// https://syzkaller.appspot.com/bug?id=912f70e859dfffd2533b7cfcd2c71e0dd6f71e9d // autogenerated by syzkaller (http://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include static void test(); void loop() { while (1) { test(); } } long r[3]; void test() { memset(r, -1, sizeof(r)); syscall(__NR_mmap, 0x20000000, 0xfff000, 3, 0x32, -1, 0); r[0] = syscall(__NR_socket, 0xa, 0x8000000000000005, 0); memcpy((void*)0x20002000, "\x72\x61\x77\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00", 32); *(uint32_t*)0x20002020 = 9; *(uint32_t*)0x20002024 = 4; *(uint32_t*)0x20002028 = 0x380; *(uint32_t*)0x2000202c = 0; *(uint32_t*)0x20002030 = -1; *(uint32_t*)0x20002034 = -1; *(uint32_t*)0x20002038 = 0; *(uint32_t*)0x2000203c = -1; *(uint32_t*)0x20002040 = 0; *(uint32_t*)0x20002044 = -1; *(uint32_t*)0x20002048 = -1; *(uint32_t*)0x2000204c = 0; *(uint32_t*)0x20002050 = -1; *(uint32_t*)0x20002054 = 4; *(uint64_t*)0x20002058 = 0x20004000; *(uint8_t*)0x20002060 = 0; *(uint8_t*)0x20002061 = 0; *(uint8_t*)0x20002062 = 0; *(uint8_t*)0x20002063 = 0; *(uint8_t*)0x20002064 = 0; *(uint8_t*)0x20002065 = 0; *(uint8_t*)0x20002066 = 0; *(uint8_t*)0x20002067 = 0; *(uint8_t*)0x20002068 = 0; *(uint8_t*)0x20002069 = 0; *(uint8_t*)0x2000206a = 0; *(uint8_t*)0x2000206b = 0; *(uint8_t*)0x2000206c = 0; *(uint8_t*)0x2000206d = 0; *(uint8_t*)0x2000206e = 0; *(uint8_t*)0x2000206f = 0; *(uint8_t*)0x20002070 = 0; *(uint8_t*)0x20002071 = 0; *(uint8_t*)0x20002072 = 0; *(uint8_t*)0x20002073 = 0; *(uint8_t*)0x20002074 = 0; *(uint8_t*)0x20002075 = 0; *(uint8_t*)0x20002076 = 0; *(uint8_t*)0x20002077 = 0; *(uint8_t*)0x20002078 = 0; *(uint8_t*)0x20002079 = 0; *(uint8_t*)0x2000207a = 0; *(uint8_t*)0x2000207b = 0; *(uint8_t*)0x2000207c = 0; *(uint8_t*)0x2000207d = 0; *(uint8_t*)0x2000207e = 0; *(uint8_t*)0x2000207f = 0; *(uint8_t*)0x20002080 = 0; *(uint8_t*)0x20002081 = 0; *(uint8_t*)0x20002082 = 0; *(uint8_t*)0x20002083 = 0; *(uint8_t*)0x20002084 = 0; *(uint8_t*)0x20002085 = 0; *(uint8_t*)0x20002086 = 0; *(uint8_t*)0x20002087 = 0; *(uint8_t*)0x20002088 = 0; *(uint8_t*)0x20002089 = 0; *(uint8_t*)0x2000208a = 0; *(uint8_t*)0x2000208b = 0; *(uint8_t*)0x2000208c = 0; *(uint8_t*)0x2000208d = 0; *(uint8_t*)0x2000208e = 0; *(uint8_t*)0x2000208f = 0; *(uint8_t*)0x20002090 = 0; *(uint8_t*)0x20002091 = 0; *(uint8_t*)0x20002092 = 0; *(uint8_t*)0x20002093 = 0; *(uint8_t*)0x20002094 = 0; *(uint8_t*)0x20002095 = 0; *(uint8_t*)0x20002096 = 0; *(uint8_t*)0x20002097 = 0; *(uint8_t*)0x20002098 = 0; *(uint8_t*)0x20002099 = 0; *(uint8_t*)0x2000209a = 0; *(uint8_t*)0x2000209b = 0; *(uint8_t*)0x2000209c = 0; *(uint8_t*)0x2000209d = 0; *(uint8_t*)0x2000209e = 0; *(uint8_t*)0x2000209f = 0; *(uint8_t*)0x200020a0 = 0; *(uint8_t*)0x200020a1 = 0; *(uint8_t*)0x200020a2 = 0; *(uint8_t*)0x200020a3 = 0; *(uint8_t*)0x200020a4 = 0; *(uint8_t*)0x200020a5 = 0; *(uint8_t*)0x200020a6 = 0; *(uint8_t*)0x200020a7 = 0; *(uint8_t*)0x200020a8 = 0; *(uint8_t*)0x200020a9 = 0; *(uint8_t*)0x200020aa = 0; *(uint8_t*)0x200020ab = 0; *(uint8_t*)0x200020ac = 0; *(uint8_t*)0x200020ad = 0; *(uint8_t*)0x200020ae = 0; *(uint8_t*)0x200020af = 0; *(uint8_t*)0x200020b0 = 0; *(uint8_t*)0x200020b1 = 0; *(uint8_t*)0x200020b2 = 0; *(uint8_t*)0x200020b3 = 0; *(uint8_t*)0x200020b4 = 0; *(uint8_t*)0x200020b5 = 0; *(uint8_t*)0x200020b6 = 0; *(uint8_t*)0x200020b7 = 0; *(uint8_t*)0x200020b8 = 0; *(uint8_t*)0x200020b9 = 0; *(uint8_t*)0x200020ba = 