2025/07/31 17:20:34 extracted 302733 symbol hashes for base and 302733 for patched 2025/07/31 17:20:34 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/07/31 17:20:34 failed to grep for the header usages: failed to run ["/usr/bin/grep" "-rl" "--include" "*.c" ""]: exit status 1 2025/07/31 17:20:34 adding directly modified files to focus areas: ["drivers/crypto/ccp/sev-dev.c" "drivers/iommu/amd/amd_iommu_types.h" "drivers/iommu/amd/init.c" "drivers/iommu/amd/iommu.c"] 2025/07/31 17:20:35 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/07/31 17:21:33 runner 0 connected 2025/07/31 17:21:33 runner 8 connected 2025/07/31 17:21:33 runner 9 connected 2025/07/31 17:21:33 runner 1 connected 2025/07/31 17:21:33 runner 3 connected 2025/07/31 17:21:34 runner 5 connected 2025/07/31 17:21:34 runner 1 connected 2025/07/31 17:21:34 runner 7 connected 2025/07/31 17:21:34 runner 0 connected 2025/07/31 17:21:34 runner 2 connected 2025/07/31 17:21:35 runner 3 connected 2025/07/31 17:21:39 executor cover filter: 0 PCs 2025/07/31 17:21:40 initializing coverage information... 2025/07/31 17:21:42 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/07/31 17:21:42 base: machine check complete 2025/07/31 17:21:44 discovered 7668 source files, 337507 symbols 2025/07/31 17:21:45 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/07/31 17:21:45 coverage filter: drivers/crypto/ccp/sev-dev.c: [] 2025/07/31 17:21:45 coverage filter: drivers/iommu/amd/amd_iommu_types.h: [] 2025/07/31 17:21:45 coverage filter: drivers/iommu/amd/init.c: [] 2025/07/31 17:21:45 coverage filter: drivers/iommu/amd/iommu.c: [] 2025/07/31 17:21:45 area "symbols": 15 PCs in the cover filter 2025/07/31 17:21:45 area "files": 0 PCs in the cover filter 2025/07/31 17:21:45 area "": 0 PCs in the cover filter 2025/07/31 17:21:45 executor cover filter: 0 PCs 2025/07/31 17:21:46 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/07/31 17:21:46 new: machine check complete 2025/07/31 17:21:49 new: adding 2126 seeds 2025/07/31 17:22:06 triaged 97.4% of the corpus 2025/07/31 17:22:06 starting bug reproductions 2025/07/31 17:22:06 starting bug reproductions (max 10 VMs, 7 repros) 2025/07/31 17:22:36 triaged 100.0% of the corpus 2025/07/31 17:25:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 696, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 10730, "distributor delayed": 427, "distributor undelayed": 427, "distributor violated": 0, "exec candidate": 2126, "exec collide": 3151, "exec fuzz": 6321, "exec gen": 331, "exec hints": 935, "exec inject": 0, "exec minimize": 9875, "exec retries": 0, "exec seeds": 1911, "exec smash": 6784, "exec total [base]": 17700, "exec total [new]": 39699, "exec triage": 1939, "executor restarts": 46, "fault jobs": 0, "fuzzer jobs": 884, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 8, "hints jobs": 180, "max signal": 11189, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5281, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 813, "no exec duration": 18039000000, "no exec requests": 28, "pending": 0, "prog exec time": 213, "reproducing": 0, "rpc recv": 793901624, "rpc sent": 52158536, "signal": 10398, "smash jobs": 688, "triage jobs": 16, "vm output": 180883, "vm restarts [base]": 3, "vm restarts [new]": 8 } 2025/07/31 17:30:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 960, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12173, "distributor delayed": 570, "distributor undelayed": 570, "distributor violated": 0, "exec candidate": 2126, "exec collide": 7283, "exec fuzz": 14186, "exec gen": 756, "exec hints": 2504, "exec inject": 0, "exec minimize": 14560, "exec retries": 0, "exec seeds": 2796, "exec smash": 16745, "exec total [base]": 29663, "exec total [new]": 69922, "exec triage": 2639, "executor restarts": 46, "fault jobs": 0, "fuzzer jobs": 848, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 8, "hints jobs": 159, "max signal": 12617, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7477, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1116, "no exec duration": 18039000000, "no exec requests": 28, "pending": 0, "prog exec time": 186, "reproducing": 0, "rpc recv": 1193004288, "rpc sent": 119322264, "signal": 11675, "smash jobs": 678, "triage jobs": 11, "vm output": 380363, "vm restarts [base]": 3, "vm restarts [new]": 8 } 2025/07/31 17:31:38 runner 4 connected 2025/07/31 17:31:39 runner 2 connected 2025/07/31 17:31:40 