last executing test programs: 847.548058ms ago: executing program 0 (id=1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f00000000c0)={0x81, 0x0, 0x3}) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000300)={0x79}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000140)={0x8080000, 0x2000, 0xe599, 0x1, 0x7fff}) 744.72577ms ago: executing program 0 (id=5): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd(0x100006) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x7c, 0x4, 0x0, r3}) close_range(r0, 0xffffffffffffffff, 0x0) 671.806961ms ago: executing program 0 (id=7): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x2000088, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) r1 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r1, 0x28, 0x1, &(0x7f0000001680)=""/59, &(0x7f0000000000)=0x3b) 588.413632ms ago: executing program 0 (id=8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x2000, 0x2000, &(0x7f0000fe5000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 578.764912ms ago: executing program 1 (id=2): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd) sendmsg$tipc(r2, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4040804}, 0x20000000) close(r1) 492.139903ms ago: executing program 3 (id=3): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@dioread_nolock}, {@noauto_da_alloc}, {@inlinecrypt}, {@i_version}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@quota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20) fallocate(r1, 0x8, 0x4000, 0x4000) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x841, 0x0) 457.653934ms ago: executing program 0 (id=9): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000340)="02", 0x1, 0x4499, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfd81, 0xc9100120, 0x0, 0x0) 277.261986ms ago: executing program 2 (id=4): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x550d, &(0x7f0000005dc0)="$eJzs3M2LG2UYAPAn+9HaD+sigt46UIRdaEKz3Ra9VW3xA1uKHwdPmk2mIW2SWTZpuvbkwaP04H8iCp48+jd48OyteFC8CUrmnagrCkLTjdv9/WDyzPvmzTPPm8PCM7MkgCNrLfvlp1qciRMRsRwRpyPK81p1lK6k8EJEnI2Ipb8ctWr+j4ljEXEyIs5Mk6ecteqtz89Pzl368a2fv/nu+MqpL77+fnG7BhbtxYgY7KTze4MUi26Kt6v51qRXxsHWpIrpjcGdalykeC/fLjPca83Wtcp4sZvWFzt3R9N4q99qT2O3d6uc3xmmC44m3Vme8gO3W7vluJNvl7E3KsrYvZ/q2ruf/rbdH41Tnk6V7+MyfYzHs5jm87087WfnThnbw3E1n/IWnXxvGidVrC4X7aLfKevYfpRv+v/t7d7w7l42yXdHvWKYXWo0X2o0L9ebu0UnH+db9dagc3krW+/2p8vq47w1uNItim4/b7SLwUa23m23681mtn413+61hlmz2bjYuFC/tFGdnc9ev/F+1u9k69P4am94d9zrj7JbxW6WPrGRbTYuvryRnWtm716/md1859q16zff+/DqBzdeuf7ma9Wi/WU9zLey9c0Lm5v15oX6ZnPjCO3/06roOe4fHklt0QUAHD76f2ARDnv/H/r/uThU/e+srKPa/z+G/cMj0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxZP6x++UZ5spbGp6r5p6upZ6txLSKWIuK3f7Acx/blXK7yrP7L+tW/1fBtLcoM02scr46TEXGlOn595nF/CwAAAPDk+uqTsw9St55e1hZdEAcp3bRZOv3RnPLVImJ17eGcsi1NX56bU7J4PiJWYm9O2cobWE/NKVm65bYyr2z/yfK+MN3Jg5W0oVoKSwdaDgAAcCD2dwIH24UAAABwkD5bdAEsRi1mjzJnz4LL/7z/89HmiX0jAAAA4BCqLboAAAAA4LEr+3+//wcAAABPtvT7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/M7O3eSkDkVxAD8t9D3eh5EY527FGSzDJTh0pmEBboIl4BbcAGvAmUswYGhLtAYSTL8i+f2SttyW/DklTM69pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABteskW06eHq8e6OevNUbJDF5q5GwAAAGCfVbaY5i/Gxfhfef6sPHVRjpOISCNiX+8+iF+VzEGZkx14f/alhueIPGH7Gb/L7W9EXJfb23nb3wIAAACcruVsPim69WI37rsgulRM2qT/bxrKSyIiG782lJZud5cNheW/72Hc7bt0//20fAJrVL+qQj7lNmwq7SiDymH06ZAUh7TTcgAAgE5UO4FuuxAAAAC6dNt3AfQjid1S5m4tOP/n/ceC4J/KCAAAAPiBkr4LAAAAAFqX9/+e/wcAAACnrXj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aZYvpcjaf1M1Zb+pp5m4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe2Z93FAiBMAiDves7k7n/YaVBU1OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3vzuL/8npsaZZO61sfQ8kqydGlunxt65cfSH8fVrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif15SIASCIArmjP+d9P0PKwl6BhEioOFRRS0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAv+t0v/yemxplk7rSxdDySrF01tq4aew8aRw/G278BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBi5+554yjCAADP7t5ePgBxGHSFEQKJAhpyuYSEtBQgi4KfgGQ5l2C48JG4IFGE5IYOuU6DoEQICTBd/gBV6kRKE7oUVwQJUQbtl725GPmQ5d2z/TzS7Lw3Ou+8s7YsvzvrAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqTd7fjJDv0ijgux+4+urmS9fem+sztjfuLWcviqMmkD4ZX6i+ifnuJAAAAcHQkVX0fQniQbi5lfdzL6/+0ek9W83//XBFX9fx03V/1Ve2ftd9/ffjS1kS9Yp7spJdWx6PTT6fS2b9Vzol/Hhemhp/f9Qs7+ZXP770k+Tck/mD9xUmaX8/o2zt33uvm4bH9ShwA2KtTZf/Hb0Vf/T2U9cM2EwPgyOjUCu+q/k967eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0ITJenimiqMQwmJnO87ce3RzZaf+9sb9xaqdv3Vro37O7BRpCOHS6nh0usG1zLtr1298ujwej642H7waQmhv9jL4aIb3hNBmhoK9BnH5sz4v+eweHA/tp9HyLyYAAA6dtGxZXf8g3VzKxqKFEB7/8GT9/0YtDjPW/w8/Pn+3Plet/o8bW+ABMFi78sXg2vUbb61eWb48ujz67O0zw3eGZy+cO3dhkN8rGbhjAgAAwGyS/xjvlq1e/8cLT+//n6zFYcb6/8vvhl9P51Dt/w/3ZZUH0/amX9uZAAAAHG0vvPb3X9EO41G3G75aXlu7OiyOW6/PFMcWUv3fjpWtXv8nC21nBQAAADRhsh49sf9/sRaHGff/n/3x5Z/r50xCCCfK/f9TK5+PLza3nLnWxL8Tt71GAAAA2nWibPX9/zR//j/eeuQhDiG8+XoRlx8DOFP9n7z/zU/1uerP/59tbolzKe4X1yPv+yF0+m1nBAAAwGF2vGxZsf9nurn0yS8nP+x6/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgaf8GAAD//0oESaI=") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) chdir(&(0x7f0000001180)='./bus\x00') r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) fallocate(r0, 