On July 18, 2023 6:27:23 PM PDT, syzbot <syzbot+98d3ceb7e01269e7bf4f@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote: >syzbot has bisected this issue to: > >commit c30417b20f4993e49406f3f6d986355c6e943aa2 >Author: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx> >Date: Mon Jul 17 09:33:32 2023 +0000 > > seq_file: Replace strncpy()+nul by strscpy() Uh... Wat. Is this a bug in strscpy fortification? It's copying out of a (recast) be32... It shouldn't expect to find a NUL because it hit the max copy size already... Looking... -Kees > >bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=17488c1aa80000 >start commit: aeba456828b4 Add linux-next specific files for 20230718 >git tree: linux-next >final oops: https://syzkaller.appspot.com/x/report.txt?x=14c88c1aa80000 >console output: https://syzkaller.appspot.com/x/log.txt?x=10c88c1aa80000 >kernel config: https://syzkaller.appspot.com/x/.config?x=e7ec534f91cfce6c >dashboard link: https://syzkaller.appspot.com/bug?extid=98d3ceb7e01269e7bf4f >syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15ecf646a80000 >C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1476f30aa80000 > >Reported-by: syzbot+98d3ceb7e01269e7bf4f@xxxxxxxxxxxxxxxxxxxxxxxxx >Fixes: c30417b20f49 ("seq_file: Replace strncpy()+nul by strscpy()") > >For information about bisection process see: https://goo.gl/tpsmEJ#bisection -- Kees Cook