From 5ee216a86f054844f52285cc22736cd249904e52 Mon Sep 17 00:00:00 2001
From: David Sterba <dsterba@suse.com>
Date: Mon, 14 Nov 2016 19:06:40 +0100
Subject: [PATCH] btrfs-progs: tests: add more fuzzed images from bugzilla

Fixing the problems by one does not scale now. Add more images despite
the fuzz tests will fail. They have been for some time already.

Reported-by: Lukas Lueg <lukas.lueg@gmail.com>
Signed-off-by: David Sterba <dsterba@suse.com>
---
 tests/fuzz-tests/images/bko-156731.raw.txt    |  83 +++++
 tests/fuzz-tests/images/bko-156731.raw.xz     | Bin 0 -> 3824 bytes
 tests/fuzz-tests/images/bko-156741.raw.txt    | 131 ++++++++
 tests/fuzz-tests/images/bko-156741.raw.xz     | Bin 0 -> 3796 bytes
 tests/fuzz-tests/images/bko-161811.raw.txt    |  81 +++++
 tests/fuzz-tests/images/bko-161811.raw.xz     | Bin 0 -> 10960 bytes
 tests/fuzz-tests/images/bko-161821.raw.txt    |  42 +++
 tests/fuzz-tests/images/bko-161821.raw.xz     | Bin 0 -> 10596 bytes
 tests/fuzz-tests/images/bko-167551.raw.txt    |  29 ++
 tests/fuzz-tests/images/bko-167551.raw.xz     | Bin 0 -> 10808 bytes
 tests/fuzz-tests/images/bko-167781.raw.txt    | 297 ++++++++++++++++++
 tests/fuzz-tests/images/bko-167781.raw.xz     | Bin 0 -> 3856 bytes
 tests/fuzz-tests/images/bko-167921.raw.txt    |  55 ++++
 tests/fuzz-tests/images/bko-167921.raw.xz     | Bin 0 -> 10956 bytes
 tests/fuzz-tests/images/bko-168301.raw.txt    |  51 +++
 tests/fuzz-tests/images/bko-168301.raw.xz     | Bin 0 -> 11008 bytes
 .../bko-169301-1-blocksize-zero.raw.txt       | 134 ++++++++
 .../images/bko-169301-1-blocksize-zero.raw.xz | Bin 0 -> 3828 bytes
 .../bko-169301-2-blocksize-zero.raw.txt       | 185 +++++++++++
 .../images/bko-169301-2-blocksize-zero.raw.xz | Bin 0 -> 3836 bytes
 tests/fuzz-tests/images/bko-172811.raw.txt    |  55 ++++
 tests/fuzz-tests/images/bko-172811.raw.xz     | Bin 0 -> 10900 bytes
 tests/fuzz-tests/images/bko-172861.raw.txt    |  68 ++++
 tests/fuzz-tests/images/bko-172861.raw.xz     | Bin 0 -> 10828 bytes
 24 files changed, 1211 insertions(+)
 create mode 100644 tests/fuzz-tests/images/bko-156731.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-156731.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-156741.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-156741.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-161811.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-161811.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-161821.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-161821.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-167551.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-167551.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-167781.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-167781.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-167921.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-167921.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-168301.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-168301.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-172811.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-172811.raw.xz
 create mode 100644 tests/fuzz-tests/images/bko-172861.raw.txt
 create mode 100644 tests/fuzz-tests/images/bko-172861.raw.xz

diff --git a/tests/fuzz-tests/images/bko-156731.raw.txt b/tests/fuzz-tests/images/bko-156731.raw.txt
new file mode 100644
index 00000000..aea35f1f
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-156731.raw.txt
@@ -0,0 +1,83 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=156731
+Lukas Lueg 2016-09-13 19:53:59 UTC
+
+More news from the fuzzer. The attached image causes btrfsck to
+buffer-overflow. Using btrfs-progs v4.7-42-g56e9586, compiled with ASAN
+(doesn't crash without)
+
+==17647==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000017980 at pc 0x00000052dde3 bp 0x7ffecc974fe0 sp 0x7ffecc974fd8
+READ of size 4 at 0x621000017980 thread T0
+    #0 0x52dde2 in btrfs_extent_data_ref_count /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1582:1
+    #1 0x5329ae in run_next_block /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:6380:6
+    #2 0x52f584 in deal_root_from_list /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8391:10
+    #3 0x520f81 in check_chunks_and_extents /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8558:8
+    #4 0x51e5a9 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11493:9
+    #5 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #6 0x7faced2c8730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #7 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+cat crashing_images/id:000047,sig:11,src:000343+000051,op:splice,rep:4.log
+=================================================================
+==17647==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000017980 at pc 0x00000052dde3 bp 0x7ffecc974fe0 sp 0x7ffecc974fd8
+READ of size 4 at 0x621000017980 thread T0
+    #0 0x52dde2 in btrfs_extent_data_ref_count /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1582:1
+    #1 0x5329ae in run_next_block /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:6380:6
+    #2 0x52f584 in deal_root_from_list /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8391:10
+    #3 0x520f81 in check_chunks_and_extents /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8558:8
+    #4 0x51e5a9 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11493:9
+    #5 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #6 0x7faced2c8730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #7 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+0x621000017980 is located 0 bytes to the right of 4224-byte region [0x621000016900,0x621000017980)
+allocated by thread T0 here:
+    #0 0x4bfca0 in calloc (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4bfca0)
+    #1 0x5c16ca in __alloc_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:542:7
+    #2 0x5c1b26 in alloc_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:646:8
+    #3 0x58de0c in btrfs_find_create_tree_block /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:193:9
+    #4 0x58e880 in read_tree_block_fs_info /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:339:7
+    #5 0x5918a2 in read_tree_block /home/lukas/dev/btrfsfuzz/src-asan/./disk-io.h:112:9
+    #6 0x591712 in find_and_setup_root /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:647:15
+    #7 0x593243 in setup_root_or_create_block /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:966:8
+    #8 0x592850 in btrfs_setup_all_roots /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:1031:8
+    #9 0x5948fe in __open_ctree_fd /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:1341:8
+    #10 0x5942b5 in open_ctree_fs_info /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:1387:9
+    #11 0x51dff2 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11382:9
+    #12 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #13 0x7faced2c8730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+
+SUMMARY: AddressSanitizer: heap-buffer-overflow /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1582:1 in btrfs_extent_data_ref_count
+Shadow bytes around the buggy address:
+  0x0c427fffaee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaf10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaf20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+=>0x0c427fffaf30:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Heap right redzone:      fb
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack partial redzone:   f4
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+==17647==ABORTING
diff --git a/tests/fuzz-tests/images/bko-156731.raw.xz b/tests/fuzz-tests/images/bko-156731.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..74a5c2a94efd0edf78c3339d46936eb13c840d81
GIT binary patch
literal 3824
zcmeH~={ppP9>-_w8h2(iV~fb%nGlLB8KF|9A^X@87cH_C!ZDWYC58|aGqRI)>|@PR
zbBswLhK%K8n-m!uWSMjCyYupP?|IIf+h6c|p3m>QJm38@VHigMfM;>6;UX767AOS(
z0H8ydK@P`{yVnJP6hqFPY)d6XB3ET<*sn*-&A1gPT9u5>fJ)Vv(ae#5zR=uns_y{~
z+jo)+zqGvtM$71rA0z~C{?^yyd)r0G=3u#D>M}i+V3^WU)b`N;<J3Xi=}rRMbQP#U
z{T9lGRmBG}1U|(fr4bcEQtL&O^vx0tMY|56hM8-vAOu;k|5XDerk?tFLQ$?e6acX^
z=#>CDU1s8KdTX#b*DP@d5)jP7Yj)Aqgbg{@nn@2AOl1RW`LS*9cCCvVlcOIH_IARG
zM5cS74h`~S2!j(_XH^34+_{Q<uRMQjqi{Z|Le~BOEk(1ZZFpIlW4BVW^l)0UTb~ga
z_-iT?4IbBhd!c%9`rMrVEQha!V7$AjIkRiaYWa@#d{jUalb!`W%JRJK%^bM91S*{H
z#t4Ai`05fJ>td02@+6PC@2nXk1Ojm99J_eH$AJeEV-k3UpuF}XV5A>0;MRpFjiORi
zC6;|bsbEglw3cQ3ueO_Bdh<-2f%Gi8QKv%}kA_+d+aoW8>-vwyMYK=NJctsTY5rO=
zeiin@#C28E_d3+F0(QR6_<Pt$`8%YI2CDz+p$ft<dh+4Plc@@G{)AF_*U!hPaqlv-
zA4VY3Sjs_L65V{+=<I!Z&3hcAPtkh&Tbi~8Z*lFa-%EeAsnEML;fkv3N6ByMl*OGL
z;+bAnm`-MJrNjJ!6R*I|>&dFUU8@s;G-;<}#ybpagY92D1ofk+h&wZl`d|B+`&VYa
zV~fu{4;eeEIvcu5Im{7X&L?{&Gux{d*`5#y)H`VnbpLVz97KjeR0lSvJ~esX*@9sA
z%gsbC@ocZ>ifitnxz~IA=l#>T^$zoRg1txbZ^b94$#5ldow-5Td7wJ1ok9)1tH5J&
zWdMqGxW?FG@2;9rle|C4tW9>Pg-o_b9aeO_WX&9y!j2aaiSqCkRD5R70!A~wk*vWx
zmbvhLtpGu<XSiB?+mu}=@hS``DF|k%icHs^QC{)Ze)@`YeuE`@;=rPs6vVJ1pMNs6
zQr!`6%dkwjkWml|#>NIApkoX{vg~GpQ~kyiZaWkQOc;oR!G)@{Z|HoLhx(S?pI;R9
z**9GNy(Q-Xhc_eng<GqCJ0<;9wkBF~)c&4N$sFY%RJO6~RH}O{*3r^EJ@B$~pARX0
zDWCF&pJ$agU2IHEG;{`}zBR8=I-U_AWAI<T5}KYPMC3q$Du6G_g$`^lacxrcv2g9l
zCr{a<BGex0>9*UNbrAs<0|exOJ}~>!7ShDd>Tr!C#OB8uzJIfJI@DY%AV`##F%Aai
zK%Z;}gg9)2Xq?RB7a`?);nTZ#bv3*0)VPh9=x)!yShjyU4dO`n5IM`-4FKdP5eNmP
zD+&4lR*e`53}J{uU@A9#e&gKz(8(<a6OGrA_ZwjNyqeJaK$01~bRIst#kzUfHu4)%
zSRgRfq+Tf^l*DolC+0w=9^p=#H8B}qM8R{(c(JNN1G`6V7O`3r+s0Np?YCE(BbG2w
zX$$p?rz;WD4+(VRPjz<lVr6L<TDDZ@xbUO!C(a38p-LY*k65`8XShur4;e7L`Z|Ww
z>Q&Qgi$~=OgH}lD>=P=yZbWzAt|U0Q8|r2#GoT4V*(#dOnd*P+lyVwtsB03IPZxHn
zK<jkX?MbGXI$ZLhj|7$Lh4=EjoK0f{EhTdK4uP*gDx!ZKTR*UUJmv9_JerU_<9naf
z5%CYyvw0pi%PXso;0_1l_VN-}fY=uiNx$b6nL8Gm{382~Gf1>fQVUQtRlk{24ZkV0
zI@Im&pW7;#4@QSjm{#lMz3v{MX0d0Lc>LY!<c0N(^0h&1u`?g4G^IT3neJL(e=~G~
zLJ;6PAD&w|9iROsKPCycWYo4^K&{&tZgQQpkF*YD!%Jeuqr!u07fe2CcZFkS#7c><
zwHShI{^FLyh@4Sz=>Gk~RCocL>s04^+2R%a&SmW3nv@caM1{m#!N-O(@T9O=da@%(
z-YB0POkbAtzFvV)Pj&V`@?8$qB#`#_(#v~=;3BhE#op;m;q7~Ru+cmtH+6d4*;25j
zm6{>oqfN!+g;T2XB4v+@(9d^hxmxTI7leCJMW~OPi&${+LOC(7i;-V{mlfLO6rH`F
zW#`o9iKoBsuTAdgfMwX1nwd-*6)f?ib1ad1B~!Ius=!erXM?_r#2El-1b+8i!J&ZH
zi%%&mnkkrH`2c*zB|by-HVaA=RqsDrW6lkM&Fvv-(^d*Hi+kwLugI8k4yt(FXoeW|
z{6(ts-<&T0Ls9(6aetNBgHFpw{yXbV06yQdF5Uk>&$0i2swKpb^b^<*bk0v;eLv>g
zpTK?s`_T#U;|h!7I|twe6n#u;l>`7x0`<eR5zndsK<d$`s3-xaQKUp&-;G_af9+ZT
HkAveMGpm9l

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-156741.raw.txt b/tests/fuzz-tests/images/bko-156741.raw.txt
new file mode 100644
index 00000000..ca52677a
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-156741.raw.txt
@@ -0,0 +1,131 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=156741
+Lukas Lueg 2016-09-13 19:56:16 UTC
+
+More news from the fuzzer. The attached image causes btrfsck to
+buffer-overflow. Using btrfs-progs v4.7-42-g56e9586, compiled with ASAN
+(doesn't crash without).
+
+==23161==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000017980 at pc 0x0000005299d3 bp 0x7fff110ce980 sp 0x7fff110ce978
+READ of size 1 at 0x621000017980 thread T0
+    #0 0x5299d2 in btrfs_extent_inline_ref_type /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1588:1
+    #1 0x540f54 in build_roots_info_cache /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:10965:10
+    #2 0x52163e in repair_root_items /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11108:8
+    #3 0x51e5c3 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11497:8
+    #4 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #5 0x7f067cc9f730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #6 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+cat crashing_images/id:000073,sig:11,src:000504+000275,op:splice,rep:4.log
+parent transid verify failed on 1122304 wanted 3472328296227680304 found 1
+parent transid verify failed on 1122304 wanted 3472328296227680304 found 1
+Ignoring transid failure
+Chunk[256, 228, 0]: length(4194304), offset(0), type(2) is not found in block group
+Chunk[256, 228, 4194304]: length(1638400), offset(4194304), type(5) is not found in block group
+Chunk[256, 228, 5832704]: length(1638400), offset(5832704), type(5) is not found in block group
+ref mismatch on [131072 4096] extent item 0, found 1
+Backref 131072 parent 3 root 3 not found in extent tree
+backpointer mismatch on [131072 4096]
+ref mismatch on [1118208 4096] extent item 1, found 0
+Backref 1118208 root 1 not referenced back 0x60300000ee00
+Incorrect global backref count on 1118208 found 1 wanted 0
+backpointer mismatch on [1118208 4096]
+owner ref check failed [1118208 4096]
+ref mismatch on [1126400 4096] extent item 1, found 0
+Backref 1126400 root 3 not referenced back 0x60300000edd0
+Incorrect global backref count on 1126400 found 1 wanted 0
+backpointer mismatch on [1126400 4096]
+owner ref check failed [1126400 4096]
+ref mismatch on [1130496 4096] extent item 1, found 0
+Backref 1130496 root 4 not referenced back 0x60300000eda0
+Incorrect global backref count on 1130496 found 1 wanted 0
+backpointer mismatch on [1130496 4096]
+owner ref check failed [1130496 4096]
+ref mismatch on [1134592 4096] extent item 1, found 0
+Backref 1134592 root 5 not referenced back 0x60300000ed70
+Incorrect global backref count on 1134592 found 1 wanted 0
+backpointer mismatch on [1134592 4096]
+owner ref check failed [1134592 4096]
+ref mismatch on [1138688 4096] extent item 1, found 0
+Backref 1138688 root 7 not referenced back 0x60300000ed40
+Incorrect global backref count on 1138688 found 1 wanted 0
+backpointer mismatch on [1138688 4096]
+owner ref check failed [1138688 4096]
+ref mismatch on [4194304 4096] extent item 0, found 1
+Backref 4194304 parent 5 root 5 not found in extent tree
+backpointer mismatch on [4194304 4096]
+ref mismatch on [4198400 4096] extent item 0, found 1
+Backref 4198400 parent 1 root 1 not found in extent tree
+backpointer mismatch on [4198400 4096]
+ref mismatch on [4227072 4096] extent item 0, found 1
+Backref 4227072 parent 4 root 4 not found in extent tree
+backpointer mismatch on [4227072 4096]
+ref mismatch on [4231168 4096] extent item 0, found 1
+Backref 4231168 parent 7 root 7 not found in extent tree
+backpointer mismatch on [4231168 4096]
+ref mismatch on [3472328296227680304 3472328296227680304] extent item 0, found 1
+Backref 3472328296227680304 root 1 owner 6 offset 0 num_refs 0 not found in extent tree
+Incorrect local backref count on 3472328296227680304 root 1 owner 6 offset 0 found 1 wanted 0 back 0x60700000dca0
+backpointer mismatch on [3472328296227680304 3472328296227680304]
+=================================================================
+==23161==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000017980 at pc 0x0000005299d3 bp 0x7fff110ce980 sp 0x7fff110ce978
+READ of size 1 at 0x621000017980 thread T0
+    #0 0x5299d2 in btrfs_extent_inline_ref_type /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1588:1
+    #1 0x540f54 in build_roots_info_cache /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:10965:10
+    #2 0x52163e in repair_root_items /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11108:8
+    #3 0x51e5c3 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11497:8
+    #4 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #5 0x7f067cc9f730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #6 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+0x621000017980 is located 0 bytes to the right of 4224-byte region [0x621000016900,0x621000017980)
+allocated by thread T0 here:
+    #0 0x4bfca0 in calloc (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4bfca0)
+    #1 0x5c16ca in __alloc_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:542:7
+    #2 0x5c1b26 in alloc_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:646:8
+    #3 0x58de0c in btrfs_find_create_tree_block /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:193:9
+    #4 0x58e880 in read_tree_block_fs_info /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:339:7
+    #5 0x5918a2 in read_tree_block /home/lukas/dev/btrfsfuzz/src-asan/./disk-io.h:112:9
+    #6 0x591712 in find_and_setup_root /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:647:15
+    #7 0x593243 in setup_root_or_create_block /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:966:8
+    #8 0x592850 in btrfs_setup_all_roots /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:1031:8
+    #9 0x5948fe in __open_ctree_fd /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:1341:8
+    #10 0x5942b5 in open_ctree_fs_info /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:1387:9
+    #11 0x51dff2 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11382:9
+    #12 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #13 0x7f067cc9f730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+
+SUMMARY: AddressSanitizer: heap-buffer-overflow /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1588:1 in btrfs_extent_inline_ref_type
+Shadow bytes around the buggy address:
+  0x0c427fffaee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaf10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x0c427fffaf20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+=>0x0c427fffaf30:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffaf80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Heap right redzone:      fb
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack partial redzone:   f4
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+==23161==ABORTING
diff --git a/tests/fuzz-tests/images/bko-156741.raw.xz b/tests/fuzz-tests/images/bko-156741.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..af4de2684a41aa6674ee26418cf1881848ec0502
GIT binary patch
literal 3796
zcmeH~XH*l07RM6_2!bSKZwyNe0wrvaaad)AJ;D-;2E-5`GAfoJ$Pz&|C}4?YYGeiw
zWJJoAy>}p#jmQW{7((9bd0+bR)%Q;82S48r_nhDT-`_p=RP{d682|vSj8_|-13-a7
z0000ofb6By{TN!^0NT9T3-S#~xev6rM9U94M=VSkB)XJK$RuouY~*Oh$j#UA(>GNu
zz+p#Heg4OWL12Wa=EPZS@c#R@7T-H=Y<6dB)w3p(QMo#abp;KJT1b~B{84ipyWP7y
zIf&o#%VAl*USuwl<bc%3)!ewZMrI<nixeasn%Ju6ufJu5)w8sBRCh&I^=wW_iZzD-
zzz$li{H!h}>)Cd#<+!Zt*2!o5VB~V=L4j55o|t?2^es1JNi}utiGAx~g`3<uT@!nM
zaLR^QKY7dSLhpHGZtoQB+SNcGA1mD0<)uq|`AgvhsN)$zsL!!)&(qohM@!7qNLHrM
zHepDv&YpDy`-J+SVcE)@?t(vs&QzDHcd`$kKe4CQ9V1Zjd40Sh6kvQN>IQnf`|c`h
z{uCO?%=#l!<s;|HC~co#1cg10w)J4l*koPjcOZ6Y;MvqTf3`%>FO3Dj2Yz_0w_#ch
zk5G>k)iJM_B`b4I**fND`+ZN1rS)Vj5elM4tw}u_0kIr*)HV!N_aBcAYn+{b7|uIi
zyHhk_#ray_eGBe;17c0!G^o@&zCZG6NZU@qtljDYA$J%t{a9W;Nn*i2w^-bLQ@SU5
zDC61VFjxxpauAKbnduqg+395YSTeXx()RFEii!ebVa1l;Z~llM*oIQRBb43{uJ5nB
z%;)M9v+ikwB&`RRI4v!^Fft!?PM3Z@v5^Vv6LGnucSN?;I=pg=MKiny<}+WTxzkqL
z{(*9gE7bk<-ng(VC1k6MgU+}1q8^p7-dMJBfCBTI4T&fq+Sl^9SnD~#vfcZ$8*flP
zG%)V;l_|F|=y3NrAN(_dVYkJ9$v=fbg9C(OM~}Slj!8%nJ@@FGs#n+1L)l@K#Gc^0
z5+Hr^ZV1llI+=EGvSr#6hu#p~o^F!6H{BS{A?a*vyWTyEn<&8J#kuOtVlrBmk?@$B
zdIiSujODTIJlJFv+1>KfK6IDJDA6q?!ICM<Jy)fA`2$+zX$Re4j|!DJvn(S9k!|V?
z(gr@1HO1JItrHE?^P<>sQ9&@sIGLp$x*zLOwKto57?KQ(?T+T;Vk=egQri)S_`dvU
zX@v)Ks<ZZcUDiW7V|v2tAK&^ncBOVagChh-9Rn~$3teX+(3+QuNgh!+XKRntKoi$C
z3^8@}MOXiM&=!8KP_O5ajw>K((4t&QIvp#j^@XE^q-L?<=@8&mz{kt^P6wWRD#VCO
zp(@j9PY*`9ds=#w8t%X=!>~qJW^o{f(^1J%1WzgpRS>|}K2h-fo3qm-=S~1?n|bOb
zbF$MRX@}T*PKT_0^bBbu@T<?Eb0^u~%Q-YBMejvMG^75{vHeqPRyschPhVrm0BCP;
zgS*Vs1zBg<Wy3}S?~!@HoL6sS-qY{SkQl@`d1BPW{kqARjwy{9qUflx0T+cvy=`Lu
z;FFf33=bU+F=DNBHLtm{YjJ|#o-lnOZ*v}N;HXONH_Q<P9vqxOLZzBY1-Jt>qT;E6
zpfIY{EI(=Jf}t2O0iWZg(7~VHj`s=LHWH9;)&03HzSlk5yjDw7=81Q)JPQ25^z+ng
zI_(&P*)^V#dsD#d!?8dpv)O;JnpsubOF@ALBI_FrY|xgd3JmvnTWDeNabOZf)P7M`
zrnzKUxD5w=1kKko$jG|5yxcBC>eG{f>zS5mElV4mjX1ACe*<bXw0mK$#K$N)sw1B(
zhg1rRlf`$>io%k4dGil9;j*_ZZ*m<Yf5-;DR=@OAqfJDSThb*VOAO;9vVTqbV$A%s
zvJ!UT`)!^uqMJ06vy!;@qG2~FhGx8bjD|u+>?-+`;(}kyO`5}3Bj>%dvNsyDOyzS}
z)p<A`dvp>dqx)~8jb?(%il{y<xh9dpYJy#kv9zEt3)7S}UEqrTdW!^Mm_L&cN~vY^
z8r#tK0^L8~EL~Z+NuxIhnt@4zEp}PvG*HB3_&(NEdM<CZUx4E~CQsMr!N{4R$btZ-
z0)<*)P$c8Zh{IF`F7X6L|0&IQ$F5wNAfX7P7p+XS?#C0E{9vD$Kjk>9F+80;M7I)B
zJ*l=1=qM)qlujADOSJbM3-=D?sa3Tx!Nt6fr!PO4au^X}do#+rrN{#IvG!=ta8X$R
z3U~7GOx=jPbCHGoPX1Tuo51onN@)6xy3c^E?0{pVRyToR_MFp*)F50`^w_ni-IsQY
zY{CP+$2QQ;hod>XRSfR${WZCo;i}IHxq*di`7E$a0^M1v<SrXeYB5Ru3$^e+82(SI
z@^^1(LtpsLe`K~9U|W3pm53@MAnz5~N>8&?oS7@@u|2e4D3BQYl_>S?t{LeMVlsfQ
ziP%4-_WvTU)?gjtH(-C^41WXG_ScN~4cHd|3un>=Fain|<K7DX`#lBl=!-xryf2&p
afThCW;o;0eYH6L7ZC)qm{wRW+oc{%5zG%<@

