2025/09/22 19:10:08 extracted 327254 text symbol hashes for base and 327254 for patched 2025/09/22 19:10:08 binaries are different, continuing fuzzing 2025/09/22 19:10:08 adding modified_functions to focus areas: ["__vfio_pci_intx_unmask" "vfio_pci_set_intx_trigger"] 2025/09/22 19:10:08 adding directly modified files to focus areas: ["drivers/vfio/pci/vfio_pci_intrs.c"] 2025/09/22 19:10:09 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/09/22 19:11:07 runner 6 connected 2025/09/22 19:11:07 runner 0 connected 2025/09/22 19:11:07 runner 5 connected 2025/09/22 19:11:07 runner 8 connected 2025/09/22 19:11:07 runner 2 connected 2025/09/22 19:11:07 runner 9 connected 2025/09/22 19:11:07 runner 7 connected 2025/09/22 19:11:07 runner 0 connected 2025/09/22 19:11:07 runner 1 connected 2025/09/22 19:11:07 runner 1 connected 2025/09/22 19:11:07 runner 3 connected 2025/09/22 19:11:08 runner 4 connected 2025/09/22 19:11:08 runner 3 connected 2025/09/22 19:11:08 runner 2 connected 2025/09/22 19:11:13 initializing coverage information... 2025/09/22 19:11:13 executor cover filter: 0 PCs 2025/09/22 19:11:15 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 166/8055 2025/09/22 19:11:15 base: machine check complete 2025/09/22 19:11:17 discovered 7699 source files, 338653 symbols 2025/09/22 19:11:17 coverage filter: __vfio_pci_intx_unmask: [__vfio_pci_intx_unmask] 2025/09/22 19:11:17 coverage filter: vfio_pci_set_intx_trigger: [vfio_pci_set_intx_trigger] 2025/09/22 19:11:17 coverage filter: drivers/vfio/pci/vfio_pci_intrs.c: [drivers/vfio/pci/vfio_pci_intrs.c] 2025/09/22 19:11:17 area "symbols": 77 PCs in the cover filter 2025/09/22 19:11:17 area "files": 306 PCs in the cover filter 2025/09/22 19:11:17 area "": 0 PCs in the cover filter 2025/09/22 19:11:17 executor cover filter: 0 PCs 2025/09/22 19:11:19 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 166/8055 2025/09/22 19:11:19 new: machine check complete 2025/09/22 19:11:22 new: adding 2353 seeds 2025/09/22 19:11:40 triaged 98.3% of the corpus 2025/09/22 19:11:40 starting bug reproductions 2025/09/22 19:11:40 starting bug reproductions (max 10 VMs, 7 repros) 2025/09/22 19:12:10 triaged 100.0% of the corpus 2025/09/22 19:15:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 769, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 9766, "distributor delayed": 453, "distributor undelayed": 453, "distributor violated": 0, "exec candidate": 2353, "exec collide": 5384, "exec fuzz": 10132, "exec gen": 503, "exec hints": 1576, "exec inject": 0, "exec minimize": 9731, "exec retries": 0, "exec seeds": 2181, "exec smash": 11995, "exec total [base]": 23358, "exec total [new]": 52937, "exec triage": 2082, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 762, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 146, "max signal": 10095, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5202, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 886, "no exec duration": 21045000000, "no exec requests": 28, "pending": 0, "prog exec time": 164, "reproducing": 0, "rpc recv": 1451406824, "rpc sent": 79638872, "signal": 9329, "smash jobs": 609, "triage jobs": 7, "vm output": 206112, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 19:20:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 14, "corpus": 1082, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 1, "coverage": 11998, "distributor delayed": 601, "distributor undelayed": 601, "distributor violated": 0, "exec candidate": 2353, "exec collide": 11420, "exec fuzz": 21597, "exec gen": 1106, "exec hints": 5206, "exec inject": 0, "exec minimize": 14563, "exec retries": 0, "exec seeds": 3207, "exec smash": 25443, "exec total [base]": 40373, "exec total [new]": 94786, "exec triage": 2890, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 183, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 57, "max signal": 12483, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7406, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1252, "no exec duration": 21045000000, "no exec requests": 28, "pending": 0, "prog exec time": 234, "reproducing": 0, "rpc recv": 2667698572, "rpc sent": 179306984, "signal": 11529, "smash jobs": 115, "triage jobs": 11, "vm output": 394939, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 19:25:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 34, "corpus": 1238, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 