program:
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'ip6tnl0\x00', &(0x7f0000000380)={'ip6tnl0\x00', 0x0, 0x4, 0x7, 0x1, 0x700, 0x0, @empty, @loopback, 0x0, 0x700, 0x1, 0x7f}})
sendmsg$inet6(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0xa, 0x4e20, 0xfffff96a, @rand_addr=' \x01\x00', 0x1}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000006c0)="6fca8dd555a211299a35fb3b12e7e80c54209a623564b6c82e5b581a6566eb06ada6896d445882bd79c28f980623db6b5569fd07a1bd3951ad17c5be6d61fcf7cfc4e14998f9ce5521b5e39867c0592389365d971605674bd3d0c31512b76d0d9f8dbb760128818febe0adecf3d82a205cbcf5f02d688c0c4416fc9e87448da5df064205cb00b568cfedd5fe1a82a72dfbd0f512db562ecc1210dc8d02551e54bbfbda8605c2b6d56c644a094e718df6a6751eb8ed459005ab17ab1daaed575050a889f698e49230e17c52e7028824b49c82c055a8d0ba4ba3ac0f5c", 0xdc}], 0x1, &(0x7f00000007c0)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xf9}}, @tclass={{0x14, 0x29, 0x43, 0x200}}, @tclass={{0x14, 0x29, 0x43, 0x6}}, @dstopts_2292={{0xc0, 0x29, 0x4, {0x29, 0x14, '\x00', [@ra={0x5, 0x2, 0x896}, @hao={0xc9, 0x10, @remote}, @enc_lim={0x4, 0x1, 0x6}, @generic={0x2, 0x1d, "9b4e1a537ea18064f03c24642be3b9590d957b6caa7b037dd424290b75"}, @calipso={0x7, 0x40, {0x1, 0xe, 0x9, 0x1, [0x6, 0x715, 0xffffffff, 0x3, 0x7, 0x9, 0xfffffffffffffc66]}}, @hao={0xc9, 0x10, @empty}, @ra={0x5, 0x2, 0x5}, @padn={0x1, 0x2, [0x0, 0x0]}, @hao={0xc9, 0x10, @private1}]}}}], 0x108}, 0x40000)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
r2 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r4, &(0x7f00000004c0)={0x18}, 0x18)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0, 0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000640)={0x50, 0x0, r6, {0x7, 0x29, 0x20200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}}, 0x50)
write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18, 0x0, r6, {0x1}}, 0x18)
io_setup(0x202, &(0x7f0000000200)=<r8=>0x0)
syz_open_procfs(r7, &(0x7f0000000240)='net/rfcomm\x00')
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$sock_timeval(r9, 0x1, 0x25, &(0x7f0000abaff9)={0x0, 0xea60}, 0x8)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r10, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
syz_mount_image$ocfs2(&(0x7f0000004480), &(0x7f00000044c0)='.\x00', 0x810401, &(0x7f0000000580)={[{@heartbeat_local}, {@inode64}, {@intr}, {@grpquota}, {@heartbeat_local}, {@resv_level={'resv_level', 0x3d, 0x3}}, {@cluster_stack}, {@data_writeback}, {@user_xattr}, {@data_ordered}, {@resv_level={'resv_level', 0x3d, 0x20005}}]}, 0x18, 0x4487, &(0x7f0000008980)="$eJzs27tvXFUeAOBzr53EziZZv/JOpNFusdbuyhqn2iUFITGgSIhg8ygoYo0fSQxjj2WPUQokgugjIVEgappE/ANJlZqOgrSUKQIFDQIJYTR37thz73jIEDw2Md8nJdf3vOXf3HPP0RnHqeqNhdXCwmqhtFSozF5bPVd4r1JeW5wP8Q7Z7f7pTDfiJPa758qll15/61wIN78e+tv6+vp6qBkIWxpv+vmH79+fbb42xLk6tXY3bvq2bvePeTuEMLLRePN4etLRRCGEwTRtKL32hxAOpXkffXFnaruG1vPo7uSdyYnb9x4vPuy/dLXQtmAUwmflk/+9vvjtP3vOf/PvbeoeAAB+08tTV958rXc8PIjCkfu9ufV6COF4em23Pl6nI893P5QAAADQVrL/L9b2/wNRHLXu/0fSa5sjwWBj+2y7/OqViReL4+n5b9SS/7806bsXepIz1Py5b/78dzBXP/95qmvt52k1xtfodyBE8VjmPo7HxkIYv1i/PxEdjMuV1ep/rlXWlua2bRjPrGz8N8/LN6QH+h3E/8vQdL7esHX8t9Nwy6epdl/Yvo/YnpaNf0/bcp9/GHX0/A/n6u1E/Hl62fj3Jmn/aC5QqE8Atfh/3Pvk+I/k2u9W/I/U5vaoNta+zAxQW8PU0tutV8jKxn9fkhYl5zppgfQX2e75/ykX/6O59ndr/h+92N1e94ps/PcnaemX1qKfkw/B5vM/GD/5+T+Wa3834l8b/6j3f0ey8T9QT8xOnslvstP5/3iu/S7F/1Z6rBrCkSgMN33r9H5v/eXQOK9OtjS17OUujGIPyMa/9ZR/c/8Xt8z/+7aI/4lc/Z3a/zX6bez/GvuQ0ai+/2Nr2fj3ty3X6fN/Mlev6/N/1JfuANY/6Go/e1Q2/gfriZnHs/4y6DT+p3LtdxT//b9/3MmM39eI/+aAfzlQTy9a/3UkG/80VJnXwK3k/2T9F7XG/cdc/E/n2m+Kf/5PQ7ZJ6/qvNv7RLvW212Tjf6htuVr8v6rHPZkk2j3/Z3L1ur/+D6Forf/UsvE/3LZc8vz3PXn+P5ur1+34/6ubjQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AUMpdeBEMVjmfs4HhsLYTi9PxEORjOluemZcmX23dUQRtL0QhiKrpcrM6Xy9MJSZW5+ulQuV2ZDOJrmj4S+aLVcqU4vlpaPbbTVH92YL61UZ+ZL1RDC8TT9TDjcaGtmobpYWk7Khrie9/e4srJ8o7Q0Pbew8lyxWCyGkxtjGIzmb1bnl6r13uu5IZzaaHcgahpckn16YyyHoncqaytLpXKSfqapTrkyWyo31Tmb5n0SBqPqytrSbKk6P12uXG/0t5supNeJy1NvTL0y3pJfiOrXoZ0dFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/Mg/O///TEEJv/S4OIVxo/BCl/zJ6Ht2dvDM5cfve48WH/ZeuFrYqAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8yg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26VilYSgKA/C5V0HBRRzdBaeQbK6KIi5GBJ/Al+jQ1+xjdOjYpRTaGwhJA11aOnzfckh+7j0H7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMvx+dv+/dRNRIrbzU3EbPFw188fS63fDp+/OsOMnM7Xd/v+UTfl3dMofym/lq95l65X8/8o9br33WkGezLcp71xn6GpfZuar+t7HylXEfFU8ueUc1UddxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJa9OTQBEAziOHonmGwW19ApjIrgHkbHcwnn0SQYDMJX30sHx48/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDPuEzr3A9xZFRXZuxn27z/3XNs332WzddlOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCzAwcyAAAAAML8rfNoPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEEBAAD//2t/0Vs=")
io_submit(r8, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r2, &(0x7f0000000000), 0x100000, 0x3000}])

[   74.175156][ T5332] Bluetooth: hci0: command tx timeout
[   74.220064][ T5353] loop0: detected capacity change from 0 to 512
[   74.284277][ T5353] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.0: casefold flag without casefold feature
[   74.306776][ T5353] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.0: couldn't read orphan inode 15 (err -117)
[   74.334332][ T5353] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.413218][ T5354] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   74.461996][ T5354] loop0: detected capacity change from 512 to 64
[   74.465878][ T5353] syz.0.0: attempt to access beyond end of device
[   74.465878][ T5353] loop0: rw=14337, sector=90, nr_sectors = 2 limit=64
[   74.498110][ T5353] Buffer I/O error on dev loop0, logical block 45, lost sync page write
[   74.502763][ T5353] EXT4-fs error (device loop0): ext4_splice_branch:472: inode #18: block 45: comm syz.0.0: IO error syncing itable block
[   74.517547][ T5353] EXT4-fs error (device loop0): ext4_check_bdev_write_error:228: comm syz.0.0: Error while async write back metadata
[   74.531713][ T5353] syz.0.0: attempt to access beyond end of device
[   74.531713][ T5353] loop0: rw=2051, sector=306, nr_sectors = 2 limit=64
[   74.541294][ T5353] EXT4-fs (loop0): discard request in group:0 block:152 count:1 failed with -5
[   74.545501][ T5353] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: IO failure
[   74.559570][ T5353] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 153:freeing already freed block (bit 152); block bitmap corrupt.
