program:
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1e5)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000140)='i', 0x1001, 0x8b}])
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x58, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x64}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x58}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r5, 0xcdf)
syz_emit_ethernet(0x4a, &(0x7f0000000480)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x88c0, &(0x7f00000007c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c0050890e1d2cc1bbbdf08d08fe06ff2766758d8955927fab01a7ccdecfc59b2041a9461723f1db971e775e0e358c03b00c510998283ed6f1dba0502d352e58b65a28492b0a7053e14eccd84ac5b3452602d77c0ca06fcbf3756ab0c1000b6cd9257f69726afcec2859414f3e35e002dcdf2b18b581c33cd87be229bc4302b017e3c3"], 0x1, 0x4436, &(0x7f000000cd80)="$eJzs3b9vFFceAPA3Y3PYHHA2UHDSSbfSId3p7mTZVHdnpDPGYGxwiEhAUZplbS/gZO1F9jpKQeF0SKkipYhSoERK5wq5SEv+hDQpSY2UFGkiRUJxtLuz9s54V95YXjuQz0fI43m/vd+dN2+K4cWJyv2FldzCSq6wlCvP3V05n3uvXFpdLIb4gLTs/8jB9U9nuvE9Oezv3u/ZjUtX3rh9PoSv5r95vrm5uRmqekNLI02///jDw7nmY0OcqVNtt3Vr++XtEMKZHeOq6gkhvPVlCFEI4WKSNp4c+0MIJ0I97/bDD+/k9mk0T54VL+RfzDzaGD03vf54o/3fHoXwaenP/763+N3feka//ec+dQ8AAAAAAAAAAAAAAAAAwEtu8uaNW68Pj4SnUehdj3a+rzuZHNu9H7u5b/7a/T8WAAAAAAAAAAAAAAAAAAAAfqO23//PRadavP8/kRzH2tTf/H/3x0j3TL12Y+Ly8Eiy/3u0I/8/SdL3F3vCYIt937P7v1/M1G+9//vOfvaqMb5GvwMhiodS53E8NBTC58nG72ejY3GpvFL5193y6tL8vg3jpZWOf333/lR0kg39O43/eKb97u//fzr8IZNSHf+d/fuKvdLS8e9pW+6LD6KO4n8pU+8g4s/epePfW0vrby4wVp8AqvH/qHf3+E9k2u9W/E+GEHJRday5cLppxqquYarp7dYrpKXjf6SWlpo6kw+y3fX/Uyb+lzPtH8T1n53qq+dr2RsRLaXjX7+T9tX+NWxf/4Px7tf/lUz7hxH/6uDX3P87ko7/0Xpib6pI7ZPsdP6fzLTfrfjfipNxnoxS34D1qJ7e7v+rIy0d/74d+dvPf3FH67+rmfoH9fzX6Lfx/NeY/v8R1Z//aC0d//625Tq9/qcy9bo9/4/V1n/sVTr+x2pp6bXzQO1np/GfzrTfrfjXViV9jfhvzyc/H62nf2b915F0/P9YT4ybS6zVftbWf9Hu6/9rmfYPY/1XHf9a3N1eXxXp+B9vW64a/687uP9fz9TrfvxDGLbW37N0/E+0LVe7/vt2j/9Mpl634//3bjYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BIYT44DIYqHUudxPDQUwqXk/Gw4Fs0W5vOzpfLcuyshTCTpuXAqulcqzxZK+YWl8nwxXyiVynMhXE7yz4S+aKVUruQXCw+ubLXVH90vFpYrs8VCJYQwmaT/JZxotDW7UFksPAghXN3K+1NcXn5wv7CUn19Y/t/w8PBwmNoaw2BUfL9SXKrUe6/nhjC9VXcgahpcLfva1liOR++UV5eXCqVa+vWmOqXyXKHUVGcmyfs4DEaV5dWluUKlmC+V7zX6O0xjyXFi6uabN6+P7Mi/E9WP4wc7LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+paej//0khNBbP4tDCGONX6JW5Z88K17Iv5h5tDF6bnr98cbzduUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygNBFEYgN+Mhdp5DKtlt7NdUUQLVwRPoMfwMHoUL+EdUqRImyIEklkIm13YJqm+r3kwPzPvwTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC07cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//8gcHx0=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40042, 0x0)
clock_adjtime(0x0, &(0x7f0000000500)={0x3800, 0x7fffffffffffffff, 0x5, 0x7, 0x6, 0x8, 0x2, 0x5, 0x6, 0x0, 0x4, 0x3, 0xb, 0x9, 0x6, 0x4, 0x60, 0x8, 0x9, 0x200, 0x7, 0x3, 0xfffffffffffffff1, 0x80000001, 0x78d1, 0x6})
pwrite64(r6, &(0x7f0000000540)="9e", 0x1, 0xfecf)
r7 = open(&(0x7f000001f580)='./file1\x00', 0x145142, 0x0)
ftruncate(r7, 0x96ef)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000080)='.\x00', 0x1a4a438, &(0x7f0000000100)=ANY=[], 0xb, 0x0, &(0x7f0000000100))
r8 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x18, 0x4, 0x0, 0x0, 0x19, 0xd, "ef359f303bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6550820d1cbf7966d61fdcf331263bd9bffbcc2542ded71038259ca171ce1a311ef54ed1ed71e14ef3d0000f6ff00000000000000cd00", "f28359738e229a6f00000000000000e6d60200870000000000000000000100", [0x4, 0x8000000009]})
