// https://syzkaller.appspot.com/bug?id=6e33f9966ade60fc2932bb2059228cbb275c2fdc // autogenerated by syzkaller (http://github.com/google/syzkaller) #define _GNU_SOURCE #include #include #include #include static void test(); void loop() { while (1) { test(); } } long r[49]; void test() { memset(r, -1, sizeof(r)); r[0] = syscall(__NR_mmap, 0x20000000ul, 0xf7f000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); r[1] = syscall(__NR_socket, 0x26ul, 0x5ul, 0x0ul); *(uint16_t*)0x200f8000 = (uint16_t)0x26; memcpy((void*)0x200f8002, "\x61\x65\x61\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 14); *(uint32_t*)0x200f8010 = (uint32_t)0x0; *(uint32_t*)0x200f8014 = (uint32_t)0x0; memcpy((void*)0x200f8018, "\x70\x63\x72\x79\x70\x74\x28\x67\x63\x6d\x5f\x62\x61\x73\x65" "\x28\x63\x74\x72\x28\x61\x65\x73\x2d\x61\x65\x73\x6e\x69\x29" "\x2c\x67\x68\x61\x73\x68\x2d\x67\x65\x6e\x65\x72\x69\x63\x29" "\x29\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00", 64); r[7] = syscall(__NR_bind, r[1], 0x200f8000ul, 0x58ul); memcpy((void*)0x20f73000, "\x0a\x07\x75\xb0\xcc\xe3\x83\xe5\xb3\xb6" "\x0c\xed\x5c\x74\xdb\xb6", 16); r[9] = syscall(__NR_setsockopt, r[1], 0x117ul, 0x1ul, 0x20f73000ul, 0x10ul); r[10] = syscall(__NR_accept, r[1], 0x0ul, 0x0ul); *(uint64_t*)0x20f74fc8 = (uint64_t)0x0; *(uint32_t*)0x20f74fd0 = (uint32_t)0x0; *(uint64_t*)0x20f74fd8 = (uint64_t)0x20bbdfc0; *(uint64_t*)0x20f74fe0 = (uint64_t)0x4; *(uint64_t*)0x20f74fe8 = (uint64_t)0x20f75000; *(uint64_t*)0x20f74ff0 = (uint64_t)0x18; *(uint32_t*)0x20f74ff8 = (uint32_t)0x0; *(uint64_t*)0x20bbdfc0 = (uint64_t)0x20f7c000; *(uint64_t*)0x20bbdfc8 = (uint64_t)0x0; *(uint64_t*)0x20bbdfd0 = (uint64_t)0x20dc4f5d; *(uint64_t*)0x20bbdfd8 = (uint64_t)0x0; *(uint64_t*)0x20bbdfe0 = (uint64_t)0x20130f10; *(uint64_t*)0x20bbdfe8 = (uint64_t)0x0; *(uint64_t*)0x20bbdff0 = (uint64_t)0x20f7d000; *(uint64_t*)0x20bbdff8 = (uint64_t)0x1000; memcpy( (void*)0x20f7d000, "\x4d\xda\xfe\xf9\xb0\x3d\xe1\x7f\x14\x1e\xf3\x3c\xe2\x7c\x44\x5d" "\xaf\xaa\x27\x46\xe4\x2b\x90\xb8\xbd\xc5\x8b\xba\x34\x0e\x4c\x28" "\xe0\xd6\x5c\x0c\xf3\x05\x96\xc8\x6f\x1d\x93\x11\xb2\x2e\x65\xf6" "\xfb\xeb\x44\x90\xac\x51\xe8\x63\x8f\x32\x3c\xec\xcb\x17\x16\xc5" "\xc7\x62\x9b\x34\x9e\x47\xc6\xe4\xdb\xa8\xc6\xc2\x5d\x4d\x57\x12" "\xd9\x8f\x58\xa5\x19\xfd\x24\x40\x88\x08\x77\xbe\xf0\xe6\x91\x4b" "\x32\x85\x1c\x69\xec\x4a\xfe\x59\x8b\x64\x1f\x17\xd7\x90\xdc\x26" "\xf1\xe2\x51\xff\x53\xde\xf0\x07\x81\xfc\xb7\x4d\xcd\xcb\xa7\xaa" "\x9f\x07\xe7\xb9\xb7\xbd\x9a\x4a\x10\x28\xd1\x9e\x57\xbe\x5a\xcf