2025/08/18 06:28:14 extracted 303751 symbol hashes for base and 303751 for patched 2025/08/18 06:28:14 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/18 06:28:14 adding directly modified files to focus areas: ["arch/riscv/kvm/vmid.c"] 2025/08/18 06:28:16 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/18 06:29:13 runner 3 connected 2025/08/18 06:29:13 runner 2 connected 2025/08/18 06:29:13 runner 4 connected 2025/08/18 06:29:13 runner 0 connected 2025/08/18 06:29:13 runner 9 connected 2025/08/18 06:29:13 runner 1 connected 2025/08/18 06:29:13 runner 7 connected 2025/08/18 06:29:13 runner 6 connected 2025/08/18 06:29:13 runner 0 connected 2025/08/18 06:29:13 runner 1 connected 2025/08/18 06:29:13 runner 8 connected 2025/08/18 06:29:14 runner 5 connected 2025/08/18 06:29:14 runner 3 connected 2025/08/18 06:29:20 executor cover filter: 0 PCs 2025/08/18 06:29:20 initializing coverage information... 2025/08/18 06:29:21 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/18 06:29:21 base: machine check complete 2025/08/18 06:29:24 discovered 7699 source files, 338620 symbols 2025/08/18 06:29:24 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/18 06:29:24 coverage filter: arch/riscv/kvm/vmid.c: [] 2025/08/18 06:29:24 area "symbols": 15 PCs in the cover filter 2025/08/18 06:29:24 area "files": 0 PCs in the cover filter 2025/08/18 06:29:24 area "": 0 PCs in the cover filter 2025/08/18 06:29:24 executor cover filter: 0 PCs 2025/08/18 06:29:25 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/18 06:29:25 new: machine check complete 2025/08/18 06:29:28 new: adding 2289 seeds 2025/08/18 06:29:47 triaged 99.6% of the corpus 2025/08/18 06:29:47 starting bug reproductions 2025/08/18 06:29:47 triaged 99.6% of the corpus 2025/08/18 06:29:47 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/18 06:33:17 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 756, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 9844, "distributor delayed": 441, "distributor undelayed": 441, "distributor violated": 0, "exec candidate": 2289, "exec collide": 4978, "exec fuzz": 9249, "exec gen": 484, "exec hints": 1486, "exec inject": 0, "exec minimize": 9466, "exec retries": 0, "exec seeds": 2176, "exec smash": 10755, "exec total [base]": 17310, "exec total [new]": 49721, "exec triage": 2018, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 853, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 10, "hints jobs": 152, "max signal": 10233, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5042, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 868, "no exec duration": 20083000000, "no exec requests": 37, "pending": 0, "prog exec time": 230, "reproducing": 0, "rpc recv": 822024204, "rpc sent": 69052144, "signal": 9357, "smash jobs": 693, "triage jobs": 8, "vm output": 265683, "vm restarts [base]": 3, "vm restarts [new]": 10 } 2025/08/18 06:38:17 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 22, "corpus": 1084, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 4, "coverage": 12083, "distributor delayed": 594, "distributor undelayed": 594, "distributor violated": 0, "exec candidate": 2289, "exec collide": 10817, "exec fuzz": 20004, "exec gen": 1042, "exec hints": 4349, "exec inject": 0, "exec minimize": 15073, "exec retries": 0, "exec seeds": 3204, "exec smash": 24016, "exec total [base]": 29980, "exec total [new]": 90520, "exec triage": 2906, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 390, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 10, "hints jobs": 104, "max signal": 12529, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7700, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1256, "no exec duration": 20083000000, "no exec requests": 37, "pending": 0, "prog exec time": 238, "reproducing": 0, "rpc recv": 1230942588, "rpc sent": 158373928, "signal": 11148, "smash jobs": 275, "triage jobs": 11, "vm output": 654082, "vm restarts [base]": 3, "vm restarts [new]": 10 } 2025/08/18 06:38:22 base: boot error: can't ssh into the instance 2025/08/18 06:43:17 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 61, "corpus": 1325, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 40, "coverage": 12956, "distributor delayed": 704, "distributor undelayed": 704, "distributor violated": 0, "exec candidate": 2289, "exec collide": 16536, "exec fuzz": 30769, "exec gen": 