2, "coverage": 12487, "distributor delayed": 688, "distributor undelayed": 688, "distributor violated": 0, "exec candidate": 2353, "exec collide": 19289, "exec fuzz": 36545, "exec gen": 1854, "exec hints": 8779, "exec inject": 0, "exec minimize": 17006, "exec retries": 0, "exec seeds": 3708, "exec smash": 30809, "exec total [base]": 54844, "exec total [new]": 130696, "exec triage": 3353, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 15, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 12975, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8527, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1447, "no exec duration": 21045000000, "no exec requests": 28, "pending": 0, "prog exec time": 266, "reproducing": 0, "rpc recv": 3724474848, "rpc sent": 268749144, "signal": 11958, "smash jobs": 7, "triage jobs": 5, "vm output": 607008, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 19:30:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 47, "corpus": 1363, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 2, "coverage": 13022, "distributor delayed": 731, "distributor undelayed": 731, "distributor violated": 0, "exec candidate": 2353, "exec collide": 27439, "exec fuzz": 52206, "exec gen": 2666, "exec hints": 9741, "exec inject": 0, "exec minimize": 19460, "exec retries": 0, "exec seeds": 4086, "exec smash": 33944, "exec total [base]": 67521, "exec total [new]": 162602, "exec triage": 3709, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 21, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13588, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9687, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1598, "no exec duration": 21045000000, "no exec requests": 28, "pending": 0, "prog exec time": 295, "reproducing": 0, "rpc recv": 4683975952, "rpc sent": 357186976, "signal": 12457, "smash jobs": 9, "triage jobs": 10, "vm output": 760528, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 19:35:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 60, "corpus": 1458, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 27, "coverage": 13352, "distributor delayed": 780, "distributor undelayed": 780, "distributor violated": 0, "exec candidate": 2353, "exec collide": 35820, "exec fuzz": 67751, "exec gen": 3502, "exec hints": 10351, "exec inject": 0, "exec minimize": 21203, "exec retries": 0, "exec seeds": 4374, "exec smash": 36365, "exec total [base]": 79493, "exec total [new]": 192682, "exec triage": 3964, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13906, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10536, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1705, "no exec duration": 21045000000, "no exec requests": 28, "pending": 0, "prog exec time": 318, "reproducing": 0, "rpc recv": 5556227392, "rpc sent": 446523072, "signal": 12769, "smash jobs": 5, "triage jobs": 3, "vm output": 925832, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 19:40:10 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 69, "corpus": 1568, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 36, "coverage": 13583, "distributor delayed": 838, "distributor undelayed": 838, "distributor violated": 0, "exec candidate": 2353, "exec collide": 43886, "exec fuzz": 82852, "exec gen": 4356, "exec hints": 10957, "exec inject": 0, "exec minimize": 23265, "exec retries": 0, "exec seeds": 4706, "exec smash": 39106, "exec total [base]": 91274, "exec total [new]": 222772, "exec triage": 4294, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 18, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14180, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11515, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1848, "no exec duration": 21045000000, "no exec requests": 28, "pending": 0, "prog exec time": 314, "reproducing": 0, "rpc recv": 6430876180, "rpc sent": 539706472, "signal": 12989, "smash jobs": 9, "triage jobs": 8, "vm output": 1129005, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/09/22 19:42:10 fuzzer has not reached the modified code in 30m0s, aborting 2025/09/22 19:42:11 syz-diff (base): kernel context loop terminated 2025/09/22 19:42:11 syz-diff (new): kernel context loop terminated 2025/09/22 19:42:11 diff fuzzing terminated 2025/09/22 19:42:11 bug reporting terminated 2025/09/22 19:42:11 status reporting terminated 2025/09/22 19:42:11 fuzzing is finished 2025/09/22 19:42:11 status at the end: Title On-Base On-Patched