program: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r3}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x1, 0x0, 0x0, {@in6_addr=@private1, 0x800}}}]}, 0x38}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)}], 0x1) syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000400)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c0050890e1d2cc1bbbdf08d08fe06ff2766758d8955927fab01a7ccdecfc59b2041a9461723f1db971e775e0e358c03b00c510998283ed6f1dba0502d352e58b65a28492b0a7053e14eccd84ac5b3452602d77c0ca0"], 0x1, 0x4430, &(0x7f0000004480)="$eJzs3b9vFFceAPA3Y3PYHHA2R8FJJ91Kh3Snu5NlU11ipBhjMDY4RCSgKM2ythdwsvYiex2loHA6pFSRUkQpUCKlc4VcpCV/QpqUpEZKijSRIqE42t1ZszO7K2+Q1w7k8yk8nvfb+515+6YYvzhRubO0lltayxVWcuWFW2tncu+XS+vLxRDvk7b9H9q//ulOL66Tg772/siunr/45o0zIXy9+O2T7e3t7VDVH9oaa/r9px/vLTQfG+JMnWq77VvbK++EEE62jKuqL4Tw9lchRCGEc0naZHIcDCEcC/W8G/c+upnbo9E8fFw8m386d39r/PTs5oOtzn97FMJnpb/97/by9//sG//uP3vUPQAAAAAAAAAAAAAAAAAAL7jpa1evvzE6Fh5FoX8zan1fdzo5dno/dnvP/KP3fywAAAAAAAAAAAAAAAAAAAD8Tj17/z8XnWjz/v9UcpzoUH/7td6Pkd6Zef3q1IXRsWT/96gl//9J0g/n+sJwm33fs/u/n8vUb7//e2s/z6sxvka/QyGKR1LncTwyEsIXycbvp6Ijcam8VvnvrfL6yuKeDeOFlY5/fff+VHSSDf27jf9kpv3e7///15arqXp+c+8usZdaOv59Hct9+WHUVfzPZ+rtR/x5fun499fSBpsLTNQngGr8P+7fPf5TmfZ7Ff/jIYRcVB1rLjUDVNcw1fRO6xXS0vE/VEtLTZ3JB9np/v85E/8LmfYPav7fyH4R0VY6/n+qpQ2kSjy7/4fj3e//i5n2DyL+1fFv+P7vSjr+h+uJ/akitU+y2/l/OtN+r+J/PU7GeTxKXQGbUT290/+rIy0d/4GW/GfPf3FX679Lmfr79fzX6Lfx/NeY/v8d1Z//aC8d/8GO5bq9/2cy9Xo9/09U13+tly1dSsf/SC0tvXYeqv3sNv6zmfZ7Ff/aqmQgiX/TfPLL4Xr659Z/XUnH/8/1xLi5xEbtZ239F+2+/r+caf8g1n/V8W/Eve31ZZGO/9GO5arx/6aL7/8rmXq9j38Io9b6zy0d/2Mdy9Xu/4Hd4z+Xqdfr+P+rl40DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvAAmk+NQiOKR1Hkcj4yEcD45PxWORPOFxfx8qbzw3loIU0l6LpyIbpfK84VSfmmlvFjMF0ql8kIIF5L8k2EgWiuVK/nlwt2LO20NRneKhdXKfLFQCSFMJ+l/D8cabc0vVZYLd0MIl3by/hKXV+/eKazkF5dWXx0dHR0NMztjGI6KH1SKK5V67/XcEGZ36g5FTYOrZV/eGcvR6N3y+upKoVRLv9JUp1ReKJSa6swleZ+E4aiyur6yUKgU86Xy7UZ/B2kiOU7NXHvr2pWxlvybUf04ub/DAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA3ejT+yqchhP76WRxCmGj8ErUr//Bx8Wz+6dz9rfHTs5sPtp50KgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8yg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RilgSAKA/CbsVA7j2G17Ha2K4po4YrgCfQYHkaP4iW8Q4oUaVOEQDILYbML2yTV9zUP5mfmPZgHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8zy9dx9vdROR4mpzGfH39b84zF9K/bkfv39xhhk5nefX7uGxbsq/p6P8rhwt27xL16vvzxipvd/Bngz3aa/vcz0519S+Tc3X972JlKuIaEt+m3KuqnlvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBlBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//9+eHxg=") r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x15) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) lsetxattr(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=@known='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0) r6 = syz_open_dev$loop(&(0x7f0000000640), 0x0, 0x22400) ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000580)={0x0, {}, 0x0, {}, 0x40010001, 0x5, 0xa, 0x11, "9e959f1600007b08aa26e66c4056eae795280154c382ecff090f00000cfcebd8a6078ed93fd5f0643902dd8f6fac274de9d940bba5e51e92bbd4ce85450d00", "f625c1076e4c36c808000000000000008d347f41be5a0c00000000000100", [0xffffffffffffffff, 