// https://syzkaller.appspot.com/bug?id=e94de72534b46ee21d40a7f3cd90793f97754b49 // autogenerated by syzkaller (https://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #include static unsigned long long procid; static void kill_and_wait(int pid, int* status) { kill(pid, SIGKILL); while (waitpid(-1, status, 0) != pid) { } } static void sleep_ms(uint64_t ms) { usleep(ms * 1000); } static uint64_t current_time_ms(void) { struct timespec ts; if (clock_gettime(CLOCK_MONOTONIC, &ts)) exit(1); return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000; } static void execute_one(void); #define WAIT_FLAGS 0 static void loop(void) { int iter = 0; for (;; iter++) { int pid = fork(); if (pid < 0) exit(1); if (pid == 0) { execute_one(); exit(0); } int status = 0; uint64_t start = current_time_ms(); for (;;) { if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid) break; sleep_ms(1); if (current_time_ms() - start < 5000) continue; kill_and_wait(pid, &status); break; } } } #ifndef SYS_mmap #define SYS_mmap 197 #endif #ifndef SYS_socket #define SYS_socket 394 #endif #ifndef SYS_writev #define SYS_writev 121 #endif uint64_t r[1] = {0xffffffffffffffff}; void execute_one(void) { intptr_t res = 0; res = syscall(SYS_socket, 0x11ul, 3ul, 0); if (res != -1) r[0] = res; *(uint64_t*)0x20001540 = 0x20000200; memcpy( (void*)0x20000200, "\xbc\x2b\xf8\x31\x30\xe8\x7c\xd4\x51\x61\x94\x3e\x3d\x9c\xdb\xe0\xc9\x56" "\x26\x67\x83\xa5\x24\xe8\x78\x60\xf9\xf9\x1b\x16\xb3\xc1\x03\xe4\x06\x45" "\x78\x9d\x2e\x4c\xf7\xb9\x4d\x17\x27\x02\x95\xbc\x81\xca\xe1\x21\x8e\x4e" "\xc4\x7d\x95\xb4\x2e\xa6\x79\xcc\x9d\x3e\xaf\xf3\xe8\x2b\x16\xe7\xde\x74" "\x4d\x73\xf9\xa5\x4b\x33\x09\xf4\xd7\xec\x3d\xf5\x7c\x7d\x46\x58\x3b\x75" "\xf9\xe2\xec\xdb\x70\xac\x66\x0c\x29\xb7\xd9\x2f\x68\x2c\xe2\x68\xcf\xe5" "\x02\x28\x10\x4a\xc6\xb2\xcb\xc2\xf8\xb3\x0e\xcb\xf2\x3f\xe0\x27\x0d\x54" "\x6f\xde\x98\x74\xca\x2f\x10\xe7\x1c\x1c\x41\xc9\x37\x77\x84\xd6\x39\x36" "\x05\xdf\x5b\x47\x95\x8f\xbb\xe6\xd3\xbc\x8c\xc7\xed\xce\x48\x3c\xa1\xee" "\x36\xf7\x17\xcd\x90\xc6\x3e\x28\x9a\x15\xe6\x41\x59\xef\x74\x91\xb5\x08" "\x04\x81\x32\xea\x23\xfe\x52\x79\x59\xd3\xba\xca\x04\x1e\x8a\xa8\xd8\xd8" "\xb7\x9e\xa7\x3b\x4b\xc8\x0c\x1e\x21\x86\x1b\x81\x41\x22\x77\x5b\x65\x71" "\xdc\xbd\x58\x97\xbb\xa8\xfb\x3e\xc2\xc3\xdf\x8d\x51\x43\x46\xf7\x7f\x84" "\xec\x16\x01\x89\x41\x54\xe3\xb5\x14\x3b\xf4\x12\xc6\x46\x0d\xff