// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357 // autogenerated by syzkaller (https://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #define __syscall syscall uint64_t r[1] = {0xffffffffffffffff}; int main(void) { syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul); intptr_t res = 0; memcpy((void*)0x20000140, "./bus\000", 6); syscall(SYS_mknod, 0x20000140ul, 0x2000ul, 0x4086337); /* major = 99, minor = 264247 */ *(uint32_t*)0x200000c0 = 6; *(uint64_t*)0x200000c8 = 0x20000080; *(uint16_t*)0x20000080 = 0; *(uint8_t*)0x20000082 = 0; *(uint8_t*)0x20000083 = 0; *(uint32_t*)0x20000084 = 0; *(uint16_t*)0x20000088 = 0; *(uint8_t*)0x2000008a = 0; *(uint8_t*)0x2000008b = 0; *(uint32_t*)0x2000008c = 0; *(uint16_t*)0x20000090 = 0; *(uint8_t*)0x20000092 = 0; *(uint8_t*)0x20000093 = 0; *(uint32_t*)0x20000094 = 0; *(uint16_t*)0x20000098 = 0; *(uint8_t*)0x2000009a = 0; *(uint8_t*)0x2000009b = 0; *(uint32_t*)0x2000009c = 0; *(uint16_t*)0x200000a0 = 0; *(uint8_t*)0x200000a2 = 0; *(uint8_t*)0x200000a3 = 0; *(uint32_t*)0x200000a4 = 0; *(uint16_t*)0x200000a8 = 0x210; *(uint8_t*)0x200000aa = 0; *(uint8_t*)0x200000ab = 0; *(uint32_t*)0x200000ac = 0; syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul); memcpy((void*)0x20000100, "./bus\000", 6); res = syscall(SYS_open, 0x20000100ul, 0ul, 0ul); if (res != -1) r[0] = res; *(uint64_t*)0x20000180 = 0; *(uint32_t*)0x20000188 = 0; *(uint64_t*)0x20000190 = 0; *(uint64_t*)0x20000198 = 0; *(uint64_t*)0x200001a0 = 0; *(uint64_t*)0x200001a8 = 0x210; *(uint32_t*)0x200001b0 = 0; syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul); *(uint32_t*)0x20000080 = 3; *(uint64_t*)0x20000088 = 0x20000040; *(uint16_t*)0x20000040 = 0x44; *(uint8_t*)0x20000042 = 0; *(uint8_t*)0x20000043 = 0; *(uint32_t*)0x20000044 = 0; *(uint16_t*)0x20000048 = 0x3c; *(uint8_t*)0x2000004a = 0; *(uint8_t*)0x2000004b = 0; *(uint32_t*)0x2000004c = 0; *(uint16_t*)0x20000050 = 0x6406; *(uint8_t*)0x20000052 = 0; *(uint8_t*)0x20000053 = 0; *(uint32_t*)0x20000054 = 0; syscall(SYS_ioctl, -1, 0x80104267ul, 0x20000080ul); *(uint64_t*)0x20001640 = 0x20000200; memcpy( (void*)0x20000200, "\x85\x32\xd2\x24\x63\x7d\x09\x49\xf9\xa9\x07\xe3\x39\xcd\xdf\x82\xf5\x6d" "\x33\xe5\x08\x98\x28\x0d\x16\x4b\xd1\xea\xb8\x75\x80\x79\xdb\xa3\x91\x09" "\x02\xf4\x7a\xa3\xb2\x85\xa9\xbe\x61\x82\x5b\x09\xb5\xff\x7e\x54\xa2\xca" "\xaf\xf9\xbc\xd9\x9a\xff\x28\xae\xdd\x97\xe2\x76\x36\x09\x38\x01\xee\x1a" "\x02\x72\x40\xaf\x51\xda\x43\x3f\