0x0, 0x0, 0x1001f0) 105.596369ms ago: executing program 4 (id=6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x42) ioctl$KVM_SET_VCPU_EVENTS(r2, 0xc008aec1, &(0x7f0000000140)=@arm64={0x8, 0x80, 0x1, '\x00', 0x5c8d}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000140)=ANY=[]) 12.14746ms ago: executing program 1 (id=10): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001e40)=ANY=[@ANYBLOB="b702000026000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643c4e8d41cdb7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6659f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac1223331f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b3b5fb3832ee68e2b53d44bd84bf6770157e96bbb96b5e1f165c87e7a9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed80000010000000000e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000080)="76000000000f0018f12dcab999eb71", 0x0, 0xff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 11.98795ms ago: executing program 4 (id=11): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x0) 0s ago: executing program 3 (id=12): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) close(r2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.118' (ED25519) to the list of known hosts. [ 20.389513][ T30] audit: type=1400 audit(1753768791.669:64): avc: denied { mounton } for pid=273 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 20.390618][ T273] cgroup: Unknown subsys name 'net' [ 20.412782][ T30] audit: type=1400 audit(1753768791.669:65): avc: denied { mount } for pid=273 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.443325][ T30] audit: type=1400 audit(1753768791.699:66): avc: denied { unmount } for pid=273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.443543][ T273] cgroup: Unknown subsys name 'devices' [ 20.649239][ T273] cgroup: Unknown subsys name 'hugetlb' [ 20.655220][ T273] cgroup: Unknown subsys name 'rlimit' [ 20.790867][ T30] audit: type=1400 audit(1753768792.069:67): avc: denied { setattr } for pid=273 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 20.814332][ T30] audit: type=1400 audit(1753768792.069:68): avc: denied { mounton } for pid=273 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 20.839964][ T30] audit: type=1400 audit(1753768792.069:69): avc: denied { mount } for pid=273 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 20.846046][ T275] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 20.873712][ T30] audit: type=1400 audit(1753768792.149:70): avc: denied { relabelto } for pid=275 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.901938][ T30] audit: type=1400 audit(1753768792.149:71): avc: denied { write } for pid=275 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.933316][ T30] audit: type=1400 audit(1753768792.209:72): avc: denied { read } for pid=273 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.933778][ T273] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 20.959851][ T30] audit: type=1400 audit(1753768792.209:73): avc: denied { open } for pid=273 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 21.400079][ T281] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.407397][ T281] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.415357][ T281] device bridge_slave_0 entered promiscuous mode [ 21.429913][ T281] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.437468][ T281] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.444935][ T281] device bridge_slave_1 entered promiscuous mode [ 21.509968][ T282] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.517123][ T282] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.524850][ T282] device bridge_slave_0 entered promiscuous mode [ 21.541473][ T282] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.548985][ T282] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.556378][ T282] device bridge_slave_1 entered promiscuous mode [ 21.638558][ T284] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.645610][ T284] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.653720][ T284] device bridge_slave_0 entered promiscuous mode [ 21.665613][ T284] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.673074][ T284] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.680821][ T284] device bridge_slave_1 entered promiscuous mode [ 21.694706][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.702624][ T285] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.711879][ T285] device bridge_slave_0 entered promiscuous mode [ 21.719649][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.726811][ T285] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.734292][ T285] device bridge_slave_1 entered promiscuous mode [ 21.817797][ T283] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.824932][ T283] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.832836][ T283] device bridge_slave_0 entered promiscuous mode [ 21.840318][ T283] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.848227][ T283] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.855786][ T283] device bridge_slave_1 entered promiscuous mode [ 21.919170][ T281] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.926847][ T281] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.934493][ T281] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.941558][ T281] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.985245][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.992456][ T285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.000216][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.007238][ T285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.022634][ T282] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.029707][ T282] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.037063][ T282] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.044120][ T282] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.060446][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.067858][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.075071][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.082596][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.090427][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.098176][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.106890][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.114550][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.143922][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.152585][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.159816][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.167628][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.176139][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.183591][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.199894][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.208595][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.233384][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.241132][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.252605][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.261722][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.269149][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.285724][ T281] device veth0_vlan entered promiscuous mode [ 22.294483][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.303250][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.312751][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.332502][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.340929][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.348273][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.371360][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.380419][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.388813][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.395985][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.404664][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.413436][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.422179][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.429334][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.436797][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.444849][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.453834][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 22.462824][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.470472][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.484906][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.493455][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.507454][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.518734][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.527950][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 