[syzbot] KMSAN: uninit-value in btrfs_clean_tree_block (2)

[syzbot]

Hello,

syzbot found the following issue on:

HEAD commit: 412af9cd936d ioremap.c: move an #include around
git tree: https://github.com/google/kmsan.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=14365606b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=2d142cdf4204061
dashboard link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59
compiler: clang version 14.0.0 (g...@github.com:llvm/llvm-project.git 0996585c8e3b3d409494eb5f1cad714b9e1f7fb5), GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: i386

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+fba8e2...@syzkaller.appspotmail.com

=====================================================
BUG: KMSAN: uninit-value in btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4741 [inline]
btrfs_alloc_tree_block+0x745/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
commit_cowonly_roots+0x1c5/0x14c0 fs/btrfs/transaction.c:1241
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
commit_cowonly_roots+0x1c5/0x14c0 fs/btrfs/transaction.c:1241
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_clean_tree_block+0x2c3/0x370 fs/btrfs/disk-io.c:1126
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4741 [inline]
btrfs_alloc_tree_block+0x745/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:627 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x805/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:631 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x87d/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:631 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x87d/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:633 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x896/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:633 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x896/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in btrfs_comp_cpu_keys fs/btrfs/ctree.c:635 [inline]
BUG: KMSAN: uninit-value in comp_keys fs/btrfs/ctree.c:603 [inline]
BUG: KMSAN: uninit-value in generic_bin_search+0x8d0/0xc30 fs/btrfs/ctree.c:777
btrfs_comp_cpu_keys fs/btrfs/ctree.c:635 [inline]
comp_keys fs/btrfs/ctree.c:603 [inline]
generic_bin_search+0x8d0/0xc30 fs/btrfs/ctree.c:777
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in generic_bin_search+0x8e8/0xc30 fs/btrfs/ctree.c:779
generic_bin_search+0x8e8/0xc30 fs/btrfs/ctree.c:779
btrfs_search_slot+0x1f12/0x3de0 fs/btrfs/ctree.c:1816
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in update_dev_stat_item fs/btrfs/volumes.c:7723 [inline]
BUG: KMSAN: uninit-value in btrfs_run_dev_stats+0xa6d/0x1350 fs/btrfs/volumes.c:7792
update_dev_stat_item fs/btrfs/volumes.c:7723 [inline]
btrfs_run_dev_stats+0xa6d/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in check_eb_range fs/btrfs/extent_io.c:6663 [inline]
BUG: KMSAN: uninit-value in write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
check_eb_range fs/btrfs/extent_io.c:6663 [inline]
write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xbfe/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xbfe/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xbfe/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in check_eb_range fs/btrfs/extent_io.c:6663 [inline]
BUG: KMSAN: uninit-value in write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
check_eb_range fs/btrfs/extent_io.c:6663 [inline]
write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xcb1/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xcb1/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xcb1/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in check_eb_range fs/btrfs/extent_io.c:6663 [inline]
BUG: KMSAN: uninit-value in write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
check_eb_range fs/btrfs/extent_io.c:6663 [inline]
write_extent_buffer+0x54b/0xf20 fs/btrfs/extent_io.c:6824
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xd61/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
write_extent_buffer+0x5a8/0xf20 fs/btrfs/extent_io.c:6830
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xd61/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inline]
btrfs_run_dev_stats+0x449/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
=====================================================
=====================================================
BUG: KMSAN: uninit-value in write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
write_extent_buffer+0xece/0xf20 fs/btrfs/extent_io.c:6829
btrfs_set_dev_stats_value fs/btrfs/volumes.c:7615 [inline]
update_dev_stat_item fs/btrfs/volumes.c:7752 [inline]
btrfs_run_dev_stats+0xd61/0x1350 fs/btrfs/volumes.c:7792
commit_cowonly_roots+0x2ef/0x14c0 fs/btrfs/transaction.c:1249
btrfs_commit_transaction+0x1d8a/0x4b10 fs/btrfs/transaction.c:2288
btrfs_commit_super+0x1b7/0x1f0 fs/btrfs/disk-io.c:4303
close_ctree+0x4e4/0xfbd fs/btrfs/disk-io.c:4370
btrfs_put_super+0x53/0x70 fs/btrfs/super.c:340
generic_shutdown_super+0x2bb/0x660 fs/super.c:465
kill_anon_super+0x63/0xb0 fs/super.c:1057
btrfs_kill_super+0x61/0x90 fs/btrfs/super.c:2348
deactivate_locked_super+0x10d/0x1e0 fs/super.c:335
deactivate_super+0x19e/0x1a0 fs/super.c:366
cleanup_mnt+0x797/0x870 fs/namespace.c:1137
__cleanup_mnt+0x3b/0x50 fs/namespace.c:1144
task_work_run+0x1f0/0x2c0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop+0x3fc/0x490 kernel/entry/common.c:176
exit_to_user_mode_prepare kernel/entry/common.c:208 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
syscall_exit_to_user_mode+0x80/0xc0 kernel/entry/common.c:302
__do_fast_syscall_32+0xa5/0xf0 arch/x86/entry/common.c:183
do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
__alloc_pages+0x8b3/0xfb0 mm/page_alloc.c:5422
alloc_pages+0xa39/0xde0 mm/mempolicy.c:2191
__page_cache_alloc mm/filemap.c:1022 [inline]
pagecache_get_page+0x1384/0x1ec0 mm/filemap.c:1940
find_or_create_page include/linux/pagemap.h:420 [inline]
alloc_extent_buffer+0x8c5/0x3420 fs/btrfs/extent_io.c:6124
btrfs_find_create_tree_block+0xb2/0xd0 fs/btrfs/disk-io.c:1090
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4717 [inline]
btrfs_alloc_tree_block+0x507/0x20c0 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x823/0x2490 fs/btrfs/ctree.c:415
btrfs_cow_block+0xa4a/0xc80 fs/btrfs/ctree.c:570
btrfs_search_slot+0x1933/0x3de0 fs/btrfs/ctree.c:1768
update_dev_stat_item fs/btrfs/volumes.c:7715 [inlin

