Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // autogenerated by syzkaller (https://github.com/google/syzkaller)
- #define _GNU_SOURCE
- #include <arpa/inet.h>
- #include <endian.h>
- #include <errno.h>
- #include <fcntl.h>
- #include <net/if.h>
- #include <netinet/in.h>
- #include <setjmp.h>
- #include <stdbool.h>
- #include <stddef.h>
- #include <stdint.h>
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include <sys/ioctl.h>
- #include <sys/mman.h>
- #include <sys/mount.h>
- #include <sys/socket.h>
- #include <sys/stat.h>
- #include <sys/syscall.h>
- #include <sys/types.h>
- #include <unistd.h>
- #include <linux/genetlink.h>
- #include <linux/if_addr.h>
- #include <linux/if_link.h>
- #include <linux/in6.h>
- #include <linux/loop.h>
- #include <linux/neighbour.h>
- #include <linux/net.h>
- #include <linux/netlink.h>
- #include <linux/rtnetlink.h>
- #include <linux/veth.h>
- static long syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(volatile long val)
- {
- char command[256];
- sprintf(command, "echo %ld > /proc/sys/net/ipv6/conf/sit0/accept_source_route", val);
- int ret = system(command);
- if (ret != 0) {
- return 0;
- }
- return 0;
- }
- static long syz_sysconfig_reset__proc_sys_net_ipv6_ip6frag_time()
- {
- char command[256];
- sprintf(command, "echo 60 > /proc/sys/net/ipv6/ip6frag_time");
- int ret = system(command);
- if (ret != 0) {
- return 0;
- }
- return 0;
- }
- static long syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(volatile long val)
- {
- char command[256];
- sprintf(command, "echo %ld > /sys/devices/pci0000:00/0000:00:03.0/net/eth0/mtu", val);
- int ret = system(command);
- if (ret != 0) {
- return 0;
- }
- return 0;
- }
- static long syz_sysconfig_reset__proc_sys_net_ipv6_conf_eth0_accept_untracked_na()
- {
- char command[256];
- sprintf(command, "echo 0 > /proc/sys/net/ipv6/conf/eth0/accept_untracked_na");
- int ret = system(command);
- if (ret != 0) {
- return 0;
- }
- return 0;
- }
- #ifndef __NR_cachestat
- #define __NR_cachestat 451
- #endif
- #ifndef __NR_close_range
- #define __NR_close_range 436
- #endif
- #ifndef __NR_epoll_pwait2
- #define __NR_epoll_pwait2 441
- #endif
- #ifndef __NR_fsconfig
- #define __NR_fsconfig 431
- #endif
- #ifndef __NR_fsmount
- #define __NR_fsmount 432
- #endif
- #ifndef __NR_fspick
- #define __NR_fspick 433
- #endif
- #ifndef __NR_io_uring_enter
- #define __NR_io_uring_enter 426
- #endif
- #ifndef __NR_io_uring_register
- #define __NR_io_uring_register 427
- #endif
- #ifndef __NR_memfd_create
- #define __NR_memfd_create 319
- #endif
- #ifndef __NR_pidfd_getfd
- #define __NR_pidfd_getfd 438
- #endif
- #ifndef __NR_pwritev2
- #define __NR_pwritev2 328
- #endif
- #ifndef __NR_renameat2
- #define __NR_renameat2 316
- #endif
- #ifndef __NR_seccomp
- #define __NR_seccomp 317
- #endif
- static unsigned long long procid;
- #define BITMASK(bf_off, bf_len) (((1ull << (bf_len)) - 1) << (bf_off))
- #define STORE_BY_BITMASK(type, htobe, addr, val, bf_off, bf_len) \
- *(type*)(addr) = \
- htobe((htobe(*(type*)(addr)) & ~BITMASK((bf_off), (bf_len))) | \
- (((type)(val) << (bf_off)) & BITMASK((bf_off), (bf_len))))