x68\xe3\x5f\x19\x7f\x79\xe1\x79\x60\xd9" "\x74\x4d\xcb\xa1\x63\xfa\xe8\x95\x35\xb5\xc3\x29\x74\x6f\xe9\x4f\xfd\x9d" "\x4f\x78\x7f\x9f\xf0\x09\x0f\x45\x15\xd4\xae\x8f\x35\xd8\xf4\xcc\xeb\xf6" "\x08\x30\xe7\x7d\xdc\x0e\xd9\xf5\xda\x3e\xd9\xc9\xb6\x71\xf5\xa0\xc0\x75" "\x95\x6c\x7e\x71\x46\x1f\xfd\xce\x3d\xd3\xe1\xd0\x7e\xb6\x71\x35\xe5\x2a" "\x1f\xc9\x7e\xc0\xbf\xb8\xf7\x2d\x40\x03\x58\x90\x3e\x4c\x65\x1a\x57\xbe" "\xc7\x22\xda\xd7\x27\x35\xe7\xa1\xe1\xd3\xe2\x1d\x5f\xfc\x9d\x16\x70\xca" "\x52\x3f\xd2\x43\xfd\x28\x9e\xa2\x0d\xbe\xb2\x65\xe4\xd8\x2c\xba\xec\xcb" "\x8f\xb0\x96\x46\xbe\x80\xd6\x00\x22\x74\xa8\x96\x13\x69\x5a\xa1\xd1\x3d" "\x09\x44\xfa\x89\x11\x49\x93\xba\xce\xc6\xe9\xb0\xe0\x5c\xdc\x5a\x86\x7b" "\xc4\xe9\x85\x79\x31\xeb\x46\x61\x90\xe2\xd1\x0c\xb4\x72\x8a\x0d\xd1\xed" "\xe3\x6c\xb9\xd6\xeb\xaf\x80\xb8\x01\x02\x58\x3f\x58\x26\x8e\xda\x4e\xa8" "\xd0\x20\x22\xf9\x9f\x3b\x7a\xa7\x36\xaf\x11\x73\xef\x4c\xa8\x37\x0c\xff" "\xa3\xf7\xe9\x92\xa0\xae\x17\x47\x69\x61\xea\x32\x24\xa7\x8c\x54\x3c\x5a" "\xf1\x47\xbc\xbd\x61\x56\xd3\xd8\xb7\x86\x4f\x57\x93\x9c\x3b\x17\x1d\xa2" "\x1f\xb4\x90\xc8\x9a\x83\x57\x51\x8e\xb7\xa6\xb8\x82\x71\xf5\x68\xea\x4d" "\x50\x24\xdb\xc5\x12\x01\xb1\x23\xaf\x1f\xfd\x7a\x44\x62\xeb\x0a\x40\x60" "\xc1\xc4\x5b\x8a\x03\x8f\x46\xd3\xfa\x7a\x1f\xf5\x1d\x6e\xfc\x4c\x97\x99" "\xc2\xcd\xb4\x06\xb2\x7b\xcf\x46\xc3\x6b\xbe\xd9\x74\x61\xbf\x4c\x3c\xa7" "\x13\x17\x40\xb8\x62\x4d\x44\xe7\x18\x43\xed\xce\x1d\x95\x04\x6a\xa8\xe5" "\x0e\x89\x49\x2f\xde\xa0\x21\x6e\x65\x4e\x98\x93\x00\x96\xd5\xff\xa5\xe3" "\x5d\x45\xc9\x93\xe3\x78\xa9\x59\xa1\x2f\x5a\xa5\x5a\x41\xc4\xbc\xc3\x71" "\x22\xe8\x85\x7e\x3b\x17\x2f\xdb\xcd\xf6\x89\x1e\x4b\x06\x99\xcb\xa5\xcc" "\xe2\x0e\x01\xd5\xe2\x8f\xee\x5c\xdb\x08\x65\xbd\x45\x14\x5d\x2e\x47\x13" "\x23\x01\xec\x0b\xb1\x34\x9b\xec\x3a\xf9\xbc\x86\xf2\x00\x59\x9d\x41\x83" "\x2b\x8c\x6b\xf9\xb3\xc7\x0c\x33\x77\x40\x5c\xe5\xc8\x4a\x64\x5d\x1f\x89" "\x68\x35\xc5\x3d\x71\x04\x9e\xf5\x8a\x5d\x8a\x63\xac\x72\xb3\x98\xc8\x5f" "\x15\xfb\x2c\x9f\x44\xd9\x86\xfa\x35\x0a\xd0\x54\xb0\x8f\x17\x4c\x30\x64" "\x08\xc4\x0b\xbf\x6d\xc7\x5c\xc2\x69\xdc\x17\x3c\x49\x8c\xa6\xb0\x3c\x44" "\x0f\x75\x85\x1f\x79\x58\x53\xfb\xcc\x55\x38\x37\xc2\xd5\x89\x65\xc1\x9f" "\x95\x26\xeb\x19\x5d\x97\xac\xd4\x51\x37\xd3\x84\x25\xd9\x9d\x8a\x09\x1d" "\x76\x00\x99\x22\x0e\x93\x3a\x93\x7b\x8c\xc6\x40\x28\xff\x6e\xbf\x05\x9d" "\x8f\xea\x1f\x23\x46\xb7\x93\xb9\x8f\xc5\x27\x9c\x45\xcf\xee\xda\x47\x96" "\x4c\xbf\x48\xa0\x64\x97