// https://syzkaller.appspot.com/bug?id=f6142b0f72429f395dae080a9866cf42a216101a // autogenerated by syzkaller (https://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #include static unsigned long long procid; static void kill_and_wait(int pid, int* status) { kill(pid, SIGKILL); while (waitpid(-1, status, 0) != pid) { } } static void sleep_ms(uint64_t ms) { usleep(ms * 1000); } static uint64_t current_time_ms(void) { struct timespec ts; if (clock_gettime(CLOCK_MONOTONIC, &ts)) exit(1); return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000; } static void execute_one(void); #define WAIT_FLAGS 0 static void loop(void) { int iter = 0; for (;; iter++) { int pid = fork(); if (pid < 0) exit(1); if (pid == 0) { execute_one(); exit(0); } int status = 0; uint64_t start = current_time_ms(); for (;;) { if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid) break; sleep_ms(1); if (current_time_ms() - start < 5000) { continue; } kill_and_wait(pid, &status); break; } } } #ifndef SYS_fcntl #define SYS_fcntl 92 #endif #ifndef SYS_mmap #define SYS_mmap 197 #endif #ifndef SYS_open #define SYS_open 5 #endif #ifndef SYS_sendmsg #define SYS_sendmsg 28 #endif uint64_t r[1] = {0xffffffffffffffff}; void execute_one(void) { intptr_t res = 0; memcpy((void*)0x20000000, "./file0\000", 8); syscall(SYS_open, 0x20000000ul, 0x200ul, 0ul); memcpy((void*)0x20000080, "./file0\000", 8); res = syscall(SYS_open, 0x20000080ul, 0x800ul, 0ul); if (res != -1) r[0] = res; *(uint64_t*)0x200013c0 = 0; *(uint32_t*)0x200013c8 = 0; *(uint64_t*)0x200013d0 = 0x200011c0; *(uint64_t*)0x200011c0 = 0; *(uint64_t*)0x200011c8 = 0; *(uint64_t*)0x200011d0 = 0; *(uint64_t*)0x200011d8 = 0; *(uint64_t*)0x200011e0 = 0x20000100; memcpy( (void*)0x20000100, "\x4a\xdf\xc7\xac\x43\xcb\x07\x70\x36\x83\x14\xea\xc8\xc3\xf6\x21\xee\x88" "\xae\x0d\x22\xeb\xb3\xbe\x94\x1d\x1d\xee\xb2\xf4\xb6\xb3\x91\xdb\x92\x38" "\x81\xac\xfc\xe3\xc0\x74\x83\x8f\x90\xf4\x62\xc3\x94\x28\x59\x0a\x6c\xd6" "\xea\x13\x54\x35\x34\x47\xb7\x0b\xf1\x70\x8e\xbf\x86\xc7\x35\x1e\x98\xd0" "\xd5\x1d\x67\xa5\x16\x37\xbf\x21\x94\xd2\x82\x08\x17\x71\x91\x72\x35\x61" "\xf1\x04\x05\xe0\xa3\xba\x2b\xe9\xf7\x9f\xaa\xa2\x41\xdf\x6d\x4e\x7b\x1c" "\x91\x33\x4d\x58\xbc\x43\x05\xff\x68\xc3\x90\x56\x49\x0e\x3b\x0d\xec\x16" "\xfe\xd2\xb6\xe1\xae\x07\x27\x2a\x80\x12\x81\x71\x61\x49\x03\x4b\x6e\x87" "\x4a\x8e\x5d\x40\x07\x9e\x2f\x18\x1a\xb5\xa0\xaf\x52\x16\xeb\x9b\xb9\x47" "\x9e\