program:
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x401, 0x8241)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200054, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@bh}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r3 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x20007, 0x0, 0x200000, 0xd, "22536af39b7c7cb7435b0a43852dbc3a9ada34cc97af10fd4fcca15748328c53096c2f359e9ba743d30b59c491a7b3e74d938981061383374a1d79471a2d2dfe", "0410b1617b6217917d72322c0c5aa9263626c0240010f9db74161ccff2c5cf5e", [0x3, 0x800]})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
open_by_handle_at(r4, &(0x7f0000000240)=@reiserfs_2={0x4b, 0x2, {0xb}}, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f00000001c0)='./file0\x00', 0x100000a, &(0x7f0000000140)=ANY=[@ANYBLOB='journal_async_commit,heartbeat=global,localflockw,usrquota,localalloc=18446744073709551610,nointr,\x00'], 0x1, 0x4705, &(0x7f0000004800)="$eJzs222IHGcBB/BnNqe5pMn1XtImafqySQQPLceln6r1QzyrNpo2L9pWU+Xcu1wvp3u3592uFgxSgyAKghIEFV+oCqVfakEM9EstQsEXpFUoFUXrF5FCFfxg0AZ6sjszuZ25vc7mNmlp+/tBuzfPzPPMs/e/eWafeTalRP3U3HJ5brlcWSjXpu9fvqX8uVq1MT8TSq+S1/r8dOdK5CT7186R933gI/fcEsIfjn3tQysrKyuhaTB0dKDt5/P/Pj3d/poq5eo02+3cWuyPjUde+vlbXumIIidCCDvW9KtpUwjhY78IYXMIYSgpG05et4QQtoUQohDCo7/514/7e+lCm7P3vvDcsTOH952ZePyxZy7MHl33wCiE71Z33zw7/+L+Tbc9/47LdHoAAHhFHzx+5O6j4wfCk1EYONe39vP6zuQ1/Xx859s+ddfDfav7V+jOplcxVAAAAMhZnf8PRi93WK9LV9bSJcEnHjhx91PR6n4T29e3Q3cduf394weS9d9ozf5bk6J/vndTaw01v+6bX/8dytXvvP67ep6Hv/rsLxfeuvH+p/1LzzsYotJYZrtUGhsL4dhEvL0r2lqq1pbr77y/1lg4ufHzvlFk849X7zNr4cmF323+w7n2i9b/d3/i8z/b0tfLOxgJ+b/a5nZ57Z8yHWTzX38s/8mXoq7yH8nVK8r/jqe3n//V5l7eQf6MXIps/vGFuK/9gHI8JjTz/2Zfcf47cu0X5f/9iXOPntjA93+a48xg1Oxrf2YEeDkpX+crTORk84+DyAydyS9yvev/f7n8r8m1X5T/nbV//O5vPdz/1xv/Ryd6afPNI5t/HEQ5c8Tq9T9UKr7+r821X5T/b0/9+dlP9nSvXpt/s/+j7v9dyeaf3Iizg2frN9nt+L8z135R/rtG7ntobgP9/vCWpJ8DURhp+9bpueYtbGD1M2xrStPcvbiBk7wJZPOPf2uZS2cgfmld/4PF4/+uXPtF+T+05+vvOd3T9387j//jxv+uZPPf0iq7lPxfyuW/O9d+Uf4/PP33v9x3mcf/5vZB+Xclm//WNftXn/+Uupr/XZerX/T8Z9/wU4/8tYf5f9q/9Lzp85/0OcRoFD//obNs/lete1y39/89uXpF1/+3/vP80/t7Gf+jfk8AepDNf1tc2GEC2G3+1+faL8r/C/d8+eN/2sD8r/WJrz/Nv23+vzkuP2r870o2/+1xYeYB8IOt/7fu/9Ha3P+by/+GXPtF+V84NNb3lct8/2/2fzT/D9HoKJv/wLrHNfP/fRf3/xtz9Yry/+Len754c0+f/0MYN9ffsGz+V697XOv67y/O/6ZcvaL8v/ONXz/xYA/9f3sPdcnnH9/rM5dT8tm82/l/Odd+Uf4/Gj1/dv8VmP/d6v7flWz+8ar5peSfn//vzbVflP/3jvxgqe8KPP+5Q/4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbMpy8DoaoNJbZLpXGxkIYSbZ3ha3RVOXk5FS1Nv2Z5RB2JOXlMBzNVmtTlerk3ELt5MxkpVqtTYdwTbJ/R+iPlqu1+uR8ZfHai21tiU7NVJbqUzOVeghhZ1J+fdietjU1V5+vLLaOTetcFVU+26jVK2ON5ZmlsPti+ba0fHap1li87mJbV5dqS4unKguTJ+eW3j0+Pj4e9lzs81A080B9ZqEe9zbe26yT1h2M2t5Ma/cNbef7dK2xtFCptspvbKtTrU1Xqm11bmo7X32psTBdqc9MVmuz6fnKbXXb3ltr995k32gYyry/tG7eweT19kPHP3r88IE1+8tRNu+FxvzM+PbOfxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvHE9edu7vh1C6Iu3SiGEg+kPUfJfxtl7X3ju2JnD+85MPP7YMxdmj3Y6BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWHnfl6q6OI4AJ8Z3/taIKW0EXIZGCKiOwkL+kUkldfIlm1aB7VKyKAoMIxoWRAEQe2igqBVUPkXRC1ctqo2tWhhEEHF6Exe7gg3vNAx53lgODPMvWe+MHDvzPkcDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvH2R2LXVl7adfmpa27P4TO/Nz/IYTRZHn/896O0BNC+Ppl5nRYpS30NPX/ZnJuvHzV5Pfe/vGH10eTtddffLe4bndI0qGG451Jmg4Nrb3/jerO4LPpwSSENHYhRLEw9uRMLYTQEbsQovj5cf5i9vv+X+xCiKL/w92u7P7XYhdCFFt3f+qr5c94VM/5+oXBxv/+Vo/gbTyisw69PXnlXeqmVt7L/P0/yTfvg9Uwe+LI++exiyCa2bmpo7FrAAAA/q5zLfL/sGV5//7lJPR0l3P/b035f29T/6vn/yvubb8xNtNWCLGtNDaZHQ/va6fPje/UwNXbr2vGe6pK/l9t8v9qk/9Xm/y/2uT/1Sb/J/NK/l9Jj2/uWXwRuwiikf8DAED1HDo+MVUfHsle/jf96Czn9X15W8/z9Ae3pgceNYwbyQ//bYePTRw4ODyS3/fygODK+g/p0tnv+XyP5rYw2TTvotX6D71PF+avdZY/Uf/D+RtFfcV1rf8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL/YnXsaBsEoDKPfbUXURquiCQs/CT7QwIgApDCjAR1MGICBEFDAQM5Z7k2e5QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4vn+V18X3l8ZIrzUiTWWXXfvneJr9zH07LO+zx41bAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NiBAxkAAAAAYf7WebQfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngoAAP//8w7LUQ==")
r5 = dup(r1)
write$P9_RFSYNC(r5, 0x0, 0x0)
close_range(r2, r2, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2800, 0x0)
sendfile(r0, r6, 0x0, 0x20fffe82)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x88000, 0x0)
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f200000002000000000900", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r8, 0x0, 0x0)
[ 85.280666][ T5339] Bluetooth: hci0: command tx timeout
[ 85.361767][ T5363] loop0: detected capacity change from 0 to 512
[ 85.392515][ T5363] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 85.405949][ T5363] EXT4-fs (loop0): invalid journal inode
[ 85.415690][ T5363] EXT4-fs (loop0): can't get journal size
[ 85.432666][ T5363] EXT4-fs (loop0): 1 truncate cleaned up
[ 85.439732][ T5363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 85.467326][ T25] audit: type=1800 audit(1758682828.230:2): pid=5363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0
[ 85.698244][ T5355] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 85.848590][ T5355] usb 5-1: Using ep0 maxpacket: 8
[ 85.854653][ T5355] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 85.860007][ T5355] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 85.863837][ T5355] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 85.870149][ T5355] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 85.874932][ T5355] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 85.879950][ T5355] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 85.900672][ T5355] hub 5-1:1.0: bad descriptor, ignoring hub
[ 85.903275][ T5355] hub 5-1:1.0: probe with driver hub failed with error -5
[ 85.906944][ T5355] cdc_wdm 5-1:1.0: skipping garbage
[ 85.919002][ T5355] cdc_wdm 5-1:1.0: skipping garbage
[ 85.931877][ T5355] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 85.934727][ T5355] cdc_wdm 5-1:1.0: Unknown control protocol
[ 86.208405][ T5363] loop0: detected capacity change from 512 to 255
[ 86.681789][ T54] cfg80211: failed to load regulatory.db
[ 86.825339][ T5363] ==================================================================
[ 86.828834][ T5363] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[ 86.832049][ T5363] Read of size 18446744073709551600 at addr ffff888053d542b8 by task syz.0.0/5363
[ 86.835712][ T5363]
