================================================================================
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:633:9
index 19 is out of range for type 'xad_t[18]' (aka 'struct xad[18]')
CPU: 0 PID: 4032 Comm: syz-executor.0 Not tainted 5.15.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_out_of_bounds+0x108/0x15c lib/ubsan.c:282
 xtInsert+0xca8/0xd28 fs/jfs/jfs_xtree.c:633
 extAlloc+0x884/0xe38 fs/jfs/jfs_extent.c:148
 jfs_get_block+0x34c/0xbfc fs/jfs/inode.c:258
 nobh_write_begin+0x2d8/0xa28 fs/buffer.c:2650
 jfs_write_begin+0x58/0xa0 fs/jfs/inode.c:322
 generic_perform_write+0x24c/0x520 mm/filemap.c:3776
 __generic_file_write_iter+0x230/0x454 mm/filemap.c:3903
 generic_file_write_iter+0xb4/0x1b8 mm/filemap.c:3935
 __kernel_write+0x488/0x8b0 fs/read_write.c:539
 __dump_emit+0x200/0x338 fs/coredump.c:875
 dump_emit+0x288/0x36c fs/coredump.c:912
 dump_user_range+0xd0/0x35c fs/coredump.c:949
 elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
 do_coredump+0x12c8/0x2890 fs/coredump.c:826
 get_signal+0x3dc/0x1550 kernel/signal.c:2875
 do_signal arch/arm64/kernel/signal.c:890 [inline]
 do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
 el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
================================================================================
================================================================================
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:190:9
index 19 is out of range for type 'xad_t[18]' (aka 'struct xad[18]')
CPU: 0 PID: 4032 Comm: syz-executor.0 Not tainted 5.15.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_out_of_bounds+0x108/0x15c lib/ubsan.c:282
 xtLookup+0x70c/0x710 fs/jfs/jfs_xtree.c:190
 extHint+0x200/0x544 fs/jfs/jfs_extent.c:374
 jfs_get_block+0x308/0xbfc fs/jfs/inode.c:256
 nobh_write_begin+0x2d8/0xa28 fs/buffer.c:2650
 jfs_write_begin+0x58/0xa0 fs/jfs/inode.c:322
 generic_perform_write+0x24c/0x520 mm/filemap.c:3776
 __generic_file_write_iter+0x230/0x454 mm/filemap.c:3903
 generic_file_write_iter+0xb4/0x1b8 mm/filemap.c:3935
 __kernel_write+0x488/0x8b0 fs/read_write.c:539
 __dump_emit+0x200/0x338 fs/coredump.c:875
 dump_emit+0x288/0x36c fs/coredump.c:912
 dump_user_range+0xd0/0x35c fs/coredump.c:949
 elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
 do_coredump+0x12c8/0x2890 fs/coredump.c:826
 get_signal+0x3dc/0x1550 kernel/signal.c:2875
 do_signal arch/arm64/kernel/signal.c:890 [inline]
 do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
 el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
================================================================================
================================================================================
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:1381:9
index 20 is out of range for type 'xad_t[18]' (aka 'struct xad[18]')
CPU: 0 PID: 4032 Comm: syz-executor.0 Not tainted 5.15.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_out_of_bounds+0x108/0x15c lib/ubsan.c:282
 xtExtend+0x10f4/0x131c fs/jfs/jfs_xtree.c:1381
 extAlloc+0x84c/0xe38 fs/jfs/jfs_extent.c:146
 jfs_get_block+0x34c/0xbfc fs/jfs/inode.c:258
 nobh_write_begin+0x2d8/0xa28 fs/buffer.c:2650
 jfs_write_begin+0x58/0xa0 fs/jfs/inode.c:322
 generic_perform_write+0x24c/0x520 mm/filemap.c:3776
 __generic_file_write_iter+0x230/0x454 mm/filemap.c:3903
 generic_file_write_iter+0xb4/0x1b8 mm/filemap.c:3935
 __kernel_write+0x488/0x8b0 fs/read_write.c:539
 __dump_emit+0x200/0x338 fs/coredump.c:875
 dump_emit+0x288/0x36c fs/coredump.c:912
 dump_user_range+0xd0/0x35c fs/coredump.c:949
 elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
 do_coredump+0x12c8/0x2890 fs/coredump.c:826
 get_signal+0x3dc/0x1550 kernel/signal.c:2875
 do_signal arch/arm64/kernel/signal.c:890 [inline]
 do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
 el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
================================================================================