// https://syzkaller.appspot.com/bug?id=e94de72534b46ee21d40a7f3cd90793f97754b49 // autogenerated by syzkaller (https://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #include static unsigned long long procid; static void kill_and_wait(int pid, int* status) { kill(pid, SIGKILL); while (waitpid(-1, status, 0) != pid) { } } static void sleep_ms(uint64_t ms) { usleep(ms * 1000); } static uint64_t current_time_ms(void) { struct timespec ts; if (clock_gettime(CLOCK_MONOTONIC, &ts)) exit(1); return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000; } static void execute_one(void); #define WAIT_FLAGS 0 static void loop(void) { int iter = 0; for (;; iter++) { int pid = fork(); if (pid < 0) exit(1); if (pid == 0) { execute_one(); exit(0); } int status = 0; uint64_t start = current_time_ms(); for (;;) { if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid) break; sleep_ms(1); if (current_time_ms() - start < 5000) continue; kill_and_wait(pid, &status); break; } } } #ifndef SYS_mmap #define SYS_mmap 197 #endif #ifndef SYS_socket #define SYS_socket 394 #endif #ifndef SYS_writev #define SYS_writev 121 #endif uint64_t r[1] = {0xffffffffffffffff}; void execute_one(void) { intptr_t res = 0; res = syscall(SYS_socket, 0x11ul, 0x800000003ul, 0); if (res != -1) r[0] = res; *(uint64_t*)0x20001780 = 0; *(uint64_t*)0x20001788 = 0; *(uint64_t*)0x20001790 = 0; *(uint64_t*)0x20001798 = 0; *(uint64_t*)0x200017a0 = 0; *(uint64_t*)0x200017a8 = 0; *(uint64_t*)0x200017b0 = 0; *(uint64_t*)0x200017b8 = 0; *(uint64_t*)0x200017c0 = 0x20000540; memcpy( (void*)0x20000540, "\xbd\xea\x92\x28\x76\xfa\x9d\xea\x3b\x45\x60\x56\x5e\x42\xbd\x25\xdd\x45" "\x75\x0e\x3f\xa9\x27\xda\x9c\x80\xfb\x6d\x1a\xca\x9e\xc9\xde\x42\x6b\x8e" "\xe0\xb2\x3d\xa9\x5a\x04\x94\xb3\x3c\x1e\xc8\xf5\x3a\xcb\xa3\x99\xae\x7e" "\xc2\xdf\x94\x4d\xdc\x3a\x6d\xee\x9b\xf0\xc9\x48\xe8\xe0\xdb\x64\x9c\xd3" "\x77\xc3\xe9\xfb\x4e\x27\x5e\xaa\x49\x37\x83\x6c\x2c\x7b\x0d\xb6\xfc\xb5" "\x42\xd3\xcc\x9b\x71\xcf\xa0\xec\x32\x7c\x31\xfb\xfc\xce\x92\x8a\x3f\x7c" "\x53\x53\x82\xbc\x98\x03\x6e\xcc\x45\xa5\xd3\xbd\x2c\xa9\x23\xb5\x6d\x6d" "\x3c\xcc\x5e\x23\xf7\xf5\xba\x5e\xc7\x1f\x27\xc4\xf7\x4b\x00\xad\x9c\xf1" "\x5b\x9b\x9c\xbc\x02\x08\x78\x14\xec\xd5\xfd\xf4\x2c\x79\xae\x88\xab\xd2" "\xa8\xe5\x0f\x69\xd7\x96\xd1\x3b\x5a\x02\x57\x00\x9e\xa8\x83\xf5\xb7\xbf" "\x36\x31\x7a\x5d\x1f\x69\x39\x59\xd5\x62\x37\xab\x60\x52\