2025/08/25 08:42:07 extracted 303759 symbol hashes for base and 303759 for patched 2025/08/25 08:42:07 binaries are different, continuing fuzzing 2025/08/25 08:42:07 adding modified_functions to focus areas: ["cpu_parse_topology_amd"] 2025/08/25 08:42:07 adding directly modified files to focus areas: ["arch/x86/include/asm/msr-index.h" "arch/x86/kernel/cpu/topology_amd.c"] 2025/08/25 08:42:09 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/25 08:42:58 runner 1 connected 2025/08/25 08:42:58 runner 8 connected 2025/08/25 08:42:58 runner 0 connected 2025/08/25 08:42:58 runner 7 connected 2025/08/25 08:42:59 runner 3 connected 2025/08/25 08:42:59 runner 4 connected 2025/08/25 08:42:59 runner 2 connected 2025/08/25 08:42:59 runner 5 connected 2025/08/25 08:42:59 runner 3 connected 2025/08/25 08:42:59 runner 0 connected 2025/08/25 08:42:59 runner 9 connected 2025/08/25 08:43:00 runner 6 connected 2025/08/25 08:43:00 runner 2 connected 2025/08/25 08:43:00 runner 1 connected 2025/08/25 08:43:04 initializing coverage information... 2025/08/25 08:43:04 executor cover filter: 0 PCs 2025/08/25 08:43:05 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8054 2025/08/25 08:43:05 base: machine check complete 2025/08/25 08:43:09 discovered 7699 source files, 338631 symbols 2025/08/25 08:43:09 coverage filter: cpu_parse_topology_amd: [cpu_parse_topology_amd] 2025/08/25 08:43:09 coverage filter: arch/x86/include/asm/msr-index.h: [] 2025/08/25 08:43:09 coverage filter: arch/x86/kernel/cpu/topology_amd.c: [arch/x86/kernel/cpu/topology_amd.c] 2025/08/25 08:43:09 area "symbols": 53 PCs in the cover filter 2025/08/25 08:43:09 area "files": 59 PCs in the cover filter 2025/08/25 08:43:09 area "": 0 PCs in the cover filter 2025/08/25 08:43:09 executor cover filter: 0 PCs 2025/08/25 08:43:10 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8054 2025/08/25 08:43:10 new: machine check complete 2025/08/25 08:43:14 new: adding 2204 seeds 2025/08/25 08:43:40 triaged 100.0% of the corpus 2025/08/25 08:43:40 triaged 100.0% of the corpus 2025/08/25 08:43:40 starting bug reproductions 2025/08/25 08:43:40 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/25 08:47:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 807, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 6, "coverage": 10051, "distributor delayed": 481, "distributor undelayed": 481, "distributor violated": 0, "exec candidate": 2204, "exec collide": 5280, "exec fuzz": 9951, "exec gen": 495, "exec hints": 1776, "exec inject": 0, "exec minimize": 10950, "exec retries": 0, "exec seeds": 2255, "exec smash": 11407, "exec total [base]": 25040, "exec total [new]": 53017, "exec triage": 2124, "executor restarts [base]": 31, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 928, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 179, "max signal": 10562, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5861, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 913, "no exec duration": 22635000000, "no exec requests": 129, "pending": 0, "prog exec time": 157, "reproducing": 0, "rpc recv": 981870300, "rpc sent": 100489792, "signal": 9593, "smash jobs": 739, "triage jobs": 10, "vm output": 249741, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/25 08:52:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 3, "corpus": 1072, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 43, "coverage": 11322, "distributor delayed": 594, "distributor undelayed": 594, "distributor violated": 0, "exec candidate": 2204, "exec collide": 11585, "exec fuzz": 21862, "exec gen": 1133, "exec hints": 5572, "exec inject": 0, "exec minimize": 15652, "exec retries": 0, "exec seeds": 3184, "exec smash": 25542, "exec total [base]": 42872, "exec total [new]": 96098, "exec triage": 2790, "executor restarts [base]": 31, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 171, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 58, "max signal": 11785, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8166, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1215, "no exec duration": 22644000000, "no exec requests": 130, "pending": 0, "prog exec time": 208, "reproducing": 0, "rpc recv": 1361855808, "rpc sent": 234101088, "signal": 10832, "smash jobs": 102, "triage jobs": 11, "vm output": 365075, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/25 08:57:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 3, "corpus": 1234, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 