\x9c\x92" "\x19\xbb\xbe\xd7\xce\x1e\x26\x5c\x67\x59\x94\x55\x58\x49\x02\x77\x44\x7f" "\x35\x3d\x68\x0b\xea\xcd\x2f\x5d\x0b\x13\x1b\x4e\x25\x20\x0a\x88\x8e\xd6" "\x61\x39\x6a\x25\xdc\x97\x16\xa1\x6f\xe6\x27\xfe\x7a\xac\x79\x99\x14\x83" "\x06\xe1\xd2\x13\x3d\x37\x08\x35\x71\x13\x44\xe5\x8d\x3f\x09\x50\x7c\x01" "\x19\x87\xee\xa5\x43\xa7\x89\xc1\xa9\x05\x61\x16\x53\x0e\x2d\x7c\xc4\x08" "\x47\x19\x28\x4d\x2e\x97\x8b\xfd\xfc\x62\xf0\x82\x8f\x43\x45\xa2\xff\xe9" "\x67\xcf\x39\xf5\xf9\x27\x26\x2a\x93\x3d\xc4\x03\x66\x96\x22\x1a\xae\xa6" "\x01\x02\x4c\xdf\x25\xa2\x0a\x28\x8e\xce\x03\x1a\xf7\x75\xa4\x3a\xe4\x79" "\x2d\x2a\x64\x54\xbf\x37\x10\xe0\xde\xe3\x85\x5b\x4a\x4d\x86\xb2\x68\x01" "\xaf\x79\xc9\x5e\xb7\x41\xc1\x0a\x65\x1f\xc9\x05\x09\x1f\xb6\x75\x59\x7a" "\x39\x9c\x40\x57\xad\x17\xc0\xa5\xc0\x03\xc6\x29\x5f\xc6\xc0\x50\x28\xba" "\xf5\x7c\x9b\xec\xb8\x25\x5a\xed\xa3\x8c\xf9\x27\xbe\xcd\x91\x0d\x36\x63" "\xaa\x65\x8f\x11\x5c\xd1\x09\x34\x89\x20\x27\xa0\xa0\xbd\xf5\x10\x0b\x87" "\x1b\xe2\xf8\x38\x91\xf0\x84\x50\x5f\xd9\xd8\x41\x2e\x6f\x5d\xf7\x45\xa3" "\x87\x22\xf6\x8a\x15\xb4\x89\x02\x84\x30\x12\x61\xe4\x7a\xdc\xf1\x0d\xdc" "\x91\xe2\xf5\xce\x77\x5a\xf6\xa4\xc7\x6d\xbb\x1d\x91\x8e\xf6\x8d\x7a\x9b" "\xef\x0e\x31\x26\x58\xbb\x6c\xa2\xa7\x2f\x39\xaf\x6c\x95\xe4\x6b\x2f\x80" "\x42\x68\xcd\x9a\x77\x89\xbb\x40\x91\x4d\x06\xdf\xad\x6c\xec\x6a\x04\x08" "\xbe\x54\x7c\x7d\xff\x42\x58\x7a\x50\x52\xfc\x34\x02\x81\xc2\xd1\x01\x42" "\xac\xb8\x81\x12\x94\xb9\xe3\xd2\x33\xc9\x97\xdb\x23\x1e\x42\x4b\x40\x5e" "\x64\x41\xdd\x98\x7b\xbd\x8b\x6c\x33\x67\xde\xc5\xb8\x16\xea\x12\xe9\x6a" "\x8a\x78\x49\x60\xc9\x55\x0c\xac\xe8\x2a\x0f\x9a\x83\x3c\xa1\x95\xe2\x1a" "\xd3\xfc\xbe\x29\x05\xe1\x9b\xa7\x6c\xeb\x49\x1d\x1c\xc8\x98\x8c\x2a\xd3" "\xe1\x5d\x46\xca\x69\x13\x48\xa8\x62\x26\xc7\xbc\x58\xd2\xce\x44\xf2\xd2" "\xe5\x72\xf5\x86\x65\x07\x54\x34\xbf\x08\x63\xa1\x94\xc2\xe8\xf6\xfa\x27" "\x21\xc0\x86\x62\x54\x19\x86\x16\x43\xa2\x0d\x8f\xe9\xc8\x52\x70\x10\x86" "\x02\xf4\x7d\xed\x30\xaa\xb7\xab\x64\x3a\x15\xb1\xe1\x68\x06\x56\x41\x5b" "\x3d\x47\x4b\xc6\x81\xd0\xda\x94\x48\x8e\x0b\xc2\x57\x2c\x7f\xfb\x04\x8b" "\x9f\xc6\x6d\xef\x9e\x84\x00\x7e\xbe\xcc\x8c\x00\xc7\x0e\x38\x45\x3d\xee" "\xbd\x83\xcc\x21\x37\xdd\xcc\x6e\xa4\xfe\x93\x3a\x38\x16\xe3\x17\x65\xff" "\xf0\x60\x56\xea\xb6\xb0\x98\x7b\x78\x80\x4c\xa0\x46\x73\xbc\x39\xc9\x41" "\x56\x86\xb9\x11\x94\x4c\xa8\x99\xde\xe4\xfe\x0d