x96\x74\xee\x10" "\x6a\x58\xd1\x8d\x08\x93\x75\xe7\x32\x87\xce\x9e\xce\xaa\xab\x3d\xf1\xa2" "\x97\x1d\x8c\x4c\x85\xdd\x7e\xc7\x4b\xac\x86\xda\x5b\x2a\x62\xf1\xc0\xe5" "\x94\xb5\x4e\x14\xf8\x15\xcb\xc5\xa6\x73\x49\x9e\x3e\xbc\x31\xd0\xd7\xb8" "\x62\x06\xc5\x3c\xda\x0c\xba\xf2\xa6\x0a\xa4\x43\x1f\x1a\x99\x56\xe9\x00" "\xe1\xf4\xc6\x7d\xf3\x1c\x6a\xa3\x07\x70\xc2\x55\x2c\xe9\xaf\x1d\xe0\x6b" "\x10\x95\x78\x07\xd3\x83\x50\xd0\x28\xdf\x30\x4d\x5f\x5c\xba\x8a\x9c\x0d" "\xca\x61\x8b\xc6\xd4\xaa\x11\xc3\x9d\x06\x3b\x88\xcb\x7e\x00\xce\x0c\xfe" "\xb6\x64\x48\xfd\x7e\x3d\xb7\x26\x57\xab\x8a\xdb\xed\x8e\x01\xb0\x57\xd5" "\x18\xdc\x43\x09\x24\x8d\xfa\xc7\x69\xf2\x31\x51\xb5\x7b\xec\x47\x48\x34" "\xe3\x26\x4c\xf0\x36\xf3\xa0\xcb\xba\x2f\x95\x55\x3e\xbc\x5d\x64\x69\x2c" "\x80\x1e\xb7\x0d\xe9\x03\xdd\x5e\x2e\x54\xf7\x97\x6e\x63\x96\x4d\x0a\xb1" "\x2d\x1a\x06\x46\xb2\xfe\x03\x99\x7f\x3a\x3f\xec\x0b\xce\xc7\x14\x33\x19" "\x32\xf3\xc4\x19\xd3\x4e\x30\x56\x3b\xe0\xa8\xc0\x00\x15\x36\x45\xa5\x7b" "\x26\xbc\x92\x71\xbd\x39\xb8\x64\x71\xaa\xe3\xec\x0c\x82\xff\xa5\xf0\xd0" "\xb3\xbe\xc2\xbb\xa4\x85\x36\x80\xb7\xd7\xdd\x05\xbe\xbd\x63\x6f\xb2\x6d" "\xc3\x5c\xaf\x4e\x4e\xd0\xfe\x24\x49\x86\xc5\x1c\xe1\x25\x9a\xfe\x4b\xd2" "\x96\x5e\x6e\x3f\x69\x00\x06\xd1\x7c\xb5\x28\xbf\xaf\xc9\x2b\x06\xa1\x18" "\x30\xa6\x06\xc1\x2d\xa6\x40\xbc\x11\xfc\xb2\xdc\x0f\x37\x03\xf0\xd3\x15" "\xa2\xe2\xc9\xe0\x55\x1c\xc3\x31\x63\xdd\x40\xae\xb4\xe1\xe8\xfc\x68\x39" "\x5c\xc9\xff\xe5\xca\x26\xba\xf0\x9a\x0f\x8c\x95\x80\x7e\xd1\x92\x46\xeb" "\x15\x20\x84\xce\x38\xba\xaf\x9c\xde\x84\x91\x36\x01\x82\x35\x76\xc4\x11" "\x39\x45\xcc\xd2\x1f\xfc\x14\xb8\xbd\x9e\xe1\x37\x01\xb1\x6a\xe8\x81\x14" "\x5a\xb7\x6d\x3d\xa8\x7d\xfb\x2f\x1b\x01\x2a\x22\x64\x48\xc6\x80\xb6\x77" "\xaa\xf4\xbf\x54\x21\xa3\x5f\x82\xcf\xb7\xec\x46\x37\xa7\x5f\xf5\x25\x14" "\x22\xe5\xb4\xdf\x93\x67\xba\xd4\xbd\x7f\x0d\x26\xbd\x75\x08\x7c\x66\xb7" "\x69\xfd\xdf\xbc\x3c\x80\x02\x23\xce\x80\xf7\xdd\xd3\xb9\x76\x02\xb1\x73" "\x87\x77\x9f\xc9\x0b\xcf\x8e\x9b\xde\xde\xfd\x1b\x0e\xb7\xb0\xf5\xca\x15" "\x3c\x92\xc4\x7c\x2b\x48\x86\x00\xc9\x3d\x0d\x38\x96\xea\x94\xcc\xb1\xa8" "\x14\x46\x67\x59\x38\xc3\x6d\xb9\x08\x4b\xee\xb1\x26\x36\x40\x8e\x3e\x97" "\xa8\x5e\x9d\xf9\x64\x95\x78\xd1\x2e\x59\x36\x24\x45\x19\xd2\x1c\xe1\x5b" "\x64\x6d\xcb\x8b\x7c\xd7\x13\x45\x1b\xfe\xd1\xe5\x77\x20\xb7\x7e\xe2\x9c" "\x06\xc4\xe6\x82\x34\x6b\x34\x95\x79\xb5\x