22.536941][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.546721][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.555560][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.569166][ T281] device veth1_macvtap entered promiscuous mode [ 22.582298][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 22.591072][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.606487][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.635269][ T282] device veth0_vlan entered promiscuous mode [ 22.644707][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.654551][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.665389][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 22.676267][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.687698][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.697513][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.713912][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.728243][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.738853][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.746992][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.758553][ T284] device veth0_vlan entered promiscuous mode [ 22.772576][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.782207][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.790847][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 22.800438][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.809336][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.818971][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.831226][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.840701][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.850384][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.860088][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.877120][ T284] device veth1_macvtap entered promiscuous mode [ 22.884245][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.892659][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.901927][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.911705][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.921177][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 22.932178][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.940882][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.963073][ T282] device veth1_macvtap entered promiscuous mode [ 22.971935][ T281] request_module fs-gadgetfs succeeded, but still no fs? [ 22.977823][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.988629][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.997008][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.006265][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 23.014701][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.023658][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 23.032796][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.041266][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.049443][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.057258][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 23.065716][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.075393][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.082528][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.090599][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 23.109946][ T285] device veth0_vlan entered promiscuous mode [ 23.116657][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.126710][ T333] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 23.131805][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.152997][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.163811][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.172768][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.182125][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.192427][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 23.201038][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.222770][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.230922][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.238835][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.249246][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.260630][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.269317][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.279925][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 23.284797][ T340] loop0: detected capacity change from 0 to 512 [ 23.288769][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.316363][ T340] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 