x25\x6e\x64\xbb\xf9\x4b\xf4\x35\x66\x25\x56\x96\x59\x9b\x35\x1b\xd1" "\x7e\xeb\xe0\xa4\x1d\x5f\x8e\xe3\x18\xdf\xf0\x73\xc2\x6c\x0f\x1f\x92\x24" "\xf1\x77\x24\xf9\x2e\xc9\xaa\xf4\x59\x63\xc7\xee\x00\x76\x82\x8d\x7d\x18" "\xbf\x32\xa3\xd7\xe2\x57\x3f\x94\xc9\xa1\xfa\xee\x3a\xee\x33\x61\x1e\x6c" "\x95\x8b\xd8\xea\x29\x89\xa1\x23\xb7\x63\x10\x31\x85\xdd\x7d\x16\x77\x26" "\x19\xc4\xcb\xdb\xd2\x35\x7b\xac\x4d\xad\xf4\xda\x61\x44\xa5\x5a\x93\xad" "\xb3\x21\xc3\xdb\x65\xd6\xe7\x6d\xa7\x9d\xbb\x35\xbc\x87\x99\x48\x6b\xe8" "\x06\x2f\x1b\x5b\xcc\x18\x6a\xd7\x91\xe6\xb6\x9e\x3f\xff\xf3\x3e\x51\xc1" "\x38\x86\x82\xea\xeb\x2e\x95\xe0\x9b\x90\xb7\x74\x76\x50\xfb\x05\xda\xd0" "\x0c\xa0\xec\x3e\x82\x05\xfe\x05\xe4\x2b\xe0\xc0\x1c\x38\x98\xb9\xd0\x31" "\xa5\x5c\x03\x65\xaa\x44\xe2\x3d\x1b\x33\x9f\xbb\x7e\x78\x1a\x1c\x51\xe3" "\x29\x43\x76\x55\xb9\xe4\x5d\xd9\x07\xc0\x40\x8a\x91\xd8\x6a\xcd\x50\x19" "\xfe\x21\xbc\x7e\xa8\x91\x30\x04\x8d\x0b\xfb\x2a\xa4\xfe\xa0\x4e\x83\x51" "\x8f\xcd\x1a\xd0\xda\xdd\x2c\xe2\xe9\x14\xae\xde\x3b\xe5\x46\x5e\x03\xc6" "\x7e\xd1\xcb\x00\xed\x74\x4c\x2c\xb3\x3b\xea\x9a\x58\x4e\x67\x6d\x54\x01" "\xde\x4e\x50\x27\xc6\xe8\x8b\xea\x35\xc3\xc7\x1e\x60\x01\x8b\x2b\xca\x9f" "\xf7\x92\x22\xdc\x09\x4c\x48\x16\x5a\xe4\x05\x98\x16\xb9\x60\x3a\xcc\x2a" "\x33\xee\xed\x94\x84\xd4\xa8\xf6\x48\x9e\xa5\x70\x4a\x04\x87\x8c\x05\x7d" "\x8d\x38\x93\x2a\x27\x1f\xee\x74\x7b\xfa\x6b\xe8\x5c\xaf\x07\x86\x6b\xc5" "\x14\x5f\xf8\xb6\x35\x40\xef\x84\xe0\x77\x7c\x0c\x05\xae\x3b\x9f\xbb\x41" "\xc7\xd3\xf2\x59\x18\xa5\xda\x3e\x51\xfa\x67\xbf\xb9\x83\x37\xda\x93\xde" "\x10\xc6\x1c\x1c\x85\x3a\x01\x5d\xc9\xa1\x26\xf6\x6e\xcb\x0a\xcc\xbb\x34" "\x72\x46\xde\x14\x8e\x5c\x17\x87\xb0\x3e\xe7\x52\x09\x7a\x39\x77\xbb\xb7" "\x66\x03\xcd\xbf\x17\x8f\xde\x33\x68\x4f\x66\x0d\x67\x44\x2c\xa8\xf8\x9f" "\xc6\xc2\x2f\xd7\xa6\x53\x3e\x8b\x15\xe8\x31\xfc\x5d\x2a\x9f\xe4\xe4\xdc" "\x85\xd8\xa2\xdb\xdf\x18\x4f\x73\x07\xd9\x5e\x0a\xbb\x4e\xc9\xa1\x64\xcd" "\xda\xe5\x01\x46\x31\x28\x4a\x70\x98\xee\xb4\x9a\xf9\xc2\x37\x8e\xbb\x2b" "\x41\xd3\xa8\x8e\x16\x1f\x42\x3c\xb9\x89\x0e\xfa\xe2\xe5\x3e\xf9\x33\xd5" "\x95\x3b\x5c\x81\x3e\xa8\x90\x61\xa5\x61\x00\x81\xe4\x84\xfc\xa3\x8a\x5d" "\x96\xc2\xe8\x13\xa4\x4d\x08\x04\xe6\xde\x9f\xe9\x9d\xdb\x9e\x5d\x2f\x0b" "\x28\x7f\xeb\xd5\xed\xfa\xca\x07\xc8\xf9\x39\xb1\xdf\x59\x51\xae\x59\x47" "\x6f\xcf\x9e\x60\x55\xb2\x32\x52\x5a\x83\x23\x47\xfa\x04\x6b\xcc\x9b\x0f" "\x41\xf4\x55\xb4\x00\x6f\x