0x7]}) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x12a, 0x2}}, 0x20) ioctl$FICLONERANGE(r7, 0x4020940d, &(0x7f00000000c0)={{r7}, 0x0, 0x0, 0x100000}) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000000)) r8 = memfd_create(&(0x7f0000000b40)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\xbd/\xd0J\xce=\x924\xc0\x17\x871N:\xb4\xea \x8e\xdelV\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8H\x7fsk\x9cD\xb3w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N', 0x2) fcntl$addseals(r8, 0x409, 0x27) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000000, 0x13, r8, 0x137b3000) [ 82.352292][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 82.354862][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 82.358161][ T5308] Bluetooth: hci0: command tx timeout [ 82.755466][ T5325] loop0: detected capacity change from 0 to 32768 [ 82.768246][ T5325] ======================================================= [ 82.768246][ T5325] WARNING: The mand mount option has been deprecated and [ 82.768246][ T5325] and is ignored by this kernel. Remove the mand [ 82.768246][ T5325] option from the mount to silence this warning. [ 82.768246][ T5325] ======================================================= [ 82.829285][ T5325] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 82.849079][ T5325] ================================================================== [ 82.852132][ T5325] BUG: KASAN: slab-out-of-bounds in ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 82.855470][ T5325] Read of size 4 at addr ffff888052a0d0b4 by task syz.0.0/5325 [ 82.858249][ T5325] [ 82.859196][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0 [ 82.859210][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.859218][ T5325] Call Trace: [ 82.859224][ T5325] [ 82.859229][ T5325] dump_stack_lvl+0x241/0x360 [ 82.859274][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 82.859290][ T5325] ? __pfx__printk+0x10/0x10 [ 82.859302][ T5325] ? _printk+0xd5/0x120 [ 82.859312][ T5325] ? __virt_addr_valid+0x183/0x530 [ 82.859323][ T5325] ? __virt_addr_valid+0x183/0x530 [ 82.859334][ T5325] print_report+0x16e/0x5b0 [ 82.859348][ T5325] ? __virt_addr_valid+0x183/0x530 [ 82.859357][ T5325] ? __virt_addr_valid+0x183/0x530 [ 82.859366][ T5325] ? __virt_addr_valid+0x45f/0x530 [ 82.859379][ T5325] ? __phys_addr+0xba/0x170 [ 82.859387][ T5325] ? ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 82.859403][ T5325] kasan_report+0x143/0x180 [ 82.859416][ T5325] ? ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 82.859432][ T5325] ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 82.859451][ T5325] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 82.859467][ T5325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.859484][ T5325] ? lockdep_hardirqs_on+0x99/0x150 [ 82.859535][ T5325] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 82.859551][ T5325] ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10 [ 82.859571][ T5325] ? stack_depot_save_flags+0x7b4/0x940 [ 82.859596][ T5325] ? kasan_save_track+0x51/0x80 [ 82.859608][ T5325] ? kasan_save_track+0x3f/0x80 [ 82.859619][ T5325] ? __kasan_kmalloc+0x98/0xb0 [ 82.859631][ T5325] ? __kmalloc_cache_noprof+0x243/0x390 [ 82.859647][ T5325] ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0 [ 82.859663][ T5325] ? ocfs2_init_xattr_set_ctxt+0x3b9/0x8f0 [ 82.859675][ T5325] ? ocfs2_xattr_set+0xf4e/0x1930 [ 82.859686][ T5325] ? __vfs_setxattr+0x468/0x4a0 [ 82.859700][ T5325] ? __vfs_setxattr_noperm+0x12e/0x660 [ 82.859712][ T5325] ? vfs_setxattr+0x221/0x430 [ 82.859725][ T5325] ? filename_setxattr+0x2af/0x430 [ 82.859738][ T5325] ? path_setxattrat+0x440/0x510 [ 82.859747][ T5325] ? __x64_sys_lsetxattr+0xbf/0xe0 [ 82.859761][ T5325] ? do_syscall_64+0xf3/0x230 [ 82.859770][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.859791][ T5325] ? __kasan_kmalloc+0x98/0xb0 [ 82.859804][ T5325] ? __kmalloc_cache_noprof+0x243/0x390 [ 82.859817][ T5325] ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0 [ 82.859831][ T5325] ocfs2_reserve_new_metadata_blocks+0x41c/0x9c0 [ 82.859848][ T5325] ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10 [ 82.859864][ T5325] ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10 [ 82.859876][ T5325] ? ocfs2_xattr_set+0xf00/0x1930 [ 82.859889][ T5325] ocfs2_init_xattr_set_ctxt+0x3b9/0x8f0 [ 82.859902][ T5325] ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10 [ 82.859914][ T5325] ? up_write+0x1a9/0x590 [ 82.859927][ T5325] ? __pfx_ocfs2_truncate_log_needs_flush+0x10/0x10 [ 82.859946][ T5325] ? __pfx_up_write+0x10/0x10 [ 82.859957][ T5325] ? __kmalloc_cache_noprof+0x243/0x390 [ 82.859970][ T5325] ? ocfs2_xattr_set+0x4d5/0x1930 [ 82.859981][ T5325] ocfs2_xattr_set+0xf4e/0x1930 [ 82.859995][ T5325] ? __pfx_ocfs2_xattr_set+0x10/0x10 [ 82.860008][ T5325] ? __pfx_validate_chain+0x10/0x10 [ 82.860021][ T5325] ? mark_lock+0x9a/0x360 [ 82.860036][ T5325] ? aa_get_newest_label+0xff/0x6f0 [ 82.860051][ T5325] ? posix_xattr_acl+0xa9/0xd0 [ 82.860064][ T5325] ? evm_protect_xattr+0x4be/0xb40 [ 82.860074][ T5325] ? rcu_is_watching+0x15/0xb0 [ 82.860086][ T5325] ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10 [ 82.860098][ T5325] __vfs_setxattr+0x468/0x4a0 [ 82.860114][ T5325] __vfs_setxattr_noperm+0x12e/0x660 [ 82.860128][ T5325] vfs_setxattr+0x221/0x430 [ 82.860144][ T5325] ? __pfx_vfs_setxattr+0x10/0x10 [ 82.860159][ T5325] filename_setxattr+0x2af/0x430 [ 82.860172][ T5325] ? __phys_addr_symbol+0x2f/0x70 [ 82.860183][ T5325] ? __pfx_filename_setxattr+0x10/0x10 [ 82.860199][ T5325] ? getname_flags+0x1e3/0x540 [ 82.860212][ T5325] path_setxattrat+0x440/0x510 [ 82.860224][ T5325] ? __pfx_path_setxattrat+0x10/0x10 [ 82.860241][ T5325] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 82.860256][ T5325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.860273][ T5325] __x64_sys_lsetxattr+0xbf/0xe0 [ 82.860287][ T5325] do_syscall_64+0xf3/0x230 [ 82.860297][ T5325] ? clear_bhb_loop+0x35/0x90 [ 82.860312][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.860326][ T5325] RIP: 0033:0x7f1a0cb8d169 [ 82.860336][ T5325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.860345][ T5325] RSP: 002b:00007f1a0d95a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 82.860359][ T5325] RAX: ffffffffffffffda RBX: 00007f1a0cda5fa0 RCX: 00007f1a0cb8d169 [ 82.860366][ T5325] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000280 [ 82.860373][ T5325] RBP: 00007f1a0cc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 82.860380][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.860386][ T5325] R13: 0000000000000000 R14: 00007f1a0cda5fa0 R15: 00007ffc059cd6a8 [ 82.860397][ T5325] [ 82.860401][ T5325] [ 83.048398][ T5325] Allocated by task 5307: [ 83.049956][ T5325] kasan_save_track+0x3f/0x80 [ 83.051681][ T5325] __kasan_slab_alloc+0x66/0x80 [ 83.053512][ T5325] kmem_cache_alloc_noprof+0x1d9/0x380 [ 83.055482][ T5325] __kernfs_new_node+0xd8/0x870 [ 83.057220][ T5325] kernfs_new_node+0x137/0x240 [ 83.059130][ T5325] __kernfs_create_file+0x49/0x2e0 [ 83.060988][ T5325] sysfs_add_file_mode_ns+0x24a/0x310 [ 83.062909][ T5325] internal_create_group+0x782/0x12d0 [ 83.064858][ T5325] sysfs_create_groups+0x56/0x120 [ 83.066648][ T5325] device_add_attrs+0xe5/0x600 [ 83.068447][ T5325] device_add+0x576/0xbf0 [ 83.069986][ T5325] netdev_register_kobject+0x157/0x2e0 [ 83.071940][ T5325] register_netdevice+0x12c3/0x1b60 [ 83.073786][ T5325] register_netdev+0x40/0x50 [ 83.075466][ T5325] ip6gre_init_net+0x26c/0x390 [ 83.077209][ T5325] ops_init+0x349/0x5b0 [ 83.078727][ T5325] setup_net+0x287/0x9e0 [ 83.080285][ T5325] copy_net_ns+0x33f/0x570 [ 83.081827][ T5325] create_new_namespaces+0x425/0x7b0 [ 83.083713][ T5325] unshare_nsproxy_namespaces+0x124/0x180 [ 83.085776][ T5325] ksys_unshare+0x57d/0xa70 [ 83.087495][ T5325] __x64_sys_unshare+0x38/0x40 [ 83.089286][ T5325] do_syscall_64+0xf3/0x230 [ 83.090895][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.093013][ T5325] [ 83.093877][ T5325] The buggy address belongs to the object at ffff888052a0d000 [ 83.093877][ T5325] which belongs to the cache kernfs_node_cache of size 176 [ 83.098991][ T5325] The buggy address is located 4 bytes to the right of [ 83.098991][ T5325] allocated 176-byte region [ffff888052a0d000, ffff888052a0d0b0) [ 83.103987][ T5325] [ 83.104927][ T5325] The buggy address belongs to the physical page: [ 83.107297][ T5325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52a0d [ 83.110495][ T5325] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 83.113133][ T5325] page_type: f5(slab) [ 83.114582][ T5325] raw: 04fff00000000000 ffff888030a98000 dead000000000122 0000000000000000 [ 83.117730][ T5325] raw: 0000000000000000 0000000000110011 00000000f5000000 0000000000000000 [ 83.120809][ T5325] page dumped because: kasan: bad access detected [ 83.123056][ T5325] page_owner tracks the page as allocated [ 83.125152][ T5325] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5307, tgid 5307 (syz-executor), ts 67123716310, free_ts 0 [ 83.131897][ T5325] post_alloc_hook+0x1f4/0x240 [ 83.133671][ T5325] get_page_from_freelist+0x365c/0x37a0 [ 83.135759][ T5325] __alloc_frozen_pages_noprof+0x292/0x710 [ 83.137967][ T5325] alloc_pages_mpol+0x311/0x660 [ 83.139862][ T5325] allocate_slab+0x8f/0x3a0 [ 83.141582][ T5325] ___slab_alloc+0xc27/0x14a0 [ 83.143369][ T5325] __slab_alloc+0x58/0xa0 [ 83.145010][ T5325] kmem_cache_alloc_noprof+0x268/0x380 [ 83.147090][ T5325] __kernfs_new_node+0xd8/0x870 [ 83.148954][ T5325] kernfs_new_node+0x137/0x240 [ 