[ 86.836867][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.836884][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.836892][ T5363] Call Trace:
[ 86.836898][ T5363]
[ 86.836904][ T5363] dump_stack_lvl+0x189/0x250
[ 86.836923][ T5363] ? __virt_addr_valid+0x1c8/0x5c0
[ 86.836939][ T5363] ? rcu_is_watching+0x15/0xb0
[ 86.836949][ T5363] ? __kasan_check_byte+0x12/0x40
[ 86.836963][ T5363] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.836975][ T5363] ? rcu_is_watching+0x15/0xb0
[ 86.836986][ T5363] ? lock_release+0x4b/0x3e0
[ 86.837003][ T5363] ? __virt_addr_valid+0x1c8/0x5c0
[ 86.837017][ T5363] ? __virt_addr_valid+0x4a5/0x5c0
[ 86.837031][ T5363] print_report+0xca/0x240
[ 86.837043][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 86.837057][ T5363] kasan_report+0x118/0x150
[ 86.837069][ T5363] ? bdev_getblk+0x80/0x660
[ 86.837086][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 86.837101][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 86.837115][ T5363] kasan_check_range+0x2b0/0x2c0
[ 86.837128][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 86.837142][ T5363] __asan_memmove+0x29/0x70
[ 86.837154][ T5363] ext4_xattr_set_entry+0x9c1/0x1e20
[ 86.837173][ T5363] ext4_xattr_ibody_set+0x254/0x6a0
[ 86.837189][ T5363] ext4_destroy_inline_data_nolock+0x214/0x5b0
[ 86.837203][ T5363] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[ 86.837214][ T5363] ? ext4_read_inline_folio+0x6eb/0x850
[ 86.837231][ T5363] ? __pfx_ext4_read_inline_folio+0x10/0x10
[ 86.837247][ T5363] ? down_write+0x162/0x1f0
[ 86.837303][ T5363] ? __filemap_get_folio+0x79f/0xaf0
[ 86.837324][ T5363] ext4_convert_inline_data_to_extent+0x540/0xdd0
[ 86.837348][ T5363] ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[ 86.837368][ T5363] ? ext4_inode_journal_mode+0x18c/0x480
[ 86.837384][ T5363] ? ext4_try_to_write_inline_data+0x49/0xa0
[ 86.837392][ T5363] ext4_write_begin+0x382/0x19a0
[ 86.837411][ T5363] ? __pfx_ext4_write_begin+0x10/0x10
[ 86.837429][ T5363] generic_perform_write+0x2c2/0x900
[ 86.837444][ T5363] ? __pfx_generic_perform_write+0x10/0x10
[ 86.837454][ T5363] ? file_modified_flags+0x4bb/0x560
[ 86.837466][ T5363] ? ext4_write_checks+0x24b/0x2c0
[ 86.837480][ T5363] ext4_buffered_write_iter+0xce/0x3a0
[ 86.837495][ T5363] ext4_file_write_iter+0x298/0x1bc0
[ 86.837512][ T5363] ? splice_from_pipe_next+0x608/0x660
[ 86.837527][ T5363] ? __pfx_ext4_file_write_iter+0x10/0x10
[ 86.837541][ T5363] ? __asan_memset+0x22/0x50
[ 86.837553][ T5363] iter_file_splice_write+0x975/0x10e0
[ 86.837573][ T5363] ? __pfx_iter_file_splice_write+0x10/0x10
[ 86.837587][ T5363] ? rcu_read_lock_any_held+0xb3/0x120
[ 86.837603][ T5363] ? __pfx_iter_file_splice_write+0x10/0x10
[ 86.837617][ T5363] direct_splice_actor+0x101/0x160
[ 86.837631][ T5363] splice_direct_to_actor+0x5a5/0xcc0
[ 86.837649][ T5363] ? __pfx_direct_splice_actor+0x10/0x10
[ 86.837663][ T5363] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 86.837678][ T5363] do_splice_direct+0x181/0x270
[ 86.837692][ T5363] ? __pfx_do_splice_direct+0x10/0x10
[ 86.837705][ T5363] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 86.837722][ T5363] ? rw_verify_area+0x255/0x4d0
