2025/08/11 03:22:23 extracted 303683 symbol hashes for base and 303683 for patched 2025/08/11 03:22:23 adding modified_functions to focus areas: ["nvmet_execute_disc_identify"] 2025/08/11 03:22:23 adding directly modified files to focus areas: ["arch/riscv/kvm/vcpu.c"] 2025/08/11 03:22:24 downloaded the corpus from https://storage.googleapis.com/syzkaller/corpus/ci-upstream-kasan-gce-root-corpus.db 2025/08/11 03:23:14 runner 2 connected 2025/08/11 03:23:21 executor cover filter: 0 PCs 2025/08/11 03:23:21 runner 7 connected 2025/08/11 03:23:21 runner 3 connected 2025/08/11 03:23:21 runner 2 connected 2025/08/11 03:23:21 runner 4 connected 2025/08/11 03:23:21 runner 8 connected 2025/08/11 03:23:21 runner 1 connected 2025/08/11 03:23:21 runner 5 connected 2025/08/11 03:23:22 runner 6 connected 2025/08/11 03:23:22 runner 1 connected 2025/08/11 03:23:22 runner 0 connected 2025/08/11 03:23:24 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/11 03:23:24 base: machine check complete 2025/08/11 03:23:28 initializing coverage information... 2025/08/11 03:23:32 discovered 7697 source files, 338543 symbols 2025/08/11 03:23:32 coverage filter: nvmet_execute_disc_identify: [nvmet_execute_disc_identify] 2025/08/11 03:23:32 coverage filter: arch/riscv/kvm/vcpu.c: [] 2025/08/11 03:23:32 area "symbols": 15 PCs in the cover filter 2025/08/11 03:23:32 area "files": 0 PCs in the cover filter 2025/08/11 03:23:32 area "": 0 PCs in the cover filter 2025/08/11 03:23:32 executor cover filter: 0 PCs 2025/08/11 03:23:33 machine check: disabled the following syscalls: openat$sev : failed to open /dev/sev: no such file or directory syz_kvm_setup_cpu$ppc64 : unsupported arch transitively disabled the following syscalls (missing resource [creating syscalls]): close$binfmt : fd_binfmt [openat$binfmt] close$fd_v4l2_buffer : fd_v4l2_buffer [ioctl$VIDIOC_QUERYBUF_DMABUF] close$ibv_device : fd_rdma [openat$uverbs0] ioctl$KVM_CAP_SGX_ATTRIBUTE : fd_sgx_provision [openat$sgx_provision] ioctl$KVM_SEV_CERT_EXPORT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_DECRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_DBG_ENCRYPT : fd_sev [openat$sev] ioctl$KVM_SEV_ES_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_GET_ATTESTATION_REPORT : fd_sev [openat$sev] ioctl$KVM_SEV_GUEST_STATUS : fd_sev [openat$sev] ioctl$KVM_SEV_INIT : fd_sev [openat$sev] ioctl$KVM_SEV_INIT2 : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_MEASURE : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_SECRET : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_LAUNCH_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_LAUNCH_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_START : sev_handle [ioctl$KVM_SEV_GUEST_STATUS ioctl$KVM_SEV_LAUNCH_START ioctl$KVM_SEV_RECEIVE_START] ioctl$KVM_SEV_RECEIVE_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_RECEIVE_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_CANCEL : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_START : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_DATA : fd_sev [openat$sev] ioctl$KVM_SEV_SEND_UPDATE_VMSA : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_FINISH : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_START : fd_sev [openat$sev] ioctl$KVM_SEV_SNP_LAUNCH_UPDATE : fd_sev [openat$sev] BinFmtMisc : enabled Comparisons : enabled Coverage : enabled DelayKcovMmap : enabled DevlinkPCI : PCI device 0000:00:10.0 is not available ExtraCoverage : enabled Fault : enabled KCSAN : write(/sys/kernel/debug/kcsan, on) failed KcovResetIoctl : kernel does not support ioctl(KCOV_RESET_TRACE) LRWPANEmulation : enabled Leak : failed to write(kmemleak, "scan=off") NetDevices : enabled NetInjection : enabled NicVF : PCI device 0000:00:11.0 is not available SandboxAndroid : setfilecon: setxattr failed. (errno 1: Operation not permitted). . process exited with status 67. SandboxNamespace : enabled SandboxNone : enabled