2025/08/06 18:54:33 extracted 302733 symbol hashes for base and 302733 for patched 2025/08/06 18:54:34 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/06 18:54:34 adding directly modified files to focus areas: ["arch/arm64/kernel/cpufeature.c" "arch/arm64/kvm/hyp/vhe/switch.c" "arch/arm64/kvm/sys_regs.c" "arch/arm64/tools/cpucaps"] 2025/08/06 18:54:35 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/06 18:55:32 runner 5 connected 2025/08/06 18:55:32 runner 1 connected 2025/08/06 18:55:32 runner 8 connected 2025/08/06 18:55:33 runner 9 connected 2025/08/06 18:55:33 runner 6 connected 2025/08/06 18:55:33 runner 3 connected 2025/08/06 18:55:33 runner 2 connected 2025/08/06 18:55:33 runner 4 connected 2025/08/06 18:55:33 runner 2 connected 2025/08/06 18:55:33 runner 0 connected 2025/08/06 18:55:33 runner 7 connected 2025/08/06 18:55:40 runner 3 connected 2025/08/06 18:55:40 initializing coverage information... 2025/08/06 18:55:40 runner 1 connected 2025/08/06 18:55:40 executor cover filter: 0 PCs 2025/08/06 18:55:40 runner 0 connected 2025/08/06 18:55:43 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/06 18:55:43 base: machine check complete 2025/08/06 18:55:45 discovered 7668 source files, 337507 symbols 2025/08/06 18:55:45 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/06 18:55:45 coverage filter: arch/arm64/kernel/cpufeature.c: [] 2025/08/06 18:55:45 coverage filter: arch/arm64/kvm/hyp/vhe/switch.c: [] 2025/08/06 18:55:45 coverage filter: arch/arm64/kvm/sys_regs.c: [] 2025/08/06 18:55:45 coverage filter: arch/arm64/tools/cpucaps: [] 2025/08/06 18:55:45 area "symbols": 15 PCs in the cover filter 2025/08/06 18:55:45 area "files": 0 PCs in the cover filter 2025/08/06 18:55:45 area "": 0 PCs in the cover filter 2025/08/06 18:55:45 executor cover filter: 0 PCs 2025/08/06 18:55:46 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/06 18:55:46 new: machine check complete 2025/08/06 18:55:49 new: adding 2034 seeds 2025/08/06 18:56:06 triaged 97.8% of the corpus 2025/08/06 18:56:06 starting bug reproductions 2025/08/06 18:56:06 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/06 18:56:36 triaged 100.0% of the corpus 2025/08/06 18:59:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 727, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 9674, "distributor delayed": 429, "distributor undelayed": 429, "distributor violated": 0, "exec candidate": 2034, "exec collide": 4844, "exec fuzz": 9305, "exec gen": 456, "exec hints": 1550, "exec inject": 0, "exec minimize": 9540, "exec retries": 0, "exec seeds": 2026, "exec smash": 10753, "exec total [base]": 22356, "exec total [new]": 48478, "exec triage": 1939, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 745, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 144, "max signal": 10080, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5232, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 825, "no exec duration": 19214000000, "no exec requests": 24, "pending": 0, "prog exec time": 200, "reproducing": 0, "rpc recv": 819696488, "rpc sent": 69622656, "signal": 9103, "smash jobs": 588, "triage jobs": 13, "vm output": 260065, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/06 19:04:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 13, "corpus": 1027, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 12050, "distributor delayed": 580, "distributor undelayed": 580, "distributor violated": 0, "exec candidate": 2034, "exec collide": 10254, "exec fuzz": 19557, "exec gen": 997, "exec hints": 4490, "exec inject": 0, "exec minimize": 14597, "exec retries": 0, "exec seeds": 3033, "exec smash": 23016, "exec total [base]": 38474, "exec total [new]": 86818, "exec triage": 2809, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 349, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 94, "max signal": 12605, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7653, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1195, "no exec duration": 19214000000, "no exec requests": 24, "pending": 0, "prog exec time": 306, "reproducing": 0, "rpc recv": 1215310348, "rpc sent": 162531584, "signal": 11377, "smash jobs": 243, "triage jobs": 12, "vm output": 452105, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/06 19:09:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 42, "corpus": 1220, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 12673, "distributor delayed": 680, "distributor