// https://syzkaller.appspot.com/bug?id=45d463e3ae38f3c38f2c82f0a8c6a2c1c8ce7457 // autogenerated by syzkaller (https://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #include unsigned long long procid; static void kill_and_wait(int pid, int* status) { kill(pid, SIGKILL); while (waitpid(-1, status, 0) != pid) { } } static void sleep_ms(uint64_t ms) { usleep(ms * 1000); } static uint64_t current_time_ms(void) { struct timespec ts; if (clock_gettime(CLOCK_MONOTONIC, &ts)) exit(1); return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000; } static void execute_one(void); #define WAIT_FLAGS 0 static void loop(void) { int iter; for (iter = 0;; iter++) { int pid = fork(); if (pid < 0) exit(1); if (pid == 0) { execute_one(); exit(0); } int status = 0; uint64_t start = current_time_ms(); for (;;) { if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid) break; sleep_ms(1); if (current_time_ms() - start < 5 * 1000) continue; kill_and_wait(pid, &status); break; } } } #ifndef SYS_mmap #define SYS_mmap 197 #endif #ifndef SYS_socket #define SYS_socket 394 #endif #ifndef SYS_writev #define SYS_writev 121 #endif uint64_t r[1] = {0xffffffffffffffff}; void execute_one(void) { intptr_t res = 0; res = syscall(SYS_socket, 0x11ul, 3ul, 0); if (res != -1) r[0] = res; *(uint64_t*)0x20001600 = 0; *(uint64_t*)0x20001608 = 0; *(uint64_t*)0x20001610 = 0; *(uint64_t*)0x20001618 = 0; *(uint64_t*)0x20001620 = 0; *(uint64_t*)0x20001628 = 0; *(uint64_t*)0x20001630 = 0x20000480; memcpy( (void*)0x20000480, "\x45\x99\xbb\x38\x9c\x3d\x38\x0d\xc4\x4d\x8a\xc8\x47\xbb\x7d\x6d\x08\x5e" "\xbb\xc9\x24\x5d\xc5\xf7\x6b\xaa\x56\x8f\xe0\xe1\x8c\xc7\xe3\xe3\x6e\xa6" "\xcc\x02\x6d\x7f\xaf\xa8\x0b\x4f\x5f\x1d\x78\x1f\x8b\x40\x0f\x02\xaa\x03" "\x67\x71\x4f\x38\x7d\x03\x00\x7b\xae\x7b\xb6\x8b\x93\x98\xf2\xb1\xce\xa3" "\x27\x1d\xb7\xf6\xf5\x8d\xcf\x41\x82\x2c\xe9\xb6\x8e\xc2\xe5\xd4\x56\xdc" "\x99\x67\xc4\x33\xea\x7a\xe6\x69\xa4\x9d\xcc\x2f\xa6\x2d\xc5\x10\xa0\x46" "\xba\xba\xb0\x14\xdf\xc8\xf6\xe8\x44\x80\x0d\x54\xce\x56\x70\x6f\xe5\x11" "\x6b\x42\xce\x26\xc8\x88\x6e\x78\x87\xe6\xdd\xda\xff\x62\xa5\x08\x91\x37" "\xaf\x1d\x75\xc6\x8b\x27\x5c\xae\xd5\x59\x4c\x81\x00\x10\x88\x38\xe8\xf7" "\x09\x42\x23\xea\x9c\x9f\x91\xdc\xe8\xe8\x8d\xf9\x4f\x8e\x7f\xb0\xc1\xd8" "\xc9\x01\xa2\xef\x53\xb1\x4b\x1e\x0c\x73\xb3\x7c\xf0\xde\x3a\xd3\x43\xa4" "\x62\x06\xeb\xea\x70\x58\x9c\x92\x3a\xa2\xea\