program:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e4ebf1b00000000000000000000000000090000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x141842, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000200), 0xfea7)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0xffc9)
write$P9_RLERROR(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="d7f96e4daf0a000000"], 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000100)=ANY=[], 0xb, 0x0, &(0x7f0000000100))
r5 = syz_open_dev$loop(&(0x7f0000000580), 0x0, 0x20000)
ioctl$LOOP_SET_STATUS(r5, 0x4c02, &(0x7f0000000080)={0x0, {}, 0x0, {}, 0x8, 0x1, 0x14, 0x19, "981dfe1404ea1234275704afed730428df8208a7c9b3be966a82ea28b7f307e69b054b0cb5d6966e64512dba391b82c6ba86117bcb0fac71f4d84f5f54297589", "0bc262b5f40e155c7b772ff3beb84c47828a6403bed6f41cc070c1f4c52c0d71", [0x6]})
copy_file_range(r3, &(0x7f00000001c0), r2, 0x0, 0xffffffffa003e45b, 0x700000000000000)
setrlimit(0x7, &(0x7f0000000000)={0x0, 0x9})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r0, &(0x7f00000000c0)="074706c179ec4268aa96b2fced1ca51f656ac2519aee3998246385f65d073fac1e96", &(0x7f0000000240)=""/48}, 0x20)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000300)={0x1d, 0x0, 0x0, {0x2, 0xf0, 0x4}, 0xfd}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="20000000030605010000000000000000020000080900020073797a3000000000bb597f88a1b4a931d32aae77b6283bab7f32c889c5e999b0a6819d2b297714c34caf559de3ba3779b1a4cb44247402996514fecb98e6a3f1b4976296394389d2727048d3492cf823c71962e16001e4fba102e98d883fc99596f188dc6028480ed3c0e8fd0065d3bfd76d1ac4e51dfd5f8a9a2cfa08db8dbe76d0188f1f8c64b800fc4972b445d0f8b6b5a8ccb68f278dc94c9891613f02479a037bf43c65e2b38538697978e2af62aed97704a72a70e51ae4"], 0x20}}, 0x80)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000780)=ANY=[@ANYBLOB="4743b27b698e00d78dc662a797829dbff25565730ff026cc44a035811be58039de67f2803d3405500fe12cfe527576718efc776503c4432203fb3601677b9c96898d5942ef566d38a95535f8fada7c98784f58c343353d2c0272f33c718b86665d71782ae1", @ANYRES32=r1, @ANYBLOB="79c228a1bd80a98134a72c136f8e2899a1d2102c60595a3cf306146b77fee179d6654074dcf421339000a49f71db2ac85f65ae920be02a9b2ff49746b42a71c7fef1d241103e14", @ANYRESOCT=r2, @ANYRES32=r5], 0x68}}, 0x82)
r7 = socket$igmp6(0xa, 0x3, 0x2)
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r7, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r6, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)
socket$kcm(0x10, 0x2, 0x0)

[   86.713145][ T4653] Bluetooth: hci0: command tx timeout
[   87.094506][ T5325] loop0: detected capacity change from 0 to 32768
[   87.109852][ T5325] =======================================================
[   87.109852][ T5325] WARNING: The mand mount option has been deprecated and
[   87.109852][ T5325]          and is ignored by this kernel. Remove the mand
[   87.109852][ T5325]          option from the mount to silence this warning.
[   87.109852][ T5325] =======================================================
[   87.219366][ T5325] JBD2: Ignoring recovery information on journal
[   87.289337][ T5325] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   87.408243][ T5325] (syz.0.0,5325,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[   87.449313][ T5325] loop0: detected capacity change from 32768 to 32767
[   87.475846][ T5325] OCFS2: ERROR (device loop0): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #17058: signature = �!
[   87.489477][ T5325] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   87.503464][ T5325] OCFS2: File system is now read-only.