5a\x28\x88\xd1\xa5\xbf\x32\x02" "\x9d\x72\x53\x8b\xa8\x5e\xc2\xcb\x4e\xc3\xb1\xc9\xbb\xe9\x0d\x89\x94\x22" "\x59\x0d\x6f\x78\x45\x00\x8c\xb5\x6f\x5a\xa6\x52\xed\xab\x07\x85\x6f\xf0" "\x8f\xde\x21\x8e\x51\xce\x83\x99\xd1\x66\x2e\x8c\xb1\x23\xb3\x0d\xcb\x56" "\x70\xc5\xb2\x61\xcc\x0a\xa9\x93\xe4\x11\x8d\x9e\x69\x25\xec\x50\x97\x2d" "\x8c\x90\xd6\xdf\xb9\x16\x70\x5d\xb9\x46\x89\x95\x56\x44\x3d\xc6\xee\x44" "\xf5\x3b\x07\x01\xc2\x11\x81\xc8\x98\x94\x86\x05\x02\x0c\x16\x2a\xc6\xb9" "\x9d\x21\x1b\xb2\x64\x82\xa9\x4e\x8d\x0f\xa0\xb0\x22\xfd\xdc\xaf\xae\x32" "\x78\x75\xe4\x4b\xc5\xe5\x2d\xf2\xc3\x75\x5f\x59\x8c\xd8\x87\x49\x3c\xdc" "\x26\x77\x7a\x06\x03\x1a\x44\x08\xfe\x03\xf1\xda\x7e\xad\x41\x1b\xb7\xf4" "\x3f\x68\x99\xdf\x22\x2a\xa4\xf9\x5e\x8f\x4b\x36\xb4\x16\xf8\x52\xc0\xd4" "\x82\xc4\xdd\xa5\x84\xf6\xcd\xe0\xc4\x72\x48\x12\x72\xf1\x5e\xe3\xdb\xca" "\xc0\x52\x74\xcf\x75\xfc\xae\x77\x80\xca\x1d\x71\x77\x6e\xd0\xde\x43\x29" "\x91\x1b\xf5\xd7\xb3\x95\x90\xd2\xf9\x0f\x1e\x38\x0b\x63\x3f\x4b\x5f\x84" "\x1b\xe5\xf4\xe3\xa8\x0b\x78\x87\xa5\xda\x5a\x4f\x18\x04\xd9\x3c\x3a\x8b" "\xcc\x12\xf3\x42\xa5\x8f\x43\x34\x81\x6a\xda\x1f\x30\x81\xe4\x1a\x42\x62" "\xf9\xeb\x67\x0e\x1c\x36\x77\xb4\xe0\xc1\x71\x3e\x94\x65\x88\x7e\xa4\xb2" "\x0e\xca\xa3\x11\xe5\x4c\x7d\x03\xbe\xf0\x25\x21\xc7\x69\xae\x9d\xfa\x56" "\x56\x6d\x15\xd9\x64\xe6\xab\x33\xf3\x1d\x97\x1c\x38\xc4\xea\x20\x63\x1c" "\x0d\xd1\x28\xec\x7b\xdb\x20\x7c\xd3\xd4\x9a\x85\x2a\xbd\x44\x70\xe7\x19" "\xf6\xd8\xea\x9e\x8c\x89\xbc\xc8\x4d\x74\x4e\x8c\x5b\x2b\x77\x1f\x24\x92" "\xe3\xb1\x76\x58\x18\x47\xaf\x76\xf3\x69\xc4\x00\xce\xe2\xcf\x01\xf1\xe1" "\x51\x80\xaa\x38\x30\xa7\x47\xe5\x00\x7a\xe0\xd3\xfa\xb5\xd0\xa7\xcc\x14" "\x6a\x5d\xcf\x57\xfa\x75\x82\xc6\x67\x62\x69\x88\x86\x98\x9e\x58\xab\xa6" "\x45\x51\x95\xe4\x15\x5c\x3e\x04\xcb\xaf\xf0\x7f\x17\x4b\x92\xec\xeb\xea" "\x98\xb2\x23\x5b\x6a\xc3\x01\x87\x73\x6a\x7a\x14\x06\xf6\x2b\x73\x6a\x1a" "\xf5\x20\x57\x52\x7b\xc9\xec\xbb\x9d\x2d\xd6\xe9\x87\x6a\xf7\x26\xd0\xf1" "\x4a\x96\x9f\x7d\xd1\x82\xf5\x32\x72\xb6\xf3\xe6\x82\x87\x6f\x56\x2a\x0c" "\x5e\x46\x4c\x5f\x9c\xed\xb4\x86\x4f\x06\xd5\xaa\x82\xa6\xb0\xaa\x2c\x4b" "\x1b\xee\x20\xfa\xc3\xf2\xff\xb6\xc2\x28\x7c\x6f\xf0\x96\xe1\xdc\x81\x04" "\x84\xc0\x8b\x95\x4f\x01\x7a\x3b\x7a\xd8\x01\x32\x13\xef\x65\x98\xda\x1c" "\xde\xb0\x1b\x01\x36\x55\xc0\x43\x6d\xb7\x43\x1f\x59\x1a\x9d\x32\x5e\xec" "\x14\x1d\x84\x3c\x23\xd9\x36