2025/07/31 15:13:13 extracted 302733 symbol hashes for base and 302733 for patched 2025/07/31 15:13:13 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/07/31 15:13:13 adding directly modified files to focus areas: ["arch/arm64/kvm/nested.c"] 2025/07/31 15:13:14 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/07/31 15:14:19 runner 9 connected 2025/07/31 15:14:19 runner 0 connected 2025/07/31 15:14:19 runner 0 connected 2025/07/31 15:14:19 runner 7 connected 2025/07/31 15:14:19 runner 5 connected 2025/07/31 15:14:20 runner 1 connected 2025/07/31 15:14:20 runner 2 connected 2025/07/31 15:14:20 runner 2 connected 2025/07/31 15:14:20 runner 3 connected 2025/07/31 15:14:20 runner 3 connected 2025/07/31 15:14:21 runner 8 connected 2025/07/31 15:14:21 runner 4 connected 2025/07/31 15:14:21 runner 1 connected 2025/07/31 15:14:21 runner 6 connected 2025/07/31 15:14:28 executor cover filter: 0 PCs 2025/07/31 15:14:28 initializing coverage information... 2025/07/31 15:14:30 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/07/31 15:14:30 base: machine check complete 2025/07/31 15:14:34 discovered 7668 source files, 337507 symbols 2025/07/31 15:14:34 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/07/31 15:14:34 coverage filter: arch/arm64/kvm/nested.c: [] 2025/07/31 15:14:34 area "symbols": 15 PCs in the cover filter 2025/07/31 15:14:34 area "files": 0 PCs in the cover filter 2025/07/31 15:14:34 area "": 0 PCs in the cover filter 2025/07/31 15:14:34 executor cover filter: 0 PCs 2025/07/31 15:14:35 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/07/31 15:14:35 new: machine check complete 2025/07/31 15:14:40 new: adding 2126 seeds 2025/07/31 15:14:46 triaged 97.3% of the corpus 2025/07/31 15:14:46 starting bug reproductions 2025/07/31 15:14:46 starting bug reproductions (max 10 VMs, 7 repros) 2025/07/31 15:15:16 triaged 100.0% of the corpus 2025/07/31 15:18:16 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 711, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 9440, "distributor delayed": 407, "distributor undelayed": 407, "distributor violated": 0, "exec candidate": 2126, "exec collide": 3942, "exec fuzz": 7542, "exec gen": 384, "exec hints": 1222, "exec inject": 0, "exec minimize": 9309, "exec retries": 0, "exec seeds": 2015, "exec smash": 8386, "exec total [base]": 20080, "exec total [new]": 43198, "exec triage": 1964, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 802, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 144, "max signal": 9976, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5009, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 827, "no exec duration": 18000000000, "no exec requests": 18, "pending": 0, "prog exec time": 213, "reproducing": 0, "rpc recv": 848298736, "rpc sent": 74151192, "signal": 8983, "smash jobs": 639, "triage jobs": 19, "vm output": 203875, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 15:23:16 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 968, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 11915, "distributor delayed": 536, "distributor undelayed": 536, "distributor violated": 0, "exec candidate": 2126, "exec collide": 8896, "exec fuzz": 16896, "exec gen": 862, "exec hints": 3189, "exec inject": 0, "exec minimize": 14282, "exec retries": 0, "exec seeds": 2874, "exec smash": 20343, "exec total [base]": 34934, "exec total [new]": 78451, "exec triage": 2676, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 466, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 112, "max signal": 12430, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7285, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1134, "no exec duration": 18000000000, "no exec requests": 18, "pending": 0, "prog exec time": 294, "reproducing": 0, "rpc recv": 1194060852, "rpc sent": 175648544, "signal": 11392, "smash jobs": 345, "triage jobs": 9, "vm output": 317993, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 15:28:16 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1128, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12699, "distributor delayed": 632, "distributor undelayed": 632, "distributor violated": 0, "exec candidate": 2126, "exec collide": 14297, "exec fuzz": 27306, "exec gen": 1405, "exec hints": 7137, "exec inject": 0, "exec minimize": 17264, "exec retries": 0, "exec seeds": 3397, "exec smash": 28232, "exec total [base]": 48301, "exec total [new]": 110620, "exec triage": 3149, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 28, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 10, "max signal": 13240, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8692, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1337, "no exec duration": 18000000000, "no exec requests": 18, "pending": 0, "prog exec time": 259, "reproducing": 0, "rpc recv": 1411546324, "rpc sent": 265602144, "signal": 12122, "smash jobs": 7, "triage jobs": 11, "vm output": 492275, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 15:33:16 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1228, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 12973, "distributor delayed": 681, "distributor undelayed": 681, "distributor violated": 0, "exec candidate": 2126, "exec collide": 21744, "exec fuzz": 41347, "exec gen": 2155, "exec hints": 9448, "exec inject": 0, "exec minimize": 19097, "exec retries": 0, "exec seeds": 3707, "exec smash": 30736, "exec total [base]": 60474, "exec total [new]": 140091, "exec triage": 3425, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 21, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 13510, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9525, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1456, "no exec duration": 18000000000, "no exec requests": 18, "pending": 0, "prog exec time": 308, "reproducing": 0, "rpc recv": 1567438176, "rpc sent": 358258296, "signal": 12361, "smash jobs": 11, "triage jobs": 5, "vm output": 676316, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 15:38:16 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1309, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13185, "distributor delayed": 736, "distributor undelayed": 736, "distributor violated": 0, "exec candidate": 2126, "exec collide": 28743, "exec fuzz": 55006, "exec gen": 2869, "exec hints": 11146, "exec inject": 0, "exec minimize": 20490, "exec retries": 0, "exec seeds": 3954, "exec smash": 32917, "exec total [base]": 71625, "exec total [new]": 167223, "exec triage": 3664, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 4, "max signal": 13736, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10158, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1555, "no exec duration": 18000000000, "no exec requests": 18, "pending": 0, "prog exec time": 287, "reproducing": 0, "rpc recv": 1688419440, "rpc sent": 446503048, "signal": 12567, "smash jobs": 6, "triage jobs": 2, "vm output": 837238, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 15:43:16 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "corpus": 1396, "corpus [files]": 0, "corpus [symbols]": 0, "coverage": 13769, "distributor delayed": 770, "distributor undelayed": 770, "distributor violated": 0, "exec candidate": 2126, "exec collide": 35839, "exec fuzz": 68150, "exec gen": 3572, "exec hints": 12351, "exec inject": 0, "exec minimize": 22352, "exec retries": 0, "exec seeds": 4215, "exec smash": 35056, "exec total [base]": 82538, "exec total [new]": 193860, "exec triage": 3893, "executor restarts": 51, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14348, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11068, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1655, "no exec duration": 18000000000, "no exec requests": 18, "pending": 0, "prog exec time": 347, "reproducing": 0, "rpc recv": 1808627348, "rpc sent": 531850824, "signal": 13137, "smash jobs": 8, "triage jobs": 7, "vm output": 984122, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/07/31 15:45:16 fuzzer has not reached the modified code in 30m0s, aborting 2025/07/31 15:45:16 syz-diff (base): kernel context loop terminated 2025/07/31 15:45:16 syz-diff (new): kernel context loop terminated 2025/07/31 15:45:16 diff fuzzing terminated 2025/07/31 15:45:16 bug reporting terminated 2025/07/31 15:45:16 status reporting terminated 2025/07/31 15:45:16 fuzzing is finished 2025/07/31 15:45:16 status at the end: Title On-Base On-Patched