158] FAULT_INJEC[ 46.061505][ T288] vhci_hcd: release socket TION: forcing a [ 46.067333][ T288] vhci_hcd: disconnect device failure. Mar 16 09:56:52 syzkaller kern.notice kernel: [ 45.840642][ T4158] name fail_usercop[ 46.080765][ T4168] ================================================================== y, interval 1, p[ 46.089645][ T4168] BUG: KCSAN: data-race in mas_walk / mas_wmb_replace robability 0, sp[ 46.097721][ T4168] ace 0, times 0 Mar 16 09:56:52 [ 46.110416][ T4168] mte_set_node_dead lib/maple_tree.c:337 [inline] Mar 16 09:56:52 [ 46.110416][ T4168] mas_put_in_tree lib/maple_tree.c:1739 [inline] Mar 16 09:56:52 [ 46.110416][ T4168] mas_topiary_replace lib/maple_tree.c:2554 [inline] Mar 16 09:56:52 [ 46.110416][ T4168] mas_wmb_replace+0x222/0x14d0 lib/maple_tree.c:2645 syzkaller kern.w[ 46.116631][ T4168] mas_split lib/maple_tree.c:3372 [inline] syzkaller kern.w[ 46.116631][ T4168] mas_commit_b_node lib/maple_tree.c:3392 [inline] syzkaller kern.w[ 46.116631][ T4168] mas_wr_bnode lib/maple_tree.c:4053 [inline] syzkaller kern.w[ 46.116631][ T4168] mas_wr_store_entry+0x1530/0x23f0 lib/maple_tree.c:4094 arn kernel: [ [ 46.123201][ T4168] mas_store_prealloc+0x6bf/0x960 lib/maple_tree.c:5479 45.853744][ T415[ 46.129587][ T4168] vma_iter_store mm/vma.h:391 [inline] 45.853744][ T415[ 46.129587][ T4168] vma_complete+0x3a7/0x760 mm/vma.c:309 8] CPU: 1 UID: 0[ 46.135455][ T4168] __split_vma+0x5d6/0x6a0 mm/vma.c:512 PID: 4158 Comm:[ 46.141231][ T4168] split_vma mm/vma.c:542 [inline] PID: 4158 Comm:[ 46.141231][ T4168] vma_modify+0x105/0x200 mm/vma.c:1525 syz.2.268 Not t[ 46.146918][ T4168] vma_modify_flags+0xf1/0x120 mm/vma.c:1551 ainted 6.14.0-rc[ 46.153043][ T4168] mprotect_fixup+0x31a/0x5e0 mm/mprotect.c:666 6-syzkaller-0024[ 46.159082][ T4168] do_mprotect_pkey+0x6cc/0x9a0 mm/mprotect.c:840 4-g31d7109a19f6 [ 46.165306][ T4168] __do_sys_mprotect mm/mprotect.c:861 [inline] 4-g31d7109a19f6 [ 46.165306][ T4168] __se_sys_mprotect mm/mprotect.c:858 [inline] 4-g31d7109a19f6 [ 46.165306][ T4168] __x64_sys_mprotect+0x48/0x60 mm/mprotect.c:858 #0 Mar 16 09:56[ 46.171523][ T4168] x64_sys_call+0x2770/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:11 :52 syzkaller ke[ 46.177563][ T4168] do_syscall_x64 arch/x86/entry/common.c:52 [inline] :52 syzkaller ke[ 46.177563][ T4168] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 rn.warn kernel: [ 46.183425][ T4168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.853843][ [ 46.190679][ T4168] T4158] Hardware [ 46.194377][ T4168] read to 0xffff888107ff2600 of 8 bytes by task 4168 on cpu 0: name: Google Goo[ 46.203278][ T4168] mte_parent lib/maple_tree.c:560 [inline] name: Google Goo[ 46.203278][ T4168] mte_dead_node lib/maple_tree.c:592 [inline] name: Google Goo[ 46.203278][ T4168] mas_start lib/maple_tree.c:1382 [inline] name: Google Goo[ 46.203278][ T4168] mas_state_walk lib/maple_tree.c:3602 [inline] name: Google Goo[ 46.203278][ T4168] mas_walk+0x123/0x320 lib/maple_tree.c:4909 gle Compute Engi[ 46.208795][ T4168] lock_vma_under_rcu+0x95/0x270 mm/memory.c:6362 ne/Google Comput[ 46.215095][ T4168] do_user_addr_fault arch/x86/mm/fault.c:1328 [inline] ne/Google Comput[ 46.215095][ T4168] handle_page_fault arch/x86/mm/fault.c:1480 [inline] ne/Google Comput[ 46.215095][ T4168] exc_page_fault+0x150/0x650 arch/x86/mm/fault.c:1538 e Engine, BIOS G[ 46.221133][ T4168] asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 oogle 02/12/2025[ 46.227350][ T4168] Mar 16 09:56:5[ 46.231052][ T4168] value changed: 0xffff8881000585c1 -> 0xffff888107ff2600 2 syzkaller kern[ 46.239524][ T4168] .warn kernel: [ [ 46.243220][ T4168] Reported by Kernel Concurrency Sanitizer on: 45.853858][ T4[ 46.250741][ T4168] CPU: 0 UID: 0 PID: 4168 Comm: syz.4.272 Not tainted 6.14.0-rc6-syzkaller-00244-g31d7109a19f6 #0 158] Call Trace:[ 46.262867][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Mar 16 09:56:5[ 46.274301][ T4168] ================================================================== 2 syzkaller kern.warn kernel: [ 45.853866][ T4158] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.853874][ T4158] __dump_stack lib/dump_stack.c:94 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.853874][ T4158] dump_stack_lvl+0xf2/0x150 lib/dump_stack.c:120 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.853907][ T4158] dump_stack+0x15/0x1a lib/dump_stack.c:129 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.853931][ T4158] fail_dump lib/fault-inject.c:73 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.853931][ T4158] should_fail_ex+0x24a/0x260 lib/fault-inject.c:174 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854026][ T4158] should_fail+0xb/0x10 lib/fault-inject.c:184 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854058][ T4158] should_fail_usercopy+0x1a/0x20 lib/fault-inject-usercopy.c:37 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854111][ T4158] strncpy_from_user+0x25/0x210 lib/strncpy_from_user.c:118 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854133][ T4158] ? slab_post_alloc_hook mm/slub.c:4118 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854133][ T4158] ? slab_alloc_node mm/slub.c:4164 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854133][ T4158] ? kmem_cache_alloc_noprof+0x18e/0x320 mm/slub.c:4171 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854153][ T4158] ? getname_flags+0x81/0x3b0 fs/namei.c:139 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854189][ T4158] getname_flags+0xb0/0x3b0 fs/namei.c:150 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854282][ T4158] getname+0x17/0x20 fs/namei.c:223 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854300][ T4158] do_sys_openat2+0x67/0x120 fs/open.c:1422 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854343][ T4158] do_sys_open fs/open.c:1443 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854343][ T4158] __do_sys_creat fs/open.c:1521 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854343][ T4158] __se_sys_creat fs/open.c:1515 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854343][ T4158] __x64_sys_creat+0x66/0x90 fs/open.c:1515 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854401][ T4158] x64_sys_call+0x1084/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:86 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854426][ T4158] do_syscall_x64 arch/x86/entry/common.c:52 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854426][ T4158] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854456][ T4158] ? clear_bhb_loop+0x55/0xb0 arch/x86/entry/entry_64.S:1537 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854496][ T4158] ? clear_bhb_loop+0x55/0xb0 arch/x86/entry/entry_64.S:1537 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854522][ T4158] entry_SYSCALL_64_after_hwframe+0x77/0x7f Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854580][ T4158] RIP: 0033:0x7f4ebb87d169 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854598][ T4158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854618][ T4158] RSP: 002b:00007f4eb9ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854638][ T4158] RAX: ffffffffffffffda RBX: 00007f4ebba95fa0 RCX: 00007f4ebb87d169 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854652][ T4158] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000400000000380 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854670][ T4158] RBP: 00007f4eb9ee7090 R08: 0000000000000000 R09: 0000000000000000 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854695][ T4158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854706][ T4158] R13: 0000000000000000 R14: 00007f4ebba95fa0 R15: 00007ffcd048ad48 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 45.854721][ T4158] Mar 16 09:56:52 syzkaller kern.info kernel: [ 46.045759][ T4109] vhci_hcd: connection reset by peer Mar 16 09:56:52 syzkaller kern.info kernel: [ 46.056541][ T288] vhci_hcd: stop threads Mar 16 09:56:52 syzkaller kern.info kernel: [ 46.061505][ T288] vhci_hcd: release socket Mar 16 09:56:52 syzkaller kern.info kernel: [ 46.067333][ T288] vhci_hcd: disconnect device Mar 16 09:56:52 syzkaller kern.err kernel: [ 46.080765][ T4168] ================================================================== Mar 