\xa0\x16\x6c\xc5\x2d\x9f" "\x13\x2b\xbe\x05\x2c\xad\x27\xc9\xcd\x01\x38\x11\xd1\xf2\xf5\xaf\xf5\x2e" "\xbf\xe7\xbe\xd2\x90\x70\x90\xc6\x89\x66\x79\xec\xe4\x15\xf0\xc1\x59\x90" "\xef\x27\x9e\x13\x11\x15\x68\xec\x03\xe5\x4a\x77\x48\xcc\x19\x8c\x2a\x2d" "\x19\x6f\xbb\x70\x54\xf9\xe7\xa0\xde\x96\xf5\xc2\x3d\x3f\xff\x23\x3c\xc6" "\xaa\x00\x0b\xf9\x5f\x70\x5f\x43\x01\x85\x46\xfc\xad\x15\x7c\x56\x50\xde" "\xcd\xeb\x50\x44\x0f\x02\x0e\x92\x21\xa5\xf8\xe9\xed\x63\xa5\x0a\x6e\xdb" "\x34\xb3\x94\x8b\x62\xa8\xe1\xbc\x22\x75\x25\x27\x2f\x0e\xd5\x81\x20\xfd" "\xdc\x7e\xcf\xe2\xd4\xe6\x09\xf5\x4a\x9a\xd6\xbf\xf1\xca\x70\xcd\xb8\xe1" "\x1d\x21\x51\xb5\xfe\x4a\x66\xba\xb0\xa9\x30\xf1\x49\x0e\x92\x35\xa8\x77" "\x12\x1b\xae\x91\xc2\x80\x08\x27\x20\x5b\xe6\x48\xb4\x42\xdc\x45\xbd\xc5" "\x8d\x51\x3b\x1b\x2a\xd1\x22\xcc\x1e\x61\x47\xb1\x8f\xba\x3c\x21\x8b\x36" "\x3d\xc6\x95\x05\xe6\x37\xf5\xa8\xa3\xb7\xf4\x18\x46\xc5\x9d\x08\x66\xe6" "\x5c\xfd\x93\x7d\x87\x93\x4a\x97\xa3\x8c\xbf\xcc\xb8\x88\xb7\xd4\x03\x9b" "\x3c\xbf\xed\x94\xec\x4f\x12\x74\x7e\x29\x89\xaf\xe4\xf7\x05\xd5\x84\x18" "\x0a\xd3\x76\xe0\xa7\xe0\xb1\x34\x0a\x9d\xaa\xe9\x6b\x1a\xef\x98\x4f\xfd" "\xb6\xb2\xef\x73\x04\x97\x47\x5a\x1d\x85\xc0\x12\xa5\xbf\x33\xc8\x7c\x0a" "\x64\x7e\x30\x43\x17\xd0\x34\x74\xeb\x6d\xb7\x97\x42\x0b\xce\xda\xe3\x67" "\x1b\x4f\x35\xb7\x95\x5a\x31\xa3\xa4\x5e\x7a\x7e\x81\x39\x86\x79\xf3\x71" "\x47\x96\xcf\xc1\x9f\xf5\x1f\xc1\x8f\xcc\x0b\x0e\x16\x37\x2a\x0b\xd9\x77" "\xac\xf8\x07\x3c\x4d\x11\xd9\x0c\xdd\x4b\xae\x05\x8e\x04\x51\x2a\x93\x7b" "\x98\xa8\x59\x1d\x3e\x4c\x79\x12\x84\xd0\x63\x23\xe7\xa4\xa2\x6e\x76\x39" "\xc4\x51\xad\x67\x7d\x2c\x66\x86\xc6\x23\x08\x62\xd4\x8a\x68\x0c\xa7\x51" "\x3e\xab\x69\x10\xe5\xad\xa7\x8c\xfd\xf3\x07\x34\x04\x60\x37\x3a\x2a\x3a" "\x22\xc5\x8e\x06\x4b\x61\x4f\x81\x87\x07\x4f\x93\xc4\x04\xed\x07\x37\x97" "\x17\x44\x1f\x7f\x07\xf8\xaf\xde\x49\xa0\xb3\x4a\x2f\xc8\xa6\xfb\x0d\x45" "\x59\x05\x6e\xf0\x77\x03\xd8\x82\xa4\xf0\x10\x11\x33\x2d\x23\x85\x41\xa1" "\x28\xdf\x6a\xfc\xce\xf8\xa7\x7a\xf9\xdd\x9e\x9e\xde\x15\xd9\xcc\x28\xf1" "\x22\xed\xfd\xa0\xa0\xa0\x0d\x71\x5b\x9c\x07\xb4\x13\xc1\xc0\x35\x75\xe7" "\x7e\xba\x47\xa1\xfa\x03\x45\xcd\xb7\x18\xcb\xbf\x85\xc6\xf6\x2f\xbd\x86" "\xa5\x5f\xad\x53\x61\x81\xa2\xff\x0c\x30\x30\x0f\x28\x4a\xb0\xd9\x09\x8e" "\x1c\x4f\x7c\x75\x7e\x7b\x73\xcc\xa5\x80\x9f\x5a\x73\x7e\x96\x72\xe1\x6b" "\xa5\x49\x79\x09\x7d\xc4\x7e\x50\