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
copy_file_range(r9, 0x0, r9, &(0x7f00000000c0)=0xae8, 0x863, 0x0)

[   74.921949][ T5338] Bluetooth: hci0: command tx timeout
[   74.987651][ T5358] loop0: detected capacity change from 0 to 1024
[   75.047281][ T5358] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.091326][ T5358] loop0: detected capacity change from 1024 to 0
[   75.105025][ T1039] I/O error, dev loop0, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[   75.112152][ T1099] I/O error, dev loop0, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 2
[   75.116712][ T1099] I/O error, dev loop0, sector 16 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   75.122601][ T5358] EXT4-fs error (device loop0): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.0.0: unable to read itable block
[   75.129818][ T1099] I/O error, dev loop0, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[   75.135681][ T1099] I/O error, dev loop0, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 2
[   75.140494][ T1099] I/O error, dev loop0, sector 16 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   75.145540][ T5358] EXT4-fs error (device loop0): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.0.0: unable to read itable block
[   75.152007][ T5358] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: IO failure
[   75.157523][ T5358] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.0: mark_inode_dirty error
[   75.171190][ T1099] I/O error, dev loop0, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[   75.181528][ T1099] I/O error, dev loop0, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 2
[   75.190889][ T1099] I/O error, dev loop0, sector 16 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   75.195404][ T5358] EXT4-fs error (device loop0): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.0.0: unable to read itable block
[   75.593774][ T1039] I/O error, dev loop0, sector 10 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[   75.598407][ T5358] EXT4-fs error (device loop0): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.0.0: unable to read itable block
[   75.605349][ T5358] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: IO failure
[   75.609267][ T5358] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.0: mark_inode_dirty error
[   75.615104][ T5358] EXT4-fs error (device loop0): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.0.0: unable to read itable block
[   75.624225][ T5358] EXT4-fs error (device loop0): ext4_get_inode_loc:4999: inode #15: block 8: comm syz.0.0: unable to read itable block
[   75.631122][ T5358] ext4: Unknown parameter '
[   75.631122][ T5358] '
[   75.661442][ T5358] ==================================================================
[   75.664874][ T5358] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[   75.668253][ T5358] Read of size 18446744073709551600 at addr ffff88804cc852b8 by task syz.0.0/5358
[   75.672163][ T5358] 
[   75.673252][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.673268][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.673276][ T5358] Call Trace:
[   75.673282][ T5358]  <TASK>
[   75.673288][ T5358]  dump_stack_lvl+0x189/0x250
[   75.673306][ T5358]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.673321][ T5358]  ? rcu_is_watching+0x15/0xb0
[   75.673332][ T5358]  ? __kasan_check_byte+0x12/0x40