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-161811.raw.txt b/tests/fuzz-tests/images/bko-161811.raw.txt
new file mode 100644
index 00000000..93374e98
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-161811.raw.txt
@@ -0,0 +1,81 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=161811
+Lukas Lueg 2016-09-16 20:03:35 UTC
+
+More news from the fuzzer. The attached image causes a global-buffer-overflow
+in btrfsck; using btrfs-progs v4.7-42-g56e9586. You need to compile with ASAN
+in order to reproduce.
+
+The juicy parts:
+
+==16657==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000064726f at pc 0x00000054eadd bp 0x7ffec6d9b980 sp 0x7ffec6d9b978
+READ of size 1 at 0x00000064726f thread T0
+    #0 0x54eadc in imode_to_type /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:635:9
+    #1 0x54673a in maybe_free_inode_rec /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:932:13
+    #2 0x54a79a in add_inode_backref /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1104:2
+    #3 0x54b6d2 in process_inode_ref /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1549:3
+    #4 0x5489e4 in process_one_leaf /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1810:10
+    #5 0x54522e in walk_down_tree /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1958:10
+    #6 0x54372e in check_fs_root /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3668:10
+    #7 0x5224ef in check_fs_roots /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3809:10
+    #8 0x51e772 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11533:8
+    #9 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #10 0x7f4a5c29f730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #11 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+bad full backref, on [4198400]
+checking free space cache
+checking fs roots
+=================================================================
+==16657==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000064726f at pc 0x00000054eadd bp 0x7ffec6d9b980 sp 0x7ffec6d9b978
+READ of size 1 at 0x00000064726f thread T0
+    #0 0x54eadc in imode_to_type /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:635:9
+    #1 0x54673a in maybe_free_inode_rec /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:932:13
+    #2 0x54a79a in add_inode_backref /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1104:2
+    #3 0x54b6d2 in process_inode_ref /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1549:3
+    #4 0x5489e4 in process_one_leaf /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1810:10
+    #5 0x54522e in walk_down_tree /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:1958:10
+    #6 0x54372e in check_fs_root /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3668:10
+    #7 0x5224ef in check_fs_roots /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3809:10
+    #8 0x51e772 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11533:8
+    #9 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #10 0x7f4a5c29f730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #11 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+0x00000064726f is located 49 bytes to the left of global variable '<string literal>' defined in 'cmds-check.c:3051:2' (0x6472a0) of size 17
+  '<string literal>' is ascii string 'check_inode_recs'
+0x00000064726f is located 0 bytes to the right of global variable 'btrfs_type_by_mode' defined in 'cmds-check.c:625:23' (0x647260) of size 15
+SUMMARY: AddressSanitizer: global-buffer-overflow /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:635:9 in imode_to_type
+Shadow bytes around the buggy address:
+  0x0000800c0df0: f9 f9 f9 f9 00 00 05 f9 f9 f9 f9 f9 00 00 02 f9
+  0x0000800c0e00: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 00 07 f9 f9
+  0x0000800c0e10: f9 f9 f9 f9 00 00 00 00 f9 f9 f9 f9 00 00 00 01
+  0x0000800c0e20: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 00 00 01 f9
+  0x0000800c0e30: f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9 00 00 05 f9
+=>0x0000800c0e40: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00[07]f9 f9
+  0x0000800c0e50: f9 f9 f9 f9 00 00 01 f9 f9 f9 f9 f9 00 00 00 07
+  0x0000800c0e60: f9 f9 f9 f9 00 00 00 00 00 04 f9 f9 f9 f9 f9 f9
+  0x0000800c0e70: 00 00 00 00 03 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
+  0x0000800c0e80: 00 00 00 00 00 05 f9 f9 f9 f9 f9 f9 00 00 00 00
+  0x0000800c0e90: 00 00 03 f9 f9 f9 f9 f9 00 00 06 f9 f9 f9 f9 f9
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Heap right redzone:      fb
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack partial redzone:   f4
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+==16657==ABORTING
diff --git a/tests/fuzz-tests/images/bko-161811.raw.xz b/tests/fuzz-tests/images/bko-161811.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..8ac31951c2612bc2e6eac88395179252233b70da
GIT binary patch
literal 10960
zcmeI&Q*b5Rx-Q@u+qT_thaIb9+qOHlZQJbFc4pAAJI;)4^Za$r?YUTc?W$e1tJeLf
z`f9v2zKc=s^TFk%sSN-?9xgXafCI?D2mt^9>Wt>(*Ovn%iynY1TD=q%Ml<Fc$XQNN
ziJmI~=llH%veD3i+Pp!3B108=Jzt|=cUc#CcZ4e3d1;~tt`Yc}<R;(TJ()1jfwG*T
z6Gmpw*#krBNq+O!LpK@<8=?I%#UmWUZVme`=5d2=xjwiVKdt>%+V7WV>dQh3TNEI$
z2j{%W=OTlyo&~Epb2%G#v9{?eDSfYzfnu&fBdN{2_{#*}y#uD+iFQ=e5C%h>6vAdT
zLjkFWefn?6o>@R4KS4%cmk5vyH?iG9Ogb;VTe5~WtOmb`+MV_!B#7hDuxxM=ccz2L
zgThfoK9~85gyv2$UGd{vIMVe&E=BJ#wM!Ubq{i{f>gm{~+g6`KVug9v=Ma{>ofVJo
z_p9URHaUuBe=s--ohhQ<579%h`}1ph=y55VCs=gAK>-P;RDqpPUXSm4FDE3(1RXmM
zeg*#Fo-$`zOYYvb(1&`4K(uaICGCOLV-Rrue3>irxEc?2>Ir22w9iS~1}(Hr%kl(8
zEE|nb80LlmHT{*T7v*k5vg@rs{F{4@t#z+pI9s5GP!%4`fhd{NE;P;fIPTLJ-W<o^
z+6NQJlVtvRs2+>#4IA(FT|N%v4YhPN&ywE;AV^=GuRi1T-gq&3BOYF-q-(GX_yxg0
zGIt)I+N*B=S*@@WI!T9fP{-+s6<X@^N_l}=_mj^=xCz&*(Y?h3LPQ9sk*rxd_{J6~
z-f%wHN~=Vc<mcCC4V2N8pe9Sf;e@Un!J@`5yE4$&rzcrU1$(@4h_AMiagvLa?yy~B
z(ow<KGz{cr{#L2TM1-I&AbwW9j+!>biG)9%66BayPGN9PI}tjUni1tkpLk2-`h?dH
zogtU;@waX%0cDs<<@q7<<j5UzF8}=kc`Gnt|0di35jEjvfZx8U=HzMTgN_OReA2&H
zr;QjU(r&YID`+Au|JBlyD+NU;ApeC#=THb-1ocFekLILRG2%IWI_gP<a+ovuNnpfI
zdm}&!!!e&eaIBrG7#$p|_508bV+1IBIYWOChK}&w=1#SthJKOW1*NDx5hg|+VZHp3
z<uc*KckJq+o8q-5d%Pgn%-Ofvvda__PLN)6T>%EgJFf>OHUZm0M=IWvYS9hiC$@sG
z;bDVKg?a@Ed{5w}-HMz|KBGY@xpr*BE7X{&Xo028n0$iJT(&H%-9T8W56B!_qR)gK
zBm+6oCF+dIw#ji37I94yUD+Nsh4T(As8zARBT**>@&ya>r1G)n8DF-2m0edPdN=Hh
zo0=Nj?Z&fOC6m?)J&pWe*kWVF&u@!mwf~oLPUK{TDy_eC7;u#Pi8z;t_PfTAsB^l3
z23J=r?8IDIv-iZUT5JD62MYFObgkz7O_{-EidctK#KA0SJpT(7i~(@|OQrmyx7O!>
zV(QDL3jZ^mDcp~M33}V@mLJ!{Jxm6_Q3PbnMG`QOzfhB(ojkOj5vIOUX(do9-+i{;
zvRIhZ`{P6Jf&=@_{_n&3cQ5?k9j$~S*qHytMf?E}*amg+_}sJc?Y?}L9|ju^?fM>c
z1_7t40?-jXdVw!}?rZ@X0oF5%u{1Y}F5{tHyu5wF`8-Ona(RDr9*Y5iY_F#z8w={t
z?*oUPjx+G50cI{NFyqp9CA&0^OYe43OaLiVEAlsF1myQ4<+iPD&sSocQR7eBAvt+4
zyzA}r^0^!LA{cF!6Oprg(qjU&f-sZvlPcu_xG4_IZ;&DBZ%8RT9T}=n-xpcmkt+fx
zo$jIK9s|etW6$6xgdQJMx*5riG$?VubAens$|*?@x!J@F{yF8&DmF6qbJ2KIi0Ui{
zA*<4=^urGl&E|G3?>pC{8Bw=<hh>7WLk!iagad__6*?zE1&*G>-idhWX0O0-TuDhe
zTUD<DLn$nW#CfD=$oF^mh#w{B%z~H83FBBerI1&Gk;jOzT-)F4tVL91Au`2Y?~Xp3
zWrA6VK4`6zu~u$J_0%Z})=6tk*Vcd=gkHW2tEw$7jWLnh#Q=UPKEX>u+QsV_$h|l?
zg0mptH@UpfhH+DhDznzzgw|^6W;0WN8#tA1wGsRGW!~R^ZzkIlFbbu+re;|#eNhLg
zfsOahkMgnBgdvGDh)}g;Zmm9_-R_E{$oN^;dTxLXcW_ij-6as9R#&4^E0xeX6m37H
zl`Ofpvn|^C+B482m>dYIV^*g~-R!o>KvaKK^X<DX_ppiJw;3I_FTAQkPS@?CZ9BIv
z^6=>&QvBV5!)sWy*|zh31N<ZI)1BrSN@@6sOnltOYzz~YIg9<C;=Za1E?;1Udd=k`
zS?!J2o)fpRQvNx9>P$TA_ZMI+!(XoCZ%9z3bUu)S%WRyqAlBpyR2Y|kZ`2%A0&aoc
zYddwf_T%QSPc2O`5F(sb%T87y2`cq7KT}<f7aEvO^AWD{^Vw7OmVDYy4~{VsZb4yq
z5eyKH6l6IbRh(y8xq4kn#F*^bqdxXOdJJ;oU{xxo@&v|TlYbiD&G#Ta;Ui$PEeeb<
z3W@s9vp{aEEMKr|S*p%3;877yK?OBq?n*arVYmdRT1)pK^s7$}8nD>bgQV7@JDT`)
zz#FRLL}90;DpKjb8WbdmSs%i!wUk2D)9ybT<#@J%ZLdRQ``A-Ts)YfPRt_^o(IXhM
ztmf&N*|9k4UY_n2@8KP0zI?e)7jdkXx}5Qv0?<|+?|cppA%;Rj!hwZ1xR?<9kCJP3
zCZk56OD?%xtp;ip5zH8rrZ(N(1C)eBT&zh7RY6l>)hd)XY&dnv;-{{{0B#nzSs8vu
zV)4-V@VjiBaaMyQ?eKvJYf%LKT^S$v_~f_e+78B9@wAQxVU%jK%4g}_W$YvKSd9n&
zm%C@@hZ=+zPr6-hQrR_nB!v(~Lk_(S<3WCWmgBA1SBZ_kq1-l|vro5p_YPQf>5s%^
zw*&3tIj!5vw43)_8pE(Z=iBxjHt=pq`$A>$0WkG`zr_hYbPgUm&Qc+s1{n$XhUyC$
z@UkA-k3y*+h`AKAZkrbt!m@!GKuQ<M3-ezZ+Sq+^alh+rsT_-5A?#!wvgakNcY)p)
zVsV(TL%qz)ye|lTL}BeziCGOm(Wo0@#dGgPwjsa7ZW780AQa<AD1b@x>}fH87qwLd
zVmtkWY6J}-;ZJFYG=tni;_&RVKA=6cygF#|C7>;nyOD?1&|RWte^KW4Ff*Vtxjyhw
zTRNFnlgCv-dgJmJKAToP;cMEvk`K~4E<iAojr>VFmidrbK)(=V$=*)<5qOL3W<msB
zxwH2hXH92y`z}JpR9-$CTqc0axkX7L)#=0P?v5A}D_umL+Uwm7TV*>lPsSxEY&T>}
zEdDX(N<og};K$TFbi!(?0RutR@TXS(!-P|&xw#b7TiHR;iM&QYx|Z?l;DFIgC|c7X
z$H(f&m{WB8$c?_P_^_8vNsCc?GDoSe6yt8?K+^p-$X7ZM?{+~aCUYQS^MJLW!Hare
zZB2(|ozr_-?*N{Z8@ivPv3^M&2OCQ7Y$Ijm+O28+dydTkD5)b;Y9Hz^s3+BCn3qLJ
zsthVNM6+2=)Kk4J#O(~W=<bgWXa17$dMaNIf+ezq6JB~K-21UkqtCJF%iY}&I#$7z
zQu<KLLJF(D$`du$ZtRW=pF(MjjEYx7>cgvp4*Tb|+1zzs`7>dm5riyZli6KqqSyL~
z8N(V?PuSGAD^qO_ph9dSNza_c&D*g5ROQEnx-6M73Jq9V7aPo+`sHnLfie*gJyq;&
z=rB$qa-)6bTcyJwHZ!9UnzUx`oje00Jx)P+D%_3pJ?@w#9AHm<YF&4_=C=942C(}G
z??;L$;yPi~DtkP7%SL09Lym0Ca;CQK@ME4B(YVUkLowj+U}<h8%#D-ao$CN&w1nE3
zIw%We0L(TjvsI1Go}Zdn`3mmYV5SM2U!RD_zJ#O}H$!_Mcuhx090lntoNxH;OeVlU
zmB>sk<}BC%L2$w&Y<GQNdz80i6L&~%VgvBIxc`7~7@>|m6CH1j<QMv!{2|!s(d+5s
z%W&qOhSYhECb-ggmzW_LpeNe5kJ9~9*Pzp(S+(Fq43{`FQXPRe5!3EicE?bELP+mi
zn`dvl9~!sABy_CiSRKKfI3QU0o6%jc<g|gJJnApryV#!$DooA;;K_xrelzNmi53H5
zDRmJwM$jtT`>*X{XvZQL9Ey>}BzcaGpY@hcqJFbKxY<h#j5?NJq{zM{wwwq;Arpwa
zc@}g)Ks@~Zg%g&w^YkoM<BhW5w=2#2Nq}^JFESJ~JRnWqWU*?-G<14+M0z0Ko7e^q
zB@wdJnPzwN$I3K!HZ6mD>N3{EGg!TBF@XPO<$&W%(2T{GV{a9r$0y$I9N`<5pqxeq
zQCUjziB(CI@2dp&cZ9`kehn50)SK<_Ud|t|$!tMEC;hpW@U9uR-*3HB;V<j*-1J+_
zo(6J`7fhUO5Ko_@NHLk(K<&%xg!$BlZqMvW?3!?Zd*hMqUJ}_`4f`*KH9VwA!IS6H
zax<&)L{Hl<2F<S*FqA(-bLlj3MW*kl_>T|Q3#y4tJlqE#0=`VcR_m6S`;#85ROz|V
zHqx=scs|38xjf+p0Lu^7h`)(&tuRC5d>6pog^PxzV63$s<<nfXXcfYLJ|WF#$04WS
zcDe+wh6;Vtqom0%3yFtQLW3*~Cb&ixSkxVuH1}7;uF@w>SVMfSjd-y{Ku8R_Huap@
z1Fnpl<vk1*Iq|9ZgxT#L5fqNyGz#+J?zK0+Ei#3_LBc1kEXH|62viV+TjmS`tLt}#
zjXy9G{h7E$4deKQ!+0e9@c}z<YFD&PXd}&Zp$_e=a;8j3K5k=+N=~!7<nCY@0r%)B
zV!4)*eIzLwm!>}XM4p>poUe`rMDQcBMwpaxgRn;5R)VtgTgA;J4Rc%Ap`1JR4%+w^
z#^IBvSLH*+mHRVC_h{9V?BEo(#=}dG6tu+&P4Ie(d#+e@wn=G!_}}^4URM{@+@u}1
z3_Fkbbl6GX7w4g18a3I=hYuY%47_rN()8b*R$Fu5rONyi!EJ0-E10SvuI@~&_qGCv
zBrc}}O`Y%I?T}pVI@*_^OC*|hd8@VRloc0;NMtK=3~XFQy$Je<6flVPrn}~yR+Wjx
z2wstSe!qaX7r-u8dRM`>o<E_C9wCpNlLt;|$cWMgX_Qgrut-KgFozlVpF27oXCl&c
z^<3kliE65Kk;u1n3V(x9sSF(Ukf@e=_pZNI`&iNMmzQx5N~Ia*nx0W=?{o&KbA+#c
zWMLEQSfeA3SZlk%)%>7~%u*X`FVL5(Iv<B99NtB)g&uX#S-k!RtjyBp6^cpK^@H(~
zP3$xnJ#|d*)Fg{g>`As)6^uH2HR#?=Sqe&<5cEeJA?`n0YH^B>9VPj#xJD-(Sq3|~
z$&hI~_^xkW$&Xk+H~g7?E8YWp02iL=nR0KG=6wYfQK=pDiJ&l`jPd>xi>LMba@}(z
z9YYkD3{yxV&-5!;?j-A@3g&&V8y6bBndUL>-jJcE5b)u$;V||yy;~AF&N9WkMX@_l
z(?SG)1Zm%X3^8VZzoauaXo7Yie|e;ym1_)Rvkqhe&-4ms4&0FGY9whIqO6<H%}cFQ
zyK65uf>yftLk2I0&t3G6ia_{_39Sb^{Z@xo)*82J**5pyY2-8sU?#ufV)r|xN0eo;
zI^JtSS{uIkn*I+<2rP{|6|zEsCPezzf{!1xS-M?H3_jtnt2P%$3W}t0H>xHX*pXA5
z1Xf4WX2{dIO>Tk|z}Utm)GCZ>XID2{Aln5;QB-GyYLf-;nW@;>WzylM&vSne7kWF5
z*HDO{_jMMxaF-$gv(ZVG_f7$67j@&{If-kyeKmPxO&?t+DgMd*ZyoaLA7YjWyXdX3
zu%dk5Lxa0K0=qG*a#MJq-Fm7QYN|&3Y3ci1oWH`+-*+9W*OT-v$9)*8$jpe`7-I)R
z-wG$^zR^nloGi5)rLB38W3jt@Sw#g89yI#2QjYnu2gN5l<7nfbjZ2AUOLiCVriS!A
z^ewyTAvV@s`D{u@gg*B-Wl@W}jRcf7`uM%$wY<z#a`*3PIr?w6?ca3li!LKieSfeG
z*tCpY@fjlq)R`#7@TNXNs{;-8Y+aE3xI9HDRVSA-i4%lXxcp~MI>WCsudX_2dbTZV
z9P5@DPZu3SrzXKzJKi}_!>)w|(J|N=&p`&lEk9qD;iS32P_xv5k0yV*8LwmDt8gh_
z!8jn}HhDrVva*)(mU5ZpTv<*3*4S6&h(>v~`axm)79v&Yjpax@<e64emS1((u=qUW
z1v*5)y+*E0g3H)2dN~VrZiKDX6+}jB!b_1Bgww=M!VrwQxI&#EV+<7Hid#fwS=ol$
zP)zp5O%+D%Aoy=NH;S2t&Oj^0LBdUnbh47(-sct~OKv`3Dignt!j~%8IHvx|YZ*N;
zoThE)&pq+kg1CTARP`(f``~1iiOrhRbhTS>$=oCRp*lJlt$gpG#*=xe?0bGY-o1e{
zV{<DiC~W{zD+fsss|GZ}N{?FbO94>aXse-hd3*HnO7L?__wT{1Ox@Dg7tm1Cc}0Up
zH$&5)2lbs*4tw6jE{rg#2V*|ca!U7&#$u&bXl(hO;j!8*mFenw(DX>x6adVHLFizr
zK_vQUa87dcS^aD!TpQqdR1aGGT~qzat>AoBEoBUBY*mnAfeP>M-c`9zhgu!k(J3rz
zZ5q6510lx4&$hiS)|-q=>sJSS<BqkEWtreWdXk3DaTZ@BVTJGMpUj_?9>T@0J79QX
z*Q1pTiFO<2P?U#`Qsz=|YhrA+wX96eJr?rhC@)ZoX%lJ*==sf@JZCR~Vbsdv?AH#z
zIG#gqicQdJ|MoW8hAzM=a~tGG1s(~cBPyI`Z<7kU!r4FbS{C2WW175rgf>DQudvUz
zMU)O;6rvCH-@|)XsLWVX4$Yu!F+sxlc^Zg<cZC%HRb09pZpYQJIr;sSQX`jokhJfA
zrs@y8Y8_+A#uD8P5=M5vqyc%zt71uh*F610ovvHd7~_hx=M4>PM~!Tu)^xI2pWRvY
z+M7f`7f$aQXm1)WG@X4-LVurPbdpPmkcj&6gwrW}RP+HKLnRoKv(gOj?78NJS4s&v
zu*0=3{&j@|ASA8>2f9;@?N?7HUl%s}5;>!v8QsUT#^Pa*+dZu7_t;F8icd`2`tnje
zzp%nWSI}SV`9G!ilI=;}7uN)0(#pd#Y&fepd)--H`S?85#K!K<<!v_&U@z!av~r%6
zv@*}M!?X<~W{QqYL5X(>Gceg)o6heSrSW$&h=j_>qQO8S-Tiuoh^J{ZwLo!a5NWPU
zsd2Vt$$xa)TFAwiwBCH_Q<{yt@wKTs%nK%2VYVTaxcn6H%ngk#rYCDmsrrDxNT~m8
zrW0oE@{S)KH}#~^rESCFv3VYds2zNFnF)@MG&RZ?S_!M2>yDr!sYsq(3cRimNn>hV
z>6{SeW2{JS74$+0^ma0|(Ei<=TbclA?5MLVIi-<wry!U!_P`hI_hMmVg1(=}tb|PK
z`}ZOG?9PSnF58BdL0~&j0g2Tn=*#KZ!5f|!;@zyw!_yS?9fET<TAhqPZ8z6waD17X
zDH?)JP|hH!;U{rW!qnh%cB$`>KPJOF74>s^O4AqR$O_*CM1^u=L^K^Xv0q}^4E2-R
zpI4jp1Vo&JfX}1Qkwo!*%K=_wgkH=)<)lp!c3;Kg4YWPS_(#u-T^{{E5N94#G%gTT
zvcG@g@7ed=Pt%OjF6KcfkX@O-;_?pl*xIp1BTRSplHB)}^FH$QACZ!sSG@8U-PfK$
zk%3wm!f&!if3dwLIQ-f<Dsl2%L}?_Ktv3p$lr<n>=}@;}sLX08?d<dcQ)lvv%xXXN
z$JM=v;{Sf~O=5#cGiF-XJKH1L;=zCZZiE5`KP)oT#qIdO8^9He`a&sdVL|5;|0T1j
zS&(M>*D;=o%5_3`nZqLHHJ+Zm3m{X2Tul-YcFQoJ7_8a|7BI|x<^FqI+=`L*dB+`<
zV7=Mh5oc#sh|ZVAD9L=0<y%Ffoa|1Bkc>f^)S|F>=wZ0dnl=vvV<^81Y<ds@-BVme
z^ZJsIG5O|=<L6?;$k1rdP8G6Mgnf9wu$~moDT88XI||QD{^rp%Z%(zVM<gjO?P<Hw
z-6N*Po&{7^Aw$suIk(QW=*E*IUEmUnz%S~-iE}mq+S?_k=?N#789=|A=xhaRz6uzH
zQSz{!12uGDuAo?q%UiX$&6r_Q#(82~3|hbPRiLs17J^L}adhfMTO(YC>4DOvPyVJ@
z;}qK8__`W~p!WKsHJ6%4ng*E1$U8xYz(^Xr=dP*xl0GD%PO}5}840RFE^@nY(4A1D
zYT7kx6a27A@@N@NKzrH*?6t5;s8rc_BuGtam6Zpbj?5o6M<j-^<tD&Ft2-7YA+k3k
zW2sU^clApoQg5n5x{Dhms!o}6141$NS7fb0SROU~cEZqrsVCVckAV_BJx6y}{HkF<
z^3AIlVPMjQid6sc)J#}GyW-<fgkLkMR%(N)IKw9lIR@~^YgyjP5@3|m_ZZo^>O6CZ
z-GW1bgSV+BcZ9PYhq3dbcZ9L$EDPQ2-TCOq58}}FWd`drO*p{Q-PRq%Q)smuumaKg
zyz~)QJD;WiJlNJn+)b1Nv$=)%BZ{Bv%?Yap9NZ}-C+zE+u74FiIVpUp;g0lXcRX~*
zPaFW9X+f8tVb(&A-Ao1Ivx~B9feYZ`V<8#e6-*ejOD6vE57yps!Rw*IzKu=kp;6aY
z^6#1mF6D7NlO_H<e^;C&!;?G~TLug}FKqO%M3@<(N+a{AE7gR<mSmso{wR`c-*s1s
zXT_fguy|`K_JlGI67A=MGgw${v@vkyQ$<MR1EQ*u_)<&e4frT}CR<D^;r|{`F1E&4
z*j2|-eV1K+db6?|t)eP2Fpzf+t&;Y}^FSJ1p(ME6a69FjbJnV$z%xic*%yVbVYTdh
z-p|2*JMK0=k%@pb$oe_Wq_eCr5sK1br0n*$LKX!>A7&gK?l6rqyuYhxrJuzvYZczl
zL<w7w8^WF`cuRsR)B!)ph=SWuju{heKwCV?U_*u!@|~Nr%NsX*_K(t6?Q)a7NKg1a
z#h}aYqxer;Ruhz)3#OqQjF_efbf1^K$FQs`C(2GZ|Jb6+ieKY$-YDi7%_F9&&huH5
z__c}rbh@G`rEMog*4+h^Dl$W7>ZE;;UtVEGFvUbMKZr;m1y7gy&kO~&D}cq|g6d0n
zq_t~inS_dRaO-C*-F-dlRdZ-wI3#<N@Gt)IUD;Tnwmv5%T!L1&-?gY_K0HJVtJGp&
z?In3&Xn#sl^AI2~Vgz9#{w@CTW*6jEB~ApJNz#&d8mt960<q(lw@{E@uovq{1R*XG
zp3&~jb21yncD&Rn4%xcxEZ~RRcnwg@JA<8&YAnuF`x9Jub6|Hyg9<-%AIWPQvA~Xi
zXCt73di_9M+`E0tDFeIq$p?lSft__tI`Q6u?efk<&$+p)!sF|75Uf2R!?R)*%6dBW
zCotJZF_2~!kNxW7dZAbM8R6GP=7&lJA`{rBgt`UHBR%oFr%BHkQ*W;U`I#cQ-{cFQ
zyqePFG%2^xrBG9~*~FD<q{{Hc;DZNy`L>=_@5mEdmyPI07?vAYZ7T_|A7M8At_;gq
z)g*^K*TxAF3LVJsHg&DqKtV_vPUU{D9qxQm`!+y|iVJoI<@WIeHe9zaCM^Tqwwne~
zrC!X)I9%GgfDXk;?n3_Q@FY|Q`#CEP89A(}JqLz7R!wW>8kyTKR~Xw$vW51ubqvH#
z+`5Tg<CDmuEoXpYW!IF5Am86Z4`ETBlHyTz;kCpZ9sH<JJD%Yx*d#Ejn-<4Q_}A?T
z7J}=w-iLmPrS==Bt5bMW;5P%2hqXQZoR`KXpBt*Rz6Ju_x|kGI6N_FG+mc=4!+Op}
z5&5cXsz$Pl1lOHg6dq=$p}1^VB)GI?-}@k(1d(rfYvk-mrf+%6!j4SU=HJW?bvgT+
zT`9K0RF}WuQ%Cc#L}qtjsq`>zk~_Tr?89a+-=9Mqy4VN~3=DTuEPdh{_(jZjXCQH7
zQ40pRD|BS9eNFf~_A}RJy?DAAA7Li8ab5hKSN5^v$>x{X4Rxi$Q_tRgm$fXLjLQ&_
zB%>00XJeF<6_OGDzG*?#lDk$+;avF?t|o816(LDfT(^D~pM6&N{1Vgb4Kr7lw8CWG
zZQ^TtRE(z2GT$F&2>@-?x<f8uSsRF{hJlWcUb_O4g$v1?XfXJ<LpHV~og%_BoOTY7
zTY66x=JCKj@U5-Nsu-(?N>`lxpvSoj1f_*_qtP~=e=vCdq3z?HRI3@)ap90=C0>oJ
z*RT4O%F7Te!F_GOU?#^hmt7tGeX8RKE4u-`BJ<{GFZM0=nim8A8W(cS<JaeaYF04@
zJ0&XLkHuPQS6E+jMtbQY+Z|5Jbn|c{Sv_c)++s%cZdM8LVRo+W&4R7&W?6P|FDZY?
zYqAAHnd%s*HR+Jk^;<RnXiKk@q$3<=vByJxCvSOb#+(_h*u+yW);HN8xNYqhL2Tep
z^9xw=_!PT+;xYotKjtkMrj(j#F0)N{?tgcPP!{lp-+#g((IONgb8WEes-_ANH=ONK
zYFC}BM=cD6w{xhWK-wXK8{>0ZJUS$ZtPADfkBoIAm0N$TBs_c~l|KX>d_7snZ$jM)
zW)6nCsImUg_dtse7*x+0>=D{h<SGt@Iu8ujPXk)0_cz!`fq-pZQ8woscQRE8hQd+v
z`)I35VpL~FvR$gqhv;g@tw1o)U0fya0v>~%KVb>riR(etF2s!A8G<R}oLXf+rmqwM
zKGXfmgSX47#}t6}PCHJa5%wgtAGT6ATwzBH;S4kF5LNS`%+*5mRCV*3o*^kg4XnZ0
zay^x?04H}<w54{Bsz0;6r2H+t?3(aOplAzh@g|Qy8;HS+wwW+uOFvf3S6Lm?K3_*8
z2@=huXLRSc#$VLwrHe3z7)JTl@v}-~Yr2fjlxTgMo#BNt!{VwmsRoQnthi@>=H}@`
zYB5#etac86js<|38@Akx$oVPbT{f?MtlRGdyXi@*)imJL_q+2-tvdZZBr7@Y$XAP3
z8%UDeXRpZOlUt}o%!j_IO(w5wVxX533ITQCxFxUePMZavp=!Sp{U<`ufc0%m;TVIz
zZ7-mcqT(4kdiBA78Hqs9*S#tjlgxf@$?Hx4Q^olI-}wG_3($W`{eQoE<(o(#UXAZK
z_;?zER32i{lWhn{0T*Iuw8}wCX1<r0WYi2iCcLJEqUKVaE(yj+xFKIDVIpCa8T#(|
zD<M=?7)2HvsShGjuaY0vkG?d@Wo^L#H0Eq)pMi6BpfV3PYuKtyqxyPpqe7%Kk*x>Y
zhx8Wv3QPx4?T)Zjs}ssN&(Hg!oHa7v=K97m$C%7W;Hu3)0rpl33rmR`1qU`0jA@=r
zXe;zS!FZ19s2d<tf7syG`)c8qv&s&aWh7}Fvze&evvKR>7?f6=0m>w=6to(+p5Fm0
znGs!HAzOu}nuC-iPo8WdrB;i3tvf@E#yYo`zaJ^POKr7}B>vDXqiM9sH1x7$U7+7c
zGjpa5t7pLbz0IV+M<>!euWG4m>jEWeazn<dG=|%6YTK9=CJM})X#0h-7^i-qUVgLu
z5pMPea;+%Ar1R=UI2sQ>k$5r$#5&Lr3{@q*XvL#EVoQ)`QOw>9Z&<Wd!1t)=P4Q^F
z_2?RxS``ki=}v-6s3c&ydsNfh+B^kFA;}bbyx3j>c34!m%7Lti9NuIiP;LJO=&{V7
zOql<50H*%G#0<EwOYG~PpA;^3q!tUTM7mLWcD#i1586g~ciIQl`Ho!Gp-F*?6m$6<
zDsY^GKQ>SfW;g}2h8aJN(xD*?#vOlP_Oo$ilwyIE9v8#Wpa1^Srml8I#7-*j<@r|`
z%)h)b;9b4u|M3|A1q$;2JjQ<j%fD=A{u9`L5gYv{uzw@40BAx06rgy%<U$_+fU#QA
hF5nUM27pzm1q1}ZMvh5&HVj+5f&b%H0gzhS{|5xyiw^(*

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-161821.raw.txt b/tests/fuzz-tests/images/bko-161821.raw.txt
new file mode 100644
index 00000000..c06b0ea7
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-161821.raw.txt
@@ -0,0 +1,42 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=161821
+Lukas Lueg 2016-09-16 20:45:58 UTC
+
+More news from the fuzzer. The attached image causes a segmentation fault when
+running btrfsck over it; using btrfs-progs v4.7.2-55-g2b7c507
+
+The juicy parts:
+
+==29097==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000070 (pc 0x000000581939 bp 0x7fff1f168590 sp 0x7fff1f168590 T0)
+    #0 0x581938 in extent_buffer_get /home/lukas/dev/btrfsfuzz/src-asan/./extent_io.h:105:10
+    #1 0x583daf in btrfs_search_slot /home/lukas/dev/btrfsfuzz/src-asan/ctree.c:1118:2
+    #2 0x538652 in check_owner_ref /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:4043:8
+    #3 0x535ca5 in check_block /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:4433:10
+    #4 0x532464 in run_next_block /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:6292:8
+    #5 0x52f584 in deal_root_from_list /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8391:10
+    #6 0x520f81 in check_chunks_and_extents /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8558:8
+    #7 0x51e5a9 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11493:9
+    #8 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #9 0x7f42d367b730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #10 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+parent transid verify failed on 4198400 wanted 14 found 1114126
+parent transid verify failed on 4198400 wanted 14 found 1114126
+Ignoring transid failure
+ASAN:DEADLYSIGNAL
+=================================================================
+==29097==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000070 (pc 0x000000581939 bp 0x7fff1f168590 sp 0x7fff1f168590 T0)
+    #0 0x581938 in extent_buffer_get /home/lukas/dev/btrfsfuzz/src-asan/./extent_io.h:105:10
+    #1 0x583daf in btrfs_search_slot /home/lukas/dev/btrfsfuzz/src-asan/ctree.c:1118:2
+    #2 0x538652 in check_owner_ref /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:4043:8
+    #3 0x535ca5 in check_block /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:4433:10
+    #4 0x532464 in run_next_block /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:6292:8
+    #5 0x52f584 in deal_root_from_list /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8391:10
+    #6 0x520f81 in check_chunks_and_extents /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:8558:8
+    #7 0x51e5a9 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11493:9
+    #8 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #9 0x7f42d367b730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #10 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+AddressSanitizer can not provide additional info.
+SUMMARY: AddressSanitizer: SEGV /home/lukas/dev/btrfsfuzz/src-asan/./extent_io.h:105:10 in extent_buffer_get
+==29097==ABORTING
diff --git a/tests/fuzz-tests/images/bko-161821.raw.xz b/tests/fuzz-tests/images/bko-161821.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..6c673ea44490608838dcc9f03440087b853244f2
GIT binary patch
literal 10596
zcmeI2Q*$MNmW5+>?Bv9@)g9Y5I=0iXPHfx82|Gr|PKO=a?$|lu+`7;6F!xT?R87_W
z1*`Vj>+SpAd3|*BARu6lmYSuYAjlyB5D*aPGdh!>pH47rh7ja2T4m_)I<ZW<u8JzE
z47`bWT=&bUCWD8Xb4GnhjMbR+0*wJ(<((8=ks65SWl3K6CQxfKn*y`<<f6k)R27WB
z;N|ySy|84Tls11nbYY-z031&!9}yY%YB~3?PZ|s=zC&3E(m8IWSAm~tE{iDb(T0b+
z@y?t4E;8xs*>IY(mU8eH>Y6^2Gxi%9DQ6qBliMsyKFtU{JK*bG=tgyn;jtvipzT&O
zl~KAmr&mJvEdq-Ki86aT#fHi8liIB$<nj}`WNPWcYYB^KJn2qDgSj7#%LgX$XF7<z
zD4o@n@>s7(Y421rRNk2)P_7U2D0@z5+`<7-+9%-Ezhj#oTfNFjAj{5=K^!Fq8-9PT
ztCN^EMapI%BqF8$6miu<%wXKX+?pX~eCp;Y4*l?ekd#ZB&`#J_FRp#?DJd#Z$Ie4Q
zAuz&Q{!Dk#)7KvE$k2Egqf0?muYdJqcX;l6i8t${h5&u)Y1i`UfQPOPPGp;o?Fp7d
zAqKf9+yfbQ`ZLQg+S7z|&-eRK72hmJ>we)-j!-Q?0}0ZJIEBX{EZy`Z{=*c>63^(`
z4||wD+4AE^D-P8cA;E)7DSp=%cJXSCt)LBpC}VZ5=IpEQ2H514WN4j=zQG~z2Q(w;
z?0G_3kCx*{jq*;|Bt72YPabcaurj|Fstfd=(gJ3pP53^Io-JO`Vj_5r<jry+H})tA
z#&aPyx}^%F(w`r-uqIQ&I&6hU69$Sz3)(*%%6G>;yvbWYoC&6({(7pW$!@X+Lk^9}
z$Ax3l@GzGJTV-Msk-`QL34fG+($J;4kP0SH?K<aIP#T@nO@z&+Wkv@uB;C@wKN0l7
zWh!RAul!t0L>r=3e}0HMJ@$l|EqJ>?-3p34xQQ_Of}VKOFX-4*d-}BVPR~MkJ_+p6
zZzF+^a@efg3Z6(Wc(L~8O+^z4EC7@0ABjMTp`VHi(4MxcL_TLsM?a}k4e_Kr35_`D
zZ3N0<ITtVljkQykU_#-vat+=vNABh<Wqu!krw82I-Dxz`GAuB-p%u3$!N)2guU9;>
zT_&FTk6k@<QNGmX{4NZ!aP_aT?lgx%6lTy_SB6LP&F_YfOT@L(mrd}dUhsgH##Qz=
zK5DQ7X@N+Qx`Q?ymKE&^n2pjX^x_&`V8_hG3$5+OloCZ|a}*F9`oqiob}ezGdd)a@
z<zXf|#a+=kHn}gtBd<wgD%-=S@ZR8rbwTs|Qa@#P{UL+Bsr?-Je=pg;D6FdxzZw6E
zpPCxj>msmOC706;`y2JnxW&OvSkM;7?)X3IIf;iIwygfrsoz;q`paw*Mpdmb@vrFy
zT6_cD@KZ}Qot{&V8r_3KeOLtW=vwXDs~V%*6p22Wn3F~F?}ATsNJfbBAL<qFJ#~Kn
z7pdS)b-`zPbHs0f6Abp-E#Iz(x><~>(1heI#S*blKhaa3UA%Okk*7Y>=%mmp-~6^-
zv)Nd*`VzwKLW24%{yD6F_u&6+v?`i#W5LH2aWaI^_HHM?-#v%G9{8i;D8zVh&;RgO
z@bFZ1Am$gZo?&pWCr6-mpzX{;9PQ15+wZW>uU~sb3;0zL6!XXRA4?#DI9~peZp>@J
zz4ae?JI^5f4YY7$ga0jeSGq^*y!hr2%>p5dZbR{kij4Yptk$-*?fpW6H){G}Kd7h#
zNpQV=UNL*)Sq!hob}DvOKz2feQ5bGkaayg`k2uAR%>)yg@rttBT;EF;^@|M<EAbLP
z*<CiEQ5hXN<O6XQ<luCMY#6Cz2t)|?cT$`+Gkv+%Gd)_D^OQFOiN<kyWQ8x};~xk|
z7y7nxy<6V>xHeD*<!seO)ql7#X_(j#DHUfu@`;=y`-x~s|BgfLlbbUUP=dap!I+_B
z*-VIB=Fd%ZUkD^(F@P<zt5bdQddx*fUKTHMk;$@N#71=v=BO*a!tJDB&(?v8MEV5L
zy$9T>9ycA566F+N3G-|L=^EpEaARkW)?NaA8-IM0{(-IL+=a+b0V6b$Z9sW0+?{5y
ziJO|?uyt=Ekk37hp67H(_FAV!h3FHQn)$drN4h6ub;7OnU4ua~Apjn|#}lCbrLXSl
zLNJM}48)McEiM_5GS7}(Jm_8VJ0!tv>22h|VjxlKI*P!oSH{OIp)<y()GJg8%cxZ_
zps?2}^%oD~95!gS>##Z_8WCCrhX_K`D?!(7z=TmCj8U(n{;Mj0ZxBCusnQ_=1<}pO
z;wlr9U=Wu6YwzOOX=Jhdnb-_0n$UFx`dx}U@k&ZiDfik<zBaH$7z^8=#HTH0!&E*e
zy-#75VFjOzg|*r;ryZrI9o!kJ^!KBpu+7ciiXf`l>sr94it%0i;F}>>hImw~qwPms
z&N1j$Zqz56KLRp3x8CUxQJ|90!1+?q#&H8>Iy%FUu4@!vjBy#A|3=*>;Vp|P!v0)H
z+E*9ehep2wvX<Vm1X&GgRIqQ%hJrZ6c}6%No?vXuin0&C#5c$S|CuzGI?AoSP-GX)
zwb|uUxEW&|g<(}6j#<mJ@!UoS877tjd=>aWVJdD3sWNRbV%=F1<?_sC>{Vi<Xc{eC
zlch*$g<}4AGejZ9{i_L?<*b^UFG-Xm4?WpV&gDhVw=k%}^t;V!H@UbYOHjoMTqpM8
z!NDy^Ye~CX-XDlBgNiDoAUR0lWYD$AjXpom>cv_XbVq3&S4AexvSH#N7U~+-z}!+j
zpo~1f@8E>y)2cUeP--?kQ1m<zJ;;X^)x_Q9O+y5txKDi#!?~iLZY;IoOVr3`Usp5k
z`E01{dS0{BZ@o{GSDMKcP&P;M{Lu&fm6aKhGPjY>JiK4Kak0R3zFp9dz(5<U`kn?_
zpi+c+EV!#1W)HQamn=)dAjUDMJitS7o~hn}71HA84K^nhfH~>yxYjZV9Q8o7lA2zP
z5a8fq4rnB+lQ=8GP?dMuwHm4{&2CmMZktrkJ$6Koq)Uf7-%XkIzab&N6UnQSC|j6z
z`oN_gKb&kDMl=n%m%ZY~_isjmLXD07JaJqI(lHpZyc2RYCf7HbOq_bGL2B1gRlPAz
z;`&~Q3S=+$go1<Y924tT+~>A6%nQa`3o}Da&Q8rfjKog#C~>@haF&m&Ubo30fjm1J
zkxL=f#=_tvQN4f)va%C#oI!8mzWuuchK@pYRVwHbm;*uQ@cp{|meZCcdf=Gpy4cp#
zHGp#!A-}uB>zzZ&X^pAFVpn#hq-)OYyvn>fqvZpUs-SmZjM}KG)IZGT0>Po%ElXWN
zNB-icEJ*PuQ(h|sjxhb<3a%r)>C~znrL=;p`MBRQM4T*dsm2`qL*zOZwv_qz?N?5N
zLg|;eR@!eL!cT3L5>odpx@g#U79h>|zfgX477QF+OeVGaw-!T-9(l?vAq<f+H|#ZK
z0Ud#kkAC^mSxa>j-tx~=aF8=q)%Rg2(xy&kbjy)ZA>82|e2SPh)|!_Tc@5L>Si{tz
zG1%?o%Q4DDz4JOJv7h?(Yd!~n_*V-1ZDA(DoIH~VmoIr{FZG&>(WeWbTkGj95mV30
z@yKEUobKr;1m{g6Pc2BXe8xNZUcjuoKLY5n^IZRA)rK`u4X<QdBg73k7QXpC-MB!2
zi=9~7fAAf>_?qf@OZ;BeV{}+Dm^k1lQnF(gbuav=E?Qjo{21c*cZA&=5NU>X3M`}v
ztxAu9kG({MS-G0aRFQ`o<<i4Z?lJKDN)O)CJgt?xZrc?SY({{Q;iJw^n_D64?(p<Q
zCXECh9MKKMDd8UN#DE&qtNl1J4-|=rCZX=A#)X-|p4hVXzle*@30#utKxv2w)*zSl
zHrc7OCoy}Dd)D>bXIg)@jVTgEqdb1$)}{P2aJ>!ojw4Wk@>#6$?Q$h7dbG#^U8!!C
zHxrXm46+8>i9}w7kIt3>xx?rnJM)DIzgPV*p9ZZYtn*RHUAwl~;G;A|p~|h(yWJtG
zi?$1LCIo46MX*LceEw450<#l2L?lkedGN$}(w>2H^5sr>=`l`ywH4ub8RUAX6ljeE
zv7%`HUg_9nj3;Hby_TtDyX`DG5Ad;9wZMn|RbGdr%}~J<aTQR)DT1$AYc%?<!hF~D
z;O=?58=ecj%V*!vx}skK;3?^ZeT1uoRKvLZ6XaDsHaS$V;W@lKu<p*5vYRRv7L&zX
zW$y-M%3KtpWB>4!=j<%H6+^o04IYx;i$`bwM3xHPW6)nJiP98L5{Mx=2mp|$Z`7=4
z^g2XdTd&iLvT0J3oUFNuADO*kDI5k-r<}Sqp`OWEn83q&9B2eS9I)j%Z$`3>wjAJL
z5lEUswjSw-r{CeEkK@;`;|}nzpvO$HR}k7gClUw<kcO+BJ_%i5R;akmT@H8}^qqMN
zc33ks)}Jl^Lgwvn(y>c}Zx*b-zBGHI(cNnZMTebEIS*&B>96)~W-emLMN@S@But{(
zh`7Y<w1!3~)csCT(%@=1_m(h{$M1~0CfB@Jv$~k{l92)&-*-5Kleq5MQ|RA=kxXHq
zCat6XD`Y$4K5gpS@18VDk`dPKCr61{TJ}xg0dlQvb*0YRv*1?b8!vS-cw(Yxyx4rg
zm8J^5B_7_ohj{Amy#wBtJa;ubk{~R9^%^8Yu*fs}sl*4HtKBknv&a`iV?#9gCdui)
ze+Vh@+5Mg_%AqO@V8-KTrAqiZn$!;3<(Z8A{O$K%jbcOjJY0UO^990&48kY<M5l7H
zP43w5phEGXTU9!{oeX3H1J+OI?>=`>MWc$1t3oDzJhLizDvGYp9TcP+;E=9VtWo08
zdHf>o)4iniFu(DVod`jhqd-4mo^DBS^#cYO>s^}FuSmzL3DPoT&AEx?mQ-QI7}F;I
zKAD{7$SK^Sp~ouihfUMpN?skE?n;d{57tP-o-~>rv|#?Z*H4tKcLjGD4ef1ZPnmLB
zCegxM7l!f&KUe7Qs+?pcPHfj#56$ALzW3*dDWr$jW@#%gUBk7?94xdJ-yXNt;w{v6
zDu6mQe!Ymd8y2h5D3CT%?=i<>fptEDZg|)u3al+>zwZ}IL{7X9pbJzM&6LHui{{H%
z$5MU(<9rARpnbf`x7~J50I)K|Op}@;d&9015=wLT1;UG`PI99}!Vq^R*FxU%*9>%K
zSlfSdgfr%>hL912y57$zn)lJ82`kth^}A$zCSbSdhg1*%Jm^kma_((cu_q^Gs1F8X
zLZtx*WIxEVAA}ezC>U;~xqst%QJUL0+CUO>0O`%<Ubd6(ju8m|Mk+_Qo)K~KH~#7r
zCIy|EJ9af(r~woNAdPQme_$%g$ZqAVD{DTynpiC-3Ac`?I+U$~Y&GM0aH4BrkVh|9
z-@tfv!hL!>sa80)e_kQe_IbXDwII}8n|>DLzZIfi65sf=@*GP!4>-enAPh_DLeJ>^
z4L0S*KLMxev|MVHg@BY|7qC+R<>-@?l1u{TP>sY%+{sQ^Vv<(B)^&7*Bsy+dhNqaJ
zAXbXB0G`Pn01qrf2A^Yk(VGq%Q*jgdudd${_T4H)u5^ecrm+*RT+kJP*$dO+!dZ1Y
zr~W%G7hCj5FdyD|?bAn4j$Mmi&Z*j&;ME-~8mPRuYR$>cnxa(tyW4PtaS(3N)yFdK
z!udH4i7MW`u`OK)Axb{9FAuL$KjWg^TQf1L_t%;{h9tsV=m-;aMpVK*aP_7zb6s$)
zo4m2O!7U(O8`+BxETfnaG4r#e*p6DccX)WsVWDgoh4~O1mu<__G~tq;@O=T$SKBAI
z=tkjb7URs<zp*~<Le`)A*UHNXK8&9gS`>k+J5o%qy{~mNLMsAc0{6RYVO(gOeOB~K
zxUw!o8N_Oew|pOHhvMg7>d*NT$R$&OD;n071vgj@2>6pmak-1b*pcO7zU&%}LWFo3
z?3YAItZ_GIP-G*$y%eE?0K(Nrj*L@V^He*SSsNHj#B%B>*%fg<Ix6|xw#l`nHn;V@
z<iX2tis5>aW9CH5RjAT$yK=?F7Zvmyw#3FR{LeaLQ%M42PBG398d-QXwVlb!KPkHZ
z5NMVA=se$8WGMb18c-}Pv65J@v$8Nep>u)kiV1$?_L&yZ;H`if4r)8?N5;j=lc$Rj
z#pS$XAh8F8fAH$r%~uAzG0`uO>OIp<{^COCC=Y5EwQqSpQi9JRiwhts8E^J3tzuh^
zq!<U@xw!vHVfdSJNX*aSn3R;MLcqbnyFRHPogw}yyaP*iXc1S3+Ik;H{(TQ?jYP#I
zj$rZ&613%hcCb!pj+|IGWYI>SN@P7n<|6qI7_yL8&)qlN<q}pHfl_t6?}vM^d}^$&
zjQ5v}WBj@Zdm-JfWOcv8<Wnrw7}0f-EqJV|X0(&)o(|P24*)q;JLbSQ1cy)c&ARky
zS=OYydeNY#4-pj09<|ZzIrOEq&k-h;W-;2$c$NZEr%^7W&Vpr82<FUUpRKFH_NG<&
z$%xB`Aqd+zc1w0+)~>NSpdYqfS4A?WF8e@9x`dsDEA1in?I$zeu6I8^G?Bzmd0~-~
zJI<A({LKE}&`+MF4b_7hMY-i1ClQGsCnms4rd;KCBN0l`E;Xp3OqNJh>I|RA&supA
z?NAm^-0SZGOnfAzY^}E2-{k+0PP^DvqwEEyhrWSsDc_1AKMbUi6Yz#*x7aDUm+XW>
zq^Zct*E^QOidfQ-B7y-vfh=LwsY(1j9Q6SUCmH5{AmI;`wRQ(DSMlX#U0OWBGj8~4
zl|APRbx7+IzC&j0HP>=8lixK}x$tdE7pZ%Z#weJU8yaLogK7Lb%1Oy^Z>Olqzl?}i
zIe+6_{4rKFAO%i~Gu{*Lwj^dGeW@;!l1=li4T_2F`_*_Bi>v9zSP87!-=1C0zQ60K
zTN2}p@S!8Lo)u08*pBG@nUtKTHa*ekN}TYn1@HR9HANg30k-qH`M7B2&wmW6r|ZKO
zyGOgn4S9wJ*+M@if&fl;QMx8n0_qYb?@vB~tFc9W0hh_wq-j)M2&P8Gf)Y6y4zNYG
zld<{8_o71I)T&Sfxs+_L_16zt<kcmZ5oIqDOACNpNCz$q9K;Gtb2gIaR2gVDK;I%f
zO@#O1zSFBzS~>8OF>%D~ERF6+DsT5k!nfiXa|pQ=zq{HoQZBSFrqSy;zyt>~WEbj+
z%dJxB4!y=NuzMgbQTvgzheKM-Qd&6kf$2G&nQsb!T%(N!1CNFe7b3Znq8hdxKJ>7I
z=Y~?Xxz?jUh4BL1wcP~8e<nxAB0`v&c*&Ey<eMUb7TZgaR^y_V-fqP(x!Qi>WGUH3
zN<s3CXDX^{(IGeuL?~YiPhn)Z>%{u6_{0^ay@v1qk&1v6i~NQ8@(svH#s?`rHIr>O
z;l@c@f~4fm6F`_{G7#AUY%RE8AzDz|2}<w!oQlAbna;EecVtzgZ%ayby3n;xgiT4p
z-Ii%giK_xdDjt^Jrhlk{jBsg@XVPHco!MZ4EcB<7$_l{4l$eU{4)wRM)CiC55`3wl
zdqvVN0D9lh>~S}OB4_@KGSBWZ?y*50=Lc;eIF;w4fSsE+2HM!u!_oPU+Jsh|qL|-R
zF4{s()xCO6Qy62Ot#21(8#j8cNlWomj0({SoiZUc18eSCPhg)~9EfK%)em8|v>IBD
z#t)R*TvLSoGtzj?ly11a4|X}LXiD7DL|zboN?y#X?zNaFtw!kNw)I?G{iU_l)cm7}
z=xSC<l-q_0ONU2Ql-%!jQ!?rmpA6wcr>Rf+s{I4#DB(bdANZ(ePowtnHp_CFP{?Ls
zo~$&8ntg?B3fUCK;defroL=!@)ZD({XSmUsjq~vfw~~D=alD^1{;~F#q6{zRV#5&v
z=PQ@z58IpjDFKQ#b1-4d4>}Z<5EXLrQ4I&Eey3qD!=iVQPi&wc1p(9|EPwe)Mp|Cb
z1h}W~!MN4^Aag9<_-LO8iD^xjZmF|W!Q|j`2JO^XG+4pihev+Ad-ck%(Q&72%Nnwu
z(koUY(wK8Kqmv}Q1&#Rhl6{Y!ctWSB`hF-i(8|sJdF*mk+RQn+)A|dnf%E1NB=DN9
z$JrVT@{27ga(WohT_*`6II@$UMpM0mkNyv5ACIdERZA%y2cG>`4cBi6HjjX7g6bxm
z#;veKiSdl1KQAreD!PABW1CLn(aeW~Q!O59^vnbZ3_r}XoT&a(0r(0*<!gbI_JaKN
zT=eVD1NLNjww`ONW^YajhET5LajJqa_#!;y=s!0@6+q+d9U|@<CpNWdnsSy(f0tfA
zWV8{<36nz_n$+%e1gv@vGChEx=3_a4H7t1qkm~9dqEins3~nO89UB(m=g?|}kUL#Y
z-<ZJl)#&f9w~cY1%JM?E*_Q!hgeJyMc3!7bd^)M&*SK#P_t2Wv*Qm%cNkIsIL}Q+@
zyE6ERqM_Yge{U9(dnoYq7krymoE|^<vIA`*0p1N^aB6HpNV?0hmHX2^vFfjZXO2>$
zD#ptSp7L;cH&@tPKIoR<6AC|sV_at|2VcOgu{Z4Of3w_3Na!|Y8-vEH-s(N{Ev9Z+
zd`n~*8n{qFvaC#<*q`%~oZ@PyThNyj64%nIZqAhHw-5=YfiVd+B*dhk9WdU*C8mA_
z-s<rT!e_#~?*E!xq<h;TG)mz<tg+_iJSmr%-=EWVSTnGX?-pD2GE|Z#4(^g712mV$
zfVgdrfaaIqpCJ@^PA227CRO~8>W91p;493?rH;y3VIpGDW6i3J%=9jwOxtJu6P5A#
z2Fl*q?C+}VMvr?!=1{21y0@Zh??}Ag>TT*w_wU{>4jGC%U(-{hMjMarD^JwYj&~op
z=V^&!y{LUfYd&LHJ4**P@u^T0BxN_zK1ku6<`F|vioq!Pd1+I}>8NbAP7S?|)(_*x
zyAvyBTG%rm<^*KwG+mj_n)yIRwXB~!^-K7^$kfis(HMR}=r8xiNDu684HAUP+a6^v
zQ^cgfKl91`6sv>%KpXHoGK?C6UuagNVoQj&{t}^CcJmybtuB415wOu!i?41;4tckj
z8BL%iTBxr#8cr00-cW;)Q!qkFw-eM~hk2OEYNt4=1fpV*;Ie7egy@*t+|uK=yswLP
zn^c<_AD7v@nY7T=ant@JVPL$G2()<56piA9R<~K{2LXSvY<BiFo@N?&1t;skwX(jx
zmF0ZzUL97jkqduq(ytp_SiKOfAT1I`4o05MUzQD0aslCVVRm3RO<kw&giLq|Iq8OO
z^`0PNm<%{m3Mza1%-&CH59G#tW#rg9V@4TBX2N{t2#@`FGJ(|q?fSJ1HcEUEjB0|Q
zOqcM&>w7{RI^w_isXdY?wd)U2*dN5QwFblKxGvqTjbYR(OQ}NCZi*>Kxt_DNVuF((
z)5wDRTL+#^gMf=z$K;E0<}lg29BjDQ+^86TGeYN}Yw-_SU+s<ltHY$u>($67N3Sh;
zXgoZHK|W01qTv!@i7`!Mo(%>9<;p60@SP@dp(kJAG%VxBuag2OdgwKAarn48JN>H`
z6)x9_(fy$w&QJyul;Q|&42U69mMf*REl9^VhBu@Kg0W!ay=Swly23b3-$y=C01Tv6
z?fh*f9Z2XNWb%rn=fCe_mjci4Fvrztj3U{BhQ$W8bsca-#fLR|Dq>RVyxK%TZQxj`
ztJ3~9(Wj^UMew~iC*%D^P;FZ9+am)&`*vl!own-=oWZnRD(XJ|VL@rBbEwyz9FW7y
z(O^QhBE-XgmA)plBZZatcBc^=aiR`Esn?nw&8^Lvoi1A&m@znUhh-2><g}p$mlJIc
zlxd(nx2%-G1SB#So_QCq#3UBpAg{RpO|@`C>>|=xXO{aYcY&8x3}PDCJwW+W%5%71
znO<%!yk#K!MwdAFwu%;aAp#MzUYN%jN9c&6xMpy(Am#lx`dDdoNIZNUiKLG({~aID
z=+@+P!3);!4!Da7XrBphPV6YKsUJiryS*n1jmMCf!dDXttkV5BwyU3NcxN9AYJNlA
z`}Wogp(g#_w-anz$uV6y5Y{<=!guANP2X>L+fp}@_!*r;5xAk#R(3Q<rpkF`k2^Xb
z=xw2y_>;f>e%|W7ZKT!lnW1vTCo$xsDYupv-3Eyp=SK3;HNm@s)^(q!Cei<vxiWM|
zvUV)kVPs2XL_UmX0eTHWQGjJ|;+qHT6&d^ed`#R16O7!U4#)&`?AK*UcS(ZHPJFzR
zM$Sa>G4!<BhugH|MY4YE{;j4&Hz@^Jq)PS8hl)`L7@nInzeNmS_5sGo(6x<_;(4yj
zG#iqI@aAjM(FJx|C3j8}7!LMF)jAAwu|MAP1Xx~In=YKO0?oAc{L1;6T8`k}O^#7l
zcSrq(OFN^*64H|n$)20CL17D@T>XenC=qKQb{5NFW}sC~9FLq@M|-IVuPalCTqm%H
zqyza$#5e*=t)FLxUwe%tF;bp~Y`E|j$v5o-=`VHGK2R`tIKXFX()A|ec8qe?8>#st
zsIVx44PJAk7Pd@OUnv$Ko9tF`Cs`Uk+#;s^foEaoRh5IalKz6!V0Z_h1(O52C$_zk
zlIC#=+&_Nk{m$(^NuF{+mJ}rRG1kJl3ef+i8pGB{ZEFJ)!ai4z?(=ShuT{EDas(0~
zue!CIfv8l<4xKu};!DqCgrS6b$y<NXjBV%@<JYAXS#pC|?k<CCWYZaUeFNfiHecne
z!qarUYSJ$Zf0Y7q!Ml6@dB|~;>;e0JarbQ0eu({yge>*&h6d4!RIKmFBD2fWDTK)B
zC?@K5!Q~lsXW;+{Z(@`;*OAZ^%p!snL{2w7a(4_3I-c_iMTv*-hrI=JN<G=@GAx_@
zp@+u+V&1pW#O||fYOcmCDPAP$I5kNx_2AF@3IsC;s|F|>teMo7qdnBZoT=OK!{^>d
z)ejg5{hSw$xd30t$wJ_#9j}$Do5kg8S>qqpGcUayitpPiWGx4GQFnDBtePcuM#o3t
zrn{529#s5&gL0ilQG2Q&z<*Cg|F@9vAK?4{o=*a0va!o@da`VRA5FgeHzX#7&}9{j
zBXd7{wqlIYsxdb<bx&k0bK_9D+?c=dyU3FxE9vr71asqHER02TvTR{On*L;L<wtrF
z!1o&%dXb|U*BLiBom{Cj1*c<`8Iq0;q-t4Km*j*&YKBNMP9~<-ybVlPS^6@#3v&0J
zNm&VZ52MsnYrW%D{$(8_9`7*5B@g?I=>h$N@=Bkd+YZ?FNqdxu7i8`q{jQLfBM0_v
zV1SWuKS&NoOo<-E$P3o|UVlpwM`qw(i)+?&g{}RAPX7ykfX0jm7kmOBwf>)gY&Qj0
z)dT7LnEaVMWmesjqMKHRWjMVHUy%#kJ<hL}`$&0MLYqx?AG>eSS{M)%`y|SbLbLen
z60OD;<<475-#zKFkuo(Lmt)2wg^k!>$COX71l#rle^G*-;bK-FfJ-Pu!v3DsA=u=O
zvx`1=LfGo2|Mu2h_wTL$BMJNqe!@Q`f&W+)|8t?^KZX5^2F!m7`!@;;glC3;g=iSr
oL(hfS%VCGjks%v_fb3HX3=BkoIMb_a7_xeW`iDyi0i&z;U&?gK6aWAK