[ 86.837735][ T5363] do_sendfile+0x4da/0x7e0
[ 86.837752][ T5363] ? __pfx_do_sendfile+0x10/0x10
[ 86.837767][ T5363] ? rcu_is_watching+0x15/0xb0
[ 86.837778][ T5363] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 86.837798][ T5363] __se_sys_sendfile64+0x13e/0x190
[ 86.837814][ T5363] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 86.837828][ T5363] ? rcu_is_watching+0x15/0xb0
[ 86.837840][ T5363] ? do_syscall_64+0xbe/0x3b0
[ 86.837851][ T5363] do_syscall_64+0xfa/0x3b0
[ 86.837862][ T5363] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.837873][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.837884][ T5363] ? clear_bhb_loop+0x60/0xb0
[ 86.837897][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.837908][ T5363] RIP: 0033:0x7fb1a978eec9
[ 86.837921][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 86.837931][ T5363] RSP: 002b:00007fb1a5bf5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 86.837944][ T5363] RAX: ffffffffffffffda RBX: 00007fb1a99e5fa0 RCX: 00007fb1a978eec9
[ 86.837953][ T5363] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[ 86.837960][ T5363] RBP: 00007fb1a9811f91 R08: 0000000000000000 R09: 0000000000000000
[ 86.837967][ T5363] R10: 0000000020fffe82 R11: 0000000000000246 R12: 0000000000000000
[ 86.837974][ T5363] R13: 00007fb1a99e6038 R14: 00007fb1a99e5fa0 R15: 00007fffb690eb78
[ 86.837986][ T5363]
[ 86.837990][ T5363]
[ 87.031703][ T5363] The buggy address belongs to the physical page:
[ 87.034464][ T5363] page: refcount:3 mapcount:0 mapping:ffff88800043cd80 index:0x2 pfn:0x53d54
[ 87.038278][ T5363] memcg:ffff888030ad8d00
[ 87.040139][ T5363] aops:def_blk_aops ino:700000 dentry name(?):""
[ 87.042843][ T5363] flags: 0x4fff18000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[ 87.046954][ T5363] raw: 04fff18000004214 0000000000000000 dead000000000122 ffff88800043cd80
[ 87.051477][ T5363] raw: 0000000000000002 ffff8880436ddd98 00000003ffffffff ffff888030ad8d00
[ 87.055733][ T5363] page dumped because: kasan: bad access detected
[ 87.058310][ T5363] page_owner tracks the page as allocated
[ 87.060730][ T5363] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5363, tgid 5362 (syz.0.0), ts 86823528302, free_ts 86805684241
[ 87.069182][ T5363] post_alloc_hook+0x240/0x2a0
[ 87.071236][ T5363] get_page_from_freelist+0x21e4/0x22c0
[ 87.073640][ T5363] __alloc_frozen_pages_noprof+0x181/0x370
[ 87.076111][ T5363] alloc_pages_mpol+0x232/0x4a0
[ 87.078240][ T5363] alloc_pages_noprof+0xa9/0x190
[ 87.080335][ T5363] folio_alloc_noprof+0x1e/0x30
[ 87.082314][ T5363] filemap_alloc_folio_noprof+0xdf/0x470
[ 87.084749][ T5363] __filemap_get_folio+0x3f2/0xaf0
[ 87.086908][ T5363] bdev_getblk+0x1ad/0x660
[ 87.088786][ T5363] __ext4_get_inode_loc+0x561/0x1040
[ 87.091028][ T5363] ext4_get_inode_loc+0x81/0xf0
[ 87.093214][ T5363] ext4_xattr_ibody_get+0x111/0x510
[ 87.095466][ T5363] ext4_xattr_get+0x123/0x6a0
[ 87.097635][ T5363] __vfs_getxattr+0x3f4/0x430
[ 87.099705][ T5363] cap_inode_need_killpriv+0x45/0x60
[ 87.102106][ T5363] security_inode_need_killpriv+0x89/0x270