undelayed": 680, "distributor violated": 0, "exec candidate": 2034, "exec collide": 16053, "exec fuzz": 30750, "exec gen": 1572, "exec hints": 8195, "exec inject": 0, "exec minimize": 18322, "exec retries": 0, "exec seeds": 3638, "exec smash": 30037, "exec total [base]": 52378, "exec total [new]": 120052, "exec triage": 3420, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 34, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 7, "max signal": 13262, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9422, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1443, "no exec duration": 19214000000, "no exec requests": 24, "pending": 0, "prog exec time": 324, "reproducing": 0, "rpc recv": 1567043496, "rpc sent": 245779544, "signal": 11990, "smash jobs": 19, "triage jobs": 8, "vm output": 640754, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/06 19:14:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 60, "corpus": 1336, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 26, "coverage": 13203, "distributor delayed": 725, "distributor undelayed": 725, "distributor violated": 0, "exec candidate": 2034, "exec collide": 23477, "exec fuzz": 44714, "exec gen": 2258, "exec hints": 9815, "exec inject": 0, "exec minimize": 20708, "exec retries": 0, "exec seeds": 3994, "exec smash": 33140, "exec total [base]": 64842, "exec total [new]": 149922, "exec triage": 3750, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 22, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13780, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10524, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1586, "no exec duration": 19214000000, "no exec requests": 24, "pending": 0, "prog exec time": 303, "reproducing": 0, "rpc recv": 1790605788, "rpc sent": 331113600, "signal": 12504, "smash jobs": 14, "triage jobs": 5, "vm output": 850607, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/06 19:19:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 74, "corpus": 1410, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 33, "coverage": 13341, "distributor delayed": 768, "distributor undelayed": 768, "distributor violated": 0, "exec candidate": 2034, "exec collide": 31466, "exec fuzz": 60377, "exec gen": 3057, "exec hints": 10123, "exec inject": 0, "exec minimize": 22024, "exec retries": 0, "exec seeds": 4218, "exec smash": 35110, "exec total [base]": 76497, "exec total [new]": 178408, "exec triage": 3969, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 7, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 13975, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11129, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1678, "no exec duration": 19214000000, "no exec requests": 24, "pending": 0, "prog exec time": 359, "reproducing": 0, "rpc recv": 1928171316, "rpc sent": 416028080, "signal": 12680, "smash jobs": 4, "triage jobs": 3, "vm output": 1010072, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/06 19:24:36 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 80, "corpus": 1495, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 42, "coverage": 13585, "distributor delayed": 817, "distributor undelayed": 817, "distributor violated": 0, "exec candidate": 2034, "exec collide": 39082, "exec fuzz": 74928, "exec gen": 3808, "exec hints": 10477, "exec inject": 0, "exec minimize": 23670, "exec retries": 0, "exec seeds": 4473, "exec smash": 37172, "exec total [base]": 87816, "exec total [new]": 205904, "exec triage": 4228, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 20, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 14258, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11899, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1785, "no exec duration": 19214000000, "no exec requests": 24, "pending": 0, "prog exec time": 330, "reproducing": 0, "rpc recv": 2083356236, "rpc sent": 500853312, "signal": 12902, "smash jobs": 8, "triage jobs": 10, "vm output": 1172504, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/06 19:26:36 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/06 19:26:36 syz-diff (base): kernel context loop terminated 2025/08/06 19:26:36 syz-diff (new): kernel context loop terminated 2025/08/06 19:26:36 diff fuzzing terminated 2025/08/06 19:26:36 bug reporting terminated 2025/08/06 19:26:36 status reporting terminated 2025/08/06 19:26:36 fuzzing is finished 2025/08/06 19:26:36 status at the end: Title On-Base On-Patched