2025/08/05 07:35:00 extracted 302733 symbol hashes for base and 302733 for patched 2025/08/05 07:35:01 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/05 07:35:01 failed to grep for the header usages: failed to run ["/usr/bin/grep" "-rl" "--include" "*.c" ""]: exit status 1 2025/08/05 07:35:01 adding directly modified files to focus areas: ["drivers/crypto/hisilicon/qm.c" "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c" "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.h"] 2025/08/05 07:35:02 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/05 07:35:53 runner 0 connected 2025/08/05 07:35:59 executor cover filter: 0 PCs 2025/08/05 07:35:59 runner 8 connected 2025/08/05 07:35:59 runner 3 connected 2025/08/05 07:35:59 runner 1 connected 2025/08/05 07:35:59 runner 5 connected 2025/08/05 07:35:59 runner 6 connected 2025/08/05 07:35:59 runner 2 connected 2025/08/05 07:35:59 runner 1 connected 2025/08/05 07:36:00 runner 7 connected 2025/08/05 07:36:00 runner 4 connected 2025/08/05 07:36:00 runner 2 connected 2025/08/05 07:36:00 runner 3 connected 2025/08/05 07:36:00 runner 0 connected 2025/08/05 07:36:02 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 07:36:02 base: machine check complete 2025/08/05 07:36:08 initializing coverage information... 2025/08/05 07:36:12 discovered 7668 source files, 337507 symbols 2025/08/05 07:36:12 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/05 07:36:12 coverage filter: drivers/crypto/hisilicon/qm.c: [] 2025/08/05 07:36:12 coverage filter: drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c: [] 2025/08/05 07:36:12 coverage filter: drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.h: [] 2025/08/05 07:36:12 area "symbols": 15 PCs in the cover filter 2025/08/05 07:36:12 area "files": 0 PCs in the cover filter 2025/08/05 07:36:12 area "": 0 PCs in the cover filter 2025/08/05 07:36:12 executor cover filter: 0 PCs 2025/08/05 07:36:13 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 07:36:13 new: machine check complete 2025/08/05 07:36:17 new: adding 2209 seeds 2025/08/05 07:36:33 triaged 97.3% of the corpus 2025/08/05 07:36:33 starting bug reproductions 2025/08/05 07:36:33 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/05 07:37:03 triaged 100.0% of the corpus 2025/08/05 07:40:03 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 736, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 9615, "distributor delayed": 462, "distributor undelayed": 462, "distributor violated": 0, "exec candidate": 2209, "exec collide": 4313, "exec fuzz": 8290, "exec gen": 447, "exec hints": 1315, "exec inject": 0, "exec minimize": 9854, "exec retries": 0, "exec seeds": 2116, "exec smash": 9343, "exec total [base]": 23973, "exec total [new]": 46478, "exec triage": 2024, "executor restarts": 48, "fault jobs": 0, "fuzzer jobs": 804, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 143, "max signal": 9925, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5332, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 855, "no exec duration": 18028000000, "no exec requests": 26, "pending": 0, "prog exec time": 122, "reproducing": 0, "rpc recv": 847067660, "rpc sent": 75162896, "signal": 9169, "smash jobs": 655, "triage jobs": 6, "vm output": 218510, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/05 07:45:03 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 994, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 11934, "distributor delayed": 600, "distributor undelayed": 600, "distributor violated": 0, "exec candidate": 2209, "exec collide": 10039, "exec fuzz": 18816, "exec gen": 1016, "exec hints": 3829, "exec inject": 0, "exec minimize": 14187, "exec retries": 0, "exec seeds": 2992, "exec smash": 22775, "exec total [base]": 41742, "exec total [new]": 85145, "exec triage": 2717, "executor restarts": 48, "fault jobs": 0, "fuzzer jobs": 296, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 77, "max signal": 12260, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7423, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1167, "no exec duration": 18028000000, "no exec requests": 26, "pending": 0, "prog exec time": 213, "reproducing": 0, "rpc recv": 1153940548, "rpc sent": 174440760, "signal": 11410, "smash jobs": 212, "triage jobs": 7, "vm output": 467246, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/05 07:45:58 runner 9 connected 2025/08/05 07:50:03 