[   75.673347][ T5358]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.673359][ T5358]  ? rcu_is_watching+0x15/0xb0
[   75.673371][ T5358]  ? lock_release+0x4b/0x3e0
[   75.673388][ T5358]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.673402][ T5358]  ? __virt_addr_valid+0x4a5/0x5c0
[   75.673416][ T5358]  print_report+0xca/0x240
[   75.673426][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.673440][ T5358]  kasan_report+0x118/0x150
[   75.673454][ T5358]  ? bdev_getblk+0x80/0x660
[   75.673469][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.673483][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.673498][ T5358]  kasan_check_range+0x2b0/0x2c0
[   75.673510][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.673523][ T5358]  __asan_memmove+0x29/0x70
[   75.673534][ T5358]  ext4_xattr_set_entry+0x9c1/0x1e20
[   75.673553][ T5358]  ext4_xattr_ibody_set+0x254/0x6a0
[   75.673570][ T5358]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   75.673584][ T5358]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   75.673597][ T5358]  ? down_write+0x162/0x1f0
[   75.673657][ T5358]  ? ext4_journal_check_start+0x1cf/0x2b0
[   75.673675][ T5358]  ext4_destroy_inline_data+0x83/0xe0
[   75.673687][ T5358]  ext4_do_writepages+0x526/0x4610
[   75.673700][ T5358]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   75.673717][ T5358]  ? __pfx_hlock_conflict+0x10/0x10
[   75.673729][ T5358]  ? check_path+0x21/0x40
[   75.673741][ T5358]  ? rcu_is_watching+0x15/0xb0
[   75.673753][ T5358]  ? preempt_schedule_irq+0xde/0x150
[   75.673768][ T5358]  ? __pfx_ext4_do_writepages+0x10/0x10
[   75.673782][ T5358]  ? irqentry_exit+0x74/0x90
[   75.673792][ T5358]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.673804][ T5358]  ? ext4_writepages+0x1cc/0x350
[   75.673823][ T5358]  ? rcu_read_lock_any_held+0xb3/0x120
[   75.673838][ T5358]  ext4_writepages+0x205/0x350
[   75.673850][ T5358]  ? __pfx_ext4_writepages+0x10/0x10
[   75.673862][ T5358]  ? __lock_acquire+0xab9/0xd20
[   75.673873][ T5358]  ? __pfx_ext4_writepages+0x10/0x10
[   75.673883][ T5358]  do_writepages+0x32e/0x550
[   75.673893][ T5358]  ? do_raw_spin_unlock+0x4d/0x240
[   75.673902][ T5358]  file_write_and_wait_range+0x23e/0x340
[   75.673915][ T5358]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   75.673935][ T5358]  ? generic_perform_write+0x809/0x900
[   75.673948][ T5358]  generic_buffers_fsync_noflush+0x6c/0x180
[   75.673972][ T5358]  ext4_sync_file+0x332/0xb20
[   75.673991][ T5358]  ext4_buffered_write_iter+0x2ca/0x3a0
[   75.674006][ T5358]  ext4_file_write_iter+0x298/0x1bc0
[   75.674021][ T5358]  ? splice_from_pipe_next+0x608/0x660
[   75.674036][ T5358]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.674048][ T5358]  ? __asan_memset+0x22/0x50
[   75.674058][ T5358]  iter_file_splice_write+0x975/0x10e0
[   75.674077][ T5358]  ? __pfx_iter_file_splice_write+0x10/0x10
[   75.674091][ T5358]  ? rcu_read_lock_any_held+0xb3/0x120
[   75.674106][ T5358]  ? __pfx_iter_file_splice_write+0x10/0x10
[   75.674120][ T5358]  direct_splice_actor+0x101/0x160
[   75.674135][ T5358]  splice_direct_to_actor+0x5a5/0xcc0
[   75.674152][ T5358]  ? __pfx_direct_splice_actor+0x10/0x10
[   75.674164][ T5358]  ? __pfx_splice_direct_to_actor+0x10/0x10
[   75.674180][ T5358]  do_splice_direct+0x181/0x270
[   75.674193][ T5358]  ? __pfx_do_splice_direct+0x10/0x10
[   75.674205][ T5358]  ? rcu_read_lock_any_held+0xb3/0x120