0; *(uint8_t*)0x200020bb = 0; *(uint8_t*)0x200020bc = 0; *(uint8_t*)0x200020bd = 0; *(uint8_t*)0x200020be = 0; *(uint8_t*)0x200020bf = 0; *(uint8_t*)0x200020c0 = 0; *(uint8_t*)0x200020c1 = 0; *(uint8_t*)0x200020c2 = 0; *(uint8_t*)0x200020c3 = 0; *(uint8_t*)0x200020c4 = 0; *(uint8_t*)0x200020c5 = 0; *(uint8_t*)0x200020c6 = 0; *(uint8_t*)0x200020c7 = 0; *(uint8_t*)0x200020c8 = 0; *(uint8_t*)0x200020c9 = 0; *(uint8_t*)0x200020ca = 0; *(uint8_t*)0x200020cb = 0; *(uint8_t*)0x200020cc = 0; *(uint8_t*)0x200020cd = 0; *(uint8_t*)0x200020ce = 0; *(uint8_t*)0x200020cf = 0; *(uint8_t*)0x200020d0 = 0; *(uint8_t*)0x200020d1 = 0; *(uint8_t*)0x200020d2 = 0; *(uint8_t*)0x200020d3 = 0; *(uint8_t*)0x200020d4 = 0; *(uint8_t*)0x200020d5 = 0; *(uint8_t*)0x200020d6 = 0; *(uint8_t*)0x200020d7 = 0; *(uint8_t*)0x200020d8 = 0; *(uint8_t*)0x200020d9 = 0; *(uint8_t*)0x200020da = 0; *(uint8_t*)0x200020db = 0; *(uint8_t*)0x200020dc = 0; *(uint8_t*)0x200020dd = 0; *(uint8_t*)0x200020de = 0; *(uint8_t*)0x200020df = 0; *(uint8_t*)0x200020e0 = 0; *(uint8_t*)0x200020e1 = 0; *(uint8_t*)0x200020e2 = 0; *(uint8_t*)0x200020e3 = 0; *(uint8_t*)0x200020e4 = 0; *(uint8_t*)0x200020e5 = 0; *(uint8_t*)0x200020e6 = 0; *(uint8_t*)0x200020e7 = 0; *(uint32_t*)0x200020e8 = 0; *(uint16_t*)0x200020ec = 0xa8; *(uint16_t*)0x200020ee = 0xd0; *(uint32_t*)0x200020f0 = 0; *(uint64_t*)0x200020f8 = 0; *(uint64_t*)0x20002100 = 0; *(uint16_t*)0x20002108 = 0x28; memcpy((void*)0x2000210a, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x20002127 = 0; *(uint32_t*)0x20002128 = 0xfffffffe; *(uint8_t*)0x20002130 = 0xfe; *(uint8_t*)0x20002131 = 0x80; *(uint8_t*)0x20002132 = 0; *(uint8_t*)0x20002133 = 0; *(uint8_t*)0x20002134 = 0; *(uint8_t*)0x20002135 = 0; *(uint8_t*)0x20002136 = 0; *(uint8_t*)0x20002137 = 0; *(uint8_t*)0x20002138 = 0; *(uint8_t*)0x20002139 = 0; *(uint8_t*)0x2000213a = 0; *(uint8_t*)0x2000213b = 0; *(uint8_t*)0x2000213c = 0; *(uint8_t*)0x2000213d = 0; *(uint8_t*)0x2000213e = 0; *(uint8_t*)0x2000213f = 0xaa; *(uint8_t*)0x20002140 = -1; *(uint8_t*)0x20002141 = 1; *(uint8_t*)0x20002142 = 0; *(uint8_t*)0x20002143 = 0; *(uint8_t*)0x20002144 = 0; *(uint8_t*)0x20002145 = 0; *(uint8_t*)0x20002146 = 0; *(uint8_t*)0x20002147 = 0; *(uint8_t*)0x20002148 = 0; *(uint8_t*)0x20002149 = 0; *(uint8_t*)0x2000214a = 0; *(uint8_t*)0x2000214b = 0; *(uint8_t*)0x2000214c = 0; *(uint8_t*)0x2000214d = 0; *(uint8_t*)0x2000214e = 0; *(uint8_t*)0x2000214f = 1; *(uint32_t*)0x20002150 = htobe32(0); *(uint32_t*)0x20002154 = htobe32(0); *(uint32_t*)0x20002158 = htobe32(0); *(uint32_t*)0x2000215c = htobe32(0); *(uint32_t*)0x20002160 = htobe32(0); *(uint32_t*)0x20002164 = htobe32(0); *(uint32_t*)0x20002168 = htobe32(0); *(uint32_t*)0x2000216c = htobe32(0); *(uint8_t*)0x20002170 = 0x73; *(uint8_t*)0x20002171 = 0x79; *(uint8_t*)0x20002172 = 0x7a; *(uint8_t*)0x20002173 = 0; *(uint8_t*)0x20002174 = 0; memcpy((void*)0x20002180, "\x69\x66\x62\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16); *(uint8_t*)0x20002190 = 0; *(uint8_t*)0x20002191 = 0; *(uint8_t*)0x20002192 = 0; *(uint8_t*)0x20002193 = 0; *(uint8_t*)0x20002194 = 0; *(uint8_t*)0x20002195 = 0; *(uint8_t*)0x20002196 = 0; *(uint8_t*)0x20002197 = 0; *(uint8_t*)0x20002198 = 0; *(uint8_t*)0x20002199 = 0; *(uint8_t*)0x2000219a = 0; *(uint8_t*)0x2000219b = 0; *(uint8_t*)0x2000219c = 0; *(uint8_t*)0x2000219d = 0; *(uint8_t*)0x2000219e = 0; *(uint8_t*)0x2000219f = 