\x7d\xe8\x84\x08\x48\xb1\x85\xc1\x4c\xb5\x10\x10" "\x26\x7f\xe6\x7b\xfb\xa0\xd2\xe2\xc7\x26\x60\x79\x1c\x61\x1b\xe8\x37\x67" "\x64\x90\x7b\x43\x3e\x0d\x59\x52\x10\x0a\xbd\x63\xec\xe8\x0b\x80\x36\xc5" "\x08\xb4\x29\x72\x19\x78\x22\x18\x50\x9d\x25\x8c\x26\x63\xd5\x41\xbf\xa0" "\xca\x9d\x67\xfd\x27\x5f\x48\xf1\x89\x25\x7c\x8d\x6b\x1f\x8a\xca\x78\xdf" "\xea\xa2\x9a\x1f\xe1\xe2\xa5\x60\x46\x5f\x92\xc0\x33\x85\x86\xc3\xd4\x1d" "\xe7\x3f\x41\x63\x05\x45\x9c\xef\x81\x01\x07\x92\xb8\x84\xa8\xcc\xd7\x81" "\xd3\x29\x24\x0c\x60\x4e\x16\x13\xc4\xaa\x4a\xe7\x0a\xae\x24\x9a\x8d\x62" "\x85\xbd\x2b\x75\xf3\x77\xa2\x55\xdd\xca\xaf\x77\x28\x1a\x13\x43\xb8\x71" "\x18\x9e\x60\x37\x6f\xd4\x36\x57\x43\xe0\x9c\x07\x47\xda\x98\xab\x18\x29" "\x96\xc4\x1f\xd6\x8b\xf4\x6f\x4e\x23\x38\x1c\xef\x57\xdc\x26\xce\x06\xd7" "\x9b\x82\xa5\x9f\x57\x57\x2c\x2d\xcb\xdd\x08\x9d\x42\x1b\xa3\x7c\xac\x74" "\x15\x41\x57\x97\x29\x44\x58\xb6\xbe\x3a\xae\x9f\xdf\xa3\xa4\x48\xd3\x3d" "\xc6\x84\xc5\xad\xb0\xab\x95\xfe\xe0\xe3\xca\x87\x8b\x69\x37\x12\x91\x0e" "\x6d\x1d\xe4\xf9\x4b\x09\x55\x6a\x5e\x20\x0e\xcb\x20\x18\xe4\x01\x8c\x50" "\x30\x1a\x6f\x04\x46\x97\xf7\xf8\x33\xb9\x00\xa2\xaa\x67\x65\x16\x89\xe6" "\x39\x68\x62\xb5\x37\x8c\x33\x7d\x11\xc8\x4b\xb1\x73\xb1\x9d\xf8\x26\x2e" "\xe9\xe8\x8b\x14\xaf\x78\xbd\x83\x6f\x44\x5d\x50\x6b\x7e\x27\x48\x73\x0f" "\x0f\x7c\x98\x03\x2e\x49\x68\x37\xe6\x1f\x64\xe8\x37\xe8\x5a\xdb\x6a\x88" "\xbd\x8f\xe6\x8e\x09\x26\xd6\x9c\xc0\x07\x3d\xc5\xcc\x8f\xa5\xab\xd7\xec" "\x17\xbc\xc6\x03\xe5\x87\xee\xff\x78\xa9\xca\xef\x45\xa0\x4a\x7c\xb4\x65" "\x64\xf6\x8b\x4c\x8e\xda\xf6\x05\xdc\x71\xef\x26\xe5\x64\xd7\x81\x18\x8c" "\x44\x81\xda\x74\x58\x7f\xb1\xba\x8f\xda\xd0\x88\x1b\x6d\xcf\x90\x2d\x60" "\xb2\xbd\x3d\x52\xb4\xb5\x93\x3f\x7d\x3b\x21\x83\x96\x91\x86\x29\xef\xf5" "\xd3\xa6\xce\xf4\xa7\xc5\xf4\xb4\xe8\x93\x85\x8a\xf4\xbf\x08\x33\xe5\x4a" "\xe0\xb4\x15\xd0\xbd\xdc\x5d\x7e\xf4\xc8\xeb\x65\xbc\x48\x7c\xc3\xd5\xda" "\x96\x12\x0b\x12\xc3\x01\x85\x20\xa1\x91\x8a\xea\x67\x70\xd3\x07\x59\x14" "\x81\x4a\x69\xa0\x9e\xe2\xfa\xd5\xb6\x0c\x4e\x86\x99\xc3\x9a\x0b\x43\xe8" "\x21\x59\x38\xfc\x8e\x96\x01\x60\x3a\xad\x4b\x11\x48\xd2\x4c\x96\x28\xa5" "\xd9\xed\xd1\xd7\xf9\xfc\x36\x95\x96\xfc\x1b\x9b\x64\x1d\x40\xa5\x38\x5d" "\x5a\xe0\x4b\xfd\x6f\xa8\x3b\x09\x6d\x81\x5d\xf4\x58\x96\xc9\x95\x81\xc3" "\xad\x36\xba\x8a\xa0\x35\x39\x5c\x66\xd1\x08\x1a\xe5\xc2\xb2\x0d\xd3\xac" "\x8c\x61\xc1\x65\x74\x51\x54\xd8\x77\x2c\x43\x75\xe1\xed\x3a\x8a\xa2\x6e" "\x00\x06\xc9\