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-167551.raw.txt b/tests/fuzz-tests/images/bko-167551.raw.txt
new file mode 100644
index 00000000..c2ae8548
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-167551.raw.txt
@@ -0,0 +1,29 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=167551
+Lukas Lueg 2016-09-17 18:32:31 UTC
+
+More news from the fuzzer. The attached image causes btrfsck to enter what
+seems to be an endless loop; using btrfs-progs v4.7.2-55-g2b7c507
+
+Starting program: /home/lukas/dev/btrfsfuzz/bin/bin/btrfsck hang000022.img
+Missing separate debuginfos, use: dnf debuginfo-install glibc-2.23.1-10.fc24.x86_64
+[Thread debugging using libthread_db enabled]
+Using host libthread_db library "/lib64/libthread_db.so.1".
+
+Program received signal SIGINT, Interrupt.
+0x00000000004576b7 in alloc_extent_buffer (tree=0x6b5420, bytenr=4198400, blocksize=4096) at extent_io.c:628
+628	{
+Missing separate debuginfos, use: dnf debuginfo-install libblkid-2.28.2-1.fc24.x86_64 libuuid-2.28.2-1.fc24.x86_64 lzo-2.08-8.fc24.x86_64 zlib-1.2.8-10.fc24.x86_64
+#0  0x00000000004576b7 in alloc_extent_buffer (tree=0x6b5420, bytenr=4198400, blocksize=4096) at extent_io.c:628
+#1  0x0000000000444be3 in read_tree_block_fs_info (fs_info=0x6b53a0, bytenr=4198400, blocksize=4096, parent_transid=14) at disk-io.c:339
+#2  0x0000000000440845 in btrfs_search_slot (trans=<optimized out>, root=<optimized out>, key=<optimized out>, p=<optimized out>, 
+    ins_len=<optimized out>, cow=<optimized out>) at ctree.c:1175
+#3  0x000000000044bf8a in find_first_block_group (root=0x6b5850, path=0x6b41d0, key=0x7fffffffde78) at extent-tree.c:3142
+#4  0x000000000044bd3a in btrfs_read_block_groups (root=0x6b5850) at extent-tree.c:3240
+#5  0x00000000004464b3 in btrfs_setup_all_roots (fs_info=0x6b53a0, root_tree_bytenr=4202496, flags=<optimized out>) at disk-io.c:1077
+#6  0x0000000000446fc5 in __open_ctree_fd (fp=<optimized out>, path=<optimized out>, sb_bytenr=65536, root_tree_bytenr=<optimized out>, 
+    chunk_root_bytenr=<optimized out>, flags=<optimized out>) at disk-io.c:1341
+#7  0x0000000000446d65 in open_ctree_fs_info (filename=0x7fffffffe4f5 "hang000022.img", sb_bytenr=0, root_tree_bytenr=0, 
+    chunk_root_bytenr=0, flags=64) at disk-io.c:1387
+#8  0x000000000041bbe2 in cmd_check (argc=<optimized out>, argv=<optimized out>) at cmds-check.c:11382
+#9  0x000000000040a10d in main (argc=<optimized out>, argv=0x7fffffffe218) at btrfs.c:243
+quit
diff --git a/tests/fuzz-tests/images/bko-167551.raw.xz b/tests/fuzz-tests/images/bko-167551.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..2292fb4b81418dd04ca92f6d0351bbbb948bc136
GIT binary patch
literal 10808
zcmeI2RZ|=Qux1AtBzVx^?(S~Eg9UdB?hb<w?moCXgy8P(ZoyrHyTjgxeOsxzRa?8Y
zRreQk*Vo-Iea<_NmzE9y0DHL9AO#H|gCYa~0O-?N6Q7?Bu*CWR_r{MQ8@OX#gnZ+)
zQ4@_u!;871FYawsT3U{u+GV(ZYmrq=T8k>i5MMmG^2=JR%<44s%3uQ!i^L6=h4=B5
zGv_#|!)(7G)esBeIoh1Eec|0uNV6CyXJuCs<S-0LmWV4!#;&$KWGd~6yHL-Ti@w@x
z{uMP7XL?#6IWG}X4j|SZ*RIH$(%F$ZZr9LKqdGCn99l_b7}zofKs~9a689C|cU>f@
ze}g-h>;do1EwoPmo#jo-eBp@D%YvNNcgED+YgGDQcfr<7{XJh_Sl|sv{arO0l2DGq
z#6)=|gC|z3x!)tY7t-sp{%ahzM@5{Ig@yy`<db<cTT}21afl~bk->)hzKhHBB9awX
z2Z?Zz68|MqsNJYiv&ViSsDs`nnw0i2jHz?F2W~fY#Gg-iEKKfdLW!P$$cm%L?D!}3
zY29SzYgdPuv(pzbT0y!nsc{u#b4pFt+y~tQ=SNpQxR_^4aZBge2HcVluidkGlQG%E
zC7j1iD_IH5!nm%x&#`0p5dXs2#THl7RgBkhTXh{Y$ED|9c1-jVH>o&ElATi-Z(LeY
z^<FuPBfk$3iAae~$3H(OP}cV|#zlUqGV?^uE~XFf&x8YcGdzpDJf)+KUg8JS*})VR
zh3TXly6aCvq5SN9(WylXo+NxRE>xJ0NDez10Y|IoAiYJ;gF7hS_3R$FG=;SH<?6+F
zv;ivBr~3qMHehkhg+s5Sf;94M0!GCjBciscS{gh(?a&i*6|Jrl_e$;k16?4(^YH4Q
zw^tPg*GXbsQt{^vRiP(3Q$&G)aeCXWMuDq=PG-XjG~plS;_;ZMpXf<XPM+FNNR#iG
zBWt_-E1secb{^o<X6S^7bg^^bKMlQzM09JPfMs&0hc#HiotEVCFsy>YZS-3O>O@Cr
z!ePc=7Lz9deD}LQzezB5nQX%6Hbp-(k*S##oKgr#=~P=yYt+6`%8!Irh#47=g)=~-
z7{2_RZdl%MDV^z*x|}6(NvnRTm-6LLapJDs4D&;QzHxv%7L*cWg%b^Zp+w&QVOR5k
zoMYQZ%FqBXnN?4;?IuL6D2$UK+=%X27N&K{^aB9%k_j6X5klQw<LG%}@<a4FP+JYx
zzp#EIqPTn(o#D~O(Fs@bM14{WrZjwx{em94ddlDvrC(T;)p}b<t;Df0H68|la?bFT
zGHD}`=7&1`#5g2~jAipPRvx-oT{DTIi)2ygI1es*J2?s(EI+EVFD|*{nGWLDF!PhS
zn{m|$%7V3@=v+CD{FBP`$$Xmee{?dR5Lzj;@;9$`a8vFlIurxo%tf{Iy{pQH4L`Rz
zhRxnFr<B6*jCMR^7Lpd}N1t#*<M#ON|MvR)_a=QdUo%*lHG1MgZiB!*X8%_<_kUIT
zCz?oI?#Csu7eIKQ3;pWdL}aYv-XGc59fx)@MbmXuW5aBux#we4xc{?@nFPCWu0aBE
zV7T7OY}<Aw8MY%d@)f>(*D`UAR|Aai_TXXzQb^JMvO4Sj?}WVt!jXjILagH%zBl9S
z?-yO#+vqd@g|KDxOPn*T0+gY=#I0yuP)`G|!%R{ng2*zAFUbTbK+)KSv))|9%7TiW
z-J%{Em6FUY%1Q?XQI)<-qkv%r)%sQ9gLPt4r)Ff)vni-@^oRhJTy)!qbnS10m47v)
zz_zAm4gU+zz&Df27y7JySBg^~9PE0E?A|hHK;j2fd?LucWJ!S7jaWbok%%7yoz=mR
ziMvfbkH90N*rOd6V*CwzW>{v7ay_gv{Z2EQ4Jf-_tLyY`P92BFbMXW*vvW8@1`+Ac
z6+j_S-II6<v24cRpC5l^?lI}gZr&)pYzX-?1w#ZFU`(UP-B8KXonH9o=vghQk1ui^
zt;5xUV;=VVpVwUvMP=1_oq7O7hDL?)ZmPv(Hq^U9O%)Zzf)*1nYC}^L)v%;5%E>e|
z)Hv}5<vK8ZlJO(^M$6_ir+m)H4Ya5~1FqCF%T>#r;z|p7Qy(374#}qIro*&<bOC+-
zaYYoHFCO^o+fVS@I`+>gTdk!cZ$8O0^HA==w`V%+XQID57-5Y^izBCo4?(b}Y#Arl
zn~)m30a^RygXvb(FKiXGgXpW@(+dKcETKOI>TcV&MAI*h11^2^s2x(ll-=@JZ0aE_
z!n2hgBfx~B)Rb+}uWV~>gmj3$d>pfk)HySOM>(NX?v&S{&n1h*{Kd7CUXk;5mp-02
z)s<4I>y2B8n4Q?7FkB_Oh&)XB>-gOvk)?6ji+G*I`lu+0o4UdBC^iY$LaGx}ic<N&
zEavKxwB;$?p52M*?NI6dfIY&QY8<P!{e0{KQ>ntRsh31ioU}X#P|qTB>SoRApXHpj
zWA0fuwJ3kCu)d9t$62co=W&1EK@S?&3N6QTkyW8i06|f%wLZ(2HGlLK`OMuouaEC$
zr#sk|lpGNbK|L7FM4p{r&CmXu1GPT8T74y?YK=JXb)z~<Kna2wK)o~)n^!`#&{W;D
zahmfNPs3_f%#9=g<I|YGKBu9ut^_Y0uYY507dQXvQMiyaZ}zl@$mjTUBu1Eo%knxm
zfXl+thtr8XBk`V7r?5F@XloZ8t)VD(fJ0-f#S<vpAm;zXe3K)fnzLdX(V=>IHkL7d
zH2SgUXx}w6U;G3sW9$DtZ|e~TOHtus--5X>pY;K~M692%B)bd;!F1bEz}m8RMrM(2
zhz~(R9b|BFWGHUejO#u~d>*IsNPJg>ItR;kAn%w1ZmnV)?5Q?XOBOB_#fD5U6zT?*
zM)b5)$($c1;o{vAMRUmY(aL=n!|#xyz#~3!zjn4$p1A&raVTKvT^gPe+4Iswj4v|R
z{!hiU+WKJg;m2Y1<k>fO=B*5C`HIfbbZ@kIhVh12VZz@6Pw&|~v-75u5=!m&sJ%(w
zS9NX+N?0~Jq2Gh=FS^fGw8eMM7Zq*c5f;vdN;T2-L0fWGH2Dssyb>iJEzxtEyVSeT
zZ&eECj^F?^Sh(!O^30uo`s9B38P-w@eU3>KU0O<a*pGbTa<kRkXLTlDos5(wKtkdN
zaDO=HSJ#KudsAXpEPqH}^7dh<y)m7!otP&UvuF1L$j%^%Ikm43Qe~)5zj6?g)rU}H
z+|CU9dS7yIy>#$LMi(KDXjz>$4Shf_iuq<*5Zmj)zkpXTVC84chgSyoR>kMzn6V56
zXw<Af6#;#rd<Cq|xqX}+@1zS>>Sv!5Paya)i<pdQEMwfD^=be3F1Oa|96RLDZ9Yro
z_g0_T)`o#vm*J=$r?;H%!w0ha@=&_sGxR*v5p#Z~Xm=1aOhACwwgC9$_AJb5PC`ZQ
zjW^ATs?mYhJ_2J}*~Ke_jM+s9>xEEmdS`k}vqvN_JY)I(%y9b<9gUs*kx%fT>km=P
zO~(lg;2(h94WydxzHUh69zS9c@xLxbr)^rLHnu3FC^Cr_rxxiwPeW>^y9T<vI!|U|
zRyN2*A$PqmE+Nse@-&r*o+vMV<ZxBe`@AHIuucP(PZ7+?s2TbAkI`05zJcH&Vj`#j
z>>#6S88eUfYdynXj}DQ|J>%62GpmYGivprU;vI6jC*05T$~uTUFB9tI>NQIR?N^wE
zQ%+7wVpMr?Q~7{_so#m<H+wl6*+oRYB+#QlG^4~Cbf^WS7<~c+^sVaa9+?Xg%<g=5
zCybULq$r*kO_^zH%bTeUeja8F04yM-UHt^XY7vW&7mMEB+dBu3I0A8x+{zkM76E=A
zNgn*;bE{Q@PX*kp_-CINR4?D1+4yqH@KW944D^BKNiEFbaYdD*iWCi~gm<fhf@M*d
z!K5t^JQJTm8k{h9cA>Z~8Q4qgW`7QX{Dv?-a_Rh)dTTGyS%n6N(H7hZy)9EXh{#T^
zqKzugLJ-rpR`>Vl-K6!NwvJ;&JVuBH%tjjQvIX#p2L%uFjzJl0we%uf*Z1Ag@Yl94
zJN{8`b(iQnr|nb~n0P*RYEm+|X9qum1dBD8#Hgnt;A>wuj!Ucl-?bw<Qr@}9J@I*_
zH#9gg@`KK5RecYG?*eDcn+;9Sup$E_7&<Wx?QxvCL@|bMj>B7_0pPD%$TjI5j(2jS
zt9>HVfAqFhREMy7)DG<HLTbq-sZ1m-GcQY7=+L^TAN9P9U!a_+JE=<I3}bz(;cBfy
z!O(nQPZI2ye?yS>wG1&MuIJ-0?z@Rt0Y#(uT_8?!mr>N^Q9~#(QJ1iC`M2h)J|wbl
z)<0U$1EShWJK(?0+^-ACCP(6hY}#{YNevX2xC@FjgfT=Z|Ks(3aj)!3#-UjwtS<Z6
zWVW_6`LT&EQy_R#@Py(`zwdJ9CUfYt;E|90awF8<zx6Yog9R?%u4Uzy7R7T(o9-uA
zuWXJ24^@h)k*|dfmK^fz#d-4Oe9~r807ZEyf<Y|<@O!r54wdM87V2q~|5X##rNk3H
z7ax^w{Mklly`135i^c$-|IQVsEE`O{3XQ@bkXh#?Rp4}yy~|+{zH*&ry|E5i+E7Io
z_mFVYltJik-1fwXO=<nv02N?azFRB5+dm8Kj63Vk20g1i9(us!X%dfnoCAG7w3faL
zs9)rC?dqeJr>Gz_+qI@2rOK%f`Vpq|m{Id8ncge+&_}&siB2Kox7(#E_BmpmA&a+<
z$r}|7bkm(%i8n@)LZCZbS}`34KKvjZ)Wv;3bdMC7doVG-zuV+e_7Cfg7e~m%+X2JU
zwPWt@B&brIBL?zahhU@tfFfZQVAjzXHya0&8_{mW^4`3Ll30ep$K0yAy%|-AY9-2T
z{V86LdCG0U+jq=^L1)yVlT4^xn}rsrLA&Ys++QZlfK|TkZB!d`q>r=I>!))de4;uC
z1h03S#w#15+P?o*V)2m1slqk~ex|5L3JT=DBpcG^zzLfcZwDR5x$KxA78ZBvp(Cp#
zMNx#xbj7<KCqb?h+EmXx|Iom;w36O`@%AwkWYCwopkfJ)?OENqL5&bp8))zfo)`NJ
zYm@7|M^1{BGiDO6jKVJ>^xL7eSja{9Mw7=tWV{<B;Zs<_Q{bb+Yu^mdmP+4L?dP;l
zRK2y?*|)I}@rxk%KC+4$Qx$2e5+Zt-Be`N}bfattTw&8=R=rxx=nq(dUJOjoZySSz
zqKpmatipTHBJro1aI+3ox$#IRuX;qPzv-EVhfT0iiJIF?@f`zJ&C+HZ)#<kPLVsRk
z+5tT`l6mX58Z8bhTKU#;EnAgM!&raC?E$%-O>n~{FzZURt`Fv8y@v5=HW_{>(_B^e
zcfn61JH9Ob6|F;+=<1^Xu9X&@MnxOG<y;Y32FaHU7^~xH3GS;i8VUsQjQL{`+&>t}
z8I$3XTa7IGQlP2MmVMlYe4ou<NeD1mbX%52-WZwc${8jifMCw^EGvtJmXDin2^Hvp
z)GjlW3~AGRdfK9xr^U+sg1!S$(lPFq6U5~e(jWw-y@5J?>!%St@hY+!2$|$hu0Q$A
z@<%ur=_lHnk(aF@-rF&<f6isXKT<MK*Wumvsy69&9~uwn^OygOI0U%chP7FQT?jo6
zt*U$)XcX$hJ5Z(1Npkajh~Crw+&=f`{s^U`WrQx*M*J9C!FTe1VJkD`rJ0ndx9!9j
zbgWvU{fBGrci&6=j8>7ro=XTp(Rwfy{JqSg<~r`?Nof*JBliF!-OYKoA&gEpnVB9T
z9<lwyUjh8^%=RcEnT-e^$0A>=qFS_cR$p#=2?%TsFIRT1qq=7_?P~slDT+7SDq_s$
zb<8M5x$QV)&Vr<V{&6xUhi9_Uv(d2#-<5K{6eEI1?fV|}Q-HI(;axj5gXzR+(0Buq
zOKi^3zq;xk@C3$R1(t4bqx-u_F3G+g41Im-!faup3p64m&nFML3DX(d9D!a4+WUu%
zNdevz2pNK-U+9&Mcv`Ufk)_jjC29QO;%Ek&(u{`*^+tCay95sZrkmP1^N^YOE(@lA
z+4^d&z&y6)k2{1_4uqeQ-<kz1__y7<TuN&p!Jfqvo$Dc|O-?~D3$20c+<=|X9@4YW
zG@Pb2U<d3FY&zT2Aj&mHTXG!?c=_NQwxb6bFw181v>yp85N}t3U!g3U8bauPlykuH
zc_`ChmI~Jf9c91j*z-o7T(bCNv@PqQK<r-HnUbN1es_tpeyV-?TLJegJ7h$YW|VCL
z!Pnhxx{?Y5D3VV*%{mpN>%k)0Df|M3=lsKOx8Lw~n9V9MviPClt7979B^4G$01742
z>ZtZEm?t_BI$wzQ8p@$)x8N4zRc|dW?=bTam;MJGafl>!P7KYo<poz>&P0{RhQF0$
zSL!N<3l3&A)HzX}mG`{^PnBWUtZRRPFIm0((OnKBKI9M6!npXgd!OmabdP3cB=+8d
zr`F6l_fv+n{pL&|=NGBJ()&Ng>=CxaF0BoJK4kJzM292La+Y{0LD$s3$2Xng!YLqb
z0a*Vz8XFQis-H+6ynZqFPW;^L?e610^E$NuegoeqA09<4rKF~uRz`Lsl-3Y$k^QC8
z<;!9zS#9_YK3fKc1u^|LZ6`Uj#*ce+cgLM8(-;IhKS7@r-Yi&JGQ_yT=q}%Lh&Mw0
zj}-0tAZg2GhjVZ(ydPJE$Tg?9itE;*AaS8N;?ga=cv}1OT<VU_gar#v5+D+uhkOI4
zzrXVmk$i_~XU)U0fTf3n;7Ylo^Hk6IRz^(nM!?)Lx2~QhTdMLT446ZGvoT4!_ZO|G
zUY+J@x-%OKY0M??<G23PzYuT;!RshDg;x$w6Wl3EwZ8gzFuEzrM?^@m4Vnv|lV*XL
zdvF=j8<$E?cQv{6W6D01TeWa_aM(3wjgxOM;x9irteEz8K2_Q-IF1BGrTF+RMc=eI
z+2k>Lo4abFGy>~42TB~SDAkw*jJDYEu(|V=abaOQ?DbmK;^5y$mVUp*FBNQNMdn-e
zg|8%>D$4Z>qYaP@a(t?&tNQmbxpFVA`=@1P(<P^>nvS>3o!6dc(tXiUko9A)rJs>e
z<#Lwvm|L|ncar*CTu(`{95L;mGnBHU96DV8aTdIj?>KOk=f;^x=Z(l>6^VDm@)c9Q
zE}vZJh#Blx0^|6W>m;fhr%R(8_S;8ZDcb>Y5wE*EkJJjX6`sk~dPKre|ANlCwf#%C
zxt5DvG+tlfEr(xH0dv@MwzGI7LoPkZDvOYN$(;67L{LvI5_~{gOKD~tNCbYpSd&06
zV8+hQ{0;;#HXkic=!c)*h0v4YPaaBuRAT)dal)W>NzWhDo$?KI@djN<4Tpo!T+iuf
z*q(e1)SyQ5QlZzM0pjUK=0BV1Pgbrlh(YAwnzV>Q7Q8=3H;F`SrN^4nlLt*mk<wf%
z<kVc;3@iL7Vg}mIisw%K`k_QuK)1Fea+`_0nCKq5`@B%Dil7ogD6uh5<{>XR%v&vw
zDzjm}!;Eif$JMOv*115XJwIVj{t$&+Tq|BbVoJIt+`w6L*KF6oXAOqZO_qS<AA%gK
z6_ZM~YY`eck*?(Ug+3`Oh5yjwH%FD&tNp+79QG`jYEP;4SL{BRR*|{sGdS-5R2F{b
zQ}noqU#@}2_gEN3DSm{kF{Bo#hT@XfQVJk26V6F?{0J*wZYu4MC4z2=KIYM*gaY&+
z6wXrJ!Wz!lBnO^}r@Pk;euMD^Ogq)Nw&AmYJ{C15r{mF9FeQn6!>i?DKQF3aEV^r=
z-|i9`<2$9cl}M4)lLxycdD1ErBxq99elL)-3Ha{ji$GaFZKPJPmv+wp?DLRuekSsJ
z0*AT2b@6{6#(`-<RFM#YexD!pDYA$efi!%@)B&kgi#B7o=j!#}XCL+x`*G0>-lj^o
z??StMAr*VLEgQk!AXwyl7dmJ<r4XVBdS5LMJs7I<vmb!!xost%qFYM&edCOI>S{(`
z39WDPi*pqQ7oe&O)h16-VU?@W&)K}D+$SgZwcG0iQmA+7dX~4w2XC1sEKBPY_7Vl1
zsF|%v)Id<KzV)6ovq&h#VrX6Q$;;T!+g~@fX5>wGqP~PJ4?LFe6>`5$G5h!-Ar!w^
zl$9GhGht%N!|o6x;PVM=;`3A!_=ql*<?bJ_uXW|J=tQ010qr}F36aF*Z=6+WV4Ahu
zQd+og*uK~sIc0$S5%e!??MZCX63T3XezJ2f61`Fr(D<GU98(QT;SyumJar<exu)rz
zOOj1H)#QEMe^8FW>_sjjMFKNiws!EBnHGzB2v-R#ir$Si$z#Utg-83jy=FCYuSV>E
z6K_^amx?%ff&we~Le0VsXP-VuM9Te0zUea2g=wMsyNQ1{;XuOh$Xwc~;Y~0%p!Hi_
z!bV*Dsh2~Xm<I~RGPw3+JX7`r5dRAs3et=w2Sr0shSfcKNd*kuBv%k!_e%j;HLluz
zNIfRzF0=vsdVEGKb#jnN2FJg<^K0&C3QEhH*A2C?3_v9wFTHA-Qc#XLe~r_kIpr7A
z^knUJF4#ihl(4;?uw()qp++I5R9=ybH0PQps347gg^rWqDVEu9stx?^vTNy|R{JL@
z`lR2qqz0hVqKk5i3RWht>Yoo0t(R5ak&jI*`VyiZ`HDdR!@K^4+-7<r?GUVBNF8&A
z602n%BdCOsy#&QrR>kDCf6tmZetFl>`cL({d_)c#)(X3OLSM34yj^_z6b5v?56XW$
zREyMM(OY+LaG^6rm@oEJ&*<4>fy$0pt#y<fzwBd9q}(A80J$4<dWEnHh}bV=jZBen
z{5jK0^<ZW{q_ZAfhh>{CP2;OYm=xbNQY6jKEF9g;68<CZSen4(Z%)-AN-fLEu%$Gi
z8jp(fri033a*5wtaYp{uV9v-hf-gV)^-D{-62e?D)+4P|tD<1L7h8g}1_!Zp7@n>2
z+sfJv?Bzvybg1@-CrGCssUz@};iNseB(yOLQ5Rm26PWOWjjk<gsD3ZcCt3+d_6=0k
zF~CW7i=nepk)^RDdMyZFTu^h|o5ubslT5D+^7zFR4NxzWO-$##K|C4BoEy;KIk1}D
zC)(V9KBu8W=7Ryflw+2c{P1678VhVZEj_P{T4tlBjLn8ZXis3P&t|RdukWAGz%yA5
zbnCZ|*<x6vz!7boNVbl+gz^@8PGm*a4*nK&<Q@8wYeCqSW>bzebxgpq7p33GD#Yqw
zr(dUQZx%Wa^aopdhvc`URaJ<={^ffC-EbM?U$XPLWj4;FkV==Fn!pTJZZOqEe9F7X
zXV5lISL{7EHnm6+@gc!*18m7aGJIM>97`0E=%z+(xG%_JH9?i)p@y_4oKAA_&s!zD
zLqy|kFfswZ{hsQBNu|(8{0R+7n*3=m7%A6e@rud0p|*yZX>d_769kbRav-uIHy`Ef
zhu-iR$C27+l5Bj-MA(G<m?GgbUZM<aMkJS;uOgqupx}oaLQ8?MDwMb_rkv%PnU+12
z);^!^KOGx17&p}Mz9Pky@*eoFA?veu9=Oprkq|zX>uzxF9=n!7d7p_mQRkjW@Cb6y
zi7P0#<trDrCB7tUSm%|d_Q)GAeCG20x5&z@h{>KHA=q|>+I(-XPf{>n_;muUgQWA+
z3(x|S4ILY-V@zPadyQ566k_V4R&2?#;5apEXLy$YCvSl0oAih2v=b6L=9N0wZ~|v0
ziLAALf4Y{*FxW8m@7H*v@0p(RPead26H1}@ac87YOum7WC67O4{$(7J<d};jAi?Rs
zZ>904QjY!d!e@1Q*01K_(FR+!MZ4Z8W|BuyEAgVDwEbC47>m`edufKLg+x>a=Va*(
z8?Uz0kiW#TjJ3Lyk*9#s27U?~n*9uoE}OsW@Vd)8w8$E4F+8hAl|VgQVEpkMW2T$$
z*AufJ`*vJcE5-6~nLxJZ8_sj0h<Kvc?^@lj_9<p0B-uoG0$K8sEfXd$$sYttpl53r
z-m2Z(<`t#<6S5kxT4iiexh|>}C!?D5sRn%4phtU7F_s#WGVtnp29AR2N(H`p)@fnm
z*HHS()hk0dvSV<G8yd<vv2x0{d>sC<=(XOP<%Ab$!ZiA+azS+mnf5RP$K|pIU4s*x
z3BdCpS!otIBA=yXiYNDsSl%n+Y3%B%9y}@Typ3UM`4M@LYrgH~rZUIfn+(wQxe8sN
z`r&4dS>(Q0$usOX>C4KNw!rS1pN!8Nyw0<mP@p}(`gmCSA${~liTGwK-OccHPN&X)
z(1FAbtv+C6VfK)I*sRDno_A111%E=O`GA#JjhNntW{NYBNlzXfIEH;z3cMd$!x10t
zu7?bNQnapbo*2$5!TvZH5LiMseT08|+t4{2#a>2i`|}H>aB+hPCT;b)duy-B$@xFK
zMrF3MVhCnN?xgbJQ*vD%QlVoaryy~*-pr1Y)Xr~1m~}Kz&{E@?aJsR?HXUjh+7-tE
z>j2@wi{~#r&Qw}U<D0f@LZ|_qKLd}Z#uH*i2n)Hc484qXRRKgr*Gv)U@Rh}O0JKW8
z3@RX`>7rN8!{fz3YZ><LYlJYuqD)mpC^Q|xK+qVl8vQG4<kR>85sXexp}x=Ufd`j(
zFj>Kt>Immyi)nXU|1u}@X;6*9uh8N`MorD7UQ{})y4oJESM&&lHN5={{S&C?8N$AJ
zTd}#scZ(G9LDlABAXbX)A(bGew@tRJ^u=gF-8+nlhPS3Gk(qG<=mp=}4Sb_kuoFB(
z<W^`$6i3O7LNm}RYgu1hQtmT+pp@smu3}Z&FBt7j+y$|v)V3#;n^2=evU?X*bkVtm
z>dHW%`Lm`qJ0qYvt>}?|P@_2|_G|D~bs`n+qUn)q&wy6RT2@`YEhiUqG$E01pjk{K
zhu7rk1(oCESqjA_3+M0qNXW+o>_AYa9iXl*%n_G#xfC{}=aVDb!@UM-3e2U%l39+i
zU~VmW%15hwK~FTwly~S&Cs{pt$i79}s*SwP#ThG<xn)4b8WbOt@yv56E8s@YknnwX
z@z=$45#;Ko?FcvX6A9%IKJX~Hy|)Kelz{%gZi&qAH7+fmji-X-C_|B;fj%R!da!tn
zaua8SkAm7l-(uClm0x2WNrA_DFfpwTOzOkEnw0vmfIZ$f&e?9wUhC&1<%B>1WrwNB
zsYIOn{{xma&JVPFyySsGAH_tO<WxvOW3<qRi@ltcqiBa@;{4*6e**fzI8D?SV@ls%
z;oSX}fwjp)(qTzs^5HCy4-nx)-YvQOLmvAfuhvA*rN6MG{o$43RFn?};co9rY0vq{
zEQ4g;f3bQYPI?>IZnv2AJt8RLK#{5GTA@#n9U*TLKhYUjm*rJ^hq!B?Z*)_5_s!1<
zRzv`wd52_#VG}fEbAsI?5lHi6Qv)atr_^e<Gy0S5IcxO>T1`zPl7LxT6o2M4L?n{(
z<vki1e^2+$%1fH#?&UKLHWo|^#E@_DRAy11kfP=jwFSYN5n33FH(Gw{7wLh!D=O6a
z@%2GfFA4F!n`ag`%p&ooY*@yz5qVgjY;^G_HrJy?3Y<|;2@8PhOByWKQKv(-BMWQl
z&38%^n0x%`#XQCT4D`<fbf@Nif}qs?KLPfxa#2q0qK%6UZvO9HAVB*1)4DX;fS6j@
z$6c4ZD{V(KT<<9PKc7-olX$0!Wtsv$v=F8LH@7gTx+D2tD#ZUp;`!gI5dY<l{Eybt
ze+BlR)WrTPu>XUB1;EV!fPk6-LlPUnM?6-~A7z(F093MCKtKS3m>RIQcEI8l`ak?o
J0Iasoe*@iP3#tGB