\x2a\x66\x4f\x20\xa0\x4b\x8a\x8e\x92\xf5\x2a" "\x74\x0d\x9c\x71\x6b\xe7\xbf\xdb\x06\x62\xb1\xd5\xba\x9e\xe1\x1f\x46\x1e" "\x8c\x97\xb1\x87\x87\x82\x14\x04\xac\xc6\x3c\x06\xd7\x37\xf8\x7d\x48\xed" "\xce\xa9\xe5\x45\x9b\x9b\x67\x48\x72\xca\x52\xe1\x97\xa7\x9a\xcb\xa3\xbd" "\x20\xb1\x48\x52\x0b\x1c\xaa\x06\xf3\xb7\xfc\x62\x5a\x54\xde\xef\x70\x20" "\xd0\x74\x7a\x22\xe6\xd8\xc4\xe1\xcb\xfa\xf2\xcb\xd0\x51\x99\xad\x16\x9d" "\xb2\x76\xa8\x4e\x6f\x5c\xf6\x63\x9b\x6e\x17\xfe\x90\xf6\x19\x5d\x78\x58" "\x6e\x1b\x04\xfe\x97\x1e\x79\x6c\xa0\x7c\xcb\xb9\xf3\xe5\xba\x1e\x4d\x55" "\xfe\x6c\xb3\x31\x47\xa9\x60\x6c\xd0\x17\xb2\x39\x24\x17\x35\x21\xa8\x90" "\xf6\x13\x68\x83\x2f\xf7\x02\x9e\xc7\xc8\x6b\x4b\x60\x4f\x5f\x6b\xb6\xbc" "\x0c\xfd\xe4\x0e\x0c\xfe\xd6\x5d\x5a\x7d\x7b\xae\x93\x19\x5e\xfd\x8e\x72" "\x71\x6f\x15\x5c\x49\x3e\x3a\x1a\x9a\xf6\xa1\x06\xfb\x14\x13\x1b\x85\xd3" "\xd5\xd0\x44\x79\x7d\x6b\x30\x78\x08\xf8\x08\x82\xfd\xff\x33\xcd\x3c\x65" "\xd3\x4f\xe5\x49\x33\xd3\xa8\xc2\xf2\xd8\x1e\x55\xa2\xc1\x84\x87\xbe\xda" "\x94\x89\x93\x5f\x7b\x39\x72\xad\xc3\x90\x21\xb1\xe1\xd4\x3a\x4f\xf1\x51" "\xc7\xee\xbf\x0d\x2c\xa2\x75\x2f\x3d\x76\x76\xc5\xd4\x3b\x85\x3f\x6e\x36" "\x9d\x6d\xb2\x1a\xe8\xf6\xc0\x84\xec\x98\x18\x40\xed\x7e\xe8\xae\xe0\x86" "\xae\x8a\x53\x0d\x02\x8b\xa6\xb8\x04\xf8\x1e\xef\x28\x35\xf1\x3e\x45\x15" "\xb4\xc0\xa2\xaf\x6b\x56\x83\x30\x00\xef\xc6\x17\x7c\x60\xac\x3a\xb9\x7f" "\x17\x20\xc0\xde\xa1\x6d\x74\xd3\x86\x59\xa4\xed\x0d\x52\xd0\x6f\x2d\x42" "\xd5\x1b\x54\xc4\x92\x12\x3f\x1f\x9c\xaf\x01\x2e\x16\x00\x9d\xf9\x3d\x14" "\x88\x37\x19\x86\x4a\x42\xd4\x99\x19\x3a\xd3\x82\x88\x0e\xd6\x7a\x95\xa6" "\xe6\x34\x20\xbc\x90\x52\x8b\xf3\x49\xf1\x8c\xc5\x0f\xaf\x6b\x6a\x3e\xd3" "\x66\xfd\xcb\xf1\xd6\x77\x31\x15\x8b\x2f\x6e\xc1\xf9\x03\xba\xce\x50\x65" "\xc9\xef\x75\xf6\x8e\x49\x56\x2a\xac\xd2\x45\x93\xdd\xd5\xa9\x2f\xa6\x59" "\xe1\x38\x83\x73\x60\x4e\x97\x93\x96\x75\xb6\x05\x23\xc1\xff\x29\xfd\x74" "\x59\xcc\x77\x3c\x1e\x05\xdc\x60\x89\xcd\x07\x86\xe0\x3a\xb9\x1f\x70\x7e" "\xdf\x86\x5a\x48\x3b\xbe\x8e\x84\x61\x5c\xeb\x72\x12\xfe\xa3\x54\x51\xae" "\x97\x29\x21\x70\x7c\xbb\x33\xba\x3e\xa0\xe8\xc3\xca\x69\xec\x42\x3f\x55" "\x09\xb4\x0d\x07\x40\x87\x46\xfd\xc0\xe1\x04\xee\x9d\x7f\xf7\x2d\x34\xd6" "\x3c\xa6\xd7\x16\xf5\x94\xb8\xae\x49\x25\xd9\x69\xc1\x92\xb3\xf4\x36\x49" "\x31\x6d\xed\x5f\x96\x2f\x89\xd8\x8d\xa2\x61\x6d\x9c\x9c\x01\x79\x13\x38" "\xaf\x5a\xc2\