./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2211805193 <...> Warning: Permanently added '10.128.0.154' (ED25519) to the list of known hosts. execve("./syz-executor2211805193", ["./syz-executor2211805193"], 0x7ffec33aa3e0 /* 10 vars */) = 0 brk(NULL) = 0x5555558f2000 brk(0x5555558f2d00) = 0x5555558f2d00 arch_prctl(ARCH_SET_FS, 0x5555558f2380) = 0 set_tid_address(0x5555558f2650) = 5030 set_robust_list(0x5555558f2660, 24) = 0 rseq(0x5555558f2ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2211805193", 4096) = 28 getrandom("\x49\x3b\x8a\x80\x0b\x62\xe4\x96", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555558f2d00 brk(0x555555913d00) = 0x555555913d00 brk(0x555555914000) = 0x555555914000 mprotect(0x7fcba044c000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdirat(AT_FDCWD, "./file0", 000) = 0 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcb97f9c000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 32768) = 32768 munmap(0x7fcb97f9c000, 32768) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0/file0", 0777) = 0 mount("/dev/loop0", "./file0/file0", "hfs", MS_RDONLY|MS_LAZYTIME, "gid=0x0000000000000000,dir_umask=01777777777777777710165,gid=0x0000000000000000,codepage=koi8-u,part"...) = 0 openat(AT_FDCWD, "./file0/file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0/file0") = 0 ioctl(4, LOOP_CLR_FD) = 0 close(4) = 0 openat(AT_FDCWD, "/proc/self/mounts", O_RDWR) = 4 [ 77.736615][ T5030] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5030 'syz-executor221' [ 77.752029][ T5030] loop0: detected capacity change from 0 to 64 [ 77.771931][ T5030] detected buffer overflow in strnlen [ 77.778393][ T5030] ------------[ cut here ]------------ [ 77.784068][ T5030] kernel BUG at lib/string_helpers.c:1031! [ 77.790297][ T5030] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 77.796432][ T5030] CPU: 0 PID: 5030 Comm: syz-executor221 Not tainted 6.5.0-rc2-next-20230718-syzkaller #0 [ 77.806364][ T5030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 77.816434][ T5030] RIP: 0010:fortify_panic+0x1c/0x20 [ 77.821676][ T5030] Code: ba fd eb d7 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 53 48 89 fb e8 23 de 65 fd 48 89 de 48 c7 c7 00 2c c8 8a e8 e4 28 49 fd <0f> 0b 66 90 f3 0f 1e fa 41 55 41 54 55 53 48 89 fb e8 fe dd 65 fd [ 77.841302][ T5030] RSP: 0018:ffffc90003b0fb38 EFLAGS: 00010286 [ 77.847473][ T5030] RAX: 0000000000000023 RBX: ffffffff8a879260 RCX: 0000000000000000 [ 77.855481][ T5030] RDX: 0000000000000000 RSI: ffffffff816aad20 RDI: 0000000000000005 [ 77.863478][ T5030] RBP: ffff888029e9f000 R08: 0000000000000005 R09: 0000000000000000 [ 77.871593][ T5030] R10: 0000000080000000 R11: 0000000000000001 R12: 1ffff92000761f69 [ 77.881233][ T5030] R13: 0000000000000004 R14: ffff88807ea07864 R15: ffffc90003b0fb68 [ 77.889308][ T5030] FS: 00005555558f2380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 77.898255][ T5030] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.904961][ T5030] CR2: 00000000005fdeb8 CR3: 0000000023140000 CR4: 00000000003506f0 [ 77.912961][ T5030] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.920988][ T5030] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.929071][ T5030] Call Trace: [ 77.932364][ T5030] [ 77.935354][ T5030] ? die+0x31/0x80 [ 77.939111][ T5030] ? do_trap+0x1ab/0x3b0 [ 77.943412][ T5030] ? fortify_panic+0x1c/0x20 [ 77.948047][ T5030] ? do_error_trap+0x9e/0x160 [ 77.952764][ T5030] ? fortify_panic+0x1c/0x20 [ 77.957418][ T5030] ? handle_invalid_op+0x2c/0x30 [ 77.962396][ T5030] ? fortify_panic+0x1c/0x20 [ 77.967043][ T5030] ? exc_invalid_op+0x2d/0x40 [ 77.971933][ T5030] ? asm_exc_invalid_op+0x1a/0x20 [ 77.976990][ T5030] ? vprintk+0x90/0xa0 [ 77.981088][ T5030] ? fortify_panic+0x1c/0x20 [ 77.985707][ T5030] ? fortify_panic+0x1c/0x20 [ 77.990532][ T5030] hfs_show_options+0x6c7/0x7a0 [ 77.995524][ T5030] ? hfs_fill_super+0x16e0/0x16e0 [ 78.000579][ T5030] ? seq_puts+0xdb/0x150 [ 78.004870][ T5030] ? seq_escape_mem+0x193/0x220 [ 78.009802][ T5030] ? show_mnt_opts+0xc7/0x150 [ 78.014535][ T5030] ? hfs_fill_super+0x16e0/0x16e0 [ 78.019611][ T5030] show_vfsmnt+0x364/0x470 [ 78.024053][ T5030] ? show_vfsstat+0x460/0x460 [ 78.028894][ T5030] ? do_raw_spin_unlock+0x173/0x230 [ 78.034354][ T5030] ? _raw_spin_unlock+0x28/0x40 [ 78.039412][ T5030] seq_read_iter+0xaf0/0x1280 [ 78.044408][ T5030] vfs_read+0x4e0/0x930 [ 78.048617][ T5030] ? kernel_read+0x1b0/0x1b0 [ 78.053240][ T5030] ? find_held_lock+0x2d/0x110 [ 78.058053][ T5030] ? reacquire_held_locks+0x4b0/0x4b0 [ 78.063466][ T5030] ? __fget_light+0x1fc/0x260 [ 78.068736][ T5030] ksys_read+0x12f/0x250 [ 78.073128][ T5030] ? vfs_write+0xe40/0xe40 [ 78.077761][ T5030] ? lockdep_hardirqs_on+0x7d/0x100 [ 78.083344][ T5030] ? _raw_spin_unlock_irq+0x2e/0x50 [ 78.088574][ T5030] ? ptrace_notify+0xf4/0x130 [ 78.093591][ T5030] do_syscall_64+0x38/0xb0 [ 78.098078][ T5030] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 78.104187][ T5030] RIP: 0033:0x7fcba03d9ab9 [ 78.108621][ T5030] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 78.128341][ T5030] RSP: 002b:00007ffd12ef40b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 78.136797][ T5030] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcba03d9ab9 [ 78.144879][ T5030] RDX: 0000000000002020 RSI: 0000000020000340 RDI: 0000000000000004 [ 78.152886][ T5030] RBP: 00007ffd12ef40c0 R08: 0000000000000000 R09: 65732f636f72702f [ 78.160886][ T5030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.168871][ T5030] R13: 00007ffd12ef4308 R14: 0000000000000001 R15: 0000000000000001 [ 78.176878][ T5030] [ 78.179901][ T5030] Modules linked in: [ 78.184198][ T5030] ---[ end trace 0000000000000000 ]--- [ 78.189754][ T5030] RIP: 0010:fortify_panic+0x1c/0x20 [ 78.195009][ T5030] Code: ba fd eb d7 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 53 48 89 fb e8 23 de 65 fd 48 89 de 48 c7 c7 00 2c c8 8a e8 e4 28 49 fd <0f> 0b 66 90 f3 0f 1e fa 41 55 41 54 55 53 48 89 fb e8 fe dd 65 fd [ 78.215278][ T5030] RSP: 0018:ffffc90003b0fb38 EFLAGS: 00010286 [ 78.221416][ T5030] RAX: 0000000000000023 RBX: ffffffff8a879260 RCX: 0000000000000000 [ 78.229450][ T5030] RDX: 0000000000000000 RSI: ffffffff816aad20 RDI: 0000000000000005 [ 78.237489][ T5030] RBP: ffff888029e9f000 R08: 0000000000000005 R09: 0000000000000000 [ 78.245514][ T5030] R10: 0000000080000000 R11: 0000000000000001 R12: 1ffff92000761f69 [ 78.253549][ T5030] R13: 0000000000000004 R14: ffff88807ea07864 R15: ffffc90003b0fb68 [ 78.261676][ T5030] FS: 00005555558f2380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 78.270680][ T5030] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.277345][ T5030] CR2: 00000000005fdeb8 CR3: 0000000023140000 CR4: 00000000003506f0 [ 78.285369][ T5030] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.293372][ T5030] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.301658][ T5030] Kernel panic - not syncing: Fatal exception [ 78.308255][ T5030] Kernel Offset: disabled [ 78.312599][ T5030] Rebooting in 86400 seconds..