xe7\x17\x8c\x51\x6d\xa8\xf7\x98\xf6\x84" "\x8b\x7c\xe3\x94\xd0\x82\x58\xdb\xcd\xed\xdc\x6e\xa0\xd0\x05\x3a\x4a\x1a" "\xc6\x9c\x0b\x25\x7b\xce\xce\x3f\x0b\x8c\x87\xbc\x6b\x1f\x39\xd4\x3d\x56" "\xb8\x01\x40\x7a\xfa\x40\x4d\x1f\x04\xce\xbc\xd2\x7a\x6d\xed\x4c\xd7\xe1" "\x9b\x24\x41\x22\x0e\xd3\x09\x22\x62\x6a\xd3\xde\x61\x53\x4a\x86\xb7\xb4" "\x84\xde\x26\xc7\x37\xf7\xdf\xc5\xf8\x80\x12\xf0\x51\x22\xd2\x90\xfa\xbd" "\x06\x8f\xf1\x1d\x41\x5e\xd2\x22\xec\xa7\xaf\x39\xba\xb2\x34\x10\x5a\x96" "\xab\x89\x7d\x24\x4b\xd4\x03\xf9\x76\xcc\xd8\xd7\xe6\x1c\x7f\x14\x49\xfd" "\x0a\x46\x2a\x39\xea\x17\x69\xf4\x5b\x54\xe8\xb7\x7b\xe8\xfe\xc3\x53\x09" "\xa3\xef\x02\x7b\x7b\x93\x17\xa7\x12\xae\x03\xc4\xed\xec\x8f\x03\x0f\xf7" "\x6b\x4a\x96\x73\x79\x40\xbc\xbf\xc3\x17\x48\xb2\xbf\xbc\xbf\x2f\xcb\xd7" "\x17\x8f\xab\xd2\x96\x2e\x92\xe9\xaf\x9f\xa7\x04\x14\x1a\xd0\xc1\x52\x82" "\xb6\x7d\x0f\x9e\x16\x2d\xe9\xaf\x46\x21\x12\x74\xde\x59\x11\xc1\xe2\x21" "\x01\xdf\x52\xc4\xc1\xf4\x04\xf1\x3c\xde\x20\x98\x67\x6d\xd5\xbe\x50\x96" "\x10\xff\x37\xc0\x06\x70\x8e\xc5\x41\x11\xd5\x0b\x66\xfc\x58\x06\xfb\x1e" "\x05\x2b\x03\x49\xd5\x38\xd6\x35\x4c\x35\x24\xea\xb3\xc9\x11\x5b\x3c\xe3" "\xe7\x08\xf9\x09\xa5\x6d\x43\xb4\x79\x5d\xb0\x52\x06\xe7\x41\x17\xb0\xac" "\x1b\xfc\x4f\xd0\x39\xb5\x0f\xe6\xe8\xbe\xd7\x5b\x8a\x3d\x6e\x5b\x92\x3d" "\x6c\x85\xb0\xd5\x86\x00\x8c\x9f\xff\x81\xe8\x81\xd9\x21\x51\xab\xb0\x05" "\x1c\x0b\x55\x86\x91\xf9\xb9\x50\xde\xd7\xfd\x46\xd2\xef\x2d\x96\x0b\xe0" "\xe1\xe9\x57\x28\x3d\xa0\x46\xb8\x31\x65\x3f\xec\xf1\x5a\x87\x20\xe3\x71" "\x85\x1a\x7f\x95\x5b\xfd\x2b\x58\x96\xfd\x2d\xc5\x1e\x5c\x32\xc2\xee\x82" "\x21\x33\xa3\x88\xd5\x2b\x2a\xd9\xd8\x54\x23\x0a\x47\x71\x7f\x3f\x39\xbd" "\x61\xc3\x10\x8e\x16\x8d\x5c\xd2\xbb\x0c\x62\xd1\x8e\xac\x09\x29\x4f\x7b" "\xef\xba\x90\x6a\x13\x0b\xde\x4f\x1d\x7f\xb4\xba\xff\x42\x70\x56\xfd\x75" "\xb0\xb7\x84\x69\x3e\x9e\xa7\x7e\xa1\xf4\xfa\xee\x52\x6b\x77\x4e\xc3\x0b" "\x90\x1b\x59\x9e\x96\xfa\x66\x5b\x32\x7f\xf1\xe6\x37\xbf\x49\x33\x9a\xd7" "\xb9\x02\x60\x00\x1e\xc3\xe9\x45\xf5\x90\xab\x53\x67\x6c\x7a\x4c\x49\x89" "\xc4\xba\xa3\xa5\xd0\x63\xd6\xf4\x21\x27\x76\x7d\x80\x48\x77\xd1\x6a\xa4" "\xb7\xf7\x11\x0a\xdd\xd5\x5e\xe4\x86\x67\x92\x6a\x02\xf7\xf8\x64\x9d\xf8" "\xa7\x09\x8f\x60\xc8\x0b\xfd\xe8\xf9\x96\x6b\xc2\x1d\xa3\xa5\xfa\x6a\x0b" "\x5e\x81\xb0\x9e\x20\xc4\xc9\x2b\x34\x3a\xe4\x37\xe4\x56\xb1\xb3\x3a\xa2" "\x98\x53\xac\x28\