2025/08/18 10:38:00 extracted 303751 symbol hashes for base and 303751 for patched 2025/08/18 10:38:00 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/18 10:38:00 adding directly modified files to focus areas: ["drivers/vfio/pci/vfio_pci_intrs.c"] 2025/08/18 10:38:01 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/18 10:38:59 runner 1 connected 2025/08/18 10:38:59 runner 1 connected 2025/08/18 10:39:05 runner 7 connected 2025/08/18 10:39:05 runner 4 connected 2025/08/18 10:39:06 executor cover filter: 0 PCs 2025/08/18 10:39:06 runner 5 connected 2025/08/18 10:39:06 runner 3 connected 2025/08/18 10:39:06 runner 9 connected 2025/08/18 10:39:06 runner 0 connected 2025/08/18 10:39:06 runner 8 connected 2025/08/18 10:39:06 initializing coverage information... 2025/08/18 10:39:06 runner 2 connected 2025/08/18 10:39:06 runner 2 connected 2025/08/18 10:39:07 runner 0 connected 2025/08/18 10:39:07 runner 3 connected 2025/08/18 10:39:07 runner 6 connected 2025/08/18 10:39:09 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/18 10:39:09 base: machine check complete 2025/08/18 10:39:12 discovered 7699 source files, 338620 symbols 2025/08/18 10:39:13 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/18 10:39:13 coverage filter: drivers/vfio/pci/vfio_pci_intrs.c: [drivers/vfio/pci/vfio_pci_intrs.c] 2025/08/18 10:39:13 area "symbols": 15 PCs in the cover filter 2025/08/18 10:39:13 area "files": 298 PCs in the cover filter 2025/08/18 10:39:13 area "": 0 PCs in the cover filter 2025/08/18 10:39:13 executor cover filter: 0 PCs 2025/08/18 10:39:14 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/18 10:39:14 new: machine check complete 2025/08/18 10:39:18 new: adding 2289 seeds 2025/08/18 10:39:32 triaged 97.2% of the corpus 2025/08/18 10:39:32 starting bug reproductions 2025/08/18 10:39:32 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/18 10:40:02 triaged 100.0% of the corpus 2025/08/18 10:43:02 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 743, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 10766, "distributor delayed": 377, "distributor undelayed": 377, "distributor violated": 0, "exec candidate": 2289, "exec collide": 4033, "exec fuzz": 7641, "exec gen": 398, "exec hints": 1221, "exec inject": 0, "exec minimize": 9532, "exec retries": 0, "exec seeds": 2097, "exec smash": 8479, "exec total [base]": 20710, "exec total [new]": 44515, "exec triage": 2002, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 851, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 163, "max signal": 11205, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5026, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 852, "no exec duration": 11004000000, "no exec requests": 12, "pending": 0, "prog exec time": 230, "reproducing": 0, "rpc recv": 956140256, "rpc sent": 64841320, "signal": 10258, "smash jobs": 674, "triage jobs": 14, "vm output": 194177, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 10:48:02 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 23, "corpus": 1006, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 17, "coverage": 11883, "distributor delayed": 498, "distributor undelayed": 498, "distributor violated": 0, "exec candidate": 2289, "exec collide": 9034, "exec fuzz": 17037, "exec gen": 892, "exec hints": 3152, "exec inject": 0, "exec minimize": 14059, "exec retries": 0, "exec seeds": 2976, "exec smash": 20567, "exec total [base]": 35606, "exec total [new]": 79544, "exec triage": 2715, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 564, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 127, "max signal": 12338, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7131, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1156, "no exec duration": 11004000000, "no exec requests": 12, "pending": 0, "prog exec time": 386, "reproducing": 0, "rpc recv": 1346586616, "rpc sent": 156615520, "signal": 11415, "smash jobs": 429, "triage jobs": 8, "vm output": 299592, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 10:53:02 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 46, "corpus": 1186, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 36, "coverage": 12547, "distributor delayed": 590, "distributor undelayed": 590, "distributor violated": 0, "exec candidate": 2289, "exec collide": 14088, "exec fuzz": 26910, "exec gen": 1385, "exec hints": 6993, "exec inject": 0, "exec minimize": 17271, "exec retries": 0, "exec seeds": 3570, "exec smash": 29700, "exec total [base]": 49232, "exec total [new]": 112274, "exec triage": 3248, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 23, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 12, "max signal": 13108, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8626, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1382, "no exec duration": 11004000000, "no exec requests": 12, "pending": 0, "prog exec time": 200, "reproducing": 0, "rpc recv": 1618194200, "rpc sent": 250964120, "signal": 12016, "smash jobs": 5, "triage jobs": 6, "vm output": 550145, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 10:58:02 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 57, "corpus": 1286, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 59, "coverage": 12830, "distributor delayed": 645, "distributor undelayed": 645, "distributor violated": 0, "exec candidate": 2289, "exec collide": 21523, "exec fuzz": 41021, "exec gen": 2067, "exec hints": 10148, "exec inject": 0, "exec minimize": 18945, "exec retries": 0, "exec seeds": 3866, "exec smash": 32103, "exec total [base]": 61767, "exec total [new]": 142296, "exec triage": 3513, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 20, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 6, "max signal": 13423, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9392, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1497, "no exec duration": 11004000000, "no exec requests": 12, "pending": 0, "prog exec time": 328, "reproducing": 0, "rpc recv": 1776312428, "rpc sent": 346462520, "signal": 12279, "smash jobs": 12, "triage jobs": 2, "vm output": 818311, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 11:03:02 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 60, "corpus": 1366, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 81, "coverage": 13008, "distributor delayed": 692, "distributor undelayed": 692, "distributor violated": 0, "exec candidate": 2289, "exec collide": 29217, "exec fuzz": 55192, "exec gen": 2800, "exec hints": 13179, "exec inject": 0, "exec minimize": 20272, "exec retries": 0, "exec seeds": 4113, "exec smash": 34213, "exec total [base]": 73924, "exec total [new]": 171862, "exec triage": 3766, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13664, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9969, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1605, "no exec duration": 11004000000, "no exec requests": 12, "pending": 0, "prog exec time": 371, "reproducing": 0, "rpc recv": 1920466780, "rpc sent": 444340624, "signal": 12459, "smash jobs": 6, "triage jobs": 7, "vm output": 1023850, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 11:08:02 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 66, "corpus": 1445, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 187, "coverage": 13354, "distributor delayed": 726, "distributor undelayed": 726, "distributor violated": 0, "exec candidate": 2289, "exec collide": 36998, "exec fuzz": 69920, "exec gen": 3587, "exec hints": 13665, "exec inject": 0, "exec minimize": 21425, "exec retries": 0, "exec seeds": 4350, "exec smash": 36225, "exec total [base]": 85186, "exec total [new]": 199252, "exec triage": 3969, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 7, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 14033, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10502, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1693, "no exec duration": 11004000000, "no exec requests": 12, "pending": 0, "prog exec time": 348, "reproducing": 0, "rpc recv": 2037384400, "rpc sent": 543432800, "signal": 12739, "smash jobs": 3, "triage jobs": 4, "vm output": 1210652, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 11:10:02 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/18 11:10:03 syz-diff (base): kernel context loop terminated 2025/08/18 11:10:03 syz-diff (new): kernel context loop terminated 2025/08/18 11:10:03 diff fuzzing terminated 2025/08/18 11:10:03 bug reporting terminated 2025/08/18 11:10:03 status reporting terminated 2025/08/18 11:10:03 fuzzing is finished 2025/08/18 11:10:03 status at the end: Title On-Base On-Patched