60, "coverage": 11856, "distributor delayed": 674, "distributor undelayed": 674, "distributor violated": 0, "exec candidate": 2204, "exec collide": 20622, "exec fuzz": 38706, "exec gen": 2119, "exec hints": 11042, "exec inject": 0, "exec minimize": 18754, "exec retries": 0, "exec seeds": 3687, "exec smash": 30559, "exec total [base]": 59861, "exec total [new]": 137442, "exec triage": 3178, "executor restarts [base]": 31, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 26, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 8, "max signal": 12381, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9640, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1396, "no exec duration": 22648000000, "no exec requests": 131, "pending": 0, "prog exec time": 202, "reproducing": 0, "rpc recv": 1620860940, "rpc sent": 367771104, "signal": 11340, "smash jobs": 12, "triage jobs": 6, "vm output": 639243, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/25 09:02:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 14, "corpus": 1393, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 69, "coverage": 13013, "distributor delayed": 745, "distributor undelayed": 745, "distributor violated": 0, "exec candidate": 2204, "exec collide": 29329, "exec fuzz": 55611, "exec gen": 3035, "exec hints": 13338, "exec inject": 0, "exec minimize": 21911, "exec retries": 0, "exec seeds": 4163, "exec smash": 34612, "exec total [base]": 74808, "exec total [new]": 174331, "exec triage": 3554, "executor restarts [base]": 31, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13490, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11179, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1565, "no exec duration": 22648000000, "no exec requests": 131, "pending": 0, "prog exec time": 262, "reproducing": 0, "rpc recv": 1889450372, "rpc sent": 491645760, "signal": 12493, "smash jobs": 7, "triage jobs": 3, "vm output": 803310, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/25 09:07:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 19, "corpus": 1484, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 84, "coverage": 13284, "distributor delayed": 782, "distributor undelayed": 782, "distributor violated": 0, "exec candidate": 2204, "exec collide": 38918, "exec fuzz": 73866, "exec gen": 3949, "exec hints": 14532, "exec inject": 0, "exec minimize": 23541, "exec retries": 0, "exec seeds": 4435, "exec smash": 36918, "exec total [base]": 88949, "exec total [new]": 208707, "exec triage": 3773, "executor restarts [base]": 31, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 13784, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11992, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1665, "no exec duration": 22648000000, "no exec requests": 131, "pending": 0, "prog exec time": 207, "reproducing": 0, "rpc recv": 2046012444, "rpc sent": 610198832, "signal": 12746, "smash jobs": 5, "triage jobs": 3, "vm output": 949195, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/25 09:12:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 26, "corpus": 1577, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 97, "coverage": 13545, "distributor delayed": 832, "distributor undelayed": 832, "distributor violated": 0, "exec candidate": 2204, "exec collide": 48006, "exec fuzz": 91280, "exec gen": 4817, "exec hints": 15799, "exec inject": 0, "exec minimize": 25225, "exec retries": 0, "exec seeds": 4722, "exec smash": 39305, "exec total [base]": 102609, "exec total [new]": 241933, "exec triage": 4001, "executor restarts [base]": 31, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 14099, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12798, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1767, "no exec duration": 22648000000, "no exec requests": 131, "pending": 0, "prog exec time": 280, "reproducing": 0, "rpc recv": 2215422352, "rpc sent": 722636120, "signal": 12975, "smash jobs": 3, "triage jobs": 4, "vm output": 1104875, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/25 09:13:40 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/25 09:13:40 syz-diff (base): kernel context loop terminated 2025/08/25 09:13:40 syz-diff (new): kernel context loop terminated 2025/08/25 09:13:40 diff fuzzing terminated 2025/08/25 09:13:40 bug reporting terminated 2025/08/25 09:13:40 status reporting terminated 2025/08/25 09:13:40 fuzzing is finished 2025/08/25 09:13:40 status at the end: Title On-Base On-Patched