SandboxSetuid : enabled Swap : enabled USBEmulation : enabled VhciInjection : enabled WifiEmulation : enabled syscalls : 165/8048 2025/08/11 03:23:33 new: machine check complete 2025/08/11 03:23:36 new: adding 2041 seeds 2025/08/11 03:23:55 triaged 98.5% of the corpus 2025/08/11 03:23:55 starting bug reproductions 2025/08/11 03:23:55 starting bug reproductions (max 10 VMs, 7 repros) 2025/08/11 03:24:25 triaged 100.0% of the corpus 2025/08/11 03:27:25 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 0, "corpus": 749, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 0, "coverage": 10688, "distributor delayed": 478, "distributor undelayed": 478, "distributor violated": 0, "exec candidate": 2041, "exec collide": 3982, "exec fuzz": 7384, "exec gen": 398, "exec hints": 1164, "exec inject": 0, "exec minimize": 9901, "exec retries": 0, "exec seeds": 2098, "exec smash": 8301, "exec total [base]": 19220, "exec total [new]": 43333, "exec triage": 1997, "executor restarts": 44, "fault jobs": 0, "fuzzer jobs": 872, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 8, "hints jobs": 192, "max signal": 11037, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 5360, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 853, "no exec duration": 18134000000, "no exec requests": 46, "pending": 0, "prog exec time": 209, "reproducing": 0, "rpc recv": 751944164, "rpc sent": 64995672, "signal": 10246, "smash jobs": 666, "triage jobs": 14, "vm output": 159676, "vm restarts [base]": 3, "vm restarts [new]": 8 } 2025/08/11 03:32:25 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 25, "corpus": 1061, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 2, "coverage": 12272, "distributor delayed": 649, "distributor undelayed": 649, "distributor violated": 0, "exec candidate": 2041, "exec collide": 8780, "exec fuzz": 16630, "exec gen": 863, "exec hints": 3233, "exec inject": 0, "exec minimize": 14863, "exec retries": 0, "exec seeds": 3119, "exec smash": 19715, "exec total [base]": 32923, "exec total [new]": 78102, "exec triage": 2791, "executor restarts": 44, "fault jobs": 0, "fuzzer jobs": 827, "fuzzing VMs [base]": 3, "fuzzing VMs [new]": 8, "hints jobs": 185, "max signal": 12634, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 7673, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1206, "no exec duration": 18134000000, "no exec requests": 46, "pending": 0, "prog exec time": 227, "reproducing": 0, "rpc recv": 1161709876, "rpc sent": 153579840, "signal": 11736, "smash jobs": 637, "triage jobs": 5, "vm output": 297627, "vm restarts [base]": 3, "vm restarts [new]": 8 } 2025/08/11 03:32:31 new: boot error: can't ssh into the instance 2025/08/11 03:32:31 base: boot error: can't ssh into the instance 2025/08/11 03:32:31 new: boot error: can't ssh into the instance 2025/08/11 03:33:12 runner 3 connected 2025/08/11 03:33:12 runner 0 connected 2025/08/11 03:33:13 runner 9 connected 2025/08/11 03:37:25 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 76, "corpus": 1300, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 12, "coverage": 13053, "distributor delayed": 754, "distributor undelayed": 754, "distributor violated": 0, "exec candidate": 2041, "exec collide": 13898, "exec fuzz": 26445, "exec gen": 1361, "exec hints": 6655, "exec inject": 0, "exec minimize": 19088, "exec retries": 0, "exec seeds": 3913, "exec smash": 30930, "exec total [base]": 47484, "exec total [new]": 113815, "exec triage": 3409, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 258, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 79, "max signal": 13410, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 9652, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1485, "no exec duration": 18134000000, "no exec requests": 46, "pending": 0, "prog exec time": 229, "reproducing": 0, "rpc recv": 1632450180, "rpc sent": 248945648, "signal": 12461, "smash jobs": 170, "triage jobs": 9, "vm