Warning: Permanently added '10.128.0.121' (ED25519) to the list of known hosts.
executing program
[   34.777590][ T4295] loop0: detected capacity change from 0 to 32768
[   34.790722][ T4295] (syz-executor721,4295,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   34.794714][ T4295] (syz-executor721,4295,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   34.805104][ T4295] JBD2: Ignoring recovery information on journal
[   34.827179][ T4295] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[   34.842929][ T4295] 
[   34.843560][ T4295] ======================================================
[   34.845305][ T4295] WARNING: possible circular locking dependency detected
[   34.847080][ T4295] 6.1.139-syzkaller #0 Not tainted
[   34.848359][ T4295] ------------------------------------------------------
[   34.850183][ T4295] syz-executor721/4295 is trying to acquire lock:
[   34.851823][ T4295] ffff0000e2bb8660 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb4/0x2d8
[   34.854551][ T4295] 
[   34.854551][ T4295] but task is already holding lock:
[   34.856465][ T4295] ffff0000e2bb86f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2d8
[   34.859157][ T4295] 
[   34.859157][ T4295] which lock already depends on the new lock.
[   34.859157][ T4295] 
[   34.861807][ T4295] 
[   34.861807][ T4295] the existing dependency chain (in reverse order) is:
[   34.864127][ T4295] 
[   34.864127][ T4295] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}:
[   34.866109][ T4295]        down_read+0x64/0x304
[   34.867264][ T4295]        ocfs2_init_acl+0x258/0x5f0
[   34.868583][ T4295]        ocfs2_mknod+0x1168/0x1f18
[   34.869866][ T4295]        ocfs2_create+0x19c/0x4f0
[   34.871180][ T4295]        path_openat+0x112c/0x2680
[   34.872460][ T4295]        do_filp_open+0x174/0x344
[   34.873774][ T4295]        do_sys_openat2+0x128/0x3d8
[   34.875130][ T4295]        __arm64_sys_openat+0x120/0x154
[   34.876553][ T4295]        invoke_syscall+0x98/0x2bc
[   34.877862][ T4295]        el0_svc_common+0x138/0x258
[   34.879171][ T4295]        do_el0_svc+0x58/0x13c
[   34.880397][ T4295]        el0_svc+0x58/0x138
[   34.881548][ T4295]        el0t_64_sync_handler+0x84/0xf0
[   34.882930][ T4295]        el0t_64_sync+0x18c/0x190
[   34.884260][ T4295] 
[   34.884260][ T4295] -> #3 (jbd2_handle){++++}-{0:0}:
[   34.886115][ T4295]        start_this_handle+0xfe0/0x122c
[   34.887552][ T4295]        jbd2__journal_start+0x288/0x51c
[   34.888932][ T4295]        jbd2_journal_start+0x3c/0x4c
[   34.890291][ T4295]        ocfs2_start_trans+0x380/0x6c4
[   34.891552][ T4295]        ocfs2_modify_bh+0xe4/0x43c
[   34.892888][ T4295]        ocfs2_local_read_info+0x102c/0x131c
[   34.894430][ T4295]        dquot_load_quota_sb+0x6c4/0xa24
[   34.895861][ T4295]        dquot_load_quota_inode+0x274/0x4e4
[   34.897623][ T4295]        ocfs2_enable_quotas+0x17c/0x3b4
[   34.899214][ T4295]        ocfs2_fill_super+0x3060/0x3e98
[   34.900681][ T4295]        mount_bdev+0x264/0x358
[   34.901970][ T4295]        ocfs2_mount+0x44/0x58
[   34.903233][ T4295]        legacy_get_tree+0xd4/0x16c
[   34.904545][ T4295]        vfs_get_tree+0x90/0x274
[   34.905830][ T4295]        do_new_mount+0x228/0x810
