Created
January 13, 2016 14:44
-
-
Save dvyukov/e833610757b098956b50 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // autogenerated by syzkaller (http://github.com/google/syzkaller) | |
| #include <unistd.h> | |
| #include <sys/syscall.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| #include <pthread.h> | |
| long r[367]; | |
| void *thr(void *arg) | |
| { | |
| switch ((long)arg) { | |
| case 0: | |
| r[0] = syscall(SYS_mmap, 0x20000000ul, 0x11000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); | |
| break; | |
| case 1: | |
| *(uint32_t*)0x20000ace = (uint32_t)0x2; | |
| *(uint32_t*)0x20000ad2 = (uint32_t)0xffffffffffffffff; | |
| *(uint32_t*)0x20000ad6 = (uint32_t)0x8; | |
| *(uint32_t*)0x20000ada = (uint32_t)0x0; | |
| *(uint32_t*)0x20000ade = (uint32_t)0xf; | |
| *(uint8_t*)0x20000ae2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000ae9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aea = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aeb = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aec = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aed = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aee = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aef = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af0 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af1 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000af9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000afa = (uint8_t)0x0; | |
| *(uint8_t*)0x20000afb = (uint8_t)0x0; | |
| *(uint8_t*)0x20000afc = (uint8_t)0x0; | |
| *(uint8_t*)0x20000afd = (uint8_t)0x0; | |
| *(uint8_t*)0x20000afe = (uint8_t)0x0; | |
| *(uint8_t*)0x20000aff = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b00 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b01 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b02 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b03 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b04 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b05 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b06 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b07 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b08 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b09 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b0a = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b0b = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b0c = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b0d = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b0e = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b0f = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b10 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b11 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b12 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b13 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b14 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b15 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b16 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b17 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b18 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b19 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b1a = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b1b = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b1c = (uint8_t)0x0; | |
| *(uint8_t*)0x20000b1d = (uint8_t)0x0; | |
| r[66] = syscall(SYS_ioctl, 0xfffffffffffffffful, 0x40505412ul, 0x20000aceul, 0, 0, 0); | |
| break; | |
| case 2: | |
| memcpy((void*)0x20000990, "\x2f\x64\x65\x76\x2f\x73\x6e\x64\x2f\x74\x69\x6d\x65\x72", 14); | |
| r[68] = syscall(SYS_open, 0x20000990ul, 0x40ul, 0x0ul, 0, 0, 0); | |
| break; | |
| case 3: | |
| r[69] = syscall(SYS_mmap, 0x20011000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); | |
| break; | |
| case 4: | |
| *(uint32_t*)0x20011fb0 = (uint32_t)0x1; | |
| *(uint32_t*)0x20011fb4 = (uint32_t)0x0; | |
| *(uint32_t*)0x20011fb8 = (uint32_t)0x1; | |
| *(uint32_t*)0x20011fbc = (uint32_t)0x0; | |
| *(uint32_t*)0x20011fc0 = (uint32_t)0x7; | |
| *(uint8_t*)0x20011fc4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fc5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fc6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fc7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fc8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fc9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fca = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fcb = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fcc = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fcd = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fce = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fcf = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd0 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd1 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fd9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fda = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fdb = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fdc = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fdd = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fde = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fdf = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe0 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe1 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fea = (uint8_t)0x0; | |
| *(uint8_t*)0x20011feb = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fec = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fed = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fee = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fef = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff0 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff1 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffa = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffb = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffc = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffd = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffe = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fff = (uint8_t)0x0; | |
| r[135] = syscall(SYS_ioctl, r[68], 0x40505412ul, 0x20011fb0ul, 0, 0, 0); | |
