loop0: detected capacity change from 0 to 32768 ... Log Wrap ... Log Wrap ... Log Wrap ... ERROR: (device loop0): diWrite: ixpxd invalid ERROR: (device loop0): txCommit: ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ERROR: (device loop0): diWrite: ixpxd invalid BUG at fs/jfs/jfs_txnmgr.c:2797 assert(mp->nohomeok) ------------[ cut here ]------------ kernel BUG at fs/jfs/jfs_txnmgr.c:2797! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:LogSyncRelease fs/jfs/jfs_txnmgr.c:2797 [inline] RIP: 0010:txAbort+0x716/0x760 fs/jfs/jfs_txnmgr.c:2622 Code: e9 2c ff ff ff e8 2a a9 76 fe 48 c7 c7 60 c7 a4 8b 48 c7 c6 59 c3 a4 8b ba ed 0a 00 00 48 c7 c1 60 db a4 8b e8 cb e6 dd fd 90 <0f> 0b e8 03 a9 76 fe 48 c7 c7 60 c7 a4 8b 48 c7 c6 59 c3 a4 8b ba RSP: 0018:ffffc9000d3c74b0 EFLAGS: 00010246 RAX: 0000000000000034 RBX: 1ffff1100a41b56a RCX: 694aa3ecb0aa5f00 RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 RBP: ffff8880520dab50 R08: ffff88801fc24293 R09: 1ffff11003f84852 R10: dffffc0000000000 R11: ffffed1003f84853 R12: 0000000000000024 R13: ffff8880520daaa8 R14: 0000000000000000 R15: 0000000000000004 FS: 00007fbda41ba6c0(0000) GS:ffff88808d301000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbda4198fc8 CR3: 0000000041b1a000 CR4: 0000000000352ef0 Call Trace: txCommit+0x46e4/0x5430 fs/jfs/jfs_txnmgr.c:1355 jfs_create+0x865/0xa80 fs/jfs/namei.c:156 lookup_open fs/namei.c:3796 [inline] open_last_lookups fs/namei.c:3895 [inline] path_openat+0x14f4/0x3830 fs/namei.c:4131 do_filp_open+0x1fa/0x410 fs/namei.c:4161 do_sys_openat2+0x121/0x1c0 fs/open.c:1437 do_sys_open fs/open.c:1452 [inline] __do_sys_openat fs/open.c:1468 [inline] __se_sys_openat fs/open.c:1463 [inline] __x64_sys_openat+0x138/0x170 fs/open.c:1463 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbda338eec9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fbda41ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007fbda35e5fa0 RCX: 00007fbda338eec9 RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c RBP: 00007fbda3411f91 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fbda35e6038 R14: 00007fbda35e5fa0 R15: 00007fffbbf4fdc8 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:LogSyncRelease fs/jfs/jfs_txnmgr.c:2797 [inline] RIP: 0010:txAbort+0x716/0x760 fs/jfs/jfs_txnmgr.c:2622 Code: e9 2c ff ff ff e8 2a a9 76 fe 48 c7 c7 60 c7 a4 8b 48 c7 c6 59 c3 a4 8b ba ed 0a 00 00 48 c7 c1 60 db a4 8b e8 cb e6 dd fd 90 <0f> 0b e8 03 a9 76 fe 48 c7 c7 60 c7 a4 8b 48 c7 c6 59 c3 a4 8b ba RSP: 0018:ffffc9000d3c74b0 EFLAGS: 00010246 RAX: 0000000000000034 RBX: 1ffff1100a41b56a RCX: 694aa3ecb0aa5f00 RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 RBP: ffff8880520dab50 R08: ffff88801fc24293 R09: 1ffff11003f84852 R10: dffffc0000000000 R11: ffffed1003f84853 R12: 0000000000000024 R13: ffff8880520daaa8 R14: 0000000000000000 R15: 0000000000000004 FS: 00007fbda41ba6c0(0000) GS:ffff88808d301000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000041b1a000 CR4: 0000000000352ef0