program: syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=") perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xca, 0x1, 0xf, 0x0, 0x0, 0x1, 0x80303, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_config_ext={0x9, 0x8}, 0x10e170, 0x0, 0x1, 0x4, 0x0, 0x1000000, 0xfffd, 0x0, 0x0, 0x0, 0x403}, 0x0, 0x0, 0xffffffffffffffff, 0x3) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x9) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0xc8, 0xd, 0x0, 0x0, 0x0, 0x75, 0x24200, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e, 0x4, @perf_bp={0x0}, 0x14705, 0x32, 0xfffffbff, 0x6, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='pids.events\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x8000) r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r4, 0x0, 0x0) [ 68.002700][ T4684] Bluetooth: hci0: command tx timeout [ 68.358792][ T5336] loop0: detected capacity change from 0 to 32768 [ 68.398054][ T5336] (syz.0.0,5336,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 68.426680][ T5336] (syz.0.0,5336,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 68.470586][ T5336] JBD2: Ignoring recovery information on journal [ 68.528749][ T5336] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 70.022133][ T4684] Bluetooth: hci0: command tx timeout [ 70.379530][ T5340] getblk(): invalid block size 512 requested [ 70.382578][ T5340] logical block size: 32768 [ 70.384582][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 70.384600][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.384608][ T5340] Call Trace: [ 70.384616][ T5340] [ 70.384622][ T5340] dump_stack_lvl+0x189/0x250 [ 70.384714][ T5340] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.384728][ T5340] ? __pfx__printk+0x10/0x10 [ 70.384750][ T5340] ? fs_reclaim_acquire+0x7d/0x100 [ 70.384807][ T5340] bdev_getblk+0x5b0/0x690 [ 70.384834][ T5340] ocfs2_read_blocks+0x533/0x1540 [ 70.384862][ T5340] ? __pfx_ocfs2_validate_dir_block+0x10/0x10 [ 70.384881][ T5340] ? __pfx_ocfs2_read_blocks+0x10/0x10 [ 70.384898][ T5340] ? __up_read+0x280/0x680 [ 70.384915][ T5340] ? __pfx___up_read+0x10/0x10 [ 70.384938][ T5340] ocfs2_read_virt_blocks+0x3ea/0x950 [ 70.384953][ T5340] ? __pfx_ocfs2_validate_dir_block+0x10/0x10 [ 70.384971][ T5340] ? __pfx_ocfs2_read_virt_blocks+0x10/0x10 [ 70.384989][ T5340] ? __lock_acquire+0xab9/0xd20 [ 70.385008][ T5340] ocfs2_read_dir_block+0xd6/0x4d0 [ 70.385022][ T5340] ? __pfx_ocfs2_read_dir_block+0x10/0x10 [ 70.385037][ T5340] ? do_raw_spin_unlock+0x4d/0x240 [ 70.385054][ T5340] ? _raw_spin_unlock+0x28/0x50 [ 70.385102][ T5340] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40 [ 70.385122][ T5340] ocfs2_dir_foreach_blk+0x29c/0x18a0 [ 70.385150][ T5340] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10 [ 70.385164][ T5340] ? do_raw_spin_lock+0x121/0x290 [ 70.385186][ T5340] ? do_raw_spin_unlock+0x4d/0x240 [ 70.385204][ T5340] ? _raw_spin_unlock+0x28/0x50 [ 70.385218][ T5340] ? ocfs2_inode_unlock+0x121/0x150 [ 70.385235][ T5340] ocfs2_readdir+0x254/0x4c0 [ 70.385247][ T5340] ? __pfx_ocfs2_readdir+0x10/0x10 [ 70.385255][ T5340] ? down_write+0x162/0x1f0 [ 70.385268][ T5340] ? __pfx_down_write+0x10/0x10 [ 70.385284][ T5340] ? __pfx_ocfs2_readdir+0x10/0x10 [ 70.385296][ T5340] wrap_directory_iterator+0x93/0xe0 [ 70.385312][ T5340] iterate_dir+0x5ac/0x770 [ 70.385328][ T5340] __se_sys_getdents+0xe4/0x250 [ 70.385341][ T5340] ? __pfx___se_sys_getdents+0x10/0x10 [ 70.385352][ T5340] ? __pfx_filldir+0x10/0x10 [ 70.385365][ T5340] ? rcu_is_watching+0x15/0xb0 [ 70.385383][ T5340] ? do_syscall_64+0xbe/0x3b0 [ 70.385401][ T5340] do_syscall_64+0xfa/0x3b0 [ 70.385413][ T5340] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.385431][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.385443][ T5340] ? clear_bhb_loop+0x60/0xb0 [ 70.385456][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.385467][ T5340] RIP: 0033:0x7f1cee18e929 [ 70.385480][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.385489][ T5340] RSP: 002b:00007f1cef09c038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 70.385503][ T5340] RAX: ffffffffffffffda RBX: 00007f1cee3b6160 RCX: 00007f1cee18e929 [ 70.385513][ T5340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 70.385521][ T5340] RBP: 00007f1cee210ca1 R08: 0000000000000000 R09: 0000000000000000 [ 70.385528][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.385534][ T5340] R13: 0000000000000000 R14: 00007f1cee3b6160 R15: 00007ffed0d263b8 [ 70.385551][ T5340] [ 70.385556][ T5340] (syz.0.0,5340,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 70.533140][ T5340] (syz.0.0,5340,0):ocfs2_read_virt_blocks:1029 ERROR: status = -12 [ 70.537238][ T5340] (syz.0.0,5340,0):ocfs2_read_dir_block:511 ERROR: status = -12 [ 70.558963][ T5339] getblk(): invalid block size 512 requested [ 70.561658][ T5339] logical block size: 32768 [ 70.563687][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: jbd2/loop0-29 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 70.563702][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.563708][ T5339] Call Trace: [ 70.563716][ T5339] [ 70.563721][ T5339] dump_stack_lvl+0x189/0x250 [ 70.563740][ T5339] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.563752][ T5339] ? __pfx__printk+0x10/0x10 [ 70.563769][ T5339] ? fs_reclaim_acquire+0x7d/0x100 [ 70.563784][ T5339] bdev_getblk+0x5b0/0x690 [ 70.563797][ T5339] ? __pfx_jbd2_journal_next_log_block+0x10/0x10 [ 70.563817][ T5339] jbd2_journal_get_descriptor_buffer+0x147/0x420 [ 70.563833][ T5339] jbd2_journal_commit_transaction+0x12dd/0x5a00 [ 70.563864][ T5339] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 70.563880][ T5339] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 70.563895][ T5339] ? rcu_is_watching+0x15/0xb0 [ 70.563910][ T5339] ? __try_to_del_timer_sync+0x34a/0x3a0 [ 70.563929][ T5339] ? __pfx___timer_delete_sync+0x10/0x10 [ 70.563950][ T5339] kjournald2+0x3cf/0x750 [ 70.563972][ T5339] ? __pfx_kjournald2+0x10/0x10 [ 70.563985][ T5339] ? __pfx_autoremove_wake_function+0x10/0x10 [ 70.564000][ T5339] ? __kthread_parkme+0x7b/0x200 [ 70.564013][ T5339] ? __kthread_parkme+0x1a1/0x200 [ 70.564027][ T5339] kthread+0x70e/0x8a0 [ 70.564042][ T5339] ? __pfx_kjournald2+0x10/0x10 [ 70.564055][ T5339] ? __pfx_kthread+0x10/0x10 [ 70.564068][ T5339] ? _raw_spin_unlock_irq+0x23/0x50 [ 70.564081][ T5339] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.564094][ T5339] ? __pfx_kthread+0x10/0x10 [ 70.564107][ T5339] ret_from_fork+0x3fc/0x770 [ 70.564121][ T5339] ? __pfx_ret_from_fork+0x10/0x10 [ 70.564137][ T5339] ? __pfx_kthread+0x10/0x10 [ 70.564152][ T5339] ret_from_fork_asm+0x1a/0x30 [ 70.564176][ T5339] [ 70.564341][ T5339] Aborting journal on device loop0-29. [ 70.646184][ T5336] (syz.0.0,5336,0):ocfs2_extend_trans:460 ERROR: status = -30 [ 70.664707][ T5336] (syz.0.0,5336,0):ocfs2_insert_path:4189 ERROR: status = -30 [ 70.671234][ T5336] (syz.0.0,5336,0):ocfs2_do_insert_extent:4345 