x9e\x42\xbf\xa0\x73\x18\x56\x11\x2e\xb5\xb0\xa8\x7f\x88\xbe" "\x72\xe7\x71\x42\x97\x2f\x3f\x8f\xe7\x22\x51\xd1\x18\x64\x45\xb3\x0a\xa0" "\x4c\xa9\xcf\xde\xe3\x27\x7d\x02\xe9\x0a\xe7\xaf\x11\x2f\x7f\xc1\xe4\x88" "\x89\x0d\xb7\x74\x00\x49\xb0\x7a\xc2\x02\x85\x12\x36\xf7\xda\x0e\xd7\xf1" "\xfa\x3a\xa4\x95\x1f\xff\x01\x7e\xe2\x87\xfc\x4f\x7b\x9b\x25\x82\x6a\xf6" "\xf0\x75\x51\x3c\xe2\xba\xe0\x1f\xd5\x1e\x09\xf6\x1b\x0c\x25\x31\xb1\x68" "\x0b\x95\x55\x19\x06\x60\xb5\xda\x4a\x7b\x77\xbd\xb1\x6c\xca\x35\x23\x0d" "\x79\x81\x39\x61\xb5\x1c\x62\x75\x61\x06\x4a\xcc\x49\xbe\x8e\xe0\x54\xdc" "\x11\xec\xed\x5a\xbc\x56\xf9\xce\xb0\xaa\xbb\x2e\xf3\x10\xa8\x93\xe6\xc6" "\x7f\xfb\x6a\x5f\x14\x19\x17\xc7\xfc\x0d\x19\x6f\x7d\x67\x25\xf9\xfb\x0a" "\xdf\x79\x3f\x64\x3a\xd4\x03\xd5\x70\x9a\x0b\x53\xd7\xe1\xd6\x67\xa9\xd8" "\x8b\x98\xf3\xfd\x26\xed\xc7\x51\xd8\x5c\x64\x9d\xd4\xb6\x1d\x09\xbd\x98" "\xfd\x65\x8b\x25\xbd\x54\x9b\xb2\xc3\xdf\x86\x19\xf5\x73\x36\xb0\x2e\xf2" "\xda\xda\x79\x6c\x70\x68\x2a\x7f\xd9\xdd\xa4\x39\x0f\xce\x9f\xab\x6f\x62" "\xb8\x69\xaa\x6c\x44\x8b\xec\x00\xbb\x8c\xea\x09\x3b\xb1\x92\xc5\xe6\x86" "\x94\xf7\xd9\x5e\x26\xd7\x6a\x62\xd8\x84\x75\xa5\xa6\x42\x48\x25\xb4\xef" "\x17\x7f\xb7\xa6\xa1\x72\xe4\x42\x96\xa4\xa5\x71\x08\x8a\x3a\x7a\x19\x7c" "\x3f\x3e\x1e\x5d\x71\x1a\x90\x56\xd8\x1a\xfa\x10\x38\xd1\x98\x9c\x43\x2f" "\x39\xa2\x0c\xf8\x51\x15\xc5\x6c\xc8\xd8\xc2\x35\x12\x95\x8f\xce\xfb\x08" "\x57\x3f\x28\xe0\x59\x08\x7e\x56\xe7\x5b\x5a\x4c\x10\xba\xdf\x62\x29\x2f" "\xa9\x40\x93\xb1\x7d\x8e\x02\xaf\x49\x85\xcb\xac\x0b\x21\xb2\xe1\x10\x0b" "\xb9\xa0\x67\x83\x3f\x20\x08\x4c\x01\xff\x56\xfe\xe0\xdc\xb3\x3d\xb9\x58" "\x0f\x19\x12\x56\xf3\x28\x87\x9a\x81\x3a\xf7\x79\x92\x8f\x4e\x24\x33\xe7" "\x60\x06\x97\xa1\xc6\xbe\xe2\xd8\xc3\xc9\x5e\xdd\x0a\x6e\xec\x31\x63\x5c" "\x49\x7a\x06\xfd\x37\x8c\xe2\xab\xab\x9e\xf0\xec\x03\xec\x15\x4c\x5b\xcd" "\xbe\xf0\xbe\xc8\x0d\xc4\xef\x2e\x94\x0b\x09\x56\xe4\xeb\x08\xec\xb1\x94" "\x44\x06\x56\x80\x61\xde\x63\xe2\x35\x43\x14\xae\x37\xfa\xaf\xdf\xc9\xe0" "\x0b\x42\xb9\x9e\xf6\x16\x10\x24\xc5\x6e\xba\x1c\xf3\x08\x64\x5f\x13\xd5" "\x93\x28\xc8\x90\xe6\xc7\xf3\x0a\x2c\xc5\x8b\x1c\xc5\xc6\x93\x47\xcb\x2d" "\x41\x70\xc3\xf3\x17\xf5\x7d\x8c\x5e\x39\x97\xe4\x31\xc4\xf6\x0c\x88\x8c" "\xc1\x1c\x1b\x2a\xf3\xf4\xf9\x8a\xf5\xab\x08\x11\xe2\xcf\x85\xf2\x40\xb8" "\xcd\xf0\xf8\x84\x01\x14\x9a\xfa\x09\xae\xd8\x18\x67\x53\xa7\xc2\x15\xda" "\xb0\x52\xd9\xa6\x10\x26\x78\x57\xdc\x43\x63\xac\xc6\x86\x71\xfa\x36\x0d" "\xee