x28\x62\x54\x3f\x15\x7b\x0c\x50\xde\x15\xfd\x9f\x44\x37\x27" "\x94\x06\x59\x22\x78\xe5\xce\xc5\x70\x21\x63\x5f\xdc\xda\x34\x01\x9d\xd0" "\x14\xef\xaa\x7d\x6f\xe0\x7f\xec\xf7\x03\x65\x7b\x84\x18\xfa\xa9\xc4\x3b" "\x56\xec\x1e\xdc\x7e\x05\x99\x4c\xb1\x21\x3f\xe3\xce\x8d\xc6\xc8\x87\x25" "\x7b\x51\x18\x34\xfd\x56\x8c\x22\x79\xcd\x17\x62\x28\xa2\x2c\x6d\x53\x72" "\x16\xfd\xee\x58\xff\x73\x9e\x27\xfa\x26\xbe\xed\xae\xac\x77\x57\x02\x77" "\x86\xe9\xda\x59\xb4\xc8\x54\x31\xcc\x10\x04\xfc\x50\x3e\x35\x74\x26\xa1" "\xa6\x14\x47\x94\xea\x68\xc2\x5e\x9b\xf0\xd7\xc3\x6f\xf8\x09\x85\x24\x18" "\x8b\x9c\xbd\x7c\xa6\x9b\x72\xf0\x45\xb0\xf0\x0f\xce\x25\x21\x28\xc0\x97" "\x47\x77\xe1\xfa\x48\x43\xf6\x12\xeb\x96\x7f\xd6\x22\x05\xf2\x93\x6b\x00" "\xc9\xd0\xeb\xb0\x9e\x0c\x81\x60\xd6\xc3\xa5\x09\xec\xe1\x86\x7b\x81\xd3" "\x4b\x54\x4d\x5f\xf2\x8c\xbb\xdd\x0b\x92\x26\xf4\x5c\xf5\xc1\xae\x77\xf8" "\x40\x15\xb3\x64\x31\x88\xb5\xd4\xa0\xa4\xfa\x4f\x54\x75\x5d\xb2\xdc\x40" "\x6c\x6e\xf1\xd7\x9c\x79\x1d\xf1\xa9\xcc\xca\xce\xf8\xae\x3a\x06\x0c\x31" "\x5f\x67\xc1\x3a\x65\xf5\xe2\x93\x2e\xbc\xa6\xc9\x07\x34\xbc\x82\xe6\x35" "\x4c\xbc\xfa\xa2\x33\xe1\x7e\x04\x16\xc4\x9d\x39\xe7\xe5\x68\xa8\x5c\x1a" "\x7d\xa9\xd4\x58\x97\x7a\xd3\x59\xba\x09\x15\x62\x72\x2a\x4d\x9b\xe8\x60" "\xa4\x12\xff\x51\x66\x21\x43\x43\x1c\x04\x2c\x65\x39\x02\xe9\x37\x33\xe2" "\xa0\x85\xc0\x42\x85\x36\x1c\x6c\x83\x82\xfb\x91\xa7\xee\x6d\x21\x9b\xc8" "\x54\x2e\xdd\x80\x4a\x37\x24\x26\x8c\x7d\x61\xbf\xe2\xcc\x23\xca\x52\x98" "\xc4\xd7\xa3\x17\xed\xb5\x70\x7c\xd4\x4a\x62\xb4\xa6\xd6\x0d\x6f\x8b\x18" "\xc5\x76\x4a\x0d\x43\x7e\x46\xc1\x1b\x24\xa0\xfa\x52\xda\x18\xa4\x02\xc8" "\x86\x66\xc0\x43\xc4\x48\xc2\x01\x68\x60\x57\xd8\x05\x5f\xfa\x89\x7e\x54" "\xc7\xf9\xb2\xa5\xd7\x91\xfe\x2e\xa9\x49\x6b\xda\x56\xd6\x44\xef\xe1\xb2" "\x7b\x4b\x8b\x91\x68\x6d\xc0\x58\xf3\x62\x7c\x2a\x6a\xe5\xd4\xee\xf7\xc9" "\x0b\x9d\x16\x54\x00\x5a\x71\x98\x10\x3b\x2e\x26\x29\x6e\xf9\x62\xd8\x14" "\xc5\xd8\xfd\xf8\x26\x93\xf2\xcf\x61\x64\x0c\xb2\xec\x07\x2c\xe0\x68\x21" "\xfd\x0e\x8b\xd7\x8b\x69\x6a\x55\x4a\xb5\xfd\x9e\x19\x54\x1c\xcc\xb1\x7b" "\xb8\xb8\xa1\xf5\x3c\xf9\x5d\x7d\xb4\xd6\x10\x19\x4a\xaa\x55\x53\xf7\x76" "\xc5\x9a\xb5\xc1\xc3\xad\xad\x78\xf3\x86\xe7\x80\x6b\x3e\xf3\x28\xa4\x39" "\x3e\x19\xf0\x8a\x5c\xe3\x65\xfd\x4a\x6a\x47\x55\x1a\xa7\xed\xf4\xec\xa9" "\x30\xa3\x17\x3e\x8b\xd9\x46\x34\xfa\xca\x87\xee\xe0\x51\x08\x4a\x41\x43" "\x30\xa1\x0f\xed\x38\xd9\xba\x27\xb4\xf7\x38\x53\x4d\x5e\xd3\x26\x62\x7f" "\x66\xbc\xbb\x2d\x27\x21\xb0\x22\xd3\x1e\xe5\x97\xba\xab\xec\x6a\x16\xcf" "\x76\xdb\xde\xcf\x3b\x2d\x5e\x5f\x34\xc3\x6a\xc3\xa5\xf6\xc6\x3b\xee\x9b" "\xb0\x20\x5d\x35\xf8\x06\x76\xc9\x90\xa4\x7d\x71\x1a\x76\xa4\x51\x53\x7d" "\x50\x0a\x05\xbd\x79\xaf\x88\xc8\x97\x40\x6b\xdf\x60\xf7\xe7\x71\xb6\x96" "\xaa\x9c\x14\x37\x87\x00\x27\x92\xd6\x89\xc9\xf0\x85\xd3\x2a\x1d\x94\xf8" "\xdf\x0b\x77\x41\xc6\xca\x08\xff\x34\x2b\x9c\xfc\xbc\x81\xd7\x45\x2f\x43" "\x62\x7f\xd9\x75\x72\x4a\x7e\x17\x1a\x37\xaf\xf5\xd9\x03\x14\x44\x3f\x88" "\xb6\x4b\xfa\xd8\xad\x1b\x51\x51\x98\xa7\x0c\x37\xdc\xd5\x3b\x70\x03\xe4" "\xca\x9b\x73\x60\xc8\xd5\xbb\x96\x8b\xfc\x54\x86\x7d\x98\x4e\xaa\x83\xd2" "\x7b\xdb\x12\x42\xbe\x7c\xe6\x59\x8e\x8c\x7e\x0a\x4d\x45\x16\xfa\x4f\x65" "\x10\xa8\x8e\xa4\x4f\x21\xcc\x5e\xfe\x50\x10\x20\xd7\xd9\xea\x36\x5a\xf4" "\x5f\x78\xd6\x9b\x5d\x5b\xcb\xaf\x8f\x34\xf3\x75\x59\x33\xd5\xb9\x9d\xe5" "\xb5\x60\x16\x49\xab\x16\x7f\xb9\xd8\x27\xac\xc1\x63\x87\x6b\xce\x0b\x1f" "\x7d\xa2\x7d\xd0\x47\x12\x8d\xe0\x4e\xa4\xe7\xd6\x0b\xf3\x5d\xd2\x29\xa4" "\xc3\x5e\x34\xd9\x6d\xda\xbc\x31\x87\xf5\x2d\xc0\x28\x97\xba\x0f\x99\x39" "\x1c\x45\x13\x95\x79\x61\xf7\x2e\x55\x6c\xa4\xb9\x53\x32\x53\xb4\x4d\x1f" "\x4b\x95\xd4\x8c\x9f\x7c\x08\x22\x12\xc7\x08\x91\xdd\xe7\x6d\x7a\x4e\x5d" "\xb6\xc1\xf4\x6a\x29\x72\x97\x6b\x31\xc4\x65\x78\x05\x21\x84\x1a\xc8\x0a" "\x73\x96\xc1\x6c\x0f\x31\x23\xb3\xb2\x72\xff\xca\x23\x0b\x64\x20\x3a\x6c" "\xa7\xd3\x03\x2d\x1f\x10\xc9\x2f\xee\x94\xb4\x72\x51\x1d\x1f\x62\x53\x75" "\x55\xb8\x1e\x6b\x89\xd8\x00\xa8\x96\x2b\xca\x86\xc3\x60\xd3\x60\x98\xc4" "\xfa\x9f\xbf\x36\xc9\x3b\x29\x18\x20\x8c\x86\xa6\x4f\x75\x6c\x24\x10\x57" "\xc2\x85\x4a\xd1\x70\x9b\xd2\x00\xf6\x69\xf6\x9b\x6f\x92\x9d\x9d\x19\xff" "\xb9\xc5\xe5\x33\xfb\xcb\x38\xcd\x35\xb6\x1f\x0a\x50\x1c\x7f\x30\x3d\x26" "\x3b\x82\x01\x25\x25\x7d\x1c\x15\x52\x2a\x48\x70\x3e\xf9\x56\xd9\xd7\x7f" "\x68\x0f\xbd\x03\x0a\x0a\xce\xb9\x07\xa0\x4c\xf5\x1a\x1c\xbd\xed\x2e\xea" "\x90\xcc\x8c\x70\xb4\x04\xc2\x87\xca\xc4\x12\x67\x49\xb8\x4d\x57\x2b\xfb" "\x4c\x8f\xb4\x17\xc5\x22\xfb\x98\x1e\xab\x99\x41\x48\xa9\xcf\xee\x5e\xf7" "\x38\x75\x74\xc7\x57\x7b\x6f\x61\x66\xa9\xac\x00\x20\xa0\x8f\xad\xe9\x99" "\xcb\x86\x21\x77\x35\x45\xf2\xb8\x84\x12\x84\x7f\x6b\xf2\x5a\xde\x58\x7d" "\xbc\x46\xb1\x0f\xcb\xfb\x16\xe5\x9f\xea\x57\xfa\xa6\xe2\xd