" "\x9d\x51\x1b\x3c\x34\xee\xb6\x65\x0c\x41\x2a\x78\xdb\xc5\x6d\x31" "\x25\xff\xfb\xe2\xf9\xd4\x4e\xc1\x90\x1d\x9d\xf6\xb5\x5f\xb5\x51" "\x31\xcf\xa5\x66\x08\xbb\x8c\x33\x44\x87\x25\x3b\x1e\x68\x39\xc3" "\xb1\x04\x71\x64\x85\x5b\x2d\xa6\xe8\xbb\x88\xbd\xd2\xc8\x9f\x1b" "\x01\xbd\x77\x1a\xb3\xbf\x36\x78\x67\x69\x8e\xad\xfc\x13\x89\x3a" "\xa1\x52\x00\xaf\xeb\xf6\xf3\x02\x29\x51\xc6\x18\x77\x16\xce\x4c" "\x31\xc0\x5b\xf1\x64\x8d\x84\xa7\x85\x6b\xd2\x40\xee\xd2\x04\x10" "\x98\x82\x13\x5b\x06\xf0\xd6\x81\xc8\xa4\x82\x2c\x50\xb4\xb8\x65" "\x75\x03\x02\xe7\x8e\x27\x66\x79\x45\x6a\xa6\x92\xfc\xe9\xbd\x2b" "\x65\xbe\xb0\x43\x17\xaf\x95\x91\xf3\x68\x10\xa2\x22\xb0\x38\xf6" "\x74\x2f\xab\x2b\x5b\x17\x3f\x37\xa6\x18\x7d\xf2\x5c\x2a\x6b\x86" "\xba\xce\x5a\x60\xd0\xc1\x9f\x9b\xc4\x73\xf8\x06\x77\x86\x85\x42" "\x00\x47\xee\xf0\x42\xca\x1c\x9a\xc6\x8b\x2d\x0a\x90\x2b\xe6\x2f" "\x1f\x36\xb5\x89\x96\xda\xd3\x4a\x30\xd9\xa0\xba\x77\x77\x9e\xca" "\x7c\x9e\x5a\x85\x78\xa0\x68\xfd\x9c\x43\xd7\x27\xb8\x7b\xfb\x3d" "\x2c\x65\xb3\x57\xf8\xdf\xab\x5e\xef\xf8\x3e\x44\x3a\x38\x3f\xfe" "\x2e\xce\xbb\x52\x27\xe2\xf4\x29\x3a\xc6\xd4\x01\x25\x13\x51\xb9" "\x13\x97\x98\x3e\x52\xff\x3a\xfb\x94\xaa\x12\xb3\x99\x67\x2c\x7f" "\x92\xcd\xba\x58\xc7\x67\x4e\xd4\x25\x83\x79\xec\xe6\x4f\xa6\x65" "\xa6\xad\xd1\x0b\x38\x37\x79\x1e\x64\x84\xd1\xa2\xc4\xf8\x33\xb3" "\xe8\xd2\x42\x5d\x01\x5c\x21\xf8\x42\x84\x0b\xca\x7f\x9c\xf7\xf7" "\x66\x65\xc1\xb9\x09\x8f\x42\xf1\xcc\x43\xdc\x7e\x20\x36\xf8\xf1" "\xfd\x58\x88\xae\xe7\xe2\xaa\xb9\x9b\x3b\x06\x53\x13\x83\x07\xde" "\x61\xe1\x92\x49\x70\xc4\xc4\xf3\xd1\x4d\xdc\x12\xf0\x0e\x26\x89" "\x63\x2e\xd8\xc4\x87\x65\xcf\x81\xae\x82\x87\x51\xba\xfb\x18\x36" "\x7e\x10\x4e\x57\x42\x0c\xd4\x47\xc2\xd1\xa9\xe3\x75\x36\xce\xab" "\x1f\xa0\x64\x58\x95\x64\x71\x56\x04\x4c\xa9\xfe\xc7\x11\x90\xf1" "\x0b\x4f\xa8\x79\x2e\x65\x4f\x55\xb4\x46\x8a\x9b\x35\x2a\xc4\x9b" "\x0c\x3d\xad\x1a\xa5\xb5\x43\x4c\xcc\xab\x60\x0f\xe7\xce\x42\xd2" "\x1c\xff\x40\x9e\x2e\x24\x4a\x31\xb9\xb9\xc8\x10\x87\xd5\x88\x96" "\xd9\x46\x7c\x99\xb5\x27\x93\x91\x0f\xbb\x93\xd4\xc9\xc4\x9f\x7e" "\xa0\xd8\xab\x4e\x8b\x0f\x69\xd7\x1a\x30\x55\x8a\x55\x1e\x72\xf6" "\x29\x71\xf6\x60\xa9\xe0\x43\x3b\x91\x2c\xe4\x0a\x5b\x51\xfe\x06" "\x61\xc9\x02\x59\x99\xed\xc7\xcf\xd2\x01\x88\x31\x4e\x7d\x26\x2a" "\x48\x6c\x3c\xb2\x3c\x77\x3f\xc3\x03\x0c\x69\x02\x99\x2b\xb2\x5f" "\x05\xaf\x36\xa6\xa3\xc6\xc0\xda\x38\x45\x9b\x50\x7d\xc2\x76\x97" "\x47\xf7\xac\x24\xea\x29\x3e\xfb\x1a\x1b\xd2\x9e\x6d\x6b\xa3\xd3" "\xba\xcf\x8b\xfa\x1b\x9c\xa6\x31\x21\x14\x23\x63\