\x98\x07\xb1\xce\x4f\x6d\x32\x02\x00\xf6\x6a\x46\xc3\x3c\xdb\x34\xd1" "\x8e\x9b\x7c\x6f\x96\x3a\x0e\x0f\xb9\x27\xd5\x6f\x1a\xcc\x34\x81\xfc\x77" "\x91\x68\xbe\x90\x63\xe5\x82\x95\xf2\x47\x62\x54\x26\x17\x56\xda\x00\x96" "\x08\x8d\x0e\xa2\xaa\x4e\x33\x50\x4f\x88\x0d\xe5\x88\xdf\x0b\x98\x50\xb4" "\x86\x69\xd2\xd2\x1c\x98\x69\x29\x20\x61\xa8\x59\x2b\xf2\xb3\x36\x25\x6d" "\x23\x34\x66\x43\x8d\x94\xf0\x41\x59\x08\x5b\x2d\xc0\x4f\x53\x5b\xaa\xce" "\xeb\x43\x7c\x1e\x98\x10\xf3\x52\x98\x08\xdd\x5c\x06\xfc\x81\x58\x06\x1c" "\xac\x11\xa7\x09\x6b\x36\x85\xbe\x31\xb9\x63\xb7\x19\x83\xd8\x1d\x4d\xbd" "\x09\x14\x0a\xa5\x0c\xa1\x4d\xaa\x9d\xf1\xc3\x8a\x20\x25\x9a\x24\x55\x6c" "\x35\xc2\xae\xbb\xec\x74\xcd\xea\x26\xb8\xb8\xac\x35\x39\x18\x5e\x67\x79" "\x78\x2b\x9c\x8f\x36\xe2\xff\x64\x2f\x18\x03\x27\xcf\x6b\x95\x05\x2a\xcd" "\x1c\xce\x02\xb2\x0b\xce\x47\xee\xd6\x54\xf4\x07\x11\x22\x7d\x25\xc1\x1d" "\xfa\x4f\xdd\x9a\x79\x7f\xc7\xc7\xaa\x17\x93\xb2\x44\x05\x76\x6d\xf4\x43" "\x46\xdb\x6b\x90\xcf\x7f\x9e\xf6\x88\xd1\xaa\x37\xa0\xb2\xf2\xe1\xc0\x18" "\x2b\x3f\x5a\x89\x30\x7e\xe0\x1f\xf5\x17\x02\x4b\xa5\x1c\x16\x71\xf3\xb5" "\x85\x23\x0d\xa9\x25\xf2\xbb\x09\x00\x00\xf8\xe8\x86\x8a\x61\x1f\x21\x62" "\xb3\x9f\x34\x67\x1f\xf1\x14\x3d\x7c\x57\x34\x6d\x16\xec\xef\xd1\x72\xd5" "\xf4\xe0\xb9\x27\x0d\x64\x02\x6c\x70\xbd\x0f\x0c\xc3\xa2\x93\x44\x75\xc8" "\xf4\x91\xec\xe1\xa8\x09\xb2\xe3\x20\xcb\xec\x93\xb8\x47\x88\x94\xd8\x5d" "\xad\x16\x20\x4e\x42\x95\x08\x2f\x2e\xf9\xf8\x1b\x6a\x00\x99\x53\xd2\x0d" "\x3f\xa3\xc3\x0b\x90\xc0\x8f\x9d\x4e\xcf\xa3\x82\x37\x04\x6e\x53\x00\xd0" "\xea\xad\x7e\x34\xc9\x47\xca\xa3\x31\xa6\x34\xa9\x14\x96\xfd\x6d\x7f\xc0" "\x78\x0f\x68\xad\x10\xfd\x07\x4c\x12\x39\xfb\xea\x11\x73\xd1\x2c\xd9\xcb" "\x46\xd4\x58\x8b\x4e\x01\x1e\x9e\x30\x9b\xcf\xd0\xd9\x23\x90\xb7\xc7\x61" "\xe3\x37\x45\xf9\x8c\x0d\x99\xf6\xe2\xb9\x1b\x89\x15\x01\x26\x3c\x37\x50" "\xea\x49\x24\x24\xc9\x8c\x7b\x39\xce\x15\xb0\x8b\xe5\xc2\x17\x8e\x33\xa3" "\xca\x19\xfb\xb1\xda\x0b\x08\xef\xba\x4f\xdb\x88\xe8\x38\x0d\x68\xa2\xde" "\x03\x24\x00\x2f\x92\xf2\x48\xb0\x7a\x77\xa7\x74\xf8\x9e\xf5\xfd\xa4\x6d" "\x83\x05\x68\x0c\x4a\x25\xad\xc3\x87\x02\x56\x9b\xa6\x3d\x5f\x69\x43\xd8" "\xa9\xb3\x22\x58\x04\xe5\xa6\xf5\x44\x73\x67\xc0\x44\x44\xbc\x68\x0f\x2d" "\x66\x71\x41\xe3\x5c\xa4\x8e\x57\xb6\xb2\x16\x88\x8c\xba\x05\xa2\xb5\x55" "\x14\x1b\xed\xa8\x4a\x3c\x78\x01\xc1\x9a\x2f\xbd\x10\x01\x5d\x0f\x71\xf0" "\xe6\x0d\xcf\xfd\x8e\x91\x3f\x75\xb8\xaa\x2f\x85\x97\xc0\x5e\x9c\x48