runner 6 connected 2025/07/31 17:35:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1139, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12698, "distributor delayed": 661, "distributor undelayed": 661, "distributor violated": 0, "exec candidate": 2126, "exec collide": 11553, "exec fuzz": 22151, "exec gen": 1183, "exec hints": 4675, "exec inject": 0, "exec minimize": 17892, "exec retries": 0, "exec seeds": 3385, "exec smash": 26652, "exec total [base]": 41718, "exec total [new]": 99106, "exec triage": 3158, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 247, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 70, "max signal": 13127, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9035, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1334, "no exec duration": 18039000000, "no exec requests": 28, "pending": 0, "prog exec time": 330, "reproducing": 0, "rpc recv": 1598331708, "rpc sent": 194180296, "signal": 12178, "smash jobs": 167, "triage jobs": 10, "vm output": 652716, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 17:40:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1276, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12988, "distributor delayed": 717, "distributor undelayed": 717, "distributor violated": 0, "exec candidate": 2126, "exec collide": 17714, "exec fuzz": 34047, "exec gen": 1815, "exec hints": 7315, "exec inject": 0, "exec minimize": 20044, "exec retries": 0, "exec seeds": 3831, "exec smash": 31871, "exec total [base]": 53933, "exec total [new]": 128605, "exec triage": 3511, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13482, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10037, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1489, "no exec duration": 18039000000, "no exec requests": 28, "pending": 0, "prog exec time": 333, "reproducing": 0, "rpc recv": 1786890124, "rpc sent": 267981048, "signal": 12455, "smash jobs": 6, "triage jobs": 2, "vm output": 935755, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 17:45:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1362, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13254, "distributor delayed": 760, "distributor undelayed": 760, "distributor violated": 0, "exec candidate": 2126, "exec collide": 25061, "exec fuzz": 48128, "exec gen": 2558, "exec hints": 8222, "exec inject": 0, "exec minimize": 21736, "exec retries": 0, "exec seeds": 4095, "exec smash": 34018, "exec total [base]": 65355, "exec total [new]": 156021, "exec triage": 3745, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 19, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13819, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10864, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1590, "no exec duration": 18039000000, "no exec requests": 28, "pending": 0, "prog exec time": 291, "reproducing": 0, "rpc recv": 1921396460, "rpc sent": 344157848, "signal": 12689, "smash jobs": 9, "triage jobs": 6, "vm output": 1186233, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 17:50:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1425, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13459, "distributor delayed": 789, "distributor undelayed": 789, "distributor violated": 0, "exec candidate": 2126, "exec collide": 32619, "exec fuzz": 62416, "exec gen": 3294, "exec hints": 9076, "exec inject": 0, "exec minimize": 22878, "exec retries": 0, "exec seeds": 4281, "exec smash": 35605, "exec total [base]": 76137, "exec total [new]": 182563, "exec triage": 3938, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 14038, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11432, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1673, "no exec duration": 18039000000, "no exec requests": 28, "pending": 0, "prog exec time": 321, "reproducing": 0, "rpc recv": 2036023648, "rpc sent": 420589024, "signal": 12874, "smash jobs": 8, "triage jobs": 4, "vm output": 1480082, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 17:52:36 fuzzer has not reached the modified code in 30m0s, aborting 2025/07/31 17:52:37 syz-diff (base): kernel context loop terminated 2025/07/31 17:52:37 syz-diff (new): kernel context loop terminated 2025/07/31 17:52:37 diff fuzzing terminated 2025/07/31 17:52:37 bug reporting terminated 2025/07/31 17:52:37 status reporting terminated 2025/07/31 17:52:37 fuzzing is finished 2025/07/31 17:52:37 status at the end: Title On-Base On-Patched