2025/08/27 01:31:05 extracted 303777 symbol hashes for base and 303777 for patched 2025/08/27 01:31:05 binaries are different, continuing fuzzing 2025/08/27 01:31:05 adding modified_functions to focus areas: ["kvm_gmem_populate"] 2025/08/27 01:31:05 adding directly modified files to focus areas: ["arch/x86/kvm/svm/sev.c" "virt/kvm/guest_memfd.c"] 2025/08/27 01:31:06 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/27 01:32:04 runner 2 connected 2025/08/27 01:32:04 runner 1 connected 2025/08/27 01:32:04 runner 5 connected 2025/08/27 01:32:04 runner 4 connected 2025/08/27 01:32:04 runner 3 connected 2025/08/27 01:32:04 runner 0 connected 2025/08/27 01:32:04 runner 9 connected 2025/08/27 01:32:04 runner 1 connected 2025/08/27 01:32:10 runner 8 connected 2025/08/27 01:32:10 runner 0 connected 2025/08/27 01:32:11 runner 3 connected 2025/08/27 01:32:11 initializing coverage information... 2025/08/27 01:32:11 executor cover filter: 0 PCs 2025/08/27 01:32:11 runner 2 connected 2025/08/27 01:32:12 runner 7 connected 2025/08/27 01:32:12 runner 6 connected 2025/08/27 01:32:13 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8054 2025/08/27 01:32:13 base: machine check complete 2025/08/27 01:32:16 discovered 7699 source files, 338649 symbols 2025/08/27 01:32:16 coverage filter: kvm_gmem_populate: [kvm_gmem_populate] 2025/08/27 01:32:16 coverage filter: arch/x86/kvm/svm/sev.c: [] 2025/08/27 01:32:16 coverage filter: virt/kvm/guest_memfd.c: [virt/kvm/guest_memfd.c] 2025/08/27 01:32:16 area "symbols": 61 PCs in the cover filter 2025/08/27 01:32:16 area "files": 237 PCs in the cover filter 2025/08/27 01:32:16 area "": 0 PCs in the cover filter 2025/08/27 01:32:16 executor cover filter: 0 PCs 2025/08/27 01:32:17 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8054 2025/08/27 01:32:17 new: machine check complete 2025/08/27 01:32:21 new: adding 2260 seeds 2025/08/27 01:32:37 triaged 97.2% of the corpus 2025/08/27 01:32:37 starting bug reproductions 2025/08/27 01:32:37 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/27 01:33:07 triaged 100.0% of the corpus 2025/08/27 01:36:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 695, "corpus [files]": 6, "corpus [symbols]": 0, "cover overflows": 2, "coverage": 9853, "distributor delayed": 374, "distributor undelayed": 374, "distributor violated": 0, "exec candidate": 2260, "exec collide": 4087, "exec fuzz": 7557, "exec gen": 390, "exec hints": 1222, "exec inject": 0, "exec minimize": 8994, "exec retries": 0, "exec seeds": 1986, "exec smash": 8590, "exec total [base]": 19878, "exec total [new]": 43697, "exec triage": 1883, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 812, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 132, "max signal": 10168, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 4902, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 795, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 220, "reproducing": 0, "rpc recv": 1360439684, "rpc sent": 65945088, "signal": 9479, "smash jobs": 668, "triage jobs": 12, "vm output": 192570, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 01:41:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 5, "corpus": 956, "corpus [files]": 8, "corpus [symbols]": 0, "cover overflows": 3, "coverage": 10982, "distributor delayed": 504, "distributor undelayed": 504, "distributor violated": 0, "exec candidate": 2260, "exec collide": 9687, "exec fuzz": 18056, "exec gen": 931, "exec hints": 3750, "exec inject": 0, "exec minimize": 13111, "exec retries": 0, "exec seeds": 2843, "exec smash": 21857, "exec total [base]": 34986, "exec total [new]": 81769, "exec triage": 2544, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 283, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 70, "max signal": 11894, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 6825, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1097, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 467, "reproducing": 0, "rpc recv": 2383718904, "rpc sent": 165832632, "signal": 10556, "smash jobs": 205, "triage jobs": 8, "vm output": 260353, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 01:46:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 8, "corpus": 1104, "corpus [files]": 9, "corpus [symbols]": 0, "cover overflows": 16, "coverage": 12046, "distributor delayed": 573, "distributor undelayed": 573, "distributor violated": 0, "exec candidate": 2260, "exec collide": 17512, "exec fuzz": 33149, "exec gen": 1671, "exec hints": 7471, "exec inject": 0, "exec minimize": 15209, "exec retries": 0, "exec seeds": 3318, "exec smash": 27539, "exec total [base]": 49235, "exec total [new]": 117779, "exec triage": 2923, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 12454, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7807, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1269, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 246, "reproducing": 0, "rpc recv": 3258140952, "rpc sent": 261290328, "signal": 11072, "smash jobs": 7, "triage jobs": 5, "vm output": 452740, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 01:51:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 12, "corpus": 1208, "corpus [files]": 9, "corpus [symbols]": 0, "cover overflows": 21, "coverage": 12405, "distributor delayed": 625, "distributor undelayed": 625, "distributor violated": 0, "exec candidate": 2260, "exec collide": 26517, "exec fuzz": 50726, "exec gen": 2582, "exec hints": 9275, "exec inject": 0, "exec minimize": 16696, "exec