\xa3" "\x6b\xed\x20\xd1\xd4\x50\x8e\x6f\x90\x23\xdd\x56\xd9\xdb\x2c\xc0\xf9\x57" "\xe3\x46\x90\xaf\x16\x17\xb9\x88\x58\x44\x0a\x63\xca\x87\xb7\xe6\x70\x30" "\x8e\xe1\x1c\xf8\xca\x99\x7b\xab\x8d\xc4\x1f\x4a\x46\x35\xeb\xf6\x95\xd2" "\x38\x83\x66\xdd\xf4\xe0\x88\xf0\x5e\x21\x7e\x32\x3c\x3c\x36\x22\x38\xa7" "\xbc\xb3\x10\xc8\x98\x76\x93\x98\xdd\x13\xe4\x63\xed\x81\x54\xe4\x45\xee" "\xc4\x43\xf5\x67\x36\x01\xe5\x79\xf3\xd2\xd5\x55\x08\xf2\x05\x3f\x66\x1e" "\x4c\xb7\xa3\x3c\x40\xa0\x26\x4c\x5d\xed\x52\x8d\x88\x06\xcd\x91\x1f\xbf" "\x4c\x2a\xa3\x83\x51\x01\x80\xd0\x88\xfc\x92\xd5\x32\x5d\x9c\x8d\xcc\x83" "\xc4\xb9\x61\xfb\xd2\x5f\x69\xf3\x8f\xe1\x0d\x07\x0d\xe4\x9c\xf2\xde\x1a" "\x09\xef\x89\xa1\x16\xc3\xba\xb2\x18\xe2\xd5\xcf\xe4\xdd\x36\xa7\x5a\xe1" "\x71\x71\x57\xa9\xbd\x20\xb8\x80\x5f\xc6\x21\xef\x7b\xcf\xc7\x42\xcd\x95" "\x4b\x43\x3d\xd8\xcc\x25\x80\xd3\x51\x3c\xfa\x6f\x41\x84\x8e\x47\xf6\xc8" "\x37\x56\x1b\x3d\xc5\x35\xeb\x6e\xc7\x0b\x7c\x78\xcf\x10\xd8\x69\x54\x7f" "\x22\x7d\x1c\xbf\x33\x81\x5b\x8f\x41\xef\x6f\xb6\xdd\x76\x98\x7b\x92\x2c" "\x8e\x10\xe7\x6e\xde\x7a\x34\x2f\x44\x32\x56\x78\xc2\x5b\xc4\xf2\x49\x8e" "\x1b\x28\xc3\x60\x05\x23\x1d\x7a\x6d\xa4\xe0\x83\xd9\x62\x79\xe6\x84\x51" "\xb2\xb4\x61\xe4\x46\x88\x98\x9d\xa2\x1a\xa8\x7a\xa7\xbe\x02\xff\xee\xd6" "\xd8\x85\x6d\x0b\x39\x51\x66\xe1\x85\x6b\x7d\xff\x9a\x13\x2b\x00\x5c\xf9" "\x5a\x97\x3e\xa8\x40\x76\xe9\xb8\x82\x1b\x34\xd3\xe9\x73\xc3\x29\x1e\xdf" "\x2c\xeb\x8a\xdc\x7f\xfd\x5c\x50\xbd\x1c\x2d\xb5\x70\x92\x79\x0e\xd0\x96" "\x79\x4d\x1d\xf3\x3c\xed\x83\xa0\x01\x7e\xcd\xc6\xe0\x14\xf9\xcc\xfe\x95" "\x00\xf6\xbc\x9a\x87\x46\xbf\x77\xa5\x95\xa0\x5d\xbd\x3c\x3a\x06\x3b\x96" "\xd9\xe9\x63\x7d\xd0\xd7\x2c\x66\x98\x7e\x3d\x08\xbd\x0b\xe4\x9b\x0b\xad" "\x8a\xd3\xcf\xd7\xf2\x5c\xe6\xe4\xd2\x3a\x1f\x68\xac\x54\xdc\x65\x70\xea" "\xf4\xfd\xb9\x39\x8b\x58\x71\xef\xe7\x4b\x6a\xdf\x43\xb9\x07\x29\xd6\xc3" "\xb5\xf4\xd8\x54\x2b\x73\x33\xd3\x21\xde\xbc\x96\x16\x0c\x38\xa0\xf3\x91" "\xce\x48\xcf\x1a\x58\xed\x64\xb2\xe8\x97\x62\x84\xdf\xc4\x88\x3d\x35\x68" "\x53\xff\xb7\xf2\xa6\xf6\xc5\xae\x6e\xf9\xd6\x6a\xe9\x80\x9c\xcf\x40\x6b" "\x5b\x9c\x30\x9c\xf4\xc4\x33\x2c\x20\x50\x8c\xe5\x5d\xf2\xbb\x45\x82\xe3" "\xa1\x40\xf0\x16\x12\x3d\x0a\x84\xb7\x94\x99\x87\x0a\x00\x2b\xe4\xb3\xc9" "\xd7\xef\x84\x5f\x9c\x2b\x20\x49\x67\xda\xe2\x7c\xd1\x47\xf5\x1a\x46\xd6" "\x8b\x13\xa8\x69\x66\x77\x6c\xd2\x42\x9d\x3f\x58\x70\xbd\x96\x95\x66\x4d" "\x3b\x67\xd8\x9a\x1f\x9d\xc8\x49\x53\xc4\xf0\xf7\x5c\x64\