2025/08/08 11:19:06 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/08 11:19:06 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/08 11:19:06 adding directly modified files to focus areas: ["arch/riscv/include/uapi/asm/kvm.h" "arch/riscv/kvm/vcpu_onereg.c" "tools/testing/selftests/kvm/riscv/get-reg-list.c"] 2025/08/08 11:19:07 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/08 11:19:58 runner 8 connected 2025/08/08 11:20:05 runner 7 connected 2025/08/08 11:20:05 runner 0 connected 2025/08/08 11:20:05 runner 6 connected 2025/08/08 11:20:05 runner 3 connected 2025/08/08 11:20:05 runner 3 connected 2025/08/08 11:20:05 runner 1 connected 2025/08/08 11:20:05 runner 9 connected 2025/08/08 11:20:05 runner 2 connected 2025/08/08 11:20:05 runner 2 connected 2025/08/08 11:20:06 runner 5 connected 2025/08/08 11:20:07 initializing coverage information... 2025/08/08 11:20:07 runner 0 connected 2025/08/08 11:20:07 runner 1 connected 2025/08/08 11:20:13 discovered 7697 source files, 338543 symbols 2025/08/08 11:20:14 executor cover filter: 0 PCs 2025/08/08 11:20:14 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/08 11:20:14 coverage filter: arch/riscv/include/uapi/asm/kvm.h: [] 2025/08/08 11:20:14 coverage filter: arch/riscv/kvm/vcpu_onereg.c: [] 2025/08/08 11:20:14 coverage filter: tools/testing/selftests/kvm/riscv/get-reg-list.c: [] 2025/08/08 11:20:14 area "symbols": 15 PCs in the cover filter 2025/08/08 11:20:14 area "files": 0 PCs in the cover filter 2025/08/08 11:20:14 area "": 0 PCs in the cover filter 2025/08/08 11:20:14 executor cover filter: 0 PCs 2025/08/08 11:20:16 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/08 11:20:16 base: machine check complete 2025/08/08 11:20:16 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/08 11:20:16 new: machine check complete 2025/08/08 11:20:19 new: adding 1969 seeds 2025/08/08 11:20:38 triaged 98.0% of the corpus 2025/08/08 11:20:38 starting bug reproductions 2025/08/08 11:20:38 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/08 11:21:08 triaged 100.0% of the corpus 2025/08/08 11:24:08 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 3, "corpus": 732, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 10626, "distributor delayed": 411, "distributor undelayed": 411, "distributor violated": 0, "exec candidate": 1969, "exec collide": 4140, "exec fuzz": 7690, "exec gen": 443, "exec hints": 1177, "exec inject": 0, "exec minimize": 9253, "exec retries": 0, "exec seeds": 2029, "exec smash": 8862, "exec total [base]": 22940, "exec total [new]": 43381, "exec triage": 1963, "executor restarts": 48, "fault jobs": 0, "fuzzer jobs": 797, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 163, "max signal": 10947, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5039, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 838, "no exec duration": 17002000000, "no exec requests": 19, "pending": 0, "prog exec time": 221, "reproducing": 0, "rpc recv": 835677160, "rpc sent": 63900768, "signal": 10216, "smash jobs": 625, "triage jobs": 9, "vm output": 176879, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/08 11:29:08 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 25, "corpus": 998, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 3, "coverage": 11966, "distributor delayed": 531, "distributor undelayed": 531, "distributor violated": 0, "exec candidate": 1969, "exec collide": 8653, "exec fuzz": 16231, "exec gen": 944, "exec hints": 3028, "exec inject": 0, "exec minimize": 13651, "exec retries": 0, "exec seeds": 2909, "exec smash": 19685, "exec total [base]": 38112, "exec total [new]": 75611, "exec triage": 2686, "executor restarts": 48, "fault jobs": 0, "fuzzer jobs": 595, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 137, "max signal": 12351, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7026, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1146, "no exec duration": 17002000000, "no exec requests": 19, "pending": 0, "prog exec time": 269, "reproducing": 0, "rpc recv": 1224032348, "rpc sent": 148270520, "signal": 11534, "smash jobs": 451, "triage jobs": 7, "vm output": 258452, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/08 11:29:14 new: boot error: can't ssh into the instance 2025/08/08 11:30:11 runner 4 connected 2025/08/08 11:34:08 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 33, "corpus": 1186, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 7, "coverage": 12582, "distributor