- struct csum_inet {
- uint32_t acc;
- };
- static void csum_inet_init(struct csum_inet* csum)
- {
- csum->acc = 0;
- }
- static void csum_inet_update(struct csum_inet* csum, const uint8_t* data,
- size_t length)
- {
- if (length == 0)
- return;
- size_t i = 0;
- for (; i < length - 1; i += 2)
- csum->acc += *(uint16_t*)&data[i];
- if (length & 1)
- csum->acc += le16toh((uint16_t)data[length - 1]);
- while (csum->acc > 0xffff)
- csum->acc = (csum->acc & 0xffff) + (csum->acc >> 16);
- }
- static uint16_t csum_inet_digest(struct csum_inet* csum)
- {
- return ~csum->acc;
- }
- struct nlmsg {
- char* pos;
- int nesting;
- struct nlattr* nested[8];
- char buf[4096];
- };
- static void netlink_init(struct nlmsg* nlmsg, int typ, int flags,
- const void* data, int size)
- {
- memset(nlmsg, 0, sizeof(*nlmsg));
- struct nlmsghdr* hdr = (struct nlmsghdr*)nlmsg->buf;
- hdr->nlmsg_type = typ;
- hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags;
- memcpy(hdr + 1, data, size);
- nlmsg->pos = (char*)(hdr + 1) + NLMSG_ALIGN(size);
- }
- static void netlink_attr(struct nlmsg* nlmsg, int typ, const void* data,
- int size)
- {
- struct nlattr* attr = (struct nlattr*)nlmsg->pos;
- attr->nla_len = sizeof(*attr) + size;
- attr->nla_type = typ;
- if (size > 0)
- memcpy(attr + 1, data, size);
- nlmsg->pos += NLMSG_ALIGN(attr->nla_len);
- }
- static int netlink_send_ext(struct nlmsg* nlmsg, int sock, uint16_t reply_type,
- int* reply_len, bool dofail)
- {
- if (nlmsg->pos > nlmsg->buf + sizeof(nlmsg->buf) || nlmsg->nesting)
- exit(1);
- struct nlmsghdr* hdr = (struct nlmsghdr*)nlmsg->buf;
- hdr->nlmsg_len = nlmsg->pos - nlmsg->buf;
- struct sockaddr_nl addr;
- memset(&addr, 0, sizeof(addr));
- addr.nl_family = AF_NETLINK;
- ssize_t n = sendto(sock, nlmsg->buf, hdr->nlmsg_len, 0,
- (struct sockaddr*)&addr, sizeof(addr));
- if (n != (ssize_t)hdr->nlmsg_len) {
- if (dofail)
- exit(1);
- return -1;
- }
- n = recv(sock, nlmsg->buf, sizeof(nlmsg->buf), 0);
- if (reply_len)
- *reply_len = 0;
- if (n < 0) {
- if (dofail)
- exit(1);
- return -1;
- }
- if (n < (ssize_t)sizeof(struct nlmsghdr)) {
- errno = EINVAL;
- if (dofail)
- exit(1);
- return -1;
- }
- if (hdr->nlmsg_type == NLMSG_DONE)
- return 0;
- if (reply_len && hdr->nlmsg_type == reply_type) {
- *reply_len = n;
- return 0;
- }
- if (n < (ssize_t)(sizeof(struct nlmsghdr) + sizeof(struct nlmsgerr))) {
- errno = EINVAL;
- if (dofail)
- exit(1);
- return -1;
- }
- if (hdr->nlmsg_type != NLMSG_ERROR) {
- errno = EINVAL;
- if (dofail)
- exit(1);
- return -1;
- }
- errno = -((struct nlmsgerr*)(hdr + 1))->error;
- return -errno;
- }
- static int netlink_query_family_id(struct nlmsg* nlmsg, int sock,
- const char* family_name, bool dofail)
- {
- struct genlmsghdr genlhdr;
- memset(&genlhdr, 0, sizeof(genlhdr));
- genlhdr.cmd = CTRL_CMD_GETFAMILY;
- netlink_init(nlmsg, GENL_ID_CTRL, 0, &genlhdr, sizeof(genlhdr));
- netlink_attr(nlmsg, CTRL_ATTR_FAMILY_NAME, family_name,
- strnlen(family_name, GENL_NAMSIZ - 1) + 1);
- int n = 0;
- int err = netlink_send_ext(nlmsg, sock, GENL_ID_CTRL, &n, dofail);
- if (err < 0) {
- return -1;
