loop0: detected capacity change from 0 to 32768 ... Log Wrap ... Log Wrap ... Log Wrap ... ERROR: (device loop0): diWrite: ixpxd invalid ERROR: (device loop0): txCommit: ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ERROR: (device loop0): diWrite: ixpxd invalid BUG at fs/jfs/jfs_txnmgr.c:2797 assert(mp->nohomeok) ------------[ cut here ]------------ kernel BUG at fs/jfs/jfs_txnmgr.c:2797! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:LogSyncRelease fs/jfs/jfs_txnmgr.c:2797 [inline] RIP: 0010:txAbort+0x716/0x760 fs/jfs/jfs_txnmgr.c:2622 Code: e9 2c ff ff ff e8 2a 11 6f fe 48 c7 c7 20 fa ca 8b 48 c7 c6 19 f6 ca 8b ba ed 0a 00 00 48 c7 c1 20 0e cb 8b e8 1b 12 d4 fd 90 <0f> 0b e8 03 11 6f fe 48 c7 c7 20 fa ca 8b 48 c7 c6 19 f6 ca 8b ba RSP: 0018:ffffc9000c2174d0 EFLAGS: 00010246 RAX: 0000000000000034 RBX: 1ffff110082f8b6a RCX: 8bf264d509ed1a00 RDX: ffffc90021112000 RSI: 0000000000001559 RDI: 000000000000155a RBP: ffff8880417c5b50 R08: ffffc9000c217247 R09: 1ffff92001842e48 R10: dffffc0000000000 R11: fffff52001842e49 R12: 0000000000000024 R13: ffff8880417c5aa8 R14: 0000000000000000 R15: 0000000000000004 FS: 00007efed04896c0(0000) GS:ffff88808cf1d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007efec53ff000 CR3: 000000003765f000 CR4: 0000000000352ef0 Call Trace: txCommit+0x46bd/0x5410 fs/jfs/jfs_txnmgr.c:1355 jfs_create+0x8f4/0xb10 fs/jfs/namei.c:156 lookup_open fs/namei.c:4449 [inline] open_last_lookups fs/namei.c:4549 [inline] path_openat+0x18dd/0x3e20 fs/namei.c:4793 do_filp_open+0x22d/0x490 fs/namei.c:4823 do_sys_openat2+0x12f/0x220 fs/open.c:1430 do_sys_open fs/open.c:1436 [inline] __do_sys_openat fs/open.c:1452 [inline] __se_sys_openat fs/open.c:1447 [inline] __x64_sys_openat+0x138/0x170 fs/open.c:1447 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7efecf59acb9 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007efed0489028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007efecf815fa0 RCX: 00007efecf59acb9 RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c RBP: 00007efecf608bf7 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007efecf816038 R14: 00007efecf815fa0 R15: 00007ffe7706a178 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:LogSyncRelease fs/jfs/jfs_txnmgr.c:2797 [inline] RIP: 0010:txAbort+0x716/0x760 fs/jfs/jfs_txnmgr.c:2622 Code: e9 2c ff ff ff e8 2a 11 6f fe 48 c7 c7 20 fa ca 8b 48 c7 c6 19 f6 ca 8b ba ed 0a 00 00 48 c7 c1 20 0e cb 8b e8 1b 12 d4 fd 90 <0f> 0b e8 03 11 6f fe 48 c7 c7 20 fa ca 8b 48 c7 c6 19 f6 ca 8b ba RSP: 0018:ffffc9000c2174d0 EFLAGS: 00010246 RAX: 0000000000000034 RBX: 1ffff110082f8b6a RCX: 8bf264d509ed1a00 RDX: ffffc90021112000 RSI: 0000000000001559 RDI: 000000000000155a RBP: ffff8880417c5b50 R08: ffffc9000c217247 R09: 1ffff92001842e48 R10: dffffc0000000000 R11: fffff52001842e49 R12: 0000000000000024 R13: ffff8880417c5aa8 R14: 0000000000000000 R15: 0000000000000004 FS: 00007efed04896c0(0000) GS:ffff88808cf1d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007efec53ff000 CR3: 000000003765f000 CR4: 0000000000352ef0