| break; | |
| case 5: | |
| *(uint32_t*)0x20000000 = (uint32_t)0x1; | |
| *(uint32_t*)0x20000004 = (uint32_t)0x7; | |
| *(uint32_t*)0x20000008 = (uint32_t)0x3; | |
| *(uint32_t*)0x2000000c = (uint32_t)0x0; | |
| *(uint32_t*)0x20000010 = (uint32_t)0x0; | |
| *(uint8_t*)0x20000014 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000015 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000016 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000017 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000018 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000019 = (uint8_t)0x0; | |
| *(uint8_t*)0x2000001a = (uint8_t)0x0; | |
| *(uint8_t*)0x2000001b = (uint8_t)0x0; | |
| *(uint8_t*)0x2000001c = (uint8_t)0x0; | |
| *(uint8_t*)0x2000001d = (uint8_t)0x0; | |
| *(uint8_t*)0x2000001e = (uint8_t)0x0; | |
| *(uint8_t*)0x2000001f = (uint8_t)0x0; | |
| *(uint8_t*)0x20000020 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000021 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000022 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000023 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000024 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000025 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000026 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000027 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000028 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000029 = (uint8_t)0x0; | |
| *(uint8_t*)0x2000002a = (uint8_t)0x0; | |
| *(uint8_t*)0x2000002b = (uint8_t)0x0; | |
| *(uint8_t*)0x2000002c = (uint8_t)0x0; | |
| *(uint8_t*)0x2000002d = (uint8_t)0x0; | |
| *(uint8_t*)0x2000002e = (uint8_t)0x0; | |
| *(uint8_t*)0x2000002f = (uint8_t)0x0; | |
| *(uint8_t*)0x20000030 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000031 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000032 = (uint8_t)0x0; | |
| *(uint8_t*)0x20000033 = (uint8_t)0x0; | |
| r[173] = syscall(SYS_ioctl, r[68], 0x40345410ul, 0x20000000ul, 0, 0, 0); | |
| break; | |
| case 6: | |
| r[174] = syscall(SYS_ioctl, r[68], 0x54a0ul, 0, 0, 0, 0); | |
| break; | |
| case 7: | |
| r[175] = syscall(SYS_mmap, 0x20011000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); | |
| break; | |
| case 8: | |
| *(uint32_t*)0x20011f08 = (uint32_t)0x9; | |
| *(uint32_t*)0x20011f0c = (uint32_t)0x87a; | |
| *(uint32_t*)0x20011f10 = (uint32_t)0x9; | |
| *(uint32_t*)0x20011f14 = (uint32_t)0x6f0a; | |
| *(uint32_t*)0x20011f18 = (uint32_t)0x4; | |
| *(uint32_t*)0x20011f1c = (uint32_t)0x3; | |
| *(uint32_t*)0x20011f20 = (uint32_t)0xf5; | |
| *(uint8_t*)0x20011f24 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f25 = (uint8_t)0x56; | |
| *(uint8_t*)0x20011f26 = (uint8_t)0x9e1a; | |
| *(uint8_t*)0x20011f27 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f28 = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f29 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f2a = (uint8_t)0xd8; | |
| *(uint8_t*)0x20011f2b = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f2c = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f2d = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f2e = (uint8_t)0xfffffffffffffffb; | |
| *(uint8_t*)0x20011f2f = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f30 = (uint8_t)0xfffffffffffffff7; | |
| *(uint8_t*)0x20011f31 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f32 = (uint8_t)0x1; | |
| *(uint8_t*)0x20011f33 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f34 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f35 = (uint8_t)0x4f4; | |
| *(uint8_t*)0x20011f36 = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f37 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f38 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f39 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f3a = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f3b = (uint8_t)0x4b5; | |
| *(uint8_t*)0x20011f3c = (uint8_t)0xfffffffffffffffc; | |
| *(uint8_t*)0x20011f3d = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f3e = (uint8_t)0x64f; | |
| *(uint8_t*)0x20011f3f = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f40 = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f41 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f42 = (uint8_t)0xff09; | |
| *(uint8_t*)0x20011f43 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f44 = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f45 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f46 = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f47 = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f48 = (uint8_t)0xfffffffffffffffe; | |
| *(uint8_t*)0x20011f49 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f4a = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f4b = (uint8_t)0x53; | |
| *(uint8_t*)0x20011f4c = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f4d = (uint8_t)0xea; | |
| *(uint8_t*)0x20011f4e = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f4f = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f50 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f51 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f52 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f53 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f54 = (uint8_t)0xfdc1; | |
| *(uint8_t*)0x20011f55 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f56 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f57 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f58 = (uint8_t)0x7d; | |
| *(uint8_t*)0x20011f59 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f5a = (uint8_t)0xfffffffffffffffd; | |
| *(uint8_t*)0x20011f5b = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f5c = (uint8_t)0x3d; | |
| *(uint8_t*)0x20011f5d = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f5e = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f5f = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f60 = (uint8_t)0x34; | |
| *(uint8_t*)0x20011f61 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f62 = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f63 = (uint8_t)0xffffffffffffff71; | |
| *(uint8_t*)0x20011f64 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f65 = (uint8_t)0x1834; | |
