2025/08/03 03:33:26 extracted 302733 symbol hashes for base and 302737 for patched 2025/08/03 03:33:26 adding modified_functions to focus areas: ["__pfx_nvme_get_ctrl_id" "__pfx_nvme_submit_vf_cmd" "nvme_complete_rq" "nvme_delete_ctrl_work" "nvme_end_req" "nvme_error_status" "nvme_get_ctrl_id" "nvme_init_ctrl_finish" "nvme_scan_ns" "nvme_submit_vf_cmd" "nvme_wait_reset" "nvmet_execute_disc_identify" "nvmet_execute_identify"] 2025/08/03 03:33:26 failed to grep for the header usages: failed to run ["/usr/bin/grep" "-rl" "--include" "*.c" ""]: exit status 1 2025/08/03 03:33:26 failed to grep for the header usages: failed to run ["/usr/bin/grep" "-rl" "--include" "*.c" ""]: exit status 1 2025/08/03 03:33:26 failed to grep for the header usages: failed to run ["/usr/bin/grep" "-rl" "--include" "*.c" ""]: exit status 1 2025/08/03 03:33:26 failed to grep for the header usages: failed to run ["/usr/bin/grep" "-rl" "--include" "*.c" ""]: exit status 1 2025/08/03 03:33:26 adding directly modified files to focus areas: ["drivers/nvme/host/core.c" "drivers/nvme/host/nvme.h" "drivers/nvme/host/pci.c" "drivers/vfio/pci/Kconfig" "drivers/vfio/pci/Makefile" "drivers/vfio/pci/nvme/Kconfig" "drivers/vfio/pci/nvme/Makefile" "drivers/vfio/pci/nvme/nvme.c" "drivers/vfio/pci/nvme/nvme.h" "include/linux/nvme.h"] 2025/08/03 03:33:27 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/03 03:34:09 runner 0 connected 2025/08/03 03:34:15 executor cover filter: 0 PCs 2025/08/03 03:34:15 runner 0 connected 2025/08/03 03:34:15 runner 6 connected 2025/08/03 03:34:16 runner 4 connected 2025/08/03 03:34:16 runner 2 connected 2025/08/03 03:34:16 runner 1 connected 2025/08/03 03:34:16 runner 3 connected 2025/08/03 03:34:16 runner 9 connected 2025/08/03 03:34:16 runner 1 connected 2025/08/03 03:34:17 runner 3 connected 2025/08/03 03:34:17 runner 8 connected 2025/08/03 03:34:17 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/03 03:34:17 base: machine check complete 2025/08/03 03:34:21 initializing coverage information... 2025/08/03 03:34:25 discovered 7668 source files, 337511 symbols 2025/08/03 03:34:25 coverage filter: __pfx_nvme_get_ctrl_id: [] 2025/08/03 03:34:25 coverage filter: __pfx_nvme_submit_vf_cmd: [] 2025/08/03 03:34:25 coverage filter: nvme_complete_rq: [__bpf_trace_nvme_complete_rq __probestub_nvme_complete_rq __traceiter_nvme_complete_rq nvme_complete_rq perf_trace_nvme_complete_rq trace_event_raw_event_nvme_complete_rq trace_nvme_complete_rq trace_raw_output_nvme_complete_rq] 2025/08/03 03:34:25 coverage filter: nvme_delete_ctrl_work: [nvme_delete_ctrl_work] 2025/08/03 03:34:25 coverage filter: nvme_end_req: [__nvme_end_req nvme_end_req] 2025/08/03 03:34:25 coverage filter: nvme_error_status: [nvme_error_status] 2025/08/03 03:34:25 coverage filter: nvme_get_ctrl_id: [nvme_get_ctrl_id] 2025/08/03 03:34:25 coverage filter: nvme_init_ctrl_finish: [nvme_init_ctrl_finish] 2025/08/03 03:34:25 coverage filter: nvme_scan_ns: [nvme_scan_ns nvme_scan_ns_async nvme_scan_ns_sequential] 2025/08/03 03:34:25 coverage filter: nvme_submit_vf_cmd: [nvme_submit_vf_cmd] 2025/08/03 03:34:25 coverage filter: nvme_wait_reset: [nvme_wait_reset] 2025/08/03 03:34:25 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/03 03:34:25 coverage filter: nvmet_execute_identify: [nvmet_execute_identify nvmet_execute_identify_ctrl_nvm nvmet_execute_identify_ctrl_zns nvmet_execute_identify_ns_zns nvmet_execute_identify_nslist] 2025/08/03 03:34:25 coverage filter: drivers/nvme/host/core.c: [drivers/nvme/host/core.c] 2025/08/03 03:34:25 coverage filter: drivers/nvme/host/nvme.h: [] 2025/08/03 03:34:25 coverage filter: drivers/nvme/host/pci.c: [drivers/nvme/host/pci.c] 2025/08/03 03:34:25 coverage filter: drivers/vfio/pci/Kconfig: [] 2025/08/03 03:34:25 coverage filter: drivers/vfio/pci/Makefile: [] 2025/08/03 03:34:25 