2\x43\xbd\xaf" "\x97\xb3\x1c\x95\xff\x1b\xe1\xba\x23\xf6\x16\xfe\x71\x38\x34\xf5\x26\xf8" "\x53\x95\x92\xb0\x8c\x7c\x58\x09\xc4\x9f\xb5\x73\x07\x96\x1a\x14\x0e\xbc" "\xf3\x82\x31\x27\x8d\xf9\xc0\x5d\x90\xf7\xda\x15\xf1\x66\x86\xde\x38\x8b" "\x42\xeb\x8e\x7a\xf2\xe9\xc5\xd9\xbb\xb5\x9a\x05\x64\x2a\x4d\x30\xec\x5a" "\x8f\xb2\xd4\x8a\x7c\x88\x2f\x2e\xce\xc6\xe4\x84\xc6\x7a\xa6\x21\x95\xcb" "\x67\x0e\x8e\x8a\x44\x3d\xa7\xe4\xb2\xcd\x69\x73\x09\xd6\xb1\x54\x32\xe6" "\xd4\x99\x1f\x59\xc6\xb5\xb1\xd0\x93\xb9\x71\xac\x00\xa0\x38\x84\xca\x25" "\x9d\x40\x92\x90\x4e\xae\x24\x80\x9f\x63\xeb\xc9\xaf\xff\x16\xc8\x5d\x45" "\xfa\x45\x26\x70\xae\x9d\x21\xe2\xff\xf4\x5a\x82\x6e\xab\xef\x18\x6e\xc8" "\x23\x55\x96\x82\x47\x6c\xf9\xe4\x0e\xe3\xfd\x46\x29\x03\x41\x15\xf4\x6b" "\x09\x7f\x3b\x29\x73\x98\xa7\x91\xda\xfd\xf7\xcd\xa8\xdd\x03\xbc\x18\x16" "\x2d\xe7\x92\xd8\x8c\x08\x9d\x43\xbb\x4a\x43\xa2\x7e\x15\x1c\x5b\xeb\x8e" "\x6a\x44\x50\xc6\x02\xf2\xd2\xa5\xc0\x85\x5b\xb5\x0e\xbc\xa8\xae\x44\xde" "\xcf\xb6\xf7\xc9\xd7\x32\x98\x0c\x1f\xdc\xee\xdf\x06\xe4\xf8\x41\x8e\xb8" "\x39\x23\x2d\x4b\x7a\xa4\x85\x25\x2e\xeb\x9e\x3c\xd0\x0c\x5a\xbc\x2b\x7e" "\x5a\x3c\x69\x6f\xda\xc9\x56\x62\xa3\x4d\x88\x2e\x16\x94\xa0\xee\x09\x7c" "\x08\xb4\xd8\xa1\x39\x79\x87\x98\x6f\xb5\xdb\xed\x44\x79\xd1\x3c\x6f\x88" "\xee\xcb\xee\x7b\x78\x5f\xe7\xb6\x90\x7a\x6c\x29\x30\xf6\x5a\x05\xfb\x00" "\x3f\x30\xba\x98\x57\x33\x34\x46\x1b\x19\x8d\x08\xd4\xe5\x9a\x39\xb7\xed" "\xad\xf5\x7d\xa2\x7a\xdd\x1b\x59\x70\x9c\xa8\x1d\x23\x9a\x45\xbb\xe5\xd0" "\x93\x2d\x37\x98\xd3\xf4\x03\x49\x5e\x2c\xff\x7a\xd8\xdc\x0a\xca\x43\xc0" "\x86\x56\x9a\x86\x0b\x1e\x23\xea\xc0\x15\xf1\xce\x25\x19\x80\x03\xce\x57" "\x94\x94\x54\x8b\xd5\x46\x02\xa0\xcc\x43\xe2\xf3\xd8\x40\x82\xcd\x6b\x9f" "\xa0\x5d\xee\x91\x70\xf1\xf6\x71\xfe\xf4\x42\x97\xb8\x54\x22\x2d\xe1\xb9" "\x54\x98\xe1\x43\xe2\x1d\x29\x97\xe2\x66\x08\x1e\x3a\xc0\xcc\x73\xd4\xb2" "\xb0\xc6\x6c\xff\xe9\x31\xc4\xe2\x2b\x45\x2e\xf3\xfd\xb1\x93\x8d\x10\xfe" "\x88\x51\xe3\x62\x9e\xb2\xe2\xdc\x24\x1c\x73\xf8\x70\x7e\x24\x7f\x3a\x42" "\xd8\x08\xa3\xbd\x6f\x99\x37\x40\xec\x28\x7e\x97\x04\xc3\xc5\xcb\xc0\xb3" "\xb9\x13\x97\xd6\x57\x44\xbf\xf1\x4f\x55\xfa\x4d\xc7\x7f\xab\x93\x55\xac" "\x46\x50\x3f\x03\xe8\x40\xb3\xc3\x5d\xd2\x7d\x5a\xe7\xeb\xcc\x84\x24\x1f" "\xdf\x27\x17\x78\xe8\x03\xb0\x23\x72\x26\x51\x01\x44\xc0\xa4\x8a\x5c\xf8" "\x6a\x79\xdd\x6f\x5d\x85\xa1\x5a\x1a\x16\x46