// https://syzkaller.appspot.com/bug?id=c82773a3bdc9c1074543b9da0e865b945a3e9ef0 // autogenerated by syzkaller (http://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include __attribute__((noreturn)) static void doexit(int status) { volatile unsigned i; syscall(__NR_exit_group, status); for (i = 0;; i++) { } } #include #include #include #include #include #include #include #include #include #include const int kFailStatus = 67; const int kRetryStatus = 69; static void fail(const char* msg, ...) { int e = errno; va_list args; va_start(args, msg); vfprintf(stderr, msg, args); va_end(args); fprintf(stderr, " (errno %d)\n", e); doexit((e == ENOMEM || e == EAGAIN) ? kRetryStatus : kFailStatus); } static void exitf(const char* msg, ...) { int e = errno; va_list args; va_start(args, msg); vfprintf(stderr, msg, args); va_end(args); fprintf(stderr, " (errno %d)\n", e); doexit(kRetryStatus); } static __thread int skip_segv; static __thread jmp_buf segv_env; static void segv_handler(int sig, siginfo_t* info, void* uctx) { uintptr_t addr = (uintptr_t)info->si_addr; const uintptr_t prog_start = 1 << 20; const uintptr_t prog_end = 100 << 20; if (__atomic_load_n(&skip_segv, __ATOMIC_RELAXED) && (addr < prog_start || addr > prog_end)) { _longjmp(segv_env, 1); } doexit(sig); for (;;) { } } static void install_segv_handler() { struct sigaction sa; memset(&sa, 0, sizeof(sa)); sa.sa_handler = SIG_IGN; syscall(SYS_rt_sigaction, 0x20, &sa, NULL, 8); syscall(SYS_rt_sigaction, 0x21, &sa, NULL, 8); memset(&sa, 0, sizeof(sa)); sa.sa_sigaction = segv_handler; sa.sa_flags = SA_NODEFER | SA_SIGINFO; sigaction(SIGSEGV, &sa, NULL); sigaction(SIGBUS, &sa, NULL); } #define NONFAILING(...) \ { \ __atomic_fetch_add(&skip_segv, 1, __ATOMIC_SEQ_CST); \ if (_setjmp(segv_env) == 0) { \ __VA_ARGS__; \ } \ __atomic_fetch_sub(&skip_segv, 1, __ATOMIC_SEQ_CST); \ } static uint64_t current_time_ms() { struct timespec ts; if (clock_gettime(CLOCK_MONOTONIC, &ts)) fail("clock_gettime failed"); return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000; } static void use_temporary_dir() { char tmpdir_template[] = "./syzkaller.XXXXXX"; char* tmpdir = mkdtemp(tmpdir_template); if (!tmpdir) fail("failed to mkdtemp"); if (chmod(tmpdir, 0777)) fail("failed to chmod"); if (chdir(tmpdir)) fail("failed to chdir"); } static void remove_dir(const char* dir) { DIR* dp; struct dirent* ep; int iter = 0; retry: dp = opendir(dir); if (dp == NULL) { if (errno == EMFILE) { exitf("opendir(%s) failed due to NOFILE, exiting"); } exitf("opendir(%s) failed", dir); } while ((ep = readdir(dp))) { if (strcmp(ep->d_name, ".") == 0 || strcmp(ep->d_name, "..") == 0) continue; char filename[FILENAME_MAX]; snprintf(filename, sizeof(filename), "%s/%s", dir, ep->d_name); struct stat st; if (lstat(filename, &st)) exitf("lstat(%s) failed", filename); if (S_ISDIR(st.st_mode)) { remove_dir(filename); continue; } int i; for (i = 0;; i++) { if (unlink(filename) == 0) break; if (errno == EROFS) { break; } if (errno != EBUSY || i > 100) exitf("unlink(%s) failed", filename); if (umount2(filename, MNT_DETACH)) exitf("umount(%s) failed", filename); } } closedir(dp); int i; for (i = 0;; i++) { if (rmdir(dir) == 0) break; if (i < 100) { if (errno == EROFS) { break; } if (errno == EBUSY) { if (umount2(dir, MNT_DETACH)) exitf("umount(%s) failed", dir); continue; } if (errno == ENOTEMPTY) { if (iter < 100) { iter++; goto retry; } } } exitf("rmdir(%s) failed", dir); } } static void test(); void loop() { int iter; for (iter = 0;; iter++) { char cwdbuf[256]; sprintf(cwdbuf, "./%d", iter); if (mkdir(cwdbuf, 0777)) fail("failed to mkdir"); int pid = fork(); if (pid < 0) fail("loop fork failed"); if (pid == 0) { prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); setpgrp(); if (chdir(cwdbuf)) fail("failed to chdir"); test(); doexit(0); } int status = 0; uint64_t start = current_time_ms(); for (;;) { int res = waitpid(-1, &status, __WALL | WNOHANG); if (res == pid) break; usleep(1000); if (current_time_ms() - start > 5 * 1000) { kill(-pid, SIGKILL); kill(pid, SIGKILL); while (waitpid(-1, &status, __WALL) != pid) { } break; } } remove_dir(cwdbuf); } } long r[38]; void test() { memset(r, -1, sizeof(r)); r[0] = syscall(__NR_mmap, 0x20000000ul, 0xfff000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); r[1] = syscall(__NR_socket, 0x26ul, 0x5ul, 0x0ul); NONFAILING(*(uint16_t*)0x20408000 = (uint16_t)0x26); NONFAILING(memcpy( (void*)0x20408002, "\x61\x65\x61\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 14)); NONFAILING(*(uint32_t*)0x20408010 = (uint32_t)0x0); NONFAILING(*(uint32_t*)0x20408014 = (uint32_t)0x0); NONFAILING(memcpy((void*)0x20408018, "\x70\x63\x72\x79\x70\x74\x28\x67\x63\x6d\x28\x61" "\x65\x73\x29\x29\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00", 64)); r[7] = syscall(__NR_bind, r[1], 0x20408000ul, 0x58ul); r[8] = syscall(__NR_socket, 0x26ul, 0x5ul, 0x0ul); NONFAILING(*(uint16_t*)0x20269000 = (uint16_t)0x26); NONFAILING(memcpy( (void*)0x20269002, "\x61\x65\x61\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 14)); NONFAILING(*(uint32_t*)0x20269010 = (uint32_t)0x4); NONFAILING(*(uint32_t*)0x20269014 = (uint32_t)0x0); NONFAILING(memcpy((void*)0x20269018, "\x70\x63\x72\x79\x70\x74\x28\x67\x63\x6d\x5f\x62" "\x61\x73\x65\x28\x63\x74\x72\x28\x61\x65\x73\x2d" "\x61\x65\x73\x6e\x69\x29\x2c\x67\x68\x61\x73\x68" "\x2d\x67\x65\x6e\x65\x72\x69\x63\x29\x29\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00", 64)); r[14] = syscall(__NR_bind, r[8], 0x20269000ul, 0x58ul); NONFAILING(*(uint64_t*)0x20166000 = (uint64_t)0x0); NONFAILING(*(uint32_t*)0x20166008 = (uint32_t)0x0); NONFAILING(*(uint64_t*)0x20166010 = (uint64_t)0x208f0f90); NONFAILING(*(uint64_t*)0x20166018 = (uint64_t)0x7); NONFAILING(*(uint64_t*)0x20166020 = (uint64_t)0x208ef000); NONFAILING(*(uint64_t*)0x20166028 = (uint64_t)0x0); NONFAILING(*(uint32_t*)0x20166030 = (uint32_t)0x0); NONFAILING(*(uint64_t*)0x208f0f90 = (uint64_t)0x208ea000); NONFAILING(*(uint64_t*)0x208f0f98 = (uint64_t)0x0); NONFAILING(*(uint64_t*)0x208f0fa0 = (uint64_t)0x2039b000); NONFAILING(*(uint64_t*)0x208f0fa8 = (uint64_t)0x0); NONFAILING(*(uint64_t*)0x208f0fb0 = (uint64_t)0x20536f37); NONFAILING(*(uint64_t*)0x208f0fb8 = (uint64_t)0x0); NONFAILING(*(uint64_t*)0x208f0fc0 = (uint64_t)0x208ebfe6); NONFAILING(*(uint64_t*)0x208f0fc8 = (uint64_t)0x0); NONFAILING(*(uint64_t*)0x208f0fd0 = (uint64_t)0x208ec000); NONFAILING(*(uint64_t*)0x208f0fd8 = (uint64_t)0x1000); NONFAILING(*(uint64_t*)0x208f0fe0 = (uint64_t)0x208ed000); NONFAILING(*(uint64_t*)0x208f0fe8 = (uint64_t)0x0); NONFAILING(*(uint64_t*)0x208f0ff0 = (uint64_t)0x20846f82); NONFAILING(*(uint64_t*)0x208f0ff8 = (uint64_t)0x0); NONFAILING(memcpy( (void*)0x208ec000, "\x34\xee\xf2\xa4\xf2\xaf\x4e\xf2\xf8\x82\xa8\xb3\x81\xc8\x30\x62" "\x1d\x90\xa8\x02\xe0\x62\xcf\x34\xcf\xa5\x26\x79\xc2\x77\x96\xb9" "\x89\x7e\x9d\x1d\xa3\x5e\xd9\x78\x84\xc2\xbd\x89\x5f\xdf\xaa\xdc" "\x90\xe9\x58\x90\x31\xdc\xe2\x32\x31\xc6\xe5\xa3\xfa\x1d\xfb\x36" "\x76\x04\x82\xb0\xb3\xad\x98\xf0\x94\xe3\x09\xc3\x5f\x0b\xc2\x01" "\x9c\x8f\xad\x58\xd3\x43\x20\x4e\x75\x95\xd8\x5c\xf2\xf7\x41\x07" "\x59\xbf\x49\xe5\x79\x65\x8d\x2f\x6c\x97\x2c\x17\xad\x1c\xd2\xa2" "\x52\x6f\xd3\xf9\xf2\x64\xb7\x27\x18\x90\x88\x27\x1e\x59\x9b\x00" "\xc7\x01\x1f\x49\x1f\x30\xf0\xe8\x57\x47\x68\x66\x3e\x3d\xa9\x48" "\xbf\xf8\x45\x8d\xa1\x8c\x44\x0c\x0a\xf4\x0c\xb2\x91\xae\xb4\x0c" "\x57\xc1\x99\xc8\xf6\x69\x38\x03\x25\xae\xb7\x63\x44\xf5\x39\x9b" "\xa2\xe4\x4a\xe8\x32\x16\x95\x6c\x09\x6e\xe7\x7d\xda\x53\x4b\x30" "\x39\xce\x8a\x84\x62\x72\x8a\xad\x27\x85\x9e\xd4\x7a\xef\x1b\x9e" "\x29\x27\x18\x02\x2c\xd0\x2a\xea\x3b\x11\x1f\x21\xd3\x9f\x9b\x7e" "\xa4\x35\x87\x36\xb9\x1a\x1c\xdb\xe6\x37\x95\x45\x82\x6d\x34\xa3" "\xb1\xed\x60\xcf\x3b\xd1\x7f\xa8\x6f\x15\x08\x14\x40\x09\x8b\xd7" "\xb6\xb6\x04\x8b\x9a\x75\x9a\x96\x27\xae\x41\x02\xf1\xe1\x6c\x89" "\x07\x58\x46\x04\xd4\xca\x5e\x6f\x47\xa0\x51\x49\xd6\x98\x9e\x0d" "\xca\x33\x3f\x35\xd3\xe6\x1c\x3c\xb5\x56\xa3\x27\x8e\x15\x43\x8f" "\x14\x4f\x1c\x3c\x3e\x58\x24\xb7\x86\x4e\xd0\xc6\x50\x09\xd0\xb3" "\xc7\x38\xb0\xf4\xbf\x77\xc3\x46\x83\x85\x8c\xd4\x43\xdc\x97\xe4" "\x5f\x36\xb5\x31\xab\xea\xd1\x66\x88\xcd\xfa\xf6\x57\x23\x94\x0a" "\x76\x5b\x87\xf5\x0b\x9a\x8b\x6c\xc0\x35\xa9\x80\x1f\x06\x53\x47" "\xd0\x74\xad\x5b\xe6\xce\xa8\xbd\x25\x25\xb8\x7a\x72\x33\xa0\x76" "\xcd\x6f\x0a\x64\x08\xea\x99\xe3\xbc\xd8\xfe\xd4\xee\x78\xc1\x30" "\x05\xd2\x80\xcf\x05\xaa\x52\xa4\x2f\xcd\x75\xeb\xfc\x53\x48\x6d" "\x4f\xb9\xf2\x95\x6b\x8f\x92\xe3\x21\x40\x2c\xc9\xbb\xea\x70\xd5" "\x0c\x46\xd8\x48\xad\xcd\x08\x95\x3c\x67\xdf\xa2\xe2\x36\x30\x02" "\xa3\xc8\xe7\x0b\xb1\x94\x2a\x24\x82\x97\x5f\xc7\xf8\x84\x3b\xcb" "\xa5\x8f\xda\x77\x7b\x60\xe7\x5c\xed\x9b\x48\x8f\xaa\x83\xe2\x73" "\x9a\xaa\x28\xf2\xd9\x10\xb7\xfa\x20\x3c\xe7\x86\x9e\x6f\x58\xb6" "\x9a\xd3\x36\x36\x5c\x77\x2e\xe3\x14\x1c\x8c\x12\xd0\xe5\x96\x26" "\xd4\x1a\x2f\xdf\x2b\xb5\xe8\xb1\x47\x40\x01\x07\xdc\xe9\xac\xb0" "\xeb\x4f\x74\xae\x4e\x2a\xf7\x0d\x6c\xb0\x6a\x11\x56\x68\x1e\x8a" "\x49\x13\xf4\x85\x70\x