2025/09/22 18:09:05 extracted 327254 text symbol hashes for base and 327254 for patched 2025/09/22 18:09:05 binaries are different, continuing fuzzing 2025/09/22 18:09:05 adding modified_functions to focus areas: ["__vfio_pci_intx_unmask" "vfio_pci_set_intx_trigger"] 2025/09/22 18:09:05 adding directly modified files to focus areas: ["drivers/vfio/pci/vfio_pci_intrs.c"] 2025/09/22 18:09:07 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/09/22 18:10:05 runner 1 connected 2025/09/22 18:10:05 runner 8 connected 2025/09/22 18:10:05 runner 3 connected 2025/09/22 18:10:05 runner 0 connected 2025/09/22 18:10:05 runner 2 connected 2025/09/22 18:10:05 runner 2 connected 2025/09/22 18:10:05 runner 7 connected 2025/09/22 18:10:05 runner 6 connected 2025/09/22 18:10:05 runner 0 connected 2025/09/22 18:10:05 runner 3 connected 2025/09/22 18:10:12 runner 9 connected 2025/09/22 18:10:12 runner 1 connected 2025/09/22 18:10:12 initializing coverage information... 2025/09/22 18:10:12 executor cover filter: 0 PCs 2025/09/22 18:10:12 runner 5 connected 2025/09/22 18:10:13 runner 4 connected 2025/09/22 18:10:14 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 166/8055 2025/09/22 18:10:14 base: machine check complete 2025/09/22 18:10:17 discovered 7699 source files, 338653 symbols 2025/09/22 18:10:17 coverage filter: __vfio_pci_intx_unmask: [__vfio_pci_intx_unmask] 2025/09/22 18:10:17 coverage filter: vfio_pci_set_intx_trigger: [vfio_pci_set_intx_trigger] 2025/09/22 18:10:17 coverage filter: drivers/vfio/pci/vfio_pci_intrs.c: [drivers/vfio/pci/vfio_pci_intrs.c] 2025/09/22 18:10:17 area "symbols": 75 PCs in the cover filter 2025/09/22 18:10:17 area "files": 304 PCs in the cover filter 2025/09/22 18:10:17 area "": 0 PCs in the cover filter 2025/09/22 18:10:17 executor cover filter: 0 PCs 2025/09/22 18:10:19 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 166/8055 2025/09/22 18:10:19 new: machine check complete 2025/09/22 18:10:22 new: adding 2304 seeds 2025/09/22 18:10:39 triaged 97.2% of the corpus 2025/09/22 18:10:39 starting bug reproductions 2025/09/22 18:10:39 starting bug reproductions (max 10 VMs, 7 repros) 2025/09/22 18:11:09 triaged 100.0% of the corpus 2025/09/22 18:14:09 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 6, "corpus": 734, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 10132, "distributor delayed": 424, "distributor undelayed": 424, "distributor violated": 0, "exec candidate": 2304, "exec collide": 4388, "exec fuzz": 8351, "exec gen": 443, "exec hints": 1207, "exec inject": 0, "exec minimize": 9240, "exec retries": 0, "exec seeds": 2070, "exec smash": 9575, "exec total [base]": 21213, "exec total [new]": 46454, "exec triage": 2030, "executor restarts [base]": 32, "executor restarts [new]": 50, "fault jobs": 0, "fuzzer jobs": 792, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 140, "max signal": 10629, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 4993, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 846, "no exec duration": 21001000000, "no exec requests": 22, "pending": 0, "prog exec time": 247, "reproducing": 0, "rpc recv": 1457957904, "rpc sent": 64431960, "signal": 9737, "smash jobs": 643, "triage jobs": 9, "vm output": 196243, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 18:19:09 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 33, "corpus": 1002, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 10, "coverage": 11694, "distributor delayed": 567, "distributor undelayed": 567, "distributor violated": 0, "exec candidate": 2304, "exec collide": 9305, "exec fuzz": 17792, "exec gen": 967, "exec hints": 3202, "exec inject": 0, "exec minimize": 13584, "exec retries": 0, "exec seeds": 2973, "exec smash": 21560, "exec total [base]": 35386, "exec total [new]": 81352, "exec triage": 2818, "executor restarts [base]": 32, "executor restarts [new]": 50, "fault jobs": 0, "fuzzer jobs": 422, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 93, "max signal": 12172, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 6963, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1178, "no exec duration": 21001000000, "no exec requests": 22, "pending": 0, "prog exec time": 310, "reproducing": 0, "rpc recv": 2666311552, "rpc sent": 142420304, "signal": 11206, "smash jobs": 323, "triage jobs": 6, "vm output": 294367, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 18:24:09 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 52, "corpus": 1179, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 32, "coverage": 12498, "distributor delayed": 