ERROR: status = -30 [ 70.674562][ T5336] (syz.0.0,5336,0):ocfs2_insert_extent:4767 ERROR: status = -30 [ 70.682576][ T5336] (syz.0.0,5336,0):ocfs2_add_clusters_in_btree:4860 ERROR: status = -30 [ 70.686155][ T5336] (syz.0.0,5336,0):__ocfs2_journal_access:727 ERROR: Error -30 getting 2 access to buffer! [ 70.691064][ T5336] (syz.0.0,5336,0):ocfs2_block_group_clear_bits:2491 ERROR: status = -30 [ 70.694461][ T5336] (syz.0.0,5336,0):_ocfs2_free_suballoc_bits:2592 ERROR: status = -30 [ 70.698991][ T5336] (syz.0.0,5336,0):_ocfs2_free_clusters:2676 ERROR: status = -30 [ 70.702004][ T5336] (syz.0.0,5336,0):ocfs2_write_cluster:1131 ERROR: status = -30 [ 70.705888][ T5336] (syz.0.0,5336,0):ocfs2_write_cluster_by_desc:1225 ERROR: status = -30 [ 70.710406][ T5336] (syz.0.0,5336,0):ocfs2_write_begin_nolock:1798 ERROR: status = -30 [ 70.714169][ T5336] [ 70.715192][ T5336] ============================================ [ 70.717812][ T5336] WARNING: possible recursive locking detected [ 70.720435][ T5336] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted [ 70.723722][ T5336] -------------------------------------------- [ 70.726568][ T5336] syz.0.0/5336 is trying to acquire lock: [ 70.729228][ T5336] ffff888033b30618 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_mark_dquot_dirty+0x4a3/0xd10 [ 70.733594][ T5336] [ 70.733594][ T5336] but task is already holding lock: [ 70.736871][ T5336] ffff888033b30618 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_write_begin_nolock+0x26ee/0x4340 [ 70.741208][ T5336] [ 70.741208][ T5336] other info that might help us debug this: [ 70.744787][ T5336] Possible unsafe locking scenario: [ 70.744787][ T5336] [ 70.748184][ T5336] CPU0 [ 70.749772][ T5336] ---- [ 70.751325][ T5336] lock(sb_internal#2); [ 70.753083][ T5336] lock(sb_internal#2); [ 70.754649][ T5336] [ 70.754649][ T5336] *** DEADLOCK *** [ 70.754649][ T5336] [ 70.758088][ T5336] May be due to missing lock nesting notation [ 70.758088][ T5336] [ 70.761732][ T5336] 9 locks held by syz.0.0/5336: [ 70.764015][ T5336] #0: ffff8880372510d8 (sk_lock-AF_TIPC){+.+.}-{0:0}, at: tipc_wait_for_rcvmsg+0x339/0x630 [ 70.768987][ T5336] #1: ffff8880367f15e0 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x32/0x300 [ 70.773496][ T5336] #2: ffff888033b30520 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x14a/0x310 [ 70.777493][ T5336] #3: ffff8880451914a0 (&oi->ip_alloc_sem){++++}-{4:4}, at: ocfs2_page_mkwrite+0x2ff/0xc40 [ 70.781825][ T5336] #4: ffff888045189800 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640 [ 70.787523][ T5336] #5: ffff888045185100 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640 [ 70.793340][ T5336] #6: ffff888033b30618 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_write_begin_nolock+0x26ee/0x4340 [ 70.797921][ T5336] #7: ffff88803fc7b0e8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x36a/0x6d0 [ 70.802611][ T5336] #8: ffffffff8e2bfb90 (dquot_srcu){.+.