28\xb8\x80\x79\xf2\xc4\xbc\x47\xe3\xde\x5f" "\x63\x7f\x1d\x2e\x12\x32\x76\xd4\xbc\xeb\xef\x6b\xec\x7a\x3b\x5d" "\x7a\x4d\x7e\xa9\x69\xfb\x1f\xb3\x00\x32\xac\xd1\x35\x1a\xf5\x68" "\x91\x7b\x55\x6f\xb8\x14\xd5\x92\x39\x1d\x6d\x6d\x30\x40\x93\xcc" "\xd2\x52\xda\xa7\xe1\xf9\xdc\xc9\xe9\x30\x80\x7b\xbf\x88\x85\xb1" "\x9b\x1e\x5d\x67\x57\xdb\xce\x5a\x11\xe7\xae\x6c\xf7\xb5\xbf\xdc" "\xc5\x6e\x92\x50\xb9\xc0\x47\x2d\x80\xe3\xaf\x18\x59\x1c\x10\x31" "\x60\x25\x00\x3c\x41\xea\x1d\xcb\xaa\xa1\x7c\xf8\xf1\xea\xaf\x37" "\x34\x87\x82\x34\x7d\x9e\x9b\xe7\x88\x39\x90\xd5\xf6\xbf\x54\xe4" "\xfd\xfc\x12\xc5\xd8\x8b\xde\xed\x79\xfa\x9c\x1e\xc0\xfd\xf1\xca" "\x95\x55\x2c\x52\xae\x3b\xfd\x74\x2d\x69\x7e\x8d\xbf\xb4\xd9\x82" "\x71\x77\xc1\xd9\x70\x69\xbb\x42\xb4\x0a\xbf\x7e\x20\x94\x85\x02" "\xcc\xc5\xd9\xfa\xa7\x6c\x49\x3f\xa3\x55\x01\x86\xcc\x53\xcb\xa1" "\x6b\xe0\x37\xca\x7f\x1d\x1c\xc1\xef\x2c\xef\x78\x35\x53\x7b\xb0" "\x77\x34\x9b\x2d\xa0\x95\x7a\x53\x91\xcb\x7f\xd1\x07\x09\x81\x39" "\x0a\x1e\x03\x61\xf6\xc1\x22\xf1\x20\x2e\xbe\xdb\x5a\x27\x19\xe5" "\x7e\x76\xd3\xd7\x21\xd8\xd8\x1e\x92\x0a\x84\xe4\x00\x71\x07\x48" "\xb2\x61\x16\x20\x55\x9a\x13\xf3\x91\x99\x14\x97\x5c\xe3\x61\x82" "\x94\xea\xb6\xd7\x48\x2e\x0d\x5d\x0c\x51\x31\x71\xd9\x21\x1d\xed" "\x4a\xdb\x1d\xb9\x7a\xe9\xa3\x8e\xc9\x09\x46\xec\xdb\xc0\xf1\xac" "\x1f\x95\x06\xef\xe4\x53\xab\xfd\x41\x7b\x20\x5e\x4f\x9c\xca\x9a" "\x24\x19\x56\xaf\x72\x3f\x69\x23\x6a\x3a\x79\x57\x13\x5d\x95\x50" "\xe5\xda\x54\x31\x4e\x74\x17\x84\xb0\xb5\x0e\x3c\x81\x3a\x45\xd4" "\x2b\xe2\xaa\xd0\xa8\xdd\x77\xcd\x7b\x50\xa9\xff\x22\x2a\xcf\xd7" "\x69\x11\x1a\xbf\xb3\x04\x30\xa0\x51\x36\x76\xc0\xd5\x89\xce\x0e" "\x6e\xe9\xb8\x2d\x1e\x4e\x04\x23\xb4\x82\x2f\xe8\xf8\x8b\xca\xca" "\x40\x84\xf2\x1e\x5f\x64\xf8\x9e\x23\x23\x7a\xbc\x24\x13\x45\xc1" "\x3e\x42\xb0\x12\x21\x57\xf9\x22\x9a\xe6\xe3\xf0\xc0\x60\x2b\xa6" "\xf2\x7c\xdb\xc9\xc3\x09\x4c\x78\x1b\xb2\xde\xad\xf7\xe2\xc4\x8a" "\xd4\x4d\x95\xde\xa5\xf9\x10\x78\x0d\x19\x40\xfe\xd9\x15\xc1\x1a" "\x5b\x5e\x75\xa2\x5a\xf7\x01\x3e\x02\x1b\xf5\xab\x62\xa6\x29\x87" "\xf6\x50\x7c\x49\xfb\xa8\x2b\xb7\xba\x71\x6e\x62\x08\x38\x0c\x24" "\x01\xf2\x2a\xb4\xf6\x20\xe5\xa4\x89\x80\xf5\xb6\x60\x96\xf2\xbe" "\x75\x59\xed\x4f\x37\x09\x35\xc5\xb9\xdb\x9a\x2f\x68\xe3\xe4\xa2" "\xf2\xdb\x54\xef\x30\x0d\x95\x34\x30\x78\x20\xb3\x07\xb4\x9a\xfc" "\x55\xca\x21\x12\x4f\x76\x12\x22\x79\x98\x64\x01\x57\x70\x47\xf2" "\x07\x79\xba\x48\x6f\x63\x9a\xea\xcf\xca\x11\x22\xd5\x87\x70\xdd" "\xfb\x93\x44\x55\x1a\xdc\x61\x17\xad\xab\x8c\x76\xc6\x6e\x27\x13" "\xae\x18\x9e\xc6\xd8\x2a\xbf\xe2\x15\x2e\xf7\xc1\x3a\xf1\xbc\xf8" "\xcf\x03\x08\x66\x63\xc4\x49\xd3\x6f\x9f\x21\xfa\xb7\xbc\x98\xbf" "\x21\xa9\x8b\x14\xcb\xc7\x91\x78\xff\x27\x22\xde\x19\x18\x93\x61" "\x52\xbe\x80\xd3\xd3\x89\x96\x6a\xbe\xbe\xa4\xa7\x00\x69\x55\xa1" "\x61\x49\x91\x9a\x27\xfa\x18\xee\x54\x35\xfe\xee\x70\x7e\x3c\x65" "\xe9\x9e\xec\x4a\xf9\x2e\xbe\x0a\x85\xd1\x8f\x72\x72\xe4\xf0\x0a" "\x2f\xd0\x93\x6a\xd3\x68\x84\x79\x06\x4a\xff\x3c\x0d\xd0\x91\x8c" "\xcc\xf2\xb8\x1c\xb4\xe1\xd4\xf6\x1a\x98\xab\xd0\x97\xa6\x1a\xf9" "\x11\x57\x81\x12\x7c\x40\xe0\x98\xb2\x9e\xee\x37\xbe\x2e\xfa\xbe" "\x17\x6d\x24\x4e\x2e\x38\xe5\x7b\x39\x9f\x39\xb6\xa8\x54\x71\xbe" "\xdd\x23\xa3\x2b\x84\xf8\x1d\x58\x20\x38\xfe\x2d\x17\xe1\xbb\x7e" "\x9b\xc3\xcb\x9a\x1d\xb2\x63\x9a\xaf\x48\xfe\x16\x4b\xe5\x98\xbf" "\x83\x4e\x54\x95\xc7\x81\x48\xd8\x1b\xbb\x62\x67\x83\x33\x84\x50" "\x83\x29\xa5\xd3\x0d\x4d\xce\x84\x60\x20\xf1\x56\x06\x83\x64\x12" "\x30\xf1\xf7\xc1\xa7\xc9\xca\xa4\xed\xf9\x6a\x6c\x0a\xd8\xa9\x51" "\x11\x0a\xdb\xb1\x0a\x92\x54\xba\x18\x8d\xa6\x6b\x4a\xef\x6d\xef" "\x54\xcf\x6a\x65\x2d\xf2\xfb\xf4\x22\x32\x8f\x8d\xe7\xce\xb6\xda" "\x75\xc4\x39\xf4\x61\xec\x1e\x50\x7c\x2a\xc6\x53\xa4\x9c\x74\x50" "\xe3\x86\xda\x50\x95\x71\x22\x55\x25\xa1\x11\xfa\x1b\xd4\xa9\xe3" "\x9b\x3e\x63\x06\xfd\x6f\x56\x5b\x82\x46\x14\xfd\x9f\x0b\xc4\xb2" "\xf7\x59\xae\x65\x26\x7e\x86\xd7\xe5\xde\x1c\xf3\x44\xca\x04\x7a" "\xba\xb7\xf8\x04\xd9\x90\x1e\x82\x28\xcd\x8c\x11\x4b\x06\xce\x21" "\x3f\x3d\xcf\x3a\xbf\x10\xb2\x6f\xbf\x94\x0e\x00\x00\x00\x00\x00" "\x00\x00\x01\x3b\x48\x4a\x35\x00\xca\xaf\x49\x21\x67\xdd\xa7\xfa" "\x9e\xe6\xb2\x6b\x21\xe5\x81\x25\x2d\x90\x58\x81\x5a\x66\xb5\x88" "\xe3\xca\x84\xa0\x61\x81\x64\x95\x1a\xe1\x87\xe6\xc2\x88\xf8\x3a" "\x43\x09\x8c\x83\xb3\x26\xd7\x08\x9e\xb4\x5b\x5d\xca\xed\x15\xaf" "\x01\x8e\x36\xc4\x82\x7d\x1b\xb8\x3f\x03\x29\xbe\x8d\x42\x87\xad" "\xfa\x77\x8d\x8f\xa4\x69\x2a\x7e\x4d\x8d\xf5\xf5\xf9\x10\x70\x6d" "\x0d\x18\x2d\xf9\x8e\xcb\xfa\x56\xf1\x5b\xba\x3b\x7d\x45\x4e\xe0" "\xae\xf9\xcc\xff\xcb\x0f\x8b\xd0\x9f\x56\xcb\x54\xfd\x2f\x0b\x5b" "\x62\xad\x3b\xf3\x6a\xd2\x81\x84\x15\x5c\x5b\x72\xa4\x17\xfd\xaa" "\x44\x3b\xbe\xd1\xd2\xf0\x37\xdd\x3b\x0e\x44\x07\x01\x3c\xae\xe2" "\x49\x42\x1e\xa2\x6e\x62\xb8\xb5\xcf\xbc\x61\xf8\x70\xcc\x70\xa8" "\xb5\xca\xb3\x6a\x02\xf6\x20\x4f\xc9\x9c\xdd\xcd\x08\x3f\x98\xca" "\x1b\x04\x98\x29\xc7\xa8\x93\x9c\xee\x89\xa2\x68\x6a\x63\xc7\xb1" "\x5d\x55\x87\xd3\x69\x98\x59\x25\x26\x93\x69\xea\x85\x10\xe9\xbf" "\x46\x3c\xae\xc8\x42\x87\x96\x33\x83\x72\x54\xe3\x61\x6b\xde\xb2" "\x92\x59\x7e\xd1\x2e\x99\x73\x34\xb0\x20\x8e\xc7\x03\x08\xfe\x9e" "\x24\x47\xa4\x33\xff\x08\xe4\x22\x0e\xe1\x8f\xc5\xcd\x45\x77\xd9" "\xc5\x78\xef\x6d\x03\xda\xc3\x35\x28\xed\x8e\x63\x39\xfa\x3f\xfa" "\xb9\x1f\xb9\x86\xf5\xb8\x4f\x3f\xe3\xd1\x38\x58\xea\xaf\x07\x16" "\xd1\x74\x65\xab\x9a\x79\x6f\xb8\xca\x18\xd0\xf7\x64\xff\xed\xe2" "\xd9\x2f\x54\x85\xb2\x71\x30\x5c\xd9\x2d\x26\xcd\x42\xba\xf8\x45" "\x80\x94\xf9\x09\x2c\x06\xf7\x21\x02\x3e\x40\x37\x8f\x1e\xcf\x54" "\xa0\xb2\x94\x41\x70\x78\x60\x44\x16\xf8\x5e\x8d\x9c\x13\x09\x82" "\xc4\x8f\x2b\xaa\x3a\x6f\x64\xac\xf4\xe0\x93\x78\x69\x77\x04\x65" "\x4e\xd3\x48\xfa\x38\xb0\x8a\xc5\x70\xd9\x0c\x73\xa8\x6e\xee\xe8" "\x7f\x06\xd8\xbf\xeb\x88\x2b\xa1\xbd\x14\x89\x72\x54\x5f\x95\x99" "\x6d\x0f\xd6\xdc\x84\x35\x8a\xe6\x25\x39\x25\x8f\xed\x9a\xfc\x31" "\x30\x9d\xd7\xd9\x24\xb7\x3b\xd3\x71\x31\x24\xe5\x2b\xf5\x1d\xf3" "\xd2\x5b\x9e\xc0\xb7\xd0\x7b\x81\x6f\xba\xf3\xe3\x50\x6c\x51\xc8" "\xbc\x13\xc6\x40\xf3\x91\x4c\x81\x95\x59\xf6\xad\x40\x14\xb5\xd8" "\xbc\x38\x07\x92\x66\xbe\x53\x72\xb2\xcc\xff\xb3\xda\xf2\xff\x3d" "\x8f\xb0\xa1\xdc\xba\x3d\x7b\xb9\x65\x13\xff\x3c\xb1\x18\x46\x53" "\x76\xcc\x4e\xe0\xbd\x4d\xea\xef\x5e\x76\x73\x33\x63\x78\x59\xe2" "\x24\xff\x98\x3a\xa5\x21\x5d\x0a\xc3\x1f\xdc\xab\x9a\x77\x28\x12" "\x18\x29\x7f\xed\xdc\x59\x35\x45\x7c\x3d\xea\x2e\x6f\xfd\xac\x36" "\x54\x67\x85\xe0\x04\x7c\x8f\x35\x1e\x00\xc5\x7c\x22\xee\x2a\xc2" "\xce\xca\x78\x3e\x3b\xb9\xfb\x98\x86\x57\x2a\x1c\xfe\x33\x20\x2c" "\x20\xa8\x69\x13\x96\x65\xe0\xf0\xf1\xe7\x3e\xd3\x85\xfa\xd6\xe5" "\x1f\x17\xd0\x42\x54\x62\x07\xc1\xd1\x4c\x5f\xa7\x14\x37\x19\x6e" "\x3a\x53\x1e\xb5\x27\xf2\x9e\x8d\xd5\x6e\x7a\xb8\xf4\x51\x9b\xed" "\x4d\x49\x2f\x8c\x2b\x9f\x05\x7f\x8e\x7b\xc7\x55\x01\x62\xb2\x47" "\x6f\xda\x56\xfb\x20\x0f\xb8\x29\x79\xcb\x37\xd7\x61\xbd\x1d\xf0" "\x77\xb5\xca\x5a\x3d\x06\x41\x6b\xa5\xe7\xd3\x17\xb5\xdc\x0d\x8f" "\x11\xfa\x9f\x7a\x46\xae\xb4\xd7\x73\x1b\x2f\x1e\x9f\x5d\x08\x09" "\x4a\x5d\x97\x66\xa5\x1e\x0d\x2d\x2f\x2b\x6d\xa1\x2a\x79\xd6\xcc" "\xed\x9f\x5b\x69\xd0\x43\xa1\x1b\xd7\x3a\x0e\xf0\x13\x5c\xc8\xb3" "\x75\xf7\x06\x31\x13\x74\x16\x61\xdd\xf1\xcb\x9a\xc4\x3e\xbf\xf9" "\x13\x7a\x0a\xda\x82\x9d\x9b\x8e\x80\xf6\xd4\x01\xf0\x88\xd4\x49" "\x7f\xad\x53\x10\x3f\x72\xf2\x4b\x75\xc7\x0b\x70\x09\x22\xc1\xfb" "\x1d\x2a\x36\x50\xd7\xdd\x9c\xb3\x8c\x3b\x44\x7b\x72\xfb\x42\x74" "\xe7\xbd\x29\x60\xe2\x39\xbd\x4c\x94\x66\x87\x47\x0e\x61\x28\x85" "\x68\xa0\xfd\xe8\x85\x36\x7f\x5b\xd9\xe5\x27\x70\x3e\x58\xbd\xf2" "\x72\x03\x2f\xc7\x67\x9b\xb0\x13\xa7\x73\xe3\x27\xe8\x00\xa0\xbc" "\x1c\x4c\x9b\xa7\xd8\xaf\xed\xac\xb8\x15\x1e\x2e\x24\xfd\xd1\x45" "\x74\xc4\xdc\x68\x1b\x7a\x87\xef\xd1\x80\xac\x0b\x19\xfc\xd4\x9c" "\x5e\x0f\x8f\xd3\x1c\x17\x98\x2f\xaf\x5f\xaf\x98\xa2\x53\x32\xd2" "\x8d\xf4\xd9\x14\x6d\x77\x32\x82\x5f\x0d\xc7\x64\x68\xfb\x67\x6d" "\x61\xb2\xf4\xca\x05\x9b\x58\xd0\x98\x5e\x73\x2b\x54\xee\x44\x8b" "\x77\xc3\x5f\x09\x6c\x51\x6c\x92\x57\xa0\x99\x79\x91\x5a\x03\x9e" "\x84\x70\xbf\xf7\x61\x34\x27\x43\xaa\xe5\x1e\x62\x36\x85\x30\xae" "\x42\xa5\x3c\x0f\xf3\xa6\xf2\xca\xd0\xd2\xa9\xcb\x31\xa9\xe0\xcc" "\x98\x75\x08\xd2\xd6\x09\xcb\x01\x0e\xc2\xa4\xd7\x18\x2f\xdf\x24" "\x9f\x35\x99\x93\x19\x5a\x09\x11\xf4\xe4\xae\xb6\x5e\x02\x45\x48" "\xb9\x4e\xb6\xf1\xb9\x3f\x16\xd4\x75\x67\x64\x1f\xfa\x59\xd8\x2d" "\x08\xea\x57\x8e\x0f\x0c\x83\xc1\xc8\xa6\x86\xc1\x9b\xec\xb9\x05" "\xe7\x57\x87\x78\xc8\x7b\x45\x63\x7c\x99\xac\x36\x66\x26\x16\x93" "\x56\xbb\xeb\xee\x21\x52\x5f\x0b\x6e\x7f\x1f\x95\xe8\xc3\xc4\xfe" "\x88\xad\xfe\x1d\xf2\x2f\xbb\x53\xa5\x8a\x13\xc8\x5b\xc3\x39\xe4" "\xbe\x70\x32\x63\xa6\xd9\xa8\x31\x28\xd8\x99\x01\x62\x3e\x95\x4c" "\xa3\x14\xe0\xea\x04\xe3\x54\x16\x26\xa7\xaf\x95\x3f\x2e\x54\x17" "\x89\x6a\x2d\x59\xf4\xc2\x9e\x4b\x23\x2c\x49\x81\xa6\x7d\xdf\xf6" "\x45\x0c\xff\x81\x8a\x79\x85\x4b\x0f\xae\x2b\x46\x83\x41\x0f\xec" "\xc6\xdd\xfc\x6c\x2d\x52\x5d\x14\x6c\x99\x8e\x1e\x96\x4f\x8a\x86" "\x39\x12\xd4\xde\x90\xfd\xac\x50\x82\x25\x89\xea\x52\x