x2f\xa1\xe7\xdc\xd0\x40\x14" "\xd9\x9c\xef\x69\x66\x02\x82\x55\xc6\x6a\xba\xdc\xe3\x1f\x4e\x8b\xef\x11" "\x8b\xd0\x20\x84\x7f\x7a\x22\xf8\xcf\xe6\x85\x52\x1b\xb6\x7b\x8d\x8d\x89" "\xd8\xc0\x79\x59\xad\xa2\xb8\x20\x19\xe6\x94\xd9\xd1\xec\x38\x7f\x2f\xf4" "\xb2\x04\xb4\x76\xa3\x03\x94\xa8\x66\xfe\x86\xeb\xbb\x28\x91\x10\x39\x98" "\xad\xe5\x89\xa5\x61\x2f\x77\x77\x72\x62\xa6\x62\x18\xda\x4f\x96\x1a\xa9" "\x77\x9f\x47\x78\xf2\x88\x64\x19\x3d\x47\x2a\xc2\x51\xaf\x74\x30\x35\x70" "\xc8\xf7\x55\x7e\xd0\xf4\x64\xaf\x89\x47\x95\x56\xc6\x3c\x03\x08\x22\x19" "\x78\x31\x44\xc6\xc6\x0b\xa9\xad\x0d\x2f\xf7\xf7\x27\x00\x23\x81\xc4\x10" "\x8a\x96\xfe\x2e\x06\x81\x17\x70\x4e\xac\xe0\xcb\x7c\xc8\x5e\xf1\x74\x5f" "\x32\xc0\x1e\xcb\x37\xc2\xe0\x6e\xa8\x66\x4b\xc9\x75\xef\x6a\xa9\xf4\x52" "\xa5\xf7\xeb\xb1\x8f\x79\xd9\x2a\xe8\x31\x8f\x4c\x7a\x62\x20\x3e\x59\x71" "\x69\x8b\x06\xdb\x14\xec\xd3\xe1\xe3\xc4\x5c\x10\xfe\xac\x23\xae\x20\xf2" "\x4a\x8d\xf0\x4e\x38\x40\xf0\x9e\x34\x67\xd7\x6f\x33\x79\xdc\x40\x9a\x2e" "\xaf\x85\x88\x4c\x00\xe0\x7f\x99\xb2\x6e\xc4\x72\xc0\xee\xd4\x5a\x41\x7d" "\x0d\x7b\xcc\x07\x41\x9a\x38\x30\x07\xeb\x84\x80\x61\x76\xa5\x84\x63\xa5" "\x1a\x12\xc5\x69\x2d\xad\xa9\x2d\x1b\xb7\x65\x0b\x50\x1b\x5a\xe3\x6d\x19" "\xa8\xda\x78\xd4\x48\xb8\xa6\x23\xdf\xae\xc6\xb7\x16\xd4\x10\xc4\xe2\x51" "\x64\xcb\x51\x2f\xa6\xc6\x2a\xdb\x30\xbf\x7c\xd5\x93\x45\x99\x08\xcc\xff" "\x3d\x6d\x74\xe5\x16\x53\x74\xb4\x40\xb2\xaf\xa2\x11\x71\x5b\xc8\xbe\x70" "\xd3\x15\x6a\x15\xdb\x5b\xb1\x93\x39\x11\x31\x9b\xae\x16\x3c\x4c\x20\x45" "\xd2\x8a\x46\x92\xbf\xfd\x2a\x09\x94\xbc\xa7\x46\xb9\xa8\x3e\x79\xc1\xd4" "\xad\x59\xd3\xc5\x4d\x0b\x53\x9d\x9c\x46\x17\x08\x9c\xda\xef\x81\x74\xa0" "\x45\x5b\x27\x3d\x7e\xcf\x8e\x0e\xc6\x26\x1b\x16\x8e\xb3\xc0\x4c\x5d\xe9" "\x78\x2f\xba\xe1\x26\xde\x0f\x92\x49\xfb\x54\xbd\x52\xac\xce\xea\x47\x0d" "\x9a\x7f\xaf\x91\xdd\x97\xeb\xc3\x02\xf0\x70\x52\x69\xb2\x3a\xc4\x28\xe7" "\xac\xf4\xce\x53\x72\xa2\x3c\x22\x12\xcb\xdc\xb6\xd4\xb7\x69\x31\x58\x16" "\xcc\x28\xb2\xec\xb8\xf0\x91\xa3\xaf\xb9\xb6\x3a\xa0\xf6\x77\xc3\xdf\x0e" "\x29\x06\x5b\xee\x2a\xbd\x7e\xde\x6e\xb6\xaf\xd4\xae\x92\x29\xe3\x8e\xbc" "\x09\x90\x17\xf3\x05\x95\xa1\xcf\x37\xef\x08\x98\x7f\x30\xb4\x8e\x15\x9c" "\xe2\xaf\xf6\x94\x61\xa9\xe1\x40\xfd\xdd\x38\x98\x23\x34\x9e\xd7\x3d\x31" "\xac\xbf\x53\xf0\x6b\x12\xea\x2d\xbd\x31\x65\x03\xae\x6f\x4d\x74\x06\xf7" "\x83\xfe\xf6\x91\xc2\x05\xcd\x