retries": 0, "exec seeds": 3628, "exec smash": 30197, "exec total [base]": 62570, "exec total [new]": 151805, "exec triage": 3197, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 19, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 7, "max signal": 12881, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8496, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1392, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 261, "reproducing": 0, "rpc recv": 4001881156, "rpc sent": 356126632, "signal": 11416, "smash jobs": 7, "triage jobs": 5, "vm output": 656464, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 01:56:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 21, "corpus": 1291, "corpus [files]": 9, "corpus [symbols]": 0, "cover overflows": 41, "coverage": 12659, "distributor delayed": 665, "distributor undelayed": 665, "distributor violated": 0, "exec candidate": 2260, "exec collide": 35919, "exec fuzz": 68721, "exec gen": 3597, "exec hints": 10757, "exec inject": 0, "exec minimize": 17821, "exec retries": 0, "exec seeds": 3882, "exec smash": 32296, "exec total [base]": 75827, "exec total [new]": 185366, "exec triage": 3384, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 11, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 13115, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8987, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1476, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 251, "reproducing": 0, "rpc recv": 4717845172, "rpc sent": 455045448, "signal": 11656, "smash jobs": 6, "triage jobs": 0, "vm output": 863921, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:01:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 24, "corpus": 1353, "corpus [files]": 9, "corpus [symbols]": 0, "cover overflows": 65, "coverage": 12873, "distributor delayed": 687, "distributor undelayed": 687, "distributor violated": 0, "exec candidate": 2260, "exec collide": 45442, "exec fuzz": 86736, "exec gen": 4527, "exec hints": 11594, "exec inject": 0, "exec minimize": 18766, "exec retries": 0, "exec seeds": 4067, "exec smash": 33815, "exec total [base]": 88642, "exec total [new]": 217479, "exec triage": 3545, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13338, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9427, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1551, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 281, "reproducing": 0, "rpc recv": 5372482096, "rpc sent": 554167696, "signal": 11869, "smash jobs": 7, "triage jobs": 2, "vm output": 1086803, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:03:07 fuzzer has reached the modified code (0 + 9 + 0), continuing fuzzing 2025/08/27 02:06:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 34, "corpus": 1450, "corpus [files]": 11, "corpus [symbols]": 0, "cover overflows": 81, "coverage": 13113, "distributor delayed": 727, "distributor undelayed": 727, "distributor violated": 0, "exec candidate": 2260, "exec collide": 54594, "exec fuzz": 104104, "exec gen": 5476, "exec hints": 11969, "exec inject": 0, "exec minimize": 20318, "exec retries": 0, "exec seeds": 4359, "exec smash": 36248, "exec total [base]": 101349, "exec total [new]": 249847, "exec triage": 3788, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 7, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13605, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10121, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1658, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 262, "reproducing": 0, "rpc recv": 6124449432, "rpc sent": 648857808, "signal": 12096, "smash jobs": 4, "triage jobs": 2, "vm output": 1284013, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:11:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 34, "corpus": 1506, "corpus [files]": 11, "corpus [symbols]": 0, "cover overflows": 107, "coverage": 13228, "distributor delayed": 750, "distributor undelayed": 750, "distributor violated": 0, "exec candidate": 2260, "exec collide": 64284, "exec fuzz": 122475, "exec gen": 6443, "exec hints": 12219, "exec inject": 0, "exec minimize": 21135, "exec retries": 0, "exec seeds": 4527, "exec smash": 37699, "exec total [base]": 114092, "exec total [new]": 281693, "exec triage": 3922, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 5, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13858, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10496, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1720, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 284, "reproducing": 0, "rpc recv": 6782479800, "rpc sent": 742809944, "signal": 12200, "smash jobs": 3, "triage jobs": 1, "vm output": 1495112, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:16:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 37, "corpus": 1550, "corpus [files]": 13, "corpus [symbols]": 0, "cover overflows": 121, "coverage": 13322, "distributor delayed": 771, "distributor undelayed": 771, "distributor violated": 0, "exec candidate": 2260, "exec collide": 73664, "exec fuzz": 140392, "exec gen": 7380, "exec hints": 12737, "exec inject": 0, "exec minimize": 21954, "exec retries": 0, "exec seeds": 4656, "exec smash": 38771, "exec total [base]": 126370, "exec total [new]": 312571, "exec triage": 4029, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 8, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13954, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10887, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1769, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 