loop0: detected capacity change from 0 to 32768 ... Log Wrap ... Log Wrap ... Log Wrap ... ERROR: (device loop0): diWrite: ixpxd invalid ERROR: (device loop0): txCommit: Illegal XDP return value 4294967274 on prog (id 2) dev syz_tun, expect packet loss! ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ERROR: (device loop0): diWrite: ixpxd invalid ERROR: (device loop0): txCommit: ERROR: (device loop0): diWrite: ixpxd invalid BUG at fs/jfs/jfs_txnmgr.c:2797 assert(mp->nohomeok) ------------[ cut here ]------------ kernel BUG at fs/jfs/jfs_txnmgr.c:2797! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:LogSyncRelease fs/jfs/jfs_txnmgr.c:2797 [inline] RIP: 0010:txAbort+0x716/0x760 fs/jfs/jfs_txnmgr.c:2622 Code: e9 2c ff ff ff e8 da cc 64 fe 48 c7 c7 e0 79 0b 8c 48 c7 c6 d9 75 0b 8c ba ed 0a 00 00 48 c7 c1 e0 8d 0b 8c e8 3b d8 c6 fd 90 <0f> 0b e8 b3 cc 64 fe 48 c7 c7 e0 79 0b 8c 48 c7 c6 d9 75 0b 8c ba RSP: 0018:ffffc9000f5474b0 EFLAGS: 00010246 RAX: 0000000000000034 RBX: 1ffff110001573e6 RCX: a71b683c7bbf2600 RDX: ffffc9000ec5a000 RSI: 0000000000001600 RDI: 0000000000001601 RBP: ffff888000ab9f30 R08: ffff88801fc247d3 R09: 1ffff11003f848fa R10: dffffc0000000000 R11: ffffed1003f848fb R12: 0000000000000024 R13: ffff888000ab9e88 R14: 0000000000000000 R15: 0000000000000004 FS: 00007fcb149c36c0(0000) GS:ffff88808ca55000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f9f4e7909c0 CR3: 0000000043f2b000 CR4: 0000000000352ef0 Call Trace: txCommit+0x46bd/0x5410 fs/jfs/jfs_txnmgr.c:1355 jfs_create+0x8f4/0xb10 fs/jfs/namei.c:157 lookup_open fs/namei.c:4483 [inline] open_last_lookups fs/namei.c:4583 [inline] path_openat+0x1395/0x3860 fs/namei.c:4827 do_file_open+0x23e/0x4a0 fs/namei.c:4859 do_sys_openat2+0x113/0x200 fs/open.c:1366 do_sys_open fs/open.c:1372 [inline] __do_sys_openat fs/open.c:1388 [inline] __se_sys_openat fs/open.c:1383 [inline] __x64_sys_openat+0x138/0x170 fs/open.c:1383 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcb13b9c799 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fcb149c2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007fcb13e15fa0 RCX: 00007fcb13b9c799 RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c RBP: 00007fcb13c32c99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fcb13e16038 R14: 00007fcb13e15fa0 R15: 00007ffe28017878 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:LogSyncRelease fs/jfs/jfs_txnmgr.c:2797 [inline] RIP: 0010:txAbort+0x716/0x760 fs/jfs/jfs_txnmgr.c:2622 Code: e9 2c ff ff ff e8 da cc 64 fe 48 c7 c7 e0 79 0b 8c 48 c7 c6 d9 75 0b 8c ba ed 0a 00 00 48 c7 c1 e0 8d 0b 8c e8 3b d8 c6 fd 90 <0f> 0b e8 b3 cc 64 fe 48 c7 c7 e0 79 0b 8c 48 c7 c6 d9 75 0b 8c ba RSP: 0018:ffffc9000f5474b0 EFLAGS: 00010246 RAX: 0000000000000034 RBX: 1ffff110001573e6 RCX: a71b683c7bbf2600 RDX: ffffc9000ec5a000 RSI: 0000000000001600 RDI: 0000000000001601 RBP: ffff888000ab9f30 R08: ffff88801fc247d3 R09: 1ffff11003f848fa R10: dffffc0000000000 R11: ffffed1003f848fb R12: 0000000000000024 R13: ffff888000ab9e88 R14: 0000000000000000 R15: 0000000000000004 FS: 00007fcb149c36c0(0000) GS:ffff88808ca55000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcb149a1ff8 CR3: 0000000043f2b000 CR4: 0000000000352ef0