x2c\x80\xdf\x62\x00\xbf\xc0\xf2\x4d\xf4\xaa\x06\xb2\xed" "\xd7\x06\x09\x12\x05\x50\x30\xfa\x7e\x23\x11\xe0\xed\x8d\xca\x52\x2a\xce" "\x6f\x2f\x55\x03\x23\xe2\xd8\xff\xa1\xb0\xe8\xd4\x5c\x88\xc2\xb5\x83\xfd" "\x18\x63\xbb\xae\xd6\x34\x96\xdd\x71\x4b\xf2\x7c\x80\x06\x88\xfd\x7f\x02" "\xef\xb2\xb1\x91\xa7\x06\x51\xc7\x1c\x64\x2d\xd3\x53\xe6\xc6\x5e\xd6\x2c" "\x02\x3c\xa2\x25\x02\x60\x5b\x50\x98\x17\x25\xb0\x35\xbf\x2f\x89\x93\x8e" "\x12\x43\xe0\xc4\x2d\xe3\x6c\x78\xe1\xa7\x59\x73\xc0\xe6\xaf\xb4\x74\x40" "\x21\x2e\x41\xe8\x3a\xa2\x5a\x64\x2d\xb1\xdf\x18\x3d\xba\x49\xf0\x5f\xb1" "\xb5\xcf\x97\x9c\x5e\x34\xa2\xf9\x51\xdc\x8e\xfb\x8b\xa6\x78\xcf\x8f\xc2" "\x22\xc6\x05\x07\xe7\x31\x75\x7c\x17\xe5\x70\x7b\x7d\xfb\x2c\x61\xf8\x33" "\x4b\x04\xcb\x15\x56\x49\xb8\x99\xab\xe8\x09\x48\x99\x4f\x42\x6a\xe7\xf5" "\xe0\x60\x30\xd7\x68\xa7\x69\xbe\x50\x65\xf7\x30\x1f\xe2\xc8\x17\xbc\xf1" "\x12\x27\x63\x7b\x0e\x5a\xbc\x9c\x92\x1d\x14\x51\x3f\xa9\xf9\xad\xca\x8f" "\x92\x2f\xe2\x56\xa9\x37\x65\xdc\x25\xce\xaa\x4c\x19\x22\x40\x2c\x41\xbc" "\x28\x54\xbb\xa4\xa3\xc3\x13\xfe\x1e\xda\xec\x16\x5b\xe5\x17\x37\x1b\x72" "\xa7\x3f\x93\xd5\x32\xcc\xc0\x94\xee\xb5\x21\x50\x56\xd0\xf2\x84\xb5\xb1" "\x77\x40\xb2\x19\x17\xde\x1d\x6c\x4d\x88\x01\x7a\x41\x16\x0c\xf0\xd7\xa0" "\x8b\x00\x04\xbb\x65\x7a\xee\xd7\xac\xe9\x5a\xdd\x94\xd0\xdc\x56\x92\x68" "\x23\xc6\xb2\x92\xc0\x6c\x00\xdc\x1c\xd7\xf5\x22\xf8\x0d\x78\xcf\xd6\xc2" "\xb3\x8e\xe9\xd8\x71\x89\xec\x32\x43\xc0\x23\xaf\xa2\x99\x59\x04\xbc\x4d" "\x5f\x63\xcc\x01\xbd\x8a\xa7\xdb\x81\xad\xfb\x49\x1d\x42\xbc\x8b\x45\xc1" "\x83\x4c\xdf\xf0\x1b\xdd\x0a\xff\xd2\x9a\x0e\xec\x87\x3a\x5c\x18\x0f\xed" "\x54\xba\xf8\x52\x94\x81\xd5\x2c\xfd\xe2\x85\x11\x23\x65\x33\xbc\x4f\xa5" "\xed\x8b\x09\x4b\xcc\xc5\x62\x7c\x90\xd5\xbb\x40\x5f\xb0\x2f\x2f\x2f\x4e" "\xfb\xb9\x9c\xfb\x1b\x29\x12\x2f\xa3\xf5\xbc\x50\xa2\xd1\x3e\x8d\x8a\x43" "\xef\x54\x05\x07\x10\x2e\xe7\xe5\xf5\xc1\xc2\xfa\x64\xf9\x03\x29\xb9\x55" "\x75\xc6\x45\xfe\xe0\xe4\x91\x67\xea\xd9\x15\x4d\xda\xa8\xe7\xa4\x4b\x07" "\xb6\x64\x6f\xb3\x1b\x5e\x69\x60\xc5\x34\xea\x55\x29\xa5\x6c\x99\x47\x90" "\xa8\x31\xeb\xc4\xae\xd3\x3d\xe0\xf6\xae\x10\xc0\xa5\x64\x4e\x7a\x23\x5e" "\xef\x2b\x02\x1d\xe4\x66\xf8\x0b\x2f\x8d\x4b\x67\x64\xb0\xd0\xff\x8a\xe8" "\x9a\xf1\x67\xc8\x67\x0a\x53\xb2\x15\x37\x65\x58\x59\xd8\x47\x68\xda\xcf" "\x5a\x13\x96\xfd\xa8\x44\x83\x1a\xd6\x16\xd0\xea\x80\xa8\x84\xd1\x77\xd4" "\