2025/08/07 21:01:02 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/07 21:01:02 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/07 21:01:02 adding directly modified files to focus areas: ["tools/testing/selftests/kvm/Makefile.kvm" "tools/testing/selftests/kvm/include/kvm_util.h" "tools/testing/selftests/kvm/include/x86/kvm_util_arch.h" "tools/testing/selftests/kvm/include/x86/processor.h" "tools/testing/selftests/kvm/include/x86/tdx/td_boot.h" "tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h" "tools/testing/selftests/kvm/include/x86/tdx/tdcall.h" "tools/testing/selftests/kvm/include/x86/tdx/tdx.h" "tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h" "tools/testing/selftests/kvm/include/x86/tdx/test_util.h" "tools/testing/selftests/kvm/lib/kvm_util.c" "tools/testing/selftests/kvm/lib/x86/processor.c" "tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S" "tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S" "tools/testing/selftests/kvm/lib/x86/tdx/tdx.c" "tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c" "tools/testing/selftests/kvm/lib/x86/tdx/test_util.c" "tools/testing/selftests/kvm/x86/tdx_shared_mem_test.c" "tools/testing/selftests/kvm/x86/tdx_upm_test.c" "tools/testing/selftests/kvm/x86/tdx_vm_test.c"] 2025/08/07 21:01:03 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/07 21:02:02 runner 3 connected 2025/08/07 21:02:02 runner 4 connected 2025/08/07 21:02:02 runner 1 connected 2025/08/07 21:02:02 runner 0 connected 2025/08/07 21:02:02 runner 7 connected 2025/08/07 21:02:02 runner 1 connected 2025/08/07 21:02:02 runner 2 connected 2025/08/07 21:02:02 runner 5 connected 2025/08/07 21:02:02 runner 8 connected 2025/08/07 21:02:03 runner 3 connected 2025/08/07 21:02:03 runner 0 connected 2025/08/07 21:02:03 runner 6 connected 2025/08/07 21:02:08 executor cover filter: 0 PCs 2025/08/07 21:02:09 initializing coverage information... 2025/08/07 21:02:11 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/07 21:02:11 base: machine check complete 2025/08/07 21:02:15 discovered 7697 source files, 338543 symbols 2025/08/07 21:02:15 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/Makefile.kvm: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/kvm_util.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/kvm_util_arch.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/processor.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/tdx/td_boot.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/tdx/tdcall.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/tdx/tdx.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/include/x86/tdx/test_util.h: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/kvm_util.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/x86/processor.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/x86/tdx/tdx.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/lib/x86/tdx/test_util.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/x86/tdx_shared_mem_test.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/x86/tdx_upm_test.c: [] 2025/08/07 21:02:15 coverage filter: tools/testing/selftests/kvm/x86/tdx_vm_test.c: [] 2025/08/07 21:02:15 area "symbols": 15 PCs in the cover filter 2025/08/07 21:02:15 area "files": 0 PCs in the cover filter 2025/08/07 21:02:15 area "": 0 PCs in the cover filter 2025/08/07 21:02:15 executor cover filter: 0 PCs 2025/08/07 21:02:16 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/07 21:02:16 new: machine check complete 2025/08/07 21:02:20 new: adding 1969 seeds 2025/08/07 21:02:35 triaged 97.4% of the corpus 2025/08/07 21:02:35 starting bug reproductions 2025/08/07 21:02:35 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/07 21:03:05 triaged 100.0% of the corpus 2025/08/07 21:06:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 6, "corpus": 733, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 10057, "distributor delayed": 418, "distributor undelayed": 418, "distributor violated": 0, "exec candidate": 1969, "exec collide": 3604, "exec fuzz": 6955, "exec gen": 374, "exec hints": 1267, "exec inject": 0, "exec minimize": 10198, "exec retries": 0, "exec seeds": 2051, "exec smash": 7414, "exec total [base]": 16683, "exec total [new]": 41620, "exec triage": 1937, "executor restarts": 47, "fault jobs": 0, "fuzzer jobs": 922, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 9, "hints jobs": 202, "max signal": 10468, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5383, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 828, "no exec duration": 18060000000, "no exec requests": 24, "pending": 0, "prog exec time": 216, "reproducing": 0, "rpc recv": 815255264, "rpc sent": 56851160, "signal": 9650, "smash jobs": 710, "triage jobs": 10, "vm output": 189852, "vm restarts [base]": 3, "vm restarts [new]": 9 } 2025/08/07 21:11:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 36, "corpus": 967, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 4, "coverage": 12070, "distributor delayed": 552, "distributor undelayed": 552, "distributor violated": 0, "exec candidate": 1969, "exec collide": 8059, "exec fuzz": 15472, "exec gen": 808, "exec hints": 3200, "exec inject": 0, "exec minimize": 14369, "exec retries": 0, "exec seeds": 2819, "exec smash": 18123, "exec total [base]": 28011, "exec total [new]": 