output": 516119, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/11 03:42:25 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 93, "corpus": 1445, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 40, "coverage": 13406, "distributor delayed": 816, "distributor undelayed": 816, "distributor violated": 0, "exec candidate": 2041, "exec collide": 21816, "exec fuzz": 41483, "exec gen": 2148, "exec hints": 9661, "exec inject": 0, "exec minimize": 21561, "exec retries": 0, "exec seeds": 4377, "exec smash": 36380, "exec total [base]": 61874, "exec total [new]": 149290, "exec triage": 3751, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 15, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 1, "max signal": 13831, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 10835, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1645, "no exec duration": 18134000000, "no exec requests": 46, "pending": 0, "prog exec time": 282, "reproducing": 0, "rpc recv": 1846822960, "rpc sent": 347954048, "signal": 12805, "smash jobs": 7, "triage jobs": 7, "vm output": 777425, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/11 03:47:25 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 108, "corpus": 1556, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 60, "coverage": 13695, "distributor delayed": 862, "distributor undelayed": 862, "distributor violated": 0, "exec candidate": 2041, "exec collide": 30765, "exec fuzz": 58214, "exec gen": 3052, "exec hints": 9940, "exec inject": 0, "exec minimize": 23723, "exec retries": 0, "exec seeds": 4716, "exec smash": 39155, "exec total [base]": 75070, "exec total [new]": 181713, "exec triage": 4035, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 19, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 2, "max signal": 14139, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 11878, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1773, "no exec duration": 18134000000, "no exec requests": 46, "pending": 0, "prog exec time": 274, "reproducing": 0, "rpc recv": 2016533492, "rpc sent": 445263720, "signal": 13090, "smash jobs": 12, "triage jobs": 5, "vm output": 1076681, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/11 03:52:25 STAT { "buffer too small": 0, "candidate triage jobs": 0, "candidates": 0, "comps overflows": 112, "corpus": 1639, "corpus [files]": 0, "corpus [symbols]": 0, "cover overflows": 102, "coverage": 13886, "distributor delayed": 906, "distributor undelayed": 906, "distributor violated": 0, "exec candidate": 2041, "exec collide": 39688, "exec fuzz": 75553, "exec gen": 3979, "exec hints": 10110, "exec inject": 0, "exec minimize": 25109, "exec retries": 0, "exec seeds": 4971, "exec smash": 41407, "exec total [base]": 87909, "exec total [new]": 213175, "exec triage": 4244, "executor restarts": 50, "fault jobs": 0, "fuzzer jobs": 9, "fuzzing VMs [base]": 4, "fuzzing VMs [new]": 10, "hints jobs": 0, "max signal": 14337, "minimize: array": 0, "minimize: buffer": 0, "minimize: call": 12550, "minimize: filename": 0, "minimize: integer": 0, "minimize: pointer": 0, "minimize: props": 0, "minimize: resource": 0, "modules [base]": 1, "modules [new]": 1, "new inputs": 1866, "no exec duration": 18134000000, "no exec requests": 46, "pending": 0, "prog exec time": 297, "reproducing": 0, "rpc recv": 2151496660, "rpc sent": 545296232, "signal": 13263, "smash jobs": 3, "triage jobs": 6, "vm output": 1386465, "vm restarts [base]": 4, "vm restarts [new]": 10 } 2025/08/11 03:54:25 fuzzer has not reached the modified code in 30m0s, aborting 2025/08/11 03:54:25 syz-diff (base): kernel context loop terminated 2025/08/11 03:54:25 syz-diff (new): kernel context loop terminated 2025/08/11 03:54:25 diff fuzzing terminated 2025/08/11 03:54:25 bug reporting terminated 2025/08/11 03:54:25 status reporting terminated 2025/08/11 03:54:25 fuzzing is finished 2025/08/11 03:54:25 status at the end: Title On-Base On-Patched