xfb\xd5\x88\x85\x97\x70\x7e\x82\x1d\x93\xd1\x16\xf4\xb8\x5f\x45\x6e\xfd" "\x1a\x5b\x93\x57\x01\x96\xca\xa5\xc3\xb2\x90\x56\x7a\x8d\x75\xa4\x36\xa5" "\x4f\xb6\x25\xb3\x4e\xa9\xcb\xbe\x7e\x97\x38\xf6\xad\xfa\xb6\xab\xab\x5e" "\x55\xec\x47\xdd\x86\xde\xe2\xaa\x18\x71\x2e\xac\x7b\x6a\x79\x72\x46\xdf" "\x6e\x1e\xc0\x25\xfd\xc8\xc5\x77\x66\xcd\xb5\x56\x98\x27\x4f\x43\xe9\x32" "\x4d\xa6\xcb\xc6\x05\xeb\xcf\x14\x87\x5d\x29\x7d\xe4\x74\xc3\xd4\xf7\xda" "\xc2\xa1\x6c\x0a\xef\x36\x1f\x20\xac\x29\xdb\x67\x01\xbd\x7c\x01\xd6\x31" "\x8f\x8a\x9e\x94\xd1\xc2\xab\x51\xe8\x41\xb9\x36\x84\xce\x94\x82\x95\x6c" "\x71\xf7\xbb\xd0\xfb\x5e\x7a\xd1\x15\x97\x99\x69\x01\xe4\x29\xa5\xe2\x3d" "\xcc\x14\xb9\xa2\x77\x25\x16\x1d\x9e\xdb\x58\x4a\x8b\xca\x1d\x72\x45\x45" "\xd8\xee\x00\x07\x41\xfd\xaf\xa6\x05\xe1\x30\x54\xf6\x0d\x1c\x2e\xad\x54" "\xcb\xbd\x0c\xc0\x16\x5b\x40\x2c\xcf\x6a\x41\xef\xe1\x5c\xc4\x71\x7a\xa5" "\xc3\xdb\xf7\x9b\x13\x0b\x66\x7e\xb5\x3b\x75\x17\x83\x2c\xc8\x94\x87\x39" "\xa7\xf4\xa6\xea\x57\x5f\xf9\x87\xed\x1b\xca\xd2\x28\x78\x7f\xbd\x53\x56" "\xc2\x97\x6c\xec\x31\xab\x4e\xe7\xed\x7d\xc8\xa1\xa6\x62\x19\x63\xfe\x2d" "\x09\xdd\xb1\x21\xa3\x33\xd1\xb1\x92\xbe\xaf\x5f\x4f\xfa\x6b\xb0\x5d\x03" "\x09\x82\xfb\x38\x36\x7f\x6d\x5d\x7b\xe1\xdc\xde\x25\x37\x96\x0e\x63\xa8" "\x71\xf6\x39\x3e\x6b\x46\x03\xa5\x7a\xbd\x43\x33\x49\xb0\x37\x60\x14\xce" "\x8a\xc9\xcb\xa2\x74\x48\x58\xc8\xf5\xef\x9b\xef\x11\xba\xad\x80\x26\xde" "\xed\x34\xb7\x1a\x07\x1a\x03\x91\x98\xa2\xcd\xf9\x35\xd8\x1d\x4a\xb9\x10" "\xaf\xe9\x0f\x69\x7e\xc0\xe8\xfe\xf9\x48\xe3\x5d\x1f\xdd\x0c\xce\x4c\x34" "\x5e\xe4\x0c\x06\x61\x8f\xba\x91\xcf\x78\x25\x68\x76\x3a\xca\xce\xbf\x39" "\x8c\x7d\x0d\x11\x37\x9a\xde\xee\x04\x67\xdd\x2e\x02\x3c\x83\x63\xbf\xaf" "\x60\xa0\x6c\x44\x92\xca\xbc\x82\x98\xd6\xe9\x24\x84\xee\x24\xf9\x36\xbd" "\x26\xb7\x69\xc9\xf6\x3e\xb4\x9b\x8b\x4a\xda\xee\x80\x45\xd5\x95\x16\xe9" "\x38\xa8\xc2\x68\xc3\xbc\x47\xa0\xae\xde\xd5\x34\x30\x2c\x0e\x93\x09\x38" "\x57\xbf\x83\x6e\xb2\xc9\x10\xb8\x2d\x7f\xba\x59\xad\x30\x43\xe7\x63\xd5" "\x9f\x61\x8b\xb9\x9c\xba\x95\x77\x05\x69\xa7\x6f\x90\xeb\xde\xc9\x2a\xa8" "\x79\x19\xa0\x91\xce\xbb\x38\x31\x07\xe1\x2b\x39\x23\x80\x36\x98\x2b\x9b" "\x1b\xbd\xb7\x87\xcb\x57\x42\x5a\x51\xbb\x80\x35\x0d\x70\xd2\x92\x27\xc8" "\x36\x3c\x0d\xff\x8b\xc2\xe1\x48\x97\x20\x2b\xb5\x1d\x9f\x8a\x51\x18\x50" "\x17\x55\x0e\x38\x0f\x47\xa0\x9a\x30\x3e\x5c\x06\xc9\x76\xcf\