x89\xda\x6b\x95" "\x48\x82\xa1\xf6\xa7\xc0\xf4\x4f\x32\xf6\xbc\xb7\x44\x8e\x68\x1e" "\xf0\xf9\x3a\x82\x83\x36\xa3\x3b\xd6\x38\x31\xbb\xb2\xc8\xd4\x38" "\xae\x06\x48\x9a\x05\xfd\xf7\x09\x7b\xf6\x88\xfa\x7b\x29\xd2\xd8" "\x8d\xd4\x92\x5e\x1f\xb4\x0c\xb7\x3d\x37\x40\x5a\x19\x59\x16\x1a" "\xf4\xf5\x2b\x01\x16\x79\x85\x3b\xb1\x50\x7f\xa6\xf7\xff\x70\x70" "\xfe\x1f\x50\x4f\x4e\x88\x66\x9b\xa8\xcb\x64\x20\x14\x95\x5e\xc2" "\xb1\x66\x41\x0c\x06\xb3\x0d\xd4\xc1\x87\x86\x79\x6e\x3a\x3a\x5d" "\x1d\x1f\x99\xb3\x0b\x7b\x36\x0b\xf0\x4e\xd8\xb0\xc4\xa0\x34\xb8" "\xd6\x1f\xe6\xce\xc6\x94\x9d\x90\x9b\x5f\x4c\xc4\xf9\x44\x00\xed" "\x55\x8a\x8a\x93\x48\x4b\xb9\x86\xf9\x1f\x5e\xb6\x85\x01\xba\x13" "\xae\x4c\x04\x07\x66\xcb\x46\x0f\xf0\x97\x22\xb2\xb4\xc0\xa4\x2d" "\xc4\x84\xd1\xc7\x21\x49\x7b\x08\xaf\x89\x33\x5c\x91\xe1\x93\xfe" "\x4e\x4f\xba\x45\x24\xb5\x88\x8d\x5b\x00\x0b\x19\x5d\x35\xac\x45" "\x61\xfd\xf5\xd3\x8c\x0f\xc1\x70\x9c\xa3\xc6\xe1\x79\x38\xf5\x2f" "\xfe\x5f\x34\xaf\x47\x0b\xc3\x5c\x1d\x10\x6c\x53\xcc\x78\x00\xa3" "\xfc\xfb\x4f\xa4\x04\x96\x87\x2e\xf3\x58\x60\x0c\xd7\xad\x6a\xd1" "\xa1\x76\x21\xb3\xdd\x0f\xc5\xe0\xf7\xf6\x15\x48\x76\xda\x93\x7f" "\x2c\xe1\xc1\xf4\xf5\xe2\xbb\x89\xf9\x44\xa9\x56\x1e\x71\x0d\xfb" "\xeb\xaa\x51\x02\xe9\xd2\x0a\xc9\xbf\x50\x25\x18\x0a\x58\x2e\x7b" "\xe5\x7f\x12\x81\xd1\x7e\x1b\x5c\x8e\x4c\x98\x4c\xf3\xaf\xdc\xba" "\xaa\xd0\x32\x94\xba\x40\xad\x4f\x3c\x49\x01\xbf\xf6\x10\x50\x7d" "\x7f\xb6\xae\x34\x90\x59\x6a\x51\x7f\x8d\xcf\xa0\xdc\xf0\xf0\x6d" "\xc8\x87\xcd\x37\x32\xf9\x41\x01\xd7\xae\x1e\x77\xa4\x1b\x74\xbf" "\xa4\x43\xb0\xb2\xd1\xcb\xa7\xde\x22\x9d\x99\x76\x88\x95\xc3\x9d" "\x8b\xf6\xe4\x20\x19\xda\xfd\xe4\x8d\x78\x9f\x92\xab\xdd\xd7\xb2" "\xc8\x24\x76\x28\xdb\x9a\xdc\x5f\x61\x45\x43\xc2\xfa\xc8\xef\x1f" "\x8d\xb9\xe3\x1f\xf8\xba\xa1\xbd\xd2\xa2\x1e\x25\xc8\x16\xf2\xc6" "\x63\x56\xc5\x33\x6c\xb5\x20\xfb\x56\x7b\x33\x58\xdc\x79\x5c\xb1" "\x6b\x72\x9f\x76\x7c\x64\x95\x47\xb3\x0f\x99\x1b\x2a\xd4\xb3\xb0" "\xfd\x8e\xee\xe8\x69\x6e\xe6\x41\x46\x23\x10\x92\xee\xe5\xcb\x86" "\x8c\xdd\x96\xaa\xfa\x20\xa1\xd0\x2b\x30\x78\x90\xa5\x19\xb7\x96" "\x08\xa9\xad\xbf\xbe\xb0\xe3\xdd\x8c\x73\x9a\xc1\x71\x3f\x6f\x2a" "\x14\xf3\x5b\xf9\x85\x47\xd1\x18\x5b\xd7\x63\xbb\x5e\xd5\xb3\xcb" "\x9a\xa4\xcf\xbb\xa0\xa4\xdf\x98\xe2\x80\x28\x63\xc6\x9d\x05\xdc" "\xec\x69\x93\xfd\x6b\x35\xa5\xbe\x95\x63\x47\x43\x81\xd1\xd1\x12" "\xaa\x22\x51\xf4\xc8\xaa\xac\x43\x0e\x5a\xa0\xa2\xdb\x81\xf0\x76" "\x72\x92\xa4\xfc\xaa\x0f\x79\x35\x77\x60\xeb\x06\xb7\x96\x82\x97" "\x89\x36\xca\x4e\x30\x61\x72\xce\x