- }
- uint16_t id = 0;
- struct nlattr* attr = (struct nlattr*)(nlmsg->buf + NLMSG_HDRLEN +
- NLMSG_ALIGN(sizeof(genlhdr)));
- for (; (char*)attr < nlmsg->buf + n;
- attr = (struct nlattr*)((char*)attr + NLMSG_ALIGN(attr->nla_len))) {
- if (attr->nla_type == CTRL_ATTR_FAMILY_ID) {
- id = *(uint16_t*)(attr + 1);
- break;
- }
- }
- if (!id) {
- errno = EINVAL;
- return -1;
- }
- recv(sock, nlmsg->buf, sizeof(nlmsg->buf), 0);
- return id;
- }
- const int kInitNetNsFd = 201;
- static long syz_open_dev(volatile long a0, volatile long a1, volatile long a2)
- {
- if (a0 == 0xc || a0 == 0xb) {
- char buf[128];
- sprintf(buf, "/dev/%s/%d:%d", a0 == 0xc ? "char" : "block", (uint8_t)a1,
- (uint8_t)a2);
- return open(buf, O_RDWR, 0);
- } else {
- char buf[1024];
- char* hash;
- strncpy(buf, (char*)a0, sizeof(buf) - 1);
- buf[sizeof(buf) - 1] = 0;
- while ((hash = strchr(buf, '#'))) {
- *hash = '0' + (char)(a1 % 10);
- a1 /= 10;
- }
- return open(buf, a2, 0);
- }
- }
- static long syz_open_procfs(volatile long a0, volatile long a1)
- {
- char buf[128];
- memset(buf, 0, sizeof(buf));
- if (a0 == 0) {
- snprintf(buf, sizeof(buf), "/proc/self/%s", (char*)a1);
- } else if (a0 == -1) {
- snprintf(buf, sizeof(buf), "/proc/thread-self/%s", (char*)a1);
- } else {
- snprintf(buf, sizeof(buf), "/proc/self/task/%d/%s", (int)a0, (char*)a1);
- }
- int fd = open(buf, O_RDWR);
- if (fd == -1)
- fd = open(buf, O_RDONLY);
- return fd;
- }
- static long syz_init_net_socket(volatile long domain, volatile long type,
- volatile long proto)
- {
- return syscall(__NR_socket, domain, type, proto);
- }
- static long syz_genetlink_get_family_id(volatile long name,
- volatile long sock_arg)
- {
- int fd = sock_arg;
- if (fd < 0) {
- fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC);
- if (fd == -1) {
- return -1;
- }
- }
- struct nlmsg nlmsg_tmp;
- int ret = netlink_query_family_id(&nlmsg_tmp, fd, (char*)name, false);
- if ((int)sock_arg < 0)
- close(fd);
- if (ret < 0) {
- return -1;
- }
- return ret;
- }
- //% This code is derived from puff.{c,h}, found in the zlib development. The
- //% original files come with the following copyright notice:
- //% Copyright (C) 2002-2013 Mark Adler, all rights reserved
- //% version 2.3, 21 Jan 2013
- //% This software is provided 'as-is', without any express or implied
- //% warranty. In no event will the author be held liable for any damages
- //% arising from the use of this software.
- //% Permission is granted to anyone to use this software for any purpose,
- //% including commercial applications, and to alter it and redistribute it
- //% freely, subject to the following restrictions:
- //% 1. The origin of this software must not be misrepresented; you must not
- //% claim that you wrote the original software. If you use this software
- //% in a product, an acknowledgment in the product documentation would be
- //% appreciated but is not required.
- //% 2. Altered source versions must be plainly marked as such, and must not be
- //% misrepresented as being the original software.
- //% 3. This notice may not be removed or altered from any source distribution.