+}-{0:0}, at: __dquot_free_space+0x18e/0xc00 [ 70.807024][ T5336] [ 70.807024][ T5336] stack backtrace: [ 70.809449][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 70.809462][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.809468][ T5336] Call Trace: [ 70.809473][ T5336] [ 70.809478][ T5336] dump_stack_lvl+0x189/0x250 [ 70.809492][ T5336] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.809501][ T5336] ? __pfx__printk+0x10/0x10 [ 70.809513][ T5336] ? print_lock_name+0xde/0x100 [ 70.809523][ T5336] print_deadlock_bug+0x28b/0x2a0 [ 70.809535][ T5336] validate_chain+0x1a3f/0x2140 [ 70.809550][ T5336] __lock_acquire+0xab9/0xd20 [ 70.809570][ T5336] ? ocfs2_mark_dquot_dirty+0x4a3/0xd10 [ 70.809588][ T5336] lock_acquire+0x120/0x360 [ 70.809600][ T5336] ? ocfs2_mark_dquot_dirty+0x4a3/0xd10 [ 70.809619][ T5336] ? do_raw_spin_unlock+0x4d/0x240 [ 70.809631][ T5336] ocfs2_start_trans+0x26b/0x6d0 [ 70.809644][ T5336] ? ocfs2_mark_dquot_dirty+0x4a3/0xd10 [ 70.809655][ T5336] ? __pfx_ocfs2_start_trans+0x10/0x10 [ 70.809666][ T5336] ocfs2_mark_dquot_dirty+0x4a3/0xd10 [ 70.809678][ T5336] ? __lock_acquire+0xab9/0xd20 [ 70.809685][ T5336] ? __pfx_ocfs2_mark_dquot_dirty+0x10/0x10 [ 70.809695][ T5336] ? do_raw_spin_lock+0x121/0x290 [ 70.809706][ T5336] mark_all_dquot_dirty+0xfe/0x460 [ 70.809717][ T5336] __dquot_free_space+0x80b/0xc00 [ 70.809727][ T5336] ? __dquot_free_space+0x18e/0xc00 [ 70.809737][ T5336] ? ocfs2_metadata_cache_get_super+0x43/0x80 [ 70.809746][ T5336] dquot_free_space+0x1b/0x30 [ 70.809756][ T5336] ocfs2_write_begin_nolock+0x2dd5/0x4340 [ 70.809772][ T5336] ? __pfx_ocfs2_write_begin_nolock+0x10/0x10 [ 70.809781][ T5336] ? _copy_to_iter+0x24c/0x16f0 [ 70.809789][ T5336] ? __lock_acquire+0xab9/0xd20 [ 70.809797][ T5336] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 70.809813][ T5336] ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ 70.809823][ T5336] ? __lock_acquire+0xab9/0xd20 [ 70.809836][ T5336] ? ocfs2_page_mkwrite+0x2ff/0xc40 [ 70.809848][ T5336] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.809862][ T5336] ? sigprocmask+0x15d/0x1a0 [ 70.809870][ T5336] ? down_write+0x162/0x1f0 [ 70.809880][ T5336] ? __pfx_down_write+0x10/0x10 [ 70.809893][ T5336] ocfs2_page_mkwrite+0x600/0xc40 [ 70.809909][ T5336] ? do_page_mkwrite+0x14a/0x310 [ 70.809919][ T5336] ? __pfx_ocfs2_page_mkwrite+0x10/0x10 [ 70.809927][ T5336] ? _raw_spin_unlock_irq+0x2e/0x50 [ 70.809937][ T5336] ? rcu_is_watching+0x15/0xb0 [ 70.809945][ T5336] ? ocfs2_fault+0x20b/0x3f0 [ 70.809953][ T5336] ? __pfx_ocfs2_fault+0x10/0x10 [ 70.809962][ T5336] do_page_mkwrite+0x14a/0x310 [ 70.809972][ T5336] __handle_mm_fault+0x1a60/0x5620 [ 70.809982][ T5336] ? __pfx___handle_mm_fault+0x10/0x10 [ 70.809992][ T5336] ? find_vma+0xe7/0x160 [ 70.809999][ T5336] ? __pfx_find_vma+0x10/0x10 [ 70.810007][ T5336] handle_mm_fault+0x40a/0x8e0 [ 70.810015][ T5336] do_user_addr_fault+0x764/0x1390 [ 70.810025][ T5336] exc_page_fault+0x76/0xf0 [ 70.810038][ T5336] asm_exc_page_fault+0x26/0x30 [ 70.810048][ T5336] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 70.810067][ T5336] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 70.810076][ T5336] RSP: 0018:ffffc9000f687698 EFLAGS: 00050206 [ 70.810088][ T5336] RAX: ffffffff84bf6101 RBX: ffff888053b800e8 RCX: 0000000000004d70 [ 70.810096][ T5336] RDX: 0000000000000000 RSI: ffff888053b8b548 RDI: 0000200000433000 [ 70.810136][ T5336] RBP: ffffc9000f687800 R08: ffff888053b902b7 R09: 1ffff1100a772056 [ 70.810145][ T5336] R10: dffffc0000000000 R11: ffffed100a772057 R12: 1ffff92001ed0fbf [ 70.810154][ T5336] R13: 0000200000427ba0 R14: ffffc9000f687e08 R15: 00000000000101d0 [ 70.810164][ T5336] ? _copy_to_iter+0x211/0x16f0 [ 70.810176][ T5336] _copy_to_iter+0x24c/0x16f0 [ 70.810189][ T5336] ? __pfx__copy_to_iter+0x10/0x10 [ 70.810202][ T5336] ? tipc_wait_for_rcvmsg+0x4ef/0x630 [ 70.810222][ T5336] __skb_datagram_iter+0xf8/0x990 [ 70.810287][ T5336] ? __pfx_tipc_wait_for_rcvmsg+0x10/0x10 [ 70.810299][ T5336] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 70.810317][ T5336] skb_copy_datagram_iter+0xc5/0x230 [ 70.810333][ T5336] tipc_recvstream+0x72d/0xe70 [ 70.810351][ T5336] ? __pfx_tipc_recvstream+0x10/0x10 [ 70.810366][ T5336] sock_recvmsg+0x229/0x270 [ 70.810377][ T5336] ____sys_recvmsg+0x1c9/0x460 [ 70.810394][ T5336] ? __pfx_____sys_recvmsg+0x10/0x10 [ 70.810407][ T5336] ? import_iovec+0x74/0xa0 [ 70.810415][ T5336] ___sys_recvmsg+0x1b5/0x510 [ 70.810424][ T5336] ? __pfx____sys_recvmsg+0x10/0x10 [ 70.810437][ T5336] ? __fget_files+0x3a0/0x420 [ 70.810449][ T5336] __x64_sys_recvmsg+0x198/0x260 [ 70.810459][ T5336] ? __pfx___x64_sys_recvmsg+0x10/0x10 [ 70.810469][ T5336] ? rcu_is_watching+0x15/0xb0 [ 70.810478][ T5336] ? do_syscall_64+0xbe/0x3b0 [ 70.810485][ T5336] do_syscall_64+0xfa/0x3b0 [ 70.810491][ T5336] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.810502][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.810512][ T5336] ? clear_bhb_loop+0x60/0xb0 [ 70.810523][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.810533][ T5336] RIP: 0033:0x7f1cee18e929 [ 70.810544][ T5336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.810553][ T5336] RSP: 002b:00007f1cef0de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 70.810572][ T5336] RAX: ffffffffffffffda RBX: 00007f1cee3b5fa0 RCX: 00007f1cee18e929 [ 70.810581][ T5336] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000004 [ 70.810588][ T5336] RBP: 00007f1cee210ca1 R08: 0000000000000000 R09: 0000000000000000 [ 70.810595][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.810601][ T5336] R13: 0000000000000000 R14: 00007f1cee3b5fa0 R15: 00007ffed0d263b8 [ 70.810609][ T5336] [ 71.059163][ T5339] Buffer I/O error on dev loop0, logical block 552, lost sync page write [ 71.062799][ T5339] JBD2: I/O error when updating journal superblock for loop0-29. [ 71.066572][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff888031c3fe80, bh->b_blocknr = 16954 [ 71.073552][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.080713][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.084798][ T5339] OCFS2: Returning error to the calling process. [ 71.087859][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880451be2b8, bh->b_blocknr = 16970 [ 71.094269][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.101312][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.105444][ T5339] OCFS2: Returning error to the calling process. [ 71.108674][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff88804503dd98, bh->b_blocknr = 23 [ 71.115097][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.122562][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.127254][ T5339] OCFS2: Returning error to the calling process. [ 71.130140][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880451bf3a0, bh->b_blocknr = 8 [ 71.136163][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.144961][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.149599][ T5339] OCFS2: Returning error to the calling process. [ 71.152077][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880451c0740, bh->b_blocknr = 16979 [ 71.158172][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.164790][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.169332][ T5339] OCFS2: Returning error to the calling process. [ 71.172192][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880452bc910, bh->b_blocknr = 28672 [ 71.183933][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.191613][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.195688][ T5339] OCFS2: Returning error to the calling process. [ 71.198793][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff88804503e1d0, bh->b_blocknr = 27 [ 71.204659][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.212612][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.216773][ T5339] OCFS2: Returning error to the calling process. [ 71.219458][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880451bfae0, bh->b_blocknr = 19024 [ 71.225421][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.238056][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.242029][ T5339] OCFS2: Returning error to the calling process. [ 71.244998][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880451bf910, bh->b_blocknr = 19026 [ 71.252508][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.259460][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.263447][ T5339] OCFS2: Returning error to the calling process. [ 71.266147][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff888000cd0ae0, bh->b_blocknr = 17 [ 71.272255][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.279169][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.283254][ T5339] OCFS2: Returning error to the calling process. [ 71.285965][ T5339] (jbd2/loop0-29,5339,0):ocfs2_abort_trigger:590 ERROR: ocfs2_abort_trigger called by JBD2. bh = 0xffff8880451bf828, bh->b_blocknr = 19027 [ 71.291623][ T5339] OCFS2: ERROR (device loop0): void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *, struct buffer_head *): JBD2 has aborted our journal, ocfs2 cannot continue [ 71.298316][ T5339] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.302124][ T5339] OCFS2: Returning error to the calling process. [ 71.305010][ T5339] JBD2: Detected IO errors -5 while flushing file data on loop0-29 [ 71.310077][ T5340] syz.0.0 (5340) used greatest stack depth: 18808 bytes left [ 71.314174][ T5336] (syz.0.0,5336,0):ocfs2_start_trans:379 ERROR: status = -30 [ 71.317518][ T5336] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 71.322513][ T5336] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.326283][ T5336] OCFS2: Returning error to the calling process. [ 71.329422][ T5336] (syz.0.0,5336,0):ocfs2_write_dquot:682 ERROR: status = -30 [ 71.332517][ T5336] (syz.0.0,5336,0):ocfs2_mark_dquot_dirty:983 ERROR: status = -30 [ 71.335983][ T5336] (syz.0.0,5336,0):ocfs2_start_trans:379 ERROR: status = -30 [ 71.340926][ T5336] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 71.346404][ T5336] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.352132][ T5336] OCFS2: Returning error to the calling process. [ 71.355848][ T5336] (syz.0.0,5336,0):ocfs2_write_dquot:682 ERROR: status = -30 [ 71.360184][ T5336] (syz.0.0,5336,0):ocfs2_mark_dquot_dirty:983 ERROR: status = -30 [ 71.363754][ T5336] (syz.0.0,5336,0):__ocfs2_page_mkwrite:97 ERROR: status = -30 [ 71.367818][ T5336] (syz.0.0,5336,0):ocfs2_start_trans:379 ERROR: status = -30 [ 71.371088][ T5336] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal [ 71.375315][ T5336] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 71.379509][ T5336] OCFS2: Returning error to the calling process. [ 71.382206][ T5336] (syz.0.0,5336,0):ocfs2_write_begin_nolock:1751 ERROR: status = -30 [ 71.385519][ T5336] (syz.0.0,5336,0):__ocfs2_page_mkwrite:97 ERROR: status = -30