[   75.674217][ T5358]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   75.674231][ T5358]  ? vfs_copy_file_range+0xa73/0x1310
[   75.674247][ T5358]  vfs_copy_file_range+0xabc/0x1310
[   75.674266][ T5358]  ? __pfx_vfs_copy_file_range+0x10/0x10
[   75.674282][ T5358]  __se_sys_copy_file_range+0x2fb/0x470
[   75.674299][ T5358]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[   75.674315][ T5358]  ? rcu_is_watching+0x15/0xb0
[   75.674326][ T5358]  ? __x64_sys_copy_file_range+0x21/0xf0
[   75.674341][ T5358]  do_syscall_64+0xfa/0x3b0
[   75.674351][ T5358]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.674361][ T5358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.674373][ T5358]  ? clear_bhb_loop+0x60/0xb0
[   75.674387][ T5358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.674398][ T5358] RIP: 0033:0x7feff378eec9
[   75.674410][ T5358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.674420][ T5358] RSP: 002b:00007feff4682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[   75.674434][ T5358] RAX: ffffffffffffffda RBX: 00007feff39e5fa0 RCX: 00007feff378eec9
[   75.674443][ T5358] RDX: 000000000000000d RSI: 0000000000000000 RDI: 000000000000000d
[   75.674450][ T5358] RBP: 00007feff3811f91 R08: 0000000000000863 R09: 0000000000000000
[   75.674457][ T5358] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[   75.674463][ T5358] R13: 00007feff39e6038 R14: 00007feff39e5fa0 R15: 00007ffcc0b5a508
[   75.674474][ T5358]  </TASK>
[   75.674478][ T5358] 
[   75.882553][ T5358] The buggy address belongs to the physical page:
[   75.885208][ T5358] page: refcount:3 mapcount:0 mapping:ffff88800046cd80 index:0x2 pfn:0x4cc85
[   75.888847][ T5358] memcg:ffff88801c698d00
[   75.890644][ T5358] aops:def_blk_aops ino:700000 dentry name(?):""
[   75.893324][ T5358] flags: 0x4fff18000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[   75.897570][ T5358] raw: 04fff18000004214 0000000000000000 dead000000000122 ffff88800046cd80
[   75.901099][ T5358] raw: 0000000000000002 ffff888043b5bd98 00000003ffffffff ffff88801c698d00
[   75.904573][ T5358] page dumped because: kasan: bad access detected
[   75.907123][ T5358] page_owner tracks the page as allocated
[   75.909397][ T5358] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5358, tgid 5357 (syz.0.0), ts 75658939678, free_ts 75657583834
[   75.917634][ T5358]  post_alloc_hook+0x240/0x2a0
[   75.919638][ T5358]  get_page_from_freelist+0x21e4/0x22c0
[   75.921906][ T5358]  __alloc_frozen_pages_noprof+0x181/0x370
[   75.924403][ T5358]  alloc_pages_mpol+0x232/0x4a0
[   75.926514][ T5358]  alloc_pages_noprof+0xa9/0x190
[   75.928688][ T5358]  folio_alloc_noprof+0x1e/0x30
[   75.930667][ T5358]  filemap_alloc_folio_noprof+0xdf/0x470
[   75.933043][ T5358]  __filemap_get_folio+0x3f2/0xaf0
[   75.934999][ T5358]  bdev_getblk+0x1ad/0x660
[   75.936766][ T5358]  __ext4_get_inode_loc+0x561/0x1040
[   75.938943][ T5358]  ext4_reserve_inode_write+0x18b/0x360
[   75.941295][ T5358]  __ext4_mark_inode_dirty+0x15b/0x700
[   75.943659][ T5358]  ext4_dirty_inode+0xd0/0x110
[   75.945716][ T5358]  __mark_inode_dirty+0x2ec/0xe10
[   75.947804][ T5358]  file_modified_flags+0x4b0/0x560
[   75.949917][ T5358]  ext4_write_checks+0x240/0x2c0
[   75.951959][ T5358] page last free pid 5335 tgid 5335 stack trace:
[   75.954603][ T5358]  free_unref_folios+0xdbd/0x1520
[   75.956718][ T5358]  folios_put_refs+0x559/0x640