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-167781.raw.txt b/tests/fuzz-tests/images/bko-167781.raw.txt
new file mode 100644
index 00000000..f185fb6f
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-167781.raw.txt
@@ -0,0 +1,297 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=167781
+Lukas Lueg 2016-09-17 19:01:47 UTC
+
+More news from the fuzzer. The attached image causes btrfsck to overflow it's
+stack by what seems to be an infinite (or at least sufficiently deep) recursion
+in resolve_one_root(); using btrfs-progs v4.7-42-g56e9586.
+
+
+checking extents
+Chunk[256, 228, 0]: length(4194304), offset(0), type(2) is not found in block group
+Chunk[256, 228, 0] stripe[1, 0] is not found in dev extent
+Chunk[256, 228, 4194304]: length(1638400), offset(4194304), type(5) is not found in block group
+Chunk[256, 228, 4194304] stripe[1, 4194304] is not found in dev extent
+Chunk[256, 228, 5832704]: length(1638400), offset(5832704), type(5) is not found in block group
+Chunk[256, 228, 5832704] stripe[1, 5832704] is not found in dev extent
+ref mismatch on [131072 4096] extent item 0, found 1
+Backref 131072 parent 3 root 3 not found in extent tree
+backpointer mismatch on [131072 4096]
+bad extent [131072, 135168), type mismatch with chunk
+ref mismatch on [4194304 4096] extent item 0, found 1
+Backref 4194304 parent 5 root 5 not found in extent tree
+backpointer mismatch on [4194304 4096]
+ref mismatch on [4198400 4096] extent item 0, found 1
+Backref 4198400 parent 1 root 1 not found in extent tree
+backpointer mismatch on [4198400 4096]
+ref mismatch on [4231168 4096] extent item 0, found 1
+Backref 4231168 parent 7 root 7 not found in extent tree
+backpointer mismatch on [4231168 4096]
+ref mismatch on [3472328296227680304 3472328296227680304] extent item 0, found 1
+Backref 3472328296227680304 root 1 owner 2 offset 0 num_refs 0 not found in extent tree
+Incorrect local backref count on 3472328296227680304 root 1 owner 2 offset 0 found 1 wanted 0 back 0x60800000bd20
+backpointer mismatch on [3472328296227680304 3472328296227680304]
+Dev extent's total-byte(0) is not equal to byte-used(7471104) in dev[1, 216, 1]
+Errors found in extent allocation tree or chunk allocation
+checking free space cache
+checking fs roots
+checking csums
+checking root refs
+checking quota groups
+ASAN:DEADLYSIGNAL
+=================================================================
+==9638==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc0e2d1ff8 (pc 0x0000005f2ed7 bp 0x7ffc0e2d2010 sp 0x7ffc0e2d2000 T0)
+    #0 0x5f2ed6 in find_ref_bytenr /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:253:46
+    #1 0x5f2cba in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:560:20
+    #2 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #3 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #4 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #5 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #6 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #7 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #8 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #9 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #10 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #11 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #12 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #13 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #14 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #15 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #16 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #17 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #18 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #19 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #20 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #21 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #22 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #23 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #24 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #25 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #26 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #27 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #28 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #29 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #30 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #31 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #32 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #33 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #34 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #35 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #36 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #37 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #38 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #39 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #40 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #41 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #42 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #43 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #44 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #45 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #46 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #47 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #48 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #49 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #50 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #51 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #52 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #53 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #54 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #55 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #56 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #57 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #58 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #59 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #60 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #61 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #62 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #63 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #64 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #65 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #66 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #67 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #68 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #69 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #70 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #71 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #72 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #73 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #74 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #75 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #76 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #77 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #78 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #79 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #80 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #81 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #82 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #83 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #84 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #85 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #86 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #87 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #88 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #89 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #90 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #91 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #92 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #93 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #94 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #95 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #96 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #97 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #98 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #99 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #100 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #101 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #102 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #103 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #104 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #105 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #106 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #107 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #108 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #109 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #110 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #111 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #112 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #113 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #114 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #115 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #116 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #117 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #118 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #119 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #120 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #121 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #122 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #123 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #124 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #125 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #126 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #127 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #128 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #129 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #130 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #131 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #132 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #133 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #134 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #135 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #136 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #137 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #138 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #139 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #140 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #141 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #142 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #143 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #144 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #145 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #146 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #147 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #148 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #149 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #150 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #151 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #152 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #153 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #154 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #155 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #156 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #157 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #158 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #159 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #160 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #161 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #162 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #163 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #164 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #165 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #166 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #167 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #168 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #169 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #170 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #171 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #172 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #173 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #174 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #175 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #176 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #177 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #178 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #179 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #180 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #181 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #182 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #183 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #184 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #185 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #186 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #187 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #188 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #189 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #190 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #191 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #192 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #193 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #194 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #195 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #196 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #197 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #198 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #199 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #200 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #201 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #202 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #203 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #204 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #205 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #206 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #207 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #208 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #209 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #210 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #211 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #212 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #213 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #214 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #215 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #216 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #217 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #218 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #219 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #220 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #221 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #222 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #223 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #224 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #225 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #226 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #227 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #228 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #229 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #230 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #231 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #232 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #233 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #234 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #235 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #236 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #237 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #238 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #239 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #240 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #241 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #242 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #243 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #244 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #245 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #246 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #247 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #248 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #249 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #250 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+    #251 0x5f2d1e in resolve_one_root /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:566:9
+
+SUMMARY: AddressSanitizer: stack-overflow /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:253:46 in find_ref_bytenr
+==9638==ABORTING
diff --git a/tests/fuzz-tests/images/bko-167781.raw.xz b/tests/fuzz-tests/images/bko-167781.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..a4bd1de569d1a0fb4eda0d0990544e8bc582d510
GIT binary patch
literal 3856
zcmeH~_gB*i7RA3n0zrg;fFP1+kY?yrASgxYgsSu^(iDh-7=joOMHCGXih@#y4k7_`
zBGrhnl&GOfM=1dk>7y9hWM_Yv`DxFdb!X0=vuFJa-aDUj-@W(korrdE0|3zchv%l8
z0D?mj002Rn%Ud=Z!`0>qAnrSr2=cf*P@E1&+u0*eq>5>N85Zz;LqFH=O(7~&9U$q~
z;hRgFq?+%Z<y|TvMv41!j+syD_kBSabzr2+6dHM~X2YX|Exy@IMtp4+f~re~EgswC
zRhX&Pm=Rg5^(e~-g8!`0g~oKG$g8(I<P)5tZdx;#*YQSy5^}o*nI8<eWgOyFKoeh8
zct_db%9YADxQY!C3))+l22New^&HjRz2~ZTT<{UJ40pkiOcGjP#ONu7P3RgvvI1+>
zRw3Ia=T;eK+w&y%3S=Z%r#o!o1_WyOOch{CZ$fUL1f_FjT>>}nn&^}`>zf>V3~T!+
zRKx7!nH}PHj^<BzI1xwK+ltj8ORUGf>GkdEs@s@bt0w>+b-vrL=(N^^R&Eq>x6nT9
zxa9MDR@{85Iw)jU0weG+sDN25&(GD@o0`ATf3#p?!9pqRVgG}{SlOh*y`oKv=B;_&
z`teI9F^8_zB0cq>GJYWj+eV<o<wR}p40TLEcYuu0bKD5J8w+G>5R{AU*eSFwQcC@T
zjk{&c2hALnbGTo%)W~z9GLX8S^8D@O5WYlo^9O`Yl&bjflk2F0>pl5rSSOTxCO?PQ
z&6#eVUAr5ps5;(eca|vih?~p1`!Y&|qJAQ)M3kdsv4|JBRLOReeHy<1U|LzLZi@8u
z<-D?E-b?b-gucwIBs`M1As6}W5QRGnowYYoGn5K#mvLl$C2FgIOGqo2*O$>|`}>GO
zmHf5MdiPk{5w|u5F*X&LT0<B};!1cc{ftm9(QbG+HeY9~yDL0{zaOHh1C$32B5}Ve
zfN?<;TqN^TX3OL1V(rX<X9Z1?)00M0(yq6&^BCzf@r?Xe4XoU864tS2hZ!{g@GyKx
z+GimVTPVYzcXq;gL6HY@v4StfGO-N$M~vmg`%)T1>3kV4#hoRdS!GuXugeGA63rMq
z-C;2?aen5@AW50m2rZF_HH?XOK40?0Ry_1{?z;{G{`E`vxMBdJs(*m91~N@k5c1VT
zU@2!wvyl>+Q0aT{w0T?;V{nGIvb1!yBl>UL**}G4BvUyW3ULzrR}j??_QF;@8_Z^)
zi_x%tB`g0B)RyPuYQdmW1sSN;E4r5`z!pqrU5RpK@x5bb%9}zfc4MY?9;+%lQBo3q
zxpkA`|Ie9L`@kCC*UE`|xZYs|IJmSju03^~qq~D4Tb*OoyE_gFSKq<ij~Z`HI-X=5
zzrc%%qas5-zCf+Dw<z22^6TWY1vwOfWw|2P%>Z%jx|>I1w8zpPZ4Qc3+o+mN7u9R=
zS4^)!j&XzvJ8Rm)^IM<As7d6L32I^gnF9XAw%(P{Q&s`Sslxw#P=Ac(V;>65XD@OM
z0jHRP1+zBW-7s51c!cgJ4*&ZH+U5><?ImyTtvXzISH5?HtW#tht8HXfn*xBIGY48P
zHXInxZqwZ}5mM#*92d!VY2XIt7o(7R#OSPnoO4b^_Gb4%$o}y?fgKC1x|;2ntXcS(
zDfrr!%mb145I#`4SD;_7tPd4l&MEsk45BSXI8rg9(j}gjjP%P(J>6_hZ#1DKp`uqQ
z($a`rjmwg0q$=Xz1^Nv;a83Iu{X$KB^mWg}jzd1o0ZfacmHfoWYY4-4(qO7WSL@Nv
zsusho*ax&P{3ecHFeGP|>Q*?#0W<xQIcu~%AI#hdHtfJ)$bI`@<4wsjB`yTf*pdx`
z;m-X<7LSKbQWh<7d}tn@)j;E<)I&z0*p#bZF1^CO7=kJ<*Pmgo`tA6aP1E}BijqVg
zkI#0}9AZ!9^pJFt9G0u33nR|Id^AvFO+Bc~Vok8EPC`^K3CLFn1msbsP(wb%+x^kj
zUM&`LF#UED@>Da<ky$IG<y>BjCqlvMOEHzBs*mk`ZH2m9%pvGyHm)>MD@cE?{ju>0
zq??Q3&l|#)x9q=Jo>@1)xvC-UZCUqzf8IX+IP9ICK<U{FwBs_8^V3>cF?@Ix)B?;b
z$X6-jt6{I9nr)D?bxS3D6>)Dvvq+>^%CBS?)&jn<8@47Kdyd;~MM|ms+pPQg40jXz
z6ZYefYw$Dj9lT=>YZ~}WNqh1s44MWsAN9tgJQ5Fy1(ShgYX;C%zWEbR6|r%f%$0<%
zRZe%*{nW|u=MvwJgzJfxMy9^K_ADM&4$`z6neee3IY-aCOSPbbwl#a43{0*v<b6nS
zxm%5wIVC*SU)Vlr6gyn4ShGYp@**9Rv4NIU&+<Y&8Fmi!BKm{w7?s<p%JnVuPl5$i
z?--u;?#BgNqFAZxBxKn2Y;oFD+SBe)%)^I~0g6_Cg{l9KpY-o;GFMuV{0}o!0G1*g
z%l7`yjqZ0U|00a+p$2t7fPF_O{Q&k`=lCN^e<<wVD``J~eP^rvUSM(Dh5#5SrYEdu
m1HiiPF)}*-LpQ+j85S282MO&<gV(kP?r{G0_W~eSx4#1~w0C^~

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-167921.raw.txt b/tests/fuzz-tests/images/bko-167921.raw.txt
new file mode 100644
index 00000000..04ae8a19
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-167921.raw.txt
@@ -0,0 +1,55 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=167921
+Lukas Lueg 2016-09-17 19:16:19 UTC
+
+More news from the fuzzer. The attached image causes a call to abort() when
+running btrfsck over it; using btrfs-progs v4.7.2-55-g2b7c507
+
+Program received signal SIGABRT, Aborted.
+0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#0  0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#1  0x00007ffff6fb02fa in abort () from /lib64/libc.so.6
+#2  0x000000000042390b in run_next_block (root=<optimized out>, bits=<optimized out>, bits_nr=1024, last=<optimized out>, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>, 
+    ri=<optimized out>) at cmds-check.c:6424
+#3  0x0000000000421d9b in deal_root_from_list (list=<optimized out>, root=<optimized out>, bits=<optimized out>, bits_nr=1024, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>)
+    at cmds-check.c:8391
+#4  0x000000000041d1d2 in check_chunks_and_extents (root=<optimized out>) at cmds-check.c:8567
+#5  0x000000000041bf0b in cmd_check (argc=<optimized out>, argv=<optimized out>) at cmds-check.c:11493
+#6  0x000000000040a10d in main (argc=<optimized out>, argv=0x7fffffffe218) at btrfs.c:243
+
+parent transid verify failed on 4194304 wanted 65305493131755520 found 14
+parent transid verify failed on 4194304 wanted 65305493131755520 found 14
+Ignoring transid failure
+Checking filesystem on crashing_images/id:000162,sig:06,src:000059+001444,op:splice,rep:2.img
+UUID: 056b0872-c0a7-4121-8ac9-2263ffbee306
+checking extents/bin/sh: line 3:  3091 Aborted                 LD_LIBRARY_PATH=/home/lukas/dev/btrfsfuzz/bin-asan/lib LD_PRELOAD=/home/lukas/dev/afl_git/libdislocator/libdislocator.so ASAN_OPTIONS=detect_leaks=0 /home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfsck crashing_images/id:000162,sig:06,src:000059+001444,op:splice,rep:2.img
+Starting program: /home/lukas/dev/btrfsfuzz/bin/bin/btrfsck crash000160.img
+Missing separate debuginfos, use: dnf debuginfo-install glibc-2.23.1-10.fc24.x86_64
+[Thread debugging using libthread_db enabled]
+Using host libthread_db library "/lib64/libthread_db.so.1".
+[Inferior 1 (process 21730) exited with code 0376]
+Missing separate debuginfos, use: dnf debuginfo-install libblkid-2.28.2-1.fc24.x86_64 libuuid-2.28.2-1.fc24.x86_64 lzo-2.08-8.fc24.x86_64 zlib-1.2.8-10.fc24.x86_64
+No stack.
+Starting program: /home/lukas/dev/btrfsfuzz/bin/bin/btrfsck crash000162.img
+[Thread debugging using libthread_db enabled]
+Using host libthread_db library "/lib64/libthread_db.so.1".
+
+Program received signal SIGABRT, Aborted.
+0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#0  0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#1  0x00007ffff6fb02fa in abort () from /lib64/libc.so.6
+#2  0x000000000042390b in run_next_block (root=<optimized out>, bits=<optimized out>, bits_nr=1024, last=<optimized out>, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>, 
+    ri=<optimized out>) at cmds-check.c:6424
+#3  0x0000000000421d9b in deal_root_from_list (list=<optimized out>, root=<optimized out>, bits=<optimized out>, bits_nr=1024, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>)
+    at cmds-check.c:8391
+#4  0x000000000041d1d2 in check_chunks_and_extents (root=<optimized out>) at cmds-check.c:8567
+#5  0x000000000041bf0b in cmd_check (argc=<optimized out>, argv=<optimized out>) at cmds-check.c:11493
+#6  0x000000000040a10d in main (argc=<optimized out>, argv=0x7fffffffe218) at btrfs.c:243
+quit
diff --git a/tests/fuzz-tests/images/bko-167921.raw.xz b/tests/fuzz-tests/images/bko-167921.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..41d7157e495926233974a4293fdde15d345e3d15
GIT binary patch
literal 10956
zcmeI2Q*b5Rzoui`>bPTD9lK-fxTB8kopfy5?AW%=9ox2ToNsF8YGzK&oT^i&>Qw#L
z?Yda2p7s7NR=v*$w}+-S7#P&yVuK_E7#TPb7#JAZl;-%?mmL(b9++$6=a3c5u?}3W
zVd|(6pi%#FwgADktx8kV{!6O_cc~Uh)u^?gYz+Pt$eCNxVqsDT&@F-Tg)b1*Ul!aa
zP|BF)pbD`@K&&DDfoE@Z#)`nRA)jhCP|CulD8Q~Clqeokl!#qzeaKkc6LYDaB^!CY
z*K8ay9rOFFK739*s1%G?3#3){cT#&t^0*zKsrLOuKVxVmg??bm5DffTJ%zZh;Gyd>
zK^-6FLZZiSZ+5<QYH5ZiHRF{%OgA&>tiCg<?g3EYbJGP?Gr4rJK0nXnn^Imi8WdNG
z%*aT2EsZBqsIlK8ycg8#v~CQ7>QNEpV5VlrI{9K6&C(D!hacijRG_!wdg$W(eHqSz
ztBpvsKuPc#{-fQXLZioaJfMTlDw34uDTJ|est0B_WyFV9a4bajdR&o?@S6pDfyuEl
z)mhy{##>j1h@%672#o-3h$Kh_$&^xqCFfD+!12kM7bfb(T-4k#x&gQ7(_{C1&S*>~
zei7$s(?UiZGe4&5{%h<QHpnM`W}(IT_bU1u$XZ<+)qe4%mkkrG$VD=Sl4R#h`VTIR
zuzIho*^&3Bka)Owr+uaJIP&^_I!MS^m5DoIW+82Oe>xPJCmmSe0hEe3dW{`SWAmdh
z%TFWS&{=;T3g%<$i%cn)2a@ncIeo``LbTff_#UmIx$7<f5AMOe*0XwGQsq-Wma7+H
zQ3t-OK0m~9u|gNtT-x>8%S$26#G#i}8hmS;tfj`&)e1f_RnhD^ajnqWKhS}Odl_D>
ze1B7+cb*{DAr*buQ2p^t`x~C$7er^h)yRK6(8;7<hAQ~eR5TV7<qIw0*#W5aj5zU;
zF|xMHw*nM?v~lx0YlesmOB1<(J_YE8#iLnz`Yw|@Jgz|r?6f47hG6C8Z=>DGQ^ng$
z5e+jKn@ybf@;>Y;<BKzN8EwMmG)2BJlBt>Gol)>hYFArK0czhV<wk<bL<|haLg^up
z^<R~z8kRSlil;jzuVzS`QmbF<CB68P9k^;YL%fk8ZtY->1tdjSV1$ETDUtSn+SGg^
zWn1@=(l>w^&8Wv)cN3wM<;O@9ZA5k~3(`1cc!NRzO(bemfD3kci=pF=$_>(EM`_hx
zM_|GKMsf8bJk70zqaCUUM0r*Sq||?jMnDT*J)`%G(95sNY`x2;Qe@wl1ciWsJEnU{
z8nux~@qr(Hp&t^4N3(hxDh*w(t{FwphBM1|Tm%-ppBx1YmLApF78YG`PX+J+OuVJ<
zr=0--nNYUloh!%Tl_`v0OlRr;sW0=DL?ek>`tH&0*Oc>x22Kxl?xb4$(N*QiN|4hW
z#cFGxT}+{WP6G;>NlFd(ri;6!c6q}8ua3|Ex}@jkTRIC9peH8iF2JwH<i8}j|K8Ec
zs6ur)Uk@ZmV1oOcXxAS`LSr2dK1g1!I5ZQ<8qTAD4U>`Pp3hOi{;w`3670s=266a-
z;d%>`ZR_bosE*+9H`vl$^Y~dFfFFU&qmz}pe6kk8>Wu5@30q4NdjgIVu{JPtZ`#qv
zJF>X9(Q^)gsAUu(#t}*$TwhN7PPi_hr-8?AIw2fRXc^LrWZd0X!O)7M-c-oK>^mEq
zSv>>_C7DZvg*Gz0DqV@1X(fRf9gP9!^7p|-8#qT=EO>QQ@3Um)=Ql1dXcddp*P3OA
z=>@h!VNV<w*paDd5(xAkMLYK|<-VSwkzr%8FnMaw7Uvlr(w<EDq{F~JL`5u8j?`?#
z0R^_}sz%212P~9ae~B)Q+sid`>4Z6PcI#SQZAD9&XFxa&=))=FcaJFsow{Z19b&Ux
zx_QGyh19=qR_@Y+tDH{p>c$&ZExQD?ssc(F4vJ#<cjge(P-QKx4Q16!Qxh2^I4C3d
zpL?eHNbg~IW{#1$992oq4C;|LqjRk>RtTi3cxA!@VDVP(vMAn_@>uzU&pc0jtHDWo
z`r6Wk@{Ykhh`>yr9CC&$Ew7>#7!!LSTDcGH3)K|kP2M`h=a#(Ma$?1IF^B!kuVs1N
zlKwaf=Uh<++F2{0U#`$<`<vFcZq8FQLN}LjF0)aep5t;&@oJPt%cI@0$99r_T~QRW
z8!~syO4;p1Epf|m15;l|=HUi;l`WO|Q`+$lAWMeKoMst@PKV3ISqu<V4isvT=amcV
z2K%-5+^6t0bl#?>eckvZhDNr2*R~CcM7fg5s|#sjtNAfVas7}0r>#RMu%9gIOovb*
zyi+l<BBhO{%(8JpRH5FB61(F&P{0R^zv)nG&ca&dHYIq9j2S@cds;&C2fVxv)@J+!
zkxQNgzA?&t6g(&+`ig4KLGSpND6`qi(lWL+m}@}WhjIbhdq_%J-KeA;oJ?a`a>L+6
zn~?MwTU;sHJo!e6)wyDpu}+rbpJ{Mju7wWTEM0haGT`v0#cRjc+b(2-gc=D!LYwMI
z>|_}EM3_EfcZ@eYkM6CKJ}eHE@a!Mm@r5!sft>u|qAEIz-2u$)+4>mkPrCjVE2Tub
zusB>1%I;;^yi>20$iijb5E-G|l@FtqC$<;m^jKhLmtq(r3BR{D2@IuCYr}9(okL9N
z`HN;su$+v!s5yKhhKOXr;92IKID`729k5{`;yGl|;_rQb+RL59SO2Qrl(c^%R5^M2
zsIb_i#}%=|K~rRiJ06}~{e<`DLqDpek;?_PpqH+&o7`Tu4U#d4cx>R#1(>HW?|MTS
zD5WecYPlDEd&OsteETw%!9I&4e=fy~Na?cB15}LX-n^cnFezBWfn*e@X3y)!ludcz
z$eP}WVRrCz;M#M(Prso(LD>Z*O^u@c`Sn*}StZBny;<!h5j(}ANHI(|>fWcS)lgM2
zQhlf-|Mcju@emY)XBU^K8`Swh%8Ha%THaEOsxAYUA<1m9-;*M*Y9Xtv+{Sm2H2|nM
zdQJI^)RzW5chtI@By8=AWR{`v;0(-rBGo&Fg&k(f;o=rQj)l29YLIht(V!YtArSz%
z5pzxjanX$;&1M+<80R0o5}v!iM(Omz>yS}FD3EAav=W8;;Vf2u1Nmukt>E-#!?Uy(
z{)_q7o8F=gdb0w!My0$4=W=v(BQpDL^~ZVvejlQVuwkJZe+4oh;2WL+3MHic)R+KJ
zLG3Dvsx0YEqI><`O9YldL?7E(roL+aZ94#M?-Aq{bzHnM8od`Q-SrweMve(wsVXgs
z%&j$1{LAZdo-cqWEfRf;$&z(Psm_%k(l{7++?%|p-sc(Y@}U6YJurZbL+rv|e?BQQ
zuTP7^>4E8E1EVn2nFcp!?H0zlb_aJ!I>XH1X%A`QuANRH!m`Iv60$0)%(3rRv4Rv{
zWit6OkpUT?+aiz|dbj7)a?b#Hq%!3?x|Z;C&6t7y{3<=f1@$w9UH*B2y6E0&Cb4mg
z$<V-QRU%y_cE_;%Ix(9Fw)`tSdsDEV@O@k4dO-7Zm?^x{guIDOh1%ootlKu-HmH9y
zC2NCD!7$vIfHxTUMTRLnr2luzZ^cyWS3!G$yfGSv5~x}(S;=oL`Qe`d2!DyG8{hxD
z^G$>c_o8|clsnHi|F$#X?Ef`%a`wcK08anAczhZ(HPF$SQi4ub_SxsNckciLU*|@y
zj?~r9p1!UI@qlH!NxfcXEV1$iMmb5yHN3_6as1vY?8;<V7V^z#vfZ?EkY1~OJkZ)?
zO*S<uJiNa)vM>vh@G7L}!+9(Tz|YkDVo?&d19<@>`VQ|ga2kohG?QDpkrDB2zVz}2
z_6G2~&t$w48Pt;_XR&g;ZZR7vRcleQfc5r^Tl?5^ml*E$_h3$tULCVLO1T4_P49aD
zq--!To=t0qeXgY9{HMuq7k#vd>l=7TA-KZLGij(1Kh$AfDMvfRGWtDzz%uF=LN4Mb
ziOSW;8K~s%GW@xi<{U4#ERgpP3nsnk3M3{|kJo|b{`P~~u1oMPb>$*dp@Lb}Sn@qU
z3a)ge(ZT&te}sEzzmg&ALuH6E^y<p$F>u&w>PWwxvKla=y)6SH*$t<vO`5SZ9DSha
z1!srJaWcrUCLPCRZ)cM%P-~X)yd?W}%2<Ti(I9Pl02htCb<5Cz0;SCoDt)eqg;GK=
z)GQ=*!+>z1<QZ5ZiIsE+UPpeGG8|27dnis(sGY9GNv9@48-`$`EAF=;_PEds)$)zu
z@&ki0jGf=)4_1)`T@#lj2BTMQECs8%R0%G6)3@KS!Lqw+kO^vzOdYm~b0)Kuq!=Y^
zO7=M%T#(%l*K|ItroO!s^P5DYCDgIc^gGbyAF+%!1&@DpM_-`<WerARms`4@0O$<6
zR&Yw~v8g23Cf(@;3jHlUaAV<&qE!iJj|r*;hH7Pg13kyt4{{obg|{@rg)as(bWz7C
z!t>l$w!oTZsfiOU-krCaPUV9j3X@&V-P!NXIRp&}6GSj%YqEH*qATNnkjzo4I2&c6
zel9nC8yT1yG>e3A;Lc9WaVA*S{PcPj`Id^#<(5?Aqw{E}?z!>tgEFq;&*(f<?vqrv
ztC6mhF&%+S9X1W`E#d%R#@OeBHpX8}sp@Qb_b_=(owE59cirvE+M&rX7wazM&Fyo1
zC~OtPNoep@>*UWPk0X7Y(WUfqYJ4XwaP5XJz#}cEXHf<d#vMBI?gCNZ!W_t?Pj?)Z
zN$P@Lk+}rdGkBT9Fj~ScIW;+NVyo*Cv;P~dXXYR~z;K0c@`hS+dpth3&$_$Sif-1A
z!uTMogJj)10GR7;N%CiU0PQEPjp8kdicj|bZEv4#n0{a){Hgq_8r-+~zKhuK!b0G7
z8L?{HP&dJc3m`sR8M;q_$^=I|gi=F3+g$*M{Na4upi*at1+wFXP#OB|j9@Yco<LF(
zB8h5Vg6Ok#IdMqY(Y<h$tkReZQ!QAvU2=oC*z}x$hsepX@e+yuoafXdSaCHD1NQGG
z5a+~AGU}eruF_)x9N7uxf#fT--0g#NJqv;cSv+Lo+Zd@#Cz<A7&X&?=%N%NDv8?nW
zwUdI5g5Kr;RJa4bkkrT)v|gCE!daxd<f|KbOa4Y9qMmLG1VnM|q85_IV~r7|szMB4
z)2b@h_>IQtXu$Ef;1%J5A5!!Qkw>!pWV0dKm57P0r|l-iQzJRXJ##yrwN(h~NCTw6
z-;{lo5my0JL3%9<7A-MaExJqwW2dP6{IO4i>kc$jJk6_WfSf5x*r3}~H>3|llL;2o
z8ewO~%ZA^vwXJrO?a2OwZ-`t@K>=K2aC8|Tq=G$H*ZrsCln<S_YPcY<a?i^nxOYQW
z*6sK8+UAko^YSNT+f6imoh}s>8O?=jG=$72*95Al(PFB9C#<V*(tTvGIOTqdn9pYD
zQpbQ<pcYJb-5pd^;pxxD&qYDqAeyLTJ=$WE_o&q$zj^u(0Yfsng$j6Rg)V~ojF+zr
zMJXr!&w!nKgMQf2YM%?HpvQ16!Hy8{Mx&hUOy^v08!=r;t(Yi|egFPc9vPHo0p6ka
zDe-lFH^L)pKNuso1vMxn2a^)9K|{Npn9qWdb~aP#x1&E1O?|l3?80w;B~zBB{H(Z6
z^U<ZvHr4GKZ9F1CZ@r_6B(NAr4BQ5@@}DYjp9W4#Z(QJ7(JHZ*6KbSJ{Nt<f*<E@p
zMkuNZn^ffRys)67u_~QS^2DPsE1Vj#uU5D1c;<7oEwaL2uXQC^DxP_nYc;G!&l@2F
zBiK+g3QER(PnSlhggJxliCYP|pz&3Ql{U)+`&eJlf+k;>rHvY#>Fsp}C!?F>v7ZB^
z@FLxWK>YVphf{n(DAS<so*L?YlQm#tGikD&q_O{ipgP5_m^p-()aT2*cD!bm+}k?J
z-sMT$sjnK!_;;o$rpSXG0?vFGJ)-Y@^<fDSQK#9%8S?@XDH-zqBum!IIicNS4jstC
zeZ5m7u6}tOnSk9xXeux^$(YUXKjP^|4>d_%`|KZgi~5?7qxLcDU+(xR@3^r2D$Muv
zvH96|b_um0?<vYIDyCBr69errLRBn%Y6rr3ZZf#-_5R)5ar*I_d%k2UYhh1qur!@(
zjt%VLtI%g+B51SRlCbL&a#?agR}>|S5p~R0T-QlKNK0DiW=Ga;zt49IkJ(TOVp4%J
zVNE$<dKU<@W%GB(T`8Z<TW<;C_r<M=DNOifTsMRvIp<<wgLii$MEm58Bxb$zKt>lT
z<j8^oPe<51xg#L_jHR%XJ)en|sH-KJcmTJ&;^O5|NVTUW_Q~)M&*~syC_I^)k^!%C
zf7=RlmdbCL<8(JlmU@fXB;kZp4mG*oC-=YF;}K#YVaF5D3vW7r_XVP+s7SW1dJ(w#
zc?JftMe|T9rkA`HaCEqn;3w>*@>^oPJmI@5C)ryX#*cRkJBNN^Y=oU4E5fw=z1^Pn
z4jwni+}Tj)O|jrU?YWzaMgJJTKv{Z60TugZIz$1+&`R<bDjr*PcjtL#wC^(2^BpV&
zGOgctcKqnkS!4*&jYALK-O=8c-3B7FJD}KOtThx6krgEg*hrWvpxsoIFl=4;F-phx
zbUJx#KZcb`@Jb@aKu;G?sgv!cgeoNIOR#B}y1JP!UUbl^u`0iZy}*NNehxOuGvX4k
z9Pe_QR%oxfDN^DAIL#eyBgrb_T&6NQ`wfM4#H~_}8nLBg#X?g!y3eLgKUjVTlt93p
z6n6@?ehEe)_SfOXM~1j|?5&Mho6|);?`Ay8?|-&d{1~b(r^^xGvbK{0(In3@9QACM
z$p6VB`QiZly21qs2{&m|icHN+YM44JXk!6m4I$3R<LV=@i!}VvQ%SE#4_wqvZ|2n9
zG^KXh+D7f{W&ikV8Oqq(o%#2$8~$oaQ;goyMuP573hQ(?|8+V!Ch8uR;AE=_h2%9C
za$-TrV+pkm2L&PH;rGBYFe-CFkCuKzz$eAu-lna74<(kbGi8rKkvabB66L0m-hed=
z#V-PkH?Vp80pXYW<O-JHYn{o=`FR(TD*cJmH>$uf4YO;f(bvrFRqiVfX5pBEG=WV`
z%snEvuMvYRq3~aN0s>jZ4yPUp{sv;X{2D#sAS%+negGR0d&&Kgt}?J{OHUx8QpRON
z+q_;`zRHn5IUmtD%7OFy%o$YJMDZzCxoOSGuZBNo5EMwyeNOf@R(@7sw9EYtL`&GU
zH2$8}i+r(mh#^dNwA=(xLaY=z=i8X*g{vbh<t-3%!KXd<Li0oPHjPA=>_nSc7|<&A
z=Ufqws+MvPoLY*4#+xX$$|=9vkxEp-S7oMOl;*9V&!-TjoUPb*A=-;hV>EN7rA^}h
z_FJH2ZC&nSWn9dl>|Y6Nyky*EcH3v+XZjH*ZtT86s<x(urh;7~tMoBf0cXDAB5o#0
zRS4h6>SdZ+cBx4(w%7TawCy{7LE&(VKN+myD7FCwO=~fQMC^46$qn+U7q2Yq8h@CH
z;*uA-?#6U~1>QyWrd3f{sRxU=d4xhT?<O`DH-OPyHAI<uf(hTC&0mO0x9tU$H5ho~
zee9k=lg%@nFQ&$^9#SiW;2$9h2$gXFsivJtZ=yK7ElQwH%nqVx5R`RMK)N^=nXnQe
zMkpHMe!oJ0l!a<}u&2V-2k5jO<Ggj(w0?Sik}w5_?H<Tm73Oil<C0B~K)LPGM@p57
zrYcTRvr;1u=NOi@t93rA87&D>;Rtk)Vyfz*yI1&jIjz+A6urORY93x353R{T-c&ou
z%Kq5!=5t2Y*q9r}{Mlo)4s)WS(}Vq`l!LiN_|JFjjz|W61eivB5*T&2k?ra%El6Ul
znGAHAg?M<%SQ1|9e;%4Yah5)#b{vQb6KbQW1~z=hIFN=GtWpI<bhBszQg{3bJ&f@&
z+%o9GUdm*wY#(7Al2||0-Td+lP>e{ohLLs9+{MOsLcLrxE&4+8R)}H&ZvN8{O{Q71
z&V+OUut}?|-_tHL#vOfK<gSc(O5=s0a|`I_V7dFj-2tlov>&o7b)iZ_<BU}c)!;Vl
zKeboszR>vZomg+=0lP8NVUIt@{pYtN=80~^vvKPm!LoVg2H1XqU#Q-vLo|?A-o#2?
zRMkmh1fzhZnIDyk+>%iLm`M!N3~GCgW;<y5NKCjl<9T{E4t@3f6Qb+M&zy0AI?@QR
z#vagJcwMlmuS6YzNNz+c49${(?e;ovPn`Hc5kXjVDQ;j1#p99K!g`!N3%9vl-YNd8
z(aT|qvOY2SM{hAO-T{jEZ>Zc}sdwMjOoS|KpEuYbdlQg+R)tbWApx;G^T3y8Yy5(+
zvt=?&i^{SK1#sf}9{mMFrnE0nG6I4>m)7Xxp|Tm^9Bp8wNi5ai%VZ5tNf8LX_Ltw$
z)9XWogX&BsH%&e9(6z|_xWw8O!TFdy-(0<_^-GEATrIT{RCA$u&&{fBkE0AtSJ6`j
zB4Z42<=5^gm&8w?7+5qXjQ1T6r>d8=8o@O8W@LvMje)Kyr>*dg27_w{=hoAF2lqyW
zw|7upH-P~3YAK}EoY$=VrdjNerBw+A*ridM7{4-X5+%F-Xki>rKX{4JGoGZi+B@oX
zdLfD>m`4Re+Lip1X>0gTa3UF+r+C6sdR_YGkDXrGaQ39o^uhVv8h%JmCVK}lyNVHa
zb=y(ZG`nCQKFw685x!Zk^0o?*9JKN`et#gD8Zln5<8`0kTDHjXq;bqCJeEsI9=Je&
z0qwh)&;C;+v_u00luUdv<^8jkAUxS?Z79#TdU&lxRPajD$&js?sux-)c7#LS5$O%L
z3EsB}bo=Dxl!m{1>_MINNhH7*dHmX;;V?V{VvJ(hY@{$L+oU{@Jq4+Y=Q5Fm^L^`J
zUjGrZW^bL9gPxSK6cZld^&V@(yH36CZ*FA0zvRBSO$lN3P&z+N=<)6gr4%w=qg^8<
z=-}j(jf6Y?iXm4%1X3|IK6qraba_m6TxsT^^CwZ0S%k6Qaz0fB(-(c`<O=dzid>PN
z>z`Nu#T7nB(m}4i<d<^#^61-oXHvqgLeWK%c2KKJa&NP&c)Ipems0fmX1zDWB;aex
z%Bo*M6;p~-b91$WtVFf<Uc)LtAQ3Z+0y8yi@(HqWgkoUQXb7H(q|84R)^v8_7SDj;
z!R0T@x}~hh){er44@Gs+LI<I~fo}cY=UG(6q4kSM_rlESS2O6_A`+m?5&f#{G@o>Z
zU+U9(y!VgO?6YIvhmsQR828lHg~m9lS87~o9$0ivE^lC|I6G^5U=m0J*Nrjn@TzC0
zPvpUt!1h%s!py`T0w(<0&|OJh2F1kLrEtHcKwDR@A<?Yyr;>|oT#9mgz#+P@Ww5A?
z+!1_d_<e+h%tKL~4T=G%#5`Sb-Q1<R0=+6&09Ev$bxFrL$1qT-b4BU_zj1RZ&Z3iK
zBwKbJKbEbp6~Ehm5;2YB_D0jQ+kA87@z(BIt!?L(Ji@rLV3mX1&^rDwlbQtArIdbf
z&v&Q|1Z81k_D;4|)fRd9sq3k^>3M#Ai}^Y`1h_ngZf8l;_=DYNm^GGUp#pc*x%bv$
zuvl_(;q2jSg}t~F{H<PhBtF~|8p$P{v!O!M0eK~?;(by@%gc1wlju^yYWtoImO2SB
zby!=vve41lMbRyU5{nbz@8DdnAm}S|@Z4;GyalbBUQW@`!JT!BOO}JkDQa-DO1d6j
zltXSQ1~=a6m0Feh4Mc?7F}WXFUBIxmbsz`2>q2*b-3kGN=Gk~ebGdjdpOk7#dFA7p
zbX`X%@V128RILP{%eGSz9MDa~FEGU*1<ny4s=kQ@J&)gTkyM~p2S|Y7KR#C6AhiC-
z*Hqk-(V0ii${fn@WQ=MflF{k{QI+1B$gtK#nY`vGWiOp9>I4@m3)F%N>rTl#zZegv
zK$KP#E#jj-jCZxCSrYTjGowb7f`8Xm9~ePHFOliA0>=G>a+H=*74Wnz0heqCE4kb1
zJ<bh3GTYzYbE3k3UjYfpw=7tF%hLlsWyirD*a92zx8pC=f^@`JLqm(>*a^@0Xzi*M
zC!RIO;4&lIKtkz@JbD<{_7--x-yVucD;=`8<h9$k@t-Seiv0J4ekNL9hBJ}H>E9Il
zwAVDtBotBQ-U42Y^wJRUQhwLNEpc$}MTaVW5^JWjzHN&IAoZK<ZEviwUoz-RUq7ZX
z0)%AS?8|P$rWw371$Xar3M$hNGJ|@Z&Gd&qF2J9x%?%g*yi54p_}ceg@!`Zie&CD6
zs43;;@K%4aD+mDUerD{XuCwPzEpnE(!!|Qw5EM1o3OEVe@(bx{N{h1%-{W$D*Sm0D
zT5|+iwHgC6xO5~<ufI(DJ9i`i{MkVM>oHzk6NP*)d2|tBQRyn#9)d%E!Xee;O09@C
zvcnn0vtptc$chw1yddQb?Jj=p%vsxK^WHfXkq8BFE7SR#3B3y7(fcxlbMl<8K#BEw
zE#~Ux{<7xFuw!3(jCD~HHhaZ;b@E7}LW0hFyPMQ`3u$uR`3NccasE?uy%vaiKp46?
z<sGc3I^|A7c5U+S(!hWt11}?lRBk@BN|6x;rZY*Y;9JYi-#s5qlBk+1_Sf5SqfFO?
zsFYn^j@@kO+CgxQ@#V_{y3V6@eW3=)Us}Qw)oU~`T~M1f()KpRMGLg}3~>(?PX}-t
z61&BDK6LH8<z4Kv`0ka7sAetP6SP=g$vCuS`qD=!3{UEhEP(RNHlCPPANDKp5|@xU
z!`zvYcwh<DXNIMSW*$D;8U8$-blbPJ2dujK*s)CM<?gEoV2iAIpSabcN#oI%iYAWo
zKjk`^T<AQK>IN-z3U;sTIh+`;k|v(ums+LUENhSyM~qrp6l!=W*Z09sV`wOG4DRk8
zk4<s|=`Bq3()<fmK<8!{^?M7X470c=nAZK~i+Ev`>8GU!e%drHp4wv46U055_{^XW
zCd4%=xxZTk|21RvOdjIqS9ku)8>x7*Q$xh~#a%3ay1N9-K3WUUr#`yWsUhibZP|=M
zER;_@x+wZ4P!oTBhHyIXc~drQ7MiGVPe86-e5f%aodtr><1|u^%NK=p>(@<%=Ao%+
zSh6=2MGz{c0Arj8{3yfEtu1_0^NSUn?mVHB+H(g+w0aCEmRd%F17?HvvH7x4137ES
zZWxDwg!-IAI)c|qQWeAZITsq$IM4tz9&kRiin*j}VI>tA?W#JrNH^%g1~WlzC5C;{
z3O<nx)%tgn$@SNoD(D&oFK)<Qaggp)xZc{4dfFiXiO)<wI`P%@C*KWQiyGrq;DSlD
z!}gmE$0mUcudz7E8SSHn9DVgM1V^{$Ltw1qCLM|dN_pwXy20E>#U8VB*^S$O`<}Rl
z6Hdj!2JxWgIZS&4y42kFODcu`d&F<JVGBVkyT9DO`yNdApAA|tz?Kxg|LuD@*i#I&
z#s=4PMs37P5EiPu;giFJ9KvqMCPw|vc>YhUfcjeqtWu5wuPSwTAl3pS+8VR)*+gTA
ziUpX;-{;H5#ovr-cVfUv=m0HazYkZ?@-Vs@#V=_tbhJ@lkq5OsMp0?84IL*ff9$;(
znE0q9K>F^y*WT(<VKcmToIaEp^68w4qH*dH@o`>$151)K=Q(~(@V<8pkdQ9_?)wdw
zGegTcXLmX(JOlb31umahPnP)l>3Kp6*q5KTWZ61IbaW(()Ei+Ff+4Pdul)mWs8mwY
zsoKAl4hGHE6z1br*%5Pf{O&buD)Xu3YYf54Bpq?$-)q4CcWngZVC0bVl?tx%-$Ws>
zugQ$^e^?x*O;|PKHRtHf6BNR_1=rvj>rYUx{h9a>>tU?FR5R)Iv0kXl3R4vEi@@wZ
zqP+b7V*7vEHZMqm68};&{x4F|zeo6gsu}-sS^f_T>tDeBgWB4^fc+-|^Mx)4g8|D6
ridOkYO8sZGjn8A^{1mDO120tf_4S2&DHRi|9WZ-?_#c~4TH5~xTcUV_