[   74.566888][ T5353] EXT4-fs (loop0): pa ffff888044a19000: logic 112, phys. 149, len 12
[   74.570187][ T5353] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 8, pa_free 7
[   74.592005][ T5353] syz.0.0: attempt to access beyond end of device
[   74.592005][ T5353] loop0: rw=14337, sector=90, nr_sectors = 2 limit=64
[   74.602091][ T5353] Buffer I/O error on dev loop0, logical block 45, lost sync page write
[   74.605573][ T5353] EXT4-fs error (device loop0): ext4_free_data:978: inode #18: block 45: comm syz.0.0: IO error syncing itable block
[   74.629537][ T5353] EXT4-fs error (device loop0): ext4_check_bdev_write_error:228: comm syz.0.0: Error while async write back metadata
[   74.637306][ T5353] syz.0.0: attempt to access beyond end of device
[   74.637306][ T5353] loop0: rw=2049, sector=74, nr_sectors = 16 limit=64
[   74.651862][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 37)
[   74.662964][ T5353] Buffer I/O error on device loop0, logical block 37
[   74.666904][ T5353] Buffer I/O error on device loop0, logical block 38
[   74.670055][ T5353] Buffer I/O error on device loop0, logical block 39
[   74.672686][ T5353] Buffer I/O error on device loop0, logical block 40
[   74.691722][ T5353] Buffer I/O error on device loop0, logical block 41
[   74.694606][ T5353] Buffer I/O error on device loop0, logical block 42
[   74.697456][ T5353] Buffer I/O error on device loop0, logical block 43
[   74.700270][ T5353] Buffer I/O error on device loop0, logical block 44
[   74.713973][ T5353] syz.0.0: attempt to access beyond end of device
[   74.713973][ T5353] loop0: rw=2049, sector=98, nr_sectors = 8 limit=64
[   74.719215][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 49)
[   74.741106][ T5353] Buffer I/O error on device loop0, logical block 49
[   74.743875][ T5353] Buffer I/O error on device loop0, logical block 50
[   74.750323][ T5353] syz.0.0: attempt to access beyond end of device
[   74.750323][ T5353] loop0: rw=2049, sector=114, nr_sectors = 8 limit=64
[   74.767348][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 57)
[   74.773274][ T5353] syz.0.0: attempt to access beyond end of device
[   74.773274][ T5353] loop0: rw=2049, sector=106, nr_sectors = 8 limit=64
[   74.789441][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 53)
[   74.799719][ T5353] syz.0.0: attempt to access beyond end of device
[   74.799719][ T5353] loop0: rw=2049, sector=426, nr_sectors = 8 limit=64
[   74.809760][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 213)
[   74.820062][ T5353] syz.0.0: attempt to access beyond end of device
[   74.820062][ T5353] loop0: rw=2049, sector=178, nr_sectors = 8 limit=64
[   74.840241][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 89)
[   74.846751][ T5353] syz.0.0: attempt to access beyond end of device
[   74.846751][ T5353] loop0: rw=2049, sector=250, nr_sectors = 8 limit=64
[   74.860988][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 125)
[   74.877352][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 161)
[   74.887477][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 185)
[   74.897838][ T5353] EXT4-fs warning (device loop0): ext4_end_bio:372: I/O error 10 writing to inode 18 starting block 232)
[   75.058521][ T5353] ==================================================================
[   75.061808][ T5353] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[   75.064956][ T5353] Read of size 18446744073709551600 at addr ffff88804d36e6b8 by task syz.0.0/5353
[   75.068768][ T5353] 
[   75.069833][ T5353] CPU: 0 UID: 0 PID: 5353 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) 
[   75.069849][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.069857][ T5353] Call Trace:
[   75.069864][ T5353]  <TASK>
[   75.069870][ T5353]  dump_stack_lvl+0x189/0x250
