================================================================================
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2874:6
index 196694 is out of range for type 's8[1365]' (aka 'signed char[1365]')
CPU: 0 PID: 94 Comm: jfsCommit Not tainted 6.7.0-rc8-syzkaller-g0802e17d9aca #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
Call trace:
 dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:291
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:298
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106
 dump_stack+0x1c/0x28 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:217 [inline]
 __ubsan_handle_out_of_bounds+0xfc/0x148 lib/ubsan.c:348
 dbAdjTree+0x3d8/0x444 fs/jfs/jfs_dmap.c:2874
 dbJoin+0x1e0/0x298 fs/jfs/jfs_dmap.c:2841
 dbFreeBits+0x450/0xc28 fs/jfs/jfs_dmap.c:2338
 dbFreeDmap fs/jfs/jfs_dmap.c:2087 [inline]
 dbFree+0x2d4/0x5ac fs/jfs/jfs_dmap.c:409
 txFreeMap+0x668/0xb84 fs/jfs/jfs_txnmgr.c:2534
 txUpdateMap+0x2e8/0x8e4
 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]
 jfs_lazycommit+0x3a0/0x988 fs/jfs/jfs_txnmgr.c:2732
 kthread+0x288/0x310 kernel/kthread.c:388
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:857
================================================================================
================================================================================
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2879:2
index 196694 is out of range for type 's8[1365]' (aka 'signed char[1365]')
CPU: 0 PID: 94 Comm: jfsCommit Not tainted 6.7.0-rc8-syzkaller-g0802e17d9aca #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
Call trace:
 dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:291
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:298
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106
 dump_stack+0x1c/0x28 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:217 [inline]
 __ubsan_handle_out_of_bounds+0xfc/0x148 lib/ubsan.c:348
 dbAdjTree+0x42c/0x444 fs/jfs/jfs_dmap.c:2879
 dbJoin+0x1e0/0x298 fs/jfs/jfs_dmap.c:2841
 dbFreeBits+0x450/0xc28 fs/jfs/jfs_dmap.c:2338
 dbFreeDmap fs/jfs/jfs_dmap.c:2087 [inline]
 dbFree+0x2d4/0x5ac fs/jfs/jfs_dmap.c:409
 txFreeMap+0x668/0xb84 fs/jfs/jfs_txnmgr.c:2534
 txUpdateMap+0x2e8/0x8e4
 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]
 jfs_lazycommit+0x3a0/0x988 fs/jfs/jfs_txnmgr.c:2732
 kthread+0x288/0x310 kernel/kthread.c:388
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:857
================================================================================