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

[Tetsuo Handa]

syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
not be moved to after clean_tree_block() because clean_tree_block() is
calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
Fix extent_buffer usage when nodesize != leafsize").

Link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59 [1]
Reported-by: syzbot <syzbot+fba8e2...@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin...@I-love.SAKURA.ne.jp>
Fixes: bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
---
This patch is not tested due to lack of reproducer.
I don't know whether initializing only generation field is sufficient.
Please check before applying.

fs/btrfs/extent-tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 6914cd8024ba..9c7bf0ef6a5f 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -4895,6 +4895,7 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
*/
btrfs_set_buffer_lockdep_class(lockdep_owner, buf, level);

+ btrfs_set_header_generation(buf, trans->transid);
__btrfs_tree_lock(buf, nest);
btrfs_clean_tree_block(buf);
clear_bit(EXTENT_BUFFER_STALE, &buf->bflags);
@@ -4905,7 +4906,6 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
memzero_extent_buffer(buf, 0, sizeof(struct btrfs_header));
btrfs_set_header_level(buf, level);
btrfs_set_header_bytenr(buf, buf->start);
- btrfs_set_header_generation(buf, trans->transid);
btrfs_set_header_backref_rev(buf, BTRFS_MIXED_BACKREF_REV);
btrfs_set_header_owner(buf, owner);
write_extent_buffer_fsid(buf, fs_info->fs_devices->metadata_uuid);
--
2.18.4

[Johannes Thumshirn]

On 20.09.22 13:49, Tetsuo Handa wrote:
> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
> index 6914cd8024ba..9c7bf0ef6a5f 100644
> --- a/fs/btrfs/extent-tree.c
> +++ b/fs/btrfs/extent-tree.c
> @@ -4895,6 +4895,7 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
> */
> btrfs_set_buffer_lockdep_class(lockdep_owner, buf, level);
>
> + btrfs_set_header_generation(buf, trans->transid);

Here you're setting the header generation into the extent buffer

> __btrfs_tree_lock(buf, nest);
> btrfs_clean_tree_block(buf);
> clear_bit(EXTENT_BUFFER_STALE, &buf->bflags);
> @@ -4905,7 +4906,6 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
> memzero_extent_buffer(buf, 0, sizeof(struct btrfs_header));

And here the extent buffer's part containing the header gets
memzeroed resulting in header generation 0.

Fo rthis to poroperly work you'd need to bring the memzero_extent_buffer()
call before setting the header generation or re-set the generation after
clearing.

[Tetsuo Handa]

syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
not be moved to after clean_tree_block() because clean_tree_block() is
calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
Fix extent_buffer usage when nodesize != leafsize").

Since memzero_extent_buffer() will reset "struct btrfs_header" part, we
can't move btrfs_set_header_generation() to before memzero_extent_buffer().
Just re-add btrfs_set_header_generation() before btrfs_clean_tree_block().

Link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59 [1]
Reported-by: syzbot <syzbot+fba8e2...@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin...@I-love.SAKURA.ne.jp>
Fixes: bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
---

Changes in v2:
Don't remove btrfs_set_header_generation() after memzero_extent_buffer(),
pointed out by Johannes Thumshirn <Johannes....@wdc.com>.

fs/btrfs/extent-tree.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 6914cd8024ba..cfbbd7dc3c46 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -4888,6 +4888,9 @@ btrfs_init_new_buffer(struct btrfs_trans_handle *trans, struct btrfs_root *root,
!test_bit(BTRFS_ROOT_RESET_LOCKDEP_CLASS, &root->state))
lockdep_owner = BTRFS_FS_TREE_OBJECTID;

+ /* btrfs_clean_tree_block() accesses generation field. */
+ btrfs_set_header_generation(buf, trans->transid);
+
/*
* This needs to stay, because we could allocate a freed block from an
* old tree into a new tree, so we need to make sure this new block is
--
2.18.4

[David Sterba]

On Tue, Sep 20, 2022 at 10:43:51PM +0900, Tetsuo Handa wrote:
> syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
> commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
> missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
> not be moved to after clean_tree_block() because clean_tree_block() is
> calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
> Fix extent_buffer usage when nodesize != leafsize").
>
> Since memzero_extent_buffer() will reset "struct btrfs_header" part, we
> can't move btrfs_set_header_generation() to before memzero_extent_buffer().
> Just re-add btrfs_set_header_generation() before btrfs_clean_tree_block().
>
> Link: https://syzkaller.appspot.com/bug?extid=fba8e2116a12609b6c59 [1]
> Reported-by: syzbot <syzbot+fba8e2...@syzkaller.appspotmail.com>
> Signed-off-by: Tetsuo Handa <penguin...@I-love.SAKURA.ne.jp>
> Fixes: bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")

Added to misc-next, thanks.