[   87.518126][ T5325] (syz.0.0,5325,0):ocfs2_assign_bh:2417 ERROR: status = -30
[   87.538734][ T5326] syz.0.0 uses obsolete (PF_INET,SOCK_PACKET)
[   87.543185][ T5325] (syz.0.0,5325,0):ocfs2_inode_lock_full_nested:2512 ERROR: status = -30
[   87.557859][ T5325] (syz.0.0,5325,0):ocfs2_reflink_inodes_lock:4747 ERROR: status = -30
[   87.571078][ T5325] ==================================================================
[   87.575775][ T5325] BUG: KASAN: use-after-free in ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.579510][ T5325] Write of size 4086 at addr ffff888055d4d4d2 by task syz.0.0/5325
[   87.583074][ T5325] 
[   87.584180][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.584194][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.584200][ T5325] Call Trace:
[   87.584205][ T5325]  <TASK>
[   87.584211][ T5325]  dump_stack_lvl+0xe8/0x150
[   87.584227][ T5325]  print_address_description+0x55/0x1e0
[   87.584236][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.584245][ T5325]  print_report+0x58/0x70
[   87.584256][ T5325]  kasan_report+0x117/0x150
[   87.584274][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.584288][ T5325]  kasan_check_range+0x264/0x2c0
[   87.584303][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.584315][ T5325]  __asan_memcpy+0x40/0x70
[   87.584327][ T5325]  ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.584342][ T5325]  ? __pfx_ocfs2_write_end_nolock+0x10/0x10
[   87.584353][ T5325]  ? lockdep_hardirqs_on+0x7a/0x110
[   87.584416][ T5325]  ocfs2_write_end+0x58/0x90
[   87.584432][ T5325]  generic_perform_write+0x620/0x8f0
[   87.584452][ T5325]  ? __pfx_generic_perform_write+0x10/0x10
[   87.584469][ T5325]  ? file_update_time_flags+0x26d/0x4a0
[   87.584486][ T5325]  ? __generic_file_write_iter+0xf9/0x230
[   87.584500][ T5325]  ? ocfs2_file_write_iter+0x163a/0x1e70
[   87.584517][ T5325]  ocfs2_file_write_iter+0x1663/0x1e70
[   87.584534][ T5325]  ? __kmalloc_noprof+0x35c/0x760
[   87.584546][ T5325]  ? iter_file_splice_write+0x1da/0x10f0
[   87.584558][ T5325]  ? direct_splice_actor+0x101/0x160
[   87.584573][ T5325]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[   87.584596][ T5325]  ? splice_from_pipe_next+0x61c/0x670
[   87.584608][ T5325]  ? __asan_memset+0x22/0x50
[   87.584621][ T5325]  iter_file_splice_write+0x9a1/0x10f0
[   87.584641][ T5325]  ? __pfx_iter_file_splice_write+0x10/0x10
[   87.584657][ T5325]  ? __pfx_iter_file_splice_write+0x10/0x10
[   87.584670][ T5325]  direct_splice_actor+0x101/0x160
[   87.584682][ T5325]  splice_direct_to_actor+0x53a/0xc70
[   87.584696][ T5325]  ? __pfx_direct_splice_actor+0x10/0x10
[   87.584710][ T5325]  ? __pfx_splice_direct_to_actor+0x10/0x10
[   87.584723][ T5325]  ? ocfs2_remap_file_range+0x24a/0x6f0
[   87.584736][ T5325]  do_splice_direct+0x195/0x290
[   87.584748][ T5325]  ? __pfx_do_splice_direct+0x10/0x10
[   87.584760][ T5325]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   87.584779][ T5325]  vfs_copy_file_range+0xb02/0x1370
[   87.584800][ T5325]  ? __pfx_vfs_copy_file_range+0x10/0x10
[   87.584818][ T5325]  __se_sys_copy_file_range+0x2fb/0x480
[   87.584836][ T5325]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[   87.584851][ T5325]  ? rcu_is_watching+0x15/0xb0
[   87.584864][ T5325]  ? __x64_sys_copy_file_range+0x21/0xf0
[   87.584880][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.584893][ T5325]  do_syscall_64+0x15f/0xf80
[   87.584909][ T5325]  ? trace_irq_disable+0x3b/0x140
[   87.584926][ T5325]  ? clear_bhb_loop+0x40/0x90
[   87.584936][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.584946][ T5325] RIP: 0033:0x7efc19d9cdd9
[   87.584955][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.584961][ T5325] RSP: 002b:00007efc1ac85fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[   87.584970][ T5325] RAX: ffffffffffffffda RBX: 00007efc1a015fa0 RCX: 00007efc19d9cdd9