97\x47\x25\xd3\xa0\x87\x8f\xb8\xb9\xc4\x63" "\x76\x2d\x6f\x70\x3f\x05\xab\x97\xa4\x64\xaf\x73\x64\xdf\xdc\x7e\x2f\x0a" "\x60\x69\x92\x77\x0f\x5e\x14\xb7\x3b\x51\x84\x81\xc7\x88\x3f\x00\xdb\xc1" "\xca\x40\xc6\x99\x80\x24\xf1\xbe\x7a\x00\x1e\x29\x23\xbc\x6b\xce\x9a\xbb" "\xc6\x43\x3e\xa2\x70\xcc\xe4\xdb\xb4\xa5\x97\x21\x45\x7f\x07\x33\x01\xec" "\x1b\x79\xf5\xc7\x40\x68\x9e\x1f\xf8\x8c\x1c\xcc\x3a\xca\x0d\x50\x51\x93" "\x84\x08\x48\xac\x59\xae\x28\x3a\xf7\x20\x1e\x00\xbf\xc8\xfb\x18\x59\x22" "\x7c\xd5\x60\xeb\x92\x60\x43\x3e\xb8\x5e\x29\x64\xa4\xcc\x5c\x9a\x25\xc0" "\x72\xac\x27\xd7\xc7\xd9\x54\x2f\x46\x5f\xf4\x37\x60\x38\x4a\xbf\x31\x0b" "\xb9\x8c\x97\x35\x3b\x63\xa9\x39\xde\x40\x2b\x34\xe5\x54\xe8\x18\x7d\x30" "\x3d\x01\xc4\xda\x58\xaa\xe3\xdf\xf0\xb4\x24\x74\xc9\x40\xd1\x9e\x25\x7e" "\x45\xf7\x7e\x78\xb2\x3b\xba\xa7\x85\xdc\xcf\xe2\x16\xe1\x95\xcd\x5d\x61" "\xa5\x6e\x2a\xb2\xf6\x62\xbc\x7b\x84\x0b\x78\x2c\x42\xae\x90\x6a\xe1\x43" "\x08\xef\xc7\xcb\xe0\x85\xe0\xdb\x0b\x01\x7f\x56\x4f\xa2\x24\x2a\x0f\xb3" "\xc4\x10\x13\x90\x83\xb0\x00\x6a\xbe\x0e\xdb\xde\x23\xb0\x91\x9e\xbe\x85" "\xb5\xf7\x95\xb7\x65\xcd\x00\xf6\x7f\xa9\xd8\xe1\x54\x82\x26\x0f\xdc\xb9" "\x99\x43\xfd\x29\x9b\x34\xe2\xff\xf4\x7f\xf1\xe5\xe2\xbc\xef\x30\xe6\x1d" "\x19\x67\x3b\x68\x55\x16\xf8\x71\xd4\xb9\x3b\x9e\xf6\x9e\x93\x8c\xf1\x6d" "\xae\x84\xee\xe6\xf8\x2b\xa4\xd0\x40\x4c\xa1\xe8\x19\xc6\x03\x9b\x90\xb3" "\x86\x41\xde\xa5\xf1\x04\x59\x87\xa0\xf4\xa0\x96\xf7\xfb\xed\x97\xaf\xad" "\xf9\x2b\xc7\x4b\x39\x72\x9d\xd4\xad\x38\x28\xc5\x8b\x59\x39\xae\xaf\x23" "\xa4\xc6\x47\xc5\xbb\xf7\x4f\x6a\x1f\x83\x02\xb5\x90\xf1\x16\x29\xdd\xd6" "\x73\x0a\xb5\xb6\xe6\x91\x86\x40\x76\x7f\x8a\xd9\xa4\xfb\xee\xea\x5e\x1c" "\x98\x4f\xca\x07\x68\xcf\x1d\x80\x82\x92\xa8\x08\x34\xa2\x91\x33\xfe\x98" "\xcb\x85\xa8\x56\xd2\xaf\x3e\xd8\x3e\x99\xbb\x53\xe0\x71\x90\x0c\x91\x66" "\xe7\x0c\x3e\x04\x27\xdf\xf0\xe7\x5e\xa4\x2c\x4e\x9d\x9c\xa4\x83\x21\xf7" "\x7d\x34\x10\x8e\xf2\xd3\x35\x05\xe8\x88\x92\xcc\xea\x6a\x62\xc5\x73\x72" "\x64\x49\x25\xa8\x5e\x9b\x05\x60\x15\xf7\x40\xac\xf3\x24\x20\x10\x01\x03" "\x0c\x1e\x66\x1b\xba\xa3\x82\xb5\x3d\x4a\x0d\x64\x18\x4b\x7e\x02\x8e\xdc" "\x1a\xa1\x56\x73\xc9\xc9\xca\x24\xa6\x77\x2d\x9e\x1c\x05\xe4\x7f\x9e\xbc" "\x5b\x3c\x63\x23\xad\x45\x8c\x14\x5f\x29\xd9\x0d\x65\xe1\x72\x6c\x76\x2c" "\xa4\x7d\x88\xd1\x33\x05\xc1\x1b\x64\x97\x8e\x09\x1c\xd4\x95\xd9\x50\x51" "\xda\xc8\x5e\x