x0c\x6a\x10\xba" "\x92\x9c\x6e\x13\x41\x6d\x2e\xd8\x36\x48\x55\xcb\xbf\xa0\xc1\x0a\x44\x98" "\x7a\xac\x4e\xbc\x0f\x67\x32\x58\xd8\x88\x10\xb7\x73\x11\xfb\x00\x41\x90" "\x26\x89\x1f\xd2\x92\x28\x56\x07\x74\x3a\x87\x71\xaf\x5b\xa8\xfd\x0d\xc4" "\x65\x79\x41\x8d\xbb\xdb\xe5\xce\x7c\xab\x6e\x3a\x67\xd9\xe0\x23\x19\x2f" "\xe7\xc4\x86\x38\x0b\xe1\xb0\x0d\x13\x63\x88\xd0\x25\xfa\xbb\xcd\xd3\x7c" "\x11\x9f\x46\x68\xe7\xb4\x3a\xe0\xde\x3b\xc8\x18\x28\xe4\xab\xa1\xbb\x13" "\x66\x55\x64\xe8\xcf\x8e\x8f\x93\x4b\x77\x2f\x4e\x69\xb6\x97\xe6\xf5\x47" "\xca\xfd\x0f\x12\xe1\x2a\xe2\xb4\x7a\x00\x65\x40\x9e\x08\xc1\xba\x8f\x8a" "\xa2\x74\x61\x57\x45\x61\xef\x8b\x4a\x00\x3f\xb4\x1b\x26\x3e\x40\xc0\x5b" "\x9d\x9e\x5c\xe2\xe0\xc4\xfa\xb3\xdb\x62\xa0\x4c\x13\xdf\x5a\x73\x21\xb3" "\x93\xfa\x1d\x74\x7f\x06\x6c\xd9\xa1\x6a\xd3\x7b\x31\xfe\x57\xb5\x9c\x79" "\x65\x3a\x63\x00\x07\x11\x05\x8e\x0d\xd2\xc7\x84\x29\xe4\xcb\x47\xd9\xf8" "\x0a\x33\x9d\x29\x2b\x7f\xce\xde\xaf\xaf\x91\x5d\xa2\x1a\xd3\xec\x84\xba" "\x50\x31\x44\x53\x1f\x24\xe1\x35\x87\x45\x3b\x96\x1d\x62\xd5\x8d\x7c\xca" "\x16\xc1\xdc\x7d\x57\x47\x51\xfc\x13\x61\xc5\xe6\xf1\x7f\x07\x43\xd3\xeb" "\xe4\x45\xea\xd6\xce\xc5\x8c\x04\xc8\xf2\xca\x7f\xd6\x70\xf4\x83\x00\xc6" "\x2d\x62\x12\xe7\x50\x2f\x40\xe8\xca\xac\x3e\x5d\xda\xc3\x6b\xd5\xf5\x41" "\x89\xda\x2d\xc8\xa4\xc8\x4c\x39\xe6\x58\x06\x63\x11\x60\xf6\x1c\x67\xe1" "\x4e\x74\xa5\xeb\xe5\xbf\x8c\x55\xef\x11\xcf\xd8\xa4\xc9\xd2\xa6\x81\x21" "\x99\x02\xe7\x6a\xe0\xbb\x0b\xf5\x54\x74\x36\x32\x43\xb4\xbc\xb0\xd6\x3a" "\xca\x2f\xcd\xcf\xbb\x73\x1e\x57\x46\xb4\xee\xaf\xd2\x41\x65\x46\xd7\xe8" "\x8f\x3e\xb3\x68\xd4\x31\xaf\xb0\xa3\x89\x60\x49\x0d\x2f\x45\x25\x51\x1f" "\x2d\xb5\xbf\x70\x93\xb0\x6f\x9e\x66\x1d\xbb\xb5\x96\x3e\x29\x01\x86\x92" "\x91\xbc\xf0\x3a\xf2\x9f\x5f\x02\x6c\xd3\x26\x55\xad\xca\x88\xeb\xfd\x30" "\x9d\xa6\x3f\x6f\xd9\x7b\x4b\x8d\x19\xd6\x19\x4b\x4d\x94\x49\xcc\x19\xe5" "\xcb\x93\xa3\x7a\x45\x88\x53\xc3\xbf\x74\x03\x78\x2d\x88\x6f\x0a\x53\x83" "\x28\xcf\x4d\x86\x19\x20\x97\x1e\x1e\x3e\x2f\x00\x63\x95\xcd\xf9\xfe\x23" "\x35\x3d\xaa\xf3\xcb\xff\xae\x0a\x44\x57\x1b\xe5\x17\xe4\x5d\x5a\x0c\x7a" "\xe3\x4a\x68\xbe\x2a\x1b\xbd\x09\xa5\x7e\x05\xc7\xb0\x97\x33\x4d\xfe\xca" "\x51\xaf\xf6\x36\x12\x68\x63\xb5\x3a\x0c\x42\x96\x44\x66\x26\xe1\x95\x1a" "\x81\xdd\x70\x9c\xd9\x83\x5e\xd9\xc5\xb8\xe8\x7c\xbb\xa2\x6e\x5b\xcf\x90" "\xae\x20\x10\x95\x3d\xf5\x64\x22\x76\x35\x03\x11\x83\xca\x70\x82\x2c\xd1" "\x4c\x62\x14\xcc\x78\x6c\x20\x15\x85\xe3\xce\x4