... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... ... Log Wrap ... Log Wrap ... Log Wrap ... BUG at fs/jfs/jfs_txnmgr.c:932 assert(mp->nohomeok > 0) ------------[ cut here ]------------ kernel BUG at fs/jfs/jfs_txnmgr.c:932! Oops: invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 0 UID: 0 PID: 6036 Comm: syz.1.25 Not tainted syzkaller #0 PREEMPT_{RT,(full)} Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 RIP: 0010:txUnlock+0xd7a/0xdc0 fs/jfs/jfs_txnmgr.c:932 Code: d8 fd 90 0f 0b e8 c6 04 74 fe 48 c7 c7 e0 9a 6a 8b 48 c7 c6 d9 96 6a 8b ba a4 03 00 00 48 c7 c1 20 a8 6a 8b e8 47 4b d8 fd 90 <0f> 0b e8 9f 04 74 fe 48 c7 c7 e0 9a 6a 8b 48 c7 c6 d9 96 6a 8b ba RSP: 0018:ffffc90005fe7230 EFLAGS: 00010246 RAX: 0000000000000037 RBX: 0000000000001000 RCX: 38daccce44a78d00 RDX: ffffc90005731000 RSI: 0000000000003461 RDI: 0000000000003462 RBP: ffffc9000351a168 R08: 0000000000000000 R09: 0000000000000000 R10: dffffc0000000000 R11: fffff52000bfcdf5 R12: dffffc0000000000 R13: 1ffff110071e5b55 R14: ffff888038f2daa8 R15: 0000000000000000 FS: 00007f357c5e66c0(0000) GS:ffff888126595000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055752a3d2000 CR3: 0000000052ef0000 CR4: 00000000003526f0 Call Trace: txCommit+0x4f20/0x5410 fs/jfs/jfs_txnmgr.c:1336 jfs_commit_inode+0x2ef/0x530 fs/jfs/inode.c:114 jfs_fsync+0x19a/0x210 fs/jfs/file.c:38 generic_write_sync include/linux/fs.h:2640 [inline] generic_file_write_iter+0x381/0x690 mm/filemap.c:4461 iter_file_splice_write+0x9a0/0x1100 fs/splice.c:738 do_splice_from fs/splice.c:938 [inline] direct_splice_actor+0x104/0x160 fs/splice.c:1161 splice_direct_to_actor+0x545/0xc80 fs/splice.c:1105 do_splice_direct_actor fs/splice.c:1204 [inline] do_splice_direct+0x19b/0x2a0 fs/splice.c:1230 do_sendfile+0x547/0x7e0 fs/read_write.c:1372 __do_sys_sendfile64 fs/read_write.c:1433 [inline] __se_sys_sendfile64+0x144/0x1a0 fs/read_write.c:1419 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f357e38bf79 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f357c5e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 RAX: ffffffffffffffda RBX: 00007f357e605fa0 RCX: 00007f357e38bf79 RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 RBP: 00007f357e4227e0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020fffe82 R11: 0000000000000246 R12: 0000000000000000 R13: 00007f357e606038 R14: 00007f357e605fa0 R15: 00007ffed4ae7c78 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:txUnlock+0xd7a/0xdc0 fs/jfs/jfs_txnmgr.c:932 Code: d8 fd 90 0f 0b e8 c6 04 74 fe 48 c7 c7 e0 9a 6a 8b 48 c7 c6 d9 96 6a 8b ba a4 03 00 00 48 c7 c1 20 a8 6a 8b e8 47 4b d8 fd 90 <0f> 0b e8 9f 04 74 fe 48 c7 c7 e0 9a 6a 8b 48 c7 c6 d9 96 6a 8b ba RSP: 0018:ffffc90005fe7230 EFLAGS: 00010246 RAX: 0000000000000037 RBX: 0000000000001000 RCX: 38daccce44a78d00 RDX: ffffc90005731000 RSI: 0000000000003461 RDI: 0000000000003462 RBP: ffffc9000351a168 R08: 0000000000000000 R09: 0000000000000000 R10: dffffc0000000000 R11: fffff52000bfcdf5 R12: dffffc0000000000 R13: 1ffff110071e5b55 R14: ffff888038f2daa8 R15: 0000000000000000 FS: 00007f357c5e66c0(0000) GS:ffff888126595000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055752a3d2000 CR3: 0000000052ef0000 CR4: 00000000003526f0