[   75.069887][ T5353]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.069901][ T5353]  ? rcu_is_watching+0x15/0xb0
[   75.069910][ T5353]  ? __kasan_check_byte+0x12/0x40
[   75.069923][ T5353]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.069936][ T5353]  ? rcu_is_watching+0x15/0xb0
[   75.069946][ T5353]  ? lock_release+0x4b/0x3e0
[   75.069962][ T5353]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.069975][ T5353]  ? __virt_addr_valid+0x4a5/0x5c0
[   75.069986][ T5353]  print_report+0xca/0x240
[   75.069995][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.070008][ T5353]  kasan_report+0x118/0x150
[   75.070019][ T5353]  ? bdev_getblk+0x80/0x660
[   75.070034][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.070047][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.070059][ T5353]  kasan_check_range+0x2b0/0x2c0
[   75.070071][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.070083][ T5353]  __asan_memmove+0x29/0x70
[   75.070093][ T5353]  ext4_xattr_set_entry+0x9c1/0x1e20
[   75.070108][ T5353]  ext4_xattr_ibody_set+0x254/0x6a0
[   75.070122][ T5353]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   75.070135][ T5353]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   75.070148][ T5353]  ? down_write+0x162/0x1f0
[   75.070201][ T5353]  ? __filemap_get_folio+0x79f/0xaf0
[   75.070214][ T5353]  ext4_convert_inline_data_to_extent+0x540/0xdd0
[   75.070229][ T5353]  ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[   75.070240][ T5353]  ? ext4_inode_journal_mode+0x18c/0x480
[   75.070250][ T5353]  ? lockdep_unlock+0x89/0x120
[   75.070259][ T5353]  ? ext4_try_to_write_inline_data+0x49/0xa0
[   75.070270][ T5353]  ext4_write_begin+0x382/0x19a0
[   75.070284][ T5353]  ? __pfx_ext4_write_begin+0x10/0x10
[   75.070295][ T5353]  generic_perform_write+0x2c2/0x900
[   75.070304][ T5353]  ? __pfx_generic_perform_write+0x10/0x10
[   75.070312][ T5353]  ? file_modified_flags+0x4bb/0x560
[   75.070322][ T5353]  ? ext4_write_checks+0x24b/0x2c0
[   75.070334][ T5353]  ext4_buffered_write_iter+0xce/0x3a0
[   75.070346][ T5353]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   75.070358][ T5353]  ext4_file_write_iter+0x298/0x1bc0
[   75.070372][ T5353]  ? __lock_acquire+0xab9/0xd20
[   75.070389][ T5353]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.070400][ T5353]  ? aio_write+0x4c4/0x7a0
[   75.070410][ T5353]  aio_write+0x535/0x7a0
[   75.070420][ T5353]  ? __pfx_aio_write+0x10/0x10
[   75.070438][ T5353]  ? __might_fault+0xb0/0x130
[   75.070448][ T5353]  io_submit_one+0x78b/0x1310
[   75.070465][ T5353]  ? __pfx_io_submit_one+0x10/0x10
[   75.070477][ T5353]  ? __might_fault+0xb0/0x130
[   75.070490][ T5353]  ? __might_fault+0xb0/0x130
[   75.070502][ T5353]  __se_sys_io_submit+0x185/0x2f0
[   75.070516][ T5353]  ? __pfx___se_sys_io_submit+0x10/0x10
[   75.070531][ T5353]  ? do_syscall_64+0xbe/0x3b0
[   75.070545][ T5353]  do_syscall_64+0xfa/0x3b0
[   75.070554][ T5353]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.070561][ T5353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.070567][ T5353]  ? clear_bhb_loop+0x60/0xb0
[   75.070574][ T5353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.070580][ T5353] RIP: 0033:0x7f7ee738ebe9
[   75.070591][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.070599][ T5353] RSP: 002b:00007f7ee81d0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   75.070612][ T5353] RAX: ffffffffffffffda RBX: 00007f7ee75b5fa0 RCX: 00007f7ee738ebe9
[   75.070620][ T5353] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f7ee8186000
[   75.070627][ T5353] RBP: 00007f7ee7411e19 R08: 0000000000000000 R09: 0000000000000000
[   75.070633][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.070640][ T5353] R13: 00007f7ee75b6038 R14: 00007f7ee75b5fa0 R15: 00007ffdd16f75a8
[   75.070652][ T5353]  </TASK>