[ 87.104617][ T5363] page last free pid 5363 tgid 5362 stack trace:
[ 87.107499][ T5363] free_unref_folios+0xdbd/0x1520
[ 87.109766][ T5363] folios_put_refs+0x559/0x640
[ 87.111801][ T5363] shmem_undo_range+0x49e/0x14b0
[ 87.113781][ T5363] shmem_evict_inode+0x272/0xa70
[ 87.115824][ T5363] evict+0x504/0x9c0
[ 87.117544][ T5363] __dentry_kill+0x209/0x660
[ 87.119241][ T5363] dput+0x19f/0x2b0
[ 87.120865][ T5363] __fput+0x68e/0xa70
[ 87.122657][ T5363] fput_close_sync+0x119/0x200
[ 87.124809][ T5363] __x64_sys_close+0x7f/0x110
[ 87.126842][ T5363] do_syscall_64+0xfa/0x3b0
[ 87.128885][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.131354][ T5363]
[ 87.132418][ T5363] Memory state around the buggy address:
[ 87.134636][ T5363] ffff888053d54180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 87.137951][ T5363] ffff888053d54200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 87.141187][ T5363] >ffff888053d54280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 87.144372][ T5363] ^
[ 87.146529][ T5363] ffff888053d54300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 87.149988][ T5363] ffff888053d54380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 87.153548][ T5363] ==================================================================
[ 87.179338][ T5363] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 87.182531][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 87.186533][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.191188][ T5363] Call Trace:
[ 87.192541][ T5363]
[ 87.193800][ T5363] dump_stack_lvl+0x99/0x250
[ 87.195759][ T5363] ? __asan_memcpy+0x40/0x70
[ 87.197831][ T5363] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.200041][ T5363] ? __pfx__printk+0x10/0x10
[ 87.202072][ T5363] vpanic+0x281/0x750
[ 87.203832][ T5363] ? __pfx_print_hex_dump+0x10/0x10
[ 87.206117][ T5363] ? __pfx_vpanic+0x10/0x10
[ 87.208087][ T5363] ? preempt_schedule_common+0x83/0xd0
[ 87.210533][ T5363] ? preempt_schedule+0xae/0xc0
[ 87.212580][ T5363] panic+0xb9/0xc0
[ 87.214195][ T5363] ? __pfx_panic+0x10/0x10
[ 87.216178][ T5363] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 87.218848][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 87.221100][ T5363] check_panic_on_warn+0x89/0xb0
[ 87.223225][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 87.225535][ T5363] end_report+0x78/0x160
[ 87.227348][ T5363] kasan_report+0x129/0x150
[ 87.229068][ T5363] ? bdev_getblk+0x80/0x660
[ 87.230960][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 87.233375][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 87.235886][ T5363] kasan_check_range+0x2b0/0x2c0
[ 87.238081][ T5363] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 87.240371][ T5363] __asan_memmove+0x29/0x70
[ 87.242326][ T5363] ext4_xattr_set_entry+0x9c1/0x1e20
[ 87.244609][ T5363] ext4_xattr_ibody_set+0x254/0x6a0
[ 87.246887][ T5363] ext4_destroy_inline_data_nolock+0x214/0x5b0
[ 87.249507][ T5363] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[ 87.252247][ T5363] ? ext4_read_inline_folio+0x6eb/0x850
[ 87.254519][ T5363] ? __pfx_ext4_read_inline_folio+0x10/0x10