63\x5f\xac\x8b\x9a\x62\xa6\x99" "\x00\x21\xad\x55\xf5\x84\xa8\x9d\x48\x3c\x44\x14\x2e\x44\x0e\xe1" "\x67\x03\x09\x51\x6e\xd5\x35\x18\x3a\x09\x6a\xd1\x40\x79\x54\x22" "\xc6\xec\xdd\xb5\xaf\xc9\xd4\x22\xd5\xaa\x97\x15\xa0\x5a\x6d\x50" "\x72\x1e\x55\x04\xd4\x26\x92\x3b\x1b\xcd\xd2\xb8\xec\xc2\xf7\xcc" "\xa7\xf3\x25\x8d\xa2\x60\xd6\x8d\xb0\xe0\xeb\x3b\xc1\x6b\x38\xee" "\x3e\xdd\x09\x32\xa8\x5e\x56\x4a\x88\x37\xc3\x32\xba\x26\xd8\xa4" "\x2d\xa5\x63\xcc\xe6\x79\x8a\xe1\x82\xdc\xf5\xa2\x92\x16\xd7\x7a" "\xd1\x04\x26\xaa\xf2\xb3\x70\x86\x96\x8c\xc0\x5d\xbb\x5e\x8c\x89" "\xcf\xe3\x5d\xb4\x7c\x06\xff\x82\xa0\x93\xe8\x09\xd7\xef\xd2\x20" "\x10\x16\x71\xdf\xf5\xb3\xa7\x9a\xf0\x89\xe6\xfd\x91\x60\x2d\x65" "\xe2\x0d\xb0\x13\x8a\x05\xc0\xd3\x75\xaf\x25\x4e\x82\x16\x6c\x34" "\xae\xe6\xba\x7d\x42\x00\x50\x81\xa2\x8e\x34\xf4\x9c\xf1\xd3\x02" "\x1b\x54\xe9\xf4\x71\x28\x31\x3a\x98\xee\x99\x85\x98\x72\xe3\x66" "\xda\xe2\x3c\x20\x0d\x2c\xa5\x41\x62\x5c\x44\xc1\x7b\x76\x00\xcf" "\x72\xde\xd2\x98\xff\x8c\x07\xc9\x53\x7b\xae\x6c\x1b\xdb\x24\xec" "\x72\xc2\x37\xa8\x93\x32\x3d\x6d\x8e\xd8\x6d\xc2\xb3\x21\x67\x24" "\x0d\xab\xe9\xa7\x5d\xf6\x41\x69\xc5\x79\xa8\x23\x65\x2e\xe2\xd2" "\x7a\xc1\x15\xa3\x37\xb0\x0d\xa2\xe2\xf2\x92\x62\x86\x3c\x3f\xfa" "\x8c\xb8\x06\xf3\x23\x78\x9f\xf4\x68\x5f\x21\x75\x2a\x6f\xf4\x3a" "\xa2\xd9\x6e\xae\x34\xcb\x25\x63\x6f\x6e\xf7\x8a\xc4\x7c\x14\x18" "\x20\xa5\xb2\x10\x44\x82\x76\xcf\x84\x1d\x8d\xc9\xc9\x3c\x3f\x77" "\x82\x55\x28\xb6\xe6\x0d\xb2\x55\x1a\x80\x80\xc7\x2c\xb1\xd8\x00" "\x75\x0c\x15\x3b\x2b\xea\x60\x2d\xf9\xa7\xaf\x67\x4e\x2e\xe5\x7c" "\xe7\xde\x57\x34\x97\x8d\x58\xac\x7e\x1c\x53\x7d\x37\x55\xb4\x62" "\x71\xb6\x24\x40\x85\xf0\x97\xfd\xfe\x36\x1e\x6b\x3a\x92\x11\x54" "\xad\x46\x0c\x38\x4f\x58\x66\x60\xc8\xe4\x55\xe2\xd1\xc7\x0e\x60" "\xda\xf3\x36\x69\x9a\x97\x71\x7a\x3d\x0e\xaf\xae\x14\x84\x27\x90" "\xbc\xa8\x40\x1d\xc9\xaa\x01\x16\x4f\xa8\x08\x01\xc8\xde\xc8\xd7" "\xa6\x4e\x5d\x37\xe2\xd8\x48\x04\x91\x3b\xaa\x5e\xc8\x50\xa2\xd0" "\x90\x09\x3d\x53\x63\x58\x69\x78\x5d\xa9\x81\x88\x6a\x64\xf8\x6f" "\x43\x70\x8d\x37\x41\xae\xfd\xd1\x72\xdb\xec\xe9\xda\x33\x0c\x09" "\x78\x1f\x9e\x90\x48\xe2\x69\x94\x3c\xed\x3c\x1f\xab\x8b\x06\x38" "\xe0\xce\xbb\xbc\xf0\x64\x4b\x98\x45\xf1\x93\xcb\x97\x67\xed\x02" "\xc8\xdc\x66\x8a\x4c\x3c\x8e\x24\xe9\xed\xdc\x6f\xc1\x6a\x0a\xce" "\x3c\x0e\xbe\x81\xd8\xdd\x6f\xa3\x05\x29\x35\x14\x34\x57\x4f\xea" "\x1d\xdd\xad\xce\x9d\xcf\xbb\xad\x4f\x09\x02\xfc\xf6\x1a\xe6\x67" "\xcc\x47\xd5\x18\xbe\xae\x00\x9d\xc3\x5b\x74\xaf\x21\x46\x14\x9e" "\x4f\xeb\xf3\xe2\x71