coverage filter: drivers/vfio/pci/nvme/Kconfig: [] 2025/08/03 03:34:25 coverage filter: drivers/vfio/pci/nvme/Makefile: [] 2025/08/03 03:34:25 coverage filter: drivers/vfio/pci/nvme/nvme.c: [] 2025/08/03 03:34:25 coverage filter: drivers/vfio/pci/nvme/nvme.h: [] 2025/08/03 03:34:25 coverage filter: include/linux/nvme.h: [] 2025/08/03 03:34:25 area "symbols": 783 PCs in the cover filter 2025/08/03 03:34:25 area "files": 3205 PCs in the cover filter 2025/08/03 03:34:25 area "": 0 PCs in the cover filter 2025/08/03 03:34:25 executor cover filter: 0 PCs 2025/08/03 03:34:26 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/03 03:34:26 new: machine check complete 2025/08/03 03:34:28 triaged 100.0% of the corpus 2025/08/03 03:34:28 starting bug reproductions 2025/08/03 03:34:28 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/03 03:34:28 triaged 100.0% of the corpus 2025/08/03 03:34:29 new: adding 2062 seeds 2025/08/03 03:38:28 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 721, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 10502, "distributor delayed": 529, "distributor undelayed": 529, "distributor violated": 0, "exec candidate": 2062, "exec collide": 3583, "exec fuzz": 7011, "exec gen": 345, "exec hints": 1046, "exec inject": 0, "exec minimize": 9928, "exec retries": 0, "exec seeds": 1993, "exec smash": 7780, "exec total [base]": 28905, "exec total [new]": 41818, "exec triage": 1927, "executor restarts": 41, "fault jobs": 0, "fuzzer jobs": 861, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 7, "hints jobs": 165, "max signal": 10843, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5439, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 822, "no exec duration": 18623000000, "no exec requests": 459, "pending": 0, "prog exec time": 182, "reproducing": 0, "rpc recv": 753414364, "rpc sent": 79326232, "signal": 10102, "smash jobs": 690, "triage jobs": 6, "vm output": 156689, "vm restarts [base]": 4, "vm restarts [new]": 7 } 2025/08/03 03:43:28 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 947, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 11768, "distributor delayed": 672, "distributor undelayed": 672, "distributor violated": 0, "exec candidate": 2062, "exec collide": 7664, "exec fuzz": 14896, "exec gen": 773, "exec hints": 2690, "exec inject": 0, "exec minimize": 13799, "exec retries": 0, "exec seeds": 2760, "exec smash": 17753, "exec total [base]": 46574, "exec total [new]": 71095, "exec triage": 2558, "executor restarts": 41, "fault jobs": 0, "fuzzer jobs": 708, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 7, "hints jobs": 153, "max signal": 12201, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7194, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1097, "no exec duration": 18623000000, "no exec requests": 459, "pending": 0, "prog exec time": 262, "reproducing": 0, "rpc recv": 1090769364, "rpc sent": 173408664, "signal": 11348, "smash jobs": 547, "triage jobs": 8, "vm output": 262216, "vm restarts [base]": 4, "vm restarts [new]": 7 } 2025/08/03 03:44:14 runner 7 connected 2025/08/03 03:44:15 runner 2 connected 2025/08/03 03:44:15 runner 5 connected 2025/08/03 03:48:28 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1169, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12544, "distributor delayed": 791, "distributor undelayed": 791, "distributor violated": 0, "exec candidate": 2062, "exec collide": 12259, "exec fuzz": 23710, "exec gen": 1288, "exec hints": 5718, "exec inject": 0, "exec minimize": 17781, "exec retries": 0, "exec seeds": 3483, "exec smash": 27926, "exec total [base]": 60764, "exec total [new]": 103569, "exec triage": 3191, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 152, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 42, "max signal": 