484, "reproducing": 0, "rpc recv": 7420410064, "rpc sent": 835570112, "signal": 12287, "smash jobs": 5, "triage jobs": 2, "vm output": 1698910, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:21:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 48, "corpus": 1618, "corpus [files]": 15, "corpus [symbols]": 0, "cover overflows": 168, "coverage": 13693, "distributor delayed": 802, "distributor undelayed": 802, "distributor violated": 0, "exec candidate": 2260, "exec collide": 82787, "exec fuzz": 157862, "exec gen": 8315, "exec hints": 13566, "exec inject": 0, "exec minimize": 23285, "exec retries": 0, "exec seeds": 4875, "exec smash": 40579, "exec total [base]": 138806, "exec total [new]": 344457, "exec triage": 4199, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 9, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 14325, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11545, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1847, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 287, "reproducing": 0, "rpc recv": 8132362312, "rpc sent": 927876032, "signal": 12596, "smash jobs": 3, "triage jobs": 2, "vm output": 1896822, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:26:02 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:26:02 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:26:02 start reproducing 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:26:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 51, "corpus": 1662, "corpus [files]": 15, "corpus [symbols]": 0, "cover overflows": 232, "coverage": 13793, "distributor delayed": 820, "distributor undelayed": 820, "distributor violated": 0, "exec candidate": 2260, "exec collide": 92429, "exec fuzz": 175478, "exec gen": 9258, "exec hints": 14589, "exec inject": 0, "exec minimize": 23937, "exec retries": 0, "exec seeds": 5007, "exec smash": 41669, "exec total [base]": 151081, "exec total [new]": 375647, "exec triage": 4293, "executor restarts [base]": 32, "executor restarts [new]": 51, "fault jobs": 0, "fuzzer jobs": 5, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 6, "hints jobs": 0, "max signal": 14449, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11849, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1892, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 315, "reproducing": 1, "rpc recv": 8759665792, "rpc sent": 1020814320, "signal": 12687, "smash jobs": 4, "triage jobs": 1, "vm output": 2076127, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/27 02:26:14 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:26:14 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:26:25 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:26:25 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:26:35 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:26:35 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:26:46 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:26:46 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:26:52 runner 4 connected 2025/08/27 02:26:57 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:26:57 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:27:04 runner 7 connected 2025/08/27 02:27:07 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = true] 2025/08/27 02:27:07 scheduled a reproduction of 'KASAN: slab-use-after-free Write in kvm_gmem_release' 2025/08/27 02:27:13 runner 2 connected 2025/08/27 02:27:24 runner 8 connected 2025/08/27 02:27:35 runner 6 connected 2025/08/27 02:27:46 runner 5 connected 2025/08/27 02:27:57 runner 3 connected 2025/08/27 02:28:18 base crash: KASAN: slab-use-after-free Write in kvm_gmem_release 2025/08/27 02:28:29 base crash: KASAN: slab-use-after-free Write in kvm_gmem_release 2025/08/27 02:29:15 runner 2 connected 2025/08/27 02:29:25 runner 3 connected 2025/08/27 02:31:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 51, "corpus": 1685, "corpus [files]": 15, "corpus [symbols]": 0, "cover overflows": 252, "coverage": 13855, "distributor delayed": 847, "distributor undelayed": 847, "distributor violated": 0, "exec candidate": 2260, "exec collide": 98600, "exec fuzz": 187130, "exec gen": 9897, "exec hints": 15252, "exec inject": 0, "exec minimize": 24344, "exec retries": 0, "exec seeds": 5076, "exec smash": 42259, "exec total [base]": 161667, "exec total [new]": 395908, "exec triage": 4360, "executor restarts [base]": 38, "executor restarts [new]": 72, "fault jobs": 0, "fuzzer jobs": 3, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 8, "hints jobs": 2, "max signal": 14525, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12043, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1920, "no exec duration": 20000000000, "no exec requests": 20, "pending": 6, "prog exec time": 268, "reproducing": 1, "rpc recv": 9561566160, "rpc sent": 1086444872, "signal": 12743, "smash jobs": 1, "triage jobs": 0, "vm output": 2397775, "vm restarts [base]": 6, "vm restarts [new]": 17 } 2025/08/27 02:32:52 runner 1 connected 2025/08/27 02:32:53 runner 9 connected 2025/08/27 02:32:59 runner 0 connected 2025/08/27 02:36:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 51, "corpus": 1708, "corpus [files]": 15, "corpus [symbols]": 0, "cover overflows": 280, "coverage": 13893, "distributor delayed": 859, "distributor undelayed": 859, "distributor violated": 0, "exec candidate": 2260, "exec collide": 106376, "exec fuzz": 201894, "exec gen": 10648, "exec hints": 15710, "exec inject": 