\xb7\x50\xda\x2f\x31\xa8\x27\x2c\x6f\xd5\x40" "\x99\x30\xab\x1d\x3b\x8e\xaa\xfa\x92\x5e\x95\xaf\x0c\x3a\x93\x40" "\x04\x7e\x5e\x83\x10\x61\x03\x9a\x36\x63\x79\xf0\xe0\xa2\x51\xac" "\x69\xc5\x94\x07\xfd\x6c\xb0\x2e\x57\x16\x31\xf3\xd7\xa5\xa6\x27" "\x80\xc6\xba\xf9\x66\x18\x2b\xb3\xca\xd0\xee\x0a\x2e\x32\x5f\xb8" "\x47\xd3\xd3\xaf\x99\x25\xe5\x17\x41\xb3\x20\x16\x4d\x0a\xb5\x4d" "\x3e\xe3\x26\xde\xc8\xf0\xe2\xf9\xb1\x00\x40\x69\xd4\xec\x28\x54" "\x35\x1f\x75\x27\x96\x54\x8c\x84\xf2\x44\x4a\x9a\x17\x9f\x59\x9a" "\xdb\xcd\xf8\x50\xea\x52\x5e\xde\x90\x51\x98\x66\xbd\x54\xda\x72" "\xb4\xed\xbd\xba\x5a\x62\xda\x0a\x0c\x45\xb2\x58\x77\x3d\x85\x09" "\x85\xb4\x50\x83\xea\xe8\x48\xed\x5a\x58\xd9\x7e\x49\x07\x98\xef" "\x16\x29\x33\x29\x96\x08\xb6\xdf\x43\x61\x3c\xbf\x36\x18\xbf\xb4" "\x1f\x9a\x4b\xfe\xbc\x40\xe6\xed\x27\x79\xe6\x30\xbd\x6b\x69\x08" "\x57\xb2\xd1\xd8\xb3\x7e\x76\x26\x12\x83\x72\x75\xe1\xa4\xd0\xe4" "\xb0\x78\x2f\xcc\xae\x7e\x1f\xd2\xff\x49\xeb\xb1\x8b\x35\x26\xc1" "\xc9\xef\x76\xad\x5b\xa5\x99\x0f\x28\xfd\x75\x1e\xd8\x1a\x07\x58" "\x29\x03\xef\x69\x4a\xfb\x1b\x8f\x75\x31\x1e\x28\xd1\x88\x6a\x21" "\x49\x39\x93\x51\xd9\xb3\x20\x16\x53\xd8\x55\x0e\x55\x0e\x42\x50" "\x02\xae\xd3\xe3\xcd\x49\x30\x8d\xec\x24\xc1\x1b\xeb\x4c\x35\x1f" "\xf8\x0a\x71\x81\xfc\xaf\x55\x6b\xfa\x58\xd8\xa3\x5f\xd5\xdc\xf4" "\x85\xd7\x74\xc8\xd2\x23\xcf\x20\x9c\x4e\xa1\xf5\x70\xeb\xbd\xc7" "\xcc\x33\xd6\xfe\x7b\xdd\xe8\xb0\xd1\x58\x9a\xb8\x47\x6e\xaa\xe1" "\x0e\x6f\x89\xb9\xbc\x4b\x7b\x00\x97\xc1\x7b\x4c\xc8\x26\x0b\x2a" "\x5a\x53\x1e\x52\xc9\x28\x1e\xdb\xa1\x60\x67\x8e\x98\xba\x69\x10" "\x32\x8d\x54\x0c\xb5\xef\x00\x0a\xa0\x45\xc1\x81\xf0\xcc\x01\xca" "\x50\x00\x0d\x7d\x40\x82\x50\x5c\x14\xae\xbd\xd3\xf9\xce\xa9\x87" "\xb8\xc1\x26\x0c\x12\xc0\xc2\xa2\xef\x61\x28\x84\x1f\x85\x9e\x5f" "\xfd\xbc\x1e\xea\x1b\x5c\x62\x86\xfb\x09\x06\xed\x02\x70\x98\x54" "\x98\x56\x46\xfd\xd4\x98\x1f\x05\x87\x4b\x62\x04\x9e\xff\xf0\x66" "\x02\x7c\xd1\x2e\xd7\x05\x44\x77\x29\xd1\xd7\xae\x81\x60\x3c\xf9" "\x12\x94\x06\x34\x30\x1d\xf6\xd4\xcf\x93\x0b\xdd\xd9\xda\x13\x14" "\x55\x3e\xaf\x70\x7a\xab\x4f\x91\xad\xeb\x32\xc5\xe4\x98\x3e\x9f" "\xe1\x67\x80\xbe\x8f\xc5\x39\xd5\xfc\x65\x1d\x21\xa9\xde\x53\xe7" "\x26\xe5\xbf\xe0\xcd\x96\x94\x61\x81\x09\xfd\xb5\x8f\xbe\x8b\x33" "\xfd\xb0\xc3\xdf\x8d\x67\xd7\x0a\x03\x2f\x47\x16\x78\x60\xdd\x7e" "\x5e\xc1\x30\xac\xc0\x3c\xec\x35\xb6\x22\x39\xf6\x73\x3b\x36\x52" "\xfc\xa5\xd9\x0f\x50\xb8\x5d\xa5\x75\xfd\x55\xce\xbe\x45\x3c\xa9" "\x3b\x5b\xf0\x33\x77\xd2\xc1\x93\x7b\x11\xfe\xc2\x3b\x84\x8a\x0c" "\xb