06\xe6\x1d\xab\x42\xb7\x26\xef\xff\xa7\x45\x8f" "\x2a\x34\x96\xa7\xee\x33\xd9\x7a\x35\xd9\x0f\x35\x41\x09\x0e\xca\x14\xc2" "\x7f\xb6\xb9\x4a\xc5\x1e\x0c\xcc\x99\x8a\xb9\xfc\x48\xfa\xf8\xe6\x53\x59" "\xff\x49\x24\xe0\xb3\xe3\xcd\xdb\x11\xe9\x5d\xe4\x1e\x59\x37\xdd\x7d\x65" "\xa4\x3d\xd3\x69\x2a\xe4\x0a\x86\xb0\x84\xeb\x46\xb9\xe6\x28\x11\xa2\xed" "\x23\xfa\xc9\x3c\xe7\xd9\x03\xc8\x4b\x4b\xe9\xce\xab\x7d\xde\xe1\x65\x62" "\x01\x5c\xdb\x1e\x67\xde\xf0\x9d\x6c\x5c\x49\xdf\x76\x80\xd2\x33\x20\xff" "\xdd\x73\x4c\x13\x6f\x23\xb2\x08\x98\xe4\xe5\xa9\x96\xe5\x1d\x21\x06\x05" "\xba\xcc\x4a\x2c\x75\x5d\x11\x9c\x9f\xe8\xbb\x72\xc2\x64\x39\xd6\xaa\x95" "\xb9\xce\xa4\x6c\xcc\xb7\xe5\x71\x28\x3d\xae\xe9\xb0\xed\x20\x7b\xac\x22" "\xbd\x51\x0b\xdc\x64\x60\x03\x8c\x6f\x3d\x41\x94\x5a\x1b\x9b\xce\x23\xc0" "\xfe\x32\xda\x7a\x66\x3c\x41\x5b\xe0\x29\x1b\x76\x92\xa5\xde\xe8\xe9\xa7" "\xe7\x6d\x9a\xb1\xf6\x88\xcf\x22\xc6\x23\x21\x37\xc2\xc8\x2c\x13\x31\x58" "\x41\x8c\xe4\x2f\x3f\x2b\x60\x7f\xd3\x34\xd4\x18\x12\x37\xd2\x9b\xd8\xfa" "\x3f\x89\x4b\xfd\xdb\x9a\x8b\xfa\xb1\xd2\xa1\xde\xd5\xb3\x15\x15\xd5\x46" "\xaa\xc7\xf1\x2a\x08\x03\x93\x3c\x54\x4d\x45\x21\x71\xc1\x89\xf1\xf0\xec" "\x1c\x92\xbb\xde\x70\x80\x42\x46\x82\x41\xe7\x89\xdb\xee\x83\x92\x30\xd4" "\xb2\xa0\xad\xb5\x7a\x81\x68\x26\x1f\x98\xf7\x63\x29\xb1\x8e\x6b\xd7\x01" "\x32\x9c\x6f\x59\x2e\x2a\x78\xc9\x9c\x2d\x15\xde\x14\x91\xd2\x0c\xee\xbc" "\xb2\x25\x5c\xed\xdc\x78\xd9\x74\xe9\x92\x12\xb6\x02\x78\x7f\x4d\x10\x50" "\x30\x90\x61\x9f\xf5\x35\x24\x44\x89\x0a\x4e\xb6\x10\xfe\x2d\xa3\x33\x13" "\x21\x54\xe6\xe2\xd4\x57\x2a\x6d\x8c\x2c\x3c\x27\x9d\x11\xb3\x68\xda\xeb" "\xd8\xfa\x3e\x2f\x6d\xb4\xd3\x28\xa7\xe9\xe2\x2b\xc2\xf5\x70\xb2\x01\xa2" "\x5b\x08\x63\x83\x6e\x70\x22\xe4\x29\x1c\x68\x5b\x1d\x2d\xb9\xa1\x79\xc7" "\x33\xc1\x1d\x69\x0c\x8c\xbe\xd5\x32\x1f\xe8\xe3\xf4\x14\xed\x7d\xac\x38" "\x0a\x8b\x56\x25\xa0\x71\xea\xcb\xa5\x30\x35\x67\xdd\x08\x56\x8a\xf2\x41" "\x21\x62\x4c\x14\x1b\x0c\x76\xc4\x66\xe1\x3f\xc5\x05\xa0\x4e\x35\x81\xbd" "\x01\x38\x1a\xee\x47\xf8\xbb\xb1\xd7\x98\xc3\x2a\xf0\xfc\x1d\xc3\x0f\x5e" "\x3c\x7b\xc8\xd9\x7b\x99\xca\x38\xed\x98\x0d\x8f\x5f\x16\xec\xbb\xc6\xe9" "\xbb\x1a\x36\xf8\x13\x5a\xf7\xbd\x7f\xc9\xf3\xe5\xa8\x36\x19\x31\x34\x53" "\xbe\x66\xa8\x4f\x28\xf1\xac\xed\x88\x90\xdf\xde\xab\xdb\xe4\x5a\xd4\x2d" "\x3f\xf9\xf1\x02\x70\x5a\xc7\x0d\x5b\xe1\xa3\xb1\x4d\x10\x09\xc6\xc4\x71" "\x8d\xfa\xdc\x7a\x99\xe7\x66\x59\xdb\xba\xd4\x78