0, "exec minimize": 24781, "exec retries": 0, "exec seeds": 5145, "exec smash": 42803, "exec total [base]": 172978, "exec total [new]": 420767, "exec triage": 4415, "executor restarts [base]": 44, "executor restarts [new]": 75, "fault jobs": 0, "fuzzer jobs": 6, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 8, "hints jobs": 1, "max signal": 14564, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12259, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1946, "no exec duration": 20000000000, "no exec requests": 20, "pending": 6, "prog exec time": 181, "reproducing": 1, "rpc recv": 10208045668, "rpc sent": 1163971944, "signal": 12779, "smash jobs": 3, "triage jobs": 2, "vm output": 2631411, "vm restarts [base]": 8, "vm restarts [new]": 18 } 2025/08/27 02:41:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 51, "corpus": 1740, "corpus [files]": 15, "corpus [symbols]": 0, "cover overflows": 332, "coverage": 13962, "distributor delayed": 874, "distributor undelayed": 874, "distributor violated": 0, "exec candidate": 2260, "exec collide": 114287, "exec fuzz": 216727, "exec gen": 11473, "exec hints": 15813, "exec inject": 0, "exec minimize": 25296, "exec retries": 0, "exec seeds": 5241, "exec smash": 43645, "exec total [base]": 185530, "exec total [new]": 445966, "exec triage": 4490, "executor restarts [base]": 44, "executor restarts [new]": 75, "fault jobs": 0, "fuzzer jobs": 3, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 8, "hints jobs": 0, "max signal": 14648, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12496, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1981, "no exec duration": 20000000000, "no exec requests": 20, "pending": 6, "prog exec time": 281, "reproducing": 1, "rpc recv": 10848330132, "rpc sent": 1245112024, "signal": 12850, "smash jobs": 1, "triage jobs": 2, "vm output": 2859712, "vm restarts [base]": 8, "vm restarts [new]": 18 } 2025/08/27 02:46:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 54, "corpus": 1766, "corpus [files]": 15, "corpus [symbols]": 0, "cover overflows": 396, "coverage": 14087, "distributor delayed": 889, "distributor undelayed": 889, "distributor violated": 0, "exec candidate": 2260, "exec collide": 121938, "exec fuzz": 231415, "exec gen": 12222, "exec hints": 16100, "exec inject": 0, "exec minimize": 25756, "exec retries": 0, "exec seeds": 5322, "exec smash": 44326, "exec total [base]": 197680, "exec total [new]": 470644, "exec triage": 4572, "executor restarts [base]": 44, "executor restarts [new]": 75, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 8, "hints jobs": 1, "max signal": 14783, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12702, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2014, "no exec duration": 20000000000, "no exec requests": 20, "pending": 6, "prog exec time": 280, "reproducing": 1, "rpc recv": 11475370900, "rpc sent": 1322596696, "signal": 12971, "smash jobs": 0, "triage jobs": 0, "vm output": 3055368, "vm restarts [base]": 8, "vm restarts [new]": 18 } 2025/08/27 02:49:09 repro finished 'KASAN: slab-use-after-free Write in kvm_gmem_release', repro=false crepro=false desc='' hub=false from_dashboard=false 2025/08/27 02:49:09 reproduction of "KASAN: slab-use-after-free Write in kvm_gmem_release" aborted: it's no longer needed 2025/08/27 02:49:09 failed repro for "KASAN: slab-use-after-free Write in kvm_gmem_release", err=%!s() 2025/08/27 02:49:09 reproduction of "KASAN: slab-use-after-free Write in kvm_gmem_release" aborted: it's no longer needed 2025/08/27 02:49:09 reproduction of "KASAN: slab-use-after-free Write in kvm_gmem_release" aborted: it's no longer needed 2025/08/27 02:49:09 reproduction of "KASAN: slab-use-after-free Write in kvm_gmem_release" aborted: it's no longer needed 2025/08/27 02:49:09 reproduction of "KASAN: slab-use-after-free Write in kvm_gmem_release" aborted: it's no longer needed 2025/08/27 02:49:09 reproduction of "KASAN: slab-use-after-free Write in kvm_gmem_release" aborted: it's no longer needed 2025/08/27 02:49:09 "KASAN: slab-use-after-free Write in kvm_gmem_release": saved crash log into 1756262949.crash.log 2025/08/27 02:49:09 "KASAN: slab-use-after-free Write in kvm_gmem_release": saved repro log into 1756262949.repro.log 2025/08/27 02:49:10 runner 0 connected 2025/08/27 02:50:06 runner 1 connected 2025/08/27 02:51:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 56, "corpus": 1793, "corpus [files]": 16, "corpus [symbols]": 0, "cover overflows": 434, "coverage": 14157, "distributor delayed": 909, "distributor undelayed": 909, "distributor violated": 0, "exec candidate": 2260, "exec collide": 130181, "exec fuzz": 246895, "exec gen": 12969, "exec hints": 16602, "exec inject": 0, "exec minimize": 26239, "exec retries": 0, "exec seeds": 5406, "exec smash": 44953, "exec total [base]": 209822, "exec total [new]": 496899, "exec triage": 4656, "executor restarts [base]": 44, "executor restarts [new]": 81, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 14867, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12927, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2052, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 301, "reproducing": 0, "rpc recv": 12139832376, "rpc sent": 1404177080, "signal": 13046, "smash jobs": 7, "triage jobs": 4, "vm output": 3242119, "vm restarts [base]": 8, "vm restarts [new]": 20 } 2025/08/27 02:56:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 56, "corpus": 1820, "corpus [files]": 17, "corpus [symbols]": 0, "cover