16\x45\x73\x00\x79\x4b\x97\x49\x12\xea\xe8\x5e\x4a\x8e\xff" "\x9e\xdc\x9b\x6b\xb5\x54\xe9\xa6\x9b\xf2\x45\x47\x43\x24\xe6\x10\x57\xc6" "\xa1\x5d\x4b\xcd\x67\xb2\x46\x78\x94\x11\x40\x65\x58\x16\xc4\x66\x6c\x2c" "\x9c\x5a\x45\x9d\x90\x76\xbf\x9e\x51\x79\x52\xdc\x43\x88\x2f\x1d\xd1\x49" "\x0c\xc4\xda\xe0\x17\xcb\x46\x83\x80\x8f\x6b\xfa\x44\xcc\xf6\x56\x8a\x96" "\x4e\xcf\x95\xee\x0a\xd4\xdf\x09\x4e\xf2\x0f\x11\x3b\x51\x1c\xe2\x9e\x5f" "\xb6\x42\xf8\x4c\xf5\x61\x29\xae\x4e\x24\xb3\x83\x7e\xc4\x82\x29\x69\xd1" "\x9b\x9c\xb7\xc4\x12\xc5\x23\x0d\x79\x4b\x28\x90\x2c\x40\x5c\x28\x1d\xe9" "\xbb\xba\xa0\xde\x2c\x5d\x04\xe7\xa8\xec\xff\xb7\xc7\xa9\x23\xfe\x88\x36" "\xe4\x64\x36\x36\x93\x3a\xf3\x97\x9f\x92\xa0\x0e\x49\x05\x78\x12\x41\x2a" "\x9f\xc7\xa1\xaa\xa8\x1a\xe0\xbf\xd4\x4f\x20\x47\x03\xfa\x39\x8b\x5a\x5c" "\x74\xab\x3c\xeb\x5e\x91\x4f\x9f\xf8\x6a\xcd\xba\x7b\x4a\x65\xdc\x26\xd7" "\xac\x72\xbc\x0b\x55\x7a\xe8\x93\x09\x9b\xc3\xcb\xf5\x73\x95\x9b\x7d\x97" "\xbb\x59\x63\xe1\x19\x33\x06\xc3\x26\x21\xe1\xbd\x8a\x7f\x7b\x90\x94\x69" "\xcf\x32\xa7\x29\x89\x00\xfd\x75\xb3\x52\x86\x46\xda\x96\xf8\xe3\x9f\x75" "\x5f\x31\x2d\xe5\xca\xdd\x6c\x94\x16\x25\xa3\x5b\x4a\x0d\x22\xfd\x78\xe1" "\xfa\x8f\x69\x5d\xeb\x77\x4a\xd9\x04\x7b\x45\x59\x78\xfa\x3e\xd9\xdb\x4c" "\xdd\x58\xbc\x21\x07\x24\xaf\xbb\x34\x6c\x88\x70\xcb\xda\xa8\x55\x3f\x60" "\x9a\x4f\x2c\x90\xda\x36\x83\x73\x32\xaf\xce\x38\x97\x6b\x44\x7e\xf0\x84" "\x34\xc9\xbb\xe1\x7d\x16\x7f\x0e\x6a\xda\x0f\x72\xfc\x19\x7f\x33\xb2\xee" "\x81\x2f\x67\x8e\x1b\x36\xd6\x24\x9a\xe2\xa5\xdf\xa6\x95\x53\x1a\xf6\x0e" "\xe6\xf7\xe6\x57\x37\x98\xe3\xec\x5d\x17\x45\xfd\xd2\xad\xaf\x45\x10\xbb" "\x9b\x06\xa5\x49\xd5\xdf\x8a\x9e\x1e\x5d\xbc\x29\x6e\xcd\x56\x73\x05\x18" "\x1f\x6d\x54\xdb\x3d\xa3\x94\xbc\x4e\x1b\x10\x85\xc2\x72\xc2\x7c\x5f\x09" "\x90\x0f\x77\x5b\xe4\xc1\x10\x37\x35\xe1\x82\xfd\xaf\x39\x5d\x14\x0c\xe1" "\xe1\x5f\xab\x21\x59\x4a\xb3\xdc\xbc\x71\xf2\xd2\xe7\xec\xcd\xac\x51\x0b" "\x3a\x98\x34\xb3\x44\xf7\x3f\x3f\x02\xe0\xac\x8a\xd1\xb5\xc7\xba\x4e\x8d" "\xbb\x16\xbe\x0b\x16\xe9\x59\xf3\x17\x8c\x16\x2b\x93\x41\x00\x06\x02\x88" "\x6e\xb2\x9d\xa4\xe1\xf5\xae\x03\x9d\x69\x89\x99\x94\x45\x07\xaf\x27\xda" "\x2b\x99\xca\xe5\x2a\xe8\xd6\x7d\x25\x1e\x86\xb5\x55\x93\x64\x41\xb1\xb3" "\x86\x22\x2b\x9c\x7c\x3a\x49\xe2\x29\xea\x96\xa5\x01\xbe\xfc\xa0\x81\xec" "\xc7\x42\x05\xa0\x06\x97\xfb\x07\x7c\x2e\x58\xa3\x37\xa1\x95\xdb\x1d\xec" "\x1e\x68\x60\x3d\x81\x96\x2e\x6c\x06\x22\x28\xab\x98\x2c\xee\x53\xab\xdc" "\x5b\x01\x7b\xfe\xe7\xba\x9a\xf6\x0b\x18\x4c\x83\x00\xa8\x00\xf5\x81\x89" "\xf2\xf1\xfe\x80\x60\x04\xf3\x68\xfe\xdd\x58\xf9\xd9\xae\x4e\x97\x85\x34" "\x87\x9c\x95\x1d\x21\xac\xd5\x5f\x5b\xbc\x35\xf2\xa8\x47\x3c\xf2\x63\xba" "\xcc\x3c\x87\x7a\x09\x27\xbc\x90\xae\xa7\x52\xca\x44\xe1\x58\x17\x4a\x3f" "\xbb\xcf\x59\xed\x7f\xf8\x25\x18\x68\xb9\xbc\xf0\xa7\xc9\xed\x49\xae\x6d" "\x3f\x4c\x9b\xa0\xfc\xbf\xd5\x82\x6f\x8a\x13\xd9\xb2\x5e\x55\x57\x60\xcd" "\x51\x3e\x13\xde\x01\x86\x6d\x20\x12\x2d\x1a\xd3\x40\x38\x40\xa7\x85\x53" "\x76\x36\x8f\x30\x83\x5f\xa5\xd8\x0e\x35\x06\x25\x43\x8e\x6e\x9f\xb1\xdf" "\x71\x74\x19\xb4\xe3\x5d\x43\x70\x37\x9b\x68\x20\xc9\x67\x44\x72\x94\xf3" "\x17\x53\x74\x63\x03\xbd\xc3\xde\x92\x7c\xf2\x9f\xc3\xfb\x90\xc9\x77\x93" "\x40\xf5\x20\x0d\x45\x3e\xb2\x2b\xfa\x27\x16\xde\x93\x28\x61\x35\xf0\xaf" "\xc9\x07\x99\xff\xe8\xeb\x2c\x2d\xe3\x10\x08\x7f\x7a\xfb\x60\x92\x7e\xc3" "\xd2\x01\x52\x7f\x8c\xf9\x56\xf7\x85\xaf\xbe\x50\xc2\x43\x17\xbd\xca\x52" "\x1a\x69\x7f\xd1\xde\xc9\x6c\xfc\x0a\x91\xa2\xf9\xc6\x13\xfc\x9a\x82\xae" "\x0f\x24\xaf\x44\x89\x41\xfb\x0c\x15\xaa\xfd\x9a\x8c\xf7\xdd\x3f\x56\x77" "\x53\xa9\x51\x0e\x53\x02\x44\xc1\x51\x93\xda\xab\x8e\xab\xb4\x2d\x8e\xca" "\xd3\xee\x1e\x08\x16\xa2\xdc\xaa\x11\x16\x66\x76\xbe\x52\x88\x42\x0b\x3a" "\x0e\xcf\x0e\x8c\x17\xda\x76\x9a\xa7\x14\x38\x37\x09\x12\x4a\x64\x68\x43" "\x16\x13\x76\x01\xa8\x0f\xeb\xd4\x01\x65\xe6\xee\x08\xed\x1a\x70\x72\x33" "\x4e\xcd\xb3\xee\x7f\x28\x25\x16\x64\x69\x97\x59\x3e\xf1\xb9\x62\xaa\x6b" "\x60\x2d\x7b\xaa\x26\xab\x12\xf9\xd8\x54\xb6\x22\x79\x95\x09\x1a\xed\x71" "\x8e\x36\xf2\xec\x21\xb9\xbd\xa8\x1c\xc1\x3b\x08\x3c\x01\xcb\x27\x90\x77" "\x40\x68\x3f\xd4\x4d\xd4\x2e\x56\x0c\x55\x1d\x1f\xf0\xa2\x2c\xe8\xd8\x44" "\x7f\x3b\x7e\x8f\xd1\xd5\xde\x52\x2b\x99\xe4\x3d\xb3\x87\x8e\x1d\x42\x82" "\x15\x28\xb0\x66\x6f\x84\xe9\xc6\x30\x85\x5b\xf2\x86\x82\xae\x3b\x56\x75" "\x8a\x88\xcb\x76\xd6\xa2\x0a\xf4\x77\x10\x3f\x07\x08\xf7\x3e\x3f\x4a\xba" "\x80\xa3\x8c\x86\x79\x8c\xd2\xd0\xd8\xf9\xda\x34\x1b\x43\x17\xaf\xae\xa5" "\x8a\xbd\x02\xd5\xe2\xfe\x09\x5d\xae\x1e\xb2\xd3\x3c\x7a\x66\x80\x4f\x2e" "\xa6\x23\x46\x32\xf6\x96\xfc\x71\x0a\x6c\x02\x0c\x1a\x10\xac\x63\xb8\xde" "\x90\x30\xb2\xad\x8d\x38\xde\x1d\x87\x02\xbc\x3d\x84\x29\x33\x57\xdc\x08" "\x28\x2d\xf5\x78\xc7\xd8\xc4\xa9\x95\xa9\x03\x03\x46\x61\xcd\xb9\x47\x31" "\x67\xd8\xad\xfd\xd9\xb4\xae\x18\x60\xd9\x4b\x93\x03\x2d\xb9\xc4\xf3\x8f" "\xd9\x06\x41\x8b\xfe\x66\x2f\x4e\x7b\x0b\x75\xc5\x00\x56\x9f\x69\x50\xcc" "\xfa\x96\xb0\x1d\x36\x9f\xac\x40\x3c\xd9\x27\xad\x41\x41\xef\x83\xeb\x01" "\x2b\x0c\x2a\x59\xe6\xff\x71\x7f\xd1\x25\x0c\xe6\xf3\x89\x4b\x3c\x72\x1a" "\x67\x9e\xd4\x5f\x0a\xd4\xa3\x00\x5a\x61\x91\x5d\x89\x3e\xbf\x0e\xb2\x2b" "\xc6\xc2\xd0\xe9\xf3\x27\xde\xca\x00\xfa\x9b\x80\x7c\x07\x44\xc3\x7c\xd4" "\x4e\x4d\x08\xef\x10\x91\x9e\x91\xb6\x87\x6e\x57\x95\xd9\xef\x4a\x8f\xac" "\xe1\xfd\x5d\xe8\xf5\x3a\x7f\x78\x9e\xcb\x9c\xd9\x07\x23\x8a\x4f\x27\x8a" "\xdc\x18\x04\x85\xb3\xc3\x40\x21\xe3\x3f\x1e\x90\x53\xac\x31\x99\x61\xb0" "\xc1\xc4\x95\x9c\xb5\xe6\x4a\x17\xdb\x4a\x9c\xfd\x63\xb6\x3e\x97\x28\xc1" "\x9e\xf0\x93\x8f\xd8\x92\xac\xbc\x1b\x41\x6f\x89\xd9\x4b\xa9\x35\xf7\xfb" "\x0d\xf1\x16\xc2\x59\x6a\xf6\xab\x66\x4d\xcf\x42\x11\xc9\x27\xb1\xde\x69" "\x3d\x12\x0c\x39\x9f\x38\xd1\xba\x91\x8d\x3a\x82\x00\x43\x01\x3a\x1e\xf1" "\xa1\x6a\x0a\x8b\x57\xc8\x8c\x21\x61\x3f\x53\x77\xb2\x86\x44\x1e\x29\x1c" "\x43\x09\x36\x0b\x3d\xfd\xf8\x42\xd4\x25\x3b\x14\x6c\xd6\x05\x99\xe0\x5a" "\xb2\x9e\x29\xec\x88\x6b\x4d\x9b\xf8\xc5\xd5\x2a\x2b\x65\xfc\x83\xff\x97" "\x8e\x60\x8b\xe4\x98\xe4\x84\xc4\x7a\x2c\xe9\xfe\xba\x85\xe9\xaf\x9a\x28" "\xab\x4c\xd8\x10\x41\xae\xb7\xc2\x96\x8a\x80\x93\x51\x7b\x56\x93\x50\x43" "\x85\x30\xc3\x7c\x9f\x04\x05\x74\xaa\x26\xac\x60\xf0\xdf\xd4\x11\x92\x61" "\xde\x4e\xc5\x78\xb5\x3a\xd6\xc9\x27\x2c\x42\x65\x9b\xa0\x2d\x97\xca\xd6" "\xe9\x28\xc5\x6e\xd7\x09\x21\xfc\x3a\x29\x2f\x69\x3e\xb2\x93\xf2\x09\xed" "\xd3\x68\xa9\x4f\xb2\xee\xdd\x18\x7f\xb9\x02\x28\xba\xbc\x25\x48\xc7\x6e" "\x73\xb4\xc3\x45\x67\xf4\x41\x34\x2b\x39\xdb\x49\x37\xfc\x07\x83\xcd\xb1" "\xfa\x3a\x84\xb5\x6d\xba\xa7\x2c\x58\x49\x3b\xd0\xb0\xac\xc7\x46\x98\x52" "\x53\x1e\x58\xde\x85\xd0\xa4\xf1\xe7\x15\x3f\x6b\xc2\xdc\x66\xa2\x8a\x8b" "\x6b\x56\x18\xab\x45\xb1\xae\xc9\x35\xd8\xa4\xf3\x85\xef\xc5\x57\xda\x7b" "\x0a\xd5\x4e\x38\x8b\xfa\xff\x0d\xf2\x84\xc9\xa9\xcf\xe5\x6b\xc2\x30\x96" "\x35\xc7\x2f\x6d\x98\x67\x2b\x26\xba\x7f\xf5\xe8\x02\xc5\x0a\xcc\xba\xd8" "\xdc\x28\xe6\x19\x7a\x49\x93\x5f\xc0\xca\x60\xab\xfa\xd3\x1b\x3e\x0c\xbe" "\xab\xfb\xed\x1b\x02\x10\x40\x59\x40\x0f\xf1\x82\xcb\xc5\xd2\x6f\xac\xe7" "\x98\xe9\xb8\x60\xbc\xdb\xc0\xc4\xe6\xb4\x1b\x47\xf4\x7c\x4e\x71\x97\xf3" "\x1a\xfc\x09\x98\xcd\x8e\xf0\xb2\xf5\x31\x