2\xc0\x16\x48\xb6\xcc\xb7\x17\xe2\x7a\x7f\xc6\x28\x1d\xae\x43" "\x12\xb9\x8c\xc4\x48\x67\x46\x0d\x5f\x2c\x70\x88\x87\x5b\x67\x0f" "\xa9\xb8\xd7\x2f\xb3\xcc\xc3\x55\x3f\x1a\x51\x48\x31\xea\x66\xd3" "\xd6\xc6\x94\x52\x78\x65\x1d\x58\x21\xd1\x39\x99\x27\x96\xf3\x82" "\x90\x0a\xf9\x74\x96\x6c\x36\x1b\x2d\x03\xb9\xeb\x06\x58\x86\xf0" "\x5b\x8c\x70\xbf\x32\xf8\xd7\x03\x56\x10\x78\x76\x8f\xd4\xd3\xdc" "\x43\x23\x9a\xe6\xdb\xfd\x56\x14\x86\x3c\x73\xdb\xda\x2b\xc5\xcd" "\x74\x0d\x7e\xdd\x51\x60\x1c\x11\x4a\xd2\xe6\x7a\xa3\xf7\x99\xcb" "\x33\xfb\xcc\xbb\x81\x35\xe3\xd4\xc9\xc2\x37\x95\x03\x5b\xd2\xf0" "\xe7\xcf\x4e\x60\x97\x0a\x28\x02\x1a\x82\xeb\x82\x1a\x5e\xe4\x99" "\xc9\xa6\xc1\x9a\x58\xc3\x98\xaa\xe9\x86\x6a\x7c\xcd\x7d\x88\x55" "\xc9\x15\x91\x17\xc7\x46\xa4\x7d\x37\x38\x25\x53\x3a\x69\x93\x72" "\x82\x72\xe3\x7c\x20\xb4\x83\xbb\xda\x67\x3a\xba\x21\xf8\xc7\xe2" "\xe5\xcf\x88\x77\x5d\x04\x8e\xea\x8e\x76\xa5\x29\xba\x49\x45\x8e" "\xf7\x8d\x8d\xde\x2a\xdf\x0f\xeb\x7e\xa2\xd4\xc4\x2b\x9a\xfd\x00" "\x42\x72\x52\x34\xb5\xe9\xc7\x86\xa2\xeb\x1b\x2d\xe9\xc5\x9d\x66" "\xad\x2b\xc4\x3a\x2e\x93\x62\x36\xc4\x99\x39\xcf\x4b\xa6\xa5\xd4" "\x46\x46\x11\xef\xfb\xd6\xe2\x0a\xf0\x37\x88\xd5\xd4\x6a\x6e\xb0" "\xf2\xe5\x9c\x5a\x0d\x78\xf4\x33\x32\x21\x48\x5c\xd4\xbc\x7b\x5f" "\x19\x1b\x39\xd3\xdf\x09\x38\xbe\xae\x17\xbe\xb0\x1d\x0e\xde\xec" "\xab\x4b\x8f\x66\x75\x48\x85\xba\xa7\xc2\xc7\xa9\x85\xe4\x5e\xbf" "\xb5\x67\x09\x75\x51\x7e\x1d\x07\x73\xc7\xbc\x01\x59\xb0\x3a\x94" "\x60\xe4\x45\x2d\x0b\xad\xf9\x6f\xc5\xd1\x5c\x41\x9d\x9a\xfe\x2e" "\x30\x61\x75\x64\x0f\xfa\xd9\xf7\x75\xee\xcb\x0c\x95\x44\x3c\xf8" "\x5a\xc8\x1a\x33\xcc\x52\x6b\xbc\x57\x0c\x54\xd6\x46\xa5\xc1\xea" "\xcc\x41\x79\x0d\x3e\xd1\x92\xf8\x83\x86\x95\x30\x63\xac\xe3\x8a" "\xb2\x0d\xdc\x61\x21\x59\xad\x17\x64\x42\x07\x0a\x08\xb8\xbe\xe1" "\x55\xe7\x91\xdc\xf6\xbb\x49\x94\xb3\xf0\x73\x6d\xed\x65\xd1\x20" "\xab\x0f\x12\x65\xaf\xe7\x4c\x2c\xc8\x9a\x3d\xc3\x53\x2a\xcf\x96" "\xef\x53\xa0\xbb\x82\x65\x2b\xac\x8d\xb2\x16\xbc\x1a\x5d\xf2\xd9" "\x77\xec\x03\xb8\x94\x54\xd8\x5e\x7d\x99\x53\x7f\x04\xce\x5d\x9b" "\xcc\xa6\xfe\x07\x8a\x7a\x70\xbc\xd7\xb1\x67\xb8\x5d\x6a\x39\xde" "\x68\xc2\x31\xe2\xf9\xee\xbf\xc3\xec\xbf\x0c\xc5\x0c\x3d\xad\xc4" "\x4b\x6c\x0b\x92\xd1\xc3\xf4\xe3\x40\xc1\x4f\xc8\x8d\xd6\xd9\xa3" "\x84\x0a\x26\x9f\x56\xd3\xe1\xe6\x3a\x38\x4e\x01\x35\xb2\xe9\xcd" "\x71\x22\x92\x5c\x97\xf9\xae\xab\x56\x6b\x17\xbb\x98\x0b\x0f\x77" "\x05\xf2\x2b\x8a\x8c\x3c\xae\xad\xbb\x03\xe6\x7c\xf6\x5a\xb7\x1a" "\x47\x9b\x7e\x06\x39\x36\xdc\x01\xcb\xa5\x85\x02\x2d\x0