overflows": 480, "coverage": 14262, "distributor delayed": 925, "distributor undelayed": 925, "distributor violated": 0, "exec candidate": 2260, "exec collide": 139800, "exec fuzz": 265100, "exec gen": 13884, "exec hints": 17066, "exec inject": 0, "exec minimize": 26632, "exec retries": 0, "exec seeds": 5490, "exec smash": 45700, "exec total [base]": 221922, "exec total [new]": 527400, "exec triage": 4729, "executor restarts [base]": 44, "executor restarts [new]": 81, "fault jobs": 0, "fuzzer jobs": 4, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14967, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 13098, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2083, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 291, "reproducing": 0, "rpc recv": 12758263648, "rpc sent": 1494622704, "signal": 13142, "smash jobs": 2, "triage jobs": 1, "vm output": 3422560, "vm restarts [base]": 8, "vm restarts [new]": 20 } 2025/08/27 03:01:00 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = false] 2025/08/27 03:01:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 57, "corpus": 1857, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 524, "coverage": 14537, "distributor delayed": 945, "distributor undelayed": 945, "distributor violated": 0, "exec candidate": 2260, "exec collide": 149435, "exec fuzz": 283629, "exec gen": 14892, "exec hints": 17146, "exec inject": 0, "exec minimize": 27432, "exec retries": 0, "exec seeds": 5601, "exec smash": 46651, "exec total [base]": 234410, "exec total [new]": 558606, "exec triage": 4825, "executor restarts [base]": 44, "executor restarts [new]": 81, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 0, "max signal": 15226, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 13479, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2124, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 273, "reproducing": 0, "rpc recv": 13410593272, "rpc sent": 1588304544, "signal": 13396, "smash jobs": 0, "triage jobs": 1, "vm output": 3661673, "vm restarts [base]": 8, "vm restarts [new]": 20 } 2025/08/27 03:01:56 runner 5 connected 2025/08/27 03:06:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 57, "corpus": 1871, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 568, "coverage": 14595, "distributor delayed": 950, "distributor undelayed": 950, "distributor violated": 0, "exec candidate": 2260, "exec collide": 159413, "exec fuzz": 302369, "exec gen": 15892, "exec hints": 17215, "exec inject": 0, "exec minimize": 27656, "exec retries": 0, "exec seeds": 5643, "exec smash": 47001, "exec total [base]": 246670, "exec total [new]": 589040, "exec triage": 4855, "executor restarts [base]": 44, "executor restarts [new]": 84, "fault jobs": 0, "fuzzer jobs": 0, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15257, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 13588, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2138, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 304, "reproducing": 0, "rpc recv": 14038339404, "rpc sent": 1679866312, "signal": 13425, "smash jobs": 0, "triage jobs": 0, "vm output": 3860786, "vm restarts [base]": 8, "vm restarts [new]": 21 } 2025/08/27 03:07:27 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = false] 2025/08/27 03:08:17 runner 7 connected 2025/08/27 03:10:56 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = false] 2025/08/27 03:11:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 57, "corpus": 1885, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 603, "coverage": 14643, "distributor delayed": 960, "distributor undelayed": 960, "distributor violated": 0, "exec candidate": 2260, "exec collide": 169042, "exec fuzz": 320771, "exec gen": 16884, "exec hints": 17227, "exec inject": 0, "exec minimize": 27921, "exec retries": 0, "exec seeds": 5685, "exec smash": 47351, "exec total [base]": 258936, "exec total [new]": 618775, "exec triage": 4900, "executor restarts [base]": 44, "executor restarts [new]": 87, "fault jobs": 0, "fuzzer jobs": 0, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 0, "max signal": 15310, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 13712, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2157, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 298, "reproducing": 0, "rpc recv": 14674458472, "rpc sent": 1772164760, "signal": 13467, "smash jobs": 0, "triage jobs": 0, "vm output": 4061548, "vm restarts [base]": 8, "vm restarts [new]": 22 } 2025/08/27 03:11:52 runner 4 connected 2025/08/27 03:16:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 57, "corpus": 1899, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 639, "coverage": 14659, "distributor delayed": 965, "distributor undelayed": 965, "distributor violated": 0, "exec candidate": 2260, "exec collide": 178936, "exec fuzz": 339792, "exec gen": 17914, "exec hints": 17283, "exec inject": 0, "exec minimize": 28127, "exec retries": 0, "exec seeds": 5727, "exec smash": 47701, "exec total [base]": 271061, "exec total [new]": 649419, "exec triage": 4940, "executor restarts [base]": 44, "executor restarts [new]": 90, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15388, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 13821, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2175, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 257, "reproducing": 0, "rpc recv": 15284878588, "rpc sent": 1866223736, "signal": 13483, "smash jobs": 0, "triage jobs": 1, "vm output": 4256829, "vm restarts [base]": 8, "vm