2025/08/12 18:09:45 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/12 18:09:45 adding modified_functions to focus areas: ["mce_cpu_online" "mce_cpu_restart" "mce_enable_ce" "mce_syscore_resume" "nvmet_execute_disc_identify" "uc_decode_notifier"] 2025/08/12 18:09:45 adding directly modified files to focus areas: ["arch/x86/include/asm/mce.h" "arch/x86/include/uapi/asm/mce.h" "arch/x86/kernel/cpu/mce/core.c" "drivers/cxl/core/mce.c" "drivers/edac/skx_common.c"] 2025/08/12 18:09:47 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/12 18:10:45 runner 3 connected 2025/08/12 18:10:45 runner 7 connected 2025/08/12 18:10:45 runner 1 connected 2025/08/12 18:10:45 runner 0 connected 2025/08/12 18:10:45 runner 5 connected 2025/08/12 18:10:46 runner 1 connected 2025/08/12 18:10:47 runner 0 connected 2025/08/12 18:10:47 runner 6 connected 2025/08/12 18:10:47 runner 8 connected 2025/08/12 18:10:47 runner 2 connected 2025/08/12 18:10:47 runner 2 connected 2025/08/12 18:10:53 initializing coverage information... 2025/08/12 18:10:53 executor cover filter: 0 PCs 2025/08/12 18:10:56 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/12 18:10:56 base: machine check complete 2025/08/12 18:10:59 discovered 7697 source files, 338543 symbols 2025/08/12 18:11:00 coverage filter: mce_cpu_online: [mce_cpu_online] 2025/08/12 18:11:00 coverage filter: mce_cpu_restart: [mce_cpu_restart] 2025/08/12 18:11:00 coverage filter: mce_enable_ce: [mce_enable_ce] 2025/08/12 18:11:00 coverage filter: mce_syscore_resume: [mce_syscore_resume] 2025/08/12 18:11:00 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/12 18:11:00 coverage filter: uc_decode_notifier: [uc_decode_notifier] 2025/08/12 18:11:00 coverage filter: arch/x86/include/asm/mce.h: [] 2025/08/12 18:11:00 coverage filter: arch/x86/include/uapi/asm/mce.h: [] 2025/08/12 18:11:00 coverage filter: arch/x86/kernel/cpu/mce/core.c: [arch/x86/kernel/cpu/mce/core.c] 2025/08/12 18:11:00 coverage filter: drivers/cxl/core/mce.c: [] 2025/08/12 18:11:00 coverage filter: drivers/edac/skx_common.c: [] 2025/08/12 18:11:00 area "symbols": 127 PCs in the cover filter 2025/08/12 18:11:00 area "files": 806 PCs in the cover filter 2025/08/12 18:11:00 area "": 0 PCs in the cover filter 2025/08/12 18:11:00 executor cover filter: 0 PCs 2025/08/12 18:11:01 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/12 18:11:01 new: machine check complete 2025/08/12 18:11:05 new: adding 2072 seeds 2025/08/12 18:11:18 triaged 97.3% of the corpus 2025/08/12 18:11:18 starting bug reproductions 2025/08/12 18:11:18 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/12 18:11:48 triaged 100.0% of the corpus 2025/08/12 18:14:48 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 648, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 9076, "distributor delayed": 473, "distributor undelayed": 472, "distributor violated": 0, "exec candidate": 2072, "exec collide": 2761, "exec fuzz": 4977, "exec gen": 265, "exec hints": 741, "exec inject": 0, "exec minimize": 8063, "exec retries": 0, "exec seeds": 1755, "exec smash": 5352, "exec total [base]": 23307, "exec total [new]": 33932, "exec triage": 1795, "executor restarts": 43, "fault jobs": 0, "fuzzer jobs": 820, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 7, "hints jobs": 164, "max signal": 9433, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 4361, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 753, "no exec duration": 18046000000, "no exec requests": 28, "pending": 0, "prog exec time": 199, "reproducing": 0, "rpc recv": 661691212, "rpc sent": 45710976, "signal": 8626, "smash jobs": 642, "triage jobs": 14, "vm output": 169506, "vm restarts [base]": 4, "vm restarts [new]": 7 } 2025/08/12 18:19:48 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 10, "corpus": 895, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 1, "coverage": 10790, "distributor delayed": 621, "distributor undelayed": 621, "distributor violated": 0, "exec candidate": 2072, "exec collide": 6532, "exec fuzz": 11982, "exec gen": 607, "exec hints": 2045, "exec inject": 0, "exec minimize": 11992, "exec retries": 0, "exec seeds": 2592, "exec smash": 14330, "exec total [base]": 39290, "exec total [new]": 60768, "exec triage": 2465, "executor restarts": 43, "fault jobs": 0, "fuzzer jobs": 948, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 7, "hints jobs": 162, "max signal": 11181, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 6211, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1048, "no exec duration": 18046000000, "no exec requests": 28, "pending": 0, "prog exec time": 313, "reproducing": 0, "rpc recv": 953713832, "rpc sent": 107826664, "signal": 10195, "smash jobs": 778, "triage jobs": 8, "vm output": 269440, "vm restarts [base]": 4, "vm restarts [new]": 7 } 2025/08/12 18:19:54 new: boot error: can't ssh