\xdf\x67\x33\xc8\x11\xe3" "\x1e\x09\x53\x8c\x20\x93\xa0\x29\x2f\xe3\x96\x38\x3d\x57\xd2\x6a\x46\xd3" "\x7b\xf5\xa3\xcf\xd1\x9e\xa5\x02\x68\xd9\x1c\x2e\x21\x3d\xea\x98\x20\x6e" "\x80\xea\xca\x65\x6a\x71\xd4\x36\x3e\x33\x0e\x9d\xcd\xcd\x6d\xca\x48\xf3" "\xc1\x40\xe0\xbb\xde\x9f\xde\x1c\x52\x22\x53\xe0\x85\x3b\x71\xc2\xf1\x66" "\x4c\xa7\xc6\xe9\xe4\x9c\x14\x8c\x0d\x0a\x06\x24\x4e\x86\x69\x96\x5f\x9a" "\x97\x0c\x28\x0c\x8c\x4f\xca\x28\x57\x4b\xf5\xcc\x09\x8c\x55\xe7\x69\xa1" "\x7b\x7c\x8f\x7e\x0d\x06\x37\xb8\x09\x9c\xb6\x97\x81\xea\x40\xcf\x33\x55" "\x5b\x9d\xd5\x76\xe7\xa0\x05\x16\xf2\xbc\xfe\xc5\x30\x13\xdb\x29\x1b\xc5" "\xad\xa5\x49\xba\x46\x31\xbd\xb1\xf2\x93\xe5\x6d\xe7\xfa\x91\x50\xcc\xc4" "\x92\x93\x59\xa1\x21\xd6\x61\x0a\x5d\xf4\x88\x81\x2d\x7d\xf9\x95\x69\xe9" "\x7a\xf5\xcf\x64\xb8\x77\xc3\x2b\x87\xea\xb4\x99\xbb\xcb\xe0\x6a\xf3\x51" "\x1c\xc9\x75\x2a\x57\x78\x8c\x6e\x75\x92\x8c\xa2\x8a\xf1\x17\x82\xb1\x7f" "\x6d\x76\xaf\x9f\x8f\xc3\xc5\xbb\x97\x8a\xd6\x71\x37\xc6\x4c\x45\x8d\xda" "\xe2\xa3\x50\x05\x1c\x13\x3a\x33\x23\xf4\x21\x8d\x39\xe5\x3e\x32\x40\x48" "\xf1\x24\xf0\x60\x2f\xb0\x93\xac\x1f\x39\xf5\xb3\xb4\x14\x02\x2b\x64\x0f" "\x62\x9c\xdd\xcf\xdc\xf5\x6a\xf5\x46\xb5\x3e\x05\x2a\x40\xff\x2e\x81\xdb" "\x6e\xd9\x0f\xcf\x43\xe8\xf0\x43\x60\x2e\xf4\x59\xc6\x38\xc0\xdd\x1b\x5a" "\x18\x62\xb5\x02\x2b\xb2\xef\x45\x5f\x57\xc9\x6f\x07\xc0\x3d\x7b\x82\xe7" "\x4c\xb1\x19\xe0\xd8\xd7\x1f\x08\x50\x6d\x88\x29\x23\x86\x7c\xf4\x94\x9f" "\xed\x6a\x30\xe9\xd5\xdc\xc8\xf9\x2e\xe7\x98\xfc\xc6\xb8\x4a\xaa\x74\x45" "\x0f\x39\x0e\x80\x9e\x3a\xc2\x8e\xc8\x49\x75\x68\x9c\x25\x5d\x6b\x2b\x4b" "\x1c\x8e\xe5\x04\x87\xde\x34\x1d\x05\x65\x5b\x3c\xb0\xd8\xeb\x68\xcc\x14" "\x27\x5d\xc2\xe8\xc9\x11\x9e\x85\xb1\xb9\x7f\xcc\xa8\xd7\xc0\x6e\x42\x48" "\xdd\xee\xee\x55\x8e\x2c\xe6\x09\x27\x2d\x63\xf4\x36\x40\x75\x4a\x7e\x00" "\xc1\xef\xa8\xbc\xb0\xc2\xfc\x3f\x03\x1a\xab\xd7\xbc\xbb\x42\x4a\xe7\x06" "\x21\x27\xbe\xac\x14\xb8\x48\xad\x8c\xb1\xa9\x33\x22\xbe\x24\x12\xf0\x80" "\xdc\xdd\x1d\xc1\xf9\xaa\x92\x34\x80\xe3\xf8\x68\xd4\xad\x05\xd6\x05\x32" "\x8f\x27\x43\xd4\x58\xef\x64\x95\x63\x14\xf0\x19\x47\xd7\xaa\x52\xb5\x93" "\x3e\x49\x8b\xb9\x3b\x14\x30\x0d\x10\x57\xf6\x33\x53\x5e\x08\x02\xbf\xb9" "\xcb\x0a\x81\xde\xbd\xfe\xf0\x8e\xc7\x80\x68\xe5\x22\xb0\xce\xeb\x0c\x15" "\x86\x5b\xcc\xe1\x66\xd1\xb5\x85\x2c\x84\x26\x7b\x09\xfd\x6b\xd2\x90\x27" "\x1f\x2e\xc9\xf6\x69\xee\xae\xee\xc4\xd4\x9d\x34\x5c\x33\x52\xb7\x3b\