[   75.958787][ T5358]  shmem_undo_range+0x49e/0x14b0
[   75.960909][ T5358]  shmem_evict_inode+0x272/0xa70
[   75.963086][ T5358]  evict+0x504/0x9c0
[   75.964665][ T5358]  __dentry_kill+0x209/0x660
[   75.966598][ T5358]  dput+0x19f/0x2b0
[   75.968193][ T5358]  do_renameat2+0x6de/0xa80
[   75.970037][ T5358]  __x64_sys_rename+0x82/0x90
[   75.971913][ T5358]  do_syscall_64+0xfa/0x3b0
[   75.973887][ T5358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.976394][ T5358] 
[   75.977425][ T5358] Memory state around the buggy address:
[   75.979768][ T5358]  ffff88804cc85180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.983258][ T5358]  ffff88804cc85200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.986616][ T5358] >ffff88804cc85280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.989938][ T5358]                                         ^
[   75.992378][ T5358]  ffff88804cc85300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.995836][ T5358]  ffff88804cc85380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.999206][ T5358] ==================================================================
[   76.038711][ T5358] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   76.041766][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.045646][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.050208][ T5358] Call Trace:
[   76.051568][ T5358]  <TASK>
[   76.052855][ T5358]  dump_stack_lvl+0x99/0x250
[   76.054916][ T5358]  ? __asan_memcpy+0x40/0x70
[   76.056883][ T5358]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.059123][ T5358]  ? __pfx__printk+0x10/0x10
[   76.061091][ T5358]  vpanic+0x281/0x750
[   76.062842][ T5358]  ? __pfx_print_hex_dump+0x10/0x10
[   76.065160][ T5358]  ? __pfx_vpanic+0x10/0x10
[   76.067170][ T5358]  ? preempt_schedule_common+0x83/0xd0
[   76.069261][ T5358]  ? preempt_schedule+0xae/0xc0
[   76.071296][ T5358]  panic+0xb9/0xc0
[   76.072774][ T5358]  ? __pfx_panic+0x10/0x10
[   76.074799][ T5358]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.077319][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.079523][ T5358]  check_panic_on_warn+0x89/0xb0
[   76.081517][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.083935][ T5358]  end_report+0x78/0x160
[   76.085681][ T5358]  kasan_report+0x129/0x150
[   76.087649][ T5358]  ? bdev_getblk+0x80/0x660
[   76.089580][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.091944][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.094286][ T5358]  kasan_check_range+0x2b0/0x2c0
[   76.096512][ T5358]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.098881][ T5358]  __asan_memmove+0x29/0x70
[   76.100802][ T5358]  ext4_xattr_set_entry+0x9c1/0x1e20
[   76.103146][ T5358]  ext4_xattr_ibody_set+0x254/0x6a0
[   76.105382][ T5358]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   76.108001][ T5358]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   76.110887][ T5358]  ? down_write+0x162/0x1f0
[   76.112966][ T5358]  ? ext4_journal_check_start+0x1cf/0x2b0
[   76.115512][ T5358]  ext4_destroy_inline_data+0x83/0xe0
[   76.117835][ T5358]  ext4_do_writepages+0x526/0x4610
[   76.120220][ T5358]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   76.123360][ T5358]  ? __pfx_hlock_conflict+0x10/0x10
[   76.125751][ T5358]  ? check_path+0x21/0x40
[   76.127428][ T5358]  ? rcu_is_watching+0x15/0xb0
[   76.129300][ T5358]  ? preempt_schedule_irq+0xde/0x150
[   76.131417][ T5358]  ? __pfx_ext4_do_writepages+0x10/0x10
