2025/08/12 00:44:39 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/12 00:44:39 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/12 00:44:39 adding directly modified files to focus areas: ["arch/x86/kvm/svm/sev.c"] 2025/08/12 00:44:41 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/12 00:45:31 runner 0 connected 2025/08/12 00:45:37 initializing coverage information... 2025/08/12 00:45:38 runner 3 connected 2025/08/12 00:45:38 runner 1 connected 2025/08/12 00:45:38 runner 7 connected 2025/08/12 00:45:38 runner 2 connected 2025/08/12 00:45:38 runner 0 connected 2025/08/12 00:45:38 runner 9 connected 2025/08/12 00:45:38 runner 3 connected 2025/08/12 00:45:38 runner 4 connected 2025/08/12 00:45:38 runner 5 connected 2025/08/12 00:45:38 runner 6 connected 2025/08/12 00:45:38 runner 8 connected 2025/08/12 00:45:39 runner 2 connected 2025/08/12 00:45:39 runner 1 connected 2025/08/12 00:45:41 discovered 7697 source files, 338543 symbols 2025/08/12 00:45:41 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/12 00:45:41 coverage filter: arch/x86/kvm/svm/sev.c: [] 2025/08/12 00:45:41 area "symbols": 15 PCs in the cover filter 2025/08/12 00:45:41 area "files": 0 PCs in the cover filter 2025/08/12 00:45:41 area "": 0 PCs in the cover filter 2025/08/12 00:45:41 executor cover filter: 0 PCs 2025/08/12 00:45:45 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/12 00:45:45 new: machine check complete 2025/08/12 00:45:45 executor cover filter: 0 PCs 2025/08/12 00:45:47 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/12 00:45:47 base: machine check complete 2025/08/12 00:45:48 new: adding 2072 seeds 2025/08/12 00:46:12 triaged 100.0% of the corpus 2025/08/12 00:46:12 starting bug reproductions 2025/08/12 00:46:12 triaged 100.0% of the corpus 2025/08/12 00:46:12 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/12 00:49:42 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 4, "corpus": 802, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 11153, "distributor delayed": 452, "distributor undelayed": 452, "distributor violated": 0, "exec candidate": 2072, "exec collide": 5362, "exec fuzz": 9693, "exec gen": 559, "exec hints": 1588, "exec inject": 0, "exec minimize": 10294, "exec retries": 0, "exec seeds": 2222, "exec smash": 11514, "exec total [base]": 24316, "exec total [new]": 51543, "exec triage": 2081, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 849, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 175, "max signal": 11511, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5544, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 893, "no exec duration": 10095000000, "no exec requests": 31, "pending": 0, "prog exec time": 202, "reproducing": 0, "rpc recv": 870191456, "rpc sent": 86459320, "signal": 10597, "smash jobs": 656, "triage jobs": 18, "vm output": 217036, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 00:54:42 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 32, "corpus": 1099, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 1, "coverage": 12105, "distributor delayed": 588, "distributor undelayed": 588, "distributor violated": 0, "exec candidate": 2072, "exec collide": 10745, "exec fuzz": 19988, "exec gen": 1129, "exec hints": 4369, "exec inject": 0, "exec minimize": 14881, "exec retries": 0, "exec seeds": 3232, "exec smash": 23971, "exec total [base]": 40198, "exec total [new]": 89424, "exec triage": 2880, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 443, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 118, "max signal": 12579, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7627, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1235, "no exec duration": 10095000000, "no exec requests": 31, "pending": 0, "prog exec time": 276, "reproducing": 0, "rpc recv": 1298496660, "rpc sent": 181344704, "signal": 11650, "smash jobs": 320, "triage jobs": 5, "vm output": 432737, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 00:59:42 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 49, "corpus": 1299, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 5, "coverage": 12824, "distributor delayed": 693, "distributor undelayed": 693, "distributor violated": 0, "exec candidate": 2072, "exec collide": 16478, "exec fuzz": 30600, "exec gen": 1703, "exec hints": 8428, "exec inject": 0, "exec minimize": 18119, "exec retries": 0, "exec seeds": 3885, "exec smash": 32236, "exec total [base]": 54067, "exec total [new]": 123133, "exec triage": 3456, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 26, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 13539, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9121, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1483, "no exec duration": 10095000000, "no exec requests": 31, "pending": 0, "prog exec time": 302, "reproducing": 0, "rpc recv": 1617922008, "rpc sent": 272907600, "signal": 12307, "smash jobs": 11, "triage jobs": 10, "vm output": 791938, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 01:04:42 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 66, "corpus": 1417, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 84, "coverage": 13247, "distributor delayed": 749, "distributor undelayed": 749, "distributor violated": 0, "exec candidate": 2072, "exec collide": 24108, "exec fuzz": 44918, "exec gen": 2455, "exec hints": 9742, "exec inject": 0, "exec minimize": 20387, "exec retries": 0, "exec seeds": 4245, "exec smash": 35261, "exec total [base]": 66487, "exec total [new]": 153117, "exec triage": 3773, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 15, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13967, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10172, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1615, "no exec duration": 10095000000, "no exec requests": 31, "pending": 0, "prog exec time": 304, "reproducing": 0, "rpc recv": 1835093396, "rpc sent": 360210960, "signal": 12708, "smash jobs": 8, "triage jobs": 3, "vm output": 1106946, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 01:09:42 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 78, "corpus": 1496, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 130, "coverage": 13424, "distributor delayed": 786, "distributor undelayed": 786, "distributor violated": 0, "exec candidate": 2072, "exec collide": 32127, "exec fuzz": 60018, "exec gen": 3263, "exec hints": 10626, "exec inject": 0, "exec minimize": 21874, "exec retries": 0, "exec seeds": 4488, "exec smash": 37288, "exec total [base]": 78273, "exec total [new]": 181929, "exec triage": 4015, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 18, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 14193, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10859, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1719, "no exec duration": 10095000000, "no exec requests": 31, "pending": 0, "prog exec time": 306, "reproducing": 0, "rpc recv": 1994704044, "rpc sent": 448429344, "signal": 12868, "smash jobs": 9, "triage jobs": 7, "vm output": 1418445, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 01:14:42 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 84, "corpus": 1570, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 159, "coverage": 13564, "distributor delayed": 810, "distributor undelayed": 810, "distributor violated": 0, "exec candidate": 2072, "exec collide": 39929, "exec fuzz": 74990, "exec gen": 4077, "exec hints": 11572, "exec inject": 0, "exec minimize": 23223, "exec retries": 0, "exec seeds": 4710, "exec smash": 39183, "exec total [base]": 89687, "exec total [new]": 210136, "exec triage": 4220, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 13, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14386, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11471, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1805, "no exec duration": 10095000000, "no exec requests": 31, "pending": 0, "prog exec time": 376, "reproducing": 0, "rpc recv": 2135930096, "rpc sent": 535462720, "signal": 13004, "smash jobs": 6, "triage jobs": 6, "vm output": 1727853, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/12 01:16:12 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/12 01:16:12 syz-diff (new): kernel context loop terminated 2025/08/12 01:16:12 syz-diff (base): kernel context loop terminated 2025/08/12 01:16:12 diff fuzzing terminated 2025/08/12 01:16:12 bug reporting terminated 2025/08/12 01:16:12 status reporting terminated 2025/08/12 01:16:12 fuzzing is finished 2025/08/12 01:16:12 status at the end: Title On-Base On-Patched