16 09:56:52 syzkaller kern.err kernel: [ 46.089645][ T4168] BUG: KCSAN: data-race in mas_walk / mas_wmb_replace Mar 16 09:56:52 syzkaller kern.err kernel: [ 46.097721][ T4168] Mar 16 09:56:52 syzkaller kern.err kernel: [ 46.101430][ T4168] write to 0xffff888107ff2600 of 8 bytes by task 4166 on cpu 1: Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.110416][ T4168] mte_set_node_dead lib/maple_tree.c:337 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.110416][ T4168] mas_put_in_tree lib/maple_tree.c:1739 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.110416][ T4168] mas_topiary_replace lib/maple_tree.c:2554 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.110416][ T4168] mas_wmb_replace+0x222/0x14d0 lib/maple_tree.c:2645 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.116631][ T4168] mas_split lib/maple_tree.c:3372 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.116631][ T4168] mas_commit_b_node lib/maple_tree.c:3392 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.116631][ T4168] mas_wr_bnode lib/maple_tree.c:4053 [inline] Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.116631][ T4168] mas_wr_store_entry+0x1530/0x23f0 lib/maple_tree.c:4094 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.123201][ T4168] mas_store_prealloc+0x6bf/0x960 lib/maple_tree.c:5479 Mar 16 09:56:52 syzkaller kern.warn kernel: [ 46.129587][ T4168] vma_complete+0xMar 16 09:56:52 Mar 16 09:56:52 Mar 16 09:56:52 [ 48.934892][ T10] vhci_hcd: vhci_device speed not set Mar 16 09:56:55 [ 48.974245][ T30] audit: type=1400 audit(1742119015.093:5264): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller kern.e[ 48.997761][ T30] audit: type=1400 audit(1742119015.113:5265): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 rr kernel: [ 4[ 49.020267][ T30] audit: type=1400 audit(1742119015.113:5266): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 8.934892][ T10[ 49.043928][ T30] audit: type=1400 audit(1742119015.163:5267): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 ] vhci_hcd: vhci[ 49.067916][ T30] audit: type=1400 audit(1742119015.193:5268): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 _device speed no[ 49.090617][ T30] audit: type=1400 audit(1742119015.193:5269): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 t set Mar 16 09[ 49.114837][ T30] audit: type=1400 audit(1742119015.233:5270): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 :56:55 syzkaller[ 49.138076][ T30] audit: type=1400 audit(1742119015.263:5271): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 kern.warn kerne[ 49.160974][ T30] audit: type=1400 audit(1742119015.263:5272): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 l: [ 48.945137][ T30] kauditd_printk_skb: 1687 callbacks suppressed Mar 16 09:56:55 syzkaller kern.notice kernel: [ 48.945152][ T30] audit: type=1400 audit(1742119015.063:5263): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 48.974245][ T30] audit: type=1400 audit(1742119015.093:5264): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 48.997761][ T30] audit: type=1400 audit(1742119015.113:5265): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.020267][ T30] audit: type=1400 audit(1742119015.113:5266): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.043928][ T30] audit: type=1400 audit(1742119015.163:5267): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.067916][ T30] audit: type=1400 audit(1742119015.193:5268): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.090617][ T30] audit: type=1400 audit(1742119015.193:5269): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.114837][ T30] audit: type=1400 audit(1742119015.233:5270): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.138076][ T30] audit: type=1400 audit(1742119015.263:5271): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:55 syzkaller kern.notice kernel: [ 49.160974][ T30] audit: type=1400 audit(1742119015.263:5272): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass= Mar 16 09:56:56 syzkaller kern.err kernel: [ 50.624881][ T36] vhci_hcd: vhci_device speed not set