x8c\x00\xfd" "\x19\xb6\x5b\x86\x2e\x9f\x96\xc4\x1e\x4a\x0d\x55\x8c\x9d\x46\xdf\xad\xdf" "\xa5\x97\xe8\x61\xdf\x9b\x8d\xf5\xf0\xdc\x99\x6d\xc4\x96\xc4\x9a\x3f\x44" "\xf0\xa5\x61\x0a\xc8\x88\x31\xfc\xd3\x62\xd6\x07\x9f\xe8\x55\xc9\x2f\x1e" "\xe1\x83\xb5\x72\x9c\x9f\xc0\xf8\x4e\x5d\xa2\x2f\xed\x33\x14\x44\x90\x5a" "\x78\x17\xf2\xdc\x7b\x45\xfd\x0f\x8a\x71\x3d\x7a\xd7\x7a\x55\xbe\x17\x50" "\xad\xa2\xe4\xa4\xee\x3c\xbd\xb3\x04\x57\x61\x4b\x47\x4b\x4c\xc2\x61\x80" "\x2b\x84\x27\xc6\x6d\x21\x9a\x2a\xf1\x0c\xc6\x81\x09\x36\xca\x4f\xb4\x29" "\xe5\x06\xd1\xad\x15\x93\x46\xdb\xb3\x77\x70\x82\x25\x9d\x8f\xec\x50\xc5" "\xcb\x35\x0a\xe4\xd1\x9d\xd0\xc5\x79\xc3\xa2\x84\x10\x65\xbf\xcf\xc0\xe0" "\x55\xb4\x89\x40\x01\x3c\xa4\x37\x97\xa5\x3a\xc3\xec\x2b\x50\x69\x00\x3f" "\x45\xdd\xa6\xb5\xf8\x25\x23\x9e\x9e\xbf\x1d\xe7\xa7\x73\x83\x4a\x8e\x56" "\xee\x41\xc6\x17\xf4\xf8\xdb\x5a\x86\x55\xa4\x4d\x27\x03\x28\x23\x88\x77" "\x96\xdb\x41\x20\x9f\xe7\xdc\xc2\x64\x5e\x89\xfe\x0f\x4b\xf2\x1a\x30\xe9" "\xed\x68\xf5\x06\xa6\x4e\xee\x6d\x1e\xa6\xb9\x11\xc6\xef\x91\x14\x3a\x9e" "\x5d\x7e\xce\xcc\x90\x84\x50\x93\x73\x68\x2f\xb8\x77\x03\xfb\x70\x61\x26" "\xec\xfa\x84\x07\xd1\x25\x58\x57\x17\x16\x82\x72\xa1\xcf\xed\xf8\x8a\x78" "\x8b\xfc\xc7\x93\x15\xb0\x03\x86\xfe\xa7\x58\xef\x09\xa2\x4a\x76\xb7\x67" "\xcd\x11\xf5\x83\x63\x11\x6a\x18\x83\x9c\xac\x31\x65\xdf\x89\x9b\x21\x8c" "\x48\x9d\x7b\x5d\x65\x91\x51\xc1\xd7\x56\x07\xb1\x06\x13\x25\x27\x72\x80" "\x8b\x94\xff\xf3\xd4\x36\x0f\xc4\xf5\x34\x70\x9e\x3f\xc8\x43\xa2\x1d\xc9" "\x07\x70\x18\xa2\x91\x7f\x94\x00\xf6\x6a\x33\x2b\x36\x4f\x80\xfe\x66\x53" "\xdd\x64\x11\xc4\x26\xf5\xc0\xa3\xfa\xb7\x75\xaa\x1c\x75\x6b\x19\xa0\x48" "\x0f\x9c\x28\xde\x4e\xb5\x0b\x34\x70\x52\xa9\xff\xab\xce\x66\x31\xa3\xf0" "\x7c\x0a\x57\x9b\xae\x2f\x4d\x48\xd7\x9a\x94\x39\xfd\x2e\x02\x1e\x76\xf6" "\x69\x9e\xcf\x59\x1c\x67\x6e\x03\x79\x27\x9a\x56\x54\x9a\x63\x58\x70\xe2" "\x33\xbd\xc2\xde\xb4\x90\xda\x7c\x13\x47\x98\xd5\x7c\x44\x9f\x10\x3d\x79" "\x89\x42\xf1\x7a\x8b\xa0\x05\x74\x3e\xb1\xef\x9c\x3f\xdc\xf5\xe9\x6c\xec" "\xdf\xd0\x18\x44\xba\x17\x55\xcf\x14\xeb\x55\x6d\x96\xe1\xbe\x93\xba\xa5" "\xe3\x41\xa1\x1a\xe7\xaf\x5f\x53\x7f\x32\x54\x81\x7b\x59\x73\x52\xa9\x2d" "\xcf\xd0\x16\x62\xe8\x76\x3c\x21\x6f\x2f\x5c\x9d\x11\xa8\xd1\x18\x95\xca" "\x2b\x99\x58\xf4\xdb\xaf\x40\xf4\xa6\x8f\xef\x43\xb2\x9e\x2f\x58\x56\xb9" "\x50\xcc\xd3\xdc\xb8\x47\xc8\x22\x21\xd6\x18\