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-168301.raw.txt b/tests/fuzz-tests/images/bko-168301.raw.txt
new file mode 100644
index 00000000..9f3bab87
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-168301.raw.txt
@@ -0,0 +1,51 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=168301
+Lukas Lueg 2016-09-17 20:00:11 UTC
+
+More news from the fuzzer. The attached image causes a call to abort() when
+running btrfsck over it; using btrfs-progs v4.7.2-55-g2b7c507
+
+Program received signal SIGABRT, Aborted.
+0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#0  0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#1  0x00007ffff6fb02fa in abort () from /lib64/libc.so.6
+#2  0x0000000000424fc7 in add_data_backref (extent_cache=0x7fffffffdfe0, bytenr=18446744073709551615, parent=<optimized out>, 
+    root=<optimized out>, owner=<optimized out>, offset=<optimized out>, num_refs=<optimized out>, found_ref=<optimized out>, 
+    max_size=4096) at cmds-check.c:4856
+#3  0x00000000004234bd in run_next_block (root=<optimized out>, bits=<optimized out>, bits_nr=1024, last=<optimized out>, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>, 
+    ri=<optimized out>) at cmds-check.c:6388
+#4  0x0000000000421d9b in deal_root_from_list (list=<optimized out>, root=<optimized out>, bits=<optimized out>, bits_nr=1024, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>)
+    at cmds-check.c:8391
+#5  0x000000000041d160 in check_chunks_and_extents (root=<optimized out>) at cmds-check.c:8558
+#6  0x000000000041bf0b in cmd_check (argc=<optimized out>, argv=<optimized out>) at cmds-check.c:11493
+#7  0x000000000040a10d in main (argc=<optimized out>, argv=0x7fffffffe218) at btrfs.c:243
+
+Checking filesystem on crashing_images/id:000170,sig:06,src:001268,op:havoc,rep:8.img
+UUID: 056b0872-c0a7-4121-8ac9-2263ffbee306
+checking extents/bin/sh: line 3:  4644 Aborted                 LD_LIBRARY_PATH=/home/lukas/dev/btrfsfuzz/bin-asan/lib LD_PRELOAD=/home/lukas/dev/afl_git/libdislocator/libdislocator.so ASAN_OPTIONS=detect_leaks=0 /home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfsck crashing_images/id:000170,sig:06,src:001268,op:havoc,rep:8.img
+Starting program: /home/lukas/dev/btrfsfuzz/bin/bin/btrfsck crash000170.img
+[Thread debugging using libthread_db enabled]
+Using host libthread_db library "/lib64/libthread_db.so.1".
+
+Program received signal SIGABRT, Aborted.
+0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#0  0x00007ffff6fae6f5 in raise () from /lib64/libc.so.6
+#1  0x00007ffff6fb02fa in abort () from /lib64/libc.so.6
+#2  0x0000000000424fc7 in add_data_backref (extent_cache=0x7fffffffdfe0, bytenr=18446744073709551615, parent=<optimized out>, 
+    root=<optimized out>, owner=<optimized out>, offset=<optimized out>, num_refs=<optimized out>, found_ref=<optimized out>, 
+    max_size=4096) at cmds-check.c:4856
+#3  0x00000000004234bd in run_next_block (root=<optimized out>, bits=<optimized out>, bits_nr=1024, last=<optimized out>, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>, 
+    ri=<optimized out>) at cmds-check.c:6388
+#4  0x0000000000421d9b in deal_root_from_list (list=<optimized out>, root=<optimized out>, bits=<optimized out>, bits_nr=1024, 
+    pending=<optimized out>, seen=<optimized out>, reada=<optimized out>, nodes=<optimized out>, extent_cache=<optimized out>, 
+    chunk_cache=<optimized out>, dev_cache=<optimized out>, block_group_cache=<optimized out>, dev_extent_cache=<optimized out>)
+    at cmds-check.c:8391
+#5  0x000000000041d160 in check_chunks_and_extents (root=<optimized out>) at cmds-check.c:8558
+#6  0x000000000041bf0b in cmd_check (argc=<optimized out>, argv=<optimized out>) at cmds-check.c:11493
+#7  0x000000000040a10d in main (argc=<optimized out>, argv=0x7fffffffe218) at btrfs.c:243
+quit
diff --git a/tests/fuzz-tests/images/bko-168301.raw.xz b/tests/fuzz-tests/images/bko-168301.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..4c7f462364e2188f99d19f72339784d55b9104b6
GIT binary patch
literal 11008
zcmeI&({m+&nl13y*s*P+!yVh{xWkTZ+qT`Yv18llsAJnsI`%zv=V@-8hch!(Q+2D(
zU+~qpYQ3%B2e+4|HW(Px(NdEn1Q;1OAs84KU`BKD>&qUBRS%3TTB8I2s~N+%>!hHh
zOwXNw!*RciVmNrHKBwQ8$WVn|$KT-BRoY436`=-yQIhC^YY4F>y~#g&PbM;KPg%y$
z0V}uf<bfgcq`2w)(1nJ|PH1;R@d(eb2l}>$c~Y-i_7lQXfYxp+t@7oW`l^7!26cG2
z8|R|Y=Q4w?juopZb155lp{DUGDSf|zfnv7)M^dX<(U&p4dpm5MBkicB0W5|DDWvsk
z#&_iIZ__Iw`=$W}0t6Yooub2JxQT7%;<CB%UD6=hFc5wrwL9%;ND$|vLFvFG?o2z8
z2Ze*GVh+nS3C*2Sy3z+@IP%S54n@xiwM!Ub<d2h=)w8ipx2@jqiREUUpMzM6wwAoU
z9M>n&tqK%P{^0NwI#WcI57C3M2XkwB=y55Vr&x5u1A>x{se(J9Ko5@nms1iHg7%#U
zzkL62Pq}lgMR#u-m?J%dVYDuJW$pgelilIDizV*NlWIJ`)YGon(*YN4D~#|qE$b6B
zv3xXQL6{pN^z>JzUX;5b$)5Mmp-P@v_Llwpp=?1Ap&A0XJy9~3ZD^X&N!+Iqf*Fqf
zjSuE9Z<5*Pkwz?vH(b0Mhhp5WH}vB59BW=H7(x2#T=hB7d*j9Mjd*CClCIu1z!{Q(
zWcDIHwMWD5v-<l^=p-G^VJ(*@R%nUOE9E7iR*K(Pq!HJv!M)i7QdAhHfvib3_|^tF
z-e4}+Qma^=MC$7k1Z_Aaq{*6pG@+|Nu<*m#wsd#w)03>Z{9C+Hh_AM?QId;{?vQOm
z(sBOSG%VCr-d2g|M1+toSo|NwT58%9M-qW}%3X)tG79|*+KJHF)Ql)U`ozC9u1|P<
zFc}INA1k$s38+I<s?QIRr^oJ4vw82AC|iLM2e;w+NPvXfegV5i(CO382OTs1#iW0a
zPAf5Nr0r(KR?tLR-m8TtcM7U-K;8?9&XF*LDBx6#pXRhhDdIVOI_gQ4a)>MWNpQqg
zdm}&w!y%78aIB502ps~eg=6rRDPlK!DdXn=EFIy!^_^Nhh<<_I1+}m(5jI8<alP!3
z^(x`ickKG1i{cfOJ)R$I>f~E((P;t&FGR1o{v8(8JGUD)HUZmQM<(8rYQYUs3j4dS
z!BM?+xkfn&LU-V%?XrS(9+Q45xpr**EA*I&SiXhzm|}wPY_>d{ZGTva&#oD^WUukJ
zT{)<UPBA9{`zGgQSi}uUbVXa(6wW)0kXHFTuVk&vt}l3yCzX#K@A#6<tNgkW(YrxM
z+|<;-UKgI_Dw(WS=vm|k!xlRmeqL)Vo87;Zb0QZTbV=QneZPZ(6w+)WS|!MUsAIaG
z23J=r?9@y}v**;UTI=9Y2O92WbPe?Wro!MdMXW<AYHyk}p7#X+X8^l!RxSJJsqy*W
zxcaiGD)3Ba0?!vPL2t9&%y%=?&8%OEDkx_rnt*}w1xS8&^w4@nocc<ol|-$0_t|>O
zVrACoix0gE4(v1izs36RKKwsDt&A$vkoWaK!UiU|z1zv_bI;Dd_wreG6l^fK=X=-@
zG(1%mfR5zRGyKx)&K~e1z-ne8mgaWBWjwSK2<#Qf<5h-J$o;MJSOgZx{(45TF|Psh
z-hbrjFoSRwVCupOJ1%=yyhr1(_--4;3?>7xB!5FeM0r0}Y2DiPd?m&iHTtv}R8R!R
zyV<@do4s`}gw<v}6+O=*Jt08L4>K-1ty1ZSpW?)1gbGQ2Lw@uLNj85Ml)>#Moed6m
z?b*POg<a0nGnW?ncBMI~7?9X38SFmvsCi`QSJY#zd?YCqROcx0E4@(*-sI7t7k~6M
zq@}7`#0t$d+MH=!c=9A&rE|QvrQhrn+;x{!3rW&yh51Gz4;{yq?9#t*t7-pc4_0;2
zp{#x6CBX{Hx5h3dP@|D&TsI-2;b8Alt=oWqlvt8$Uf{~s^vShVHH!2SVe|#HSH~aH
z;_vczigGn>5vLvCI=X#466E^LNJ7^OYXu<ooOq%eA5{&>#R`omS+m|r%}TN%l;-w+
zM_{il&|Y60_fh*EdG?8goO8@GKYL6HFI+QhwQ)^kUim5bPN=6wy}yK<()i#qvORXQ
zndXmYhIJjpZeJA0zjlC)!C37l(q}#9J6?mH8gV{0)!`=}<?`9wWv<d#OKoHAu^KEc
z>g}@pU-C=lI-bG<;y355K@s5G!>>S%FVU_7!UCvYo1;j~EJR9srEYa>i<N!4c{Vtd
zgYS5K4AlFbU>Wol^w^($W-RWell=%=UXQM!o6OC$COe0LJ1a{aVY^4l!R32Ct3$%p
z+KNU~Q|es&g+stUMHrXAX~<^h=EGxO7DuYAqwL*;FBX5k9BT1kZUiSTz{|1E-bUu*
z!9%ZB+PkOtlOq=+`OdGV;9IVFVaSIt7+NJi%j}N@v=;{f!ZeTJ*!X;=zz2cBNIIY8
zDbP^qWhYJDWoJaof7K{x3pBr+f{>NAdAk!4P`s?BDwx$W9ixfmS0`8Z)bea@$uZYT
zY&xx*;#GtL^3z1<X<Ost?FuFce}b0|g44rO`|f1B<qkGTZt0d-m(Q{~=?ryC$W7T`
z?R10pxoT~V7|~l?%_!WJwB`-N@7Y9XeV6X2iImDSPAQIk_3(sQq!qRoQeKROfaBa2
zCG8@FTduDK_fS!XFy6cWE$Y@t4=u-#4gG{m@*O-bQjQ7pn5$>_bhVUztoG#)m$>^d
z9Yu$GCx6RVC|?(7&>n7E6q#jtr84U?%tvT=HY2ud^^PS%pS#ykiz1BQzd3LBSd&S1
zCVD8Ez2}MNSRb&z4R{GrFCe#dSMu*EhiKS1-{~l<!1^N{IfW6nHZU&iQV8`ZNTwIV
z8q<4t^}C_{wrpOv{PZb8tb~=sslo>1=d{#I3>CC6Cy@Ydm|18#ugWCLER$Zd$5f?c
zmiVFj+zm=TS_B&l^6~&3p?qzV>X5(t_HnU;p~8ggw7P8uJ|?nF4JX)4)~zD_yr0Ak
zGT9@RV`^=?DJb|=A+SF?e94+B3g9p(Xvs7?cbjvnm!iMVz>~A{VYVeFk(7vW8d4cz
z#6ogsSY5~L7f0}wbuGn*iwh#*RkO>_<;Rs4qj$1494BiBhBUNqzC!)p9pWAHE1f~+
zhTFYbZ!FKRHVPejG>i!}`FY&v6iDFot1~Zh)C3cz9`#RlX!Rpz9z^gg5A#X_#RVuW
z<gIKM_r{1$<E>o~n?2Y2OH+z#HB##X+*WB2EjPBrgdH~=Xcfw<W$aej3kj_T2d=s@
zFg&_B()5?{GHsDgT1VWJ#lxkT&zKYa%@UhVGMhm~j83`ejYQU5`7spM22O<d_uN*V
zni^c1+Fy3{pB%{2oTCcoN)FhkA$e-uH-`uDu+FF#9nbiJ%wP`2lft#aD{*@zZg9!M
z_b(PGpp2wR5c#j2b#WQ&pHkQ<lzC##KY-ip^T7ni$B0`S_08Fp#&KNF)^qY=44xiV
z1_XvH$uS2$T0)zy&gcG2);I>Ztu;Ei@6(*cSvlFwT3+Csl%G{ObFJQ&aLCi}b;6qs
zrL+ay{5AyWzZ`zoqs#?>&{u_cujHl#vTo8Sl_%pm18t9#);_Yr^m;MXnHM!*9)56B
zI{4^zpc^#HrW@d&N9!EA$plw46b;npwj;`<djSY0L(}^Q1iyaRqA=!QqXt~*qXT3<
zWJP2x9t?Aafu$Mc$8%8E$Wk2Mn%C2von1j;Kc}x6*4s2J#Gfm8xWg17qbRyGg2ze}
zPVmC0S`W@g3@7^23p8SyVEF3`$c%|v7yBq|&;58D)~x7(xwly)kFjMUWnyo-M)+0J
z*o+(8rLuJ2HwR=bQN4F8l`xw}*n4~5kD5gJ!a1;qAYxD$A3h?vanDJ`=UX5h0lU0$
zbg8gh`&2ZUD*F?dr%(`-5N4Lxa$DDLU>~S$=c?-xxAJpF;@-kgl-ofBwoL3IXhbep
zl|)~VclIl4M!xh`$zn<*inSUwJ7n<8ocKsG$~wzMys{p$vCZWJ`b*XQ5se8>RTzpK
zkgGIcyK&VDNc++mbx#CUk1q1{8u|gR`Ke?WUiL2{1+3nj0}j~oc4q2K?#8><v7NIF
zE@t24sFxS2n+!)>z0Zfe;o**AqOE4=v$B!DxyHv(vk|2-Fm{1<wYq4v8O!17`W};(
zl@GAuB)B^qJBDs@922ZuKGL-MI>1N)K~ip~;j}EsHE^BasNOf13`91(_xXk04wY4d
z8K=BO;MJtN#36bvk!1uFrZhwKn~ZFdA~r3Qi(wIi_FewYCq7G7kH;S*a6Ypzo@76r
zxgodRY<LMaV~yo7fj8vG?FbQDcM7vff7Hd`TU5I^>@X7BHR%fK$p41I#kz$_krdK+
zBg;9PRD|n$cjRCffTl&a)2K73;elhc$j_EZfaZ0!9+N88T<!y@a-p7Ihps9*KSp0T
z!C<!Mm+&;soLkK$$wM$H0_Xe$zpMw(1`SWJPE$3}`f*A-b}}^XO!8jZgqP+{3iUKw
zu8N&J;5SN3-=sw51CC2kiR!=!mq4UXBo#@c%<uiQc7-c{=N7BDYz-OojE7#wtX5^d
z{mF#<EXO*ILfb;)3nJv#cooTv%~d=J11P$l9R2FFK%626D82SpF$3HB@wLXahi$qZ
zZU~g>iRBWf!1B>NQ@6Zir)(r^f<{8jAsyyiO(vBmCDjJ6onzICNNJt9rM=IMfnB9=
zvNmU+_?Dqs$G?fZoS822We@9Z6)E>~4~k(?F$90Zn+;gu#){F=+^`y&IP710?C%f~
z%>744HQHsJ(kL1@_E5xj4XxHK9Nv9`J<t1#<*o6Iw;Y+}2clghsGt1CGdi;o`l4CN
zNapDs;s;WB4K>0O^xXWY11*_51JYoK;x$x5C(DuT<KvD5(XYT=b;0?5vaR_L62vfT
zM7QkkA4WO8S+;o!y;G^gL-Q;A=wCnlj70-~1^Ky*ndWcVaY+7!q@j+Dl0de4?2>Ru
zKb_u(gNvtYc+15KlS`o0U|wp7%ttaSM4+Qm`I$;Dx3sFp%$`ia^lUzqVW(Pe6cT;D
z@PiiLYt^SdRskf)1z;-Vc+Z(vgSZzTmkt5?Jwm<Tb4K-^*~u08B$jES&wh9!jwfty
z6k6ra_-{pObYY8-4!bhnkJ4$j3rK806GfzQQ~vDroO~x-stqKGm;Q^Sf~D?Sw&NM$
z$7oQEU-NgN$6*-ex>Br0NEYwgrN{=KsVEL}wP=#gANLH#nDn9kGpoFn4jM5wU5Mmr
zq@S|8RvAWa2eFbVS1-}DHqkd&bX|M_SwEvpGAA4B`}zOea?JtoPVFx2x|@vg<XQAQ
z7oKyMfA>SFfm`NO*#vfm6a|@`Z{aFcrm2*H|8W2^JMrX~bNcjuWq&!_Xr<<_cI5&L
zf5+6nrArAtuLTS1CKIv>d6GjFxmgOM37ozNt_b$9h8^lXDm487ogM^gt`*KV@ArYa
zljtT10*+dDprxRa5cf6hrYtLGCV|!9yFR2C9VA7AJe3lVDb_rpdw-~yP)7sX#RdUV
zDq=}TN{_C-ilw6*1|pmj;7Pf1ps3y^e$o@;9NiOrtm3LKy_Y<IubzSmlN+HpYWZ1Z
zLv}hgcHO1$kV`et-JLZWPtW?%8bXb3&UWoq(C;#s8nHM1t6*sQ)sg5DCu65K9z=Bp
zgF8*w>pYPsvFx1<ugIpzuc{8q2m??4unn((48m@9P~V+PK<zWpW0MPtqAe+Ro25JP
z5@;@6bxA>)=)N(;p=|ajfBsAcD8};vhe`Un9t$0_&IF6k5k?4C{RB%oGgRhpsaJ+5
z-Z3OMlpfbCiZKJL_CJ;)(>6P{<Fdy0zd;;~aR8juN*oDD%+~v66yrToc6N=~H)r1%
z>|5cH7!@6`BOWBwirGnMB6fyGjPP&kb!2Qs#VCS~l`cxKuvG<_1C@hy*i2Y-bW>vi
zr?0CDn;<PymB~)D57~kRTE*FwK-{5qI*A`mgKADrX4vmWHS`Gg7cEekVh^|CYb#yX
zIA^+L{6_Ld_Vt=c^Rq6mm{z5?10n&5xk8ilPMXbkJ#?z2MSqLRH?qc>*OM-0b9BlG
z-?u^ymiJ{#GjnxxkUNfCxNJVz6&2>|PW3<gIJR8hc*?fiw{eh7)@7=JW2%gRCq>-h
z5)#Ccx(-!D&~ZqNET-B=H(DDJhFIj*6S63H?MLU!5|)6HlgL65D>m`pv*bq8ZOA=#
z%S_LT9)@N>>qkp0>UaLr$f0Y^UFCJfPsn#JmK>Eoh%#2hR>}|w+MXs+1Fui^G-c%j
zhNQnk)J~9bedEmYrhB(i+i=4AOmCT8%FGis45&y57>jI*k;JAl?Gn3Iy_`yt{ar4k
zfJ)LU#l5*j&rcZJ3fiu9-qgBXI8kH+VeRcLjT{e<_wMI1CeC_;JO&J9)fFv?YW!R*
z+aL^Mq4oSOvHU1zO>z!QItf6-2{tl%^ApKBO{7*deP58Zf~K^1-cEyh@$bF4Y(|+(
zRB`!Q@x~V1k`pH*R1A0%8v)Y9%oRc9wPeq}%0c5Nj>Yny&bw4rC^2n1WbTaI>9De*
zmKI21Umvqvvn6?0MOiOl(AJg28*o4$^)Js9i-1s0o9wFQk!ArBAD5dYq9SdNsK*e4
zFSUySy+*9kQp%o4$UFJXDhNwCIZ56woKAW2_EHa^nX5oXXR`krVSSXER;j#Op0!MS
z79wGjf9X4U@q)j26m|PXnOHEt%${awttKSorsO74q?!|~t)E*_C^g#iX*QrX)#3$H
z+l{F2PH)`h?|P2j6Hc(va3|PKjP7VgJG+nfZi7xXK{1>E(pM|Vpgc2MQQQIga#hf2
zMSR!XT*(I!j|7W={4G{PISr*ZWJVE;=$8DZXt6Mq!~9K|=}u-gfdNS*Gs4vYFd>Ch
zENHy=&$e#@_X;<QFjz*;^9kA$Lh_G590pu+BVL&G$)2><9&tmNM<@a{p)hp57$~po
zk)C~N-H28{|M0b^eQO19R)M6G$Mk8XA$Qm%7iYV4(%j5qF`?z<OKWhik1K)NF_(PT
zLk@|IKbK29V&iNSWN8Uv{NCLV`F8x|tJNEn)^5wKGtl_dxptxE5aA9eR$V`t`t=d^
zwX2HlUj(tEr;cn@tF-q$C)9{rSUxb<nhQ5#6uujkG9_8es&rqHzW%DI!@=nmSUX)y
z9skzOfkUX(zFWe!-;4y8D*x#S_;G3_u$qX1vZ4=R-HlH1%Lg)kNp-DG(zgjt{<sCw
zhM?`F6~-!0#vU8GT{{S8uCoZgyK;>6woxS9HzD~!S#!gxuId7mdf<4UTmUS77G9|L
zlurmBcNy%!v$;Ee&W25BDMZWHM+Z68JBWQO&=J_yZ{bqq*KnZwdshV-*bU^>c$hBT
zbzNPOWFMV|NBXUGF(3%qccN>M=+|1bMIm4)8ZD-tOItg_T^Ok(aO;3jPm=jJSj319
zkp)JoBO!41VQV0zhfH?}S!T=Cp;NGEj^Ufgw6DR#3#!}{uUye&Bg)h8=iJ9MtuTmi
zeL}=brcM~B!20o(2-yI|;-ePxi)$@u#yCbzUwxghAcku92;mKRM|Iajyt5z1G~DI6
zy(4v_WA#F>kV$5OPw`3L-#K}uDj;hy$!QVMz05;u3RYp+keQXoB5Ma1;hqt9bkiC`
z;jQ?MxPZa(jaud<ld65ys?iC-Ew4S_xnQ#I6=n3cQemZ}*FzN<xPW|qCPp0^!#O!w
z%y9O{5CZak&B=F#2go}wIYqDnN^BpTt)Jb@z4gfF@L*({N4%lxR`fA`nCigqBHnLP
zB2@3{qdT3UI0f<T5XSKnx-*q`b}c0a%{W2>>vNf3jRdf0Gtna$7UTyiwB+GWeOAq1
zgiV|~H;o-=nhSn}q)uoS(H<>UH){6v{P0%aYl4V}LS7z=3t=fz6VA}SOWSul`dbA5
z5*@5etmk>-w^2%qeTA3nB_d5#&>x}5GO-nGS-lCS*mMI^)=!{<f1|1n10^XxDn7UQ
zQdgzDbhbTYEsT5el7lCVt)c3jCg^v?KN4;342_ZB_HwH)zu8ROfCgJsemg&iDutQ{
z(}Wz$^SKQBKN9$B>)vTk%ZEUu0`pB^(T)9CI+`d3Wr8$P&Ap0W_b=>7XICMJ=K8_i
zBxsF(2yQNl9~hhJv5A)D8^Aj6JCt<FTpD(ZLux)yS*3KSWb%wT86or_KY-Yq|7hT=
zX6_lnX`|Eid3V*MQ6TdSNjk5Rbr*Vg9Kh_o;Ao?tnBqC+oKQt<X)_ag68||8L3wYh
z3LA9M7NjzNQI@6QD=?|D=V?nSdxSe<T76F5e$pY-fR>Me5?8&d!)E}j?G>QSJ+M<N
z&iMsg`939=yuw=%za~!oDzVg1>#8<6aRQc%u6NGxxtOw6a{cbT(vPV$bG0Qu5rsYl
zSqoK$@D!Bqv?jgmvN!kc%%@%T@~Te$x-c9a<*!in_{sP-xmLdm(TE-{M6%pW;xV+Z
zp2atG@agazk3IxY@>6!bR_2bCu?7Uvq4byuU)(cYMZi6a+DZ2>Kv@3jo<kZz#Tsaf
z>7J)gJ{FzcMg7LlfI?$PXNx9y@3mLc2qa#2fg!s`qFYJ7ni%z<f6ulsgrmcaV|?$*
zeSXB00<jjDrcmsQ0nlz7FJQvP8i4FB8vRw(hunT`4@G`VWZw$lFK?fR@}u@XS&2TS
zlBvL_P#+xHi;IZFk3sPzqxOQQw8Y0u(k_o>10?+6I>a(-?Z}ToMB`9)Cyozn7)y(%
zG5KrHyUlWzH5Nzo=tU>&P|z64zwPvHWKt=66%`^~js9%FX~gmm-3=;#f=HQ4Mbj1Z
z6n!=Id}va7-tjIF?ylfdrXChXxzUOqSt*_E=M;TVhKAcOz#D5lL*sPPDOP3g&tV5i
znyJ%zXqMdj@~Vn3CE)bW#L%RL{BkI<hrnGeluSTLR4}Cq>F1w2a|4~<00XEJ--a9j
zTa=@xmUl)o{;n}NBy2|pjJNGfYbSAJ^9Kau0Cm~@REW&nX=aBmUIt_98STQinPOD6
zzEwqpMS>9mCErYKtqjY4rCXa4G02ME@4<R|_v4*Xz^rnYvo$3YO*S&>+vi^lom<P8
zv43KNFu{5VG+MOegFbD7E00ja>&rq_j12Yg1ur2FtjU)lk^M7TZ6{|FLQ`O7Jfl)N
zgy9pq3TqvV30PLuc2atIshamnbu+^Gm9{Ay@a%CcaW=QiCW3BwD8hKSP3S@)NiqYM
zTeE$kYN;q!FzZS!5tS*mgU(hUt`<wArmEzY6kLia=<`<xaId`=J!iB2-ov_v?c5Hc
zP><Jfly8>{d$gwvTn9z+_S(W~-!zQmpTt8c@5ic&@HYjz#eKjzC|qH!K|AL+D-ew)
z3Ow@W+G)WoJyL(Zab>bbB6*J06uB)<$!2e}8w!1XPBs07nrM)HxxNDz?<nV0fl_VI
z_cG9}`Ap3Hw%Z{D<Uv?`kDmYp6z?`R-?}ro^*RS$jb&4NWOS|FZ(EK!+zI~;5Ux-}
z8I!c$TxyJ;D4@QfvK`u%t5l!idp8AOV(pkEUN|i^l1Z7pK+fAgS8|;^dOU*3PHpfO
zq6@UCQfvp@zgK~Q^ibN0*2r9{Old!(LX^Yc0g$5}_G6u7$E4y)JlJBZD9Sm2L_q(n
zvVw0Y1AF69y4((frIL8=7X-3S(;k+mt$DQ=CZ(FgC$L544yW37QB?XWh+|Ms#BZ`t
zK0g4ONa7KKytm((JtT3Y;<^4D;X8138HX2f5y|rRre^E`i-3;%@X7DO<3uhM(U)-O
zSp5`}hU}!pN&*ebuJ!D^O6m@RnuAGdC%6si4wadGa5_hH;Zj&z^FGyjxiK^Ad1#sa
zmUnl}HvZf!(+?C$I9zhhqvtDHL)h->3US0Ig=rO>#^jYCr6uU)Lal9)W<fq!ld1h)
z9gp)4RxXNPkze!iPyyjV4YL`<9%8odfjA(_Eo+gL*2Ve9ePNm3Xd8c#LEDazat+?t
zehU<t_$3N#(I4|Lzy^$(7dxZ@rQN9lsye_oZr`3haJct`k>WT*d_C?|%O#HZj%+_$
zzMc$O$Lo&3#6PrJynI&+0(G;iM36JYNA%*F;6Jgqg1L~_?!GHtBY*O&bs-p4rZ)%6
z5_I7YAl($2Kz9$K(L~@?OyX#h=g?9A29H=d`GGQNZ!^)1Cljpzm3l^}-;?~D3BzDe
z`xx#ev$C*(NtI?@yhmNqxU#Bth~f*1U%*Fk+6kT@X1bQQk0y5@*(b*$ET;SV^2=H>
zIcib1kG?m}Yi+Y?QD;f0HboV)qW~WjzWX_Zg!*zga=)@^b&J^qAKb#{Fo7I(v>_qd
z*mz8a2GaJeo!oiH&~+lS4>c$pL@l<{hT;(;-ZD|4HJy@{f9(`*n8VWGOytC2NAkFr
z@_376nbXCn7Kh{=B0AwO_itS$IrE#@5{mln_+dAbm}_<v7jNJDY=5)l<jJxLU=NhI
z54B0h$-*XJa`L76K660u?3Jo5E|jN+a}V5Wn=VAzm<&K&GVtEv`Dm26MtR4LU{Rk(
z69}v!{hPbyxR4otnjr>P=0DX@@u&Y`T(S^SAMpj(>P&|+WS*DHEH`L@>8YT&D+Yae
z!Zh`y#s9V$E&m2x4;K%kgc!z!jdbc)^GsV{ZruyJ2_B<j43IrlL5rTP9C06bYS>{w
zhSqT=FnDXY&H-kSRlq#T`b*v@xg@|V$BST}#q)ROPM?Dw^ZA%_ID3#qjE{K=;S~E%
zd&WC5X^qLJ{5NFw8nz%NeL|(MdIrQ|n`cU?x?hGv+lXZ0CZ=+AYJFnL&w&-w3xLk}
za6*eS*MQ~n9Yy)5dqn4;N{zc0>FkzU6UW!A2jCRtVSNNC@o)2bZ;6oV!r{u;h*M&p
z;w?Gi=bU+6wK3De);}HW(#;*tt7(Xm5i<?*Oaus(3eCmeEPCZeqB0&wb2Df$`Nw=m
z2MtiAz4`EtrVRB>G}(NQPf<gHZe+iDb}TE7m7za{W_Iyg_kBK@;*`=!3XD?~LW$aG
zk;<Z27F}n6QX&0&U`#=g9JnKA$A;QP4g7kNzncv0sF%^1S1x=KhrX~jvM=%2$KfPN
zZ1&JXNFXG|N+wBTJc4WByVQv^H}CNl7KKD3m%H#7r_1^yxG@LYk1+k>#QL!tkp$ec
z_jtDroh8(hZ7tC+M$f#JCB2|zt`SnpuG$p~;m)6rxaUA8w2p|RNFJ^nrR>7ZcC(9K
zcY>IzM*n;a{-186|JeKgw`SSRr;ae$*FD`l{@QDb{Bc2M=>s{pJV0r8dL;xbn{O5y
zUzSsRyno4*hlAbyM+!rnmKrREgB{^3fv6FJr}B1pf|m6U-<YTJYqxVlr^Yd0m=;z_
z#mnC_c!)?6A=8M{H#1FJ1NRxXdH~s6oiDP&0FDqNkEU0<zb8g+w@Lxa@7>%Hq?$v(
zi&M^@AbQM9>t6@I^`~>TBCh#6j=jQzH2oG5M}S`7JSeQl`uRT6KgT5@P|?;^`KRu?
zHYNu!k9&KF4iqZUE@~&y+csMeZxaR;GlOUJh5eudj28#cu)cRc;a~_$vEwYt@9M*}
z)*h-kTX}F{mpwMDG-cFy_j0%F2NRNQn<umD4{nNX56{6~9+2`lSwWJhNavr|8@3N#
z=<SEZ*N0zt9(cI|p@;EL)B+q(se0J#Q~b^Ic6kH6B@(L!m<w-Ff01q?Ni6Krm%H4X
zpabDua#D_QQ_iBS))}})1>A!yQC!xk-sBzKN%c2vOynPq+Lr&;99li=7t1eG1myg`
z<l~=KU^L{^B=0K&T;=~0XW&q$w|&}ZhJqOtOZ<Zl%{#mhl>uiChcj0wb|!6z*ul)G
z%ww3xaU^zODc%o-{9>*-3;o0R(DQPh>C-SB22y|Afe*8fojaoh3%ul{2%i3;@=Ke#
z+6f6esjP?hU)3}JG|K;^I$YM02LA0g{tI;EKm5kO!OOpFZT=nDe-S7BJFx#oU;)ro
vV9;QN!BVEzU|_g0Cm@bWjcqXSb@hON066JkYp41l^EZfpI9D(zE$#mU8rFFJ