[   75.070656][ T5353] 
[   75.236422][ T5353] The buggy address belongs to the physical page:
[   75.239130][ T5353] page: refcount:2 mapcount:0 mapping:ffff888031c4cd80 index:0x2 pfn:0x4d36e
[   75.242955][ T5353] memcg:ffff888030ad0d00
[   75.244824][ T5353] aops:def_blk_aops ino:700000 dentry name(?):""
[   75.247538][ T5353] flags: 0x4fff38000004234(referenced|dirty|lru|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[   75.252315][ T5353] raw: 04fff38000004234 ffffea00010e19c8 ffff888030ae09e0 ffff888031c4cd80
[   75.256169][ T5353] raw: 0000000000000002 ffff888044a1a000 00000002ffffffff ffff888030ad0d00
[   75.260050][ T5353] page dumped because: kasan: bad access detected
[   75.262832][ T5353] page_owner tracks the page as allocated
[   75.265345][ T5353] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5353, tgid 5352 (syz.0.0), ts 74545166906, free_ts 74496416972
[   75.273883][ T5353]  post_alloc_hook+0x240/0x2a0
[   75.276067][ T5353]  get_page_from_freelist+0x21e4/0x22c0
[   75.278501][ T5353]  __alloc_frozen_pages_noprof+0x181/0x370
[   75.281300][ T5353]  alloc_pages_mpol+0x232/0x4a0
[   75.283541][ T5353]  alloc_pages_noprof+0xa9/0x190
[   75.285749][ T5353]  folio_alloc_noprof+0x1e/0x30
[   75.288060][ T5353]  filemap_alloc_folio_noprof+0xdf/0x470
[   75.291020][ T5353]  __filemap_get_folio+0x3f2/0xaf0
[   75.293888][ T5353]  bdev_getblk+0x1ad/0x660
[   75.296064][ T5353]  __ext4_get_inode_loc+0x561/0x1040
[   75.298461][ T5353]  ext4_reserve_inode_write+0x18b/0x360
[   75.300701][ T5353]  __ext4_mark_inode_dirty+0x15b/0x700
[   75.303071][ T5353]  ext4_dirty_inode+0xd0/0x110
[   75.305329][ T5353]  __mark_inode_dirty+0x2ce/0xdf0
[   75.307415][ T5353]  ext4_free_blocks+0x1340/0x1bf0
[   75.309426][ T5353]  ext4_splice_branch+0x438/0x590
[   75.311397][ T5353] page last free pid 5328 tgid 5328 stack trace:
[   75.314064][ T5353]  free_unref_folios+0xdbd/0x1520
[   75.316161][ T5353]  folios_put_refs+0x559/0x640
[   75.318252][ T5353]  shmem_undo_range+0x49e/0x14b0
[   75.320232][ T5353]  shmem_evict_inode+0x272/0xa70
[   75.322378][ T5353]  evict+0x504/0x9c0
[   75.324192][ T5353]  __dentry_kill+0x209/0x660
[   75.326126][ T5353]  dput+0x19f/0x2b0
[   75.327733][ T5353]  do_renameat2+0x6de/0xa80
[   75.329674][ T5353]  __x64_sys_rename+0x82/0x90
[   75.331732][ T5353]  do_syscall_64+0xfa/0x3b0
[   75.333808][ T5353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.336594][ T5353] 
[   75.337742][ T5353] Memory state around the buggy address:
[   75.340282][ T5353]  ffff88804d36e580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.343686][ T5353]  ffff88804d36e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.347219][ T5353] >ffff88804d36e680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.350774][ T5353]                                         ^
[   75.353325][ T5353]  ffff88804d36e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.356794][ T5353]  ffff88804d36e780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.360217][ T5353] ==================================================================
[   75.382413][ T5353] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   75.385559][ T5353] CPU: 0 UID: 0 PID: 5353 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) 
[   75.390430][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.395593][ T5353] Call Trace:
[   75.398140][ T5353]  <TASK>
[   75.399439][ T5353]  dump_stack_lvl+0x99/0x250
[   75.401435][ T5353]  ? __asan_memcpy+0x40/0x70
[   75.403376][ T5353]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.406165][ T5353]  ? __pfx__printk+0x10/0x10
[   75.408204][ T5353]  vpanic+0x281/0x750
[   75.409957][ T5353]  ? __pfx_print_hex_dump+0x10/0x10
[   75.412132][ T5353]  ? __pfx_vpanic+0x10/0x10
[   75.414111][ T5353]  ? preempt_schedule_common+0x83/0xd0