d\xa6\x41\xcb\xea\xfb\x16" "\xb9\x2f\x2a\xa2\x38\x96\xe2\x41\x23\x99\xc0\xff\xcb\x61\x75\x12\xdc\x14" "\x14\xb0\xfa\xcf\x4a\x3c\x35\x9f\x5b\xcd\xff\x99\x0c\xb1\xde\x91\x71\xcb" "\x18\x09\x93\xa3\xb8\xdd\x86\x2f\x84\x19\x58\x88\x44\x14\x39\xf1\x14\xf7" "\x6e\x2d\xef\x04\x78\x3b\xda\x83\x8d\x57\xad\xb1\x4e\xc5\xc3\x4e\xbc\x00" "\x00\x37\xed\xa9\x60\x2d\xab\xfa\x89\x50\xc2\x80\x4c\xa2\x79\x1d\x76\x35" "\xe3\x36\x9f\xa4\x20\x79\x0b\x17\x99\x1b\xd0\x40\x50\x37\xf4\xf3\x32\x6f" "\x9f\x38\x10\x7b\xe1\x08\x87\x02\x5f\xf6\x2f\xd4\xe9\x80\xa1\xb1\x7d\x19" "\x5b\xa9\x79\x16\x0a\xd2\xc9\xae\x3f\xea\xaa\xb5\xbc\xcd\x75\x3d\x9a\x50" "\x34\x35\x37\xa2\xcf\xb2\xc6\xb8\x28\x58\xd8\xad\xc8\xd2\x74\xc4\xed\x13" "\x5a\xed\xaf\x80\x3d\xe9\xa8\xe6\x25\xec\x4b\x04\xb2\xb8\x83\x73\xc7\x3d" "\x1f\x06\x2d\xbe\xac\x09\x0a\x3e\xfa\x18\x7c\xc6\x31\x98\xc2\xce\x0b\xb3" "\x53\x6b\xa3\xf3\x1a\xc9\xb1\x43\x67\xba\x6a\xd6\x86\xa7\xd1\xa8\x67\x2e" "\xf2\x9b\xa9\x8e\xb0\x37\x21\x03\x67\x29\x21\x9e\xb0\xf3\xaf\x59\xcb\x9a" "\xda\x9e\x6f\x5e\xcf\xa1\xf3\xdf\x0f\x37\x0e\xfb\xf0\x53\x43\xc7\x1d\x90" "\xa7\x0e\x07\xd4\xa7\x50\x63\x95\xce\xf6\xa2\x02\xad\xe5\x0e\x82\xbf\x22" "\x31\x4c\x12\xcd\x90\xf0\x88\x29\x15\xe9\x84\xf6\x85\xa5\x45\xb5\x38\x44" "\xd8\x68\x18\xdc\xa2\xc4\x4f\x21\xac\x29\x22\x5c\x93\x2c\xfc\x1e\x98\x2f" "\xc0\xb1\xb4\xe3\xb6\xd2\x00\x92\xa1\xf1\x04\x79\x5b\xe2\x62\x71\xdd\xde" "\xba\x61\x31\x54\x86\xf5\x67\x8a\x9c\xd0\xa0\xf4\x38\xfc\x25\xf4\xb0\xa8" "\x0d\x49\x56\xf0\x48\xbc\x82\x05\xf7\x7d\xa1\x0b\x72\x5b\x82\x34\x0c\x5a" "\xd9\x82\x2a\x37\xaa\xd6\xd7\x63\x2e\xc7\xc8\x70\x56\x9b\x70\x1d\x07\xb0" "\x67\x51\xc7\xe5\xec\xfe\x2a\xb4\x4a\xed\x48\x36\xdf\xbe\x13\x9d\xe8\x75" "\xe3\x2c\xc9\xff\x32\xd9\x60\x17\x02\x0e\xd4\x90\x09\xd8\x6a\x7b\x3d\x09" "\xed\x0a\xef\x9b\x53\xf2\x58\x66\xf1\xf0\xb9\xaf\xea\x69\x6a\xb9\x0c\x67" "\x64\x4d\x15\xc6\xc1\xd5\xd5\xeb\xb4\x30\xd1\x23\x1c\xe8\xaa\xf2\x28\x5d" "\xef\x12\xca\x38\xdd\x47\x0a\xfa\x9e\x54", 4096); *(uint64_t*)0x20001648 = 0x1000; *(uint64_t*)0x20001650 = 0; *(uint64_t*)0x20001658 = 0; *(uint64_t*)0x20001660 = 0; *(uint64_t*)0x20001668 = 0; *(uint64_t*)0x20001670 = 0; *(uint64_t*)0x20001678 = 0; *(uint64_t*)0x20001680 = 0; *(uint64_t*)0x20001688 = 0; *(uint64_t*)0x20001690 = 0; *(uint64_t*)0x20001698 = 0; *(uint64_t*)0x200016a0 = 0; *(uint64_t*)0x200016a8 = 0; syscall(SYS_writev, -1, 0x20001640ul, 7ul); *(uint32_t*)0x20000040 = 2; syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul); return 0; }