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.txt b/tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.txt
new file mode 100644
index 00000000..c5ec8ee1
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.txt
@@ -0,0 +1,134 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=169301
+Lukas Lueg 2016-09-18 09:07:55 UTC
+
+More news from the fuzzer. The attached image causes a heap-use-after-free
+when running btrfsck with ASAN over it; using btrfs-progs v4.7.2-56-ge8c2013
+
+==3439==ERROR: AddressSanitizer: heap-use-after-free on address 0x621000014170 at pc 0x0000005c05ae bp 0x7ffe84ef8d00 sp 0x7ffe84ef8cf8
+READ of size 4 at 0x621000014170 thread T0
+    #0 0x5c05ad in free_extent_buffer /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:579:10
+    #1 0x59360c in btrfs_release_all_roots /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1096:3
+    #2 0x5961bb in close_ctree_fs_info /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1805:2
+    #3 0x5246e7 in close_ctree /home/slave/dev/btrfsfuzz/src-asan/./disk-io.h:155:9
+    #4 0x51e334 in cmd_check /home/slave/dev/btrfsfuzz/src-asan/cmds-check.c:11618:2
+    #5 0x4f0ee1 in main /home/slave/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #6 0x7f792c60e730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #7 0x421358 in _start (/home/slave/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+Probably somewhat related to this: The image crash000255.img causes btrfsck to
+try to allocate around 3.5gb of memory in one chunk, sending ASAN into a death
+spiral. On systems with sufficient memory, the heap-use-after-free turns up.
+
+parent transid verify failed on 0 wanted 3472328296227680304 found 0
+parent transid verify failed on 0 wanted 3472328296227680304 found 0
+Ignoring transid failure
+Chunk[256, 228, 0]: length(4194304), offset(0), type(2) is not found in block group
+Chunk[256, 228, 0] stripe[1, 0] is not found in dev extent
+Chunk[256, 228, 4194304]: length(1638400), offset(4194304), type(5) is not found in block group
+Chunk[256, 228, 4194304] stripe[1, 4194304] is not found in dev extent
+Chunk[256, 228, 5832704]: length(1638400), offset(5832704), type(5) is not found in block group
+Chunk[256, 228, 5832704] stripe[1, 5832704] is not found in dev extent
+ref mismatch on [0 4096] extent item 0, found 1
+Backref 0 parent 0 root 0 not found in extent tree
+backpointer mismatch on [0 4096]
+bad extent [0, 4096), type mismatch with chunk
+ref mismatch on [131072 4096] extent item 0, found 1
+Backref 131072 parent 3 root 3 not found in extent tree
+backpointer mismatch on [131072 4096]
+ref mismatch on [4198400 4096] extent item 0, found 1
+Backref 4198400 parent 1 root 1 not found in extent tree
+backpointer mismatch on [4198400 4096]
+ref mismatch on [4231168 4096] extent item 0, found 1
+Backref 4231168 parent 7 root 7 not found in extent tree
+backpointer mismatch on [4231168 4096]
+ref mismatch on [3472328296227680304 3472328296227680304] extent item 0, found 1
+Backref 3472328296227680304 root 1 owner 2 offset 0 num_refs 0 not found in extent tree
+Incorrect local backref count on 3472328296227680304 root 1 owner 2 offset 0 found 1 wanted 0 back 0x60700000ddf0
+backpointer mismatch on [3472328296227680304 3472328296227680304]
+Dev extent's total-byte(0) is not equal to byte-used(7471104) in dev[1, 216, 1]
+checking free space cache
+checking fs roots
+root 5 root dir 3472328296227680304 not found
+checking csums
+checking root refs
+checking quota groups
+ERROR: while mapping refs: -5
+=================================================================
+==3439==ERROR: AddressSanitizer: heap-use-after-free on address 0x621000014170 at pc 0x0000005c05ae bp 0x7ffe84ef8d00 sp 0x7ffe84ef8cf8
+READ of size 4 at 0x621000014170 thread T0
+    #0 0x5c05ad in free_extent_buffer /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:579:10
+    #1 0x59360c in btrfs_release_all_roots /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1096:3
+    #2 0x5961bb in close_ctree_fs_info /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1805:2
+    #3 0x5246e7 in close_ctree /home/slave/dev/btrfsfuzz/src-asan/./disk-io.h:155:9
+    #4 0x51e334 in cmd_check /home/slave/dev/btrfsfuzz/src-asan/cmds-check.c:11618:2
+    #5 0x4f0ee1 in main /home/slave/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #6 0x7f792c60e730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #7 0x421358 in _start (/home/slave/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+0x621000014170 is located 112 bytes inside of 4224-byte region [0x621000014100,0x621000015180)
+freed by thread T0 here:
+    #0 0x4bf990 in __interceptor_cfree.localalias.1 (/home/slave/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4bf990)
+    #1 0x5c0582 in free_extent_buffer /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:591:3
+    #2 0x5c1b18 in alloc_extent_buffer /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:644:4
+    #3 0x58de0c in btrfs_find_create_tree_block /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:193:9
+    #4 0x58e880 in read_tree_block_fs_info /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:339:7
+    #5 0x5f2d74 in read_tree_block /home/slave/dev/btrfsfuzz/src-asan/./disk-io.h:112:9
+    #6 0x5f2b52 in travel_tree /home/slave/dev/btrfsfuzz/src-asan/qgroup-verify.c:692:7
+    #7 0x5f299b in add_refs_for_implied /home/slave/dev/btrfsfuzz/src-asan/qgroup-verify.c:748:8
+    #8 0x5efd39 in map_implied_refs /home/slave/dev/btrfsfuzz/src-asan/qgroup-verify.c:766:9
+    #9 0x5eed89 in qgroup_verify_all /home/slave/dev/btrfsfuzz/src-asan/qgroup-verify.c:1366:8
+    #10 0x51ea14 in cmd_check /home/slave/dev/btrfsfuzz/src-asan/cmds-check.c:11571:9
+    #11 0x4f0ee1 in main /home/slave/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #12 0x7f792c60e730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+
+previously allocated by thread T0 here:
+    #0 0x4bfca0 in calloc (/home/slave/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4bfca0)
+    #1 0x5c16ca in __alloc_extent_buffer /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:542:7
+    #2 0x5c1b26 in alloc_extent_buffer /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:646:8
+    #3 0x58de0c in btrfs_find_create_tree_block /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:193:9
+    #4 0x58e880 in read_tree_block_fs_info /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:339:7
+    #5 0x5918a2 in read_tree_block /home/slave/dev/btrfsfuzz/src-asan/./disk-io.h:112:9
+    #6 0x591712 in find_and_setup_root /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:647:15
+    #7 0x593243 in setup_root_or_create_block /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:966:8
+    #8 0x592a06 in btrfs_setup_all_roots /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1045:8
+    #9 0x5948fe in __open_ctree_fd /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1341:8
+    #10 0x5942b5 in open_ctree_fs_info /home/slave/dev/btrfsfuzz/src-asan/disk-io.c:1387:9
+    #11 0x51dff2 in cmd_check /home/slave/dev/btrfsfuzz/src-asan/cmds-check.c:11382:9
+    #12 0x4f0ee1 in main /home/slave/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #13 0x7f792c60e730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+
+SUMMARY: AddressSanitizer: heap-use-after-free /home/slave/dev/btrfsfuzz/src-asan/extent_io.c:579:10 in free_extent_buffer
+Shadow bytes around the buggy address:
+  0x0c427fffa7d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffa7e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffa7f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffa800: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+  0x0c427fffa810: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
+=>0x0c427fffa820: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
+  0x0c427fffa830: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c427fffa840: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c427fffa850: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c427fffa860: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+  0x0c427fffa870: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Heap right redzone:      fb
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack partial redzone:   f4
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+  Left alloca redzone:     ca
+  Right alloca redzone:    cb
+==3439==ABORTING
diff --git a/tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.xz b/tests/fuzz-tests/images/bko-169301-1-blocksize-zero.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..70c2b22feff2be6a4fab4ed7775de7b7822bc867
GIT binary patch
literal 3828
zcmeH~X*AS}8^?dlSmtO9N|ua5BqQr&&sIqGEeWBkA<3F$n2Z*?u{1`uF+(9V%uLH9
znp{iCaP7;rRhBYBHAQIL`QLl~=iFDl>Hj}>dC}|V#q*rcd7kh0`)uncoH`8v;5Vc9
zt@!~3J~;pY#QIM4@Oa^%HeWy?>tvOf(5Y<o*HI46E^7LDQpnF^q5<s-9)o_Z`G|T6
zstG-*rMg+MCEXpeT$LX$9l$?veA;B-vw}ru`2HHiV<Ee_sQ8_>UmT~S*ILA3I&xu)
zO6w5BEJb&A*CNfQrXX1UA)?D6yfar-r^A(mI~jk)p1qWqWDz8LfJ-Kfnh7eqUeyFo
zt!YAj<q6cS*0rN+IlFB8df>Wf9UU(ZmbZ8JCBNkJdmWSo$$JS@2hnkhyRAH2*Vx`w
zI8#rP;gmzHw=8xM%IOy^$h611uA_%U8%3-U@I&pP*N=elprQ)`EnF*uDo+zDr4o4C
zOYz2~0in4OsAmE+rEn@4x4nrqV90*Nw)Y2gb<sKVAMW7*A9}#n(}g}}3RBQnja%Uo
zc2MqqhMk~@mVvQaR|-355170}QH6pA`twMf!F}YZx3-6F6b@z&V^uQu^h-7`9%q*O
znOt4A!pOwZ)O?L#%0GpgZCQZRR?_qYW?2)WhC>VmBR5WPIu<C_#cAAj=H>QvQFHIT
zb@V=g8AX<9dZ2$htj(C0R2HUp-yv<~go>m&w2Ue^#%oEBl_naK6T3;rHuMkqPrr+z
z&s(p%e@Kr}*P3i|cF$M5DG2g=5n;TmRY$+5N|LW?@fJjFxsG>Q<!;oD-8X8OhPnG+
zN0iqn`7NumQU(Y`nMrE-oC7gmWLgD_9E!Hb8%OeB9m;MSYx#QG0#(%2@Sh_bY<3Lf
zi`PMEEk+p|ThZ4z!{Ls#;WTqNST-_>xo}LJnD0C`h9wzHyy%K5fDQ^H4S+jA!)oZ?
z5CZ7nS`hWPsm;oyj#S6ePy@MH?)9{V;(o8|#pP`L>{T}DY10OAk{ajM{dFn$P2nE-
zk^TN})8Z<W*$dB~%R|61yNPjPkE953?1h)%Cql9mbw}_b1&^dXWgF~@DLX%^qOM66
z3?J>Zotip3`+1nE0kLq9O^Y+fT=hI#Rq7;t@hGvk6PNV!Bl$^nltTUB5Pzfa>pp~d
z08$~Y)tx#QBTIno&yc_I2Hngao`uv^SHJH}cqUj}8CH<P;%llv%R(a+DB0U#?|qwW
zW?_p7@WDfN=R%D)eW%}(hfmfr0E*GAj5JZ67=9x%-fKgomq$>whShR0Gha)zG)}hW
zrhK|~rS;smnNs}WkAI;ZkoNIPWushAG1;+qz2+CZ1%x-BPf)mDT@jah<-PY=Zce)$
z**F*oF-~Twg}!`X{GsECh9d-OK;nt<sRJtqZh5Vvr1j`m_F?oU@Hf|oC0T7OWOIlP
zEh*AEQdo)a;!aPblRSypfYFvEF>u;p|Jw%qAJh8P!A$K?mU%n>eo%k57U9WUB=HtO
z4*}C9G4h<_)(f~3E-Kpa72mlmiMDx}Gut^^+wWZid+%&tW*FSE#Ohht&~gFr{iPvh
zNRz~nUYilne`L*Q>Qd(u?p=9PIaRlYdTnTB?9F>_&J0l7IX^SSTv0O*zM#nRc}jXW
z?PzuV(9Dw}R>6XykzPTmcc83KV1uSxe&FWvFB6-!jxXv}3o|e8%e>H1@-!)zo%0y`
z$v}Tbhfa?+Fv4c|lw13l@M8|o8)=J^zZ@KYwwRi5ef8CIFX{1ChHhgvim2YBW|?_d
zzv522f;ZRsi{wi45w6DNNegQ$&-l0reyRHV$0~Q!VcqQ?+?W;0fjywggjk9bAA1Z5
zXE#(5<pSHKP=N$PoLky$6oyGC(ij<R)Lkh>sfrc$`Ks1M^>Q*wgOJ#lw?V2hWRHhl
z6A`97-=<W{W5<^-Hz%WMGDwxA2e@&Bb3=Bfid4x3Au8rt45s8_l1Z5<BlXt`?vq6G
zS0_}ev$B0%T;86*%)|q0M4GYQVB*HbnAL@C^Uu5VI<lVGseIJhC73}peO3EF8j-S=
zIfKta4-VXcr}tG}A2BU>7aJX)_%vo(%*(2RNWve!A<xV$MMx+kkrHYHPGLy5G5Jd$
z#}jvOIigvy8sZdFPZ}o!o|?d)F{@N5<XOgtSk|CsZ~1Ep&xt>UG4ol6((-TVGGnqH
z*`qdk&VQ=Cyd44YwNln+8aiQ#h6$A5c|7bak_78OQ6hJ%H&HEF2J3PmU+AF=&2u$9
zyvh3h^Xldj?gV6`rtV2s51U3_L^U_sR?ZBJ4{K-jgss=?wY3LzRz(<FU`NVm4u*MJ
zpfV=AB)+zLEXw}ir}OUNO-KpO=%{)%KKq^N8M6Q8O}WIKdy1g^Pzl_n=EH&5Gn{|=
zSpLB~{Z?!91_=4TYPTHiR<r#tQ8Gfz%!pJ_+H&__E%twE*tghx+h-~*XwW~1A%K4q
zvA@|QzlWO(%#8j6*mwB!4`9E?upb-tow@aUfh7x?0|LP9xs0YgzrU{l3bU}{*j-i(
a@b$uzlaqz5^@I9o9YJ6D|0sgJPX7mKEM|)U

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.txt b/tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.txt
new file mode 100644
index 00000000..0af00ec6
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.txt
@@ -0,0 +1,185 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=169301
+Lukas Lueg 2016-09-18 09:07:55 UTC
+
+parent transid verify failed on 4231168 wanted 274877906948 found 4
+Ignoring transid failure
+parent transid verify failed on 4222976 wanted 3472328296227680304 found 4
+parent transid verify failed on 4222976 wanted 3472328296227680304 found 4
+Ignoring transid failure
+checking extents
+Chunk[256, 228, 0]: length(4194304), offset(0), type(2) is not found in block group
+Chunk[256, 228, 0] stripe[1, 0] is not found in dev extent
+Chunk[256, 228, 4194304]: length(1638400), offset(4194304), type(5) is not found in block group
+Chunk[256, 228, 4194304] stripe[1, 4194304] is not found in dev extent
+Chunk[256, 228, 5832704]: length(1638400), offset(5832704), type(5) is not found in block group
+Chunk[256, 228, 5832704] stripe[1, 5832704] is not found in dev extent
+ref mismatch on [131072 4096] extent item 0, found 1
+Backref 131072 parent 3 root 3 not found in extent tree
+backpointer mismatch on [131072 4096]
+ref mismatch on [4194304 4096] extent item 0, found 1
+Backref 4194304 parent 5 root 5 not found in extent tree
+backpointer mismatch on [4194304 4096]
+ref mismatch on [4198400 4096] extent item 0, found 1
+Backref 4198400 parent 1 root 1 not found in extent tree
+backpointer mismatch on [4198400 4096]
+ref mismatch on [4231168 4096] extent item 0, found 1
+Backref 4231168 parent 7 root 7 not found in extent tree
+backpointer mismatch on [4231168 4096]
+ref mismatch on [3472328296227680304 3472328296227680304] extent item 0, found 1
+Backref 3472328296227680304 root 1 owner 2 offset 0 num_refs 0 not found in extent tree
+Incorrect local backref count on 3472328296227680304 root 1 owner 2 offset 0 found 1 wanted 0 back 0x60800000bc20
+backpointer mismatch on [3472328296227680304 3472328296227680304]
+Dev extent's total-byte(0) is not equal to byte-used(7471104) in dev[1, 216, 1]
+Errors found in extent allocation tree or chunk allocation
+checking free space cache
+checking fs roots
+checking csums
+checking root refs
+checking quota groups
+==23294==ERROR: AddressSanitizer failed to allocate 0xe4ff4000 (3841933312) bytes of LargeMmapAllocator (error code: 12)
+==23294==Process memory map follows:
+	0x000000400000-0x0000006a6000	/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs
+	0x0000008a6000-0x0000008b9000	/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs
+	0x0000008b9000-0x0000008ef000	/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs
+	0x0000008ef000-0x000001567000	
+	0x00007fff7000-0x00008fff7000	
+	0x00008fff7000-0x02008fff7000	
+	0x02008fff7000-0x10007fff8000	
+	0x600000000000-0x602000000000	
+	0x602000000000-0x602000010000	
+	0x602000010000-0x603000000000	
+	0x603000000000-0x603000010000	
+	0x603000010000-0x604000000000	
+	0x604000000000-0x604000010000	
+	0x604000010000-0x606000000000	
+	0x606000000000-0x606000010000	
+	0x606000010000-0x607000000000	
+	0x607000000000-0x607000010000	
+	0x607000010000-0x608000000000	
+	0x608000000000-0x608000010000	
+	0x608000010000-0x60c000000000	
+	0x60c000000000-0x60c000010000	
+	0x60c000010000-0x60d000000000	
+	0x60d000000000-0x60d000010000	
+	0x60d000010000-0x60e000000000	
+	0x60e000000000-0x60e000010000	
+	0x60e000010000-0x611000000000	
+	0x611000000000-0x611000010000	
+	0x611000010000-0x616000000000	
+	0x616000000000-0x616000020000	
+	0x616000020000-0x619000000000	
+	0x619000000000-0x619000020000	
+	0x619000020000-0x621000000000	
+	0x621000000000-0x621000020000	
+	0x621000020000-0x624000000000	
+	0x624000000000-0x624000020000	
+	0x624000020000-0x629000000000	
+	0x629000000000-0x629000010000	
+	0x629000010000-0x640000000000	
+	0x640000000000-0x640000003000	
+	0x7f62fb97e000-0x7f62fdcd0000	
+	0x7f62fdcd0000-0x7f62fde89000	/usr/lib64/libc-2.23.so
+	0x7f62fde89000-0x7f62fe088000	/usr/lib64/libc-2.23.so
+	0x7f62fe088000-0x7f62fe08c000	/usr/lib64/libc-2.23.so
+	0x7f62fe08c000-0x7f62fe08e000	/usr/lib64/libc-2.23.so
+	0x7f62fe08e000-0x7f62fe092000	
+	0x7f62fe092000-0x7f62fe0a8000	/usr/lib64/libgcc_s-6.1.1-20160621.so.1
+	0x7f62fe0a8000-0x7f62fe2a7000	/usr/lib64/libgcc_s-6.1.1-20160621.so.1
+	0x7f62fe2a7000-0x7f62fe2a8000	/usr/lib64/libgcc_s-6.1.1-20160621.so.1
+	0x7f62fe2a8000-0x7f62fe2a9000	/usr/lib64/libgcc_s-6.1.1-20160621.so.1
+	0x7f62fe2a9000-0x7f62fe2ac000	/usr/lib64/libdl-2.23.so
+	0x7f62fe2ac000-0x7f62fe4ab000	/usr/lib64/libdl-2.23.so
+	0x7f62fe4ab000-0x7f62fe4ac000	/usr/lib64/libdl-2.23.so
+	0x7f62fe4ac000-0x7f62fe4ad000	/usr/lib64/libdl-2.23.so
+	0x7f62fe4ad000-0x7f62fe5b5000	/usr/lib64/libm-2.23.so
+	0x7f62fe5b5000-0x7f62fe7b4000	/usr/lib64/libm-2.23.so
+	0x7f62fe7b4000-0x7f62fe7b5000	/usr/lib64/libm-2.23.so
+	0x7f62fe7b5000-0x7f62fe7b6000	/usr/lib64/libm-2.23.so
+	0x7f62fe7b6000-0x7f62fe7bd000	/usr/lib64/librt-2.23.so
+	0x7f62fe7bd000-0x7f62fe9bc000	/usr/lib64/librt-2.23.so
+	0x7f62fe9bc000-0x7f62fe9bd000	/usr/lib64/librt-2.23.so
+	0x7f62fe9bd000-0x7f62fe9be000	/usr/lib64/librt-2.23.so
+	0x7f62fe9be000-0x7f62fe9d5000	/usr/lib64/libpthread-2.23.so
+	0x7f62fe9d5000-0x7f62febd4000	/usr/lib64/libpthread-2.23.so
+	0x7f62febd4000-0x7f62febd5000	/usr/lib64/libpthread-2.23.so
+	0x7f62febd5000-0x7f62febd6000	/usr/lib64/libpthread-2.23.so
+	0x7f62febd6000-0x7f62febda000	
+	0x7f62febda000-0x7f62febfc000	/usr/lib64/liblzo2.so.2.0.0
+	0x7f62febfc000-0x7f62fedfb000	/usr/lib64/liblzo2.so.2.0.0
+	0x7f62fedfb000-0x7f62fedfc000	/usr/lib64/liblzo2.so.2.0.0
+	0x7f62fedfc000-0x7f62fedfd000	
+	0x7f62fedfd000-0x7f62fee12000	/usr/lib64/libz.so.1.2.8
+	0x7f62fee12000-0x7f62ff011000	/usr/lib64/libz.so.1.2.8
+	0x7f62ff011000-0x7f62ff012000	/usr/lib64/libz.so.1.2.8
+	0x7f62ff012000-0x7f62ff013000	/usr/lib64/libz.so.1.2.8
+	0x7f62ff013000-0x7f62ff050000	/usr/lib64/libblkid.so.1.1.0
+	0x7f62ff050000-0x7f62ff250000	/usr/lib64/libblkid.so.1.1.0
+	0x7f62ff250000-0x7f62ff254000	/usr/lib64/libblkid.so.1.1.0
+	0x7f62ff254000-0x7f62ff255000	/usr/lib64/libblkid.so.1.1.0
+	0x7f62ff255000-0x7f62ff256000	
+	0x7f62ff256000-0x7f62ff25a000	/usr/lib64/libuuid.so.1.3.0
+	0x7f62ff25a000-0x7f62ff459000	/usr/lib64/libuuid.so.1.3.0
+	0x7f62ff459000-0x7f62ff45a000	/usr/lib64/libuuid.so.1.3.0
+	0x7f62ff45a000-0x7f62ff45b000	
+	0x7f62ff45b000-0x7f62ff45d000	/home/lukas/dev/afl_git/libdislocator/libdislocator.so
+	0x7f62ff45d000-0x7f62ff65c000	/home/lukas/dev/afl_git/libdislocator/libdislocator.so
+	0x7f62ff65c000-0x7f62ff65d000	/home/lukas/dev/afl_git/libdislocator/libdislocator.so
+	0x7f62ff65d000-0x7f62ff65e000	/home/lukas/dev/afl_git/libdislocator/libdislocator.so
+	0x7f62ff65e000-0x7f62ff682000	/usr/lib64/ld-2.23.so
+	0x7f62ff810000-0x7f62ff879000	
+	0x7f62ff879000-0x7f62ff881000	
+	0x7f62ff881000-0x7f62ff882000	/usr/lib64/ld-2.23.so
+	0x7f62ff882000-0x7f62ff883000	/usr/lib64/ld-2.23.so
+	0x7f62ff883000-0x7f62ff884000	
+	0x7fff5a065000-0x7fff5a086000	[stack]
+	0x7fff5a0c7000-0x7fff5a0ca000	[vvar]
+	0x7fff5a0ca000-0x7fff5a0cc000	[vdso]
+	0xffffffffff600000-0xffffffffff601000	[vsyscall]
+==23294==End of process memory map.
+==23294==AddressSanitizer CHECK failed: /builddir/build/BUILD/compiler-rt-3.8.0.src/lib/sanitizer_common/sanitizer_common.cc:183 "((0 && "unable to mmap")) != (0)" (0x0, 0x0)
+    #0 0x4c90cd in __asan::AsanCheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4c90cd)
+    #1 0x4cfa73 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4cfa73)
+    #2 0x4cfc61 in __sanitizer::ReportMmapFailureAndDie(unsigned long, char const*, char const*, int, bool) (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4cfc61)
+    #3 0x4d8922 in __sanitizer::MmapOrDie(unsigned long, char const*, bool) (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4d8922)
+    #4 0x42dbab in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x42dbab)
+    #5 0x4259fb in __asan::asan_calloc(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4259fb)
+    #6 0x4bfd1a in calloc (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4bfd1a)
+    #7 0x5c181a in __alloc_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:542:7
+    #8 0x5c1c76 in alloc_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:646:8
+    #9 0x58e01c in btrfs_find_create_tree_block /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:193:9
+    #10 0x58ea90 in read_tree_block_fs_info /home/lukas/dev/btrfsfuzz/src-asan/disk-io.c:339:7
+    #11 0x5f2f84 in read_tree_block /home/lukas/dev/btrfsfuzz/src-asan/./disk-io.h:112:9
+    #12 0x5f2d62 in travel_tree /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:692:7
+    #13 0x5f2bab in add_refs_for_implied /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:748:8
+    #14 0x5eff59 in map_implied_refs /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:766:9
+    #15 0x5eefa9 in qgroup_verify_all /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:1366:8
+    #16 0x51f08f in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11637:9
+    #17 0x4f0f81 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #18 0x7f62fdcf0730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #19 0x4213f8 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4213f8)
+
+checking free space cache
+checking fs roots
+checking csums
+checking root refs
+checking quota groups
+ERROR: while mapping refs: -5
+checking extentsErrors found in extent allocation tree or chunk allocationfound 3472328296227696688 bytes used err is 0
+total csum bytes: 0
+total tree bytes: 16384
+total fs tree bytes: 4096
+total extent tree bytes: 0
+btree space waste bytes: 12674
+file data blocks allocated: 3472328296227680304
+ referenced 3472328296227680304
+extent_io.c:580: free_extent_buffer: Assertion `eb->refs < 0` failed.
+../btrfs[0x47a4a3]
+../btrfs[0x47a550]
+../btrfs(free_extent_buffer+0x6e)[0x47b73c]
+../btrfs(btrfs_release_all_roots+0x8c)[0x461cdf]
+../btrfs(close_ctree_fs_info+0x1f3)[0x46391a]
+../btrfs[0x424043]
+../btrfs(cmd_check+0xe1a)[0x43f352]
+../btrfs(main+0x12b)[0x40b581]
+/lib64/libc.so.6(__libc_start_main+0xf1)[0x7f970daf3291]
+../btrfs(_start+0x2a)[0x40afba]
diff --git a/tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.xz b/tests/fuzz-tests/images/bko-169301-2-blocksize-zero.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..68f7ffd4398b6c21fb8a2211629729cbf609330d
GIT binary patch
literal 3836
zcmeH~`#;l<9>+hJu_Koyxo%n|Yvg_;D^ek8gplYvDq6yt3X39=+|4aQn-ErG=rp3W
z7UdE$Be~?;TqoCkqq(e|@A>8X)A`}sIgiKp@i>puU+{iEo{!i2^?JQUd#|554FI6Y
z{-<`50760w005=#Q}4uLycGKkfJpWzQ<6EAqW?J*bHW9+H$&Cz>jwqD*Awm>EQ_S~
zcr$%}?aih~joX{<o`lSnks{RmBnOX<?C<%CuxY{XEZ2K3<2V)?q3rO@Y2?as6I9Ve
zD`a}d3Pg`bGv#fWuJI|)#=)QIwPNrs=}41iS8}RH#I57}naG<q7c_J?C^`MsU>(<3
zL(uTDA>^Z2nmSK?O{^4bap-;rGbNgsc)53Yd$(W3#$43K=zuBOIdqJ|fXx$@IJNbI
z_B@PfZpd&>D|&n=-$f?vy+U@<@hsOBVy{BAoShzQ&+DMu2S8a;d6%S{Hf$}*Jonq~
zxDR8GLaS$bWXAgBJ+I5h=MKlDidLg77#d5_uiyK%w$=*97wb|1pIX1QmlNI0cqSN)
z+9-Aj*{$_7(Ge_XWPwJt#`7;|f+#aIq`Xwm`wX&xvyC!5<*+9+my^Pc-j$^JUZrvR
zDDwe!f9$MnlzLbV>WrnL&bc7#H5*XET!OhYuVYYQUoQh;=_bJ4jRx{fQw>T_h|{}U
z>FIS-PTt3&`ppUr-HG4-Zp;{0(UGlfuOP3b1<55~n)(q=5k_hs3L?>z$aeA(;od#I
zBVR&m$L&^5F5bPSZ#2X{agwzC9#{(7b{V~eWwJM~Ohuw>x&(rnrHW7QdJ?*6Yi2of
zU;56^mmiexz|JB&;(K!Pl5V0%0^Muh)LGy>OrB_<x-UbqS;tMdOfol?E~C%mUtPx7
zZ|WgIsq!^VmWjf(D{%rY-l-B_a}Wm7AcQg}jzEh@Cq8_LCR+@)wT5QPb7ajdfQk!T
z6!E*BG!a)RML%j~KR0Be+C0-+MQPOfJYutbr`PTL2mCBvET8<cL0B|I4|i){pTSM$
zYQp<=`c5T;7whmR-oAxHK-abwg)7yo=7jSnM)Ai2lee4pWyxjNt9fcvIp))pmyiK*
zD%sq_Ee^xOXL(<_bOVSDMk68oU{tK<*|Gv>wcx`=oh_+1U)95h^aBu&IlYqAvY)&4
zpnhhEaMnrs*fotD#hr=p%t>M+pUZ<#A3a)Vx&8*6|1cywtwW-rn5ZF7K+sY|Aq!_3
z?0JgQ*I}GJj{ZUD)iWat6s|`l1E5)!Bqk_`m9m6{2rr>rr#J^`r&zfW^=bXSk%0#*
zJ^r`2TP**7&y?m1d)`%}tLEc%hacd2ipdXq;x#_uEiJqHc96EQ?y7gS6Yjn3(CUcW
z0pafR5OhojDroc{=*8w222K!p3$j>ALLZpZE%90jP&2Q+wJpkgFzen5SEYm9Vb&OE
zQgf4FN08ki5v=TK<_sq@tD=lG$c$9ukpD~p|HZags-l%+z@ZG~zaG>dqvgcv!DR8Y
z6dSObQKF1Ft+m0NQ$w%p`&Gg}c{6)l{TET%nrOlGd}oE|2E(G{P_(&?eN8$5dOFj~
z3~bokYtFWmp;p<C+S;?6D>gewg+MhSj&&>f?Kr}wZ$!bsWmVafafbE5{w<icPk8i<
zoLcNhql&7B{VD~CtX#$}N$o<kh2{gcJtBqr%-4NHBd*%BRDdMCQKtuUS@r$K1M{JM
z%3ovkNk;;oFNZDU1s+zGMv07^E)xQR*PCT|e#s&`>s^(`2-Gv%s_OdHX=^X*MYpg=
z9_RF^Z38WV1_U+ZvCQJD_n9eS&RELrPlRXcluL6J2CBCW)|KO@U;1!{t?CHzrw3aN
zll^(8gO_tRtEmE4A?D3D_AEby({m!#KFJg1QbJj8Fe1%13dpKdH)D{#n@}4_&kZZD
zD;}jx_IAFb<tG&TB#qyrmKkG)z+YZnG^nb0K*qWFWG#%}M|^S4Enb>}29G)9A+hVa
zp^@nvT%0Xixr@3Ri0zqP;2QhZ_0LP_iZZcQ+Ty{-Wl*EE@^9(xuqpcq;mePSM9bby
zI8buONO!U;8`r1mJA@TJXA?8ykU~?9^{qO2{w7@}%$}z=U|mZ03NIe|e*D}=`)|@E
zsdw6cx%=wc)F>{fyESam49V&0DZILdcaiOo<Q`dpeRoT>!ByfS#rlf}dUU-bD?T%5
z<QA#k>iwJEq<1JMIdh>{s!J!bd-fJ_LzRaf+L0o-Corp~`;rZEJ(uu|zKT~#Vg16z
z2BL@Ld75YEui*BA-|*MBp~DOFcjMg^x{j&ya!O|Q^+!zot+es|_*Sh8XU=9|AcG5c
z-Wff2cz8pAlG#|QAPLRC&pBzw+qF2qU^X1ny5tXieP6Xz6YLq}w8i9@;T+%a#RB+o
z8WTAYy$U}#`K5sKmwEjE!iBqrXzH8(%lY(x*(+}4qW^PO`xA!hqG(<F6W9+V&`)5$
z7mPo0^QXf8TqFAl><26Cj{=JU9|WX<(s6m4dO$z@I4k)Eya|vPfW^eb$cB_g71lIg
OSeN|$#|1!Mr~e6(DSFfZ