23.320987][ T285] device veth1_macvtap entered promiscuous mode [ 23.336423][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.347838][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.356385][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.379420][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.421409][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.430313][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.439149][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.462992][ T283] device veth0_vlan entered promiscuous mode [ 23.479333][ T354] loop3: detected capacity change from 0 to 1024 [ 23.488100][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.501467][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.509898][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.519051][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.526039][ T354] ======================================================= [ 23.526039][ T354] WARNING: The mand mount option has been deprecated and [ 23.526039][ T354] and is ignored by this kernel. Remove the mand [ 23.526039][ T354] option from the mount to silence this warning. [ 23.526039][ T354] ======================================================= [ 23.529353][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.582259][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.592526][ T354] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 23.621162][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.631953][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.639460][ T354] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,noauto_da_alloc,inlinecrypt,i_version,data_err=ignore,barrier=0x0000000000000009,data_err=ignore,grpquota,noblock_validity,user_xattr,resuid=0x0000000000000000,quota,,errors=continue. Quota mode: writeback. [ 23.650506][ T283] device veth1_macvtap entered promiscuous mode [ 23.729990][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.738404][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.743601][ T354] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3876: comm syz.3.3: Allocating blocks 497-513 which overlap fs metadata [ 23.757511][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.772623][ T354] EXT4-fs (loop3): pa ffff888111a65540: logic 128, phys. 385, len 8 [ 23.780914][ T354] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1 [ 23.792765][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.804498][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.932207][ T354] syz.3.3 (354) used greatest stack depth: 21984 bytes left [ 23.955875][ T361] loop2: detected capacity change from 0 to 40427 [ 23.962614][ T341] ================================================================== [ 23.971047][ T341] BUG: KASAN: slab-out-of-bounds in ext4_find_extent+0xbeb/0xe20 [ 23.979335][ T341] Read of size 4 at addr ffff88810d059018 by task kworker/u4:3/341 [ 23.987329][ T341] [ 23.989747][ T341] CPU: 0 PID: 341 Comm: kworker/u4:3 Not tainted 5.15.189-syzkaller-00079-ga71626bd56a5 #0 [ 23.999803][ T341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 24.009952][ T341] Workqueue: writeback wb_workfn (flush-7:3) [ 24.015950][ T341] Call Trace: [ 24.019211][ T341] [ 24.022144][ T341] __dump_stack+0x21/0x30 [ 24.026871][ T341] dump_stack_lvl+0xee/0x150 [ 24.031477][ T341] ? show_regs_print_info+0x20/0x20 [ 24.037150][ T341] ? load_image+0x3a0/0x3a0 [ 24.042179][ T341] print_address_description+0x7f/0x2c0 [ 24.048008][ T341] ? ext4_find_extent+0xbeb/0xe20 [ 24.053046][ T341] kasan_report+0xf1/0x140 [ 24.057449][ T341] ? __read_extent_tree_block+0x1e8/0x790 [ 24.063170][ T341] ? ext4_find_extent+0xbeb/0xe20 [ 24.068868][ T341] __asan_report_load4_noabort+0x14/0x20 [ 24.074844][ T341] ext4_find_extent+0xbeb/0xe20 [ 24.079853][ T341] ext4_ext_map_blocks+0x1de/0x6280 [ 24.085291][ T341] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 24.091086][ T341] ? __stack_depot_save+0x442/0x480 [ 24.096476][ T341] ? __kasan_slab_alloc+0xcf/0xf0 [ 24.101488][ T341] ? __kasan_slab_alloc+0xbd/0xf0 [ 24.106649][ T341] ? slab_post_alloc_hook+0x4f/0x2b0 [ 24.112052][ T341] ? kmem_cache_alloc+0xf7/0x260 [ 24.117312][ T341] ? ext4_alloc_io_end_vec+0x2a/0x160 [ 24.122957][ T341] ? ext4_writepages+0xec8/0x2f90 [ 24.127976][ T341] ? do_writepages+0x48a/0x6c0 [ 24.132743][ T341] ? wb_workfn+0x38f/0xe20 [ 24.137314][ T341] ? process_one_work+0x6be/0xba0 [ 24.142334][ T341] ? worker_thread+0xa59/0x1200 [ 24.147273][ T341] ? ext4_ext_release+0x10/0x10 [ 24.153170][ T341] ? ext4_es_lookup_extent+0x32d/0x8c0 [ 24.159070][ T341] ext4_map_blocks+0x97b/0x1b20 [ 24.164210][ T341] ? slab_post_alloc_hook+0x6d/0x2b0 [ 24.169781][ T341] ? should_failslab+0x9/0x20 [ 24.174732][ T341] ? ext4_issue_zeroout+0x250/0x250 [ 24.180573][ T341] ? ext4_inode_journal_mode+0x19a/0x480 [ 24.186490][ T341] ext4_writepages+0x11e7/0x2f90 [ 24.191423][ T341] ? arch_stack_walk+0x108/0x140 [ 24.196362][ T341] ? kasan_set_track+0x4a/0x70 [ 24.201286][ T341] ? kasan_set_free_info+0x23/0x40 [ 24.206403][ T341] ? ext4_readpage+0x220/0x220 [ 24.211337][ T341] ? kmem_cache_free+0x100/0x320 [ 24.216447][ T341] ? ext4_es_free_extent+0x3de/0x4c0 [ 24.221927][ T341] ? __es_remove_extent+0x8f2/0x1750 [ 24.227250][ T341] ? ext4_es_insert_extent+0x49d/0x2d70 [ 24.233151][ T341] ? ext4_map_blocks+0xd01/0x1b20 [ 24.238607][ T341] ? ext4_convert_unwritten_extents+0x2a2/0x5c0 [ 24.244845][ T341] ? ext4_convert_unwritten_io_end_vec+0x103/0x180 [ 24.251342][ T341] ? ext4_end_io_rsv_work+0x2b9/0x600 [ 24.256856][ T341] ? process_one_work+0x6be/0xba0 [ 24.262674][ T341] ? worker_thread+0xa59/0x1200 [ 24.268060][ T341] ? kthread+0x411/0x500 [ 24.272320][ T341] ? ret_from_fork+0x1f/0x30 [ 24.277188][ T341] ? __update_load_avg_cfs_rq+0xaf/0x2f0 [ 24.282886][ T341] ? update_load_avg+0x410/0x1110 [ 24.288003][ T341] ? ext4_readpage+0x220/0x220 [ 24.292753][ T341] do_writepages+0x48a/0x6c0 [ 24.297330][ T341] ? __update_load_avg_cfs_rq+0xaf/0x2f0 [ 24.303154][ T341] ? update_load_avg+0x410/0x1110 [ 24.308272][ T341] ? __writepage+0x130/0x130 [ 24.312847][ T341] ? __update_load_avg_cfs_rq+0xaf/0x2f0 [ 24.318459][ T341] ? __kasan_check_write+0x14/0x20 [ 24.323653][ T341] ? _raw_spin_lock+0x8e/0xe0 [ 24.328335][ T341] __writeback_single_inode+0xd5/0x9c0 [ 24.334112][ T341] ? wbc_attach_and_unlock_inode+0x194/0x5f0 [ 24.340243][ T341] writeback_sb_inodes+0x9c0/0x1590 [ 24.345447][ T341] ? queue_io+0x4c0/0x4c0 [ 24.349768][ T341] ? __kasan_check_read+0x11/0x20 [ 24.354779][ T341] ? queue_io+0x382/0x4c0 [ 24.359269][ T341] wb_writeback+0x3f1/0x980 [ 24.363763][ T341] ? inode_cgwb_move_to_attached+0x3e0/0x3e0 [ 24.369741][ T341] ? set_worker_desc+0x155/0x1c0 [ 24.374757][ T341] ? __kasan_check_write+0x14/0x20 [ 24.379895][ T341] wb_workfn+0x38f/0xe20 [ 24.384134][ T341] ? inode_wait_for_writeback+0x200/0x200 [ 24.389853][ T341] ? compat_start_thread+0x20/0x20 [ 24.395041][ T341] ? _raw_spin_unlock+0x4d/0x70 [ 24.399973][ T341] ? finish_task_switch+0x16b/0x780 [ 24.406198][ T341] ? __switch_to_asm+0x3a/0x60 [ 24.411146][ T341] ? __schedule+0xb76/0x14c0 [ 24.416056][ T341] process_one_work+0x6be/0xba0 [ 24.420899][ T341] worker_thread+0xa59/0x1200 [ 24.425559][ T341] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 24.431194][ T341] ? __kthread_parkme+0xac/0x200 [ 24.436210][ T341] kthread+0x411/0x500 [ 24.440274][ T341] ? worker_clr_flags+0x190/0x190 [ 24.445743][ T341] ? kthread_blkcg+0xd0/0xd0 [ 24.450685][ T341] ret_from_fork+0x1f/0x30 [ 24.455107][ T341] [ 24.458112][ T341] [ 24.460416][ T341] Allocated by task 285: [ 24.464632][ T341] __kasan_kmalloc+0xda/0x110 [ 24.469426][ T341] __kmalloc_track_caller+0x13c/0x2c0 [ 24.474802][ T341] __alloc_skb+0x21a/0x740 [ 24.479198][ T341] rtmsg_ifinfo_build_skb+0x7c/0x180 [ 24.484490][ T341] rtnetlink_event+0xd2/0x1a0 [ 24.489152][ T341] raw_notifier_call_chain+0x90/0x100 [ 24.494508][ T341] dev_set_mac_address+0x318/0x420 [ 24.499598][ T341] dev_set_mac_address_user+0x31/0x50 [ 24.505048][ T341] do_setlink+0x807/0x3990 [ 24.509544][ T341] rtnl_newlink+0x13fa/0x17b0 [ 24.514329][ T341] rtnetlink_rcv_msg+0x9e4/0xb90 [ 24.519437][ T341] netlink_rcv_skb+0x1e0/0x430 [ 24.524380][ T341] rtnetlink_rcv+0x1c/0x20 [ 24.528780][ T341] netlink_unicast+0x876/0xa40 [ 24.533723][ T341] netlink_sendmsg+0x86a/0xb70 [ 24.538754][ T341] __sys_sendto+0x423/0x580 [ 24.543424][ T341] __x64_sys_sendto+0xe5/0x100 [ 24.548539][ T341] x64_sys_call+0x178/0x9a0 [ 24.553328][ T341] do_syscall_64+0x4c/0xa0 [ 24.557915][ T341] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 24.564061][ T341] [ 24.566459][ T341] Freed by task 285: [ 24.570441][ T341] kasan_set_track+0x4a/0x70 [ 24.575038][ T341] kasan_set_free_info+0x23/0x40 [ 24.580162][ T341] ____kasan_slab_free+0x125/0x160 [ 24.585269][ T341] __kasan_slab_free+0x11/0x20 [ 24.590016][ T341] slab_free_freelist_hook+0xc2/0x190 [ 24.595493][ T341] kfree+0xc4/0x270 [ 24.599286][ T341] pskb_expand_head+0x36c/0x11d0 [ 24.604205][ T341] netlink_trim+0x193/0x230 [ 24.608871][ T341] netlink_broadcast_filtered+0x78/0x1230 [ 24.614748][ T341] nlmsg_notify+0xed/0x1b0 [ 24.619270][ T341] rtnetlink_event+0x13a/0x1a0 [ 24.624297][ T341] raw_notifier_call_chain+0x90/0x100 [ 24.629941][ T341] dev_set_mac_address+0x318/0x420 [ 24.635221][ T341] dev_set_mac_address_user+0x31/0x50 [ 24.640592][ T341] do_setlink+0x807/0x3990 [ 24.645142][ T341] rtnl_newlink+0x13fa/0x17b0 [ 24.649897][ T341] rtnetlink_rcv_msg+0x9e4/0xb90 [ 24.655257][ T341] netlink_rcv_skb+0x1e0/0x430 [ 24.660366][ T341] rtnetlink_rcv+0x1c/0x20 [ 24.665536][ T341] netlink_unicast+0x876/0xa40 [ 24.670710][ T341] netlink_sendmsg+0x86a/0xb70 [ 24.675882][ T341] __sys_sendto+0x423/0x580 [ 24.680827][ T341] __x64_sys_sendto+0xe5/0x100 [ 24.686209][ T341] x64_sys_call+0x178/0x9a0 [ 24.690716][ T341] do_syscall_64+0x4c/0xa0 [ 24.695297][ T341] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 24.701504][ T341] [ 24.703922][ T341] The buggy address belongs to the object at ffff88810d058000 [ 24.703922][ T341] which belongs to the cache kmalloc-4k of size 4096 [ 24.718390][ T341] The buggy address is located 24 bytes to the right of [ 24.718390][ T341] 4096-byte region [ffff88810d058000, ffff88810d059000) [ 24.734604][ T341] The buggy address belongs to the page: [ 24.740767][ T341] page:ffffea0004341600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d058 [ 24.751612][ T341] head:ffffea0004341600 order:3 compound_mapcount:0 compound_pincount:0 [ 24.760292][ T341] flags: 0x4000000000010200(slab|head|zone=1) [ 24.767211][ T341] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380 [ 24.776158][ T341] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 24.784723][ T341] page dumped because: kasan: bad access detected [ 24.791645][ T341] page_owner tracks the page as allocated [ 24.797512][ T341] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 71, ts 4554354226, free_ts 0 [ 24.815724][ T341] post_alloc_hook+0x192/0x1b0 [ 24.820491][ T341] prep_new_page+0x1c/0x110 [ 24.824974][ T341] get_page_from_freelist+0x2cc5/0x2d50 [ 24.830586][ T341] __alloc_pages+0x18f/0x440 [ 24.835416][ T341] new_slab+0xa1/0x4d0 [ 24.839639][ T341] ___slab_alloc+0x381/0x810 [ 24.844299][ T341] __slab_alloc+0x49/0x90 [ 24.848971][ T341] kmem_cache_alloc_trace+0x146/0x270 [ 24.854623][ T341] __se_sys_mount+0x153/0x380 [ 24.860096][ T341] __x64_sys_mount+0xbf/0xd0 [ 24.864780][ T341] x64_sys_call+0x6bf/0x9a0 [ 24.869617][ T341] do_syscall_64+0x4c/0xa0 [ 24.874113][ T341] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 24.880252][ T341] page_owner free stack trace missing [ 24.885695][ T341] [ 24.888014][ T341] Memory state around the buggy address: [ 24.893622][ T341] ffff88810d058f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.901880][ T341] ffff88810d058f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.909952][ T341] >ffff88810d059000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.918443][ T341] ^ [ 24.923725][ T341] ffff88810d059080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.931873][ T341] ffff88810d059100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.941748][ T341] ================================================================== [ 24.950420][ T341] Disabling lock debugging due to kernel taint [ 25.002872][ T341] ------------[ cut here ]------------ [ 25.004974][ T361] F2FS-fs (loop2): Found nat_bits in checkpoint [ 25.008715][ T341] kernel BUG at fs/ext4/inode.c:2433! [ 25.022863][ T341] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 25.029241][ T341] CPU: 1 PID: 341 Comm: kworker/u4:3 Tainted: G B 5.15.189-syzkaller-00079-ga71626bd56a5 #0 [ 25.040888][ T341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 25.051678][ T341] Workqueue: writeback wb_workfn (flush-7:3) [ 25.058356][ T341] RIP: 0010:ext4_writepages+0x2eed/0x2f90 [ 25.064699][ T341] Code: 00 74 08 48 89 df e8 22 01 ce ff 48 8b 3b 48 8b 74 24 28 48 8b 54 24 30 44 89 e9 45 89 f0 e8 6a 9b 07 00 eb 51 e8 a3 88 8f ff <0f> 0b e8 9c 88 8f ff eb 2f e8 95 88 8f ff eb 5f e8 8e 88 8f ff 31 [ 25.085463][ T341] RSP: 0018:ffffc900079c7100 EFLAGS: 00010293 [ 25.092028][ T341] RAX: ffffffff81d9272d RBX: ffff888111adb018 RCX: ffff88810d2ebb40 [ 25.100005][ T341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 25.108523][ T341] RBP: ffffc900079c7470 R08: dffffc0000000000 R09: ffffed102235b5fc [ 25.116850][ T341] R10: ffffed102235b5fc R11: 1ffff1102235b5fb R12: dffffc0000000000 [ 25.125014][ T341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 25.133589][ T341] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 25.143288][ T341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.150042][ T341] CR2: 00007f6761c37178 CR3: 00000001297a6000 CR4: 00000000003506a0 [ 25.158709][ T341] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.167007][ T341] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.175227][ T341] Call Trace: [ 25.178499][ T341] [ 25.181419][ T341] ? arch_stack_walk+0x108/0x140 [ 25.186444][ T341] ? kasan_set_track+0x4a/0x70 [ 25.191282][ T341] ? kasan_set_free_info+0x23/0x40 [ 25.196374][ T341] ? ext4_readpage+0x220/0x220 [ 25.201117][ T341] ? kmem_cache_free+0x100/0x320 [ 25.206040][ T341] ? ext4_es_free_extent+0x3de/0x4c0 [ 25.211391][ T341] ? __es_remove_extent+0x8f2/0x1750 [ 25.216846][ T341] ? ext4_es_insert_extent+0x49d/0x2d70 [ 25.222521][ T341] ? ext4_map_blocks+0xd01/0x1b20 [ 25.228145][ T341] ? ext4_convert_unwritten_extents+0x2a2/0x5c0 [ 25.234404][ T341] ? ext4_convert_unwritten_io_end_vec+0x103/0x180 [ 25.241062][ T341] ? ext4_end_io_rsv_work+0x2b9/0x600 [ 25.247209][ T341] ? process_one_work+0x6be/0xba0 [ 25.252960][ T341] ? worker_thread+0xa59/0x1200 [ 25.258262][ T341] ? kthread+0x411/0x500 [ 25.262629][ T341] ? ret_from_fork+0x1f/0x30 [ 25.267647][ T341] ? __update_load_avg_cfs_rq+0xaf/0x2f0 [ 25.273556][ T341] ? update_load_avg+0x410/0x1110 [ 25.278831][ T341] ? ext4_readpage+0x220/0x220 [ 25.283696][ T341] do_writepages+0x48a/0x6c0 [ 25.288419][ T341] ? __update_load_avg_cfs_rq+0xaf/0x2f0 [ 25.294456][ T341] ? update_load_avg+0x410/0x1110 [ 25.300431][ T341] ? __writepage+0x130/0x130 [ 25.305610][ T341] ? __update_load_avg_cfs_rq+0xaf/0x2f0 [ 25.311417][ T341] ? __kasan_check_write+0x14/0x20 [ 25.316885][ T341] ? _raw_spin_lock+0x8e/0xe0 [ 25.321658][ T341] __writeback_single_inode+0xd5/0x9c0 [ 25.327117][ T341] ? wbc_attach_and_unlock_inode+0x194/0x5f0 [ 25.333188][ T341] writeback_sb_inodes+0x9c0/0x1590 [ 25.338463][ T341] ? queue_io+0x4c0/0x4c0 [ 25.342776][ T341] ? __kasan_check_read+0x11/0x20 [ 25.347794][ T341] ? queue_io+0x382/0x4c0 [ 25.352196][ T341] wb_writeback+0x3f1/0x980 [ 25.356825][ T341] ? inode_cgwb_move_to_attached+0x3e0/0x3e0 [ 25.362990][ T341] ? set_worker_desc+0x155/0x1c0 [ 25.368030][ T341] ? __kasan_check_write+0x14/0x20 [ 25.373137][ T341] wb_workfn+0x38f/0xe20 [ 25.377466][ T341] ? inode_wait_for_writeback+0x200/0x200 [ 25.383271][ T341] ? compat_start_thread+0x20/0x20 [ 25.388383][ T341] ? _raw_spin_unlock+0x4d/0x70 [ 25.393231][ T341] ? finish_task_switch+0x16b/0x780 [ 25.398473][ T341] ? __switch_to_asm+0x3a/0x60 [ 25.403874][ T341] ? __schedule+0xb76/0x14c0 [ 25.408573][ T341] process_one_work+0x6be/0xba0 [ 25.413874][ T341] worker_thread+0xa59/0x1200 [ 25.418725][ T341] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 25.424422][ T341] ? __kthread_parkme+0xac/0x200 [ 25.429548][ T341] kthread+0x411/0x500 [ 25.433613][ T341] ? worker_clr_flags+0x190/0x190 [ 25.438895][ T341] ? kthread_blkcg+0xd0/0xd0 [ 25.444073][ T341] ret_from_fork+0x1f/0x30 [ 25.448576][ T341] [ 25.451868][ T341] Modules linked in: [ 25.459808][ T341] ---[ end trace 82fcc2637837d963 ]--- [ 25.465477][ T341] RIP: 0010:ext4_writepages+0x2eed/0x2f90 [ 25.471678][ T341] Code: 00 74 08 48 89 df e8 22 01 ce ff 48 8b 3b 48 8b 74 24 28 48 8b 54 24 30 44 89 e9 45 89 f0 e8 6a 9b 07 00 eb 51 e8 a3 88 8f ff <0f> 0b e8 9c 88 8f ff eb 2f e8 95 88 8f ff eb 5f e8 8e 88 8f ff 31 [ 25.476894][ T361] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 25.499906][ T341] RSP: 0018:ffffc900079c7100 EFLAGS: 00010293 [ 25.511000][ T341] RAX: ffffffff81d9272d RBX: ffff888111adb018 RCX: ffff88810d2ebb40 [ 25.520101][ T341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 25.528238][ T341] RBP: ffffc900079c7470 R08: dffffc0000000000 R09: ffffed102235b5fc [ 25.536416][ T341] R10: ffffed102235b5fc R11: 1ffff1102235b5fb R12: dffffc0000000000 [ 25.539354][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 25.539369][ T30] audit: type=1400 audit(1753768796.819:132): avc: denied { create } for pid=360 comm="syz.2.4" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 25.544654][ T341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 25.552600][ T30] audit: type=1400 audit(1753768796.829:133): avc: denied { remount } for pid=360 comm="syz.2.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 25.571341][ T341] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 25.579736][ T370] attempt to access beyond end of device [ 25.579736][ T370] loop2: rw=2049, want=45104, limit=40427 [ 25.598532][ T341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.627046][ T341] CR2: 00007f3a096ec000 CR3: 00000001266d9000 CR4: 00000000003506a0 [ 25.636546][ T341] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.645062][ T341] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.654185][ T341] Kernel panic - not syncing: Fatal exception [ 25.661421][ T341] Kernel Offset: disabled [ 25.666341][ T341] Rebooting in 86400 seconds..