loop1: detected capacity change from 0 to 32768
XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
XFS (loop1): Ending clean mount
================================================================================
UBSAN: array-index-out-of-bounds in fs/xfs/libxfs/xfs_attr_leaf.c:1560:19
index 13 is out of range for type '__u8[1]' (aka 'unsigned char[1]')
CPU: 0 PID: 6266 Comm: syz-executor.1 Not tainted 6.5.0-rc1-syzkaller-g05d881b85b48 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
Call trace:
 dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233
 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106
 dump_stack+0x1c/0x28 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:217 [inline]
 __ubsan_handle_out_of_bounds+0xfc/0x148 lib/ubsan.c:348
 xfs_attr3_leaf_add_work+0x129c/0x1490 fs/xfs/libxfs/xfs_attr_leaf.c:1560
 xfs_attr3_leaf_add+0x500/0x94c
 xfs_attr_leaf_try_add+0x37c/0x6fc fs/xfs/libxfs/xfs_attr.c:1242
 xfs_attr_leaf_addname fs/xfs/libxfs/xfs_attr.c:444 [inline]
 xfs_attr_set_iter+0xb50/0x30a0 fs/xfs/libxfs/xfs_attr.c:721
 xfs_xattri_finish_update+0x4c/0x174 fs/xfs/xfs_attr_item.c:332
 xfs_attr_finish_item+0x74/0xbc fs/xfs/xfs_attr_item.c:463
 xfs_defer_finish_one fs/xfs/libxfs/xfs_defer.c:481 [inline]
 xfs_defer_finish_noroll+0xf7c/0x208c fs/xfs/libxfs/xfs_defer.c:565
 __xfs_trans_commit+0x548/0x1178 fs/xfs/xfs_trans.c:972
 xfs_trans_commit+0x24/0x34 fs/xfs/xfs_trans.c:1056
 xfs_attr_set+0xecc/0x13d0 fs/xfs/libxfs/xfs_attr.c:1083
 xfs_attr_change fs/xfs/xfs_xattr.c:106 [inline]
 xfs_xattr_set+0x1a8/0x30c fs/xfs/xfs_xattr.c:151
 __vfs_setxattr+0x3d8/0x400 fs/xattr.c:201
 __vfs_setxattr_noperm+0x110/0x528 fs/xattr.c:235
 __vfs_setxattr_locked+0x1ec/0x218 fs/xattr.c:296
 vfs_setxattr+0x1a8/0x344 fs/xattr.c:322
 do_setxattr fs/xattr.c:630 [inline]
 setxattr+0x208/0x29c fs/xattr.c:653
 path_setxattr+0x17c/0x258 fs/xattr.c:672
 __do_sys_lsetxattr fs/xattr.c:695 [inline]
 __se_sys_lsetxattr fs/xattr.c:691 [inline]
 __arm64_sys_lsetxattr+0xbc/0xd8 fs/xattr.c:691
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x244 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:191
 el0_svc+0x4c/0x160 arch/arm64/kernel/entry-common.c:647
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591
================================================================================
================================================================================
UBSAN: array-index-out-of-bounds in fs/xfs/libxfs/xfs_attr_leaf.c:2535:7
index 13 is out of range for type '__u8[1]' (aka 'unsigned char[1]')
CPU: 1 PID: 6266 Comm: syz-executor.1 Not tainted 6.5.0-rc1-syzkaller-g05d881b85b48 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
Call trace:
 dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233
 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106
 dump_stack+0x1c/0x28 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:217 [inline]
 __ubsan_handle_out_of_bounds+0xfc/0x148 lib/ubsan.c:348
 xfs_attr3_leaf_getvalue+0x76c/0x790 fs/xfs/libxfs/xfs_attr_leaf.c:2535
 xfs_attr_leaf_get+0x180/0x438 fs/xfs/libxfs/xfs_attr.c:1338
 xfs_attr_get_ilocked+0x2ac/0x304 fs/xfs/libxfs/xfs_attr.c:235
 xfs_attr_get+0x2d0/0x424 fs/xfs/libxfs/xfs_attr.c:275
 xfs_xattr_get+0x178/0x284 fs/xfs/xfs_xattr.c:128
 __vfs_getxattr+0x394/0x3c0 fs/xattr.c:424
 vfs_getxattr+0x268/0x2c4 fs/xattr.c:457
 do_getxattr+0x1e4/0x480 fs/xattr.c:739
 getxattr fs/xattr.c:772 [inline]
 path_getxattr+0x29c/0x388 fs/xattr.c:788
 __do_sys_getxattr fs/xattr.c:800 [inline]
 __se_sys_getxattr fs/xattr.c:797 [inline]
 __arm64_sys_getxattr+0xa0/0xb8 fs/xattr.c:797
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x244 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:191
 el0_svc+0x4c/0x160 arch/arm64/kernel/entry-common.c:647
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591
================================================================================