83.150683][ T5325] __kernfs_create_file+0x49/0x2e0 [ 83.152575][ T5325] sysfs_add_file_mode_ns+0x24a/0x310 [ 83.154590][ T5325] internal_create_group+0x782/0x12d0 [ 83.156619][ T5325] sysfs_create_groups+0x56/0x120 [ 83.158503][ T5325] device_add_attrs+0xe5/0x600 [ 83.160435][ T5325] device_add+0x576/0xbf0 [ 83.162124][ T5325] page_owner free stack trace missing [ 83.164144][ T5325] [ 83.165133][ T5325] Memory state around the buggy address: [ 83.167388][ T5325] ffff888052a0cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 83.170513][ T5325] ffff888052a0d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 83.173475][ T5325] >ffff888052a0d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 [ 83.176408][ T5325] ^ [ 83.178473][ T5325] ffff888052a0d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 83.181438][ T5325] ffff888052a0d180: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00 [ 83.184401][ T5325] ================================================================== [ 83.227986][ T5325] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 83.230647][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0 [ 83.234445][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.238429][ T5325] Call Trace: [ 83.239758][ T5325] [ 83.240901][ T5325] dump_stack_lvl+0x241/0x360 [ 83.242551][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 83.244492][ T5325] ? __pfx__printk+0x10/0x10 [ 83.246233][ T5325] ? preempt_schedule+0xe1/0xf0 [ 83.248159][ T5325] ? vscnprintf+0x5d/0x90 [ 83.250080][ T5325] panic+0x349/0x880 [ 83.251693][ T5325] ? check_panic_on_warn+0x21/0xb0 [ 83.253605][ T5325] ? __pfx_panic+0x10/0x10 [ 83.255328][ T5325] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 83.257609][ T5325] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 83.260022][ T5325] ? print_report+0x519/0x5b0 [ 83.261706][ T5325] check_panic_on_warn+0x86/0xb0 [ 83.263585][ T5325] ? ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 83.265839][ T5325] end_report+0x77/0x160 [ 83.267573][ T5325] kasan_report+0x154/0x180 [ 83.269219][ T5325] ? ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 83.271495][ T5325] ocfs2_reserve_suballoc_bits+0xfe1/0x4e70 [ 83.273912][ T5325] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 83.276159][ T5325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 83.278520][ T5325] ? lockdep_hardirqs_on+0x99/0x150 [ 83.280397][ T5325] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 83.282665][ T5325] ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10 [ 83.284874][ T5325] ? stack_depot_save_flags+0x7b4/0x940 [ 83.286766][ T5325] ? kasan_save_track+0x51/0x80 [ 83.288786][ T5325] ? kasan_save_track+0x3f/0x80 [ 83.290672][ T5325] ? __kasan_kmalloc+0x98/0xb0 [ 83.292539][ T5325] ? __kmalloc_cache_noprof+0x243/0x390 [ 83.294671][ T5325] ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0 [ 83.297176][ T5325] ? ocfs2_init_xattr_set_ctxt+0x3b9/0x8f0 [ 83.299446][ T5325] ? ocfs2_xattr_set+0xf4e/0x1930 [ 83.301394][ T5325] ? __vfs_setxattr+0x468/0x4a0 [ 83.303350][ T5325] ? __vfs_setxattr_noperm+0x12e/0x660 [ 83.305451][ T5325] ? vfs_setxattr+0x221/0x430 [ 83.307354][ T5325] ? filename_setxattr+0x2af/0x430 [ 83.309335][ T5325] ? path_setxattrat+0x440/0x510 [ 83.311291][ T5325] ? __x64_sys_lsetxattr+0xbf/0xe0 [ 83.313235][ T5325] ? do_syscall_64+0xf3/0x230 [ 83.315055][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.317404][ T5325] ? __kasan_kmalloc+0x98/0xb0 [ 83.319292][ T5325] ? __kmalloc_cache_noprof+0x243/0x390 [ 83.321414][ T5325] ? ocfs2_reserve_new_metadata_blocks+0x117/0x9c0 [ 83.323878][ T5325] ocfs2_reserve_new_metadata_blocks+0x41c/0x9c0 [ 83.326285][ T5325] ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10 [ 83.328993][ T5325] ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10 [ 83.331521][ T5325] ? ocfs2_xattr_set+0xf00/0x1930 [ 83.333476][ T5325] ocfs2_init_xattr_set_ctxt+0x3b9/0x8f0 [ 83.335663][ T5325] ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10 [ 83.338015][ T5325] ? up_write+0x1a9/0x590 [ 83.339726][ T5325] ? __pfx_ocfs2_truncate_log_needs_flush+0x10/0x10 [ 83.342233][ T5325] ? __pfx_up_write+0x10/0x10 [ 83.343900][ T5325] ? __kmalloc_cache_noprof+0x243/0x390 [ 83.345938][ T5325] ? ocfs2_xattr_set+0x4d5/0x1930 [ 83.347852][ T5325] ocfs2_xattr_set+0xf4e/0x1930 [ 83.349732][ T5325] ? __pfx_ocfs2_xattr_set+0x10/0x10 [ 83.351779][ T5325] ? __pfx_validate_chain+0x10/0x10 [ 83.353733][ T5325] ? mark_lock+0x9a/0x360 [ 83.355443][ T5325] ? aa_get_newest_label+0xff/0x6f0 [ 83.357302][ T5325] ? posix_xattr_acl+0xa9/0xd0 [ 83.358959][ T5325] ? evm_protect_xattr+0x4be/0xb40 [ 83.360788][ T5325] ? rcu_is_watching+0x15/0xb0 [ 83.362485][ T5325] ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10 [ 83.366365][ T5325] __vfs_setxattr+0x468/0x4a0 [ 83.368170][ T5325] __vfs_setxattr_noperm+0x12e/0x660 [ 83.370093][ T5325] vfs_setxattr+0x221/0x430 [ 83.371717][ T5325] ? __pfx_vfs_setxattr+0x10/0x10 [ 83.373519][ T5325] filename_setxattr+0x2af/0x430 [ 83.375286][ T5325] ? __phys_addr_symbol+0x2f/0x70 [ 83.377079][ T5325] ? __pfx_filename_setxattr+0x10/0x10 [ 83.379133][ T5325] ? getname_flags+0x1e3/0x540 [ 83.380914][ T5325] path_setxattrat+0x440/0x510 [ 83.383038][ T5325] ? __pfx_path_setxattrat+0x10/0x10 [ 83.385626][ T5325] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 83.387918][ T5325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 83.390278][ T5325] __x64_sys_lsetxattr+0xbf/0xe0 [ 83.392120][ T5325] do_syscall_64+0xf3/0x230 [ 83.393898][ T5325] ? clear_bhb_loop+0x35/0x90 [ 83.395739][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.397974][ T5325] RIP: 0033:0x7f1a0cb8d169 [ 83.400491][ T5325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.407562][ T5325] RSP: 002b:00007f1a0d95a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 83.410798][ T5325] RAX: ffffffffffffffda RBX: 00007f1a0cda5fa0 RCX: 00007f1a0cb8d169 [ 83.413836][ T5325] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000280 [ 83.417003][ T5325] RBP: 00007f1a0cc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 83.420089][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.423098][ T5325] R13: 0000000000000000 R14: 00007f1a0cda5fa0 R15: 00007ffc059cd6a8 [ 83.426170][ T5325] [ 83.427631][ T5325] Kernel Offset: disabled [ 83.429388][ T5325] Rebooting in 86400 seconds..