2025/08/14 16:53:41 extracted 303751 symbol hashes for base and 303751 for patched 2025/08/14 16:53:42 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/14 16:53:42 adding directly modified files to focus areas: ["Documentation/virt/kvm/api.rst"] 2025/08/14 16:53:43 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/14 16:54:32 runner 4 connected 2025/08/14 16:54:38 initializing coverage information... 2025/08/14 16:54:40 runner 6 connected 2025/08/14 16:54:40 runner 3 connected 2025/08/14 16:54:40 runner 0 connected 2025/08/14 16:54:40 runner 9 connected 2025/08/14 16:54:40 runner 2 connected 2025/08/14 16:54:40 runner 3 connected 2025/08/14 16:54:40 runner 5 connected 2025/08/14 16:54:40 runner 7 connected 2025/08/14 16:54:40 runner 1 connected 2025/08/14 16:54:40 runner 1 connected 2025/08/14 16:54:40 runner 2 connected 2025/08/14 16:54:42 discovered 7699 source files, 338620 symbols 2025/08/14 16:54:42 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/14 16:54:42 coverage filter: Documentation/virt/kvm/api.rst: [] 2025/08/14 16:54:42 area "symbols": 15 PCs in the cover filter 2025/08/14 16:54:42 area "files": 0 PCs in the cover filter 2025/08/14 16:54:42 area "": 0 PCs in the cover filter 2025/08/14 16:54:42 executor cover filter: 0 PCs 2025/08/14 16:54:45 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/14 16:54:45 new: machine check complete 2025/08/14 16:54:46 executor cover filter: 0 PCs 2025/08/14 16:54:48 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/14 16:54:48 base: machine check complete 2025/08/14 16:54:48 new: adding 2157 seeds 2025/08/14 16:55:14 triaged 100.0% of the corpus 2025/08/14 16:55:14 triaged 100.0% of the corpus 2025/08/14 16:55:14 starting bug reproductions 2025/08/14 16:55:14 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/14 16:58:44 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 711, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 9625, "distributor delayed": 438, "distributor undelayed": 438, "distributor violated": 0, "exec candidate": 2157, "exec collide": 3885, "exec fuzz": 7435, "exec gen": 366, "exec hints": 1274, "exec inject": 0, "exec minimize": 9393, "exec retries": 0, "exec seeds": 1990, "exec smash": 8253, "exec total [base]": 25562, "exec total [new]": 43010, "exec triage": 1842, "executor restarts": 43, "fault jobs": 0, "fuzzer jobs": 829, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 8, "hints jobs": 158, "max signal": 10012, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5090, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 788, "no exec duration": 11346000000, "no exec requests": 35, "pending": 0, "prog exec time": 197, "reproducing": 0, "rpc recv": 767650760, "rpc sent": 77774480, "signal": 9125, "smash jobs": 656, "triage jobs": 15, "vm output": 159723, "vm restarts [base]": 4, "vm restarts [new]": 8 } 2025/08/14 17:03:44 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 19, "corpus": 1008, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 12004, "distributor delayed": 620, "distributor undelayed": 620, "distributor violated": 0, "exec candidate": 2157, "exec collide": 8466, "exec fuzz": 16392, "exec gen": 849, "exec hints": 3309, "exec inject": 0, "exec minimize": 14255, "exec retries": 0, "exec seeds": 2949, "exec smash": 19272, "exec total [base]": 42944, "exec total [new]": 76698, "exec triage": 2632, "executor restarts": 43, "fault jobs": 0, "fuzzer jobs": 663, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 8, "hints jobs": 155, "max signal": 12359, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7329, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1135, "no exec duration": 11346000000, "no exec requests": 35, "pending": 0, "prog exec time": 211, "reproducing": 0, "rpc recv": 1170133724, "rpc sent": 179954048, "signal": 11509, "smash jobs": 498, "triage jobs": 10, "vm output": 251275, "vm restarts [base]": 4, "vm restarts [new]": 8 } 2025/08/14 17:03:49 new: boot error: can't ssh into the instance 2025/08/14 17:03:49 new: boot error: can't ssh into the instance 2025/08/14 17:04:37 runner 8 connected 2025/08/14 17:04:38 runner 0 connected 2025/08/14 17:08:44 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 45, "corpus": 1201, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 12712, "distributor delayed": 712, "distributor undelayed": 712, "distributor violated": 0, "exec candidate": 2157, "exec