x26\x6f\x8f\x2b\x16\xa2\xd6" "\x38\x99\xb0\x65\x32\x21\x38\x80\xb0\xf4\x69\x9b\xed\xc3\x86\x74\x18\x99" "\xe2\xc2\x27\x79\xdc\xd8\x63\x2f\x08\x21\x4e\xd8\x53\x21\x67\x61\x9a\x53" "\xc6\x08\x44\xaa\xdf\x0d\x48\x61\xd3\x55\xa4\xa3\x13\x15\x36\x28\x2a\x23" "\x3e\xab\xbf\xf7\x4c\xb2\x0f\x55\x16\x59\x9a\x36\xaf\x24\xd0\x97\x5a\x48" "\x87\x97\x4f\xb1\xc7\xe8\xcb\xc6\xdd\x15\x6c\x2a\xd6\x56\x2e\xd1\xe8\x08" "\xb9\x60\x41\x5d\xfa\xca\x0d\x3b\xe9\x20\x79\x01\xad\x22\x17\x9e\xaa\xe2" "\x77\xa1\x00\x06\x7b\x95\x16\x85\xaa\xa2\x07\xef\xeb\x41\xdb\xe2\xd3\xf0" "\x5a\x34\xaa\x6e\xf5\x31\xa5\x64\xb2\xba\xc6\xdb\xa8\xc6\xdb\x7b\x61\xd1" "\x7a\x0a\x0d\x25\xc9\x88\x60\xbd\xc7\xa5\xcc\xc8\x71\x7d\xdb\x4e\xf1\xb4" "\xa4\x84\x54\x3d\xb9\x61\xfc\xb0\x3e\x95\x61\x8e\x76\xbb\xd1\x49\xc1\xc6" "\x87\x3c\xb1\x59\x93\xba\xc9\xca\x7c\x14\x9e\xd4\xcb\xaa\x22\x20\x21\xbf" "\xd0\x5f\xdc\x7a\xe6\xdc\xdd\xd3\xdb\xb0\xbd\x80\x71\x9a\x5f\x21\x0f\x6b" "\x77\xcd\xcc\x6e\x8f\x33\x4a\x90\xea\xbf\x6c\xfd\x85\x4b\xde\xd8\xc0\xc6" "\x10\x71\x24\xb1\xee\xfd\x41\x03\xb3\x68\x18\x2e\x07\x85\x1e\xf3\xbf\xcf" "\x40\x33\x7b\xb4\x2a\x5c\xda\xc8\x93\xbb\x3c\x52\xbf\x06\x8e\x64\x95\xd1" "\x65\x91\x43\x57\x3f\x6a\x77\xf8\x11\xc9\x95\xea\x93\xc7\x1a\xbc\x90\x17" "\xf8\x69\x2d\x56\x2b\x56\x31\x53\xdc\x5f\x9f\x6a\x48\x3a\xd2\xd8\x28\x39" "\x86\xf3\xaa\xde\x1f\xc7\x1c\x80\xdc\x36\x5a\x5e\xce\x2f\x9f\xda\xa8\x4b" "\xd9\x2e\xaa\x3c\x52\x17\xe7\x55\x55\x5a\xcb\xce\xc1\x67\x47\xa5\xa7\x34" "\xa8\xc4\x60\x0b\x34\xfc\xe2\x2d\xc7\x55\x61\xff\xa1\xb5\xc7\x52\xb3\x93" "\x63\x3a\xc9\x90\xb6\x49\x0e\x00\xde\x33\x63\x5b\xa0\x04\x95\xad\x15\xec" "\xd4\xb9\xa7\x6d\xd5\x70\xa5\xbb\x5d\x5a\x28\xc8\x6c\x0e\x5f\x04\xe3\x6d" "\x61\x68\xf0\x51\x9f\xde\x99\x2b\x80\x25", 4096); *(uint64_t*)0x20001548 = 0x1000; *(uint64_t*)0x20001550 = 0; *(uint64_t*)0x20001558 = 0; *(uint64_t*)0x20001560 = 0; *(uint64_t*)0x20001568 = 0; *(uint64_t*)0x20001570 = 0; *(uint64_t*)0x20001578 = 0; *(uint64_t*)0x20001580 = 0; *(uint64_t*)0x20001588 = 0; *(uint64_t*)0x20001590 = 0; *(uint64_t*)0x20001598 = 0; *(uint64_t*)0x200015a0 = 0; *(uint64_t*)0x200015a8 = 0; *(uint64_t*)0x200015b0 = 0; *(uint64_t*)0x200015b8 = 0; syscall(SYS_writev, r[0], 0x20001540ul, 8ul); } int main(void) { syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul, 0ul); for (procid = 0; procid < 6; procid++) { if (fork() == 0) { loop(); } } sleep(1000000); return 0; }