92\xbd\x36" "\x37\xda\xf1\x30\x83\x01\x34\xde\x27\xc2\x7a\x71\x5f\x75\x1a\x64" "\x34\xe1\xd7\xf6\x6e\x4d\x41\x5d\x79\x95\x73\x1e\x73\x68\x40\x23" "\xc0\x54\xb2\x13\x5a\x68\xf6\xf8\x90\x0a\x8d\x32\x99\x4f\xf3\x6a" "\x01\x60\x5a\x64\x02\x91\x34\xc8\x39\x4a\x8b\x9d\x1c\xcd\x96\x2e" "\x15\xc8\x02\x33\x71\xdb\x88\x59\x7d\xd5\x18\xa5\x3a\xcb\x76\x4e" "\xfe\xf6\x30\xba\xa3\xd2\x84\x82\xdd\x2b\xbb\x10\x74\x7c\xf2\xbc" "\xfd\x84\xa8\xf3\xf8\xfa\xab\xbb\xbb\x48\x7e\x1a\xfc\x08\xe9\xe9" "\x28\xa8\x64\x9d\x3d\xc3\xe3\xf7\xdd\xf7\xc4\x25\x1f\xa3\xf5\x04" "\x63\x7f\xbd\x2c\x96\xd5\xa9\x74\x8f\xea\x3b\xd7\xb0\x3c\xf2\x03" "\x32\xb2\x25\xbb\x32\xc2\x6e\x36\x46\x7d\x6f\x33\xf1\xb1\x77\x3a" "\xf5\x8e\xde\x11\x92\x09\x90\x98\x45\x71\x24\xd7\x07\x1a\xbc\x4d" "\x5f\xc8\x4a\xb4\x00\x42\x68\x29\x28\xfc\xd9\x89\x89\x36\x88\x15" "\xfa\xf7\x25\x1f\x5c\xf7\x2e\xca\xdd\x31\x18\xb9\xb7\x00\x29\x72" "\x41\xbf\xbb\x04\x37\x91\x76\x2b\x87\x67\xa8\xbb\x7d\xe9\xf2\xc6" "\xb4\x6e\x6d\xe2\xbb\x47\xc6\x19\xb1\x96\xf5\x39\xa8\xac\xc7\x77" "\x8d\xc3\xc6\x82\xa2\xac\xad\x37\xfa\x94\x0a\xcc\x77\x53\x42\xfc" "\x8a\x69\xd9\x3b\x79\x40\x10\x54\xc4\x66\x4c\x72\xeb\xf3\x4f\xd9" "\x82\xd3\x82\xc9\xdf\x70\xae\xed\xf3\x46\xf1\x9f\x6f\x31\xbb\x8f" "\x29\x10\x4a\xf2\x71\xf6\x3c\x13\xdd\x26\xa1\x8d\x1b\x47\x05\x9e" "\x32\x4f\x28\xcf\x2b\xf2\x98\xa5\x58\x3f\xa3\x2f\x86\xcb\x22\x81" "\x5e\xda\x75\xc7\xdb\x34\x14\x94\xd5\x01\xae\xf4\x99\x84\x3a\xf8" "\xe0\x0a\x92\x08\xcf\xca\xab\x20\xb7\xf0\x00\x6d\x94\x7e\x57\xed" "\x12\x5e\xff\x9d\x0b\x10\x64\xdb\x22\x76\xa4\x4d\x6a\x78\x1a\x77" "\x2d\xbd\x7b\x0a\x27\x20\x3e\x55\xa1\xd9\xab\xb5\xa0\x2c\xb6\x2b" "\x8e\x64\xb8\x58\x43\x2f\x8e\xb3\xc9\x87\xc3\xf5\xce\xff\x70\x8e" "\x7a\x6b\x51\x93\x35\x62\xd7\xb7\x37\x34\xc1\x53\x06\x8f\x60\x92" "\x38\xcc\x46\x3e\x16\x3b\xd4\x62\x1b\xf4\x34\xce\x35\x36\xf9\x31" "\x88\xac\x80\x98\x51\xa8\xdd\x06\x00\xa9\x91\x1f\x31\xdf\x47\xc5" "\x37\xb7\x57\x59\xc1\x83\x04\x31\xcf\xae\xbe\x75\x75\x43\x3b\x6f" "\x6d\x81\x6f\xed\x9b\xa2\x5b\xaa\x64\x8a\x68\x7f\xdf\xcd\x94\x80" "\x2e\x2c\xae\xdc\x57\x96\x9c\xe5\xaa\xa7\xfd\x90\x7f\x41\xe7\x7a" "\x74\xb2\x8c\x5f\x11\x76\x9a\x6b\xa3\xc4\x5f\x50\xfc\xe1\x91\x85" "\xe8\xc0\x27\x6c\x5b\x4b\xde\xd6\x0f\x93\x96\x6c\x0b\x0c\xa0\xe6" "\x10\x6a\x53\xde\x1f\xce\x56\x36\xfb\x73\xfb\x8b\xa0\x3f\x0a\xd8" "\x44\xb0\x2d\x77\x8c\x7e\xbc\xd1\x19\x3d\xc8\x98\x1c\x4e\x28\x00" "\x9c\x29\x92\xd4\x6c\xf6\x41\x4b\xc1\x09\x6d\x24\xce\x2a\x34\xcb" "\x7c\x2e\xbc\x55\x21\x89\x07\x04\x3f\xe6\x5e\x39\x7f\x10\x52\x5c" "\x94\x32\xb8\x05\xc5\x88\x85\x96\xb9\x5f\xeb\x01\x87\x57\xba\x72" "\xd3\xd1\x3b\x15\x0a\x03\xa8\xd3\xe3\x32\x62\x60\xe2\xae\xe3\x8b" "\xcf\xe9\x54\x6e\xea\x4d\x6d\xde\x70\x96\x94\x18\xb6\xab\x9b\xda" "\xcc\xe0\xd0\xd6\x72\x1e\x19\xce\x5f\x2e\x0c\x45\x04\x94\x96\xb8" "\x8c\xe9\xc9\xba\xe9\x78\xf7\xc8\xfe\x55\x25\xdf\xc3\x65\x2d\x86" "\x56\x7c\x9e\xc3\x6f\xbd\xbb\x55\x8c\x4f\xda\xfb\x1f\x7d\xde\x5f" "\x88\x68\x86\xe9\x11\x9a\xbd\xb1\x8e\xd7\x04\xa9\x4a\x28\xf3\xf7" "\xb5\x31\xa0\x79\x92\xfc\x63\x99\x4f\x7e\xc4\x8d\x27\x1b\xc8\x6f" "\x6d\x9c\x54\x94\x1d\xa4\x7a\xe2\x29\x94\xd4\xdd\x18\x6b\x48\x9f" "\xee\x2a\xad\x06\xc3\x44\x17\xeb\x95\x9f\x62\x18\xbb\xd2\xd0\xc7" "\x33\x53\xe8\xe0\x9f\xc5\xcd\xe2\x62\x1a\xda\xef\x42\xf7\x7b\xdd" "\x09\x53\xc4\x1e\x68\xa2\x0f\xdf\xdc\xc8\x9c\x66\x6a\xb9\x2e\xf0" "\x4e\x32\x75\x27\xaf\xc4\x74\x06\xd3\xe8\x1d\x20\xa3\x93\x22\x9a" "\xdd\x35\x8a\xaf\xd6\x4d\x98\x34\x68\x14\x2c\xb2\x8b\xc9\xb1\x4c" "\x98\x00\xb5\x64\x08\x03\xa9\x43\x39\xc1\xf8\x45\x82\x0f\x15\xdc" "\x6f\x09\x0b\x4d\x1b\x32\x0f\xf3\xe2\xb6\x42\x15\xd0\x96\xa2\xc1" "\x8f\x42\xb1\x5e\x01\xcf\xc0\x02\x99\x49\xb3\xd5\x8d\xc1\x0d\xdc" "\xc5\x6d\x6e\x32\x46\xd5\xdc\x49\xfd\x05\xd1\xd6\xf5\xd6\x30\x3d" "\x46\x55\x9b\x1b\x86\xb8\xf1\x9c\x19\xd4\xd1\xd1\x91\x9d\x3e\x0c" "\x9c\x19\xdc\xc5\x64\x27\x61\x4b\x04\x12\x23\xaf\x5f\xbc\x49\xce" "\x2a\xf4\xaf\xfc\xc9\x0a\xc3\x71\x0e\x02\x5e\x93\x11\x27\x15\xf5" "\x92\x01\xb0\xa4\xef\xfe\x0c\xcd\xc9\xac\x49\xbe\x64\xfd\x5d\x0e" "\x91\xe8\x84\x6e\x8d\x1a\xde\x73\x45\x8d\xbc\x6e\x7a\x76\x6b\xf1" "\xbd\x88\x05\x92\xf9\x75\x76\xe0\x27\x33\x25\x6f\x21\x64\x9f\x21" "\xb4\x31\x3b\xc8\x99\xd1\x52\x05\x73\xfa\x33\x65\xb9\xde\x47\x57" "\xd4\x25\xf4\x98\xc4\xac\x58\x44\x69\xec\x8a\xa2\xdc\x89\xfa\xc2" "\x0a\x40\xbe\xe3\x68\x9b\xfb\x4e\x1f\x56\xf3\x69\xa8\x1c\x64\x08" "\x93\x79\x92\xfe\x1c\x74\x28\xe8\xd7\x97\xe8\x10\x25\x3b\x28\x04" "\x89\x89\xeb\x16\xc6\x45\xa8\x0f\x89\x6e\xe7\xce\x46\xb1\x7e\x66" "\xa8\xa6\x8c\x36\xab\xb4\xf5\x44\xb5\x91\x5d\x92\x64\xdf\x03\x90" "\x1c\x4d\x23\x25\x52\x31\xf8\xfc\xbf\xd0\x93\x0c\x80\x1f\x4a\xe0" "\x79\x46\xdc\x0c\xfb\xa5\xe9\x54\xeb\x37\x52\x78\x87\x69\x8a\x8a" "\x8e\xfb\x68\x1d\xc4\xb6\x9e\xb2\xb8\x42\x07\x3f\xf7\x61\x1b\x8a" "\x82\xb6\xaf\x0c\xa9\xe0\xa5\xcf\x96\x2f\xb5\xbf\xe2\x2d\xa7\x1d" "\x47\x18\x4c\x8d\x00\x9d\x0c\xd8\xbd\xf8\x91\x71\x15\xff\xaf\x75" "\xed\x73\xcc\x28\x99\x42\x8a\x0a\xd9\xe2\x6d\xee\x20\xb9\x9d\xda" "\x36\x2e\xed\x49\xbc\xa6\x73\x23\x55\x72\x36\xf2\xd9\x93\x88\xc6" "\xfd\xe6\x4a\xd1\x85\xd0\x0f\x02\x58\x6c\x3c\xde\xa3\x63\x83\xa9" "\x28\x4b\x07\x76\x2d\x75\x95\xc6\x2d\xb4\xae\xd0\x15\x1e\x70\x30" "\xe0\xcc\xfe\x8f\x72\x36\xee\xc1\xa5\xa8\xed\x9f\x1d\x5d\x01\x3a" "\xdb\x12\xf6\xf0\xe0\x67\x53\xe6\x77\xbc\x4b\xdb\x1a\xbc\x3e\x6b" "\x02\x84\x07\xae\xe6\xb2\x9f\xb2\x33\x7f\x40\x38\xf9\x4f\x97\xd4" "\x40\x9d\xe0\xde\x10\xbc\x74\x56\x99\x8f\xcc\x4d\x08\x0a\x10\x50" "\x3e\xa9\x03\x2d\xa1\x24\xf0\x88\x9e\xf9\x52\x12\xe6\x87\x7c\xed" "\x71\x1a\x63\xa3\x99\xda\x25\xb6\xbf\xdc\x40\x32\x38\x19\x32\xde" "\x35\x29\x03\x7e\x13\x2a\xde\xf8\x8e\x4e\xfb\x0f\xe9\x0f\x21\xec" "\x02\xfc\x3a\xaa\xdb\x25\x96\x1e\xd8\x89\x6e\x76\xfe\xac\x7e\xf1" "\xba\xca\x53\xe6\x69\x69\x1c\x8d\x9b\x22\xe9\x4f\xdf\x50\xe6\x7d" "\x33\x61\x27\x7c\xd2\xc8\x87\x4b\x6f\xc5\x26\x94\x70\x02\x46\x93" "\xdd\x53\x19\xd0\xbf\xd3\x95\x7a\x7a\x54\xa9\x71\xf9\x26\x52" "\x6a", 4096)); r[37] = syscall(__NR_sendmsg, 0xfffffffffffffffful, 0x20166000ul, 0x0ul); } int main() { install_segv_handler(); use_temporary_dir(); loop(); return 0; }