[   76.133633][ T5358]  ? irqentry_exit+0x74/0x90
[   76.135486][ T5358]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.137741][ T5358]  ? ext4_writepages+0x1cc/0x350
[   76.140124][ T5358]  ? rcu_read_lock_any_held+0xb3/0x120
[   76.142569][ T5358]  ext4_writepages+0x205/0x350
[   76.144704][ T5358]  ? __pfx_ext4_writepages+0x10/0x10
[   76.147014][ T5358]  ? __lock_acquire+0xab9/0xd20
[   76.149221][ T5358]  ? __pfx_ext4_writepages+0x10/0x10
[   76.151547][ T5358]  do_writepages+0x32e/0x550
[   76.153646][ T5358]  ? do_raw_spin_unlock+0x4d/0x240
[   76.155864][ T5358]  file_write_and_wait_range+0x23e/0x340
[   76.158224][ T5358]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   76.160932][ T5358]  ? generic_perform_write+0x809/0x900
[   76.163358][ T5358]  generic_buffers_fsync_noflush+0x6c/0x180
[   76.165844][ T5358]  ext4_sync_file+0x332/0xb20
[   76.167937][ T5358]  ext4_buffered_write_iter+0x2ca/0x3a0
[   76.170215][ T5358]  ext4_file_write_iter+0x298/0x1bc0
[   76.172561][ T5358]  ? splice_from_pipe_next+0x608/0x660
[   76.175003][ T5358]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   76.177308][ T5358]  ? __asan_memset+0x22/0x50
[   76.179372][ T5358]  iter_file_splice_write+0x975/0x10e0
[   76.181675][ T5358]  ? __pfx_iter_file_splice_write+0x10/0x10
[   76.184507][ T5358]  ? rcu_read_lock_any_held+0xb3/0x120
[   76.186886][ T5358]  ? __pfx_iter_file_splice_write+0x10/0x10
[   76.189493][ T5358]  direct_splice_actor+0x101/0x160
[   76.191722][ T5358]  splice_direct_to_actor+0x5a5/0xcc0
[   76.194225][ T5358]  ? __pfx_direct_splice_actor+0x10/0x10
[   76.196680][ T5358]  ? __pfx_splice_direct_to_actor+0x10/0x10
[   76.199318][ T5358]  do_splice_direct+0x181/0x270
[   76.201459][ T5358]  ? __pfx_do_splice_direct+0x10/0x10
[   76.203939][ T5358]  ? rcu_read_lock_any_held+0xb3/0x120
[   76.206380][ T5358]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   76.208967][ T5358]  ? vfs_copy_file_range+0xa73/0x1310
[   76.211252][ T5358]  vfs_copy_file_range+0xabc/0x1310
[   76.213476][ T5358]  ? __pfx_vfs_copy_file_range+0x10/0x10
[   76.215924][ T5358]  __se_sys_copy_file_range+0x2fb/0x470
[   76.218661][ T5358]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[   76.221988][ T5358]  ? rcu_is_watching+0x15/0xb0
[   76.224626][ T5358]  ? __x64_sys_copy_file_range+0x21/0xf0
[   76.227238][ T5358]  do_syscall_64+0xfa/0x3b0
[   76.229276][ T5358]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.231487][ T5358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.234191][ T5358]  ? clear_bhb_loop+0x60/0xb0
[   76.236246][ T5358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.238755][ T5358] RIP: 0033:0x7feff378eec9
[   76.240740][ T5358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.249249][ T5358] RSP: 002b:00007feff4682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[   76.252838][ T5358] RAX: ffffffffffffffda RBX: 00007feff39e5fa0 RCX: 00007feff378eec9
[   76.256397][ T5358] RDX: 000000000000000d RSI: 0000000000000000 RDI: 000000000000000d
[   76.259902][ T5358] RBP: 00007feff3811f91 R08: 0000000000000863 R09: 0000000000000000
[   76.263268][ T5358] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[   76.267082][ T5358] R13: 00007feff39e6038 R14: 00007feff39e5fa0 R15: 00007ffcc0b5a508
[   76.270527][ T5358]  </TASK>
[   76.272308][ T5358] Kernel Offset: disabled
[   76.274250][ T5358] Rebooting in 86400 seconds..