| *(uint8_t*)0x20011f66 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f67 = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f68 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f69 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f6a = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f6b = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f6c = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f6d = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f6e = (uint8_t)0xfffffffffffffff9; | |
| *(uint8_t*)0x20011f6f = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f70 = (uint8_t)0xfffffffffffffff7; | |
| *(uint8_t*)0x20011f71 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f72 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f73 = (uint8_t)0xb20; | |
| *(uint8_t*)0x20011f74 = (uint8_t)0xfffffffffffffffa; | |
| *(uint8_t*)0x20011f75 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f76 = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f77 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011f78 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f79 = (uint8_t)0xffffffffffffffff; | |
| *(uint8_t*)0x20011f7a = (uint8_t)0x1; | |
| *(uint8_t*)0x20011f7b = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f7c = (uint8_t)0x20f; | |
| *(uint8_t*)0x20011f7d = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f7e = (uint8_t)0x4; | |
| *(uint8_t*)0x20011f7f = (uint8_t)0xa469; | |
| *(uint8_t*)0x20011f80 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f81 = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f82 = (uint8_t)0xb8b; | |
| *(uint8_t*)0x20011f83 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f84 = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f85 = (uint8_t)0xfffffffffffffffb; | |
| *(uint8_t*)0x20011f86 = (uint8_t)0x4; | |
| *(uint8_t*)0x20011f87 = (uint8_t)0x6a; | |
| *(uint8_t*)0x20011f88 = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f89 = (uint8_t)0xfffffffffffffe90; | |
| *(uint8_t*)0x20011f8a = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f8b = (uint8_t)0x4; | |
| *(uint8_t*)0x20011f8c = (uint8_t)0xfffffffffffffff7; | |
| *(uint8_t*)0x20011f8d = (uint8_t)0x9; | |
| *(uint8_t*)0x20011f8e = (uint8_t)0x1; | |
| *(uint8_t*)0x20011f8f = (uint8_t)0x4; | |
| *(uint8_t*)0x20011f90 = (uint8_t)0x5; | |
| *(uint8_t*)0x20011f91 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f92 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011f93 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011f94 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f95 = (uint8_t)0x99c; | |
| *(uint8_t*)0x20011f96 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f97 = (uint8_t)0x4; | |
| *(uint8_t*)0x20011f98 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f99 = (uint8_t)0x701; | |
| *(uint8_t*)0x20011f9a = (uint8_t)0xfffffffffffffffa; | |
| *(uint8_t*)0x20011f9b = (uint8_t)0x0; | |
| *(uint8_t*)0x20011f9c = (uint8_t)0x7; | |
| *(uint8_t*)0x20011f9d = (uint8_t)0x1; | |
| *(uint8_t*)0x20011f9e = (uint8_t)0x6; | |
| *(uint8_t*)0x20011f9f = (uint8_t)0x8; | |
| *(uint8_t*)0x20011fa0 = (uint8_t)0x1; | |
| *(uint8_t*)0x20011fa1 = (uint8_t)0x2; | |
| *(uint8_t*)0x20011fa2 = (uint8_t)0x8; | |
| *(uint8_t*)0x20011fa3 = (uint8_t)0x1; | |
| *(uint8_t*)0x20011fa4 = (uint8_t)0x6; | |
| *(uint8_t*)0x20011fa5 = (uint8_t)0x66; | |
| *(uint8_t*)0x20011fa6 = (uint8_t)0xffffffffffffabfa; | |
| *(uint8_t*)0x20011fa7 = (uint8_t)0x61f8; | |
| *(uint8_t*)0x20011fa8 = (uint8_t)0x7; | |
| *(uint8_t*)0x20011fa9 = (uint8_t)0x9; | |
| *(uint8_t*)0x20011faa = (uint8_t)0x5; | |
| *(uint8_t*)0x20011fab = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fac = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fad = (uint8_t)0x4; | |
| *(uint8_t*)0x20011fae = (uint8_t)0x7; | |
| *(uint8_t*)0x20011faf = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fb0 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011fb1 = (uint8_t)0x3; | |
| *(uint8_t*)0x20011fb2 = (uint8_t)0x9; | |
| *(uint8_t*)0x20011fb3 = (uint8_t)0x2; | |
| *(uint64_t*)0x20011fb8 = (uint64_t)0x0; | |
| *(uint64_t*)0x20011fc0 = (uint64_t)0xdc; | |
| *(uint64_t*)0x20011fc8 = (uint64_t)0x1; | |
| *(uint64_t*)0x20011fd0 = (uint64_t)0x3; | |
| *(uint32_t*)0x20011fd8 = (uint32_t)0x0; | |
| *(uint8_t*)0x20011fdc = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fdd = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fde = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fdf = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe0 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe1 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fe9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fea = (uint8_t)0x0; | |
| *(uint8_t*)0x20011feb = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fec = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fed = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fee = (uint8_t)0x0; | |
| *(uint8_t*)0x20011fef = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff0 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff1 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff2 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff3 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff4 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff5 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff6 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff7 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff8 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ff9 = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffa = (uint8_t)0x0; | |
| *(uint8_t*)0x20011ffb = (uint8_t)0x0; | |
| r[364] = syscall(SYS_ioctl, r[68], 0xc0f85403ul, 0x20011f08ul, 0, 0, 0); | |
| break; | |
| case 9: | |
| r[365] = syscall(SYS_ioctl, r[68], 0x54a2ul, 0, 0, 0, 0); | |
| break; | |
| case 10: | |
| r[366] = syscall(SYS_ioctl, r[68], 0x54a1ul, 0, 0, 0, 0); | |
| break; | |
| } | |
| return 0; | |
| } | |
| int main() | |
| { | |
| long i; | |
| pthread_t th[11]; | |
| memset(r, -1, sizeof(r)); | |
| for (i = 0; i < 11; i++) { | |
| pthread_create(&th[i], 0, thr, (void*)i); | |
| usleep(10000); | |
| } | |
| usleep(100000); | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment