program:
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x5, 0x1a4, &(0x7f0000000440)="$eJzs0L9rE2Ecx/H397knPypUjYpDBRuwGC9Uk7uqg1NwipADBxfBoCGNTTFR08tgSwtdpCDVDv4DOtVRBZ1EFJyLg+Cg59JNmqE4iINE7vJU8G/weQ33ue8H7p6HbzvshRng9+5ykwoJh/18RNDApIw6pUb52szfTW6MgotmXjf5zOREuLh0q9HptBbyF/Lk/imAH0n3twpfcFQxECrI593lZkNuBAwrdNVsQK5G8SFOnZ77iAk9zpHrOAwL61xS9KRQgwOlfvduKVxcOj3fbcy15lq3fX/mfPlsuXzOL92c77TKrxD3gSiesIIbkAkYc1dI1bm/pfcxLYjbVpEjxQHpOhtbzqkT0wOUu8MQ4V1hQOarbufVFU6SvRZfvsph4SlOwFSNMYUmOaiKXFYvxdOf9M+UIrvqOGeadzqza1eV/EpvVmQnK942qYKHX/SYiVfDId6zFjEVUY3YjNj+xqS8iU/Z26tejZ/PzXSM45DmXqPfX/DS8EF08Pgg4OdgPPmdSu6Vg7fmGxN82XuxLMuyLMuyLMuy/gN/AgAA//96xWPy")
listxattr(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000300)=""/195, 0xc3)
newfstatat(0xffffffffffffff9c, &(0x7f0000000fc0)='./file1\x00', &(0x7f0000001000), 0x1000)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x11, 0x5109, &(0x7f000000f400)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVioGFVN1SiVkNOURwgUIUFNSJSKOpGrmXvP7J1zdx6Odx1v+vtJ3jkz//O8c2c85947ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP8fjt3xhotaxd981SPf/u4Db//44Y8s3P3EVz51RwjTtce7snDXxac+11s5+Z7vHfrpF7+wad2jp/vzcnk8rKn+6c7vfCLW+ou1IXyjK4TeNLB+OAv05feHY32vGg5hXVgM1EvMDGUl0obDDwZDOBIWA/WqvjUYwnAhsO3R7z/0mWrinsEQLg0hVNI2flzJ2hhMA5f1Z4GhNHBrbxb4nzOZeuCb3VkAzll8MdR3+oXpxgxjS5drsv/1LVvHXlzp8HpiYqx5vt9uXeFOFfSnD0yf09NWqo4VUXp5HPdqWwWvttJ2vsvTVvwglX9CObMYqoTuXTM37Dgwtz8+0h0mJnqa1bRCz/NjT31059mkV81+GDswtiz74b2f//nHvvTktfff98l3XP/gM78fP9dunixs0mJ6pVVCvs+tmucx2uL9ZBW8/EqfksbbPm21Ii/xD12f/tnf/kmreGn+P9Z6/h9353jb3ZA71np6JJubx0eGY+LUSDY3BwAAgFVjNRw1nf/K1VOt6ivN/8c7O/8fT/nnk/lstMdD2FJL3D4awiW1x7PAsdjcB0dDeG0tNd0Y2JoEjofwilriinpVSYmBWGI8CfxqJA9sSQInYmA6CXw5Bu5KAp+IgYUksDMGjieBt8ZAmG0cxx+P5OPoODAYA9uzjbgQr0J4eiS2lmyrx+tVAQAALJN8dtjXeLdwrcO5ZojTy4XBdhniFdhNM1SSGtIZbH1a1bSG3nY1dLeroT7u+dbDL9Xc1a7m0mUYXY0Z9n70d38WWijN/ydbz/8rS3Skq3T+P4Tran9j7u48MlePb59uyAAAAACcgzVbb9nWKl6a/2/p7Pr/eEykp5A5PBwPQ+weDWGyMZBVe3U5kJ31XpMHAAAAYDWon4+vnwufzW+zS7TT+XQ5//RZ5o8n/rcsmf/X73zTTa36W5r/T3d2/f9Q423WiROxF58dDWGgEPhh7GU1UDMeAz97S2MgH/+JuAHujFXlFybUq7ozltgeA5NJ4EizEo/US1zSGMifrHrjt9fHMZuXKAQAAADgvIuHA+J5+Xj9/2MHTr6tVbnS/H/72V3/X5sHly7vn1sTwobeEHrSLwY8PJQtDBgDw1154rtDWV09aVWHhkK4pjqwtKon8vX/e9M1Bh8dzKqKgUte99WnLqsm/m4whA3FwI/ef3RTNbE/CdQbf99gCK+pjjZt/OsDWeN9aeP3DoTw6kKgXtUHB0KoNtafVvX9Sv47BmlVD1ZCuKgQqFe1uRLCwQDAKhX/K91VfHDfwdt275ibm9m7gol4DH8w3DA7NzOx89a5XZUmfdqV9LlhGaND5TE1XQ4p8Xi+RNGx564a6SRd/57gZLEv+XH80oWD+f34WaivNs6pvoa7V6ZDfsPry02EwiepF2vIQ8VKFp/EUv0xf39YEwYO7JvZO/HhHfv3792Y/e00+1T2Nw4q21Yb0201tFTfLoDd4/JiJRv237xnw76Dt62fvXnHjTM3ztwyNfnGTZs3TU1u3ryhOqrJ7G+boV6+VNXJUM8cPf9DfWVvoZLz8a4hISGx2hLztx9d0+rtpzT/39N6/h/fdeI7f74+Q7Pz/2PxNH/2+OJp/u0xcKTT8/9jzc7m1y8MGE8C8zEw7zQ/AAAALw3xcGQ87BiPWvcfvfI3rcqV5v/znX3/f5nW/68vXf+uZsv8XxFLTDZb/z9d5r++/v98s/X/02X+6+v/H3kR1v8/UA8km+Rp6/8DAAAvBedv/f+2y/unPxBQytB2ef/0BwJKGdou49/pDwSc9fr/Uzf99BehhdL8/67O5v8W7gcAAIALx93/9NRrWsVL8/8jnc3/z//6f6HZ9f/jzQLTzRYGtP4fAAAAq1Sz9f/OjP7F+1qVK83/Fzqb/8fLLrobcsdaT49ka9qFdE27UyP1rwwAAADA6tAdJib6OszbsDLq1hfe5mP5UqCt0kU/vPq/bmxVX2n+f7yz+X/D9zLu/fzPP/alJ6+9//R9n3zH9Q8+8/vxxfP/AAAAwMrp9LgEAAAAAAAAAAAAAADw4jvwgX891Spe+v5/uK72eLPv/8ff/YvfL3h5Q+5Ya/v1//L72979wMHakoUPj4Tw+mJg9+Hd60L+2/yXFwMPXX/FxdXE4bTEd37y1l9WEx9IA+9c/7Jnq4lrksD2uEjiK9JA/FXFZ9cmgbi84r+ngbg9FtJAfx749NpsHF3ptvr1cLatutJt9R/DIYwWAvVt9Y3hrI2udID3JIH6AD+UBuIA35MHutNePbAm61UMDMeif7Mm6xUAABes+CmwL9wwOzczGT/Cx9tX9jbeRg1Llh0qV9vTYfOP50uTHXvuqpFO0j3pZ9HF3xrvC5XqEDaWPq4Ws3TVRrk8tbTZdC9vMuR2q72t1Kbrbz6iwWxEEztvndvV13bgV7bPMtXbNsvG0mSnmKW7tkk7qKWDvnQwog63TQddjve7w8RET5LrTTE4Fhq02yM6/b5+cZ2/ZntBMc+hub7nW9VXmv+PdTb/rxTH9Wz+YwDz8Zf1/nLUMv8AAACwsj699Q/3xX/fGX3vf7bKW5r/j3c2/48HxvJTwdnRjuPx9/9vHw2h9tP6Y1ngWGzug6MhvLaWmo4lsh/Uf1csMZkFjsUDJlfEEtunG6saiIGFJPCrkTxwPAmciIH8KMVXQ34o5+6REDbVUtc1ltgTS4wlgffGwHgSmIiBySSwNga2JIHfrM0D00ngX2IgzDZuq39Ym28rAACAs5HPs/oa74Z0nrfQ2y5DV7sMQ+0ydLfLUGmXodko4v2vxQx9xfPxeYb4UF9a62BSSylD/DH8s+5XKUN4pDFnWrDUdP1KkrHGnDHDtoXDa0MLpfn/ZGfz/6HG26z1E3H+v/j7f1ngh7F7n42Xjo/HwM/e0hjIDwyciJPdO+tVTecl8kn7nbHElhgYTwJ7YmBLEth+XR44cnFjIJ9p1xu/vd74bF6iEAAAAIDzLh4giIdp4vz/vwee/+tW5Urz/y2dzf9je2uKjX0i1vqLtSF8o2uxN/XA+uEsEI9jDMevx79qOIR1hQMc9RIzQ1mJ/qTh8IPB7Bvq/WlV3xrMvnwQ72979PsPfaaauGcwhEsLR1/qbfy4krUxmAYu688CQ2ng1t4sEI/81APf7M4CcM7qRwXjDpVf6lI3tnS5JvvfS+U3QdPhlY6BLpFvqe9crZRK+kB+TLXu7J62UnWsjHT7H/dqWw2vtufz/4Pr/fJqK36QOpNsnuoQu3fN3LDjwNz++Ejxm6wlK/Q8F7+l2kl6GfbD+Rfe26i7aaSSdmAyefuYXLrc0vthV6zu3s///GNfevLa++/75Duuf/CZ34+362C7/Td+UfiWm/535GRh8660Ssj3uQv+/SR9YNr7yWr4byB9YNzTFkK4Y+GSp1vFS/P/6c7m/73Jbc0f4sbcNxrCGwob9+G4+d82mr0PFgLZu+RF5UB2yv3JkabvnAAAALDc6oc76scLZvPb7ILwdJ5czj99lvnj8YotS+bvtN8fufTSf2wVL83/t7ee/w8k3XT+3/l/Vojz/0u60A9FD6QPzJ/ToehSdayI0svD+f+wCl5tpTM1zv8H5/+X7N8ynP9vzvn/lpz/X90u9Ket9Clpjw9dIYTBr1/9SKt4af6/p7P5v/X/ll60r77+3/Zm6//tabb+37z1/wAAgBXVZKG5dJ5XWr2vlCFdva+Uoe0CgW2XGLT+31mv/zf0V+//XWihNP+f72z+H3eHNcXWV8v6f+PXNanqrhjYY2FAAAAALkTNDhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw4vrVyaG3t4q/+apHvv3dB97+8cMfWbj7ia986o4QZmuPd2XhrotPfa63cvI93zv00y9+YdO6R09X8nJ9+e0fNeSOtZ4eCeFI4ZHhmDg1Ur2zGNj27gcO9lYTD4+E8PpiYPfh3euqiS+PhHB5MfDQ9VdcXE0cTkt85ydv/WU18YE08M71L3u2mrgmD3Sl3b1/bdbdrrS7n1kbwmghUO/uTWsbq6q3cW0e6E7b+PvhrI0YGI5F7xvO2oiBuVhidiCEDb0h9KRV/XMlq6onrerblayqnrSqj1dCuCaE0JtW9ZP+rKredOT/1p9VFQOXvO6rT11WTRzpD2FDMfCj9x/dVE18KAnUG//T/hBeU91l0sa/1pc13pc2fk9fCK8OIfSnJZ7pzUr0pyWe6A3hokKg3vif94ZwMPCSEN98dhUf3Hfwtt075uZm9q5goj9vazDcMDs3M7Hz1rldlaRPzXQV0mcOlePdHY798ac+urN6e+y5q0Y6Sffm5fpqXZ7qa7h75XL1vmuFeh/7NVSsZPH5KNUf8/eHNWHgwL6ZvRMf3rF//96N2d9Os09lf3vyaLatNi7XturUC91Wlxcr2bD/5j0b9h28bf3szTtunLlx5papyTdu2rxpanLz5g3VUU1mf5djqEfL8Z4VHuorewuVnI83AAkJidWW6G54d5u80P/LLn3QX+xoX6jU3qBL04pilq7aKJdj0Ftbx89y0NUeNf+c0nZEG0sTh1KWqfZZrixNJhazDGZZap/rSpPDYk3dtU0a73eHiYmm/9ONNd4tbr7fLrF5O/VYvuk6TQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA///jqU04")
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="02c9"], 0x5)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c910"], 0x15)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x105242, 0x1db)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000480)={[{@block_validity}, {}, {@sysvgroups}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@jqfmt_vfsv1}, {@norecovery}]}, 0x3, 0x579, &(0x7f0000000540)="$eJzs3c9rFOcbAPBnNom/v18jiLQ9lICHWqwbk/SHhYL2WFqp0N7tkoxBsnEluxGTCuqhXnopUiilQukf0HuP0kOv/SuEVpAioT0USspsZuNqdpOYrM3qfD4w+r47s3nmnXeed9/Z2WUDKKyR7J9SxMsR8VUScbBt3WDkK0dWtlt6eG0yW5JYXv7kjySS/LHW9kn+//688lJE/PxFxPHS2rj1hcWZSrWazuX10cbs5dH6wuKJi7OV6XQ6vTQ+MXHqrYnxd995u2dtff3cX99+fPeDU18eXfrmx/uHbidxJg7k69rbsQ032isjMZIfk6E488SGYz0I1k+Snd4BtmQgz/OhyMaAgzGQZz3w4rseEctAQSXyHwqqNQ9oXdv36Dr4ufHg/ZULoLXtH1x5byT2NK+N9i0lj10ZZde7wz2In8X46fc7t7MlNngf4noP4gG03LgZEScHB9eOf0k+/m3dyeabx+t7MkbRXn9gJ93N5j9vdJr/lFbnP9Fh/rO/Q+5uxcb5X7rfgzBdZfO/9zrOf1eHruGBvPa/5pxvKLlwsZqejIj/R8SxGNqd1de7n3Nq6d5yt3Xt879syeK35oL5ftwf3P34c6Yqjcp22tzuwc2IVx7Nf5N4eG3Xyppktf+TDv2fHY9zm4xxJL3zard1G7e//a5a72fAyz9EvNax/x/d0UrWvz852jwfRltnxVp/3jrya7f4m2r/M5T1/7712z+ctN+vrT99jO/3/J12W7fV839X8mmznJ+scbXSaMyNRexKPlr7+Pij57bqre2z9h87uv7490uH839vRHy2yfbfOnyr66b90P9TT9X/T1+49+Hn33WLv7n+f7NZOpY/spnxb7M7uJ1jBwAAAAAAAP2mFBEHIimVV8ulUrm88vmOw7GvVK3VG8cv1OYvTUXzu7LDMVRq3ek+2PZ5iLH887Ct+vgT9YmIOBQRXw/sbdbLk7Xq1E43HgAAAAAAAAAAAAAAAAAAAPrE/i7f/8/8NrDTewc8c37yG4prw/zvxS89AX3J6z8Ul/yH4pL/UFzyH4pL/kNxyX8oLvkPxSX/AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKfOnT2bLctLD69NZvWpKwvzM7UrJ6bS+kx5dn6yPFmbu1yertWmq2l5sja70d+r1mqXx8Zj/upoI603RusLi+dna/OXGucvzlam0/Pp0H/SKgAAAAAAAAAAAAAAAAAAAHi+1BcWZyrVajqn0LVwOvpiN7ZcSDbq5dP5ybClEIM738B07p9+OM4vVmGHByYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaPNvAAAA///LAzU5")
setxattr$security_ima(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000200), &(0x7f0000000240)=ANY=[], 0x700, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000180)={'rti802\x00', [0x4f27, 0x5, 0x10000, 0x30, 0x67, 0x4c7, 0x7, 0x8000, 0xa, 0x104, 0xffffffff, 0x1, 0xffffffff, 0x1, 0x4, 0x7, 0x5, 0x1a449, 0x3, 0x404, 0x2086, 0x24, 0x84000000, 0x20001e5c, 0x7ffe, 0x8002, 0x3c, 0x1, 0x6, 0x0, 0x1000000]})
ioctl$COMEDI_RANGEINFO(r1, 0x80106408, &(0x7f0000000040)={0x1})
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x93000010)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x8, 0x0, 0x2c0, 0x77e, 0xfffffff8})
syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x1c}, @l2cap_cid_le_signaling={{0x18}, @l2cap_ecred_conn_req={{0x17, 0x6, 0x14}, {0x3c3e, 0xff, 0x6, 0x8, [0x44, 0x9, 0x1, 0x1091, 0x80, 0x5]}}}}, 0x21)

[   85.815501][   T45] Bluetooth: hci0: command tx timeout
[   85.887292][ T5322] loop0: detected capacity change from 0 to 8
[   85.962963][ T5322] SQUASHFS error: Failed to read block 0x1ec: -5
[   85.965362][ T5322] SQUASHFS error: Unable to read metadata cache entry [1ea]
[   86.318465][   T45] Bluetooth: Unexpected start frame (len 28)
[   86.321918][   T45] ==================================================================
[   86.325873][   T45] BUG: KASAN: stack-out-of-bounds in l2cap_send_cmd+0x2a3/0xb90
[   86.330048][   T45] Read of size 20 at addr ffffc900004774e0 by task kworker/u5:0/45
[   86.333313][   T45] 
[   86.334281][   T45] CPU: 0 UID: 0 PID: 45 Comm: kworker/u5:0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.334297][   T45] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.334308][   T45] Workqueue: hci0 hci_rx_work
[   86.334328][   T45] Call Trace:
[   86.334337][   T45]  <TASK>
[   86.334344][   T45]  dump_stack_lvl+0xe8/0x150
[   86.334363][   T45]  print_report+0xba/0x230
[   86.334380][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.334393][   T45]  kasan_report+0x117/0x150
[   86.334407][   T45]  ? trace_kmem_cache_alloc+0x29/0xf0
[   86.334431][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.334448][   T45]  kasan_check_range+0x264/0x2c0
[   86.334459][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.334470][   T45]  __asan_memcpy+0x29/0x70
[   86.334486][   T45]  l2cap_send_cmd+0x2a3/0xb90
[   86.334500][   T45]  l2cap_recv_frame+0xc032/0x10240
[   86.334519][   T45]  ? unwind_next_frame+0xa5/0x23c0
[   86.334535][   T45]  ? __pfx_l2cap_recv_frame+0x10/0x10