28\x32\x0a\x7a\x2e\x6d\x32\x77" "\xe8\x78\x46\x32\x4f\x95\x4d\xc6\xd7\xeb\x1a\x73\x93\xa9\xc0\x46\xf4\x1e" "\x6c\x15\xec\x1b\xd9\xc6\x7f\xe6\x65\xd3\x2d\xf2\x57\x14\x38\x9d\xdd\xad" "\xc5\x40\x7a\x3f\x27\x10\x0c\xb9\x68\x8f\x8e\x1b\xbc\x1c\x6c\xdc\x2b\x2b" "\xfe\xfa\x25\x65\x34\x3b\x33\xd7\x5f\xc0\x66\x8b\xf6\x2a\x00\xef\xcf\xc9" "\x91\xb6\x2d\x0f\x41\xd0\xfd\xf4\x30\xcd\x9c\x6a\xba\x2d\x34\xe4\x16\x0b" "\x47\x38\xed\x45\xda\xcf\x2c\x5a\x7d\x8c\x70\x9d\x54\x42\xe7\x0b\x5c\x11" "\x57\x71\xb1\x55\x9b\x15\x13\xf6\xf8\x66\x3b\x0b\x75\x02\x93\x81\x96\xba" "\x6e\x77\x1c\x53\x19\xf4\x5e\x01\xd8\xe9\xb5\x64\xea\x8e\xb8\xcb\xcb\x76" "\x34\x28\x1d\x21\xde\x86\x02\xda\x8a\x9d\x14\xc4\x84\x86\xf1\xe2\xd7\xba" "\x91\x5a\xf4\xa8\xa1\xea\x11\x92\x1e\x8a\x5c\x1a\x0f\xa6\xc1\xd4\x6a\x1e" "\x86\x70\xb8\x19\x06\x4d\xfe\xeb\x14\x5d\xc0\x1b\x30\xb6\xad\x98\x61\xc0" "\xb2\x04\xf0\xb7\x73\x82\x16\xde\x00\xd1\xf7\xe9\x8c\xff\x9b\x8d\x62\xf4" "\xd1\xb8\x7a\xc6\x3c\x5d\xa5\xdc\x5b\xe9\x8e\x38\x0a\xfe\x74\xe1\x88\x2b" "\xda\xa2\x93\xfe\x37\x88\xa3\xce\xa5\xe7\x75\xc4\x1e\x59\x59\x01\xb5\xed" "\xa9\x69\xad\xab\x89\x43\x1a\xcd\xd2\xf2\xec\x13\x23\xca\x9d\x15\x06\x86" "\x35\xbf\x99\x49\xb8\x9a\xaa\x01\x1b\x92\xe4\x00\x08\x5d\x7c\xca\xb4\xfd" "\x44\xec\x60\x40\x3a\x27\x2f\x46\x9c\x85\x7f\x45\x2d\xdf\x90\x80\x01\xc0" "\x09\x2a\x48\xbe\x06\x4f\x6a\x53\x76\x08\x3c\x67\x27\x1c\x7b\x48\x01\x05" "\xc0\xaf\xef\x78\x26\x0f\x63\xef\xc0\x1c\x87\xfa\xe9\x11\xd7\xcf\x3a\x41" "\x9d\x86\x8c\x28\x41\xae\xa2\x93\x4c\x53\x88\x81\x10\x22\x9b\x7e\xa9\xd4" "\xe8\x1b\x7f\xf2\x5f\x9a\xa5\xcb\xaf\x01\x6b\x0f\xee\x4f\xec\x19\xbb\x9d" "\x46\x32\xdb\x7e\x9d\xf4\xbb\x36\xb5\x40\x8e\xc3\x3d\x24\x33\x3a\x70\x6a" "\x8b\xb7\xb7\xa8\xa0\x4b\xbd\x57\xa6\xf2\xf4\xe2\xd6\x89\xcc\x93\xde\x6b" "\xba\xa8\x8f\xb3\xe2\x1f\x4a\x98\x43\x27\x22\x52\x0b\x88\x79\x47\xcc\x58" "\xd6\x18\xee\xbd\x94\xcf\xf1\xd8\xe7\x18\x15\xec\x3b\x57\x54\x93\x5b\x2f" "\x8f\x12\x4b\xdf\xba\xf3\xe9\xb7\xfa\xc5\x31\xac\xb0\x13\x3a\x89\x95\x32" "\x69\x06\xb2\x9a\x1a\x2f\x23\x36\x5f\x7c\x80\x8a\x5c\x63\x40\xa4\xaa\xe1" "\x3e\x11\xbe\x06\x91\x1f\xba\xc1\x4c\x6a\x33\x36\x64\x98\x0d\x58\x37\x00" "\xdc\x87\x38\xcd\x27\x5c\xa8\x07\x6d\x0e\x90\xd5\x7e\xab\x8b\x4e\xc7\xf1" "\x69\xe1\x14\x64\xe8\xa2\x94\x8b\x09\x25\x99\x8c\xca\xc8\x3b\x09\xe3\x17" "\x5f\x99\xe6\xf6\x89\xfa\xf5\xb2\x6d\xc5\x40\x28\x50\x8f\xfc\xf6\x78\x7f" "\xda\xf5\x56\x85\xfb\x52\xc