2025/08/07 17:04:35 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/07 17:04:35 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/07 17:04:35 adding directly modified files to focus areas: ["tools/testing/selftests/kvm/Makefile.kvm" "tools/testing/selftests/kvm/include/riscv/processor.h" "tools/testing/selftests/rseq/rseq-riscv.h"] 2025/08/07 17:04:36 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/07 17:05:25 runner 1 connected 2025/08/07 17:05:26 runner 6 connected 2025/08/07 17:05:26 runner 2 connected 2025/08/07 17:05:26 runner 3 connected 2025/08/07 17:05:26 runner 7 connected 2025/08/07 17:05:26 runner 0 connected 2025/08/07 17:05:27 runner 0 connected 2025/08/07 17:05:27 runner 9 connected 2025/08/07 17:05:27 runner 1 connected 2025/08/07 17:05:27 runner 3 connected 2025/08/07 17:05:32 executor cover filter: 0 PCs 2025/08/07 17:05:32 initializing coverage information... 2025/08/07 17:05:33 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/07 17:05:33 base: machine check complete 2025/08/07 17:05:36 discovered 7697 source files, 338543 symbols 2025/08/07 17:05:36 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/07 17:05:36 coverage filter: tools/testing/selftests/kvm/Makefile.kvm: [] 2025/08/07 17:05:36 coverage filter: tools/testing/selftests/kvm/include/riscv/processor.h: [] 2025/08/07 17:05:36 coverage filter: tools/testing/selftests/rseq/rseq-riscv.h: [] 2025/08/07 17:05:36 area "symbols": 15 PCs in the cover filter 2025/08/07 17:05:36 area "files": 0 PCs in the cover filter 2025/08/07 17:05:36 area "": 0 PCs in the cover filter 2025/08/07 17:05:36 executor cover filter: 0 PCs 2025/08/07 17:05:37 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/07 17:05:37 new: machine check complete 2025/08/07 17:05:38 triaged 100.0% of the corpus 2025/08/07 17:05:38 triaged 100.0% of the corpus 2025/08/07 17:05:38 starting bug reproductions 2025/08/07 17:05:38 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/07 17:05:40 new: adding 1913 seeds 2025/08/07 17:09:38 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 641, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 8856, "distributor delayed": 570, "distributor undelayed": 570, "distributor violated": 0, "exec candidate": 1913, "exec collide": 2860, "exec fuzz": 5582, "exec gen": 268, "exec hints": 825, "exec inject": 0, "exec minimize": 8745, "exec retries": 0, "exec seeds": 1783, "exec smash": 5990, "exec total [base]": 27677, "exec total [new]": 35371, "exec triage": 1737, "executor restarts": 40, "fault jobs": 0, "fuzzer jobs": 762, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 6, "hints jobs": 144, "max signal": 9223, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 4725, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 723, "no exec duration": 24911000000, "no exec requests": 183, "pending": 0, "prog exec time": 178, "reproducing": 0, "rpc recv": 652151332, "rpc sent": 75236720, "signal": 8451, "smash jobs": 611, "triage jobs": 7, "vm output": 114126, "vm restarts [base]": 4, "vm restarts [new]": 6 } 2025/08/07 17:14:38 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 5, "corpus": 851, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 10806, "distributor delayed": 712, "distributor undelayed": 712, "distributor violated": 0, "exec candidate": 1913, "exec collide": 6551, "exec fuzz": 12734, "exec gen": 630, "exec hints": 2104, "exec inject": 0, "exec minimize": 11862, "exec retries": 0, "exec seeds": 2449, "exec smash": 15243, "exec total [base]": 45887, "exec total [new]": 61442, "exec triage": 2288, "executor restarts": 40, "fault jobs": 0, "fuzzer jobs": 758, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 6, "hints jobs": 135, "max signal": 11167, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 6206, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 969, "no exec duration": 24911000000, "no exec requests": 183, "pending": 0, "prog exec time": 203, "reproducing": 0, "rpc recv": 872313640, "rpc sent": 158729536, "signal": 10330, "smash jobs": 619, "triage jobs": 4, "vm output": 202496, "vm restarts [base]": 4, "vm restarts [new]": 6 } 2025/08/07 17:14:43 new: boot error: can't ssh into the instance 2025/08/07 17:14:43 new: boot error: can't ssh into the instance 2025/08/07 17:14:43 new: boot error: can't ssh into the instance 2025/08/07 17:14:43 new: boot error: can't ssh into the instance 2025/08/07 17:15:32 runner 2 connected 2025/08/07 17:15:32 runner 8 connected 2025/08/07 17:15:32 runner 5 connected 2025/08/07 17:15:33 runner 4 connected 2025/08/07 17:19:38 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 