[   86.334547][   T45]  ? unwind_next_frame+0xa5/0x23c0
[   86.334570][   T45]  ? unwind_next_frame+0xa5/0x23c0
[   86.334590][   T45]  ? ret_from_fork_asm+0x1a/0x30
[   86.334607][   T45]  ? ret_from_fork_asm+0x1a/0x30
[   86.334624][   T45]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   86.334640][   T45]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   86.334694][   T45]  ? lockdep_hardirqs_on+0x7a/0x110
[   86.334710][   T45]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[   86.334724][   T45]  ? stack_depot_save_flags+0x3f3/0x810
[   86.334784][   T45]  ? kasan_save_track+0x4f/0x80
[   86.334802][   T45]  ? kasan_save_track+0x3e/0x80
[   86.334816][   T45]  ? kasan_save_free_info+0x46/0x50
[   86.334828][   T45]  ? __kasan_slab_free+0x5c/0x80
[   86.334837][   T45]  ? kmem_cache_free+0x187/0x630
[   86.334845][   T45]  ? l2cap_recv_acldata+0x4d5/0x13e0
[   86.334854][   T45]  ? hci_rx_work+0x4f9/0x1030
[   86.334860][   T45]  ? process_scheduled_works+0xb6e/0x18c0
[   86.334869][   T45]  ? worker_thread+0xa53/0xfc0
[   86.334877][   T45]  ? kthread+0x388/0x470
[   86.334883][   T45]  ? ret_from_fork+0x51e/0xb90
[   86.334892][   T45]  ? ret_from_fork_asm+0x1a/0x30
[   86.334907][   T45]  ? kasan_quarantine_put+0xbb/0x1f0
[   86.334917][   T45]  ? lockdep_hardirqs_on+0x7a/0x110
[   86.334927][   T45]  ? kmem_cache_free+0x187/0x630
[   86.334935][   T45]  ? l2cap_recv_acldata+0x4d5/0x13e0
[   86.334947][   T45]  l2cap_recv_acldata+0x7e9/0x13e0
[   86.334960][   T45]  hci_rx_work+0x4f9/0x1030
[   86.334973][   T45]  ? process_scheduled_works+0xa8d/0x18c0
[   86.334987][   T45]  process_scheduled_works+0xb6e/0x18c0
[   86.335006][   T45]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.335017][   T45]  ? assign_work+0x3d5/0x5e0
[   86.335026][   T45]  worker_thread+0xa53/0xfc0
[   86.335038][   T45]  kthread+0x388/0x470
[   86.335044][   T45]  ? __pfx_worker_thread+0x10/0x10
[   86.335052][   T45]  ? __pfx_kthread+0x10/0x10
[   86.335058][   T45]  ret_from_fork+0x51e/0xb90
[   86.335067][   T45]  ? __pfx_ret_from_fork+0x10/0x10
[   86.335075][   T45]  ? __switch_to+0xc7d/0x1450
[   86.335083][   T45]  ? __pfx_kthread+0x10/0x10
[   86.335089][   T45]  ret_from_fork_asm+0x1a/0x30
[   86.335101][   T45]  </TASK>
[   86.335104][   T45] 
[   86.480759][   T45] The buggy address belongs to stack of task kworker/u5:0/45
[   86.485385][   T45]  and is located at offset 128 in frame:
[   86.487900][   T45]  l2cap_recv_frame+0x0/0x10240
[   86.490290][   T45] 
