2025/08/14 22:49:24 extracted 303751 symbol hashes for base and 303751 for patched 2025/08/14 22:49:24 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/14 22:49:24 adding directly modified files to focus areas: ["arch/arm64/kvm/emulate-nested.c"] 2025/08/14 22:49:25 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/14 22:50:15 runner 7 connected 2025/08/14 22:50:16 runner 2 connected 2025/08/14 22:50:21 executor cover filter: 0 PCs 2025/08/14 22:50:22 initializing coverage information... 2025/08/14 22:50:22 runner 3 connected 2025/08/14 22:50:22 runner 8 connected 2025/08/14 22:50:22 runner 2 connected 2025/08/14 22:50:22 runner 6 connected 2025/08/14 22:50:22 runner 5 connected 2025/08/14 22:50:22 runner 0 connected 2025/08/14 22:50:22 runner 9 connected 2025/08/14 22:50:22 runner 1 connected 2025/08/14 22:50:22 runner 3 connected 2025/08/14 22:50:23 runner 4 connected 2025/08/14 22:50:24 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/14 22:50:24 base: machine check complete 2025/08/14 22:50:26 discovered 7699 source files, 338620 symbols 2025/08/14 22:50:26 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/14 22:50:26 coverage filter: arch/arm64/kvm/emulate-nested.c: [] 2025/08/14 22:50:26 area "symbols": 15 PCs in the cover filter 2025/08/14 22:50:26 area "files": 0 PCs in the cover filter 2025/08/14 22:50:26 area "": 0 PCs in the cover filter 2025/08/14 22:50:26 executor cover filter: 0 PCs 2025/08/14 22:50:29 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/14 22:50:29 new: machine check complete 2025/08/14 22:50:32 new: adding 2157 seeds 2025/08/14 22:50:56 triaged 100.0% of the corpus 2025/08/14 22:50:56 starting bug reproductions 2025/08/14 22:50:56 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/14 22:50:56 triaged 100.0% of the corpus 2025/08/14 22:54:26 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 730, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 9523, "distributor delayed": 442, "distributor undelayed": 442, "distributor violated": 0, "exec candidate": 2157, "exec collide": 4680, "exec fuzz": 9047, "exec gen": 466, "exec hints": 1452, "exec inject": 0, "exec minimize": 9471, "exec retries": 0, "exec seeds": 2062, "exec smash": 10451, "exec total [base]": 18637, "exec total [new]": 48167, "exec triage": 1968, "executor restarts": 45, "fault jobs": 0, "fuzzer jobs": 772, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 9, "hints jobs": 144, "max signal": 9907, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5079, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 844, "no exec duration": 6147000000, "no exec requests": 36, "pending": 0, "prog exec time": 199, "reproducing": 0, "rpc recv": 783397432, "rpc sent": 69342584, "signal": 9132, "smash jobs": 624, "triage jobs": 4, "vm output": 215312, "vm restarts [base]": 3, "vm restarts [new]": 9 } 2025/08/14 22:59:26 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 21, "corpus": 1011, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 1, "coverage": 11937, "distributor delayed": 603, "distributor undelayed": 603, "distributor violated": 0, "exec candidate": 2157, "exec collide": 9963, "exec fuzz": 19030, "exec gen": 987, "exec hints": 3956, "exec inject": 0, "exec minimize": 13865, "exec retries": 0, "exec seeds": 3006, "exec smash": 22789, "exec total [base]": 31405, "exec total [new]": 84914, "exec triage": 2749, "executor restarts": 45, "fault jobs": 0, "fuzzer jobs": 331, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 9, "hints jobs": 85, "max signal": 12347, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7062, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1178, "no exec duration": 6147000000, "no exec requests": 36, "pending": 0, "prog exec time": 264, "reproducing": 0, "rpc recv": 1176600908, "rpc sent": 150594824, "signal": 11522, "smash jobs": 240, "triage jobs": 6, "vm output": 433527, "vm restarts [base]": 3, "vm restarts [new]": 9 } 2025/08/14 22:59:32 new: boot error: can't ssh into the instance 2025/08/14 22:59:32 base: boot error: can't ssh into the instance 2025/08/14 23:00:22 runner 1 connected 2025/08/14 23:04:26 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 45, "corpus": 1209, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 3, "coverage": 12646, "distributor delayed": 704, "distributor undelayed": 704, "distributor violated": 0, "exec candidate": 2157, "exec collide": 