13104, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9060, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1365, "no exec duration": 18677000000, "no exec requests": 460, "pending": 0, "prog exec time": 302, "reproducing": 0, "rpc recv": 1537356404, "rpc sent": 271646784, "signal": 12097, "smash jobs": 101, "triage jobs": 9, "vm output": 434729, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/03 03:53:28 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1322, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12983, "distributor delayed": 864, "distributor undelayed": 864, "distributor violated": 0, "exec candidate": 2062, "exec collide": 18808, "exec fuzz": 36321, "exec gen": 1943, "exec hints": 9007, "exec inject": 0, "exec minimize": 20632, "exec retries": 0, "exec seeds": 3961, "exec smash": 32903, "exec total [base]": 73910, "exec total [new]": 135405, "exec triage": 3619, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 26, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 7, "max signal": 13582, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10392, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1551, "no exec duration": 18677000000, "no exec requests": 460, "pending": 0, "prog exec time": 274, "reproducing": 0, "rpc recv": 1778956368, "rpc sent": 373236512, "signal": 12496, "smash jobs": 11, "triage jobs": 8, "vm output": 803755, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/03 03:58:28 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1427, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13241, "distributor delayed": 911, "distributor undelayed": 911, "distributor violated": 0, "exec candidate": 2062, "exec collide": 26494, "exec fuzz": 51005, "exec gen": 2700, "exec hints": 9792, "exec inject": 0, "exec minimize": 22697, "exec retries": 0, "exec seeds": 4284, "exec smash": 35578, "exec total [base]": 85896, "exec total [new]": 164661, "exec triage": 3899, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 17, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13865, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11408, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1675, "no exec duration": 18677000000, "no exec requests": 460, "pending": 0, "prog exec time": 314, "reproducing": 0, "rpc recv": 1951964232, "rpc sent": 475195104, "signal": 12741, "smash jobs": 10, "triage jobs": 4, "vm output": 1110807, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/03 04:03:28 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1525, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13477, "distributor delayed": 956, "distributor undelayed": 956, "distributor violated": 0, "exec candidate": 2062, "exec collide": 34377, "exec fuzz": 65740, "exec gen": 3477, "exec hints": 10338, "exec inject": 0, "exec minimize": 24390, "exec retries": 0, "exec seeds": 4581, "exec smash": 38097, "exec total [base]": 97681, "exec total [new]": 193354, "exec triage": 4142, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14097, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12219, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1785, "no exec duration": 18677000000, "no exec requests": 460, "pending": 0, "prog exec time": 362, "reproducing": 0, "rpc recv": 2095663904, "rpc sent": 574590296, "signal": 12940, "smash jobs": 8, "triage jobs": 4, "vm output": 1447555, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/03 04:04:28 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/03 04:04:28 syz-diff (base): kernel context loop terminated 2025/08/03 04:04:28 syz-diff (new): kernel context loop terminated 2025/08/03 04:04:28 diff fuzzing terminated 2025/08/03 04:04:28 bug reporting terminated 2025/08/03 04:04:28 status reporting terminated 2025/08/03 04:04:28 fuzzing is finished 2025/08/03 04:04:28 status at the end: Title On-Base On-Patched