17, "corpus": 1127, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 12169, "distributor delayed": 864, "distributor undelayed": 864, "distributor violated": 0, "exec candidate": 1913, "exec collide": 11441, "exec fuzz": 22292, "exec gen": 1131, "exec hints": 5241, "exec inject": 0, "exec minimize": 16431, "exec retries": 0, "exec seeds": 3336, "exec smash": 26172, "exec total [base]": 61802, "exec total [new]": 96669, "exec triage": 3035, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 243, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 89, "max signal": 12586, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8324, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1298, "no exec duration": 24911000000, "no exec requests": 183, "pending": 0, "prog exec time": 250, "reproducing": 0, "rpc recv": 1359328204, "rpc sent": 250032736, "signal": 11635, "smash jobs": 144, "triage jobs": 10, "vm output": 566502, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 17:24:38 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 50, "corpus": 1307, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 59, "coverage": 12796, "distributor delayed": 946, "distributor undelayed": 946, "distributor violated": 0, "exec candidate": 1913, "exec collide": 17771, "exec fuzz": 34569, "exec gen": 1793, "exec hints": 10554, "exec inject": 0, "exec minimize": 19158, "exec retries": 0, "exec seeds": 3928, "exec smash": 32624, "exec total [base]": 76288, "exec total [new]": 131480, "exec triage": 3493, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 23, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 5, "max signal": 13193, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9522, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1501, "no exec duration": 24911000000, "no exec requests": 183, "pending": 0, "prog exec time": 290, "reproducing": 0, "rpc recv": 1627450524, "rpc sent": 334598920, "signal": 12259, "smash jobs": 10, "triage jobs": 8, "vm output": 939765, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 17:29:38 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 69, "corpus": 1430, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 126, "coverage": 13244, "distributor delayed": 1002, "distributor undelayed": 1002, "distributor violated": 0, "exec candidate": 1913, "exec collide": 25935, "exec fuzz": 49901, "exec gen": 2659, "exec hints": 11329, "exec inject": 0, "exec minimize": 21370, "exec retries": 0, "exec seeds": 4308, "exec smash": 35780, "exec total [base]": 89067, "exec total [new]": 162675, "exec triage": 3802, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 10, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 13710, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10575, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1637, "no exec duration": 24911000000, "no exec requests": 183, "pending": 0, "prog exec time": 256, "reproducing": 0, "rpc recv": 1829744024, "rpc sent": 422381112, "signal": 12688, "smash jobs": 7, "triage jobs": 3, "vm output": 1221799, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 17:34:38 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 88, "corpus": 1534, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 202, "coverage": 13539, "distributor delayed": 1045, "distributor undelayed": 1045, "distributor violated": 0, "exec candidate": 1913, "exec collide": 35216, "exec fuzz": 67077, "exec gen": 3552, "exec hints": 11771, "exec inject": 0, "exec minimize": 22976, "exec retries": 0, "exec seeds": 4620, "exec smash": 38434, "exec total [base]": 102259, "exec total [new]": 195308, "exec triage": 4072, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 11, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 14178, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11298, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1757, "no exec duration": 24911000000, "no exec requests": 183, "pending": 0, "prog exec time": 277, "reproducing": 0, "rpc recv": 2003278472, "rpc sent": 518166376, "signal": 12950, "smash jobs": 7, "triage jobs": 4, "vm output": 1520831, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 17:35:38 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/07 17:35:38 syz-diff (base): kernel context loop terminated 2025/08/07 17:35:38 syz-diff (new): kernel context loop terminated 2025/08/07 17:35:38 diff fuzzing terminated 2025/08/07 17:35:38 bug reporting terminated 2025/08/07 17:35:38 status reporting terminated 2025/08/07 17:35:38 fuzzing is finished 2025/08/07 17:35:38 status at the end: Title On-Base On-Patched