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1251, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12842, "distributor delayed": 727, "distributor undelayed": 727, "distributor violated": 0, "exec candidate": 2209, "exec collide": 16843, "exec fuzz": 31568, "exec gen": 1648, "exec hints": 7557, "exec inject": 0, "exec minimize": 18175, "exec retries": 0, "exec seeds": 3788, "exec smash": 31417, "exec total [base]": 58150, "exec total [new]": 123182, "exec triage": 3408, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 23, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 6, "max signal": 13238, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9194, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1469, "no exec duration": 18028000000, "no exec requests": 26, "pending": 0, "prog exec time": 275, "reproducing": 0, "rpc recv": 1555493192, "rpc sent": 268325016, "signal": 12307, "smash jobs": 12, "triage jobs": 5, "vm output": 890519, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 07:55:03 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1408, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13294, "distributor delayed": 795, "distributor undelayed": 795, "distributor violated": 0, "exec candidate": 2209, "exec collide": 25850, "exec fuzz": 49037, "exec gen": 2570, "exec hints": 9227, "exec inject": 0, "exec minimize": 20790, "exec retries": 0, "exec seeds": 4255, "exec smash": 35298, "exec total [base]": 72989, "exec total [new]": 159580, "exec triage": 3776, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 26, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 6, "max signal": 13715, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10435, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1638, "no exec duration": 18028000000, "no exec requests": 26, "pending": 0, "prog exec time": 250, "reproducing": 0, "rpc recv": 1798051640, "rpc sent": 367104944, "signal": 12750, "smash jobs": 17, "triage jobs": 3, "vm output": 1376451, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 08:00:03 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1511, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13567, "distributor delayed": 836, "distributor undelayed": 836, "distributor violated": 0, "exec candidate": 2209, "exec collide": 35552, "exec fuzz": 67033, "exec gen": 3549, "exec hints": 9495, "exec inject": 0, "exec minimize": 22816, "exec retries": 0, "exec seeds": 4584, "exec smash": 38047, "exec total [base]": 87030, "exec total [new]": 193905, "exec triage": 4049, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 20, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13991, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11411, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1760, "no exec duration": 18028000000, "no exec requests": 26, "pending": 0, "prog exec time": 279, "reproducing": 0, "rpc recv": 1990561608, "rpc sent": 464351328, "signal": 13004, "smash jobs": 12, "triage jobs": 6, "vm output": 1863430, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 08:05:03 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1600, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13793, "distributor delayed": 879, "distributor undelayed": 879, "distributor violated": 0, "exec candidate": 2209, "exec collide": 45056, "exec fuzz": 85276, "exec gen": 4547, "exec hints": 9899, "exec inject": 0, "exec minimize": 24401, "exec retries": 0, "exec seeds": 4851, "exec smash": 40321, "exec total [base]": 100599, "exec total [new]": 227397, "exec triage": 4267, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 14229, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12142, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1855, "no exec duration": 18028000000, "no exec requests": 26, "pending": 0, "prog exec time": 260, "reproducing": 0, "rpc recv": 2147454640, "rpc sent": 572717768, "signal": 13258, "smash jobs": 8, "triage jobs": 1, "vm output": 2368401, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 08:07:03 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/05 08:07:03 syz-diff (base): kernel context loop terminated 2025/08/05 08:07:03 syz-diff (new): kernel context loop terminated 2025/08/05 08:07:03 diff fuzzing terminated 2025/08/05 08:07:03 bug reporting terminated 2025/08/05 08:07:03 status reporting terminated 2025/08/05 08:07:03 fuzzing is finished 2025/08/05 08:07:03 status at the end: Title On-Base On-Patched