[   34.907200][ T4295]        path_mount+0x5b4/0xe78
[   34.908412][ T4295]        __arm64_sys_mount+0x49c/0x584
[   34.909778][ T4295]        invoke_syscall+0x98/0x2bc
[   34.911113][ T4295]        el0_svc_common+0x138/0x258
[   34.912443][ T4295]        do_el0_svc+0x58/0x13c
[   34.913690][ T4295]        el0_svc+0x58/0x138
[   34.914878][ T4295]        el0t_64_sync_handler+0x84/0xf0
[   34.916301][ T4295]        el0t_64_sync+0x18c/0x190
[   34.917650][ T4295] 
[   34.917650][ T4295] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}:
[   34.919836][ T4295]        down_read+0x64/0x304
[   34.921061][ T4295]        ocfs2_start_trans+0x374/0x6c4
[   34.922438][ T4295]        ocfs2_modify_bh+0xe4/0x43c
[   34.923834][ T4295]        ocfs2_local_read_info+0x102c/0x131c
[   34.925339][ T4295]        dquot_load_quota_sb+0x6c4/0xa24
[   34.926793][ T4295]        dquot_load_quota_inode+0x274/0x4e4
[   34.928313][ T4295]        ocfs2_enable_quotas+0x17c/0x3b4
[   34.929800][ T4295]        ocfs2_fill_super+0x3060/0x3e98
[   34.931248][ T4295]        mount_bdev+0x264/0x358
[   34.932511][ T4295]        ocfs2_mount+0x44/0x58
[   34.933702][ T4295]        legacy_get_tree+0xd4/0x16c
[   34.935064][ T4295]        vfs_get_tree+0x90/0x274
[   34.936384][ T4295]        do_new_mount+0x228/0x810
[   34.937650][ T4295]        path_mount+0x5b4/0xe78
[   34.938867][ T4295]        __arm64_sys_mount+0x49c/0x584
[   34.940264][ T4295]        invoke_syscall+0x98/0x2bc
[   34.941587][ T4295]        el0_svc_common+0x138/0x258
[   34.942971][ T4295]        do_el0_svc+0x58/0x13c
[   34.944227][ T4295]        el0_svc+0x58/0x138
[   34.945398][ T4295]        el0t_64_sync_handler+0x84/0xf0
[   34.946840][ T4295]        el0t_64_sync+0x18c/0x190
[   34.948137][ T4295] 
[   34.948137][ T4295] -> #1 (sb_internal#2){.+.+}-{0:0}:
[   34.950068][ T4295]        ocfs2_start_trans+0x20c/0x6c4
[   34.951548][ T4295]        ocfs2_truncate_file+0x5f4/0x149c
[   34.952981][ T4295]        ocfs2_setattr+0x1234/0x18d4
[   34.954406][ T4295]        notify_change+0xb0c/0xdcc
[   34.955781][ T4295]        do_truncate+0x178/0x1f0
[   34.957057][ T4295]        path_openat+0x20d0/0x2680
[   34.958366][ T4295]        do_filp_open+0x174/0x344
[   34.959725][ T4295]        do_sys_openat2+0x128/0x3d8
[   34.961115][ T4295]        __arm64_sys_openat+0x120/0x154
[   34.962605][ T4295]        invoke_syscall+0x98/0x2bc
[   34.963911][ T4295]        el0_svc_common+0x138/0x258
[   34.965285][ T4295]        do_el0_svc+0x58/0x13c
[   34.966540][ T4295]        el0_svc+0x58/0x138
[   34.967726][ T4295]        el0t_64_sync_handler+0x84/0xf0
[   34.969200][ T4295]        el0t_64_sync+0x18c/0x190
[   34.970522][ T4295] 
[   34.970522][ T4295] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}:
[   34.972577][ T4295]        __lock_acquire+0x293c/0x6544
[   34.973991][ T4295]        lock_acquire+0x20c/0x644
[   34.975289][ T4295]        down_write+0x5c/0x88
[   34.976518][ T4295]        ocfs2_try_remove_refcount_tree+0xb4/0x2d8
[   34.978223][ T4295]        ocfs2_truncate_file+0xce8/0x149c
[   34.979693][ T4295]        ocfs2_setattr+0x1234/0x18d4
[   34.981033][ T4295]        notify_change+0xb0c/0xdcc
[   34.982272][ T4295]        do_truncate+0x178/0x1f0