[   86.491483][   T45] This frame has 26 objects:
[   86.493575][   T45]  [32, 34) 'rsp.i241.i.i'
[   86.493585][   T45]  [48, 88) 'chan.i.i.i'
[   86.495684][   T45]  [128, 146) 'pdu_u.i.i.i'
[   86.497561][   T45]  [192, 202) 'rsp.i94.i.i'
[   86.499674][   T45]  [224, 226) 'rsp.i.i.i111'
[   86.501589][   T45]  [240, 242) 'rej.i'
[   86.503663][   T45]  [256, 258) 'rej.i145.i'
[   86.505578][   T45]  [272, 274) 'rej.i143.i'
[   86.508065][   T45]  [288, 290) 'req.i229.i.i'
[   86.510967][   T45]  [304, 312) 'buf.i222.i.i'
[   86.513255][   T45]  [336, 348) 'buf29.i.i.i'
[   86.515317][   T45]  [368, 372) 'rsp49.i.i.i'
[   86.517416][   T45]  [384, 393) 'rfc.i.i118.i.i'
[   86.519491][   T45]  [416, 480) 'buf.i119.i.i'
[   86.521670][   T45]  [512, 576) 'req.i120.i.i'
[   86.523618][   T45]  [608, 617) 'rfc.i.i.i.i'
[   86.525430][   T45]  [640, 656) 'efs.i.i.i.i'
[   86.527585][   T45]  [672, 678) 'rej.i371.i.i.i'
[   86.529914][   T45]  [704, 710) 'rej.i.i.i.i'
[   86.532522][   T45]  [736, 800) 'rsp.i.i.i'
[   86.534828][   T45]  [832, 896) 'buf.i.i.i'
[   86.536874][   T45]  [928, 1056) 'req.i.i.i'
[   86.538792][   T45]  [1088, 1096) 'rsp.i.i.i.i'
[   86.540802][   T45]  [1120, 1122) 'info.i.i.i.i'
[   86.543187][   T45]  [1136, 1264) 'buf.i.i.i.i'
[   86.545820][   T45]  [1296, 1298) 'rej.i.i'
[   86.548255][   T45] 
[   86.551320][   T45] The buggy address belongs to a 8-page vmalloc region starting at 0xffffc90000470000 allocated at copy_process+0x508/0x3cd0
[   86.557528][   T45] The buggy address belongs to the physical page:
[   86.560705][   T45] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ab2f
[   86.564697][   T45] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.568382][   T45] raw: 00fff00000000000 ffffea00006acbc8 ffffea00006acbc8 0000000000000000
[   86.572326][   T45] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   86.576238][   T45] page dumped because: kasan: bad access detected
[   86.579196][   T45] page_owner tracks the page as allocated
[   86.581693][   T45] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x29c2(GFP_NOWAIT|__GFP_HIGHMEM|__GFP_IO|__GFP_FS|__GFP_ZERO), pid 2, tgid 2 (kthreadd), ts 6658767142, free_ts 0
[   86.589537][   T45]  post_alloc_hook+0x231/0x280
[   86.591722][   T45]  get_page_from_freelist+0x24dc/0x2580
[   86.594030][   T45]  __alloc_frozen_pages_noprof+0x18d/0x380
[   86.596652][   T45]  __alloc_pages_noprof+0xa/0x30
[   86.598936][   T45]  __vmalloc_node_range_noprof+0x7be/0x1730