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-172811.raw.txt b/tests/fuzz-tests/images/bko-172811.raw.txt
new file mode 100644
index 00000000..bbdf99b5
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-172811.raw.txt
@@ -0,0 +1,55 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=172811
+Lukas Lueg 2016-09-23 18:34:15 UTC
+
+More news from the fuzzer. The attached image causes a segmentation fault when
+running btrfsck over it; using btrfs-progs v4.7.2-55-g2b7c507
+
+This may be the same cause as 156721, the call-tree is different, though.
+
+The juicy parts:
+
+==19342==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000000e5 (pc 0x7f3b12e1df50 bp 0x7ffeb50b4260 sp 0x7ffeb50b39e8 T0)
+    #0 0x7f3b12e1df4f in __memmove_avx_unaligned (/lib64/libc.so.6+0x149f4f)
+    #1 0x4a982c in __asan_memcpy (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4a982c)
+    #2 0x5c2d59 in read_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:867:2
+    #3 0x52eaa6 in btrfs_node_key /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1667:2
+    #4 0x5436c7 in check_fs_root /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3661:3
+    #5 0x5224ef in check_fs_roots /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3809:10
+    #6 0x51e772 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11533:8
+    #7 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #8 0x7f3b12cf4730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #9 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+parent transid verify failed on 4198400 wanted 65305493131755520 found 14
+parent transid verify failed on 4198400 wanted 65305493131755520 found 14
+Ignoring transid failure
+ERROR: add_tree_backref failed: File exists
+ERROR: add_tree_backref failed: File exists
+parent transid verify failed on 131072 wanted 36283884678912 found 4
+parent transid verify failed on 131072 wanted 36283884678912 found 4
+Ignoring transid failure
+ERROR: tree block bytenr 1280 is not aligned to sectorsize 4096
+checking free space cache
+checking fs roots
+root 5 root dir 41471 not found
+parent transid verify failed on 4198400 wanted 4 found 14
+Ignoring transid failure
+parent transid verify failed on 131072 wanted 36283884678912 found 4
+Ignoring transid failure
+ASAN:DEADLYSIGNAL
+=================================================================
+==19342==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000000e5 (pc 0x7f3b12e1df50 bp 0x7ffeb50b4260 sp 0x7ffeb50b39e8 T0)
+    #0 0x7f3b12e1df4f in __memmove_avx_unaligned (/lib64/libc.so.6+0x149f4f)
+    #1 0x4a982c in __asan_memcpy (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x4a982c)
+    #2 0x5c2d59 in read_extent_buffer /home/lukas/dev/btrfsfuzz/src-asan/extent_io.c:867:2
+    #3 0x52eaa6 in btrfs_node_key /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:1667:2
+    #4 0x5436c7 in check_fs_root /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3661:3
+    #5 0x5224ef in check_fs_roots /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:3809:10
+    #6 0x51e772 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11533:8
+    #7 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #8 0x7f3b12cf4730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #9 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+AddressSanitizer can not provide additional info.
+SUMMARY: AddressSanitizer: SEGV (/lib64/libc.so.6+0x149f4f) in __memmove_avx_unaligned
+==19342==ABORTING
diff --git a/tests/fuzz-tests/images/bko-172811.raw.xz b/tests/fuzz-tests/images/bko-172811.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..08546c2b23cc0e60345d96781f6b0701343dccd7
GIT binary patch
literal 10900
zcmeI&Ly#^|v>o8KZQFm_wr$&eo40M-wr$(CZQHl)PAZjI@&>62Dpha12WQthYqq~{
z4o^*OARw^Q)n;)JAYx!VARr*5InC+cUwbeDJs{VXpHXXwa~-Gxqx1=5^%jHM#bOxO
z&RR`PhhMF7%(VtM72}TL%1P)CceaA^b}O?+b=`6>f9PUigLVF69L20fR*Eni7}$CO
zJ}d|8D<&Au9l3Oi;R;4(1zr||kYv%g(q!~Hn^U^7{<vGU9O>x$qc)SM`8d<7rpP7H
zkP09IttqX_{8{Y-@$)WqO;z#>gRIewG{Eql5fJd3S{lJ%@pJEOk{UL|jaYxc(c*H)
z+}Z+Xde#R^gl=}qRZ~w)<Fk6T-@jh4`q{Oc?d4@o|Fo*wiI9W}cse?=dr2&z5{=`2
z!K07?r)`rduzqD>Rt8EIw2NQ*i5v~yYv@sqWO;x!`*Saw>1`w<rZz0z3K`BvBwv?d
zwMM_)bWk^qbu<yxYZzV6TtCEN+PEJV|74i-{j>rNF1{5@vDvv2#Z}`>)@N_GkmFw%
zAu3+#F!3p6ICC-$#=IAu6USF)E{K?SOJPgL*k;VqAJ4<<CF4n{#8r&fT`MV3)S|fF
zr{BqQ$PmAxg_U+^(@o^hDH}CyM2FS)0cKRBQWx<!GQxu^NiR$)LA3#Ci!<LJ0ntd&
z9)}vGY548q%qamA6?%@Sg_Vr4<N0uK&P?}WPj`u^vyb?Z4CVk*i=qso9i8pB(NJ#Y
z!RWN&Wp_fZ7$<VnS6KT4b^o(XBoEyc_md}JpY5D}h;+I1@AbNsc*J3HmAB^vb|&zW
z`dj+}2RRA2g#_fv8bkcf*#=51U9Hdyb7jrm3)gC`;}aclsQ0nWny*h~fb$H24w3Nt
zjtbu!wJ9`@{}heQUJK9ta1XsfB_h9!xo|ux!Y@+N+h2FBH`tl)tnsZw?hSXr7hAW0
zt2U5?hzy|{@Jn^wh(x46-u~+(e_yu1cn{i>E5gtUi}sNo<tP#zB=E*)O)O?E{JEYF
zm9Rx=dyRJ?^ID_d>4;U$3a?0c#I@_J=F}U$$YjSuD}@Y=Cc^<B@CF}BbIt2JPG$2w
z;&%&#PU&?YP2xV>sejoUcEfz(K_2WO&UwX!7$F2hKgi&YWo+wz;BsvSi2%(&#tUkR
zHhp*ql|^xqcstSE>-<zsS-wEv`N?=K@=&2JpK&xCF$E!dEC?M2+c1pS_@sC5g7X|&
z7~0_q?g(%4!DI&Su`o!Xn^yquD7~WE?2gAG3I&#(*{LufV8=`!apO)x32xxiU*uEV
z$XF&{BgN6%%`M|7>PQB;?wjD^uZy#wk&3fMyOPp7j=3Oibu(Ydr+H`fplmR^>7I@A
z$eJ{|U;3-e|E)jsn?faySn=iA70{aZiv$b+x^_}2`|hpvX2Qv9i(#^J$Sor^xTcy4
zSx8Bb^rcC7pmce~{=Z$H|GuR6?q?<=y?TFK$YW4IzuEtl=Ke=dD<KLr=Kb6etOD^L
zvmxDo8w*T!Kl{P?xMEPvq-r=%sPCAKxAp%_@DKg=(i5V$EH;Zm505ojneE%mCxdl|
zMt(w899kwWa;gX5xV$)7d&s3~!E7$LUS2S_r?4bpI1y;Ohab&5`uRqe4YYVK!Qiz|
zz{EL%$pIV4iarW92K6^{+RrCNLJ6#c`VdZg_{$qvvo@IvSXq!WGg~x)AdnHeL|JLW
zL#xn~tAuF1a~Mo+G<fjZ%{vYEp6VF1mCvz~>$$v*9+8ldI2nd&=GAQtRR7~%w;G-e
z=aV}7`~zq{>v%Mp9U!FUOAxtC7uF*w<{a2SS|GFtqyN5LtQ1Zsq=%3wT|I|W75GK}
zk@0tg-Tg4iGC#Uyo@xt*d&jrO%XNw-33KZBM8OoD%7R6f9Z6!WlGy^o1ElJ^$Z_cX
zp_JEA>fMc&WrE0mQyI413sYs%JeUscsmJGlw03bPi%fz?mhld0JL3~RoTq}t2&B$o
z_+T@8Jw9+XpZsZ^KviXwdNC8--7`>G2wNmWc?hGa!pL9_wB0R);BI@=gCP1w>}+<@
z@Xbi_bb$W5*tCzGhNo=GRdcfzg2QpVsj6#)0`pUueqwPqe(|U&;YA6cgGJc3^MjI4
zYAeeP2%wX8$E_mKMh?PxPZ)b;&Q;BOHIEq*q6Xur5UzRmY%z4Y=NqI2KYG1!-U{V{
zdfZo*k86WOUJQ5a{hMVzroS{t(j+a9Td7W=i726cP?4V9yt?x5n0mraqBUv=@>2+0
zd=!&}1Dbd;yOZ&u|3!f{seKdH%U}`Q#t(`*gEh<5TQ~LMD$*dED9ceROK$iO1&y<m
z_9vmF_=mFwbHy}9eqdAR-$7uqp3J~vtV%LO6q$9#o*a_K7WP>aGNZzYc715L|4gLz
zq6*%cGVFVc__hEQ6nO^$No4a9f69y4)m)J+157DI)fwbD-ykoRNX;si*MRkRU|4(r
zd9W#(EEZu;bXY#dTY^lx4^JEnD4ylRxW#+x7FR@fH7u!<m+*e5-SZn-*lXrLt^%>G
zzZA&xerP0MH%sjpEybZwUPtc6Mn9S5{$cAmPL}M%;EXxgruUH9%D02OL>3N>GEsbx
z8RUxkY@e*jZN<ssWtM+PgW%AxgL7(EBo4lgQkgA^2=b?6GCBB5L~A}dKUes7S^acU
zz_X#;HW|NiOa&^NIIoMa!;UFh2NE^#%&|B}yS4n@fs%;h_V=o0W1}T&v&i|W)7nio
zxG?nt9w>tALI5Zu`Xm2rOE@7(Wmc#n*k~W71OFjR1AnqcvE4E+H+^nFhDsoA#Pvb=
zgsXT2F|Mllq-i!(p7uft`DyWnx1*;CxRO)}mQOvH%jFfS64!`L#GY{34JvU*$d-0h
zwhq01VwF*@YjBP(ZD%#}orVX@kIW$w`@Ix6DX^}av!_Ht$&hztO672QCgH)Gf6lU>
z71s+;*cO%3)^$E_ZX=W}Jo?Di2Zv_?WHK+KzSQ$5d#hQ~FD^U6FDtla#NreI;ltYu
zYmoyOFxfIg>O;gh;Bdip|Bl<azaS&dbR|y6Nuh=z`^Qg9pzF^mO=qJ1!s5n?(f_o}
zurm3InWVxex6|XL2=f+jqI$zdd$EXgjUW++{jtrRFoOx?>&-7FOtk<K#tM%Ud{A#{
zvWhT?9|Y?`57H=$!*;oi(m#|gaB~IP8ivZ>k@|6fx7EM4QXe!I1&UU4si`Ke5!oWO
z`9>UO>tOB}-APu@Bry)#X0sR^F8aH=mr`in`hBQ_F<Qvt?8+K()<G)-54(KU`0K>b
zfk&LLw+So6U3D1v3$mXNRv23TTR;d{k`+vw&8dTRan(@D(!{9K>Wc?U*J-kDCC~l<
zR8>)|?eeLZVWA<|Vd{Kw5mFLGr!P&`cN)%k+T*P+x*a(17=9pz)2bl`0v9AwJ!mnr
zJpCp&h-kX(u4;J+=I+}3`=um8A5ck<02Yl~=vjdl7|@`x2B=v`zlc_i8>Q$b4Yuo)
z1qlX=Yf%mwuWPz-Tn0l4A$Yo&>LN2yRyY-kCgVl6_gQn6ir<<RYnbwrG?LX!?RK|J
zfPsfeG|MpS8kyA9^@{p@w#-68r)vsiM#I+@9V9#^X;6(Cm~fOJJys4Q0t=cYD<mJU
z^^2b!otAV~W62`7HS6Ga*ch^qtM0yRcq>I1&?M3!_htHhGRBuYJJVQr5(7~3+LL`7
z{p$uJ6*vpR##<qvAlOnIlwjVNUzO1Tn9=Jvb^`sAR|;FA6dWdzt!Cku?H_y1;|8*<
z5Nt1kYpLBG3XX?at=0N?3M|wBtBy4^g_;ED;Ai7d0iD}O8RdP@SoP5vjt7Kcw6Niu
zLj=cDi!50ZH87f8!v~lXTI~D*UBGx_xiOWx8628|XiDT#8sX}RAtn$UYuc3@1BvOK
zOR3w*HbB9Y68Id~qU;I@50birhNWD`OOJ}jf}B!(ONvI~5@sV#dcDL~Tkc-!`Iss1
zt3{gaP>rQF0lU%cd_1_VroUx}UQOM%Vy!2oWn7wY-`pl7jX4Y>ddF3U!%<Fo-e>1l
zq0PNQS&uNZox<9>T#@O7uE+qIXn*~oiWIicm?rENw;UmV^TQx1OuW&#{F$!(nzjkW
zRR+P{30zEdyhVC^L=5?I_H}Wr9uw8^(mPQ>4;;%mQiZ+gCjg_J{TXwyv`kWnVM`o$
zXT4P|19u;Erq9J1R9j=CS8JljdPJ7GCfJp=KZb25yxH2Q(n)M{dV5154k&nj^?R6P
z-P&nD)z!|{MOBP4(=x*CUT%9?JN<OE6i`iQnKv%JN_yX8gFebaRts?;d2ASZo&_vV
z!GZ$Btm_?;F_tq928zso<U5%o6OGQUz-f=AOfgGB>=pY*A!LqAQ1mVL3uMZlDe^Bc
zyUvoRG--3E7uXa!P~}$5lpcA<qzSm}(KbKDl0YMfG>r_}q#Dzu)gUYVDFHnh2~b(n
zHg}uuDGhkK$k{ZXcgV6<LRVH`LA%|FG1Hsba{hP^)Ce5HObsebi<mS>pG)3=iI%V3
zr!ctanXt3@%SC-3rp*c&1eyz&9r_eBb=blzC{`IxJBbgToyXtNh~>{*%K(*3&H%AU
zTE0_2?D3z2D|}eBr3FbAzT&M!jnf~!UeZWF?kcS+LxPjRLwhaxqd1vw|9T(C8y5>>
z{5wRv<~-aUaGm0m1iF6dnW3b(T7oc*-`vuZ3i6_iCa#+$cngXn|AaQYS--qyHcQP4
zbK1lqtOUnT&J3|azX>xYrgO0cNVb$mIe}VIlNS1tD~7Hls-zVmo5)61%ZAW+<MnNC
z*E2DUBd(9d1MxmLfBfJ;MTIh#o%Lu1hCXaki@AF0z0%jJ{EsR$`)(=Sso88+7UR;Q
zZ!~6#JbRLKAKVV+0_Z*xg?ze2?fL-dJ5Pj>#U>3XLd;&ldEJCS6-GeZJB3s2Y*J~|
zbNGIiG(jqi^PF5MZIJTIB3xJkd`I@Ue&81G4*-KoN#Tec!w>Qv%RPBEA3LTe5E*T=
z!o$;_+dLW`(RiPy@d?Z%_=XqCH&qd;%csW!s?$m(LY6=5{nLh^1B+*F-_BVmN><R;
zgFJ(FWbG6L2kjpY+Q{bfWKzIYiKX#fa!$GDwDNmU9Ccs^(rXEXzJwYS{vCMGE*pLH
zx|Nq!en%A?ILYoJaVJt=uZT-UXbcs<hXE(fkq12GpEOs@$75ZWi0IOp(0bg?tQKSs
zUqZPMUizc<M$<d|9EbZSHb83?*kBsSX!{DMq>?C-n0G^zfUsDm^7wCkPJZhFNX}-a
z;0)x7`y=9<mh0Bas-TP)9lxn1_(`>H=g?1LLJ=3rQ259B<1U9BXYH=ASs@TsyD@o$
zOqiVEi+MmJUXtjE++ffM{dbxXKeowlwlrSyOJ<S6hDe|!*VxDUPh=pCv%#FQeAzl1
z^fTn(D>`p8_Pibjfj;pUTz|rwk^_EQ9cE~aLI4O@#HLy5dx%b!#%4E^3H(?NXY@SD
zHh7#>Mypq!qDSR~HM5$28k}1$yy-7te1J!0&>_SC&ivm$l*b*e6*!W62jANBIT5Ej
zDV)6w9Md%=`0Md0_=d2J48O?vUC0%jCHU7#0i^M&E7@9OA?74Q_F)}eJbQV-a04px
z`j8maKn)I*f-i|O5jdz_T$jL@AJC!RV&TZ*Y_z&u`k(E^>n3px_+3lNU4K#M&#MGq
zJJIX%Zd;tAU>c90?iN#8b229XH0-wqX%5jKM<p8tGE+Gq5W(2<&=5Xov|{i-fq=xl
zaOtO-P%&EHl9Kx0VHQf&c^k3=Kq$a@R4m-2eyX)WnUY_4ty-t}mndWn4y#J7(-OHp
zP!{%Jb1jriirTs=zyt?s)=*_icomh|Ghhk)TInZ{E6rc6Bkk@UTRn#Wn-3enr#-km
zkW0)+b$UG@fIpIcolzieu{r*6E`w9t!!G2fTrh1q((aX)^kxnsF?uA#>9n7MzmWs^
ztx_P;O2hlBe0JBVJ>Yp$->~32EB1cwob_@ZUun+SJS?XU#0j;As&ZD8Qy-{`D0uF$
zmZ)BW_!r-qTw6-QD<!mdN7M!vxZ1#RAV_R}Ojhg0|D0Vz$e{#^T!_{KJ%vJSFYEBr
z-hK2J^Mh+SD?qH$a(S6$)n(cM@tmP%#2;~pg<sZ|q1-mLhNEFAB!)yq(ZS}Q9|gVh
zq+t_HH#iN~+(#eVLFr2&`El%)0FSGeXaO&EG&X`2AsnK!_mm*!lNz0qrN$ME?Uxae
z*eboaL48fmk5@Vz(S4S|p)I=9)JU%!RD)L?7GBTDxg#*W>Mp4<u73qTLHH_r1tBE|
zAWb(msbtJ&6skPCiX83;2Mm3?IlnFknbuc?Z0g#9=P}ienk`XTQ5hZJ`G?~@&OqAI
zyehw-gn$o3&DZ0V7&?b}EUC^E39Ip65z#dz8l{L9aX$q)#Dn4y4Z6x_^@js+t#OiK
z$BJCzx3+x_wa6KH$`yMYEfffySHEmO&AoJ8C9VLoe?(#MXpX~cnrSy2KkD8sIEFK_
z!kIc(={8`-nG)mFSQ5&-9yzM5#=g??m|JjUTfR0DW?haBo*DH(L&iNQ%0nyyDb0qy
z$S4@K6H+T~>M>6j07v;B!&hY4TUF*g`N#(xd&Frqgqs*7A!C6hy%YADYDh%;g#z}+
zi+{@@L@w#Yeq{YoQ|0Arb}%g+NiP-n7P49c-*}CwUlF)c4{>b9J4Ug3TA)6bw26`Y
zz|Rktiw(24D{4)I%((P!o2|s|1pbItO{n~Oz5JJL-w)AYF(dm<H4^t11>w_kT|@77
zsWp2tw<-+SS@@Qfyj81S6m2s(O#(&h3FM>DH(>B9STTyL`qX8_3OrZKcvpGf*U)76
zC!@f6Z~U>L_N7db8=APH{T=PuFu7qLZ>8*^P2w%L>`H@PAkt?~!o#b`_T}Qlx+7C9
zhekdm+YbwUVVMoUco|uLc#1uU#aDS@gdiCq4d^1+28!>Giub&SpQ3s5$*DV_lvG9=
zP9vCoB$2k-#dtLyuHsdowLDDbC;AId{f;$EQJaB3_j9_sQ)=3%Anf`TrJ=pfk|+{W
z1-_d?K+H<+?}`uQ**i>;00en|GT)C)KlM&zIh{sWuUYA%^udaq6Szv50z<1%aFA=o
z9#ewMVC>wqW(e@~J_Uq+`GBK5Z}gk>&*)lVxNYUpA7KhR9&uOr(YmPXHC&d_1F<0?
z29=}zx2El`vpBOrt2sK&{><}kk`ObG7ki+0lptO*)8Ev0rExi>5TM?>$&G+h76fz{
z-aX6FI1#EYFPj>5&faVd&T(DzWOH`Agfjar1LQpqA9aZp6uNfa&|PU#Ewo#bYFEUD
z-On@byKKYH;Gt|WK>&z-W`4|m+mt*^D$V@&e_&3808nzq-SW1bRJTKZf*&w0Nr}vE
z-x0sco67!S;%R5v6BPW{<W-!%$6aFKrPYFTwrI#q4LrC{DO8L?kLaOgoe_vuwprE+
zj4_DsqZZj}naQo<xJp?iVjbWV%`W%O3NeMx0}ntHNz}eKBbmw~fhbLn!@<mZRAkqG
zyBDx``JS_AhAjp69bZl|TAJGv-U7sor(E6S;`8!ry9Zoo)dtLSyCx_#{V{X3-_KED
zZ@Xgy9Ok4Xw&@I`%zTc#N^vV+628ttEBW)jmNWSY2vHk#vsO$7z#&I}j1G^h8?}z;
z{1J5y%T^BelK6Z)X~hL3fR<}Q=9CT+*m)8kr%GetSH;SwBCK}y$yuJ(r|Ee2)+)G?
zUxiZ@IV7$haFA8z4cJAJd27)ufOM(dgj>(z8f|m(o)}z$yojdz=+G_lOvG;^qF9IX
z=gt3#Vqv@Vdl>=cGzc{VX%&uOXGes_`Qx~R&9(Cyla`IG#y!YG{0VilLkn%peS6Fc
zw$9NgzzAJI=9Gu+5EeCOP2|3&F-|;_bQ7^?x_*!H5(ExV#cg;bjA5ceE+jVyX}U<0
zAJ&wiCG0*X&*6H;He)HPOd-cSu6I#E_>!VnzxLR$pN(keqLm_^bvAW%!4;NL3-fhV
zts3R6#*e})Tc_JyHZVUq=&;U+8}u*v8)=?y`o10)IzG#B5XwKUSm3G78PAIabV4+Z
z_LsjK+O!A3lFDhQvjJdR*pK#<5AS7oFc`!#eh-s3e&N2a7rY_a3^??TV;O0aIZ0An
z8A0rTKP?z%yBk>BFCF*gHoi7)>Ppd2W>1hRu|}-OB}=|zm6v?`$9IpYmlg9FyK1_M
zLRBkMjC$;Z0$PZ$Ik_QK%wwWuye`zR#Ex$ZF+fI-ejFEWyXgm^`BMRv;{&}c+ZEvl
z+u!P@y7k5YsK`q<uZOLIDInmO^SWGoLL#)=*JkkBJ5XgF0Ih<~>Kzr;*<J$Y9|Ve;
zu4Iu`18!{j#;fI|_7VLTIAWB?X47t6GYy%rmvFZp<R9~-Ya9(GWlH>dtkX2OLq$GZ
zW8xANfK5xM8KDQTq~3NjTs&N!wdW1{kU7;=i_BM{2)oktwytQUh^0%)@Ed6O42Ao?
zFLcwHH1oJCH%-`C*1I4iG}$e96SlO`-pm=X*^1BvA&Qx^`oWEPk`Itu)hmyxp*W!t
z(b|LM$3;3GGeEKL-4zF8)3i7({z4P2-=4Km4QlA}U5(H6nDWFH5H^6x4H_J>ML>_C
zW6>!Bl>aR0m~2wdx9d1zu-8)1k|<^bkQBrJQRQ}jgEVz#Mt&J#?ODKmTcIh$5w=iR
zt!I;;Zi=s{3id{-RAolI0!i=PfmC7m^a=hZgOwrV7S@)jFY8dl)|3RH>*kO4cW+L2
zz3SnO(Jl!|Vi4D8Sq%YGH{*R&(;-gB!AdeRZ?O1BG)=d3|K%HLNS(C8)X+25Lkz@Q
zTycK)NQ62<gzN_f#mY4>g+821oC>3Q5KFD*Ct|AA+(C1wP=KT4L{5kUavTtpt~ngg
z^TX}*VUAXYPv-YqqY{h4{=;xm2s>Dc&26Y6u<On?CV<FS=h$b4GE7&|fC9HRJ`*5p
z1b1_OcfV|GD$!UzMJ!cpyUw-%w}7W_arjkCa_S}kxealX!`0VFsHV$vT-%rAXCrTO
z5B!PyRUkpF#b;AO+S(v3DIM$ts{2@`gx2r2qt8B5cy=NxCHb9z4@5Fwip(T&Cg~{v
zuGuLibvEcs*Ns7#X2O8>vdo!ph=gTsZ#<?+kl|-Fl+XT+1Gr3lBoK&2!qJ&*5^x7-
zZlQNzA*EW4!<@z*n?lA+PUPwa)!c+IHMix%RhU4882NGQk0SJ*my%zkG@K#*gy(wx
zRRq4Q3LgS^5eZGKs~e^&v!MWt$+=UJAvveVaF_*g)slD{L*`6Mb+e~tJuG^c%y&SA
zjUfM3*;fhmlMkmZn?&c-H&=JI`=joET$?4v)E@Ufs(VaiP~=PJLt9bN`TC^XGixPA
z3!1msQz=o>H^vZwv0mR%W;jRh<jK}0LTs77wYc5?EoELJ+enf0gcqe+g>{`A3@GQ+
z7Z#D=MA6FONeRM~kKjE8xM)Dv({$Y<TP#MIXK~9})VXK$Bj>1lE_@2Voc(r}*7fH+
ze9V<IveVa?HlR^u{FZ?71Z=mbp|oh=0OIV=9F1t-8=k76%|Ip^oRx)--P6E&oIn?<
z?F%%QPLYO*|5hwz2YK}`spMjuI5~XuocvU~cX|6(oepejN;24}e`xQ_9b?*Kd#PHz
zdMW1*a?ku?PqxFSmzdZa?FL%zwpiEJSj2Yyla*nTz;pYE%jYrncR87Ih-x>wn8`aS
zaMZ~sgY3i&U?<9Q>1l(84|F*>6Ggswz)gr8VUo&d8bJ}VQcfSV|3!n$;9pVz`rJ&p
zz#kGpP#iky=o(71M1Rj`rt3|!1O&+&2~<1+m#zEl4w4Nggy`zNx^Bf@8sk{s<!Pr+
zfuOh|S9b9Sf_KGBxqT}Lau^V`;3!kvqtLk2O;;BvDGj{|0w1=}yg?6e8VCHHQtZe5
zOTc`!7W9y@3d*ef^8H>CCqx<$p{u=@90r>S<3t%?R(J27g|B)$O!G-tmRg?W7ZCGE
zM{6U*%hnsrhUi2uD3{0nir1TUz2R9&9raN(2;@1%BuynNmjrX4j@1DXw^qJ~I|v0i
zqgv8w<J;>itcC?@w&gyNQP+*}G5fk>WmVJo2Mmi&9Ywq9{g=jRha3V*cvbCY39I$`
zBNK0TPjPR3E>T8A;b#uyJna_w$Z|uOv(5g{_GRCNdd7#MlRH%OSoY}7{iA;bxSS><
z5vR!=N7KazZZ>mj5cJE)DxRHlAk?waprn4S1;Go%W;4>-jc<p5J_mBiedTu}y#RyV
zo2p-4X8jE_E%J)2#vIB-VEn;`JpWSm*Izd|WoNYp^x)zd!l4o<ZkH9?<egMw1F_9~
zhXze_FMkxRoR%j9+1S|WA4BVbF?bJY!b`Jj3nIAw#L=(7O<L?hQ+GCARB;bf@XgpI
zZo=3~sl`>!HxX#^X<n=HPQ&x>(%ta<&n<SNYU8T6r-sY^Cy&wI0EDPh>;B1Q*FTm^
zVdr1daX|SZQKFHMG7iZ4V@&rkE2IB|6f21~eMB2RW3P>bGKN1oE~w3|rW*}m`#uV_
zJ=l|aGll22V~ubJdOayl?e?p#YFarpr5(=;Bo~FC8H!Zbo|C@Y(=HDaPQajMCun7D
z%->2sGN~cdlYsi|-xee}d4oc5Hj?>>`x0>N7yV*v5l+R1?{Vd2_%$6`q!@)W`Nvdy
z&;eaX|GwjMVb|pDn5l=V418juQ3WaU!~}`gbrtiZDnd~l8Fq)`6a%GKOc9Gp=LL$_
z#P5=#cr$C034MLT8J@FT;JtVuIhnD)vT`*Y(dWMcqj^rnHM30uvQ5uc^CsJ@-%kv4
zkZN9h+`FtOJZC)7YUUPw){=5yCXPt;Az2Y`p~jH(sP(Au*zE2;ch;5F4{+)QGt5-m
zFet0OXo$zu19YLI$H5+CR=U9P7S-^D6EnI%XeSIYO73lMoyRg1KTipM#PYSI8Z^GT
zo9{{7EPKh|*+@5xz(Tl0t80Srb+wwNYyzMtgM(fGKds!Vy{$KSoLcF$rs}~I5rX%-
z)7w3rQiV)?hdm^@e4`lbvTPl)<qJkzY2-;TpN;EoCe%4AYco3^V&$(=9x=YCj;|D?
zQ=bkLQI9?_slwB~w}GXx-?_@pqd4}_w}4ppJpNXyvO$KUm+w1BvJLL995L?|y{k}R
zR6dJ*(Kik{!<{R~#$)jp)%$Q4TE?wGMb!k7Gzd_G2?rjuerAsJ5_I5_^CD=P>&jnk
zifTtVjKs2Dt~j!T|A$xL&$dUL1q>g&Ag%tX9FaVzw81ko4+rp@lsp`#T=3e-Kr`r5
z990$2D$Ipc@wT7orcxipFUgC3MRT88jjUwK;)$IM#_~1HEVt@mB_#=j8Q^^?nkSju
zKT~v_S+(n+rZsx!VWB*Rwg+S0HCb~{jmvv~UV=tdzK_5JWicA#F;C)|<vAT;Vm;F+
zDI>dv*CxE<Qx`jLK4VoIO4Fn-dUT)zk`<7Jwb}W;87f(lV4vcFaMv&Cyo@0bsuEC{
zV7*hL{7^WN{6{nuaaoi+wFc(@lCb60<rOz^C-mlwR<a?~<pSdys|x4D=s>6~%jnHI
zYbFt5gjyw|O+i4&`ti7y{O-1=0Ei^E-~#->n3OUU-`ewkA$@{OcCATfiaaWXhIrA|
zv|RjK;n%Z|97|nPSQ2vj!kIWb)1;Vte=4E>aMk`tXYBu}{m@4zvd;UB0apJ11OqtB
z*_T1G&Nh)B(={01RBS`VdpEgKkG;sf=<K4F-<39o-WD(fcHZDMYNHn~cu{F%E$NCo
zW^4lS*HH8e0>!mpYpZb`^c3>{9~KwZZ%sS@i7fsnJm^1a=YK;M|EW^`M^E*if&DK6
zwEqn3e`8?&5ZyrFK=oZ#@BRPPmp1U8=dR-LF9QMJs`~r;L!Ekd<2DRie1iPf84#G3
G_J0A>l?25A