\x59\x4f\xa7\x73\x66\xf1\x06" "\x81\x62\x40\x73\xdd\x73\xfa\xe3\x52\x42\x94\xe9\xf8\x28\x6f\xe2\x06\x26" "\x01\x12\xe5\xdf\x1a\x12\x92\xfe\x15\x06\x8a\xd9\xc9\x25\xbc\xf1\x7a\x9a" "\x55\x99\xa7\xd0\xec\x94\xa0\xeb\x15\x50\x4f\x96\x95\xfb\xb2\xb6\x4b\xd2" "\x37\x3d\xda\x58\xcd\xec\x0b\xda\x8a\x1d\x5d\x6d\xe9\xf2\xfd\x09\x04\x98" "\xc3\x03\x1d\x16\x4d\x74\x9c\xfd\x85\xaa\xc8\xf9\xa1\x34\xb9\xb4\x94\x72" "\xec\x93\x30\x50\x49\xee\x90\x3a\x70\x50\xd1\xb9\x9e\x72\xa5\xad\xcb\xfe" "\x56\x9a\xcd\x6f\x24\xd3\x15\x37\x6b\x9c\x93\x94\xc0\xa9\xa6\x47\xdf\x66" "\x6a\x89\x9e\x06\x66\x4a\xb7\xeb\xf3\xda\xec\x14\x4c\xdc\xb7\x5a\x1a\x93" "\x28\x86\x82\x44\x80\xde\xac\xe9\xd2\xfd\x67\xf6\x6a\xcc\x34\x8f\x41\xe2" "\x3c\x35\x7e\x28\xb4\xcf\x2c\x4d\xb1\xf9\xa5\x82\x62\x6e\x3e\x97\xee\xd3" "\x1d\x5c\x24\xd7\xfc\xfe\x40\xdd\x45\x26\x59\x5b\xf1\xa1\xed\x9b\x46\x0c" "\x38\xb9\x97\xc7\xf6\x95\x1d\x80\x47\x01\x06\x44\xc1\x03\xcd\x03\xa8\x1f" "\x2b\xfc\x3e\x21\x4e\x37\xd1\x91\x1d\xb6\x80\x75\xe8\xaa\x42\x79\xc3\x58" "\x8d\xc1\x62\x9a\x71\x5a\x1a\x66\x18\xcd\x7e\x5e\xb5\xbc\x46\x95\x87\xa7" "\x7d\x2e\x9e\x2a\xff\x39\x25\x6c\x42\x49\x08\x5e\xf4\x15\x0f\x46\x70\x4b" "\x98\x89\x13\xa0\x3e\x2f\x53\xe4\x57\xf2\x25\xe0\xfb\xce\x0d\x26\x74\xea" "\x87\x8b\x4c\x30\xfe\x84\x1c\xea\x1f\xed\xba\x41\x85\xe4\x16\x32\x95\x96" "\xbb\xd1\xfd\xf8\xe6\x2f\xff\x02\x28\x41\xda\x1f\xcc\x57\x4a\x6d\x9d\xeb" "\x30\xd3\x6a\xa7\xf3\xb6\x45\x11\x65\xdd\x17\xfa\xa5\x4c\x38\xd7\x6d\x75" "\x68\xeb\x4e\x54\x7e\x8a\x3f\x7d\x6b\xf7\x02\x81\xaa\x08\x29\x5c\xcc\x11" "\xe7\xc8\xb9\x08\xac\xbe\x58\x1e\xd4\x2b\x73\x28\x3d\x7e\xae\x1b\x14\x20" "\x8a\xe6\x58\xc7\x37\x76\x8d\x48\x6e\x5b\xf2\x50\x6d\x27\xc1\xf7\x42\x79" "\x3c\xe2\xaf\xc9\xb5\x9d\x81\x3e\x27\xc1\xb6\x37\x9b\x72\x6b\xe7\x63\xc2" "\x79\x3d\x7d\xe8\x9b\x74\x12\xa6\xf8\x2d\xed\xa0\x54\xfb\x8a\xbf\x58\x09" "\xd5\x44\x83\x09\x78\x61\x1b\x8d\x10\xae\x1a\x1d\x98\x45\xdf\x51\xff\xaf" "\x88\xe5\x45\x1b\x51\x67\x6f\xb5\x52\x62", 4096); *(uint64_t*)0x200017c8 = 0x1000; *(uint64_t*)0x200017d0 = 0; *(uint64_t*)0x200017d8 = 0; *(uint64_t*)0x200017e0 = 0; *(uint64_t*)0x200017e8 = 0; *(uint64_t*)0x200017f0 = 0; *(uint64_t*)0x200017f8 = 0; syscall(SYS_writev, r[0], 0x20001780ul, 8ul); } int main(void) { syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul, 0ul); for (procid = 0; procid < 6; procid++) { if (fork() == 0) { loop(); } } sleep(1000000); return 0; }