delayed": 633, "distributor undelayed": 633, "distributor violated": 0, "exec candidate": 1969, "exec collide": 13442, "exec fuzz": 25148, "exec gen": 1402, "exec hints": 6624, "exec inject": 0, "exec minimize": 16656, "exec retries": 0, "exec seeds": 3549, "exec smash": 29498, "exec total [base]": 51590, "exec total [new]": 107386, "exec triage": 3241, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 29, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 13, "max signal": 13075, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8387, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1381, "no exec duration": 17002000000, "no exec requests": 19, "pending": 0, "prog exec time": 289, "reproducing": 0, "rpc recv": 1540958568, "rpc sent": 233736128, "signal": 12093, "smash jobs": 13, "triage jobs": 3, "vm output": 400539, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/08 11:39:08 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 45, "corpus": 1299, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 10, "coverage": 13048, "distributor delayed": 690, "distributor undelayed": 690, "distributor violated": 0, "exec candidate": 1969, "exec collide": 20711, "exec fuzz": 38835, "exec gen": 2180, "exec hints": 8754, "exec inject": 0, "exec minimize": 18803, "exec retries": 0, "exec seeds": 3886, "exec smash": 32301, "exec total [base]": 63787, "exec total [new]": 136839, "exec triage": 3541, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 19, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13596, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9353, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1513, "no exec duration": 17002000000, "no exec requests": 19, "pending": 0, "prog exec time": 303, "reproducing": 0, "rpc recv": 1731478116, "rpc sent": 319079984, "signal": 12562, "smash jobs": 8, "triage jobs": 7, "vm output": 554794, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/08 11:44:08 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 51, "corpus": 1421, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 14, "coverage": 13392, "distributor delayed": 745, "distributor undelayed": 745, "distributor violated": 0, "exec candidate": 1969, "exec collide": 28262, "exec fuzz": 53268, "exec gen": 2957, "exec hints": 9449, "exec inject": 0, "exec minimize": 20675, "exec retries": 0, "exec seeds": 4266, "exec smash": 35509, "exec total [base]": 75914, "exec total [new]": 166066, "exec triage": 3853, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 14, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13948, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10198, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1652, "no exec duration": 17002000000, "no exec requests": 19, "pending": 0, "prog exec time": 409, "reproducing": 0, "rpc recv": 1903686556, "rpc sent": 404618936, "signal": 12885, "smash jobs": 5, "triage jobs": 8, "vm output": 684404, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/08 11:49:08 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 52, "corpus": 1501, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 17, "coverage": 13532, "distributor delayed": 770, "distributor undelayed": 770, "distributor violated": 0, "exec candidate": 1969, "exec collide": 36144, "exec fuzz": 68465, "exec gen": 3774, "exec hints": 10066, "exec inject": 0, "exec minimize": 21982, "exec retries": 0, "exec seeds": 4501, "exec smash": 37423, "exec total [base]": 87343, "exec total [new]": 194216, "exec triage": 4033, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 18, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 14086, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10837, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1734, "no exec duration": 17002000000, "no exec requests": 19, "pending": 0, "prog exec time": 291, "reproducing": 0, "rpc recv": 2005570660, "rpc sent": 488042232, "signal": 13020, "smash jobs": 10, "triage jobs": 3, "vm output": 818392, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/08 11:51:08 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/08 11:51:09 syz-diff (base): kernel context loop terminated 2025/08/08 11:51:09 syz-diff (new): kernel context loop terminated 2025/08/08 11:51:09 diff fuzzing terminated 2025/08/08 11:51:09 bug reporting terminated 2025/08/08 11:51:09 status reporting terminated 2025/08/08 11:51:09 fuzzing is finished 2025/08/08 11:51:09 status at the end: Title On-Base On-Patched