restarts [new]": 23 } 2025/08/27 03:21:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 57, "corpus": 1920, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 684, "coverage": 14720, "distributor delayed": 976, "distributor undelayed": 976, "distributor violated": 0, "exec candidate": 2260, "exec collide": 188816, "exec fuzz": 358449, "exec gen": 18933, "exec hints": 17345, "exec inject": 0, "exec minimize": 28488, "exec retries": 0, "exec seeds": 5790, "exec smash": 48220, "exec total [base]": 283131, "exec total [new]": 680041, "exec triage": 5001, "executor restarts [base]": 44, "executor restarts [new]": 90, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15453, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 13980, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2201, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 294, "reproducing": 0, "rpc recv": 15887667700, "rpc sent": 1958706256, "signal": 13544, "smash jobs": 1, "triage jobs": 0, "vm output": 4450544, "vm restarts [base]": 8, "vm restarts [new]": 23 } 2025/08/27 03:26:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 59, "corpus": 1936, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 732, "coverage": 14784, "distributor delayed": 980, "distributor undelayed": 980, "distributor violated": 0, "exec candidate": 2260, "exec collide": 198797, "exec fuzz": 377248, "exec gen": 19946, "exec hints": 17351, "exec inject": 0, "exec minimize": 28760, "exec retries": 0, "exec seeds": 5838, "exec smash": 48612, "exec total [base]": 295257, "exec total [new]": 710593, "exec triage": 5042, "executor restarts [base]": 44, "executor restarts [new]": 90, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15517, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14112, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2219, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 306, "reproducing": 0, "rpc recv": 16483253356, "rpc sent": 2052848848, "signal": 13692, "smash jobs": 1, "triage jobs": 0, "vm output": 4642957, "vm restarts [base]": 8, "vm restarts [new]": 23 } 2025/08/27 03:28:09 runner 2 connected 2025/08/27 03:28:22 runner 8 connected 2025/08/27 03:28:24 runner 6 connected 2025/08/27 03:28:45 runner 3 connected 2025/08/27 03:30:11 runner 2 connected 2025/08/27 03:30:21 runner 3 connected 2025/08/27 03:31:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 59, "corpus": 1951, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 769, "coverage": 14831, "distributor delayed": 994, "distributor undelayed": 994, "distributor violated": 0, "exec candidate": 2260, "exec collide": 207665, "exec fuzz": 394671, "exec gen": 20849, "exec hints": 17383, "exec inject": 0, "exec minimize": 29091, "exec retries": 0, "exec seeds": 5883, "exec smash": 49001, "exec total [base]": 306143, "exec total [new]": 738649, "exec triage": 5097, "executor restarts [base]": 50, "executor restarts [new]": 102, "fault jobs": 0, "fuzzer jobs": 3, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15580, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14266, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2242, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 328, "reproducing": 0, "rpc recv": 17219891392, "rpc sent": 2137855184, "signal": 13738, "smash jobs": 0, "triage jobs": 3, "vm output": 4915067, "vm restarts [base]": 10, "vm restarts [new]": 27 } 2025/08/27 03:33:49 runner 9 connected 2025/08/27 03:33:50 runner 1 connected 2025/08/27 03:33:56 runner 0 connected 2025/08/27 03:36:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 60, "corpus": 1963, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 802, "coverage": 14859, "distributor delayed": 1001, "distributor undelayed": 1001, "distributor violated": 0, "exec candidate": 2260, "exec collide": 217131, "exec fuzz": 412594, "exec gen": 21746, "exec hints": 17416, "exec inject": 0, "exec minimize": 29345, "exec retries": 0, "exec seeds": 5919, "exec smash": 49301, "exec total [base]": 316228, "exec total [new]": 767590, "exec triage": 5128, "executor restarts [base]": 56, "executor restarts [new]": 105, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15623, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14372, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2255, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 298, "reproducing": 0, "rpc recv": 17831828696, "rpc sent": 2223158880, "signal": 13764, "smash jobs": 0, "triage jobs": 1, "vm output": 5137865, "vm restarts [base]": 12, "vm restarts [new]": 28 } 2025/08/27 03:41:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 65, "corpus": 1970, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 832, "coverage": 14875, "distributor delayed": 1006, "distributor undelayed": 1006, "distributor violated": 0, "exec candidate": 2260, "exec collide": 226785, "exec fuzz": 430638, "exec gen": 22680, "exec hints": 17424, "exec inject": 0, "exec minimize": 29556, "exec retries": 0, "exec seeds": 5940, "exec smash": 49473, "exec total [base]": 327612, "exec total [new]": 796659, "exec triage": 5152, "executor restarts [base]": 56, "executor restarts [new]": 105, "fault jobs": 0, "fuzzer jobs": 3, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15643, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14469, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2265, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 309, "reproducing": 0, "rpc recv": 18409527180, "rpc sent": 2312963728, "signal": 13779, "smash