- //% Mark Adler [email protected]
- //% BEGIN CODE DERIVED FROM puff.{c,h}
- #define MAXBITS 15
- #define MAXLCODES 286
- #define MAXDCODES 30
- #define MAXCODES (MAXLCODES + MAXDCODES)
- #define FIXLCODES 288
- struct puff_state {
- unsigned char* out;
- unsigned long outlen;
- unsigned long outcnt;
- const unsigned char* in;
- unsigned long inlen;
- unsigned long incnt;
- int bitbuf;
- int bitcnt;
- jmp_buf env;
- };
- static int puff_bits(struct puff_state* s, int need)
- {
- long val = s->bitbuf;
- while (s->bitcnt < need) {
- if (s->incnt == s->inlen)
- longjmp(s->env, 1);
- val |= (long)(s->in[s->incnt++]) << s->bitcnt;
- s->bitcnt += 8;
- }
- s->bitbuf = (int)(val >> need);
- s->bitcnt -= need;
- return (int)(val & ((1L << need) - 1));
- }
- static int puff_stored(struct puff_state* s)
- {
- s->bitbuf = 0;
- s->bitcnt = 0;
- if (s->incnt + 4 > s->inlen)
- return 2;
- unsigned len = s->in[s->incnt++];
- len |= s->in[s->incnt++] << 8;
- if (s->in[s->incnt++] != (~len & 0xff) ||
- s->in[s->incnt++] != ((~len >> 8) & 0xff))
- return -2;
- if (s->incnt + len > s->inlen)
- return 2;
- if (s->outcnt + len > s->outlen)
- return 1;
- for (; len--; s->outcnt++, s->incnt++) {
- if (s->in[s->incnt])
- s->out[s->outcnt] = s->in[s->incnt];
- }
- return 0;
- }
- struct puff_huffman {
- short* count;
- short* symbol;
- };
- static int puff_decode(struct puff_state* s, const struct puff_huffman* h)
- {
- int first = 0;
- int index = 0;
- int bitbuf = s->bitbuf;
- int left = s->bitcnt;
- int code = first = index = 0;
- int len = 1;
- short* next = h->count + 1;
- while (1) {
- while (left--) {
- code |= bitbuf & 1;
- bitbuf >>= 1;
- int count = *next++;
- if (code - count < first) {
- s->bitbuf = bitbuf;
- s->bitcnt = (s->bitcnt - len) & 7;
- return h->symbol[index + (code - first)];
- }
- index += count;
- first += count;
- first <<= 1;
- code <<= 1;
- len++;
- }
- left = (MAXBITS + 1) - len;
- if (left == 0)
- break;
- if (s->incnt == s->inlen)
- longjmp(s->env, 1);
- bitbuf = s->in[s->incnt++];
- if (left > 8)
- left = 8;
- }
- return -10;
- }
- static int puff_construct(struct puff_huffman* h, const short* length, int n)
- {
- int len;
- for (len = 0; len <= MAXBITS; len++)
- h->count[len] = 0;
- int symbol;
- for (symbol = 0; symbol < n; symbol++)
- (h->count[length[symbol]])++;
- if (h->count[0] == n)
- return 0;
- int left = 1;
- for (len = 1; len <= MAXBITS; len++) {
- left <<= 1;
- left -= h->count[len];
- if (left < 0)
- return left;
- }
- short offs[MAXBITS + 1];
- offs[1] = 0;
- for (len = 1; len < MAXBITS; len++)
- offs[len + 1] = offs[len] + h->count[len];
- for (symbol = 0; symbol < n; symbol++)
- if (length[symbol] != 0)
- h->symbol[offs[length[symbol]]++] = symbol;
- return left;
- }
- static int puff_codes(struct puff_state* s, const struct puff_huffman* lencode,
- const struct puff_huffman* distcode)
- {
- static const short lens[29] = {3, 4, 5, 6, 7, 8, 9, 10, 11, 13,
- 15, 17, 19, 23, 27, 31, 35, 43, 51, 59,
- 67, 83, 99, 115, 131, 163, 195, 227, 258};
- static const short lext[29] = {0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2,
- 2, 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0};
- static const short dists[30] = {
- 1, 2, 3, 4, 5, 7, 9, 13, 17, 25,
- 33, 49, 65, 97, 129, 193, 257, 385, 513, 769,
- 1025, 1537, 2049, 3073, 4097, 6145, 8193, 12289, 16385, 24577};
- static const short dext[30] = {0, 0, 0, 0, 1, 1, 2, 2, 3, 3,
- 4, 4, 5, 5, 6, 6, 7, 7, 8, 8,
- 9, 9, 10, 10, 11, 11, 12, 12, 13, 13};
- int symbol;
- do {
- symbol = puff_decode(s, lencode);
- if (symbol < 0)
- return symbol;
- if (symbol < 256) {
- if (s->outcnt == s->outlen)
- return 1;
- if (symbol)
- s->out[s->outcnt] = symbol;
- s->outcnt++;
- } else if (symbol > 256) {
- symbol -= 257;
- if (symbol >= 29)
- return -10;
- int len = lens[symbol] + puff_bits(s, lext[symbol]);
- symbol = puff_decode(s, distcode);
- if (symbol < 0)
- return symbol;
- unsigned dist = dists[symbol] + puff_bits(s, dext[symbol]);
- if (dist > s->outcnt)
- return -11;
- if (s->outcnt + len > s->outlen)
- return 1;
- while (len--) {
- if (dist <= s->outcnt && s->out[s->outcnt - dist])
- s->out[s->outcnt] = s->out[s->outcnt - dist];
- s->outcnt++;
- }
- }
- } while (symbol != 256);
- return 0;
- }
- static int puff_fixed(struct puff_state* s)
- {
- static int virgin = 1;
- static short lencnt[MAXBITS + 1], lensym[FIXLCODES];
- static short distcnt[MAXBITS + 1], distsym[MAXDCODES];
- static struct puff_huffman lencode, distcode;
- if (virgin) {
- lencode.count = lencnt;
- lencode.symbol = lensym;
- distcode.count = distcnt;
- distcode.symbol = distsym;
- short lengths[FIXLCODES];
- int symbol;
- for (symbol = 0; symbol < 144; symbol++)
- lengths[symbol] = 8;
- for (; symbol < 256; symbol++)
- lengths[symbol] = 9;
- for (; symbol < 280; symbol++)
- lengths[symbol] = 7;
- for (; symbol < FIXLCODES; symbol++)
- lengths[symbol] = 8;
- puff_construct(&lencode, lengths, FIXLCODES);
- for (symbol = 0; symbol < MAXDCODES; symbol++)
- lengths[symbol] = 5;
- puff_construct(&distcode, lengths, MAXDCODES);
- virgin = 0;
- }
- return puff_codes(s, &lencode, &distcode);
- }
- static int puff_dynamic(struct puff_state* s)
- {
- static const short order[19] = {16, 17, 18, 0, 8, 7, 9, 6, 10, 5,
- 11, 4, 12, 3, 13, 2, 14, 1, 15};
- int nlen = puff_bits(s, 5) + 257;
- int ndist = puff_bits(s, 5) + 1;
- int ncode = puff_bits(s, 4) + 4;
- if (nlen > MAXLCODES || ndist > MAXDCODES)
- return -3;
- short lengths[MAXCODES];
- int index;
- for (index = 0; index < ncode; index++)
- lengths[order[index]] = puff_bits(s, 3);
- for (; index < 19; index++)
- lengths[order[index]] = 0;
- short lencnt[MAXBITS + 1], lensym[MAXLCODES];
- struct puff_huffman lencode = {lencnt, lensym};
- int err = puff_construct(&lencode, lengths, 19);
- if (err != 0)
- return -4;
- index = 0;
- while (index < nlen + ndist) {
- int symbol;
- int len;
- symbol = puff_decode(s, &lencode);
- if (symbol < 0)
- return symbol;
- if (symbol < 16)
- lengths[index++] = symbol;
- else {
- len = 0;
- if (symbol == 16) {
- if (index == 0)
- return -5;
- len = lengths[index - 1];
- symbol = 3 + puff_bits(s, 2);
- } else if (symbol == 17)
- symbol = 3 + puff_bits(s, 3);
- else
- symbol = 11 + puff_bits(s, 7);
- if (index + symbol > nlen + ndist)
- return -6;
- while (symbol--)
- lengths[index++] = len;
- }
- }
- if (lengths[256] == 0)
- return -9;
- err = puff_construct(&lencode, lengths, nlen);
- if (err && (err < 0 || nlen != lencode.count[0] + lencode.count[1]))
- return -7;
- short distcnt[MAXBITS + 1], distsym[MAXDCODES];
- struct puff_huffman distcode = {distcnt, distsym};
- err = puff_construct(&distcode, lengths + nlen, ndist);
- if (err && (err < 0 || ndist != distcode.count[0] + distcode.count[1]))
- return -8;
- return puff_codes(s, &lencode, &distcode);
- }
- static int puff(unsigned char* dest, unsigned long* destlen,
- const unsigned char* source, unsigned long sourcelen)
- {
- struct puff_state s = {
- .out = dest,