[   87.584976][ T5325] RDX: 0000000000000004 RSI: 00002000000001c0 RDI: 0000000000000005
[   87.584980][ T5325] RBP: 00007efc19e32d69 R08: ffffffffa003e45b R09: 0700000000000000
[   87.584986][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.584990][ T5325] R13: 00007efc1a016038 R14: 00007efc1a015fa0 R15: 00007ffc6392e938
[   87.584998][ T5325]  </TASK>
[   87.585000][ T5325] 
[   87.741668][ T5325] The buggy address belongs to the physical page:
[   87.744344][ T5325] page: refcount:2 mapcount:0 mapping:ffff88801cc25940 index:0x854 pfn:0x55d4d
[   87.748270][ T5325] memcg:ffff888012c2f800
[   87.750023][ T5325] aops:def_blk_aops ino:700000 dentry name(?):""
[   87.752474][ T5325] flags: 0x4fff38000004024(referenced|lru|private|node=1|zone=1|lastcpupid=0x7ff)
[   87.756069][ T5325] raw: 04fff38000004024 ffffea00010f1948 ffff8880304489e0 ffff88801cc25940
[   87.759732][ T5325] raw: 0000000000000854 ffff888046aff828 00000002ffffffff ffff888012c2f800
[   87.763389][ T5325] page dumped because: kasan: bad access detected
[   87.766294][ T5325] page_owner tracks the page as allocated
[   87.768707][ T5325] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5325, tgid 5324 (syz.0.0), ts 87469500594, free_ts 87429436825
[   87.777595][ T5325]  post_alloc_hook+0x231/0x280
[   87.780016][ T5325]  get_page_from_freelist+0x24ba/0x2540
[   87.782918][ T5325]  __alloc_frozen_pages_noprof+0x18d/0x380
[   87.785835][ T5325]  alloc_pages_mpol+0x235/0x490
[   87.788106][ T5325]  alloc_pages_noprof+0xac/0x2a0
[   87.790349][ T5325]  folio_alloc_noprof+0x1e/0x30
[   87.792567][ T5325]  filemap_alloc_folio_noprof+0x111/0x470
[   87.795023][ T5325]  __filemap_get_folio_mpol+0x3fc/0xb00
[   87.797468][ T5325]  bdev_getblk+0x1f6/0x6e0
[   87.799567][ T5325]  ocfs2_read_blocks+0x56d/0x1530
[   87.802692][ T5325]  ocfs2_read_inode_block+0xec/0x1d0
[   87.805346][ T5325]  ocfs2_inode_lock_full_nested+0x2ac/0x1bd0
[   87.807979][ T5325]  ocfs2_reflink_inodes_lock+0x489/0xc20
[   87.810580][ T5325]  ocfs2_remap_file_range+0x236/0x6f0
[   87.813048][ T5325]  vfs_copy_file_range+0xd80/0x1370
[   87.815399][ T5325]  __se_sys_copy_file_range+0x2fb/0x480
[   87.817801][ T5325] page last free pid 5325 tgid 5324 stack trace:
[   87.820555][ T5325]  free_unref_folios+0xcec/0x1480
[   87.822912][ T5325]  folios_put_refs+0x9ff/0xb40
[   87.825076][ T5325]  mapping_try_invalidate+0x3c2/0x4c0
[   87.827572][ T5325]  loop_set_status+0x29b/0xe40
[   87.829703][ T5325]  lo_ioctl+0xce6/0x1fb0
[   87.831593][ T5325]  blkdev_ioctl+0x5e3/0x740
[   87.833572][ T5325]  __se_sys_ioctl+0xfc/0x170
[   87.835721][ T5325]  do_syscall_64+0x15f/0xf80
[   87.837789][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.840544][ T5325] 
[   87.841599][ T5325] Memory state around the buggy address:
[   87.843975][ T5325]  ffff888055d4df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.847285][ T5325]  ffff888055d4df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.850824][ T5325] >ffff888055d4e000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.854298][ T5325]                    ^
[   87.856239][ T5325]  ffff888055d4e080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.859819][ T5325]  ffff888055d4e100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   87.863363][ T5325] ==================================================================
[   87.900151][ T5325] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   87.903527][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.907308][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.911529][ T5325] Call Trace:
[   87.913040][ T5325]  <TASK>
[   87.914423][ T5325]  vpanic+0x56c/0xa60
[   87.916221][ T5325]  ? __pfx_vpanic+0x10/0x10
[   87.918207][ T5325]  panic+0xc5/0xd0