73289, "exec triage": 2619, "executor restarts": 47, "fault jobs": 0, "fuzzer jobs": 814, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 9, "hints jobs": 172, "max signal": 12527, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7340, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1123, "no exec duration": 18060000000, "no exec requests": 24, "pending": 0, "prog exec time": 254, "reproducing": 0, "rpc recv": 1140696316, "rpc sent": 131192544, "signal": 11586, "smash jobs": 630, "triage jobs": 12, "vm output": 324693, "vm restarts [base]": 3, "vm restarts [new]": 9 } 2025/08/07 21:11:11 new: boot error: can't ssh into the instance 2025/08/07 21:11:11 base: boot error: can't ssh into the instance 2025/08/07 21:12:00 runner 2 connected 2025/08/07 21:12:00 runner 9 connected 2025/08/07 21:16:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 47, "corpus": 1157, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 19, "coverage": 12638, "distributor delayed": 651, "distributor undelayed": 651, "distributor violated": 0, "exec candidate": 1969, "exec collide": 12655, "exec fuzz": 23980, "exec gen": 1257, "exec hints": 5878, "exec inject": 0, "exec minimize": 17650, "exec retries": 0, "exec seeds": 3472, "exec smash": 28343, "exec total [base]": 40288, "exec total [new]": 104199, "exec triage": 3141, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 108, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 25, "max signal": 13126, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8894, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1345, "no exec duration": 18060000000, "no exec requests": 24, "pending": 0, "prog exec time": 281, "reproducing": 0, "rpc recv": 1473126756, "rpc sent": 206823120, "signal": 12098, "smash jobs": 72, "triage jobs": 11, "vm output": 587869, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 21:21:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 56, "corpus": 1270, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 29, "coverage": 13136, "distributor delayed": 699, "distributor undelayed": 699, "distributor violated": 0, "exec candidate": 1969, "exec collide": 19617, "exec fuzz": 37569, "exec gen": 1993, "exec hints": 6825, "exec inject": 0, "exec minimize": 19878, "exec retries": 0, "exec seeds": 3823, "exec smash": 31805, "exec total [base]": 52073, "exec total [new]": 132770, "exec triage": 3438, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13611, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9918, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1477, "no exec duration": 18060000000, "no exec requests": 24, "pending": 0, "prog exec time": 313, "reproducing": 0, "rpc recv": 1662154744, "rpc sent": 286645632, "signal": 12554, "smash jobs": 5, "triage jobs": 7, "vm output": 875036, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 21:26:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 64, "corpus": 1368, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 51, "coverage": 13375, "distributor delayed": 729, "distributor undelayed": 729, "distributor violated": 0, "exec candidate": 1969, "exec collide": 28150, "exec fuzz": 53409, "exec gen": 2884, "exec hints": 7378, "exec inject": 0, "exec minimize": 21597, "exec retries": 0, "exec seeds": 4119, "exec smash": 34231, "exec total [base]": 64373, "exec total [new]": 163256, "exec triage": 3665, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13835, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10748, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1580, "no exec duration": 18083000000, "no exec requests": 25, "pending": 0, "prog exec time": 281, "reproducing": 0, "rpc recv": 1826270016, "rpc sent": 373240416, "signal": 12774, "smash jobs": 6, "triage jobs": 3, "vm output": 1113403, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 21:31:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 83, "corpus": 1459, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 92, "coverage": 13723, "distributor delayed": 774, "distributor undelayed": 774, "distributor violated": 0, "exec candidate": 1969, "exec collide": 36542, "exec fuzz": 69178, "exec gen": 3704, "exec hints": 8056, "exec inject": 0, "exec minimize": 23317, "exec retries": 0, "exec seeds": 4395, "exec smash": 36529, "exec total [base]": 76457, "exec total [new]": 193474, "exec triage": 3930, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 20, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 6, "max signal": 14230, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11538, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1692, "no exec duration": 18083000000, "no exec requests": 25, "pending": 0, "prog exec time": 288, "reproducing": 0, "rpc recv": 1995598692, "rpc sent": 457191768, "signal": 13122, "smash jobs": 8, "triage jobs": 6, "vm output": 1348082, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 21:33:05 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/07 21:33:05 syz-diff (base): kernel context loop terminated 2025/08/07 21:33:05 syz-diff (new): kernel context loop terminated 2025/08/07 21:33:05 diff fuzzing terminated 2025/08/07 21:33:05 bug reporting terminated 2025/08/07 21:33:05 status reporting terminated 2025/08/07 21:33:05 fuzzing is finished 2025/08/07 21:33:05 status at the end: Title On-Base On-Patched