literal 0
HcmV?d00001

diff --git a/tests/fuzz-tests/images/bko-172861.raw.txt b/tests/fuzz-tests/images/bko-172861.raw.txt
new file mode 100644
index 00000000..f395333f
--- /dev/null
+++ b/tests/fuzz-tests/images/bko-172861.raw.txt
@@ -0,0 +1,68 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=172861
+Lukas Lueg 2016-09-24 15:40:54 UTC
+
+More news from the fuzzer. The attached image causes a segmentation fault when
+running btrfsck over it; using btrfs-progs v4.7.2-55-g2b7c507
+
+The juicy parts:
+
+==12279==ERROR: AddressSanitizer: SEGV on unknown address 0x6210010719f9 (pc 0x0000005f30bd bp 0x7ffcf39cc670 sp 0x7ffcf39cc670 T0)
+    #0 0x5f30bc in btrfs_file_extent_type /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:2083:1
+    #1 0x5f2f49 in add_refs_for_leaf_items /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:664:17
+    #2 0x5f2ba9 in travel_tree /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:704:9
+    #3 0x5f2c0a in travel_tree /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:719:9
+    #4 0x5f299b in add_refs_for_implied /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:748:8
+    #5 0x5efd39 in map_implied_refs /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:766:9
+    #6 0x5eed89 in qgroup_verify_all /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:1366:8
+    #7 0x51ea14 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11571:9
+    #8 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #9 0x7f811e227730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #10 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+Extent back ref already exists for 0 parent 0 root 0 
+Extent back ref already exists for 0 parent 0 root 0 
+Extent back ref already exists for 0 parent 0 root 0 
+Chunk[256, 228, 0]: length(4194304), offset(0), type(2) is not found in block group
+Chunk[256, 228, 0] stripe[1, 0] is not found in dev extent
+Chunk[256, 228, 4194304]: length(1638400), offset(4194304), type(5) is not found in block group
+Chunk[256, 228, 4194304] stripe[1, 4194304] is not found in dev extent
+Chunk[256, 228, 5832704]: length(1638400), offset(5832704), type(5) is not found in block group
+Chunk[256, 228, 5832704] stripe[1, 5832704] is not found in dev extent
+Chunk[256, 228, 7471104]: length(9306112), offset(7471104), type(5) is not found in block group
+Chunk[256, 228, 7471104] stripe[1, 7471104] is not found in dev extent
+ref mismatch on [0 4096] extent item 0, found 4
+Backref 0 parent 0 root 0 not found in extent tree
+Incorrect global backref count on 0 found 1 wanted 4
+backpointer mismatch on [0 4096]
+bad extent [0, 4096), type mismatch with chunk
+ref mismatch on [135168 4096] extent item 0, found 1
+Backref 135168 parent 3 root 3 not found in extent tree
+backpointer mismatch on [135168 4096]
+ref mismatch on [4202496 4096] extent item 0, found 1
+Backref 4202496 parent 1 root 1 not found in extent tree
+backpointer mismatch on [4202496 4096]
+Dev extent's total-byte(0) is not equal to byte-used(16777216) in dev[1, 216, 1]
+checking free space cache
+checking fs roots
+root 5 root dir 0 not found
+checking csums
+checking root refs
+checking quota groups
+ASAN:DEADLYSIGNAL
+=================================================================
+==12279==ERROR: AddressSanitizer: SEGV on unknown address 0x6210010719f9 (pc 0x0000005f30bd bp 0x7ffcf39cc670 sp 0x7ffcf39cc670 T0)
+    #0 0x5f30bc in btrfs_file_extent_type /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:2083:1
+    #1 0x5f2f49 in add_refs_for_leaf_items /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:664:17
+    #2 0x5f2ba9 in travel_tree /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:704:9
+    #3 0x5f2c0a in travel_tree /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:719:9
+    #4 0x5f299b in add_refs_for_implied /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:748:8
+    #5 0x5efd39 in map_implied_refs /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:766:9
+    #6 0x5eed89 in qgroup_verify_all /home/lukas/dev/btrfsfuzz/src-asan/qgroup-verify.c:1366:8
+    #7 0x51ea14 in cmd_check /home/lukas/dev/btrfsfuzz/src-asan/cmds-check.c:11571:9
+    #8 0x4f0ee1 in main /home/lukas/dev/btrfsfuzz/src-asan/btrfs.c:243:8
+    #9 0x7f811e227730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+    #10 0x421358 in _start (/home/lukas/dev/btrfsfuzz/bin-asan/bin/btrfs+0x421358)
+
+AddressSanitizer can not provide additional info.
+SUMMARY: AddressSanitizer: SEGV /home/lukas/dev/btrfsfuzz/src-asan/./ctree.h:2083:1 in btrfs_file_extent_type
+==12279==ABORTING
diff --git a/tests/fuzz-tests/images/bko-172861.raw.xz b/tests/fuzz-tests/images/bko-172861.raw.xz
new file mode 100644
index 0000000000000000000000000000000000000000..c57661d986418165b2c305786a10aceef448d00c
GIT binary patch
literal 10828
zcmeI2RZJz&wq=3Bp>TJ1_rl$!aEHR7aF>G|+?_%WURdGo?yiM92X}Yt+nxUCq~A?m
z=iR)dll#3s_R8EdJ8SJZ-g$j=^dKOh4;CAwp&-a1i69^#(57`JK0h6yNem%88b5|?
zVUP6T^G(u6O|=@0FXjpnJ=&^tbeukQ|KKjwBCDIW7M6`6ym)cv|7o$YsM9j|0}Vtd
z6gOTL-Xr*)Imbm4Zik3eLn4IdWP8ev$hV=CZZ%NK#-Sp}X&jm&8DE@&U2S*3T+$PN
zp_wfobG6%S7CjShep(;(S2DB|f<$**w=8c;Z%6v5T}wxU`q(&gXeEttV9Nvo@<}s|
zq_6P4>mpebANE|TCvbOezIA$OmM=Z?g)`D1>(^<0XKdZQRz<*d7j(_k()s%QJRdNv
zylONwvGgl5Gu4$Wo>-CgUXSQ*Xs_$K**J8Mnm89LEhpCTC(CHIw%{4U5O0byqb<*U
z7q|IE6dSG{643$`!Aq1-`;Q9k9*2qG4hGv8GP=ib=FaIJSa8}%z&GKsaQUkV6$V0L
z8_q(DBUPHyy2;Gft`0F5XGAeNLHcm%aW!O1Ds8sh2mO7QN4IaVvCr1x)-G`kxWykn
z;IqG`V{%E0IFFk)a*~(@@m+VHV@GhI0R^)QEpFzk=&$2;ntG^Ci_g6rm}tfB((zQJ
zJEyV$Tsl$BUU{oS{|^z#D9KKzO4W(4>wBPa5i@lb-sstdjN!eR2pB$)SD}xWO!VPP
z!e9nRAf;772HA%G`qNMtKSy6oTH(AG>9<%{YRpF@#~m%;;VPQ9!GhQR9i-oSb`Na2
zQu_OH^+E#b0JZwleIgG#Oi|5+W3Q8v4DxIudRgTU;<l+;T08^YuwzR#ovve#3f;YZ
zeHi%X;nm8wS2aerNfLcB@#hV7p(lEC1OebUgWXo6z|}w}i*XsMu!5y{0w&5QTJn>#
zm+lkN<a_4G8km2@OZ36sGw`$-Dlsxc>>TDq%OEld?WZqrnZo&D4O(!gC8abR>vzF6
z+N}~zl9LS4Fq4_p<T3EuJy;cAlBvsd6E3$Y=9!sX!{YZTrGT_vwav6v?HiTiNLZQJ
z50kM7MyRjGFRIfG%NwpGGo8|xv!t%+)i3qZe*CG<JhhwQ{$HVP9AS?HrN!7_MZ;dG
zkoOeqYd(;3?E1(U8z4+)HIwYRiBQT4;$?|8Vmg+E>0C4YAz<=Sh#HmQ!`xrv8F*v!
zLk&4mT8-Bc+3<-eFP}wccy)2~B2>Iko|HqVjGyBW(ZW_w8GWM-3#zhOZwqKtI5(!o
z!yzDDKz`DuZKN{%kO!aW2ZT{^?EWU-hb~svOrz<eSd}`?Lki!H4}%9w59=I?iZ6Mm
zgZZ^A{AKTE+_ZwTpdBVUSB|18)0jV5PC@_DoB8}jCyiSA=F=Y7l>3PW$p~@gs$TNm
zRprZ0klP%~?%<SDLTP+PHy%3sD?Q4eA@PRR{Sp7a+dluhN#D&^5F3kDPkiWYaA1$c
ze~WYf+0m+~B6YbRmn5+e!h76kSMR1GV;%Pa$bKF;bd#ytZlhWo79-6)AEUzkpIt1Z
z*o|`yk_ZFC^)?pUb~7o^9br+gaHU}Dq&YsVKmzv%S6gqTR9(c?S&x%rj+S4X$vCbg
zdR`H`GcE!CF(ti?zJC#kT1FA$U7(d9jTI$tMeBll8u%P%lB3{7mcRIsPIv>AO>DX9
zEk$gss5v;S>Y-4m$larD^u8jfGyKs+Py$H&MvkKx8q_gtMUR0Xz~RP-QV-fa34d68
zJt%@(fBE{#0?;JjK!~#^>{8{=Z)sGCNIhX&c8k9yYe!lv^J)kjYF&RPw^@o~+$y%i
zY(7WQbLh&U;YwlP`-+h~#S_(N4S&8BBQ9T|i43<)0b@AA`o%7b^n1jYqF*4`$V}Jo
zvT5;j-{F-O&Y_)l7`sKmE+GNnvCbD;u2==vDEEtn7+}q|qVy$aP?dGCl%!kig0Tu2
zmSrGW{z-!}l<gQQj^kuwn!)>~#OcsxeJDoBtDD~M1^{yy_RnAIsSX3>w|a^Qf->jf
ze^u(+ekCkUtDrt8@nqh#PH6};`<tHz3ja1>ylzj-{#jPdQO5DH3iOz(@W}lZ#ve!v
zS(3`(ro`BVkfMM)tL#lXEeqSIdTTZ6yBJhIi*EHXX9*r@W4JB_%P7?cE*|hLo$4e}
zfw*=7i{2NOEjq59$3p;!=bCecjuotl#>4MkG%R#H2U$+9rJqmGeP(JmWbtP0a=~eF
z-ObM-1lUVj*Pi)S+j{voz^>sq=T-bGIsK9&4@Kz^a;nd(CoCNrGEPXBCqyq_{?Lz~
zV=zLx{PxmupVm>(S9p*1MRzmUACuwY2g9~ZK#~|cn)Ah6323!a%Fz`9KDLkflx|U*
zz@3{qZv&izKc~Qi%_b+;?Cjdr&=NJ~xYbF*33Ct9INzbvJg)&O6~Dj5l5V`ex#3&i
z{}@_(g?eb9C>4Y*GimNAQ5qOfBzqIPrEl{+y6<1Ug9wX&lnUaipT1(ByBc4!)ZAeJ
z^;><c-{Eq4-RxJc4Zi5$!hmfucu~BHJB&Vq^MHl;MKqc#wru*RY=1pzr7Yd)!mm8~
z{D(;s7X+(z?wBVm)cs!Lt)K(F1Kz1PnFoo%pog~Vz5XbTKH39p`xd7m$aL61q7O3^
zms(g2Sqp1RTUOeaBmhm%fU5UT{znZOj&ZB8WU;N=nvLVfNXS7&b%D~Xi9iR#LP!u~
z|0*PcC^TG{#rKo=sGgVrx9YWL@S59qx}=SK%Lw$nWX{qS^9&s|*|VOO+S~A!I}DoA
z8dUC9Pk;2_D(6@37u`-}F394DYmYX`V~=bzK4~EoG*A%EG6YG)e)*naxH~3W!vc}4
z^wg8yj%7Czqps@G4giucCE-yZd+l2_%T)F(SI~nwbcmS1@0DQPs_4<>Ymp0x2OrfY
zGUm>_pQS!QkA!n-V~hUeRM-=G5a@?#H2Jt~Gbty1vN%+5StdBo9i|J6+065vSEY~S
zFntVZOio*4T}kmi;TA3yU0{HP>bHCev3SbPZNQyiUg##Q>D@IMpaw;Xn_{Y4ewKqX
zqY@26bZP|;KQFI?NWjTp$7uX3T3`J__i3cwG-?7i_IUq7)y_GQp8eY@L01AoXcYC}
zIg++<^4aVBfR+8Gd^kLdm`ACTe&Zl3#Iq5+^(I5~wJF7Dex{Jc8q|gj^>WJx)j)MB
zc<be)wwg%p<HI@Q?6)A@lBik5{SZ@p*&G+&@tkT`q}+6oR&0%=LmYcdvK$9D`>=vR
zZ|vlyB|UYn@(=s3=88KqvJi9)137VJI!TE!qfS`7z-PW%xu4v1sj>T&IsRX+sj8p4
z76Sw1k8J~E;z*8=2spJJuH`1ZX#XY&_$GU%8G4JAQSG|9&h8{yVwDxrIStb4`@I4=
zr;w_jXQ@sb>e5xGyEVU=n{EPB-}8GaMPWA_onTfq%YM{qKg3>L!wLF2;iHzkPM~fp
zoKk7l3)!q+K@rdkBtq`1f726QD-X@kf@CIi>lc{y-raxAz}BONG8SSK%}sR+GQ?4l
zkt%{KYHj69Ma+?wtETpNz%iNevr-<EW;Xa{wiT=Mo9U?O=e5cuuB(jKk5h?MJt_4s
z-}lMN(zG>Q$9%8^Or908=!n0wUAJTEyU<CSqrUq)jCaM6%;H^qBK}~Oc;(}Dr49vt
z%~{Z>&TY>>yYmh)Ktf#Hnt|m)9G4#UX{&!+F@U$hoj4)C2G#ii*5{wZS-xx?f9cOT
zGI?-K3CCIh>0~mx<%WNgbY`cB+9<8rfBDmHziJ<5o*$%yi5ThZ`>W>qW>wmw;qs-n
zx+&!5(oRn^O+6Q?fbUOMlC|Z?C9;ZP!EnJ&tcLt*&yG+!1UEIOh!dc*+_BqSiPF}{
z#W)h<5>Zz+ZQ8P%F9*8vzSAV9-V6F8S_%v`pxPRR%AsaPCS(?g&NJ20!eqtRJ`s1@
zMw>K);pMjFSh&65C76N;*YJJ~Qbiy^le<b$65`4swk(7QjSbh$)lV>oyP#rBPbM^x
zG(M#L6dft9rcZik4%O-HYG0Qy{hRuR22>|f9;iC^zPkIn(~v{2%NarSmPt_Cm1u{z
z2}KtqdexLS{(kkLAX5%muocCUU9U|sWe=ab4b@W93vFNUT6~L&(Z|uEuE$OX9^b%`
zBnx7Rm(FG<I)>L^-9(JvDc=g6hz4|!I4%32(C}EMueh$!&C3viy%_uZU<fU=LGf(+
z`6+Vl98>_<>9&IpR52Lx9B-v1y{a*i>jxof8~IP>`L0H;Wn4zJImFm>fr;o*lS)?<
zJ?ewm({6#}gwOYIXLL;dHMwgY@*g?@+2XheRnhtnpG*oOmO`BBPWS0q8)sifhcahA
z241fjf=Dbq9-&WkL`AQl3-6Uh*~U5hIh+PAR#JI&2z+(&*fCg4h!l<*MD#JqT=4E4
znLxAUcD@MtTbrX9M~NjVhw3DBOfJ`smN(S2KhKY6=xYSlI!v!%6*1a2r$u0$MnYlF
zefp_pKO(sQC>7dVt?Lx$hABkVuNglISf>02Qp?w-r%Vcq(q~-1&Pw9p!*5(#n;^u<
zeL$Se@LrHss3$QBL?v&04rB?C+C_8dKjB0BEg)hEF4M#kN#?p=Cu=k^2#kl4-e4YP
zXD#tP1`R5J0|pb!8D9SJ8rh{e<|6c4L=MpaX7w_Ow4Tif=S5P@5^Kz7tFmx-qxBk_
z@XMjY2}920l7w>F%t=bUG@?*<2)_K>l3*T29#rPP@Bxhx?D_ZBeLEmj(SePEdNW^g
zW+Rl7;5ETw!EEe9U4p`#D>2LdD6VnxZP+`>I&;|u3+|K48<j23Q9?sJ!^{YtaEMrt
z^wcl|g*Cb+5CfZbez&H*9xMT9uQrj9JHw#Nf8n$=sYUvWy*lWsmY@99HC_tN!AmMS
z5g9_F?E2PEn~ONbP0!nng$=nwJZ&P@KNvTGx0GtY6c?<1a9wJNywJS9s#jTD5sI?(
z$`lRmV!GOAXx9-zB&u9B|HDd7pLi)qHqSA8E>9w6xzkP6;QD&~Vn10188l(`podKs
zQ$NdwEqOswz1}NT)F~)*x6J@hFX?C#7#Focv{q};uD-nK!hMRwRuz0;7x)=|tgU2f
zZmZ6&KtK{T{fSG`&SrIbTP#*!4_g}Yt+K9U%s~3`uu!a%s%+`EGV-}fgX*64J}s?%
zzl63F9~uaa{}rThK|n)*xHkZp^)J3gfEgel&yE{>Mk;+7l;IzcZe5QtXCE`!Th)5%
z>**8#II#Py^p=}tzwbfWPf={%Q>;0~7+r?;#eEaUq<2X^?n#qtgG^Tuirg0nyRiUp
zsJf`4+De)%<<t#LZNXBbeG%h)9v1N0SuAN2{dM`n6?RopQ|*n3%#l`$+B1j?7d|g8
zjzO@$+8bkgsE?sxq;>R*EJ~j0R&FhU2YuNi_^qS4O}y<o-c=D&Quj>nbVW&~dgFA4
zr1;5u4A9&IkWBaaaR{P-hM+Fuz&R?m3VIctSP0u>hm0huq5yfqfk#^zvD5v_b^tBE
z=B3c2@ssy@Ve>oZk7%H{3=_PFSNN+7^&v~m%L3=;`p}O=#onPN!cZVYLHFcdw~>Ij
z#qQHq!}f!V9D7R++rK|gbK|5acs7_^;1ub&P+^I&SBaYBD;X*W6U5sMBXknA({Gk+
zjAgceolHWhwF@oAf0i92k;{5>C9kfswc1W)PR)!BT>6G~iv`t5kX^qeG=B4+@Q7Ra
z`Mees@K>Fg9OE2q^8Cu{Ho6&O{^PNaRwRO=PH8^15mqUwBhAJYVAFb&jn^R46j@>3
z{xORmJB@N#7-4bF;Z{<{E)<nU$i{&?`o@(>_JWGwmmt!D@j{kQYGR@M-0z=;739!<
zJ>yW#+T*PSUCK|c*qPx>hA;CTwqLHLItFAp{gUcOX{-WJe{y|0n-#>Io6u{I0AerG
z-mp#+es%o;WT^oxs&$vgx;>h6qXmQ-4aDk1H5QanvJ8t$l4WI-a29uH9<Q-ncB+4?
zF<Y#c`b;H{w!vzzmh>Do@L7)H$|}PeT*l-5lDaFO_j+ii!D4&6%!-+4Ar2p_hjkye
zuCP1}-NHTq&|*R-Fv#xX-MySdbu8miUCJJ}E?6V85aNt)EP4F7LuBU7_M}=>xYtY8
zqgapkI^zk0X48hljV5NKY}R*sYvj6~al!ysst>HQ-o1_HQ(s+nZpn`qNXb5IL>8R9
zRInZvT>^y_%&xcBVwSeK<)C}2Zmd<hffXd>O<w|6%<Z_EzJIT#?K%;@IK%}x6_^$s
zV?tjla@cgzjAm&>m4tA4_YE}O1th^nFk-C%u1IWkuR%up(epoQ#$1I6>yS(!H=B%c
zC4y>`DfKuL>X1)Pj~DUZPBszlW9XvR1hN!EY|6uVkOz4vc?ar<XuRG@txr<iMtQIt
zE>|x7Xa;X%xeR-VS}hj{j$}Z1)Icdh^!`z?dCaJrRRp->fU%52(%OyGLaigOiv=UR
z&9##}6hxbtR`Xu{cFj4`H`|YJ1I}#!{L8jHiH;wlt%$)eVkx3pOpl<XH|b{H`j5sC
z)OBBBtI$oAsVIEKKR~SZ8<K@Pc8jO3=E;|n*0)-T?CKEnRu3ZonY<byXfbFcbL-ab
z(4Q<Qo&~9hC%baEXiuse`i<*Cn#q66=t<+8k&!pvN57+<@OvThO}Hr<c)&;Y!19vT
zhuF;iLA$7a*TX7Gy!~xhu)#ZZaC)~h!Q{mzR=EZFW@-4rsCDIUM`tWBlm47Up#B!_
z9?uGq3c+ag>xtDguRzc_PDYWqXoL12Ul>IalZ~Zg{>8qrR#(S8ANK{wGz+dwJzjIQ
zKARjq+FxuD(II4$x5t_Td<dn>yW{*(CmY}dVVN+n)`U71pv`|2`!5(d<;GJ`Aa-Ez
z83i{VR99lcn%JThq<iEs6sfk88CvljD2$-&CnU?|-x(P6g>=7fOYaTgZv@()ptwg@
zqrN?ARaCB_Ud8+%b0D|Jg#IE>6b&rO3D!~Qyn$&J{ILg{)*7KH1;rTwWX3IU<~Vog
z#9wWWozjC>ynjtwRSRNGMiGm+WD)QJ8Q53^Q@>yCNC!F_#-zBDbP3R7V-(4VjMK0d
zT=nX0pW!7#>RR(be$DWRnwJdO5D&Y3jfK3XCFx3c1)7A)?mzP_2x??Go;`0@!eh#~
zV;Q6V{mtA7ug}iwUk3^UM}y&D^%MbPsahWXZivlk=Z@lTYo<7u+2!+_!}v#vxVpx^
zX--uQP@8D_%NPR5fCowXQm!pATy1VK9gnj9={dn^u!y4c7lt<e$PFSxGL8GtQQU)|
zjoKy!^9un(95HYoh?@bo?97T>=&R*$(s0;oKL9oxYT;CWM8R_p^%hQOpUze{<Pm8t
zDrLh+{-CDBhZ(X}F57ET*sK#r$=<InV2V}^To*AA%Ip+Kg?G1g_CY%wDfjkec9ry`
z`BthSD;+PcD;T$%*&gv&_Qd(aiW=N!3ah>lQpkF$IeWzyUvXoMU<>&f=$rOD>+kJw
z7(b3z+0iShD(Fms9<in5b9;o__HdXQlbXnA_xEQ})x*k@YR@;A!V9qJZof9#I?^>q
z>=#;p5}Y4eX>)_G%Q1y+o3k6<FmBSMFnoi^BXm1CRMe;B1vN#KuvFW`cqOHh5243^
zMWORTTn5@>@4|Tb^rZYX%OB-LSm(cB=hIGLVe?Us)jEnWw3gIK1r>i7+<!gozN)lh
z!y4Y!xtPu8wD-vHZw;z!#?vvax9Wpyrla;|TTQSoSf}Oxm~ZlDeuaS!bT~ZYFp457
z^AAkULM{SPN^SnGFdRIrT!=-Tu<*<dK%fAT_aw_?>ZiJ=GIntaA?lne8-XtuF~BSK
zl4m76RW;jcNV;1R&-w5!V2}3q8a)$xsGgxN8;1f(X+cCw7T;?^_5@=jvRZprH)4GF
zbNy&~ZJx?iL#`DKws)4|gq7gI(A>?nUL*#f<&fcey35`1l1{=R3gUAB1`ZS+b!HWQ
z!?}v))YY<^DSARaLI~;#$yda!yiFIokY?sfjn|NXU-CM_tgdjD9U=!wr+P*>-Fty2
zl&%7Jc+KjdTKt6m<dB!i92X!eHhV*H>YL~Dm9iAO<Q?4mpTf;U{;peA)jO+Nz0C^q
zC6Hu!gP;5PUo^6@k^?)P*vB4IBQr>nZ!7S0dMxbbg(h_3w~<DQovzim<)19WV3s*o
zbW@m!hI|E+>0V+nf8{u0Hy`Rlr30#A2nO1#qG8))8Xay>e9ULipsm#)lrEyM%c*l(
zEu&^>NzV1lDFbV<-sl6=Ki2FA5562By>?mb%tw*DXo~V_z$WFH3JGnM0(Wx0={pVA
z#A`0g>H?ni&F@c75#R^baA(u0_I`QIV*9>qN*dD@A(lew-hFfwfZeh#Ujl2#)~}Av
zY3?#F>gNf!^^Nw=1`Qiw(h{m&kFiX0Ar<GiSM)w@MRNZwN~s05bXFe%XGc@1oviDT
zDa%k|D=TMP-N<99fC=c(pC5P9k2UJG<b@&iiom2z874G}I$v$NUkquOz`xTr!eM>f
z3GFor^8VI+MvhV6GKJ@VwAqukLjtt5Dt(NDokvf%tojcQeK)mPuf;=Bn&827oR}sF
z9QUTtg;DpY73>o`+;tRnB=idlqI=917)^cQCR5%e5r!`5a)z7RPSf4|kcN;SZE}HJ
z5x``L-mvJjhhl7(1ml=e_12>B7iQzkRV=gCXH_3w-ye-%(iJ`F)*pN?cNM{rS6D~m
zJqNp+B6aY4oN<d`q-Te`cwhc3lUf;OX6|5g(;$&F!=hLvYDxT&{ss+AIpB(?tn2V+
z!Cc+_4Dqb4itjCvNj5&@q6QZf*QOVLuIW*l{zi+kM}|jBLqEPNG!hZ|;TafL0YVR8
z;jb0f+xuFycfM|pvCU;u_Hu(06mKe4kmJYza#dUHWY8Y7gGb=G|CEvDYalHc`HL~}
z4qUvnmdhq`HfpwGezzC9kw8c$-Uq8d^+3UtV-9I^ZK7p?zS&BSoFn<bS7bTzc#;5=
z;V5-7%uKJiJN_}xEC@9Y$gn^eDX?j*>`kn-jl7VTqt@_#cJ<FsGFf@f1{RKm-rF=|
zIeSk2{`9g@N-U5B;~#W`(P#)bD_C_#hE?Wnr`@A8!ZIX2^5#Yhd9Sr`+H%bx9C0OY
zaeM^t3#Eld*xoR(HxYqK>}fKGsVk_k=L|O+Bmr$xxTS=he!g+AJjZ6+-h3d-AzpMq
zk9e&Hbs38W_2ui&9xZ&Xls$o7k$jb>+vOsrhU8Dgvg`_ms+;cSg#u1>=%Dk@TkwJY
z-m2|8SZ*HJN=eV=(eXL*YcJWUvmLzy4^^ZZze^(z;i9{SOn3Q_aR@%tbh?fJ^E6nR
z`=L0hA8VK%^TKZ7<Up>%6@ovLLVmssFafl*6)SPsU7y}7VdYZ12J%ZkTi*K$2Jc4P
z-N#?c_Sb%<(TFRE{}C-1897q!9QpG#r&}lm95^ablTG_W4loZBp;uwE!QNwAQ=TO~
z%i~l>M!N5qL|9k;&f&rMQra?%4;hiNTja&cV}mQW!$3#aN|&)!-u~EvH>&pn=nG;k
z=#sSZ_5)UZYR-J!{F(I!Rez3$>@RX#_7~vgb{ARdNN2=8PSON>;sNI)a$69GXc$>}
z5N5dR!`Kt%jP7zW(AbyH0AMNIk8&YNTGsQRDJSX-;pJ2Hk|f(d1zP!DDR)ZY>ULkc
zsQ=XRQR~S_a8*B4`=#KW4H(CbcP2;Q4>v)IgXqXvVU~9yU)#O2N0u^ahATK?EM1PY
zfcpuqyJ<jaEU<H1e&JJ<MzWYF37fK-lUZ{(aKIHF3jWPD9C|9c4@!9QdaVe)QO}N>
z`xCje_XyS$Y?P62OmIj`g(Q%7ZA%>AVq#@#Tq<P#^pAP-D+?ckiK|#tzmoPj7Xc+J
z8lf^gdH8PKD+|M7L<}~>e<Oafc>Fj~R|Cjg(DgM3plpQIizhRH{CPt)Kcf#(ZCjp|
zDV-2=W7TRCFb;E6M>^b<$nAuZzRUrvW1|!9_c8m+IQy<wOer7Hv<vsjXP8=`;cYy(
zm$m`!&VRSPs`xFodw4v!XiO-ceLWDhxk0gmXFhRmtP%%&7^M16LOKm~Cf|P_zeg<;
zI68G}@cwG74vpl)k*k56oHj>l7-KSy6fc!A-?(-rEhHv6iF2cEZBE-Ez|UI89CEiU
zW|N8~lQ$}V%?>dhv`#TaPS9~~Zw^Fgn4$4(@)T5Tdz!XqV*04YnIwSoEnIlfK1V*y
zn;0LYE5e0=o^Q4dd8krb4q8D-oGF>s79Z&KHV}@Ek*yOi*ea3Zzs$7!csxp~IsryO
z#rMe@yw^a7?@S*q`~|uRIe*W#$s}7(L7Kw(jeZD$E6bFzk;y<GNrDTb;=G&MB(t(7
z^r!Uqn>k?~XSrAd<d_s;?iEMcRaUfskaqJOQ*hSm#bYz@#c-3#bfT<vJs?!e{lM6Z
zX_L}Z=B-j{6a$esIYtD-oSD*{dNb?RD?>oyFz=jPrEl&61VKFW9w+lVs4$4V1mQ-O
z)CC{{`whL%jZKjY_Jnt__4w{0>YUhZ_+!At@lk?Z*_}I8>@^ka_xD}&&e1&x&>d}%
z)XpM-5n(Wl7ly_f3%UtShG-1fM;+f0wwiN2x@9=D?H+TgPK#}Z)tSAa*TGCiYdIvE
z+|gAdV~jKSocD_?p(#4Px$v%zJp+lW@Lp(NlISaUGXuq)z+ryl)=T-ll&Qttx;tbS
z%TUzk>5haC47b0Q6TUEE`dbiW#_F*TMW&V4DR`RhIX6@8f#Z%#`{F01J<f|SbmzJj
zI}+djR+m27Rh--HUXfv6-gq3@Ha;Q^K4&qun0BfmrSZ${@T!vr8<2y$=f3yaZd2*S
zD>KrE%*=D35vBbs;J@PWM?d>I>-A8+79^6H{hoD|$D7wP7CUq*{e<+S1C}`)k))O@
zM{Qh`;>oVwbGi0^K3UI_XCm`a2zjQ>bI<pNika22Q(@}SP98hh_|EIx{zi0TO~+8*
zjcHREKXHvh0{F!_|2nbGs2s1sf$cWOD@F4+@Z*F8Z-({IG>m5W;%NXz1V+1;l_V<m
zjgPn7;*$E5sl7T?`8ONNTs>a7=JNNw5`oyd=hs1?7rYIZ!jH=yc96M{@G0x!vg?kH
zL0Sh9uxLm)h0fA_s`ikE^3M}&^vZp};#WcuKhN@DEOLk01)p1CEOpcWTB`rgveEw{
zP;f`nB#k&-(L*?ZcnJh5&v&xi4%F@rp=4nav!Ey;6xzNJr(rL*KC+umJoy%5?zG35
z;p2FdmXUcH>9%VxiffK9h9X<u!V>cVgO;Z&zrO)#$3}i9ho~*W8U;EDPh{@!goBzh
z_I{+y*41X!i>q6z7_QCcqiO(~u5(nK*OUZC>5fYsc~^i(buSby@^VSP_}WcxgP57{
zl6(Y-g*;dW&~Ugl_0#US57rn;hJw-UsQ#`pV=Sq;^sVqFH26%p*yi4I(&-<m6!*(p
z42MCB97AJ<=RbFjVky{dVsS2}QH*w1pZRr4cB2w7mKTAZnl>!*#Nmtu5GDVBcDy;L
z{D(>)LRWSonp3qanv`~Ih#g-QBGBx_$0I}xAmV3~t7+&`oJob^sdoO4d_J_6Bs}*s
z7E<m1lMLTYvF?`xUpM31dRwfckblie!1HrDdQohFfRu{E0DyEC$|T+fi~3wLBVp*g
z940S+?_Y_e{HM*E@X*QU|8F+pKcIU4nS}p~jrccA@_%Dc{}$~3ksJHBVE;nFfUq49
uFc38j9AxzWz(OH#LM<YDA$}%9Ko)5Lfk1dUAf<opfYmG1|13i5>irLd#7f)%

literal 0
HcmV?d00001