2025/08/05 11:36:42 extracted 302733 symbol hashes for base and 302733 for patched 2025/08/05 11:36:42 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/05 11:36:42 adding directly modified files to focus areas: ["arch/riscv/kvm/vcpu_vector.c"] 2025/08/05 11:36:43 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/05 11:37:33 runner 3 connected 2025/08/05 11:37:33 runner 0 connected 2025/08/05 11:37:33 runner 5 connected 2025/08/05 11:37:33 runner 6 connected 2025/08/05 11:37:33 runner 9 connected 2025/08/05 11:37:33 runner 4 connected 2025/08/05 11:37:33 runner 7 connected 2025/08/05 11:37:33 runner 2 connected 2025/08/05 11:37:34 runner 0 connected 2025/08/05 11:37:34 runner 1 connected 2025/08/05 11:37:34 runner 8 connected 2025/08/05 11:37:34 runner 2 connected 2025/08/05 11:37:35 runner 3 connected 2025/08/05 11:37:39 executor cover filter: 0 PCs 2025/08/05 11:37:39 initializing coverage information... 2025/08/05 11:37:41 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 11:37:41 base: machine check complete 2025/08/05 11:37:45 discovered 7668 source files, 337507 symbols 2025/08/05 11:37:46 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/05 11:37:46 coverage filter: arch/riscv/kvm/vcpu_vector.c: [] 2025/08/05 11:37:46 area "symbols": 15 PCs in the cover filter 2025/08/05 11:37:46 area "files": 0 PCs in the cover filter 2025/08/05 11:37:46 area "": 0 PCs in the cover filter 2025/08/05 11:37:46 executor cover filter: 0 PCs 2025/08/05 11:37:47 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 11:37:47 new: machine check complete 2025/08/05 11:37:50 new: adding 2209 seeds 2025/08/05 11:38:15 triaged 100.0% of the corpus 2025/08/05 11:38:15 triaged 100.0% of the corpus 2025/08/05 11:38:15 starting bug reproductions 2025/08/05 11:38:15 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/05 11:41:45 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 786, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 10628, "distributor delayed": 502, "distributor undelayed": 502, "distributor violated": 0, "exec candidate": 2209, "exec collide": 5128, "exec fuzz": 9913, "exec gen": 525, "exec hints": 1642, "exec inject": 0, "exec minimize": 10686, "exec retries": 0, "exec seeds": 2210, "exec smash": 11468, "exec total [base]": 18313, "exec total [new]": 52530, "exec triage": 2177, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 857, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 10, "hints jobs": 163, "max signal": 11075, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5613, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 920, "no exec duration": 19368000000, "no exec requests": 62, "pending": 0, "prog exec time": 173, "reproducing": 0, "rpc recv": 896820588, "rpc sent": 85225496, "signal": 10151, "smash jobs": 676, "triage jobs": 18, "vm output": 235053, "vm restarts [base]": 3, "vm restarts [new]": 10 } 2025/08/05 11:46:45 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1065, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 11685, "distributor delayed": 654, "distributor undelayed": 654, "distributor violated": 0, "exec candidate": 2209, "exec collide": 10573, "exec fuzz": 20183, "exec gen": 1043, "exec hints": 4406, "exec inject": 0, "exec minimize": 15523, "exec retries": 0, "exec seeds": 3147, "exec smash": 23988, "exec total [base]": 30272, "exec total [new]": 90579, "exec triage": 2933, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 334, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 10, "hints jobs": 88, "max signal": 12116, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7805, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1244, "no exec duration": 19368000000, "no exec requests": 62, "pending": 0, "prog exec time": 261, "reproducing": 0, "rpc recv": 1323654952, "rpc sent": 168576048, "signal": 11184, "smash jobs": 236, "triage jobs": 10, "vm output": 506530, "vm restarts [base]": 3, "vm restarts [new]": 10 } 2025/08/05 11:47:39 runner 1 connected 2025/08/05 11:51:45 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1227, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12351, "distributor delayed": 725, "distributor undelayed": 725, "distributor violated": 0, "exec candidate": 2209, "exec collide": 16931, "exec fuzz": 32069, "exec gen": 1646, "exec hints": 8760, "exec inject": 0, "exec minimize": 18485, "exec retries": 0, "exec seeds": 3672, "exec smash": 30552, "exec total [base]": 43289, "exec total [new]": 124303, "exec triage": 3406, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 18, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 6, "max signal": 12848, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9149, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1442, "no exec duration": 19368000000, "no exec requests": 62, "pending": 0, "prog exec time": 141, "reproducing": 0, "rpc recv": 1661484252, "rpc sent": 259867624, "signal": 11819, "smash jobs": 4, "triage jobs": 8, "vm output": 795593, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 11:56:45 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1302, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12614, "distributor delayed": 767, "distributor undelayed": 767, "distributor violated": 0, "exec candidate": 2209, "exec collide": 23774, "exec fuzz": 44936, "exec gen": 2286, "exec hints": 10010, "exec inject": 0, "exec minimize": 20068, "exec retries": 0, "exec seeds": 3897, "exec smash": 32422, "exec total [base]": 54021, "exec total [new]": 149821, "exec triage": 3645, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13149, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9877, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1536, "no exec duration": 19368000000, "no exec requests": 62, "pending": 0, "prog exec time": 369, "reproducing": 0, "rpc recv": 1840491724, "rpc sent": 336978768, "signal": 12028, "smash jobs": 6, "triage jobs": 2, "vm output": 998898, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 12:01:45 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1377, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13125, "distributor delayed": 815, "distributor undelayed": 815, "distributor violated": 0, "exec candidate": 2209, "exec collide": 30129, "exec fuzz": 57336, "exec gen": 2969, "exec hints": 11791, "exec inject": 0, "exec minimize": 21531, "exec retries": 0, "exec seeds": 4125, "exec smash": 34348, "exec total [base]": 64404, "exec total [new]": 174907, "exec triage": 3893, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 21, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 10, "max signal": 13760, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10552, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1637, "no exec duration": 19368000000, "no exec requests": 62, "pending": 0, "prog exec time": 369, "reproducing": 0, "rpc recv": 1972388916, "rpc sent": 410116928, "signal": 12545, "smash jobs": 5, "triage jobs": 6, "vm output": 1201340, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 12:06:45 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1432, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13248, "distributor delayed": 847, "distributor undelayed": 847, "distributor violated": 0, "exec candidate": 2209, "exec collide": 36876, "exec fuzz": 70410, "exec gen": 3653, "exec hints": 12147, "exec inject": 0, "exec minimize": 22499, "exec retries": 0, "exec seeds": 4296, "exec smash": 35717, "exec total [base]": 74221, "exec total [new]": 198463, "exec triage": 4081, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 13889, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10978, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1712, "no exec duration": 19368000000, "no exec requests": 62, "pending": 0, "prog exec time": 351, "reproducing": 0, "rpc recv": 2078830052, "rpc sent": 482587888, "signal": 12651, "smash jobs": 7, "triage jobs": 5, "vm output": 1397266, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 12:08:15 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/05 12:08:15 syz-diff (base): kernel context loop terminated 2025/08/05 12:08:15 syz-diff (new): kernel context loop terminated 2025/08/05 12:08:15 diff fuzzing terminated 2025/08/05 12:08:15 bug reporting terminated 2025/08/05 12:08:15 status reporting terminated 2025/08/05 12:08:15 fuzzing is finished 2025/08/05 12:08:15 status at the end: Title On-Base On-Patched