[   75.416350][ T5353]  ? preempt_schedule+0xae/0xc0
[   75.418528][ T5353]  panic+0xb9/0xc0
[   75.420235][ T5353]  ? __pfx_panic+0x10/0x10
[   75.422194][ T5353]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.425024][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.427565][ T5353]  check_panic_on_warn+0x89/0xb0
[   75.429696][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.432057][ T5353]  end_report+0x78/0x160
[   75.434099][ T5353]  kasan_report+0x129/0x150
[   75.436166][ T5353]  ? bdev_getblk+0x80/0x660
[   75.438073][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.440532][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.442916][ T5353]  kasan_check_range+0x2b0/0x2c0
[   75.445243][ T5353]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.447713][ T5353]  __asan_memmove+0x29/0x70
[   75.449798][ T5353]  ext4_xattr_set_entry+0x9c1/0x1e20
[   75.452075][ T5353]  ext4_xattr_ibody_set+0x254/0x6a0
[   75.454482][ T5353]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   75.457242][ T5353]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   75.460134][ T5353]  ? down_write+0x162/0x1f0
[   75.462302][ T5353]  ? __filemap_get_folio+0x79f/0xaf0
[   75.464952][ T5353]  ext4_convert_inline_data_to_extent+0x540/0xdd0
[   75.467509][ T5353]  ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[   75.470390][ T5353]  ? ext4_inode_journal_mode+0x18c/0x480
[   75.472929][ T5353]  ? lockdep_unlock+0x89/0x120
[   75.475300][ T5353]  ? ext4_try_to_write_inline_data+0x49/0xa0
[   75.478314][ T5353]  ext4_write_begin+0x382/0x19a0
[   75.480933][ T5353]  ? __pfx_ext4_write_begin+0x10/0x10
[   75.483443][ T5353]  generic_perform_write+0x2c2/0x900
[   75.486035][ T5353]  ? __pfx_generic_perform_write+0x10/0x10
[   75.488594][ T5353]  ? file_modified_flags+0x4bb/0x560
[   75.490953][ T5353]  ? ext4_write_checks+0x24b/0x2c0
[   75.493138][ T5353]  ext4_buffered_write_iter+0xce/0x3a0
[   75.495655][ T5353]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   75.498242][ T5353]  ext4_file_write_iter+0x298/0x1bc0
[   75.500480][ T5353]  ? __lock_acquire+0xab9/0xd20
[   75.502620][ T5353]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.505141][ T5353]  ? aio_write+0x4c4/0x7a0
[   75.507077][ T5353]  aio_write+0x535/0x7a0
[   75.508976][ T5353]  ? __pfx_aio_write+0x10/0x10
[   75.511144][ T5353]  ? __might_fault+0xb0/0x130
[   75.513184][ T5353]  io_submit_one+0x78b/0x1310
[   75.515346][ T5353]  ? __pfx_io_submit_one+0x10/0x10
[   75.517783][ T5353]  ? __might_fault+0xb0/0x130
[   75.519907][ T5353]  ? __might_fault+0xb0/0x130
[   75.521979][ T5353]  __se_sys_io_submit+0x185/0x2f0
[   75.524130][ T5353]  ? __pfx___se_sys_io_submit+0x10/0x10
[   75.526487][ T5353]  ? do_syscall_64+0xbe/0x3b0
[   75.528532][ T5353]  do_syscall_64+0xfa/0x3b0
[   75.530575][ T5353]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.532839][ T5353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.535533][ T5353]  ? clear_bhb_loop+0x60/0xb0
[   75.537735][ T5353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.540256][ T5353] RIP: 0033:0x7f7ee738ebe9
[   75.542174][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.550661][ T5353] RSP: 002b:00007f7ee81d0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   75.554359][ T5353] RAX: ffffffffffffffda RBX: 00007f7ee75b5fa0 RCX: 00007f7ee738ebe9
[   75.557904][ T5353] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f7ee8186000
[   75.561416][ T5353] RBP: 00007f7ee7411e19 R08: 0000000000000000 R09: 0000000000000000
[   75.564763][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.568384][ T5353] R13: 00007f7ee75b6038 R14: 00007f7ee75b5fa0 R15: 00007ffdd16f75a8
[   75.572063][ T5353]  </TASK>
[   75.573879][ T5353] Kernel Offset: disabled
[   75.575883][ T5353] Rebooting in 86400 seconds..