buf, buf->start);
- btrfs_set_header_generation(buf, trans->transid);
btrfs_set_header_backref_rev(buf, BTRFS_MIXED_BACKREF_REV);
btrfs_set_header_owner(buf, owner);
write_extent_buffer_fsid(buf, fs_info->fs_devices->metadata_uuid);
--
2.18.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block()
2022-09-20 11:48 ` [PATCH] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block() Tetsuo Handa
@ 2022-09-20 12:08 ` Johannes Thumshirn
2022-09-20 13:43 ` [PATCH v2] " Tetsuo Handa
0 siblings, 1 reply; 5+ messages in thread
From: Johannes Thumshirn @ 2022-09-20 12:08 UTC (permalink / raw)
To: Tetsuo Handa, Chris Mason, Josef Bacik, David Sterba, Nikolay Borisov
Cc: linux-btrfs, syzbot, syzkaller-bugs, Alexander Potapenko
On 20.09.22 13:49, Tetsuo Handa wrote:
> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
> index 6914cd8024ba..9c7bf0ef6a5f 100644
> --- a/fs/btrfs/extent-tree.c
> +++ b/fs/btrfs/extent-tree.c
> @@ -4895,6 +4895,7 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
> */
> btrfs_set_buffer_lockdep_class(lockdep_owner, buf, level);
>
> + btrfs_set_header_generation(buf, trans->transid);
Here you're setting the header generation into the extent buffer
> __btrfs_tree_lock(buf, nest);
> btrfs_clean_tree_block(buf);
> clear_bit(EXTENT_BUFFER_STALE, &buf->bflags);
> @@ -4905,7 +4906,6 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
> memzero_extent_buffer(buf, 0, sizeof(struct btrfs_header));
And here the extent buffer's part containing the header gets
memzeroed resulting in header generation 0.
Fo rthis to poroperly work you'd need to bring the memzero_extent_buffer()
call before setting the header generation or re-set the generation after
clearing.
> btrfs_set_header_level(buf, level);
> btrfs_set_header_bytenr(buf, buf->start);
> - btrfs_set_header_generation(buf, trans->transid);
> btrfs_set_header_backref_rev(buf, BTRFS_MIXED_BACKREF_REV);
> btrfs_set_header_owner(buf, owner);
> write_extent_buffer_fsid(buf, fs_info->fs_devices->metadata_uuid);
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block()
2022-09-20 12:08 ` Johannes Thumshirn
@ 2022-09-20 13:43 ` Tetsuo Handa
2022-09-22 16:50 ` David Sterba
0 siblings, 1 reply; 5+ messages in thread
From: Tetsuo Handa @ 2022-09-20 13:43 UTC (permalink / raw)
To: Johannes Thumshirn, Chris Mason, Josef Bacik, David Sterba,
Nikolay Borisov
Cc: linux-btrfs, syzbot, syzkaller-bugs, Alexander Potapenko
syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
not be moved to after clean_tree_block() because clean_tree_block() is
calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
Fix extent_buffer usage when nodesize != leafsize").
Since memzero_extent_buffer() will reset "struct btrfs_header" part, we
can't move btrfs_set_header_generation() to before memzero_extent_buffer().
Just re-add btrfs_set_header_generation() before btrfs_clean_tree_block().
Link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59 [1]
Reported-by: syzbot <syzbot+fba8e2116a12609b6c59@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Fixes: bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
---
Changes in v2:
Don't remove btrfs_set_header_generation() after memzero_extent_buffer(),
pointed out by Johannes Thumshirn <Johannes.Thumshirn@wdc.com>.
fs/btrfs/extent-tree.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 6914cd8024ba..cfbbd7dc3c46 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -4888,6 +4888,9 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
!test_bit(BTRFS_ROOT_RESET_LOCKDEP_CLASS, &root->state))
lockdep_owner = BTRFS_FS_TREE_OBJECTID;
+ /* btrfs_clean_tree_block() accesses generation field. */
+ btrfs_set_header_generation(buf, trans->transid);
+
/*
* This needs to stay, because we could allocate a freed block from an
* old tree into a new tree, so we need to make sure this new block is
--
2.18.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block()
2022-09-20 13:43 ` [PATCH v2] " Tetsuo Handa
@ 2022-09-22 16:50 ` David Sterba
0 siblings, 0 replies; 5+ messages in thread
From: David Sterba @ 2022-09-22 16:50 UTC (permalink / raw)
To: Tetsuo Handa
Cc: Johannes Thumshirn, Chris Mason, Josef Bacik, David Sterba,
Nikolay Borisov, linux-btrfs, syzbot, syzkaller-bugs,
Alexander Potapenko
On Tue, Sep 20, 2022 at 10:43:51PM +0900, Tetsuo Handa wrote:
> syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
> commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
> missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
> not be moved to after clean_tree_block() because clean_tree_block() is
> calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
> Fix extent_buffer usage when nodesize != leafsize").
>
> Since memzero_extent_buffer() will reset "struct btrfs_header" part, we
> can't move btrfs_set_header_generation() to before memzero_extent_buffer().
> Just re-add btrfs_set_header_generation() before btrfs_clean_tree_block().
>
> Link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59 [1]
> Reported-by: syzbot <syzbot+fba8e2116a12609b6c59@syzkaller.appspotmail.com>
> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> Fixes: bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
Added to misc-next, thanks.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-09-22 16:55 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-20 10:47 [syzbot] KMSAN: uninit-value in btrfs_clean_tree_block (2) syzbot
2022-09-20 11:48 ` [PATCH] btrfs: Call btrfs_set_header_generation() before btrfs_clean_tree_block() Tetsuo Handa
2022-09-20 12:08 ` Johannes Thumshirn
2022-09-20 13:43 ` [PATCH v2] " Tetsuo Handa
2022-09-22 16:50 ` David Sterba
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).