f\xf1\x10" "\x80\xcb\xb0\xbf\x41\x08\x96\xff\x82\xf3\x8e\xe4\x1f\x08\xf4\x4c" "\x4e\xed\xa9\x8e\x94\x51\xba\x58\x9b\x36\x59\xe3\x9d\x04\xaa\xa8" "\xe6\x08\x90\x28\x30\xd3\x4f\x18\x12\xc6\x37\xfc\xf6\xfc\x17\x13" "\xbf\xef\x1a\x93\x98\xea\xaa\x8c\x8e\x90\xa5\x7b\x6d\x39\x28\x52" "\xf4\xc5\xb5\x0f\x79\x74\xed\xc0\xfb\x3d\x71\x9c\x88\xea\x9d\x3e" "\x16\x23\xcc\x0e\x5a\xf9\x5d\x04\x28\xdc\xb9\x97\xdf\xdb\x95\x01" "\x05\xf0\xce\x6c\xd9\x4c\xcf\xd0\xd0\x27\xcb\x4d\x98\xb2\x33\x45" "\x2e\x2a\xed\x63\xc6\xcc\xf8\x97\xfe\xaf\x15\xe1\xba\xec\xf6\x03" "\x91\xbb\x0f\x22\xf1\x65\x3a\xf4\x6f\xc5\x47\x1a\x17\xed\x4e\xd9" "\xa9\xc5\x4c\x9a\xc3\xbc\x57\xf2\xe1\x68\x1b\x6e\xde\xe8\x68\x26" "\x41\x8d\x41\x56\xca\x22\x24\x5a\x42\x41\x2d\x35\x36\xe5\xbf\x03" "\xf4\xf9\xd9\xf9\x29\x9d\x6b\xf6\xfc\x11\x13\x47\x2e\x9f\xaf\x2f" "\x36\x2f\xe9\x2c\x46\x54\x7e\xce\x4a\x7a\x7c\x70\xc1\x55\xb8\xbf" "\x72\x0d\x81\x83\xa3\xe4\xbd\x6f\x5c\xdf\x61\x09\x4b\x7b\x40\xe0" "\x5b\xfe\x01\xbc\x3c\xa6\xe5\x2d\x4d\x2a\x30\x42\x55\x95\x0b\x52" "\xea\x58\x26\xe0\x74\x53\xc3\x50\x98\xd7\x31\xd0\x41\x94\xc0\x64" "\x45\x0b\xd6\xad\x99\x9b\x6d\xa0\x9a\x04\x74\xd0\xa9\xd2\xe3\x37" "\x57\x91\xba\xac\x96\x24\x12\x86\x37\x0b\xc9\x63\x4f\x8d\xb8\xe6" "\x31\xea\x48\xb6\x06\x88\x85\xed\x79\xe3\x93\x2e\xa0\x18\x64\xc3" "\xc3\x20\xdc\x6f\x32\x68\x91\xfd\x2f\xd0\x76\x55\x0a\xd5\xe8\xc2" "\x5e\x4e\x55\x8f\xdb\x1e\xa4\x52\x4f\x55\x3a\x2a\x60\xcc\xf9\xde" "\xba\xfe\x3b\x06\x8d\x96\x7c\x61\x88\xb8\x3f\xcb\x4c\xc2\x7f\xfe" "\x23\x5c\x50\xd7\xbc\x53\x68\x23\xd5\x84\x1d\x56\x31\xde\x09\xc6" "\x63\x7b\x55\xde\x67\xb2\x44\x44\xbf\x9c\x33\x61\x91\xd5\xab\x8d" "\x0d\x48\x5d\xb9\xb6\x31\x89\x50\xa3\x53\x86\x5b\x86\x7c\xd7\xc2" "\x44\x0b\xc8\x4d\xf4\x83\x5e\xbe\x7b\x04\xf5\xaa\xc7\xfb\x78\x00" "\xe6\x85\x27\x6d\xf4\x71\xd4\xbb\x35\xe9\x73\x23\x27\x9c\xca\xbe" "\x0e\xd2\x69\x37\x12\x14\xb7\xd8\x4a\xb6\xae\x1b\x9a\x07\x05\x6b" "\x12\x06\x5e\x89\xe0\x76\xc9\x34\x91\x39\xd4\x66\x72\xfe\x35\x9f" "\x82\xd7\xea\x6c\x91\x72\x01\x0c\x80\x61\x37\x97\xce\xb3\x2e\x2f" "\xab\x76\xc6\x16\xd8\x7c\x43\x3a\x09\xaf\x5e\x65\xd7\xa8\x16\x0c" "\x87\x59\x06\x8b\x37\xac\x63\xbd\xde\xb5\xe3\x8d\xac\x8f\x73\x73" "\x14\x1c\x3b\x20\xce\x33\x17\xaf\x0f\xa5\x9c\x3d\x0d\xee\x58\x0c" "\xd1\x50\x9e\xa7\x70\x8e\x7e\xad\x62\xea\xcd\x02\xa6\x82\x76\x68" "\x41\x7d\x31\x11\x7f\x78\x0a\x4c\xbe\x85\x0d\xff\x15\x39\x5a\x2a" "\x09\xc3\x47\xdf\xb0\xb5\x33\xdb\x58\x90\x9f\x2b\x3a\xb0\x90\x69" "\xb6\xee\xab\x68\xac\xe0\x15\x4c\x00\x16\x4c\x6d\xaf\xc2\xef\x30" "\x5e\xdc\x55\x8e\xc6\xb7\x1f\x6f\xf7\xd4