2025/08/04 09:53:44 extracted 302733 symbol hashes for base and 302733 for patched 2025/08/04 09:53:44 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/04 09:53:44 adding directly modified files to focus areas: ["arch/x86/kvm/svm/sev.c"] 2025/08/04 09:53:45 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/04 09:54:34 runner 8 connected 2025/08/04 09:54:34 runner 1 connected 2025/08/04 09:54:34 runner 4 connected 2025/08/04 09:54:34 runner 5 connected 2025/08/04 09:54:35 runner 0 connected 2025/08/04 09:54:35 runner 1 connected 2025/08/04 09:54:35 runner 2 connected 2025/08/04 09:54:35 runner 7 connected 2025/08/04 09:54:35 runner 3 connected 2025/08/04 09:54:35 runner 6 connected 2025/08/04 09:54:35 runner 9 connected 2025/08/04 09:54:35 runner 3 connected 2025/08/04 09:54:35 runner 2 connected 2025/08/04 09:54:36 runner 0 connected 2025/08/04 09:54:39 initializing coverage information... 2025/08/04 09:54:40 executor cover filter: 0 PCs 2025/08/04 09:54:42 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/04 09:54:42 base: machine check complete 2025/08/04 09:54:44 discovered 7668 source files, 337507 symbols 2025/08/04 09:54:44 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/04 09:54:44 coverage filter: arch/x86/kvm/svm/sev.c: [] 2025/08/04 09:54:44 area "symbols": 15 PCs in the cover filter 2025/08/04 09:54:44 area "files": 0 PCs in the cover filter 2025/08/04 09:54:44 area "": 0 PCs in the cover filter 2025/08/04 09:54:44 executor cover filter: 0 PCs 2025/08/04 09:54:46 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/04 09:54:46 new: machine check complete 2025/08/04 09:54:46 triaged 100.0% of the corpus 2025/08/04 09:54:46 triaged 100.0% of the corpus 2025/08/04 09:54:46 starting bug reproductions 2025/08/04 09:54:46 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/04 09:54:49 new: adding 2209 seeds 2025/08/04 09:58:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 831, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 10284, "distributor delayed": 573, "distributor undelayed": 573, "distributor violated": 0, "exec candidate": 2209, "exec collide": 5723, "exec fuzz": 11054, "exec gen": 610, "exec hints": 1921, "exec inject": 0, "exec minimize": 10899, "exec retries": 0, "exec seeds": 2357, "exec smash": 12925, "exec total [base]": 25916, "exec total [new]": 56485, "exec triage": 2223, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 857, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 172, "max signal": 10613, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5741, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 947, "no exec duration": 21845000000, "no exec requests": 335, "pending": 0, "prog exec time": 204, "reproducing": 0, "rpc recv": 921630980, "rpc sent": 125941368, "signal": 9804, "smash jobs": 672, "triage jobs": 13, "vm output": 263524, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/04 10:03:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1119, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12450, "distributor delayed": 723, "distributor undelayed": 723, "distributor violated": 0, "exec candidate": 2209, "exec collide": 11678, "exec fuzz": 22274, "exec gen": 1206, "exec hints": 5591, "exec inject": 0, "exec minimize": 15758, "exec retries": 0, "exec seeds": 3306, "exec smash": 26070, "exec total [base]": 43024, "exec total [new]": 97701, "exec triage": 3044, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 241, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 89, "max signal": 12938, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7970, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1295, "no exec duration": 21845000000, "no exec requests": 335, "pending": 0, "prog exec time": 244, "reproducing": 0, "rpc recv": 1362232224, "rpc sent": 245226696, "signal": 12014, "smash jobs": 145, "triage jobs": 7, "vm output": 462468, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/04 10:08:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1275, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13007, "distributor delayed": 811, "distributor undelayed": 811, "distributor violated": 0, "exec candidate": 2209, "exec collide": 18903, "exec fuzz": 36027, "exec gen": 1864, "exec hints": 8926, "exec inject": 0, "exec minimize": 18408, "exec retries": 0, "exec seeds": 3810, "exec smash": 31671, "exec total [base]": 57425, "exec total [new]": 131895, "exec triage": 3512, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 14, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 13511, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9166, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1495, "no exec duration": 21845000000, "no exec requests": 335, "pending": 0, "prog exec time": 306, "reproducing": 0, "rpc recv": 1625574960, "rpc sent": 346075992, "signal": 12479, "smash jobs": 9, "triage jobs": 5, "vm output": 699537, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/04 10:13:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1372, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13370, "distributor delayed": 858, "distributor undelayed": 858, "distributor violated": 0, "exec candidate": 2209, "exec collide": 27036, "exec fuzz": 51667, "exec gen": 2633, "exec hints": 9135, "exec inject": 0, "exec minimize": 19904, "exec retries": 0, "exec seeds": 4100, "exec smash": 34119, "exec total [base]": 69571, "exec total [new]": 161144, "exec triage": 3776, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13887, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9868, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1610, "no exec duration": 21845000000, "no exec requests": 335, "pending": 0, "prog exec time": 316, "reproducing": 0, "rpc recv": 1770677792, "rpc sent": 440990952, "signal": 12820, "smash jobs": 6, "triage jobs": 5, "vm output": 894592, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/04 10:18:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1437, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13544, "distributor delayed": 883, "distributor undelayed": 883, "distributor violated": 0, "exec candidate": 2209, "exec collide": 35347, "exec fuzz": 67133, "exec gen": 3453, "exec hints": 9293, "exec inject": 0, "exec minimize": 21127, "exec retries": 0, "exec seeds": 4302, "exec smash": 35809, "exec total [base]": 80958, "exec total [new]": 189195, "exec triage": 3956, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 7, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14080, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10452, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1686, "no exec duration": 21845000000, "no exec requests": 335, "pending": 0, "prog exec time": 320, "reproducing": 0, "rpc recv": 1885393976, "rpc sent": 537474024, "signal": 12972, "smash jobs": 4, "triage jobs": 2, "vm output": 1071182, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/04 10:23:46 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1501, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13674, "distributor delayed": 918, "distributor undelayed": 918, "distributor violated": 0, "exec candidate": 2209, "exec collide": 43737, "exec fuzz": 83048, "exec gen": 4279, "exec hints": 9385, "exec inject": 0, "exec minimize": 22064, "exec retries": 0, "exec seeds": 4494, "exec smash": 37424, "exec total [base]": 92499, "exec total [new]": 217362, "exec triage": 4156, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 8, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 14305, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10893, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1772, "no exec duration": 21845000000, "no exec requests": 335, "pending": 0, "prog exec time": 321, "reproducing": 0, "rpc recv": 1989562556, "rpc sent": 637998024, "signal": 13082, "smash jobs": 4, "triage jobs": 4, "vm output": 1294687, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/04 10:24:46 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/04 10:24:47 syz-diff (base): kernel context loop terminated 2025/08/04 10:24:47 syz-diff (new): kernel context loop terminated 2025/08/04 10:24:47 diff fuzzing terminated 2025/08/04 10:24:47 bug reporting terminated 2025/08/04 10:24:47 status reporting terminated 2025/08/04 10:24:47 fuzzing is finished 2025/08/04 10:24:47 status at the end: Title On-Base On-Patched