[   86.601641][   T45]  __vmalloc_node_noprof+0xc2/0x100
[   86.603808][   T45]  dup_task_struct+0x275/0x9a0
[   86.605773][   T45]  copy_process+0x508/0x3cd0
[   86.607496][   T45]  kernel_clone+0x248/0x8e0
[   86.609322][   T45]  kernel_thread+0x13f/0x1b0
[   86.611767][   T45]  kthreadd+0x4ec/0x6e0
[   86.614219][   T45]  ret_from_fork+0x51e/0xb90
[   86.616593][   T45]  ret_from_fork_asm+0x1a/0x30
[   86.618557][   T45] page_owner free stack trace missing
[   86.620693][   T45] 
[   86.621672][   T45] Memory state around the buggy address:
[   86.624173][   T45]  ffffc90000477380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   86.627313][   T45]  ffffc90000477400: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[   86.630490][   T45] >ffffc90000477480: f8 f2 f8 f8 f8 f8 f8 f2 f2 f2 f2 f2 00 00 02 f2
[   86.634246][   T45]                                                              ^
[   86.637334][   T45]  ffffc90000477500: f2 f2 f2 f2 f8 f8 f2 f2 f8 f2 f8 f2 f8 f2 f8 f2
[   86.640411][   T45]  ffffc90000477580: f8 f2 f8 f2 f2 f2 f8 f8 f2 f2 f8 f2 f8 f8 f2 f2
[   86.643283][   T45] ==================================================================
[   86.651886][   T45] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   86.655604][   T45] CPU: 0 UID: 0 PID: 45 Comm: kworker/u5:0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.659444][   T45] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.664942][   T45] Workqueue: hci0 hci_rx_work
[   86.667325][   T45] Call Trace:
[   86.668852][   T45]  <TASK>
[   86.670077][   T45]  vpanic+0x56c/0xa60
[   86.671983][   T45]  ? __pfx_vpanic+0x10/0x10
[   86.674318][   T45]  panic+0xc5/0xd0
[   86.676522][   T45]  ? __pfx_panic+0x10/0x10
[   86.679019][   T45]  ? preempt_schedule_thunk+0x16/0x30
[   86.681679][   T45]  ? preempt_schedule_thunk+0x16/0x30
[   86.683966][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.686206][   T45]  check_panic_on_warn+0x89/0xb0
[   86.687992][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.689789][   T45]  end_report+0x73/0x180
[   86.691796][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.694600][   T45]  kasan_report+0x128/0x150
[   86.697245][   T45]  ? trace_kmem_cache_alloc+0x29/0xf0
[   86.699968][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.702169][   T45]  kasan_check_range+0x264/0x2c0
[   86.704626][   T45]  ? l2cap_send_cmd+0x2a3/0xb90
[   86.706927][   T45]  __asan_memcpy+0x29/0x70
[   86.708997][   T45]  l2cap_send_cmd+0x2a3/0xb90