0; *(uint8_t*)0x200021a0 = 0; *(uint8_t*)0x200021a1 = 0; *(uint8_t*)0x200021a2 = 0; *(uint8_t*)0x200021a3 = 0; *(uint8_t*)0x200021a4 = 0; *(uint8_t*)0x200021a5 = 0; *(uint8_t*)0x200021a6 = 0; *(uint8_t*)0x200021a7 = 0; *(uint8_t*)0x200021a8 = 0; *(uint8_t*)0x200021a9 = 0; *(uint8_t*)0x200021aa = 0; *(uint8_t*)0x200021ab = 0; *(uint8_t*)0x200021ac = 0; *(uint8_t*)0x200021ad = 0; *(uint8_t*)0x200021ae = 0; *(uint8_t*)0x200021af = 0; *(uint16_t*)0x200021b0 = 0; *(uint8_t*)0x200021b2 = 0; *(uint8_t*)0x200021b3 = 0; *(uint8_t*)0x200021b4 = 0; *(uint32_t*)0x200021b8 = 0; *(uint16_t*)0x200021bc = 0xa8; *(uint16_t*)0x200021be = 0xd8; *(uint32_t*)0x200021c0 = 0; *(uint64_t*)0x200021c4 = 0; *(uint64_t*)0x200021cc = 0; *(uint16_t*)0x200021d8 = 0x30; memcpy((void*)0x200021da, "\x43\x4f\x4e\x4e\x4d\x41\x52\x4b\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x200021f7 = 1; *(uint32_t*)0x200021f8 = 0; *(uint32_t*)0x200021fc = 0; *(uint32_t*)0x20002200 = 0; *(uint8_t*)0x20002204 = 0; *(uint8_t*)0x20002208 = 0; *(uint8_t*)0x20002209 = 0; *(uint8_t*)0x2000220a = 0; *(uint8_t*)0x2000220b = 0; *(uint8_t*)0x2000220c = 0; *(uint8_t*)0x2000220d = 0; *(uint8_t*)0x2000220e = 0; *(uint8_t*)0x2000220f = 0; *(uint8_t*)0x20002210 = 0; *(uint8_t*)0x20002211 = 0; *(uint8_t*)0x20002212 = 0; *(uint8_t*)0x20002213 = 0; *(uint8_t*)0x20002214 = 0; *(uint8_t*)0x20002215 = 0; *(uint8_t*)0x20002216 = 0; *(uint8_t*)0x20002217 = 0; *(uint8_t*)0x20002218 = 0; *(uint8_t*)0x20002219 = 0; *(uint8_t*)0x2000221a = 0; *(uint8_t*)0x2000221b = 0; *(uint8_t*)0x2000221c = 0; *(uint8_t*)0x2000221d = 0; *(uint8_t*)0x2000221e = 0; *(uint8_t*)0x2000221f = 0; *(uint8_t*)0x20002220 = 0; *(uint8_t*)0x20002221 = 0; *(uint8_t*)0x20002222 = 0; *(uint8_t*)0x20002223 = 0; *(uint8_t*)0x20002224 = 0; *(uint8_t*)0x20002225 = 0; *(uint8_t*)0x20002226 = 0; *(uint8_t*)0x20002227 = 0; *(uint8_t*)0x20002228 = 0; *(uint8_t*)0x20002229 = 0; *(uint8_t*)0x2000222a = 0; *(uint8_t*)0x2000222b = 0; *(uint8_t*)0x2000222c = 0; *(uint8_t*)0x2000222d = 0; *(uint8_t*)0x2000222e = 0; *(uint8_t*)0x2000222f = 0; *(uint8_t*)0x20002230 = 0; *(uint8_t*)0x20002231 = 0; *(uint8_t*)0x20002232 = 0; *(uint8_t*)0x20002233 = 0; *(uint8_t*)0x20002234 = 0; *(uint8_t*)0x20002235 = 0; *(uint8_t*)0x20002236 = 0; *(uint8_t*)0x20002237 = 0; *(uint8_t*)0x20002238 = 0; *(uint8_t*)0x20002239 = 0; *(uint8_t*)0x2000223a = 0; *(uint8_t*)0x2000223b = 0; *(uint8_t*)0x2000223c = 0; *(uint8_t*)0x2000223d = 0; *(uint8_t*)0x2000223e = 0; *(uint8_t*)0x2000223f = 0; *(uint8_t*)0x20002240 = 0; *(uint8_t*)0x20002241 = 0; *(uint8_t*)0x20002242 = 0; *(uint8_t*)0x20002243 = 0; *(uint8_t*)0x20002244 = 0; *(uint8_t*)0x20002245 = 0; *(uint8_t*)0x20002246 = 0; *(uint8_t*)0x20002247 = 0; *(uint8_t*)0x20002248 = 0; *(uint8_t*)0x20002249 = 0; *(uint8_t*)0x2000224a = 0; *(uint8_t*)0x2000224b = 0; *(uint8_t*)0x2000224c = 0; *(uint8_t*)0x2000224d = 0; *(uint8_t*)0x2000224e = 0; *(uint8_t*)0x2000224f = 0; *(uint8_t*)0x20002250 = 0; *(uint8_t*)0x20002251 = 0; *(uint8_t*)0x20002252 = 0; *(uint8_t*)0x20002253 = 0; *(uint8_t*)0x20002254 = 0; *(uint8_t*)0x20002255 = 0; *(uint8_t*)0x20002256 = 0; *(uint8_t*)0x20002257 = 0; *(uint8_t*)0x20002258 = 0; *(uint8_t*)0x20002259 = 0; *(uint8_t*)0x2000225a = 0; *(uint8_t*)0x2000225b = 0; *(uint8_t*)0x2000225c = 0; *(uint8_t*)0x2000225d = 0; *(uint8_t*)0x2000225e = 0; *(uint8_t*)0x2000225f = 0; *(uint8_t*)0x20002260 = 0; *(uint8_t*)0x20002261 = 0; *(uint8_t*)0x20002262 = 0; *(uint8_t*)0x20002263 = 0; *(uint8_t*)0x20002264 = 0; *(uint8_t*)0x20002265 = 0; *(uint8_t*)0x20002266 = 0; *(uint8_t*)0x20002267 = 0; *(uint8_t*)0x20002268 = 0; *(uint8_t*)0x20002269 = 0; *(uint8_t*)0x2000226a = 0; *(uint8_t*)0x2000226b = 0; *(uint8_t*)0x2000226c = 0; *(uint8_t*)0x2000226d = 0; *(uint8_t*)0x2000226e = 0; *(uint8_t*)0x2000226f = 0; *(uint8_t*)0x20002270 = 0; *(uint8_t*)0x20002271 = 0; *(uint8_t*)0x20002272 = 0; *(uint8_t*)0x20002273 = 0; *(uint8_t*)0x20002274 = 0; *(uint8_t*)0x20002275 = 0; *(uint8_t*)0x20002276 = 0; *(uint8_t*)0x20002277 = 0; *(uint8_t*)0x20002278 = 0; *(uint8_t*)0x20002279 = 0; *(uint8_t*)0x2000227a = 0; *(uint8_t*)0x2000227b = 0; *(uint8_t*)0x2000227c = 0; *(uint8_t*)0x2000227d = 0; *(uint8_t*)0x2000227e = 0; *(uint8_t*)0x2000227f = 0; *(uint8_t*)0x20002280 = 0; *(uint8_t*)0x20002281 = 0; *(uint8_t*)0x20002282 = 0; *(uint8_t*)0x20002283 = 0; *(uint8_t*)0x20002284 = 0; *(uint8_t*)0x20002285 = 0; *(uint8_t*)0x20002286 = 0; *(uint8_t*)0x20002287 = 0; *(uint8_t*)0x20002288 = 0; *(uint8_t*)0x20002289 = 0; *(uint8_t*)0x2000228a = 0; *(uint8_t*)0x2000228b = 0; *(uint8_t*)0x2000228c = 0; *(uint8_t*)0x2000228d = 0; *(uint8_t*)0x2000228e = 0; *(uint8_t*)0x2000228f = 0; *(uint32_t*)0x20002290 = 0; *(uint16_t*)0x20002294 = 0xa8; *(uint16_t*)0x20002296 = 0xc8; *(uint32_t*)0x20002298 = 0; *(uint64_t*)0x2000229c = 0; *(uint64_t*)0x200022a4 = 0; *(uint16_t*)0x200022b0 = 0x20; memcpy((void*)0x200022b2, "\x4e\x4f\x54\x52\x41\x43\x4b\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x200022cf = 0; *(uint8_t*)0x200022d0 = 0xfe; *(uint8_t*)0x200022d1 = 0x80; *(uint8_t*)0x200022d2 = 0; *(uint8_t*)0x200022d3 = 0; *(uint8_t*)0x200022d4 = 0; *(uint8_t*)0x200022d5 = 0; *(uint8_t*)0x200022d6 = 0; *(uint8_t*)0x200022d7 = 0; *(uint8_t*)0x200022d8 = 0; *(uint8_t*)0x200022d9 = 0; *(uint8_t*)0x200022da = 0; *(uint8_t*)0x200022db = 0; *(uint8_t*)0x200022dc = 0; *(uint8_t*)0x200022dd = 0; *(uint8_t*)0x200022de = 0; *(uint8_t*)0x200022df = 0xaa; *(uint8_t*)0x200022e0 = 0; *(uint8_t*)0x200022e1 = 0; *(uint8_t*)0x200022e2 = 0; *(uint8_t*)0x200022e3 = 0; *(uint8_t*)0x200022e4 = 0; *(uint8_t*)0x200022e5 = 0; *(uint8_t*)0x200022e6 = 0; *(uint8_t*)0x200022e7 = 0; *(uint8_t*)0x200022e8 = 0; *(uint8_t*)0x200022e9 = 0; *(uint8_t*)0x200022ea = -1; *(uint8_t*)0x200022eb = -1; *(uint8_t*)0x200022ec = 0xac; *(uint8_t*)0x200022ed = 0x14; *(uint8_t*)0x200022ee = 0; *(uint8_t*)0x200022ef = 0; *(uint32_t*)0x200022f0 = htobe32(0); *(uint32_t*)0x200022f4 = htobe32(0); *(uint32_t*)0x200022f8 = htobe32(0); *(uint32_t*)0x200022fc = htobe32(0); *(uint32_t*)0x20002300 = htobe32(0); *(uint32_t*)0x20002304 = htobe32(0); *(uint32_t*)0x20002308 = htobe32(0); *(uint32_t*)0x2000230c = htobe32(0); memcpy((void*)0x20002310, "\x74\x75\x6e\x6c\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16); *(uint8_t*)0x20002320 = 0x73; *(uint8_t*)0x20002321 = 0x79; *(uint8_t*)0x20002322 = 0x7a; *(uint8_t*)0x20002323 = 0; *(uint8_t*)0x20002324 = 0; *(uint8_t*)0x20002330 = 0; *(uint8_t*)0x20002331 = 0; *(uint8_t*)0x20002332 = 0; *(uint8_t*)0x20002333 = 0; *(uint8_t*)0x20002334 = 0; *(uint8_t*)0x20002335 = 0; *(uint8_t*)0x20002336 = 0; *(uint8_t*)0x20002337 = 0; *(uint8_t*)0x20002338 = 0; *(uint8_t*)0x20002339 = 0; *(uint8_t*)0x2000233a = 0; *(uint8_t*)0x2000233b = 0; *(uint8_t*)0x2000233c = 0; *(uint8_t*)0x2000233d = 0; *(uint8_t*)0x2000233e = 0; *(uint8_t*)0x2000233f = 0; *(uint8_t*)0x20002340 = 0; *(uint8_t*)0x20002341 = 0; *(uint8_t*)0x20002342 = 0; *(uint8_t*)0x20002343 = 0; *(uint8_t*)0x20002344 = 0; *(uint8_t*)0x20002345 = 0; *(uint8_t*)0x20002346 = 0; *(uint8_t*)0x20002347 = 0; *(uint8_t*)0x20002348 = 0; *(uint8_t*)0x20002349 = 0; *(uint8_t*)0x2000234a = 0; *(uint8_t*)0x2000234b = 0; *(uint8_t*)0x2000234c = 0; *(uint8_t*)0x2000234d = 0; *(uint8_t*)0x2000234e = 0; *(uint8_t*)0x2000234f = 0; *(uint16_t*)0x20002350 = 0; *(uint8_t*)0x20002352 = 0; *(uint8_t*)0x20002353 = 0; *(uint8_t*)0x20002354 = 0; *(uint32_t*)0x20002358 = 0; *(uint16_t*)0x2000235c = 0xa8; *(uint16_t*)0x2000235e = 0x110; *(uint32_t*)0x20002360 = 0; *(uint64_t*)0x20002364 = 0; *(uint64_t*)0x2000236c = 0; *(uint16_t*)0x20002378 = 0x68; memcpy((void*)0x2000237a, "\x43\x54\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x20002397 = 2; *(uint16_t*)0x20002398 = 0xfffd; *(uint16_t*)0x2000239a = 0; *(uint32_t*)0x2000239c = 0; *(uint32_t*)0x200023a0 = 0; memcpy((void*)0x200023a4, "\x70\x70\x74\x70\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16); memcpy((void*)0x200023b4, "\x73\x79\x7a\x31\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00", 32); *(uint64_t*)0x200023d8 = 0; *(uint64_t*)0x20004000 = 0; *(uint64_t*)0x20004008 = 0; *(uint64_t*)0x20004010 = 0; *(uint64_t*)0x20004018 = 0; *(uint64_t*)0x20004020 = 0; *(uint64_t*)0x20004028 = 0; *(uint64_t*)0x20004030 = 0; *(uint64_t*)0x20004038 = 0; syscall(__NR_setsockopt, r[0], 0x29, 0x40, 0x20002000, 0x3e0); r[1] = syscall(__NR_socket, 0x20000000000000a, 2, 0); *(uint32_t*)0x20866ffc = 0; syscall(__NR_setsockopt, r[1], 0x29, 1, 0x20866ffc, 0x362); r[2] = syscall(__NR_socket, 2, 0x80005, 0); memcpy((void*)0x2002ccf8, "\x66\x69\x6c\x74\x65\x72\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00", 32); *(uint32_t*)0x2002cd18 = 0xe; *(uint32_t*)0x2002cd1c = 4; *(uint32_t*)0x2002cd20 = 0x280; *(uint32_t*)0x2002cd24 = -1; *(uint32_t*)0x2002cd28 = 0; *(uint32_t*)0x2002cd2c = 0; *(uint32_t*)0x2002cd30 = 0; *(uint32_t*)0x2002cd34 = -1; *(uint32_t*)0x2002cd38 = -1; *(uint32_t*)0x2002cd3c = 0; *(uint32_t*)0x2002cd40 = 0; *(uint32_t*)0x2002cd44 = 0; *(uint32_t*)0x2002cd48 = -1; *(uint32_t*)0x2002cd4c = 4; *(uint64_t*)0x2002cd50 = 0x20001000; *(uint8_t*)0x2002cd58 = 0; *(uint8_t*)0x2002cd59 = 0; *(uint8_t*)0x2002cd5a = 0; *(uint8_t*)0x2002cd5b = 0; *(uint8_t*)0x2002cd5c = 0; *(uint8_t*)0x2002cd5d = 0; *(uint8_t*)0x2002cd5e = 0; *(uint8_t*)0x2002cd5f = 0; *(uint8_t*)0x2002cd60 = 0; *(uint8_t*)0x2002cd61 = 0; *(uint8_t*)0x2002cd62 = 0; *(uint8_t*)0x2002cd63 = 0; *(uint8_t*)0x2002cd64 = 0; *(uint8_t*)0x2002cd65 = 0; *(uint8_t*)0x2002cd66 = 0; *(uint8_t*)0x2002cd67 = 0; *(uint8_t*)0x2002cd68 = 0; *(uint8_t*)0x2002cd69 = 0; *(uint8_t*)0x2002cd6a = 0; *(uint8_t*)0x2002cd6b = 0; *(uint8_t*)0x2002cd6c = 0; *(uint8_t*)0x2002cd6d = 0; *(uint8_t*)0x2002cd6e = 0; *(uint8_t*)0x2002cd6f = 0; *(uint8_t*)0x2002cd70 = 0; *(uint8_t*)0x2002cd71 = 0; *(uint8_t*)0x2002cd72 = 0; *(uint8_t*)0x2002cd73 = 0; *(uint8_t*)0x2002cd74 = 0; *(uint8_t*)0x2002cd75 = 0; *(uint8_t*)0x2002cd76 = 0; *(uint8_t*)0x2002cd77 = 0; *(uint8_t*)0x2002cd78 = 0; *(uint8_t*)0x2002cd79 = 0; *(uint8_t*)0x2002cd7a = 0; *(uint8_t*)0x2002cd7b = 0; *(uint8_t*)0x2002cd7c = 0; *(uint8_t*)0x2002cd7d = 0; *(uint8_t*)0x2002cd7e = 0; *(uint8_t*)0x2002cd7f = 0; *(uint8_t*)0x2002cd80 = 0; *(uint8_t*)0x2002cd81 = 