- .outlen = *destlen,
- .outcnt = 0,
- .in = source,
- .inlen = sourcelen,
- .incnt = 0,
- .bitbuf = 0,
- .bitcnt = 0,
- };
- int err;
- if (setjmp(s.env) != 0)
- err = 2;
- else {
- int last;
- do {
- last = puff_bits(&s, 1);
- int type = puff_bits(&s, 2);
- err = type == 0 ? puff_stored(&s)
- : (type == 1 ? puff_fixed(&s)
- : (type == 2 ? puff_dynamic(&s) : -1));
- if (err != 0)
- break;
- } while (!last);
- }
- *destlen = s.outcnt;
- return err;
- }
- //% END CODE DERIVED FROM puff.{c,h}
- #define ZLIB_HEADER_WIDTH 2
- static int puff_zlib_to_file(const unsigned char* source,
- unsigned long sourcelen, int dest_fd)
- {
- if (sourcelen < ZLIB_HEADER_WIDTH)
- return 0;
- source += ZLIB_HEADER_WIDTH;
- sourcelen -= ZLIB_HEADER_WIDTH;
- const unsigned long max_destlen = 132 << 20;
- void* ret = mmap(0, max_destlen, PROT_WRITE | PROT_READ,
- MAP_PRIVATE | MAP_ANON, -1, 0);
- if (ret == MAP_FAILED)
- return -1;
- unsigned char* dest = (unsigned char*)ret;
- unsigned long destlen = max_destlen;
- int err = puff(dest, &destlen, source, sourcelen);
- if (err) {
- munmap(dest, max_destlen);
- errno = -err;
- return -1;
- }
- if (write(dest_fd, dest, destlen) != (ssize_t)destlen) {
- munmap(dest, max_destlen);
- return -1;
- }
- return munmap(dest, max_destlen);
- }
- static int setup_loop_device(unsigned char* data, unsigned long size,
- const char* loopname, int* loopfd_p)
- {
- int err = 0, loopfd = -1;
- int memfd = syscall(__NR_memfd_create, "syzkaller", 0);
- if (memfd == -1) {
- err = errno;
- goto error;
- }
- if (puff_zlib_to_file(data, size, memfd)) {
- err = errno;
- goto error_close_memfd;
- }
- loopfd = open(loopname, O_RDWR);
- if (loopfd == -1) {
- err = errno;
- goto error_close_memfd;
- }
- if (ioctl(loopfd, LOOP_SET_FD, memfd)) {
- if (errno != EBUSY) {
- err = errno;
- goto error_close_loop;
- }
- ioctl(loopfd, LOOP_CLR_FD, 0);
- usleep(1000);
- if (ioctl(loopfd, LOOP_SET_FD, memfd)) {
- err = errno;
- goto error_close_loop;
- }
- }
- close(memfd);
- *loopfd_p = loopfd;
- return 0;
- error_close_loop:
- close(loopfd);
- error_close_memfd:
- close(memfd);
- error:
- errno = err;
- return -1;
- }
- static void reset_loop_device(const char* loopname)
- {
- int loopfd = open(loopname, O_RDWR);
- if (loopfd == -1) {
- return;
- }
- if (ioctl(loopfd, LOOP_CLR_FD, 0)) {
- }
- close(loopfd);
- }
- static long syz_mount_image(volatile long fsarg, volatile long dir,
- volatile long flags, volatile long optsarg,
- volatile long change_dir,
- volatile unsigned long size, volatile long image)
- {
- unsigned char* data = (unsigned char*)image;
- int res = -1, err = 0, need_loop_device = !!size;
- char* mount_opts = (char*)optsarg;
- char* target = (char*)dir;
- char* fs = (char*)fsarg;
- char* source = NULL;
- char loopname[64];
- if (need_loop_device) {
- int loopfd;
- memset(loopname, 0, sizeof(loopname));
- snprintf(loopname, sizeof(loopname), "/dev/loop%llu", procid);
- if (setup_loop_device(data, size, loopname, &loopfd) == -1)
- return -1;
- close(loopfd);
- source = loopname;
- }
- mkdir(target, 0777);
- char opts[256];
- memset(opts, 0, sizeof(opts));
- if (strlen(mount_opts) > (sizeof(opts) - 32)) {
- }
- strncpy(opts, mount_opts, sizeof(opts) - 32);
- if (strcmp(fs, "iso9660") == 0) {
- flags |= MS_RDONLY;
- } else if (strncmp(fs, "ext", 3) == 0) {
- bool has_remount_ro = false;
- char* remount_ro_start = strstr(opts, "errors=remount-ro");
- if (remount_ro_start != NULL) {
- char after = *(remount_ro_start + strlen("errors=remount-ro"));
