2025/08/05 05:50:44 extracted 302589 symbol hashes for base and 302589 for patched 2025/08/05 05:50:44 adding modified_functions to focus areas: ["nvmet_execute_disc_identify" "virtio_transport_close_timeout" "virtio_transport_do_close" "virtio_transport_notify_set_rcvlowat" "virtio_transport_read_skb" "virtio_transport_recv_connected" "virtio_transport_recv_connecting" "virtio_transport_recv_disconnecting" "virtio_transport_release" "virtio_transport_reset" "virtio_transport_send_pkt_info" "virtio_transport_send_response" "virtio_transport_shutdown"] 2025/08/05 05:50:44 adding directly modified files to focus areas: ["net/vmw_vsock/virtio_transport_common.c"] 2025/08/05 05:50:45 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/05 05:51:35 runner 1 connected 2025/08/05 05:51:41 executor cover filter: 0 PCs 2025/08/05 05:51:42 runner 3 connected 2025/08/05 05:51:43 runner 0 connected 2025/08/05 05:51:43 runner 5 connected 2025/08/05 05:51:43 runner 4 connected 2025/08/05 05:51:43 runner 0 connected 2025/08/05 05:51:43 runner 8 connected 2025/08/05 05:51:43 runner 7 connected 2025/08/05 05:51:43 runner 3 connected 2025/08/05 05:51:43 runner 2 connected 2025/08/05 05:51:43 runner 6 connected 2025/08/05 05:51:43 runner 1 connected 2025/08/05 05:51:43 runner 2 connected 2025/08/05 05:51:44 runner 9 connected 2025/08/05 05:51:44 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 05:51:44 base: machine check complete 2025/08/05 05:51:48 initializing coverage information... 2025/08/05 05:51:53 discovered 7666 source files, 337374 symbols 2025/08/05 05:51:53 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/05 05:51:53 coverage filter: virtio_transport_close_timeout: [virtio_transport_close_timeout] 2025/08/05 05:51:53 coverage filter: virtio_transport_do_close: [virtio_transport_do_close] 2025/08/05 05:51:53 coverage filter: virtio_transport_notify_set_rcvlowat: [virtio_transport_notify_set_rcvlowat] 2025/08/05 05:51:53 coverage filter: virtio_transport_read_skb: [virtio_transport_read_skb] 2025/08/05 05:51:53 coverage filter: virtio_transport_recv_connected: [virtio_transport_recv_connected] 2025/08/05 05:51:53 coverage filter: virtio_transport_recv_connecting: [virtio_transport_recv_connecting] 2025/08/05 05:51:53 coverage filter: virtio_transport_recv_disconnecting: [virtio_transport_recv_disconnecting] 2025/08/05 05:51:53 coverage filter: virtio_transport_release: [virtio_transport_release] 2025/08/05 05:51:53 coverage filter: virtio_transport_reset: [virtio_transport_reset virtio_transport_reset_no_sock] 2025/08/05 05:51:53 coverage filter: virtio_transport_send_pkt_info: [virtio_transport_send_pkt_info] 2025/08/05 05:51:53 coverage filter: virtio_transport_send_response: [virtio_transport_send_response] 2025/08/05 05:51:53 coverage filter: virtio_transport_shutdown: [virtio_transport_shutdown] 2025/08/05 05:51:53 coverage filter: net/vmw_vsock/virtio_transport_common.c: [net/vmw_vsock/virtio_transport_common.c] 2025/08/05 05:51:53 area "symbols": 199 PCs in the cover filter 2025/08/05 05:51:53 area "files": 580 PCs in the cover filter 2025/08/05 05:51:53 area "": 0 PCs in the cover filter 2025/08/05 05:51:53 executor cover filter: 0 PCs 2025/08/05 05:51:55 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 05:51:55 new: machine check complete 2025/08/05 05:51:58 new: adding 2209 seeds 2025/08/05 05:52:16 triaged 100.0% of the corpus 2025/08/05 05:52:16 starting bug reproductions 2025/08/05 05:52:16 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/05 05:52:16 triaged 100.0% of the corpus 2025/08/05 05:55:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 810, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 11188, "distributor delayed": 417, "distributor undelayed": 417, "distributor violated": 0, "exec candidate": 2209, "exec collide": 4684, "exec fuzz": 9040, "exec gen": 464, "exec hints": 1615, "exec inject": 0, "exec minimize": 10692, "exec retries": 0, "exec seeds": 2265, "exec smash": 10057, "exec total [base]": 22965, "exec total [new]": 49806, "exec triage": 2209, "executor restarts": 53, "fault jobs": 0, "fuzzer jobs": 939, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 190, "max signal": 11623, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5626, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 946, "no exec duration": 14150000000, "no exec requests": 37, "pending": 0, "prog exec time": 186, "reproducing": 0, "rpc recv": 952753580, "rpc sent": 69846128, "signal": 10770, "smash jobs": 734, "triage jobs": 15, "vm output": 206766, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 06:00:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1098, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12573, "distributor delayed": 566, "distributor undelayed": 566, "distributor violated": 0, "exec candidate": 2209, "exec collide": 9752, "exec fuzz": 18713, "exec gen": 978, "exec hints": 4017, "exec inject": 0, "exec minimize": 15820, "exec retries": 0, "exec seeds": 3240, "exec smash": 21931, "exec total [base]": 38439, "exec