654, "distributor undelayed": 654, "distributor violated": 0, "exec candidate": 2304, "exec collide": 14882, "exec fuzz": 28237, "exec gen": 1536, "exec hints": 7018, "exec inject": 0, "exec minimize": 16405, "exec retries": 0, "exec seeds": 3524, "exec smash": 29201, "exec total [base]": 47850, "exec total [new]": 113268, "exec triage": 3317, "executor restarts [base]": 32, "executor restarts [new]": 50, "fault jobs": 0, "fuzzer jobs": 29, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 9, "max signal": 13018, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8242, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1389, "no exec duration": 21001000000, "no exec requests": 22, "pending": 0, "prog exec time": 330, "reproducing": 0, "rpc recv": 3659513516, "rpc sent": 214419472, "signal": 11954, "smash jobs": 14, "triage jobs": 6, "vm output": 436604, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 18:29:09 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 72, "corpus": 1272, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 42, "coverage": 12865, "distributor delayed": 717, "distributor undelayed": 717, "distributor violated": 0, "exec candidate": 2304, "exec collide": 21969, "exec fuzz": 41712, "exec gen": 2246, "exec hints": 8505, "exec inject": 0, "exec minimize": 18382, "exec retries": 0, "exec seeds": 3810, "exec smash": 31653, "exec total [base]": 59017, "exec total [new]": 141055, "exec triage": 3626, "executor restarts [base]": 32, "executor restarts [new]": 50, "fault jobs": 0, "fuzzer jobs": 20, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13474, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9138, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1512, "no exec duration": 21001000000, "no exec requests": 22, "pending": 0, "prog exec time": 307, "reproducing": 0, "rpc recv": 4514056048, "rpc sent": 286289440, "signal": 12339, "smash jobs": 9, "triage jobs": 7, "vm output": 568935, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 18:34:09 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 77, "corpus": 1351, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 52, "coverage": 13161, "distributor delayed": 773, "distributor undelayed": 773, "distributor violated": 0, "exec candidate": 2304, "exec collide": 29534, "exec fuzz": 56051, "exec gen": 2989, "exec hints": 8967, "exec inject": 0, "exec minimize": 19832, "exec retries": 0, "exec seeds": 4044, "exec smash": 33626, "exec total [base]": 69684, "exec total [new]": 168056, "exec triage": 3864, "executor restarts [base]": 32, "executor restarts [new]": 50, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13809, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9843, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1610, "no exec duration": 21001000000, "no exec requests": 22, "pending": 0, "prog exec time": 313, "reproducing": 0, "rpc recv": 5277319004, "rpc sent": 360011792, "signal": 12621, "smash jobs": 8, "triage jobs": 4, "vm output": 688126, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 18:39:09 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 77, "corpus": 1427, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 65, "coverage": 13389, "distributor delayed": 805, "distributor undelayed": 805, "distributor violated": 0, "exec candidate": 2304, "exec collide": 37068, "exec fuzz": 70417, "exec gen": 3698, "exec hints": 9397, "exec inject": 0, "exec minimize": 21018, "exec retries": 0, "exec seeds": 4281, "exec smash": 35660, "exec total [base]": 80230, "exec total [new]": 194782, "exec triage": 4092, "executor restarts [base]": 32, "executor restarts [new]": 50, "fault jobs": 0, "fuzzer jobs": 11, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 14072, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10398, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1711, "no exec duration": 21001000000, "no exec requests": 22, "pending": 0, "prog exec time": 343, "reproducing": 0, "rpc recv": 6017294068, "rpc sent": 436418128, "signal": 12834, "smash jobs": 3, "triage jobs": 8, "vm output": 851236, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 18:41:09 fuzzer has not reached the modified code in 30m0s, aborting 2025/09/22 18:41:09 syz-diff (base): kernel context loop terminated 2025/09/22 18:41:09 syz-diff (new): kernel context loop terminated 2025/09/22 18:41:09 diff fuzzing terminated 2025/09/22 18:41:09 status reporting terminated 2025/09/22 18:41:09 bug reporting terminated 2025/09/22 18:41:09 fuzzing is finished 2025/09/22 18:41:09 status at the end: Title On-Base On-Patched