[ 87.257039][ T5363] ? down_write+0x162/0x1f0
[ 87.258833][ T5363] ? __filemap_get_folio+0x79f/0xaf0
[ 87.261036][ T5363] ext4_convert_inline_data_to_extent+0x540/0xdd0
[ 87.263815][ T5363] ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[ 87.266746][ T5363] ? ext4_inode_journal_mode+0x18c/0x480
[ 87.268932][ T5363] ? ext4_try_to_write_inline_data+0x49/0xa0
[ 87.271370][ T5363] ext4_write_begin+0x382/0x19a0
[ 87.273428][ T5363] ? __pfx_ext4_write_begin+0x10/0x10
[ 87.275699][ T5363] generic_perform_write+0x2c2/0x900
[ 87.278053][ T5363] ? __pfx_generic_perform_write+0x10/0x10
[ 87.280590][ T5363] ? file_modified_flags+0x4bb/0x560
[ 87.282901][ T5363] ? ext4_write_checks+0x24b/0x2c0
[ 87.285194][ T5363] ext4_buffered_write_iter+0xce/0x3a0
[ 87.287457][ T5363] ext4_file_write_iter+0x298/0x1bc0
[ 87.289555][ T5363] ? splice_from_pipe_next+0x608/0x660
[ 87.291781][ T5363] ? __pfx_ext4_file_write_iter+0x10/0x10
[ 87.294387][ T5363] ? __asan_memset+0x22/0x50
[ 87.296614][ T5363] iter_file_splice_write+0x975/0x10e0
[ 87.298876][ T5363] ? __pfx_iter_file_splice_write+0x10/0x10
[ 87.301240][ T5363] ? rcu_read_lock_any_held+0xb3/0x120
[ 87.303533][ T5363] ? __pfx_iter_file_splice_write+0x10/0x10
[ 87.305908][ T5363] direct_splice_actor+0x101/0x160
[ 87.308093][ T5363] splice_direct_to_actor+0x5a5/0xcc0
[ 87.310398][ T5363] ? __pfx_direct_splice_actor+0x10/0x10
[ 87.312800][ T5363] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 87.315473][ T5363] do_splice_direct+0x181/0x270
[ 87.317498][ T5363] ? __pfx_do_splice_direct+0x10/0x10
[ 87.319810][ T5363] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 87.322227][ T5363] ? rw_verify_area+0x255/0x4d0
[ 87.324141][ T5363] do_sendfile+0x4da/0x7e0
[ 87.326014][ T5363] ? __pfx_do_sendfile+0x10/0x10
[ 87.327988][ T5363] ? rcu_is_watching+0x15/0xb0
[ 87.330002][ T5363] ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 87.332685][ T5363] __se_sys_sendfile64+0x13e/0x190
[ 87.334966][ T5363] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 87.337332][ T5363] ? rcu_is_watching+0x15/0xb0
[ 87.339429][ T5363] ? do_syscall_64+0xbe/0x3b0
[ 87.341556][ T5363] do_syscall_64+0xfa/0x3b0
[ 87.343471][ T5363] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.345684][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.348573][ T5363] ? clear_bhb_loop+0x60/0xb0
[ 87.350628][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.353207][ T5363] RIP: 0033:0x7fb1a978eec9
[ 87.355175][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 87.363053][ T5363] RSP: 002b:00007fb1a5bf5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 87.366701][ T5363] RAX: ffffffffffffffda RBX: 00007fb1a99e5fa0 RCX: 00007fb1a978eec9
[ 87.370020][ T5363] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[ 87.373427][ T5363] RBP: 00007fb1a9811f91 R08: 0000000000000000 R09: 0000000000000000
[ 87.376936][ T5363] R10: 0000000020fffe82 R11: 0000000000000246 R12: 0000000000000000
[ 87.380462][ T5363] R13: 00007fb1a99e6038 R14: 00007fb1a99e5fa0 R15: 00007fffb690eb78
[ 87.383593][ T5363]
[ 87.385142][ T5363] Kernel Offset: disabled
[ 87.387095][ T5363] Rebooting in 86400 seconds..