x31" "\x38\xe3\x68\x74\x43\x59\xb4\x79\xc3\xf8\x0c\x24\xc8\x56\x6a\xe3\x3b\xd7" "\x62\xe9\x41\x27\x6b\xee\x59\xb8\x3f\x52\xd0\x62\x50\xa6\x33\x77\x13\x9c" "\x88\x35\xc9\x1d\x4e\xc6\x21\x12\x33\x9b\x64\x74\xba\x14\xf1\x6a\x88\x1b" "\x49\x19\x48\x78\x12\x2b\xae\xbf\x78\xad\x26\xe8\xb8\xf6\x52\x67\x8b\xc8" "\xdd\xff\x81\x5b\xc1\xf3\xa2\x54\xac\xa1\xe8\x4e\x58\x1d\x7c\x90\x93\xc9" "\x08\xab\x31\x7a\x80\x16\xc9\x4e\x4d\x0f\x47\xa3\x20\xcb\x74\x6e\xc0\xa5" "\x0a\x57\xd5\xeb\xf9\xf5\x7a\xdc\xb2\x4f\x9f\x86\xc8\xfb\x00\x5f\x4d\x01" "\x99\x48\x28\x18\x3b\x9d\x89\xba\x4f\x52\x27\x6d\xbc\x26\x53\x4c\x39\x4f" "\x51\x1e\xbe\x2b\xc3\x75\x44\x96\xa3\x88\x7d\xbf\x06\x05\xd0\xf7\x35\x0c" "\xb2\xf6\x97\xcf\x9a\x1c\x86\x2a\xbe\x6d\x5e\x9b\xa8\xa6\x0d\x1e\x68\x4b" "\x07\xc3\xe3\x81\xbb\x29\x41\x3f\xea\xf6\xe5\x30\xd8\x83\xac\xa1\x78\xcc" "\x28\x17\x9d\x9c\x3e\x14\x3b\x69\x91\x29\xa2\x79\x41\x71\x28\x23\xc3\xc0" "\x7a\x82\xe5\x52\xf5\x35\x78\x79\xc9\xd0\xf9\xba\xd2\x84\xaf\x98\xdb\x26" "\x63\x99\x83\xfc\xee\x58\x84\xf0\xc2\xcd\x07\xdd\x03\x94\xf2\xb9\x9c\xfa" "\x95\x55\xe3\xb7\xb8\x9f\x68\xa1\xb4\xfb\x33\x52\xaf\x80\xd8\xac\x39\x6f" "\xcb\x75\x64\x5b\xd8\x8a\x01\x7d\x3e\xf2\xab\x03\x41\xfd\x48\xb9\xb7\x9a" "\x94\xcf\x84\x81\x22\x36\xdb\x20\x02\x5b\xe4\xa3\x62\x32\xff\x2e\x76\x10" "\x6c\x7e\x91\xcf\xeb\x08\x22\x78\x07\x20\x40\xb5\x76\xd2\x4d\xc9\xe4\x34" "\x52\x78\x5e\xa9\x47\x3c\xd1\xd8\x63\x6f\x9c\x93\x07\x3f\x4b\x6d\xf9\x7e" "\x19\x7a\x0e\x3d\x57\x4a\xcb\xc8\xb4\xe0\xcf\x2f\x88\x35\xff\x72\xfd\x55" "\x68\xb3\xd1\x59\x18\xb9\xa4\xa4\x9d\x46\x43\xe2\xaf\x35\x0d\x50\xb4\x4a" "\x4b\x89\x9f\x38\x3e\x6e\xe7\xc0\xad\xc4\x87\x26\x95\xaf\xbf\xd7\x7b\x9e" "\x9a\x0f\x90\x62\x92\x9d\x81\xd7\xc3\xe6\x25\x7b\x9d\x43\xfb\xa1\x2b\xda" "\x2a\x6e\x6d\x56\x84\x1a\x67\x74\x4d\x2f\xfe\x70\x9c\xa5\x1c\xc9\xed\x9a" "\x09\xd4\x91\x64\xb0\x16\x9c\x42\xf3\x47\x98\x01\xb6\x3c\x8a\x97\xfb\x9c" "\x4a\x4e\x54\x2e\xf1\x47\x75\xf2\x6a\xb7\x8a\x68\xf6\xa6\x20\x81\x3f\x5c" "\x63\x74\x0c\x2c\x32\x49\x73\xfa\xcf\x7e\xb4\x78\x2f\xc4\xa1\x00\x1e\x3d" "\xdb\x0b\x6e\x06\x33\x8e\x86\x17\xf4\x9d\x8b\xb9\x51\xd6\x98\xef\x45\xa8" "\x43\x6d\x5b\xe4\x7c\x7c\x65\xc2\x06\x89\xc7\xc8\xff\x97\x05\x47\x68\x4a" "\xa8\x00\x8f\xf8\x6a\xd3\xd0\x00\x77\x12\xf4\x6a\x8e\x72\x9b\x3a\x3a\x14" "\xc1\x69\x7d\xdb\xcd\x5a\x8f\x2b\xe8\x0a\x80\xfd\xac\x76\x0e\xc3\xdc\x06" "\xb7\xa7\x29\x5b\x4f\xec\x66\x45\xe7\xaa\x0b\x0f\x71\x6a\xff\x2f\x14\x65" "\x00\x2b\x95\x98