into the instance 2025/08/12 18:19:54 new: boot error: can't ssh into the instance 2025/08/12 18:19:54 new: boot error: can't ssh into the instance 2025/08/12 18:20:43 runner 3 connected 2025/08/12 18:20:43 runner 9 connected 2025/08/12 18:20:51 runner 4 connected 2025/08/12 18:24:48 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 32, "corpus": 1088, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 5, "coverage": 12369, "distributor delayed": 725, "distributor undelayed": 725, "distributor violated": 0, "exec candidate": 2072, "exec collide": 11133, "exec fuzz": 20682, "exec gen": 1034, "exec hints": 4217, "exec inject": 0, "exec minimize": 15315, "exec retries": 0, "exec seeds": 3254, "exec smash": 25226, "exec total [base]": 53351, "exec total [new]": 92119, "exec triage": 3027, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 299, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 77, "max signal": 12758, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7679, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1287, "no exec duration": 18046000000, "no exec requests": 28, "pending": 0, "prog exec time": 290, "reproducing": 0, "rpc recv": 1344053616, "rpc sent": 186094576, "signal": 11728, "smash jobs": 210, "triage jobs": 12, "vm output": 449503, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 18:29:48 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 40, "corpus": 1234, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 8, "coverage": 12864, "distributor delayed": 801, "distributor undelayed": 801, "distributor violated": 0, "exec candidate": 2072, "exec collide": 17548, "exec fuzz": 32608, "exec gen": 1667, "exec hints": 6461, "exec inject": 0, "exec minimize": 17892, "exec retries": 0, "exec seeds": 3721, "exec smash": 30884, "exec total [base]": 65607, "exec total [new]": 122461, "exec triage": 3450, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 21, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 13342, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8882, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1465, "no exec duration": 18046000000, "no exec requests": 28, "pending": 0, "prog exec time": 291, "reproducing": 0, "rpc recv": 1580391920, "rpc sent": 266060984, "signal": 12267, "smash jobs": 10, "triage jobs": 6, "vm output": 647711, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 18:34:48 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 45, "corpus": 1326, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 40, "coverage": 13241, "distributor delayed": 843, "distributor undelayed": 843, "distributor violated": 0, "exec candidate": 2072, "exec collide": 25241, "exec fuzz": 47569, "exec gen": 2455, "exec hints": 6968, "exec inject": 0, "exec minimize": 19749, "exec retries": 0, "exec seeds": 4002, "exec smash": 33292, "exec total [base]": 77295, "exec total [new]": 151209, "exec triage": 3700, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 9, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 13780, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9773, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1571, "no exec duration": 18046000000, "no exec requests": 28, "pending": 0, "prog exec time": 416, "reproducing": 0, "rpc recv": 1731819888, "rpc sent": 345789320, "signal": 12621, "smash jobs": 5, "triage jobs": 4, "vm output": 883015, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 18:39:48 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 52, "corpus": 1407, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 108, "coverage": 13464, "distributor delayed": 884, "distributor undelayed": 884, "distributor violated": 0, "exec candidate": 2072, "exec collide": 32930, "exec fuzz": 61884, "exec gen": 3219, "exec hints": 7151, "exec inject": 0, "exec minimize": 21103, "exec retries": 0, "exec seeds": 4245, "exec smash": 35338, "exec total [base]": 88221, "exec total [new]": 178042, "exec triage": 3944, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14175, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10400, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1675, "no exec duration": 18046000000, "no exec requests": 28, "pending": 0, "prog exec time": 365, "reproducing": 0, "rpc recv": 1864498000, "rpc sent": 420953984, "signal": 12836, "smash jobs": 5, "triage jobs": 6, "vm output": 1058311, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 18:41:48 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/12 18:41:49 syz-diff (base): kernel context loop terminated 2025/08/12 18:41:49 syz-diff (new): kernel context loop terminated 2025/08/12 18:41:49 diff fuzzing terminated 2025/08/12 18:41:49 bug reporting terminated 2025/08/12 18:41:49 status reporting terminated 2025/08/12 18:41:49 fuzzing is finished 2025/08/12 18:41:49 status at the end: Title On-Base On-Patched