[   34.983448][ T4295]        path_openat+0x20d0/0x2680
[   34.984666][ T4295]        do_filp_open+0x174/0x344
[   34.985911][ T4295]        do_sys_openat2+0x128/0x3d8
[   34.987173][ T4295]        __arm64_sys_openat+0x120/0x154
[   34.988510][ T4295]        invoke_syscall+0x98/0x2bc
[   34.989833][ T4295]        el0_svc_common+0x138/0x258
[   34.991106][ T4295]        do_el0_svc+0x58/0x13c
[   34.992257][ T4295]        el0_svc+0x58/0x138
[   34.993365][ T4295]        el0t_64_sync_handler+0x84/0xf0
[   34.994732][ T4295]        el0t_64_sync+0x18c/0x190
[   34.995980][ T4295] 
[   34.995980][ T4295] other info that might help us debug this:
[   34.995980][ T4295] 
[   34.998515][ T4295] Chain exists of:
[   34.998515][ T4295]   &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem
[   34.998515][ T4295] 
[   35.001706][ T4295]  Possible unsafe locking scenario:
[   35.001706][ T4295] 
[   35.003565][ T4295]        CPU0                    CPU1
[   35.004879][ T4295]        ----                    ----
[   35.006228][ T4295]   lock(&oi->ip_xattr_sem);
[   35.007381][ T4295]                                lock(jbd2_handle);
[   35.008957][ T4295]                                lock(&oi->ip_xattr_sem);
[   35.010747][ T4295]   lock(&oi->ip_alloc_sem);
[   35.011888][ T4295] 
[   35.011888][ T4295]  *** DEADLOCK ***
[   35.011888][ T4295] 
[   35.013958][ T4295] 3 locks held by syz-executor721/4295:
[   35.015356][ T4295]  #0: ffff0000d4eae460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c
[   35.017601][ T4295]  #1: ffff0000e2bb89c8 (&sb->s_type->i_mutex_key#17){+.+.}-{3:3}, at: do_truncate+0x164/0x1f0
[   35.020176][ T4295]  #2: ffff0000e2bb86f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2d8
[   35.022948][ T4295] 
[   35.022948][ T4295] stack backtrace:
[   35.024459][ T4295] CPU: 0 PID: 4295 Comm: syz-executor721 Not tainted 6.1.139-syzkaller #0
[   35.026500][ T4295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   35.028991][ T4295] Call trace:
[   35.029813][ T4295]  dump_backtrace+0x1c8/0x1f4
[   35.030980][ T4295]  show_stack+0x2c/0x3c
[   35.032027][ T4295]  __dump_stack+0x30/0x40
[   35.033073][ T4295]  dump_stack_lvl+0xf8/0x160
[   35.034244][ T4295]  dump_stack+0x1c/0x5c
[   35.035308][ T4295]  print_circular_bug+0x148/0x1b0
[   35.036546][ T4295]  check_noncircular+0x240/0x2d4
[   35.037730][ T4295]  __lock_acquire+0x293c/0x6544
[   35.038965][ T4295]  lock_acquire+0x20c/0x644
[   35.040135][ T4295]  down_write+0x5c/0x88
[   35.041188][ T4295]  ocfs2_try_remove_refcount_tree+0xb4/0x2d8
[   35.042643][ T4295]  ocfs2_truncate_file+0xce8/0x149c
[   35.043945][ T4295]  ocfs2_setattr+0x1234/0x18d4
[   35.045121][ T4295]  notify_change+0xb0c/0xdcc
[   35.046261][ T4295]  do_truncate+0x178/0x1f0
[   35.047497][ T4295]  path_openat+0x20d0/0x2680
[   35.048741][ T4295]  do_filp_open+0x174/0x344
[   35.049820][ T4295]  do_sys_openat2+0x128/0x3d8
[   35.050970][ T4295]  __arm64_sys_openat+0x120/0x154
[   35.052202][ T4295]  invoke_syscall+0x98/0x2bc
[   35.053317][ T4295]  el0_svc_common+0x138/0x258
[   35.054472][ T4295]  do_el0_svc+0x58/0x13c
[   35.055417][ T4295]  el0_svc+0x58/0x138
[   35.056390][ T4295]  el0t_64_sync_handler+0x84/0xf0
[   35.057637][ T4295]  el0t_64_sync+0x18c/0x190