2025/08/05 17:10:03 extracted 302733 symbol hashes for base and 302733 for patched 2025/08/05 17:10:03 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/05 17:10:03 adding directly modified files to focus areas: ["arch/s390/kvm/kvm-s390.c" "arch/s390/kvm/pv.c"] 2025/08/05 17:10:04 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/05 17:10:52 runner 4 connected 2025/08/05 17:10:52 runner 2 connected 2025/08/05 17:10:53 runner 2 connected 2025/08/05 17:10:53 runner 8 connected 2025/08/05 17:10:54 runner 0 connected 2025/08/05 17:10:54 runner 0 connected 2025/08/05 17:10:54 runner 3 connected 2025/08/05 17:10:54 runner 9 connected 2025/08/05 17:10:54 runner 7 connected 2025/08/05 17:10:54 runner 1 connected 2025/08/05 17:10:54 runner 3 connected 2025/08/05 17:10:54 runner 1 connected 2025/08/05 17:10:54 runner 5 connected 2025/08/05 17:10:58 initializing coverage information... 2025/08/05 17:10:59 executor cover filter: 0 PCs 2025/08/05 17:11:00 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 17:11:00 base: machine check complete 2025/08/05 17:11:02 discovered 7668 source files, 337507 symbols 2025/08/05 17:11:02 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/05 17:11:02 coverage filter: arch/s390/kvm/kvm-s390.c: [] 2025/08/05 17:11:02 coverage filter: arch/s390/kvm/pv.c: [] 2025/08/05 17:11:02 area "symbols": 15 PCs in the cover filter 2025/08/05 17:11:02 area "files": 0 PCs in the cover filter 2025/08/05 17:11:02 area "": 0 PCs in the cover filter 2025/08/05 17:11:02 executor cover filter: 0 PCs 2025/08/05 17:11:04 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/05 17:11:04 new: machine check complete 2025/08/05 17:11:05 triaged 100.0% of the corpus 2025/08/05 17:11:05 starting bug reproductions 2025/08/05 17:11:05 triaged 100.0% of the corpus 2025/08/05 17:11:05 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/05 17:11:07 new: adding 2209 seeds 2025/08/05 17:15:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 786, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 9857, "distributor delayed": 554, "distributor undelayed": 554, "distributor violated": 0, "exec candidate": 2209, "exec collide": 5132, "exec fuzz": 9842, "exec gen": 527, "exec hints": 1538, "exec inject": 0, "exec minimize": 10350, "exec retries": 0, "exec seeds": 2261, "exec smash": 11497, "exec total [base]": 27038, "exec total [new]": 52043, "exec triage": 2114, "executor restarts": 47, "fault jobs": 0, "fuzzer jobs": 861, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 140, "max signal": 10228, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5388, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 913, "no exec duration": 20724000000, "no exec requests": 478, "pending": 0, "prog exec time": 174, "reproducing": 0, "rpc recv": 882287788, "rpc sent": 86715576, "signal": 9416, "smash jobs": 704, "triage jobs": 17, "vm output": 304644, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/05 17:20:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1094, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12261, "distributor delayed": 682, "distributor undelayed": 682, "distributor violated": 0, "exec candidate": 2209, "exec collide": 10868, "exec fuzz": 20519, "exec gen": 1116, "exec hints": 4185, "exec inject": 0, "exec minimize": 15203, "exec retries": 0, "exec seeds": 3269, "exec smash": 24843, "exec total [base]": 45219, "exec total [new]": 91687, "exec triage": 2900, "executor restarts": 47, "fault jobs": 0, "fuzzer jobs": 353, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 9, "hints jobs": 91, "max signal": 12630, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7656, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1261, "no exec duration": 20737000000, "no exec requests": 479, "pending": 0, "prog exec time": 211, "reproducing": 0, "rpc recv": 1284746672, "rpc sent": 193086272, "signal": 11778, "smash jobs": 249, "triage jobs": 13, "vm output": 727056, "vm restarts [base]": 4, "vm restarts [new]": 9 } 2025/08/05 17:20:52 runner 6 connected 2025/08/05 17:25:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1303, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12881, "distributor delayed": 770, "distributor undelayed": 770, "distributor violated": 0, "exec candidate": 2209, "exec collide": 17258, "exec fuzz": 32819, "exec gen": 1755, "exec hints": 7407, "exec inject": 0, "exec minimize": 18847, "exec retries": 0, "exec seeds": 3960, "exec smash": 32883, "exec total [base]": 60447, "exec total [new]": 127176, "exec triage": 3462, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13301, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9334, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1502, "no exec duration": 20750000000, "no exec requests": 480, "pending": 0, "prog exec time": 290, "reproducing": 0, "rpc recv": 1671687448, "rpc sent": 286790720, "signal": 12376, "smash jobs": 8, "triage jobs": 6, "vm output": 1121257, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 17:30:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1441, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13335, "distributor delayed": 835, "distributor undelayed": 835, "distributor violated": 0, "exec candidate": 2209, "exec collide": 25309, "exec fuzz": 48078, "exec gen": 2580, "exec hints": 8618, "exec inject": 0, "exec minimize": 21664, "exec retries": 0, "exec seeds": 4384, "exec smash": 36452, "exec total [base]": 73667, "exec total [new]": 159682, "exec triage": 3810, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 14, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13905, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10703, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1659, "no exec duration": 20750000000, "no exec requests": 480, "pending": 0, "prog exec time": 294, "reproducing": 0, "rpc recv": 1890467256, "rpc sent": 385077840, "signal": 12836, "smash jobs": 6, "triage jobs": 6, "vm output": 1441703, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 17:35:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1538, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13710, "distributor delayed": 878, "distributor undelayed": 878, "distributor violated": 0, "exec candidate": 2209, "exec collide": 33102, "exec fuzz": 63061, "exec gen": 3353, "exec hints": 9333, "exec inject": 0, "exec minimize": 23668, "exec retries": 0, "exec seeds": 4672, "exec smash": 38861, "exec total [base]": 85756, "exec total [new]": 188918, "exec triage": 4078, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 14341, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11678, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1774, "no exec duration": 20750000000, "no exec requests": 480, "pending": 0, "prog exec time": 323, "reproducing": 0, "rpc recv": 2036015200, "rpc sent": 473254016, "signal": 13192, "smash jobs": 8, "triage jobs": 5, "vm output": 1734824, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 17:40:05 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1629, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 14061, "distributor delayed": 921, "distributor undelayed": 921, "distributor violated": 0, "exec candidate": 2209, "exec collide": 40933, "exec fuzz": 77708, "exec gen": 4092, "exec hints": 9829, "exec inject": 0, "exec minimize": 25435, "exec retries": 0, "exec seeds": 4956, "exec smash": 41109, "exec total [base]": 97309, "exec total [new]": 217173, "exec triage": 4324, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 19, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 14695, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12476, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1880, "no exec duration": 20750000000, "no exec requests": 480, "pending": 0, "prog exec time": 333, "reproducing": 0, "rpc recv": 2219987636, "rpc sent": 560266152, "signal": 13525, "smash jobs": 16, "triage jobs": 1, "vm output": 2180377, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/05 17:41:05 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/05 17:41:05 syz-diff (base): kernel context loop terminated 2025/08/05 17:41:05 syz-diff (new): kernel context loop terminated 2025/08/05 17:41:05 diff fuzzing terminated 2025/08/05 17:41:05 bug reporting terminated 2025/08/05 17:41:05 status reporting terminated 2025/08/05 17:41:05 fuzzing is finished 2025/08/05 17:41:05 status at the end: Title On-Base On-Patched