collide": 13500, "exec fuzz": 26050, "exec gen": 1372, "exec hints": 7422, "exec inject": 0, "exec minimize": 17424, "exec retries": 0, "exec seeds": 3596, "exec smash": 29736, "exec total [base]": 57773, "exec total [new]": 110835, "exec triage": 3152, "executor restarts": 49, "fault jobs": 0, "fuzzer jobs": 48, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 24, "max signal": 13128, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 8782, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1362, "no exec duration": 11346000000, "no exec requests": 35, "pending": 0, "prog exec time": 237, "reproducing": 0, "rpc recv": 1545802780, "rpc sent": 285515608, "signal": 12171, "smash jobs": 19, "triage jobs": 5, "vm output": 425815, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/14 17:13:44 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 54, "corpus": 1327, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 1, "coverage": 13053, "distributor delayed": 773, "distributor undelayed": 773, "distributor violated": 0, "exec candidate": 2157, "exec collide": 21271, "exec fuzz": 40907, "exec gen": 2175, "exec hints": 11727, "exec inject": 0, "exec minimize": 19587, "exec retries": 0, "exec seeds": 3980, "exec smash": 33047, "exec total [base]": 71840, "exec total [new]": 144802, "exec triage": 3526, "executor restarts": 49, "fault jobs": 0, "fuzzer jobs": 26, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 9, "max signal": 13547, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9813, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1521, "no exec duration": 11346000000, "no exec requests": 35, "pending": 0, "prog exec time": 287, "reproducing": 0, "rpc recv": 1729891876, "rpc sent": 393996136, "signal": 12466, "smash jobs": 10, "triage jobs": 7, "vm output": 595695, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/14 17:18:44 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 68, "corpus": 1451, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 7, "coverage": 13399, "distributor delayed": 827, "distributor undelayed": 827, "distributor violated": 0, "exec candidate": 2157, "exec collide": 28634, "exec fuzz": 54945, "exec gen": 2935, "exec hints": 14644, "exec inject": 0, "exec minimize": 22127, "exec retries": 0, "exec seeds": 4353, "exec smash": 36216, "exec total [base]": 84960, "exec total [new]": 176266, "exec triage": 3831, "executor restarts": 49, "fault jobs": 0, "fuzzer jobs": 16, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 13903, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11043, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1657, "no exec duration": 11346000000, "no exec requests": 35, "pending": 0, "prog exec time": 305, "reproducing": 0, "rpc recv": 1936450464, "rpc sent": 493471216, "signal": 12796, "smash jobs": 6, "triage jobs": 8, "vm output": 753747, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/14 17:23:44 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 81, "corpus": 1542, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 15, "coverage": 13691, "distributor delayed": 870, "distributor undelayed": 870, "distributor violated": 0, "exec candidate": 2157, "exec collide": 36842, "exec fuzz": 70395, "exec gen": 3764, "exec hints": 15133, "exec inject": 0, "exec minimize": 23589, "exec retries": 0, "exec seeds": 4626, "exec smash": 38480, "exec total [base]": 96897, "exec total [new]": 205489, "exec triage": 4083, "executor restarts": 49, "fault jobs": 0, "fuzzer jobs": 14, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 14188, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11705, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1764, "no exec duration": 11346000000, "no exec requests": 35, "pending": 0, "prog exec time": 331, "reproducing": 0, "rpc recv": 2094453232, "rpc sent": 592187496, "signal": 13066, "smash jobs": 6, "triage jobs": 7, "vm output": 946458, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/14 17:25:14 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/14 17:25:14 syz-diff (base): kernel context loop terminated 2025/08/14 17:25:14 syz-diff (new): kernel context loop terminated 2025/08/14 17:25:14 diff fuzzing terminated 2025/08/14 17:25:14 bug reporting terminated 2025/08/14 17:25:14 status reporting terminated 2025/08/14 17:25:14 fuzzing is finished 2025/08/14 17:25:14 status at the end: Title On-Base On-Patched