jobs": 1, "triage jobs": 2, "vm output": 5330554, "vm restarts [base]": 12, "vm restarts [new]": 28 } 2025/08/27 03:46:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 68, "corpus": 1977, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 895, "coverage": 14896, "distributor delayed": 1009, "distributor undelayed": 1009, "distributor violated": 0, "exec candidate": 2260, "exec collide": 236659, "exec fuzz": 449544, "exec gen": 23649, "exec hints": 17426, "exec inject": 0, "exec minimize": 29757, "exec retries": 0, "exec seeds": 5959, "exec smash": 49626, "exec total [base]": 339530, "exec total [new]": 826797, "exec triage": 5166, "executor restarts [base]": 56, "executor restarts [new]": 105, "fault jobs": 0, "fuzzer jobs": 2, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 15661, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14565, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2271, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 297, "reproducing": 0, "rpc recv": 18986364108, "rpc sent": 2404020856, "signal": 13803, "smash jobs": 1, "triage jobs": 0, "vm output": 5532919, "vm restarts [base]": 12, "vm restarts [new]": 28 } 2025/08/27 03:50:00 runner 0 connected 2025/08/27 03:50:55 runner 1 connected 2025/08/27 03:51:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 68, "corpus": 1983, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 953, "coverage": 14916, "distributor delayed": 1011, "distributor undelayed": 1011, "distributor violated": 0, "exec candidate": 2260, "exec collide": 246337, "exec fuzz": 467902, "exec gen": 24619, "exec hints": 17445, "exec inject": 0, "exec minimize": 29865, "exec retries": 0, "exec seeds": 5982, "exec smash": 49826, "exec total [base]": 351413, "exec total [new]": 856180, "exec triage": 5187, "executor restarts [base]": 56, "executor restarts [new]": 110, "fault jobs": 0, "fuzzer jobs": 0, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15685, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14613, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2280, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 281, "reproducing": 0, "rpc recv": 19635063936, "rpc sent": 2494385128, "signal": 13824, "smash jobs": 0, "triage jobs": 0, "vm output": 5769344, "vm restarts [base]": 12, "vm restarts [new]": 30 } 2025/08/27 03:52:59 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = false] 2025/08/27 03:53:56 runner 2 connected 2025/08/27 03:56:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 68, "corpus": 1992, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 999, "coverage": 14944, "distributor delayed": 1012, "distributor undelayed": 1012, "distributor violated": 0, "exec candidate": 2260, "exec collide": 255917, "exec fuzz": 486241, "exec gen": 25525, "exec hints": 17456, "exec inject": 0, "exec minimize": 30049, "exec retries": 0, "exec seeds": 6009, "exec smash": 50037, "exec total [base]": 363404, "exec total [new]": 885457, "exec triage": 5209, "executor restarts [base]": 56, "executor restarts [new]": 114, "fault jobs": 0, "fuzzer jobs": 4, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 15714, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14703, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2291, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 314, "reproducing": 0, "rpc recv": 20245073816, "rpc sent": 2584252528, "signal": 13851, "smash jobs": 1, "triage jobs": 2, "vm output": 6004471, "vm restarts [base]": 12, "vm restarts [new]": 31 } 2025/08/27 03:57:25 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = false] 2025/08/27 03:58:14 runner 4 connected 2025/08/27 03:59:36 base crash: KASAN: slab-use-after-free Write in kvm_gmem_release 2025/08/27 04:00:33 runner 1 connected 2025/08/27 04:01:06 patched crashed: KASAN: slab-use-after-free Write in kvm_gmem_release [need repro = false] 2025/08/27 04:01:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 76, "corpus": 2015, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 1051, "coverage": 14993, "distributor delayed": 1018, "distributor undelayed": 1018, "distributor violated": 0, "exec candidate": 2260, "exec collide": 265361, "exec fuzz": 504208, "exec gen": 26458, "exec hints": 17519, "exec inject": 0, "exec minimize": 30453, "exec retries": 0, "exec seeds": 6078, "exec smash": 50607, "exec total [base]": 374542, "exec total [new]": 914955, "exec triage": 5259, "executor restarts [base]": 59, "executor restarts [new]": 117, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 0, "max signal": 15766, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14880, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2314, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 291, "reproducing": 0, "rpc recv": 20890213244, "rpc sent": 2672546328, "signal": 13898, "smash jobs": 1, "triage jobs": 0, "vm output": 6236849, "vm restarts [base]": 13, "vm restarts [new]": 32 } 2025/08/27 04:02:04 runner 9 connected 2025/08/27 04:02:45 runner 5 connected 2025/08/27 04:06:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 80, "corpus": 2020, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 1098, "coverage": 15012, "distributor delayed": 1025, "distributor undelayed": 1025, "distributor violated": 0, "exec candidate": 2260, "exec collide": 274933, "exec fuzz": 522229, "exec gen": 27401, "exec hints": 17528, "exec inject": 0, "exec minimize": 30664, "exec retries": 0, "exec seeds": 6096, "exec smash": 50753, "exec total [base]": 386685, "exec total [new]": 943916, "exec triage": 5295, "executor restarts [base]": 59, "executor restarts [new]": 123, "fault jobs": 0, "fuzzer jobs": 2, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15802, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 14982, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2327, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 311, "reproducing": 0, "rpc recv": 21547438708, "rpc sent": 2761971968, "signal": 13920, "smash jobs": 1, "triage jobs": 1, "vm output": 6481816, "vm restarts [base]": 13, "vm restarts [new]": 34 } 2025/08/27 04:09:06 runner 7 connected 2025/08/27 04:11:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 83, "corpus": 2033, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 1162, "coverage": 15051, "distributor delayed": 1028, "distributor undelayed": 1028, "distributor violated": 0, "exec candidate": 2260, "exec collide": 284655, "exec fuzz": 540657, "exec gen": 28409, "exec hints": 17583, "exec inject": 0, "exec minimize": 30894, "exec retries": 0, "exec seeds": 6138, "exec smash": 51086, "exec total [base]": 398496, "exec total [new]": 973772, "exec triage": 5328, "executor restarts [base]": 59, "executor restarts [new]": 126, "fault jobs": 0, "fuzzer jobs": 3, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15839, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 15084, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2340, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 305, "reproducing": 0, "rpc recv": 22183644152, "rpc sent": 2852499328, "signal": 13959, "smash jobs": 3, "triage jobs": 0, "vm output": 6713606, "vm restarts [base]": 13, "vm restarts [new]": 35 } 2025/08/27 04:16:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 83, "corpus": 2040, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 1225, "coverage": 15066, "distributor delayed": 1030, "distributor undelayed": 1030, "distributor violated": 0, "exec candidate": 2260, "exec collide": 294640, "exec fuzz": 559887, "exec gen": 29439, "exec hints": 17625, "exec inject": 0, "exec minimize": 30981, "exec retries": 0, "exec seeds": 6159, "exec smash": 51301, "exec total [base]": 410484, "exec total [new]": 1004403, "exec triage": 5351, "executor restarts [base]": 59, "executor restarts [new]": 126, "fault jobs": 0, "fuzzer jobs": 0, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15857, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 15123, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2350, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 297, "reproducing": 0, "rpc recv": 22759099308, "rpc sent": 2946580656, "signal": 13974, "smash jobs": 0, "triage jobs": 0, "vm output": 6933476, "vm restarts [base]": 13, "vm restarts [new]": 35 } 2025/08/27 04:21:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 86, "corpus": 2049, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 1308, "coverage": 15086, "distributor delayed": 1036, "distributor undelayed": 1036, "distributor violated": 0, "exec candidate": 2260, "exec collide": 304408, "exec fuzz": 578471, "exec gen": 30454, "exec hints": 17652, "exec inject": 0, "exec minimize": 31200, "exec retries": 0, "exec seeds": 6186, "exec smash": 51526, "exec total [base]": 422322, "exec total [new]": 1034302, "exec triage": 5383, "executor restarts [base]": 59, "executor restarts [new]": 126, "fault jobs": 0, "fuzzer jobs": 1, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15882, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 15223, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2363, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 285, "reproducing": 0, "rpc recv": 23358891972, "rpc sent": 3040035880, "signal": 13993, "smash jobs": 0, "triage jobs": 1, "vm output": 7137483, "vm restarts [base]": 13, "vm restarts [new]": 35 } 2025/08/27 04:26:07 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 89, "corpus": 2056, "corpus [files]": 18, "corpus [symbols]": 0, "cover overflows": 1371, "coverage": 15101, "distributor delayed": 1041, "distributor undelayed": 1041, "distributor violated": 0, "exec candidate": 2260, "exec collide": 314335, "exec fuzz": 597161, "exec gen": 31533, "exec hints": 17703, "exec inject": 0, "exec minimize": 31317, "exec retries": 0, "exec seeds": 6207, "exec smash": 51701, "exec total [base]": 434162, "exec total [new]": 1064376, "exec triage": 5398, "executor restarts [base]": 59, "executor restarts [new]": 126, "fault jobs": 0, "fuzzer jobs": 0, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 15898, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 15273, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 2370, "no exec duration": 20000000000, "no exec requests": 20, "pending": 0, "prog exec time": 319, "reproducing": 0, "rpc recv": 23938300828, "rpc sent": 3134210728, "signal": 14008, "smash jobs": 0, "triage jobs": 0, "vm output": 7342403, "vm restarts [base]": 13, "vm restarts [new]": 35 } 2025/08/27 04:29:19 runner 8 connected 2025/08/27 04:29:20 runner 6 connected 2025/08/27 04:29:35 runner 3 connected 2025/08/27 04:31:03 bug reporting terminated 2025/08/27 04:31:03 status reporting terminated 2025/08/27 04:31:03 syz-diff (new): kernel context loop terminated 2025/08/27 04:31:11 syz-diff (base): kernel context loop terminated 2025/08/27 04:31:11 diff fuzzing terminated 2025/08/27 04:31:11 fuzzing is finished 2025/08/27 04:31:11 status at the end: Title On-Base On-Patched KASAN: slab-use-after-free Write in kvm_gmem_release 3 crashes 13 crashes