\x58\x67\x39\x51\xdd\x79" "\xaa\x6b\xbd\x7c\x0e\x24\x95\xfe\x54\x16\x9c\x5e\xd3\x40\x0f\xcd" "\xeb\xcc\xea\xe4\x29\x77\xab\x04\x5a\x2f\x68\xba\x5b\xdb\x86\xf0" "\xce\xf3\xa4\x85\xb1\xb6\xcb\x56\x0a\xf6\x98\x29\x5e\xa9\xe8\x6a" "\x7c\x28\xdb\xf6\xa3\x60\xbe\x17\xe1\x48\xce\xf4\x95\xaf\xcf\xcb" "\x88\xfa\x1b\x42\xc1\xe1\x43\x5a\xfb\xec\xa1\x7e\x94\x64\x39\x8e" "\x24\xb3\x94\x81\x66\x52\x75\xfd\x98\xee\x80\x52\xff\xbd\x9e\xcf" "\xaf\xdc\x3f\x43\x84\xe1\xe5\x88\xff\x16\x04\x47\xce\xcd\x4d\x34" "\x95\x00\x6a\x24\x55\xd9\x0d\xc8\xe3\xa6\x1a\x8f\x53\x68\x02\xc7" "\x5a\x92\xf9\xdb\xd2\xcb\x67\x70\xd1\xc8\x7b\x4e\x84\x1c\x8d\xd7" "\xf5\xf7\x10\x8a\xd3\x30\x6f\x24\xa3\x24\x1e\x3c\x4d\x40\xcf\x57" "\x9a\xc8\xb0\xd1\xae\x5b\x07\xa5\xfe\x0c\xea\x19\x72\x6c\x92\x68" "\x6d\xee\x15\x64\xbd\x3a\x2a\x14\xc0\x23\xec\xcb\xdc\xbc\x1d\x8f" "\x3c\xbb\x7c\xe4\xfc\xef\x5c\xc9\x28\xdf\x5b\x8f\x57\x5e\x42\xe8" "\x76\xc3\x01\xd4\xf6\x3d\xe7\x66\x2c\x1f\x8f\x58\x7a\x55\x19\xb5" "\x29\x0a\x80\x83\x86\x96\xe2\x80\x06\x89\xd3\xf4\xc0\x45\x02\x7b" "\xc2\xdd\xce\x1f\xbb\x70\x30\xae\x23\x31\xe6\x8e\x01\x70\x26\x34" "\x3b\x34\x8a\xef\x2a\x34\x58\xba\x74\x6c\xa4\x02\x3a\x1d\x89\x34" "\x0b\x65\x17\x54\xa1\x21\xaa\xcd\x0a\x1d\x79\xec\xec\x8c\x27\x40" "\xb7\x33\x83\xf1\x6c\xaf\x64\x25\xe7\xed\x5e\x09\xd2\xbf\x9f\x49" "\x11\xaa\x63\xd6\xee\x42\xb4\xfa\x26\x81\x4c\xa3\xff\x47\x6c" "\x47", 4096); *(uint64_t*)0x20f75000 = (uint64_t)0x18; *(uint32_t*)0x20f75008 = (uint32_t)0x117; *(uint32_t*)0x20f7500c = (uint32_t)0x3; *(uint32_t*)0x20f75010 = (uint32_t)0x0; r[31] = syscall(__NR_sendmsg, r[10], 0x20f74fc8ul, 0x0ul); r[32] = syscall(__NR_io_setup, 0x8000000001ul, 0x20b73ff8ul); if (r[32] != -1) r[33] = *(uint64_t*)0x20b73ff8; *(uint64_t*)0x20738000 = (uint64_t)0x20f73fc0; *(uint64_t*)0x20f73fc0 = (uint64_t)0x0; *(uint32_t*)0x20f73fc8 = (uint32_t)0x0; *(uint32_t*)0x20f73fcc = (uint32_t)0x0; *(uint16_t*)0x20f73fd0 = (uint16_t)0x0; *(uint16_t*)0x20f73fd2 = (uint16_t)0x0; *(uint32_t*)0x20f73fd4 = r[10]; *(uint64_t*)0x20f73fd8 = (uint64_t)0x2079a000; *(uint64_t*)0x20f73fe0 = (uint64_t)0x10; *(uint64_t*)0x20f73fe8 = (uint64_t)0x0; *(uint64_t*)0x20f73ff0 = (uint64_t)0x0; *(uint32_t*)0x20f73ff8 = (uint32_t)0x0; *(uint32_t*)0x20f73ffc = (uint32_t)0xffffffffffffffff; memcpy((void*)0x2079a000, "\x16\x80\xb5\x6c\x88\xe4\x52\xf0\xc9\x0a" "\xfe\xde\x60\x61\xa2\x0a", 16); r[48] = syscall(__NR_io_submit, r[33], 0x1ul, 0x20738000ul); } int main() { int i; for (i = 0; i < 8; i++) { if (fork() == 0) { loop(); return 0; } } sleep(1000000); return 0; }