\x02\xb8\x4a\xf4\x05\x8d\x4a\x97\x48\x60\xe3\x40\xc9\xb7" "\xb8\x93\x22\x17\x4d\xfc\xde\xa3\x6f\x24\x90\x9e\xa0\xd5\x76\x70\xb4\x8f" "\xc6\xad\xf7\xdd\x72\x1a\x61\x20\xa1\x35\xac\xf0\xb8\x31\x18\xc9\x5d\x6b" "\x60\x56\x0e\xa7\x05\xa2\xbb\x69\x5f\xd7\x1b\xb0\xe3\xcb\x17\x79\x52\x5b" "\x17\xd5\x5c\x7f\x24\x03\xad\xf9\x82\xd9\x2a\x36\xe0\xd1\x40\xdd\x27\xd2" "\x02\x2a\x5e\x12\xbc\xb6\x4a\x4a\x93\xd3\x3e\x4e\xae\x03\x7b\x1e\x9f\xbc" "\x95\xcd\x2f\xd6\x0f\x56\xa5\xdc\x37\xe4\x04\xe1\xf9\x07\x1b\xcd\x1f\x9d" "\xe0\xb7\xe8\x56\xe3\xd9\x08\xd0\xe2\x10\xb1\xb4\xec\xa3\x58\x8b\x27\x83" "\x8c\x76\x78\xfd\x9d\xf4\xb5\xb9\x43\x76\x51\xb7\xb8\x24\xb1\x1f\xbe\x5b" "\x1f\xc8\x16\xb3\xc6\x33\x99\xee\x70\xc7\x46\x09\xce\x05\x97\xee\xef\x65" "\x75\x62\xd3\x7f\x93\xeb\xc5\x3a\x93\x57\x0f\x2a\xa9\x3e\xb0\xe9\xa5\x33" "\x0c\xcc\xd2\x01\xdb\xb9\x80\x25\x22\x73\xe0\x6f\xd5\xcf\x8b\xe3\x19\xc1" "\x71\xaa\x8a\x92\xf7\x74\x29\x43\x56\x7d\xa1\xef\xdf\x1c\x81\x2c\x0f\xd9" "\x4f\x75\x7d\x52\x93\x1f\x55\x0e\xcc\xb8\x4e\xab\xca\xfa\x80\x91\xc9\x03" "\xf9\x54\x7f\x80\x78\x22\x16\x21\x70\x15\xdd\xc2\xd0\x6e\xa9\xf4\x67\xed" "\x88\x99\x56\xc2\xf8\x9d\x76\x06\x4c\x3d\xad\xa1\x88\xdf\xed\x2b\x18\x9c" "\xdf\x31\x59\x6d\x8e\x56\x6a\xfc\x7c\xb7\x50\xa8\x94\x5c\x14\x04\x31\x4f" "\xfa\xb6\x0c\x04\x9f\xa2\xe0\xb4\x18\xaa\xd9\x59\xd0\x41\xc0\x3c\xb3\x3b" "\x00\x38\x8b\x63\xb2\xf2\x4b\x68\xd5\xbb\x98\xd6\xe8\x88\x2e\x75\x9a\x02" "\x81\x75\xd4\x1e\xf6\x9d\x34\x9a\xd6\xfa\xc2\x67\x0e\x7d\xaf\x3e\x7b\x87" "\x19\xf9\xaa\x65\x99\xfb\xa5\xc4\xf6\x95\xb8\x8d\x52\x58\xc9\xbc\x40\xd2" "\x69\x6a\x85\x4a\xad\xfe\x06\x98\x8b\xa4\x4e\x34\x3a\x6d\x94\xca\x60\x34" "\x87\xc3\x41\x7d\xfd\x2c\x39\x93\x0e\x15\x21\x96\x5a\xfd\x3d\x8c\xdb\x96" "\xfa\x0f\x44\x3a\x3a\x00\x24\x32\xa3\x74\x90\xbe\x15\xeb\xc6\x48\x86\x43" "\xbc\x40\x33\xe3\xaf\x3c\x2e\x64\x77\x94\x90\x9b\xa2\x71\x77\x3b\x5c\x1c" "\x08\x57\xd9\xc3\x91\xd2\xef\x30\x91\xe2\x03\x81\xf1\x19\xfe\x3b\xa3\x60" "\xff\x41\x75\xff\x13\x6b\x02\x92\xf5\x0a\xbc\x1d\x0f\x2a\xbd\x29\xfd\x7c" "\x2b\x8e\xb3\xdb\x62\x14\xfb\xee\x1b\x49\xc4\x96\xda\x05\x64\xeb\x48\xb3" "\x76\x82\xd4\x1e\xf3\x31\xcb\xc2\xe4\xf6\x0e\xea\xf5\x2a\xb6\x39\x01\xb3" "\x20\x50\x1b\xee\xf2\x0b\x3a\xca\xf8\xae\x11\xb6\xbe\x20\x30\x2b\x52\x25" "\x70\xcc\xaf\x8f\x23\x1d\x8a\xf8\x34\x7b\x4e\xb5\x87\x56\xa2\x18\xd8\x57" "\xff\xe8\x9c\x57\x44\x4e\xd7\x1d\xc9\x05\x37\xb6\xcb\x11\x12\x11\x38\xe1" "\x5f\xc0\x7a\xe2\xc0\x8d\x02\x4b\x19\xee\x77\xf4\xb0\x90\x01\xf9\x9d\x0f" "\x28\x1a\x80\xe8\xe2\x96\x72\x23\x5d\x4a\x97\xea\x20\x98\x02\x7d\x21\x31" "\x2d\xe5\xf7\x86\x03\x1e\xb6\x3e\xfe\x18\xdb\x9f\xb2\x7b\xfa\x31\x95\xfc" "\x3a\x59\x2b\x89\x1e\x3b\x04\x39\xd0\x1c\x35\xaa\x24\x7e\x3a\x4a\x35\x3c" "\xd7\xa2\xf2\x0b\xa0\x32\x3a\x65\x30\x1e\x62\xe8\x10\xaf\x8b\x48\x14\x9a" "\x6d\x1c\x9d\xe7\x9b\x5d\x2e\xe1\xf7\x50\x0c\x61\x71\x38\x6b\xb7\x7d\x61" "\x8f\x88\x8f\x7c\xe8\x6e\x70\x1b\xd1\x64\x10\xcb\x46\x92\xe8\x73\xfd\x83" "\xff\xd0\x8e\x50\x13\x72\x31\x5d\x40\xa9\x83\x17\x51\x25\x69\xd1\x48\x87" "\x92\x01\xf8\x3f\x3c\xde\xa5\x8a\xd9\x0b\xfe\xb0\x80\xe3\x39\xd9\x70\xe2" "\x15\xab\x30\xe2\x51\x27\xb4\x00\x0e\x5a\x1e\x1d\x8e\x48\x94\x88\x27\x5b" "\x1e\xb3\x35\x6e\x05\x05\x92\x1a\x38\xac\x0d\xda\xa5\xe4\x5f\xf1\xb8\x2b" "\x1f\xe2\xa1\xe6\x4a\x1b\x28\xc1\x37\x63\xb1\xd4\x5b\x84\x4c\xc9\xa9\x4a" "\x25\xc7\xee\xb4\xa7\x2a\x18\x9c\x49\xea\xb3\x9e\xe2\x1d\x82\x91\x21\x0c" "\xe5\xd2\x4b\x93\x3f\x90\xfe\xf8\xec\x16\xdc\x4d\x3c\xbf\x60\x11\xe9\x99" "\x8d\x02\x9b\x55\x66\x3d\x46\x23\x6a\x58\x4a\xd8\xdf\x86\x2c\x48\x64\xa5" "\x31\x8d\xf0\x2b\x78\xc9\x8d\x8b\x88\x83\xdd\xe3\xf1\x70\x49\x30\x10\x79" "\x1b\xb3\x31\x99\x30\x5d\xab\xb3\x05\x1b\x18\xc4\x37\x1f\x83\x77\x5b\xfa" "\x1b\x97\x37\x7a\x23\xa4\x28\x8b\xfe\xa4\x69\x16\xb4\xba\xd0\x0c\xe8\x88" "\x88\xff\xf9\xb7\x10\x7b\x32\xb2\x97\x18\x3d\x01\x6b\x2f\x60\x31\x83\xda" "\xed\x16\xf0\xef\x4c\xcb\x64\x70\x73\xfa\xa2\xe4\x59\x63\x21\x9b\x13\x3e" "\x3b\x60\x02\x42\xd7\x36\xbd\x84\xe5\x5d\x56\x92\x53\x8d\xd6\x46\x57\x61" "\x54\xb2\xfc\x65\x83\x52\xe4\xf6\xeb\x1f\x5a\x4c\xec\x2a\xc4\xf1\xf8\x81" "\x6f\xa3\x48\xf5\x66\x46\xdd\x66\xcb\xfa\x1a\x80\x7b\xec\x81\xd7\x6f\x17" "\xd0\x4e\x1f\x1e\xa6\x47\x74\x76\x4b\x39\x55\x3a\x3f\x85\x74\xc1\x61\x36" "\x06\xa9\x75\x24\xc1\x52\x78\xac\x25\xf1\x8c\xea\xf1\x18\x2c\xd2\x83\xce" "\x88\x4c\x8e\xc2\x27\xc6\x2d\x1a\xf0\x59\x63\xbe\xf0\xc9\x1a\xd9\xc7\x0e" "\x2d\xe6\x8f\x97\x76\x31\x81\xec\x8c\x9f\xfd\x93\x7f\xb9\x2b\x35\x47\xde" "\x9c\x99\x7a\xb6\xaa\xf1\x36\x98\x44\x17\xd7\xed\x4b\xb3\xdf\x58\x1d\x96" "\xfd\x24\x9e\xdb\xdd\x07\xb0\x4e\xba\xbc\x21\xea\x92\x07\xdc\xf0\x9a\xc2" "\x26\xe4\x87\xa8\x4b\x5f\xec\x40\x43\xab\x0f\xb3\x0c\xc0\x5b\xb4\xa5\x1f" "\x79\x30\x68\x15\x84\xff\x15\x6e\xf3\x44\xc4\x89\x37\xfd\x33\x0c\x5e\x3c" "\x3c\x4b\x44\x14\x62\x43\x4f\xef\x7e\xdb\xdf\x58\x41\x89\x90\xe7\xae\xa6" "\x94\xe6\xf3\x50\x13\x86\x30\xab\xfb\xca\xa4\xd7\xfc\x69\xfe\x50\x12\x15" "\x5a\xc0\xa6\x51\x05\x31\x6d\xdc\x8d\x44\xc3\xcf\xfa\x9c\xc2\xe5\x12\x20" "\xbe\x86\x25\x06\x05\x68\xe4\xfd\x5c\x65\x69\x10\x0a\xca\xfe\xda\x4b\x04" "\x32\x86\x61\x98\xaa\x9a\x2c\xf8\xce\xbf\x02\x07\x8e\x84\x78\x4a\x14\xda" "\x65\x0e\xa0\x52\xca\xd7\x05\x36\xce\xde\x28\x81\x1c\x95\xa6\x17\xb3\xe2" "\x2d\xfc\xbb\x40\xbf\x7d\xa0\x8b\xc5\x18\xb0\x01\x36\xf1\x22\x6e\xf8\x22" "\x0a\xaa\x7d\x01\x6c\x82\x07\xb6\xf7\xff\xbf\x60\xd4\xc2\x56\xdd\x6c\x10" "\x1e\x8f\x17\xfd\xf9\x81\x85\x33\x8a\xe4\x63\xa2\x53\x1c\x73\x81\x95\x14" "\x41\xf3\xea\x59\xb0\x9e\x8d\x6e\x58\x15\x8e\xed\xdc\x63\x8f\x7f\x1a\x2e" "\x4c\xf9\x6c\x6e\x90\x12\xae\xc8\x57\xeb\xbe\xd5\x26\x90\x95\x78\xf8\x67" "\x13\xed\x69\x76\xa4\x78\x66\x2a\xd5\x6f\x72\xb4\xf9\xed\x98\x7c\x95\x31" "\x7f\xd1\x97\x0b\x7e\xbc\xf8\x6c\x50\x44\xd6\xe2\x17\x3f\x9d\xc8\x76\xe1" "\xf5\x2c\xdd\x5e\x91\x94\x82\xf1\x44\x4b\x31\xfb\xd7\x2f\x95\xad\xa6\xa5" "\xcf\xcd\xe1\xb1\x93\x19\xe9\xe0\x83\x62\x37\x9d\x8e\xe9\x51\x25\xb2\xda" "\x37\x77\xd8\x86\x35\xf7\xb2\x44\x61\xd2\x80\x9f\xe8\xc5\x2b\x8c\x1c\xd0" "\x77\xac\x9e\x81\xfc\xcf\x9e\x4f\x45\x90\xbd\xe4\x64\x31\xd9\x97\xbf\x64" "\x8e\x59\x39\xc5\x18\xf0\x2a\xe5\xb8\x99\x24\xf1\xea\xf5\x5d\xea\xc8\x3a" "\xae\x9f\xab\x46\x09\x03\xea\xf7\xd9\x2e\x2e\x6d\xdf\x85\xc4\x3c\x64\x2e" "\x37\xf6\xb8\x38\xa2\x79\x5c\xe2\xb9\xaf\x6f\x2a\xba\x1d\x9e\xc6\xfe\x9c" "\xee\x3c\x66\x64\xb2\x0a\x69\x7e\x92\xd6\x43\xb6\x67\xb0\x80\x15\x4c\xb7" "\x93\xe6\x95\xc4\x14\xf8\x42\x2a\xac\x01\xbc\x48\xf2\x9e\x18\x27\xe1\x6f" "\x3a\x5d\x93\x7d\xa5\x1f\xe5\xc6\xe5\x28\x52\x0a\x3d\xfa\xc0\xd7\x05\x2e" "\x13\x29\x94\x04\xec\x6e\x90\x4d\x0f\x5c\x79\xe2\x46\xb8\x54\x4f\x82\xf6" "\xd4\x79\x0b\x2d\x12\x44\xa6\x9c\xc8\x52\x60\x50\x97\xfd\x90\x25\x59\xf5" "\xc6\xf8\x94\x17\xf4\x87\xee\x0b\xff\x30\xa0\xc7\x02\x8e\x23\x46\xae\x3c" "\xc0\x6c", 4088); *(uint64_t*)0x200011e8 = 0xff8; *(uint64_t*)0x200013d8 = 3; *(uint64_t*)0x200013e0 = 0; *(uint64_t*)0x200013e8 = 0; *(uint32_t*)0x200013f0 = 0; syscall(SYS_sendmsg, -1, 0x200013c0ul, 8ul); *(uint16_t*)0x200001c0 = 0; *(uint16_t*)0x200001c2 = 0; *(uint64_t*)0x200001c8 = 0x1000000000000000; *(uint64_t*)0x200001d0 = 0x2000100000001; *(uint32_t*)0x200001d8 = 0; syscall(SYS_fcntl, r[0], 9ul, 0x200001c0ul); } int main(void) { syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul, 0ul); for (procid = 0; procid < 6; procid++) { if (fork() == 0) { loop(); } } sleep(1000000); return 0; }