[   87.919920][ T5325]  ? __pfx_panic+0x10/0x10
[   87.922090][ T5325]  ? preempt_schedule_thunk+0x16/0x30
[   87.924772][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.927143][ T5325]  ? preempt_schedule_thunk+0x16/0x30
[   87.929519][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.932024][ T5325]  check_panic_on_warn+0x89/0xb0
[   87.934253][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.936728][ T5325]  end_report+0x73/0x170
[   87.938607][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.941054][ T5325]  kasan_report+0x128/0x150
[   87.943115][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.945801][ T5325]  kasan_check_range+0x264/0x2c0
[   87.948152][ T5325]  ? ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.950957][ T5325]  __asan_memcpy+0x40/0x70
[   87.953128][ T5325]  ocfs2_write_end_nolock+0xbd9/0x18c0
[   87.955670][ T5325]  ? __pfx_ocfs2_write_end_nolock+0x10/0x10
[   87.958355][ T5325]  ? lockdep_hardirqs_on+0x7a/0x110
[   87.960477][ T5325]  ocfs2_write_end+0x58/0x90
[   87.962478][ T5325]  generic_perform_write+0x620/0x8f0
[   87.964818][ T5325]  ? __pfx_generic_perform_write+0x10/0x10
[   87.967304][ T5325]  ? file_update_time_flags+0x26d/0x4a0
[   87.969660][ T5325]  ? __generic_file_write_iter+0xf9/0x230
[   87.972129][ T5325]  ? ocfs2_file_write_iter+0x163a/0x1e70
[   87.974555][ T5325]  ocfs2_file_write_iter+0x1663/0x1e70
[   87.976985][ T5325]  ? __kmalloc_noprof+0x35c/0x760
[   87.979497][ T5325]  ? iter_file_splice_write+0x1da/0x10f0
[   87.982242][ T5325]  ? direct_splice_actor+0x101/0x160
[   87.985020][ T5325]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[   87.988301][ T5325]  ? splice_from_pipe_next+0x61c/0x670
[   87.991159][ T5325]  ? __asan_memset+0x22/0x50
[   87.993587][ T5325]  iter_file_splice_write+0x9a1/0x10f0
[   87.996367][ T5325]  ? __pfx_iter_file_splice_write+0x10/0x10
[   87.999444][ T5325]  ? __pfx_iter_file_splice_write+0x10/0x10
[   88.002245][ T5325]  direct_splice_actor+0x101/0x160
[   88.004657][ T5325]  splice_direct_to_actor+0x53a/0xc70
[   88.007067][ T5325]  ? __pfx_direct_splice_actor+0x10/0x10
[   88.009537][ T5325]  ? __pfx_splice_direct_to_actor+0x10/0x10
[   88.012237][ T5325]  ? ocfs2_remap_file_range+0x24a/0x6f0
[   88.014578][ T5325]  do_splice_direct+0x195/0x290
[   88.016664][ T5325]  ? __pfx_do_splice_direct+0x10/0x10
[   88.018995][ T5325]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   88.021568][ T5325]  vfs_copy_file_range+0xb02/0x1370
[   88.023784][ T5325]  ? __pfx_vfs_copy_file_range+0x10/0x10
[   88.026404][ T5325]  __se_sys_copy_file_range+0x2fb/0x480
[   88.029051][ T5325]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[   88.032318][ T5325]  ? rcu_is_watching+0x15/0xb0
[   88.034439][ T5325]  ? __x64_sys_copy_file_range+0x21/0xf0
[   88.036794][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.039563][ T5325]  do_syscall_64+0x15f/0xf80
[   88.041615][ T5325]  ? trace_irq_disable+0x3b/0x140
[   88.043792][ T5325]  ? clear_bhb_loop+0x40/0x90
[   88.045917][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.048538][ T5325] RIP: 0033:0x7efc19d9cdd9
[   88.050470][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   88.059210][ T5325] RSP: 002b:00007efc1ac85fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[   88.062841][ T5325] RAX: ffffffffffffffda RBX: 00007efc1a015fa0 RCX: 00007efc19d9cdd9
[   88.066375][ T5325] RDX: 0000000000000004 RSI: 00002000000001c0 RDI: 0000000000000005
[   88.069671][ T5325] RBP: 00007efc19e32d69 R08: ffffffffa003e45b R09: 0700000000000000
[   88.073018][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   88.076459][ T5325] R13: 00007efc1a016038 R14: 00007efc1a015fa0 R15: 00007ffc6392e938
[   88.080026][ T5325]  </TASK>
[   88.081798][ T5325] Kernel Offset: disabled
[   88.083681][ T5325] Rebooting in 86400 seconds..