[   86.711181][   T45]  l2cap_recv_frame+0xc032/0x10240
[   86.713812][   T45]  ? unwind_next_frame+0xa5/0x23c0
[   86.716391][   T45]  ? __pfx_l2cap_recv_frame+0x10/0x10
[   86.718901][   T45]  ? unwind_next_frame+0xa5/0x23c0
[   86.721308][   T45]  ? unwind_next_frame+0xa5/0x23c0
[   86.723876][   T45]  ? ret_from_fork_asm+0x1a/0x30
[   86.726500][   T45]  ? ret_from_fork_asm+0x1a/0x30
[   86.728897][   T45]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   86.731710][   T45]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   86.734497][   T45]  ? lockdep_hardirqs_on+0x7a/0x110
[   86.737295][   T45]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[   86.740092][   T45]  ? stack_depot_save_flags+0x3f3/0x810
[   86.742758][   T45]  ? kasan_save_track+0x4f/0x80
[   86.745053][   T45]  ? kasan_save_track+0x3e/0x80
[   86.747303][   T45]  ? kasan_save_free_info+0x46/0x50
[   86.749582][   T45]  ? __kasan_slab_free+0x5c/0x80
[   86.751677][   T45]  ? kmem_cache_free+0x187/0x630
[   86.753820][   T45]  ? l2cap_recv_acldata+0x4d5/0x13e0
[   86.756496][   T45]  ? hci_rx_work+0x4f9/0x1030
[   86.758604][   T45]  ? process_scheduled_works+0xb6e/0x18c0
[   86.761335][   T45]  ? worker_thread+0xa53/0xfc0
[   86.763481][   T45]  ? kthread+0x388/0x470
[   86.765091][   T45]  ? ret_from_fork+0x51e/0xb90
[   86.767271][   T45]  ? ret_from_fork_asm+0x1a/0x30
[   86.769536][   T45]  ? kasan_quarantine_put+0xbb/0x1f0
[   86.771873][   T45]  ? lockdep_hardirqs_on+0x7a/0x110
[   86.773965][   T45]  ? kmem_cache_free+0x187/0x630
[   86.776286][   T45]  ? l2cap_recv_acldata+0x4d5/0x13e0
[   86.778621][   T45]  l2cap_recv_acldata+0x7e9/0x13e0
[   86.781323][   T45]  hci_rx_work+0x4f9/0x1030
[   86.783860][   T45]  ? process_scheduled_works+0xa8d/0x18c0
[   86.786656][   T45]  process_scheduled_works+0xb6e/0x18c0
[   86.789009][   T45]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.791690][   T45]  ? assign_work+0x3d5/0x5e0
[   86.793697][   T45]  worker_thread+0xa53/0xfc0
[   86.795781][   T45]  kthread+0x388/0x470
[   86.797723][   T45]  ? __pfx_worker_thread+0x10/0x10
[   86.800141][   T45]  ? __pfx_kthread+0x10/0x10
[   86.802183][   T45]  ret_from_fork+0x51e/0xb90
[   86.804262][   T45]  ? __pfx_ret_from_fork+0x10/0x10
[   86.807004][   T45]  ? __switch_to+0xc7d/0x1450
[   86.809111][   T45]  ? __pfx_kthread+0x10/0x10
[   86.811118][   T45]  ret_from_fork_asm+0x1a/0x30
[   86.813987][   T45]  </TASK>
[   86.815955][   T45] Kernel Offset: disabled
[   86.817829][   T45] Rebooting in 86400 seconds..