1581, "exec hints": 8506, "exec inject": 0, "exec minimize": 19060, "exec retries": 0, "exec seeds": 3988, "exec smash": 33162, "exec total [base]": 40966, "exec total [new]": 126246, "exec triage": 3536, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 24, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13498, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9417, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1530, "no exec duration": 20083000000, "no exec requests": 37, "pending": 0, "prog exec time": 283, "reproducing": 0, "rpc recv": 1588843264, "rpc sent": 244166208, "signal": 12418, "smash jobs": 8, "triage jobs": 13, "vm output": 1025211, "vm restarts [base]": 3, "vm restarts [new]": 10 } 2025/08/18 06:48:17 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 63, "corpus": 1458, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 54, "coverage": 13362, "distributor delayed": 760, "distributor undelayed": 760, "distributor violated": 0, "exec candidate": 2289, "exec collide": 24413, "exec fuzz": 45963, "exec gen": 2376, "exec hints": 9345, "exec inject": 0, "exec minimize": 21664, "exec retries": 0, "exec seeds": 4387, "exec smash": 36403, "exec total [base]": 50537, "exec total [new]": 157558, "exec triage": 3901, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 21, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13885, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10611, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1684, "no exec duration": 20083000000, "no exec requests": 37, "pending": 0, "prog exec time": 271, "reproducing": 0, "rpc recv": 1819510000, "rpc sent": 330173896, "signal": 12824, "smash jobs": 13, "triage jobs": 4, "vm output": 1364775, "vm restarts [base]": 3, "vm restarts [new]": 10 } 2025/08/18 06:48:28 base: boot error: can't ssh into the instance 2025/08/18 06:49:17 runner 2 connected 2025/08/18 06:53:17 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 73, "corpus": 1545, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 69, "coverage": 13878, "distributor delayed": 806, "distributor undelayed": 806, "distributor violated": 0, "exec candidate": 2289, "exec collide": 32871, "exec fuzz": 61890, "exec gen": 3186, "exec hints": 10003, "exec inject": 0, "exec minimize": 23159, "exec retries": 0, "exec seeds": 4659, "exec smash": 38806, "exec total [base]": 62159, "exec total [new]": 187836, "exec triage": 4152, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 14404, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11293, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1791, "no exec duration": 20083000000, "no exec requests": 37, "pending": 0, "prog exec time": 285, "reproducing": 0, "rpc recv": 1992092532, "rpc sent": 424868392, "signal": 13334, "smash jobs": 2, "triage jobs": 3, "vm output": 1703964, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 06:58:17 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 75, "corpus": 1607, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 80, "coverage": 14035, "distributor delayed": 840, "distributor undelayed": 840, "distributor violated": 0, "exec candidate": 2289, "exec collide": 41926, "exec fuzz": 78960, "exec gen": 4138, "exec hints": 10227, "exec inject": 0, "exec minimize": 24061, "exec retries": 0, "exec seeds": 4845, "exec smash": 40302, "exec total [base]": 74296, "exec total [new]": 217876, "exec triage": 4309, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 8, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14561, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11706, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1861, "no exec duration": 20083000000, "no exec requests": 37, "pending": 0, "prog exec time": 306, "reproducing": 0, "rpc recv": 2092364568, "rpc sent": 520601424, "signal": 13481, "smash jobs": 4, "triage jobs": 3, "vm output": 2049432, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/18 06:59:47 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/18 06:59:47 syz-diff (base): kernel context loop terminated 2025/08/18 06:59:47 syz-diff (new): kernel context loop terminated 2025/08/18 06:59:47 diff fuzzing terminated 2025/08/18 06:59:47 status reporting terminated 2025/08/18 06:59:47 bug reporting terminated 2025/08/18 06:59:47 fuzzing is finished 2025/08/18 06:59:47 status at the end: Title On-Base On-Patched