3\x05\xed\x01\xb6\x48\x6c\x17\x2f\xe5\x40\x4d" "\x5c\xc1\x85\xef\xdf\x64\x05\xfa\xcc\xb8\xc5\x0d\xfc\x56\x64\x30\xb4\x48" "\xd6\xf1\xb7\xb5\xe1\x17\xab\x31\x8a\x92\x5c\xf3\x94\x6f\x73\x30\x43\x27" "\x64\x88\x07\x74\x72\xa6\x9b\xd4\x57\x63\xda\x40\x71\xf5\x96\xfc\x3d\x74" "\x44\x29\xba\x4d\xef\xad\xe5\xb6\xae\xde\x69\x8c\xae\x31\x50\x68\x8f\x13" "\x29\xc7\x56\xaf\xc2\x69\x9a\x5a\x10\x27\x12\xe0\x6b\x8c\xbd\x63\x89\x68" "\x75\xa4\x41\xea\x78\x1d\x34\x97\x75\xbd\x46\x75\xbb\x86\x99\x04\x98\x0e" "\x64\xdb\x60\xea\x76\x2c\x1e\x9d\x4c\x7e\x7c\x59\x33\x6a\x8b\xf9\xcd\x54" "\x17\xf8\xb2\x54\xa5\x5f\x5b\xe8\x11\xd9\xe4\x43\x2a\x6d\x5d\xec\xac\xf0" "\xa9\x6e\x26\x88\x79\x86\xea\x2f\xf6\x7d\x39\x91\x80\x9f\x23\xcc\x67\x53" "\x7d\xf3\x33\x42\xf0\x68\xfe\x05\xbd\xdb\x01\x2a\xf3\xb5\xb3\x7a\x85\x1e" "\x2b\xad\xbb\xc9\xae\xd2\xcb\x15\xa5\xab\xa4\x23\x24\xc5\x91\x58\x41\xaf" "\x43\x49\x92\xfb\x12\x95\xe8\x37\x03\x69\xdc\xd7\x2d\x16\x46\x36\xc4\x92" "\x9b\xc5\xdd\x7d\x3e\xd4\x7f\x19\x59\x41\x24\x6a\xe5\x4c\x90\xbb\x80\xaf" "\x8c\xf9\xf5\x5f\x6a\xdd\xdf\x15\xf9\x91\x3f\xd0\xb9\x11\xe0\xcb\x56\x38" "\x53\x1d\x5b\x36\xde\xe4\xbd\x06\x51\x38\xe7\x75\x2c\x91\xeb\x00\x16\x67" "\x6d\xe4\x1b\x01\xa9\xfb\xb4\xfd\xbd\x5f\xfc\x82\xa6\x6f\x77\xa9\x02\xed" "\x74\xcf\x16\xa9\xe4\xa3\xc9\x04\xe2\x48\x46\x90\x19\x92\xb2\x2d\xb9\x2b" "\xca\xed\x28\x7f\x1b\xec\x75\x7b\x03\x18\x9e\x0c\x60\x1f\x2c\xd2\x36\xd0" "\x23\x6c\xbb\xe1\xae\x3a\x93\x1c\x8d\x76\x37\xaf\x9f\x72\xb7\xf7\xef\x56" "\xb8\xf9\x67\xa0\xd0\x93\x16\xea\x86\x15\xa2\x11\x2c\xd3\x90\x5a\x05\xe3" "\x73\xed\x57\x36\xc1\xc9\xe5\x61\x2e\x0c\x66\xb0\xfe\xe3\xfc\x48\xae\xda" "\xb3\x3b\xa2\xb0\x2e\xe9\x6c\x86\x4e\xb9\x1b\xf6\x52\x65\x75\xb3\x5c\xea" "\x93\x72\x1f\xc7\xf9\x1e\x64\x94\xaf\x47\x01\xcd\x77\x2a\x76\x06\xec\xfb" "\xe1\x67\x26\x5e\xaf\xb4\x4b\xb7\xaa\x1d\x69\x67\xe7\xc4\x48\x37\x48\xc4" "\x18\x24\xab\x23\xe5\x28\x24\xc7\xf1\xcb", 4096); *(uint64_t*)0x20001638 = 0x1000; *(uint64_t*)0x20001640 = 0; *(uint64_t*)0x20001648 = 0; *(uint64_t*)0x20001650 = 0; *(uint64_t*)0x20001658 = 0; *(uint64_t*)0x20001660 = 0; *(uint64_t*)0x20001668 = 0; *(uint64_t*)0x20001670 = 0; *(uint64_t*)0x20001678 = 0; syscall(SYS_writev, r[0], 0x20001600ul, 8ul); } int main(void) { syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul, 0ul); for (procid = 0; procid < 6; procid++) { if (fork() == 0) { loop(); } } sleep(1000000); return 0; }