total [new]": 86298, "exec triage": 3069, "executor restarts": 53, "fault jobs": 0, "fuzzer jobs": 665, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 158, "max signal": 13167, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7981, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1303, "no exec duration": 14150000000, "no exec requests": 37, "pending": 0, "prog exec time": 267, "reproducing": 0, "rpc recv": 1415392448, "rpc sent": 145977192, "signal": 12043, "smash jobs": 494, "triage jobs": 13, "vm output": 380025, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 06:05:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1299, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13182, "distributor delayed": 659, "distributor undelayed": 659, "distributor violated": 0, "exec candidate": 2209, "exec collide": 14730, "exec fuzz": 28043, "exec gen": 1460, "exec hints": 7897, "exec inject": 0, "exec minimize": 19123, "exec retries": 0, "exec seeds": 3897, "exec smash": 32201, "exec total [base]": 52126, "exec total [new]": 119715, "exec triage": 3586, "executor restarts": 53, "fault jobs": 0, "fuzzer jobs": 66, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 31, "max signal": 13770, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9514, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1530, "no exec duration": 14150000000, "no exec requests": 37, "pending": 0, "prog exec time": 245, "reproducing": 0, "rpc recv": 1720136688, "rpc sent": 222268640, "signal": 12629, "smash jobs": 26, "triage jobs": 9, "vm output": 546379, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 06:10:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1403, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13452, "distributor delayed": 719, "distributor undelayed": 719, "distributor violated": 0, "exec candidate": 2209, "exec collide": 22218, "exec fuzz": 42527, "exec gen": 2219, "exec hints": 11774, "exec inject": 0, "exec minimize": 20858, "exec retries": 0, "exec seeds": 4206, "exec smash": 34982, "exec total [base]": 65397, "exec total [new]": 151458, "exec triage": 3897, "executor restarts": 53, "fault jobs": 0, "fuzzer jobs": 23, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 14053, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10348, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1663, "no exec duration": 14150000000, "no exec requests": 37, "pending": 0, "prog exec time": 304, "reproducing": 0, "rpc recv": 1887840600, "rpc sent": 295913352, "signal": 12851, "smash jobs": 9, "triage jobs": 10, "vm output": 728865, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 06:15:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1493, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13652, "distributor delayed": 762, "distributor undelayed": 762, "distributor violated": 0, "exec candidate": 2209, "exec collide": 30751, "exec fuzz": 58744, "exec gen": 3105, "exec hints": 12396, "exec inject": 0, "exec minimize": 22432, "exec retries": 0, "exec seeds": 4486, "exec smash": 37281, "exec total [base]": 77806, "exec total [new]": 182124, "exec triage": 4149, "executor restarts": 53, "fault jobs": 0, "fuzzer jobs": 15, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 14409, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11050, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1770, "no exec duration": 14150000000, "no exec requests": 37, "pending": 0, "prog exec time": 256, "reproducing": 0, "rpc recv": 2050155636, "rpc sent": 372250032, "signal": 13037, "smash jobs": 9, "triage jobs": 4, "vm output": 910491, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 06:20:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1565, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13932, "distributor delayed": 792, "distributor undelayed": 792, "distributor violated": 0, "exec candidate": 2209, "exec collide": 39426, "exec fuzz": 75462, "exec gen": 3987, "exec hints": 12583, "exec inject": 0, "exec minimize": 23791, "exec retries": 0, "exec seeds": 4704, "exec smash": 39106, "exec total [base]": 90139, "exec total [new]": 212190, "exec triage": 4350, "executor restarts": 53, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14749, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11702, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1856, "no exec duration": 14150000000, "no exec requests": 37, "pending": 0, "prog exec time": 316, "reproducing": 0, "rpc recv": 2180201708, "rpc sent": 449431408, "signal": 13302, "smash jobs": 8, "triage jobs": 4, "vm output": 1082925, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 06:22:16 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/05 06:22:17 syz-diff (base): kernel context loop terminated 2025/08/05 06:22:17 syz-diff (new): kernel context loop terminated 2025/08/05 06:22:17 diff fuzzing terminated 2025/08/05 06:22:17 bug reporting terminated 2025/08/05 06:22:17 status reporting terminated 2025/08/05 06:22:17 fuzzing is finished 2025/08/05 06:22:17 status at the end: Title On-Base On-Patched