15297, "exec fuzz": 28991, "exec gen": 1505, "exec hints": 7286, "exec inject": 0, "exec minimize": 17102, "exec retries": 0, "exec seeds": 3639, "exec smash": 30137, "exec total [base]": 44798, "exec total [new]": 115808, "exec triage": 3280, "executor restarts": 45, "fault jobs": 0, "fuzzer jobs": 25, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 4, "max signal": 13108, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8608, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1407, "no exec duration": 6147000000, "no exec requests": 36, "pending": 0, "prog exec time": 320, "reproducing": 0, "rpc recv": 1503422684, "rpc sent": 230208288, "signal": 12171, "smash jobs": 15, "triage jobs": 6, "vm output": 678076, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/14 23:09:26 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 56, "corpus": 1366, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 4, "coverage": 13277, "distributor delayed": 789, "distributor undelayed": 789, "distributor violated": 0, "exec candidate": 2157, "exec collide": 22025, "exec fuzz": 41455, "exec gen": 2154, "exec hints": 8316, "exec inject": 0, "exec minimize": 19844, "exec retries": 0, "exec seeds": 4118, "exec smash": 34252, "exec total [base]": 57934, "exec total [new]": 144427, "exec triage": 3693, "executor restarts": 45, "fault jobs": 0, "fuzzer jobs": 14, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 3, "max signal": 13740, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9890, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1589, "no exec duration": 6147000000, "no exec requests": 36, "pending": 0, "prog exec time": 297, "reproducing": 0, "rpc recv": 1707240564, "rpc sent": 317214576, "signal": 12726, "smash jobs": 7, "triage jobs": 4, "vm output": 941568, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/14 23:09:37 new: boot error: can't ssh into the instance 2025/08/14 23:10:26 runner 0 connected 2025/08/14 23:14:26 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 62, "corpus": 1492, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 5, "coverage": 13536, "distributor delayed": 847, "distributor undelayed": 847, "distributor violated": 0, "exec candidate": 2157, "exec collide": 29472, "exec fuzz": 55792, "exec gen": 2891, "exec hints": 8671, "exec inject": 0, "exec minimize": 21883, "exec retries": 0, "exec seeds": 4509, "exec smash": 37473, "exec total [base]": 70068, "exec total [new]": 173283, "exec triage": 4018, "executor restarts": 48, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14026, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10831, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1732, "no exec duration": 6160000000, "no exec requests": 37, "pending": 0, "prog exec time": 319, "reproducing": 0, "rpc recv": 1932583004, "rpc sent": 413509408, "signal": 13001, "smash jobs": 9, "triage jobs": 2, "vm output": 1375575, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/14 23:19:26 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 62, "corpus": 1560, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 10, "coverage": 13696, "distributor delayed": 886, "distributor undelayed": 886, "distributor violated": 0, "exec candidate": 2157, "exec collide": 37840, "exec fuzz": 71685, "exec gen": 3775, "exec hints": 9020, "exec inject": 0, "exec minimize": 23101, "exec retries": 0, "exec seeds": 4716, "exec smash": 39202, "exec total [base]": 81869, "exec total [new]": 202141, "exec triage": 4231, "executor restarts": 48, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14249, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11414, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1820, "no exec duration": 6160000000, "no exec requests": 37, "pending": 0, "prog exec time": 308, "reproducing": 0, "rpc recv": 2049729176, "rpc sent": 511671376, "signal": 13162, "smash jobs": 6, "triage jobs": 5, "vm output": 1781780, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/14 23:20:56 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/14 23:20:56 syz-diff (base): kernel context loop terminated 2025/08/14 23:20:56 syz-diff (new): kernel context loop terminated 2025/08/14 23:20:56 diff fuzzing terminated 2025/08/14 23:20:56 bug reporting terminated 2025/08/14 23:20:56 status reporting terminated 2025/08/14 23:20:56 fuzzing is finished 2025/08/14 23:20:56 status at the end: Title On-Base On-Patched