0; *(uint8_t*)0x2002cd82 = 0; *(uint8_t*)0x2002cd83 = 0; *(uint8_t*)0x2002cd84 = 0; *(uint8_t*)0x2002cd85 = 0; *(uint8_t*)0x2002cd86 = 0; *(uint8_t*)0x2002cd87 = 0; *(uint8_t*)0x2002cd88 = 0; *(uint8_t*)0x2002cd89 = 0; *(uint8_t*)0x2002cd8a = 0; *(uint8_t*)0x2002cd8b = 0; *(uint8_t*)0x2002cd8c = 0; *(uint8_t*)0x2002cd8d = 0; *(uint8_t*)0x2002cd8e = 0; *(uint8_t*)0x2002cd8f = 0; *(uint8_t*)0x2002cd90 = 0; *(uint8_t*)0x2002cd91 = 0; *(uint8_t*)0x2002cd92 = 0; *(uint8_t*)0x2002cd93 = 0; *(uint8_t*)0x2002cd94 = 0; *(uint8_t*)0x2002cd95 = 0; *(uint8_t*)0x2002cd96 = 0; *(uint8_t*)0x2002cd97 = 0; *(uint8_t*)0x2002cd98 = 0; *(uint8_t*)0x2002cd99 = 0; *(uint8_t*)0x2002cd9a = 0; *(uint8_t*)0x2002cd9b = 0; *(uint8_t*)0x2002cd9c = 0; *(uint8_t*)0x2002cd9d = 0; *(uint8_t*)0x2002cd9e = 0; *(uint8_t*)0x2002cd9f = 0; *(uint8_t*)0x2002cda0 = 0; *(uint8_t*)0x2002cda1 = 0; *(uint8_t*)0x2002cda2 = 0; *(uint8_t*)0x2002cda3 = 0; *(uint8_t*)0x2002cda4 = 0; *(uint8_t*)0x2002cda5 = 0; *(uint8_t*)0x2002cda6 = 0; *(uint8_t*)0x2002cda7 = 0; *(uint8_t*)0x2002cda8 = 0; *(uint8_t*)0x2002cda9 = 0; *(uint8_t*)0x2002cdaa = 0; *(uint8_t*)0x2002cdab = 0; *(uint32_t*)0x2002cdac = 0; *(uint16_t*)0x2002cdb0 = 0x70; *(uint16_t*)0x2002cdb2 = 0x98; *(uint32_t*)0x2002cdb4 = 0; *(uint64_t*)0x2002cdb8 = 0; *(uint64_t*)0x2002cdc0 = 0; *(uint16_t*)0x2002cdc8 = 0x28; memcpy((void*)0x2002cdca, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x2002cde7 = 0; *(uint32_t*)0x2002cde8 = 0xfffffffe; *(uint8_t*)0x2002cdf0 = 0; *(uint8_t*)0x2002cdf1 = 0; *(uint8_t*)0x2002cdf2 = 0; *(uint8_t*)0x2002cdf3 = 0; *(uint8_t*)0x2002cdf4 = 0; *(uint8_t*)0x2002cdf5 = 0; *(uint8_t*)0x2002cdf6 = 0; *(uint8_t*)0x2002cdf7 = 0; *(uint8_t*)0x2002cdf8 = 0; *(uint8_t*)0x2002cdf9 = 0; *(uint8_t*)0x2002cdfa = 0; *(uint8_t*)0x2002cdfb = 0; *(uint8_t*)0x2002cdfc = 0; *(uint8_t*)0x2002cdfd = 0; *(uint8_t*)0x2002cdfe = 0; *(uint8_t*)0x2002cdff = 0; *(uint8_t*)0x2002ce00 = 0; *(uint8_t*)0x2002ce01 = 0; *(uint8_t*)0x2002ce02 = 0; *(uint8_t*)0x2002ce03 = 0; *(uint8_t*)0x2002ce04 = 0; *(uint8_t*)0x2002ce05 = 0; *(uint8_t*)0x2002ce06 = 0; *(uint8_t*)0x2002ce07 = 0; *(uint8_t*)0x2002ce08 = 0; *(uint8_t*)0x2002ce09 = 0; *(uint8_t*)0x2002ce0a = 0; *(uint8_t*)0x2002ce0b = 0; *(uint8_t*)0x2002ce0c = 0; *(uint8_t*)0x2002ce0d = 0; *(uint8_t*)0x2002ce0e = 0; *(uint8_t*)0x2002ce0f = 0; *(uint8_t*)0x2002ce10 = 0; *(uint8_t*)0x2002ce11 = 0; *(uint8_t*)0x2002ce12 = 0; *(uint8_t*)0x2002ce13 = 0; *(uint8_t*)0x2002ce14 = 0; *(uint8_t*)0x2002ce15 = 0; *(uint8_t*)0x2002ce16 = 0; *(uint8_t*)0x2002ce17 = 0; *(uint8_t*)0x2002ce18 = 0; *(uint8_t*)0x2002ce19 = 0; *(uint8_t*)0x2002ce1a = 0; *(uint8_t*)0x2002ce1b = 0; *(uint8_t*)0x2002ce1c = 0; *(uint8_t*)0x2002ce1d = 0; *(uint8_t*)0x2002ce1e = 0; *(uint8_t*)0x2002ce1f = 0; *(uint8_t*)0x2002ce20 = 0; *(uint8_t*)0x2002ce21 = 0; *(uint8_t*)0x2002ce22 = 0; *(uint8_t*)0x2002ce23 = 0; *(uint8_t*)0x2002ce24 = 0; *(uint8_t*)0x2002ce25 = 0; *(uint8_t*)0x2002ce26 = 0; *(uint8_t*)0x2002ce27 = 0; *(uint8_t*)0x2002ce28 = 0; *(uint8_t*)0x2002ce29 = 0; *(uint8_t*)0x2002ce2a = 0; *(uint8_t*)0x2002ce2b = 0; *(uint8_t*)0x2002ce2c = 0; *(uint8_t*)0x2002ce2d = 0; *(uint8_t*)0x2002ce2e = 0; *(uint8_t*)0x2002ce2f = 0; *(uint8_t*)0x2002ce30 = 0; *(uint8_t*)0x2002ce31 = 0; *(uint8_t*)0x2002ce32 = 0; *(uint8_t*)0x2002ce33 = 0; *(uint8_t*)0x2002ce34 = 0; *(uint8_t*)0x2002ce35 = 0; *(uint8_t*)0x2002ce36 = 0; *(uint8_t*)0x2002ce37 = 0; *(uint8_t*)0x2002ce38 = 0; *(uint8_t*)0x2002ce39 = 0; *(uint8_t*)0x2002ce3a = 0; *(uint8_t*)0x2002ce3b = 0; *(uint8_t*)0x2002ce3c = 0; *(uint8_t*)0x2002ce3d = 0; *(uint8_t*)0x2002ce3e = 0; *(uint8_t*)0x2002ce3f = 0; *(uint8_t*)0x2002ce40 = 0; *(uint8_t*)0x2002ce41 = 0; *(uint8_t*)0x2002ce42 = 0; *(uint8_t*)0x2002ce43 = 0; *(uint32_t*)0x2002ce44 = 0; *(uint16_t*)0x2002ce48 = 0x70; *(uint16_t*)0x2002ce4a = 0x98; *(uint32_t*)0x2002ce4c = 0; *(uint64_t*)0x2002ce50 = 0; *(uint64_t*)0x2002ce58 = 0; *(uint16_t*)0x2002ce60 = 0x28; memcpy((void*)0x2002ce62, "\x52\x45\x4a\x45\x43\x54\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x2002ce7f = 0; *(uint32_t*)0x2002ce80 = 0; *(uint8_t*)0x2002ce88 = 0; *(uint8_t*)0x2002ce89 = 0; *(uint8_t*)0x2002ce8a = 0; *(uint8_t*)0x2002ce8b = 0; *(uint8_t*)0x2002ce8c = 0; *(uint8_t*)0x2002ce8d = 0; *(uint8_t*)0x2002ce8e = 0; *(uint8_t*)0x2002ce8f = 0; *(uint8_t*)0x2002ce90 = 0; *(uint8_t*)0x2002ce91 = 0; *(uint8_t*)0x2002ce92 = 0; *(uint8_t*)0x2002ce93 = 0; *(uint8_t*)0x2002ce94 = 0; *(uint8_t*)0x2002ce95 = 0; *(uint8_t*)0x2002ce96 = 0; *(uint8_t*)0x2002ce97 = 0; *(uint8_t*)0x2002ce98 = 0; *(uint8_t*)0x2002ce99 = 0; *(uint8_t*)0x2002ce9a = 0; *(uint8_t*)0x2002ce9b = 0; *(uint8_t*)0x2002ce9c = 0; *(uint8_t*)0x2002ce9d = 0; *(uint8_t*)0x2002ce9e = 0; *(uint8_t*)0x2002ce9f = 0; *(uint8_t*)0x2002cea0 = 0; *(uint8_t*)0x2002cea1 = 0; *(uint8_t*)0x2002cea2 = 0; *(uint8_t*)0x2002cea3 = 0; *(uint8_t*)0x2002cea4 = 0; *(uint8_t*)0x2002cea5 = 0; *(uint8_t*)0x2002cea6 = 0; *(uint8_t*)0x2002cea7 = 0; *(uint8_t*)0x2002cea8 = 0; *(uint8_t*)0x2002cea9 = 0; *(uint8_t*)0x2002ceaa = 0; *(uint8_t*)0x2002ceab = 0; *(uint8_t*)0x2002ceac = 0; *(uint8_t*)0x2002cead = 0; *(uint8_t*)0x2002ceae = 0; *(uint8_t*)0x2002ceaf = 0; *(uint8_t*)0x2002ceb0 = 0; *(uint8_t*)0x2002ceb1 = 0; *(uint8_t*)0x2002ceb2 = 0; *(uint8_t*)0x2002ceb3 = 0; *(uint8_t*)0x2002ceb4 = 0; *(uint8_t*)0x2002ceb5 = 0; *(uint8_t*)0x2002ceb6 = 0; *(uint8_t*)0x2002ceb7 = 0; *(uint8_t*)0x2002ceb8 = 0; *(uint8_t*)0x2002ceb9 = 0; *(uint8_t*)0x2002ceba = 0; *(uint8_t*)0x2002cebb = 0; *(uint8_t*)0x2002cebc = 0; *(uint8_t*)0x2002cebd = 0; *(uint8_t*)0x2002cebe = 0; *(uint8_t*)0x2002cebf = 0; *(uint8_t*)0x2002cec0 = 0; *(uint8_t*)0x2002cec1 = 0; *(uint8_t*)0x2002cec2 = 0; *(uint8_t*)0x2002cec3 = 0; *(uint8_t*)0x2002cec4 = 0; *(uint8_t*)0x2002cec5 = 0; *(uint8_t*)0x2002cec6 = 0; *(uint8_t*)0x2002cec7 = 0; *(uint8_t*)0x2002cec8 = 0; *(uint8_t*)0x2002cec9 = 0; *(uint8_t*)0x2002ceca = 0; *(uint8_t*)0x2002cecb = 0; *(uint8_t*)0x2002cecc = 0; *(uint8_t*)0x2002cecd = 0; *(uint8_t*)0x2002cece = 0; *(uint8_t*)0x2002cecf = 0; *(uint8_t*)0x2002ced0 = 0; *(uint8_t*)0x2002ced1 = 0; *(uint8_t*)0x2002ced2 = 0; *(uint8_t*)0x2002ced3 = 0; *(uint8_t*)0x2002ced4 = 0; *(uint8_t*)0x2002ced5 = 0; *(uint8_t*)0x2002ced6 = 0; *(uint8_t*)0x2002ced7 = 0; *(uint8_t*)0x2002ced8 = 0; *(uint8_t*)0x2002ced9 = 0; *(uint8_t*)0x2002ceda = 0; *(uint8_t*)0x2002cedb = 0; *(uint32_t*)0x2002cedc = 0; *(uint16_t*)0x2002cee0 = 0x70; *(uint16_t*)0x2002cee2 = 0x98; *(uint32_t*)0x2002cee4 = 0; *(uint64_t*)0x2002cee8 = 0; *(uint64_t*)0x2002cef0 = 0; *(uint16_t*)0x2002cef8 = 0x28; memcpy((void*)0x2002cefa, "\x52\x45\x4a\x45\x43\x54\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x2002cf17 = 0; *(uint32_t*)0x2002cf18 = 0; *(uint8_t*)0x2002cf20 = 0; *(uint8_t*)0x2002cf21 = 0; *(uint8_t*)0x2002cf22 = 0; *(uint8_t*)0x2002cf23 = 0; *(uint8_t*)0x2002cf24 = 0; *(uint8_t*)0x2002cf25 = 0; *(uint8_t*)0x2002cf26 = 0; *(uint8_t*)0x2002cf27 = 0; *(uint8_t*)0x2002cf28 = 0; *(uint8_t*)0x2002cf29 = 0; *(uint8_t*)0x2002cf2a = 0; *(uint8_t*)0x2002cf2b = 0; *(uint8_t*)0x2002cf2c = 0; *(uint8_t*)0x2002cf2d = 0; *(uint8_t*)0x2002cf2e = 0; *(uint8_t*)0x2002cf2f = 0; *(uint8_t*)0x2002cf30 = 0; *(uint8_t*)0x2002cf31 = 0; *(uint8_t*)0x2002cf32 = 0; *(uint8_t*)0x2002cf33 = 0; *(uint8_t*)0x2002cf34 = 0; *(uint8_t*)0x2002cf35 = 0; *(uint8_t*)0x2002cf36 = 0; *(uint8_t*)0x2002cf37 = 0; *(uint8_t*)0x2002cf38 = 0; *(uint8_t*)0x2002cf39 = 0; *(uint8_t*)0x2002cf3a = 0; *(uint8_t*)0x2002cf3b = 0; *(uint8_t*)0x2002cf3c = 0; *(uint8_t*)0x2002cf3d = 0; *(uint8_t*)0x2002cf3e = 0; *(uint8_t*)0x2002cf3f = 0; *(uint8_t*)0x2002cf40 = 0; *(uint8_t*)0x2002cf41 = 0; *(uint8_t*)0x2002cf42 = 0; *(uint8_t*)0x2002cf43 = 0; *(uint8_t*)0x2002cf44 = 0; *(uint8_t*)0x2002cf45 = 0; *(uint8_t*)0x2002cf46 = 0; *(uint8_t*)0x2002cf47 = 0; *(uint8_t*)0x2002cf48 = 0; *(uint8_t*)0x2002cf49 = 0; *(uint8_t*)0x2002cf4a = 0; *(uint8_t*)0x2002cf4b = 0; *(uint8_t*)0x2002cf4c = 0; *(uint8_t*)0x2002cf4d = 0; *(uint8_t*)0x2002cf4e = 0; *(uint8_t*)0x2002cf4f = 0; *(uint8_t*)0x2002cf50 = 0; *(uint8_t*)0x2002cf51 = 0; *(uint8_t*)0x2002cf52 = 0; *(uint8_t*)0x2002cf53 = 0; *(uint8_t*)0x2002cf54 = 0; *(uint8_t*)0x2002cf55 = 0; *(uint8_t*)0x2002cf56 = 0; *(uint8_t*)0x2002cf57 = 0; *(uint8_t*)0x2002cf58 = 0; *(uint8_t*)0x2002cf59 = 0; *(uint8_t*)0x2002cf5a = 0; *(uint8_t*)0x2002cf5b = 0; *(uint8_t*)0x2002cf5c = 0; *(uint8_t*)0x2002cf5d = 0; *(uint8_t*)0x2002cf5e = 0; *(uint8_t*)0x2002cf5f = 0; *(uint8_t*)0x2002cf60 = 0; *(uint8_t*)0x2002cf61 = 0; *(uint8_t*)0x2002cf62 = 0; *(uint8_t*)0x2002cf63 = 0; *(uint8_t*)0x2002cf64 = 0; *(uint8_t*)0x2002cf65 = 0; *(uint8_t*)0x2002cf66 = 0; *(uint8_t*)0x2002cf67 = 0; *(uint8_t*)0x2002cf68 = 0; *(uint8_t*)0x2002cf69 = 0; *(uint8_t*)0x2002cf6a = 0; *(uint8_t*)0x2002cf6b = 0; *(uint8_t*)0x2002cf6c = 0; *(uint8_t*)0x2002cf6d = 0; *(uint8_t*)0x2002cf6e = 0; *(uint8_t*)0x2002cf6f = 0; *(uint8_t*)0x2002cf70 = 0; *(uint8_t*)0x2002cf71 = 0; *(uint8_t*)0x2002cf72 = 0; *(uint8_t*)0x2002cf73 = 0; *(uint32_t*)0x2002cf74 = 0; *(uint16_t*)0x2002cf78 = 0x70; *(uint16_t*)0x2002cf7a = 0xb8; *(uint32_t*)0x2002cf7c = 0; *(uint64_t*)0x2002cf80 = 0; *(uint64_t*)0x2002cf88 = 0; *(uint16_t*)0x2002cf90 = 0x48; memcpy((void*)0x2002cf92, "\x54\x45\x45\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00", 29); *(uint8_t*)0x2002cfaf = 1; *(uint8_t*)0x2002cfb0 = 0xfe; *(uint8_t*)0x2002cfb1 = 0x80; *(uint8_t*)0x2002cfb2 = 0; *(uint8_t*)0x2002cfb3 = 0; *(uint8_t*)0x2002cfb4 = 0; *(uint8_t*)0x2002cfb5 = 0; *(uint8_t*)0x2002cfb6 = 0; *(uint8_t*)0x2002cfb7 = 0; *(uint8_t*)0x2002cfb8 = 0; *(uint8_t*)0x2002cfb9 = 0; *(uint8_t*)0x2002cfba = 0; *(uint8_t*)0x2002cfbb = 0; *(uint8_t*)0x2002cfbc = 0; *(uint8_t*)0x2002cfbd = 0; *(uint8_t*)0x2002cfbe = 0; *(uint8_t*)0x2002cfbf = 0xbb; memcpy((void*)0x2002cfc0, "\x64\x75\x6d\x6d\x79\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16); *(uint64_t*)0x2002cfd0 = 0; *(uint64_t*)0x20001000 = 0; *(uint64_t*)0x20001008 = 0; *(uint64_t*)0x20001010 = 0; *(uint64_t*)0x20001018 = 0; *(uint64_t*)0x20001020 = 0; *(uint64_t*)0x20001028 = 0; *(uint64_t*)0x20001030 = 0; *(uint64_t*)0x20001038 = 0; syscall(__NR_setsockopt, r[2], 0, 0x40, 0x2002ccf8, 0x2e0); } int main() { for (;;) { loop(); } }