2025/08/07 07:24:57 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/07 07:24:57 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/07 07:24:57 adding directly modified files to focus areas: ["arch/x86/kvm/vmx/vmenter.S"] 2025/08/07 07:24:58 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/07 07:25:56 runner 3 connected 2025/08/07 07:25:56 runner 0 connected 2025/08/07 07:25:56 runner 0 connected 2025/08/07 07:25:56 runner 1 connected 2025/08/07 07:25:56 runner 2 connected 2025/08/07 07:25:56 runner 5 connected 2025/08/07 07:25:56 runner 4 connected 2025/08/07 07:25:56 runner 7 connected 2025/08/07 07:25:56 runner 8 connected 2025/08/07 07:25:56 runner 9 connected 2025/08/07 07:25:56 runner 2 connected 2025/08/07 07:25:57 runner 1 connected 2025/08/07 07:25:57 runner 3 connected 2025/08/07 07:25:57 runner 6 connected 2025/08/07 07:26:03 initializing coverage information... 2025/08/07 07:26:03 executor cover filter: 0 PCs 2025/08/07 07:26:05 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/07 07:26:05 base: machine check complete 2025/08/07 07:26:07 discovered 7697 source files, 338543 symbols 2025/08/07 07:26:08 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/07 07:26:08 coverage filter: arch/x86/kvm/vmx/vmenter.S: [] 2025/08/07 07:26:08 area "symbols": 15 PCs in the cover filter 2025/08/07 07:26:08 area "files": 0 PCs in the cover filter 2025/08/07 07:26:08 area "": 0 PCs in the cover filter 2025/08/07 07:26:08 executor cover filter: 0 PCs 2025/08/07 07:26:09 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/07 07:26:09 new: machine check complete 2025/08/07 07:26:12 new: adding 1971 seeds 2025/08/07 07:26:29 triaged 99.4% of the corpus 2025/08/07 07:26:29 starting bug reproductions 2025/08/07 07:26:29 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/07 07:26:29 triaged 99.4% of the corpus 2025/08/07 07:29:59 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 3, "corpus": 767, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 1, "coverage": 10609, "distributor delayed": 399, "distributor undelayed": 399, "distributor violated": 0, "exec candidate": 1971, "exec collide": 4055, "exec fuzz": 7701, "exec gen": 429, "exec hints": 1345, "exec inject": 0, "exec minimize": 10354, "exec retries": 0, "exec seeds": 2129, "exec smash": 8405, "exec total [base]": 20935, "exec total [new]": 44254, "exec triage": 2024, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 910, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 176, "max signal": 10941, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5541, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 852, "no exec duration": 23046000000, "no exec requests": 34, "pending": 0, "prog exec time": 217, "reproducing": 0, "rpc recv": 935671536, "rpc sent": 69336800, "signal": 10135, "smash jobs": 724, "triage jobs": 10, "vm output": 210932, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 07:34:59 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 6, "corpus": 1048, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 17, "coverage": 12011, "distributor delayed": 553, "distributor undelayed": 553, "distributor violated": 0, "exec candidate": 1971, "exec collide": 9496, "exec fuzz": 17946, "exec gen": 935, "exec hints": 3619, "exec inject": 0, "exec minimize": 14842, "exec retries": 0, "exec seeds": 3070, "exec smash": 21381, "exec total [base]": 36569, "exec total [new]": 81931, "exec triage": 2827, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 585, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 137, "max signal": 12493, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7606, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1194, "no exec duration": 23046000000, "no exec requests": 34, "pending": 0, "prog exec time": 234, "reproducing": 0, "rpc recv": 1328123964, "rpc sent": 166529400, "signal": 11562, "smash jobs": 436, "triage jobs": 12, "vm output": 347665, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 07:39:59 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 13, "corpus": 1235, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 26, "coverage": 12544, "distributor delayed": 621, "distributor undelayed": 621, "distributor violated": 0, "exec candidate": 1971, "exec collide": 15181, "exec fuzz": 28560, "exec gen": 1537, "exec hints": 8597, "exec inject": 0, "exec minimize": 17878, "exec retries": 0, "exec seeds": 3678, "exec smash": 30622, "exec total [base]": 51155, "exec total [new]": 117139, "exec triage": 3270, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 29, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 12, "max signal": 12981, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9020, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1396, "no exec duration": 23046000000, "no exec requests": 34, "pending": 0, "prog exec time": 232, "reproducing": 0, "rpc recv": 1601348720, "rpc sent": 266664768, "signal": 12041, "smash jobs": 6, "triage jobs": 11, "vm output": 521496, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 07:44:59 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 18, "corpus": 1354, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 32, "coverage": 12935, "distributor delayed": 662, "distributor undelayed": 662, "distributor violated": 0, "exec candidate": 1971, "exec collide": 23582, "exec fuzz": 44329, "exec gen": 2364, "exec hints": 10707, "exec inject": 0, "exec minimize": 19763, "exec retries": 0, "exec seeds": 4043, "exec smash": 33585, "exec total [base]": 64450, "exec total [new]": 149737, "exec triage": 3550, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 18, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13394, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9932, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1526, "no exec duration": 23046000000, "no exec requests": 34, "pending": 0, "prog exec time": 296, "reproducing": 0, "rpc recv": 1763346092, "rpc sent": 369282992, "signal": 12407, "smash jobs": 10, "triage jobs": 5, "vm output": 742153, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 07:49:59 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 20, "corpus": 1446, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 37, "coverage": 13177, "distributor delayed": 706, "distributor undelayed": 706, "distributor violated": 0, "exec candidate": 1971, "exec collide": 32037, "exec fuzz": 60539, "exec gen": 3255, "exec hints": 11344, "exec inject": 0, "exec minimize": 21352, "exec retries": 0, "exec seeds": 4321, "exec smash": 35881, "exec total [base]": 76880, "exec total [new]": 180350, "exec triage": 3805, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 18, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 3, "max signal": 13675, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10702, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1635, "no exec duration": 23046000000, "no exec requests": 34, "pending": 0, "prog exec time": 277, "reproducing": 0, "rpc recv": 1914216052, "rpc sent": 469194000, "signal": 12643, "smash jobs": 11, "triage jobs": 4, "vm output": 958692, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 07:54:59 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 25, "corpus": 1532, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 71, "coverage": 13416, "distributor delayed": 746, "distributor undelayed": 746, "distributor violated": 0, "exec candidate": 1971, "exec collide": 40707, "exec fuzz": 76944, "exec gen": 4157, "exec hints": 11805, "exec inject": 0, "exec minimize": 22634, "exec retries": 0, "exec seeds": 4584, "exec smash": 38091, "exec total [base]": 89477, "exec total [new]": 210773, "exec triage": 4036, "executor restarts": 52, "fault jobs": 0, "fuzzer jobs": 12, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 13928, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11302, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1735, "no exec duration": 23046000000, "no exec requests": 34, "pending": 0, "prog exec time": 288, "reproducing": 0, "rpc recv": 2041394936, "rpc sent": 573457304, "signal": 12872, "smash jobs": 10, "triage jobs": 2, "vm output": 1174812, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/07 07:56:29 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/07 07:56:30 syz-diff (base): kernel context loop terminated 2025/08/07 07:56:30 syz-diff (new): kernel context loop terminated 2025/08/07 07:56:30 diff fuzzing terminated 2025/08/07 07:56:30 bug reporting terminated 2025/08/07 07:56:30 status reporting terminated 2025/08/07 07:56:30 fuzzing is finished 2025/08/07 07:56:30 status at the end: Title On-Base On-Patched