- char before = remount_ro_start == opts ? '\0' : *(remount_ro_start - 1);
- has_remount_ro = ((before == '\0' || before == ',') &&
- (after == '\0' || after == ','));
- }
- if (strstr(opts, "errors=panic") || !has_remount_ro)
- strcat(opts, ",errors=continue");
- } else if (strcmp(fs, "xfs") == 0) {
- strcat(opts, ",nouuid");
- }
- res = mount(source, target, fs, flags, opts);
- if (res == -1) {
- err = errno;
- goto error_clear_loop;
- }
- res = open(target, O_RDONLY | O_DIRECTORY);
- if (res == -1) {
- err = errno;
- goto error_clear_loop;
- }
- if (change_dir) {
- res = chdir(target);
- if (res == -1) {
- err = errno;
- }
- }
- error_clear_loop:
- if (need_loop_device)
- reset_loop_device(loopname);
- errno = err;
- return res;
- }
- uint64_t r[197] = {0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0x0,
- 0x0,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff,
- 0xffffffffffffffff};
- int main(void)
- {
- syscall(__NR_mmap, /*addr=*/0x1ffffffff000ul, /*len=*/0x1000ul, /*prot=*/0ul,
- /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul, /*fd=*/-1,
- /*offset=*/0ul);
- syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0x1000000ul,
- /*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
- /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul, /*fd=*/-1,
- /*offset=*/0ul);
- syscall(__NR_mmap, /*addr=*/0x200001000000ul, /*len=*/0x1000ul, /*prot=*/0ul,
- /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul, /*fd=*/-1,
- /*offset=*/0ul);
- const char* reason;
- (void)reason;
- intptr_t res = 0;
- if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
- }
- memcpy((void*)0x200000007f80, "./bus\000", 6);
- res = syscall(
- __NR_open, /*file=*/0x200000007f80ul,
- /*flags=O_SYNC|O_NOCTTY|O_NOATIME|O_DIRECT|O_CREAT|0x2*/ 0x145142ul,
- /*mode=*/0ul);
- if (res != -1)
- r[0] = res;
- syscall(__NR_ftruncate, /*fd=*/r[0], /*len=*/0x2007ffbul);
- syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0xb36000ul,
- /*prot=PROT_WRITE*/ 2ul,
- /*flags=MAP_STACK|MAP_POPULATE|MAP_FIXED|MAP_SHARED*/ 0x28011ul,
- /*fd=*/r[0], /*offset=*/0ul);
- memcpy((void*)0x200000000540, "syztnl1\000\000\000\000\000\000\000\000\000",
- 16);
- *(uint64_t*)0x200000000550 = 0x200000002800;
- memcpy((void*)0x200000002800, "syztnl1\000\000\000\000\000\000\000\000\000",
- 16);
- *(uint32_t*)0x200000002810 = 0;
- *(uint16_t*)0x200000002814 = htobe16(0);
- *(uint16_t*)0x200000002816 = htobe16(0);
- *(uint32_t*)0x200000002818 = htobe32(0);
- *(uint32_t*)0x20000000281c = htobe32(0);
- STORE_BY_BITMASK(uint8_t, , 0x200000002820, 5, 0, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000002820, 4, 4, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000002821, 0, 0, 2);
- STORE_BY_BITMASK(uint8_t, , 0x200000002821, 0, 2, 6);
- *(uint16_t*)0x200000002822 = htobe16(0x14);
- *(uint16_t*)0x200000002824 = htobe16(0);
- *(uint16_t*)0x200000002826 = htobe16(0);
- *(uint8_t*)0x200000002828 = 0;
- *(uint8_t*)0x200000002829 = 0;
- *(uint16_t*)0x20000000282a = htobe16(0);
- *(uint32_t*)0x20000000282c = htobe32(0xe0000001);
- *(uint32_t*)0x200000002830 = htobe32(0xe0000001);
- struct csum_inet csum_1;
- csum_inet_init(&csum_1);
- csum_inet_update(&csum_1, (const uint8_t*)0x200000002820, 20);
- *(uint16_t*)0x20000000282a = csum_inet_digest(&csum_1);
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x89f2, /*arg=*/0x200000000540ul);
- syscall(__NR_mbind, /*addr=*/0x200000001000ul, /*len=*/0x800000ul,
- /*mode=*/0ul, /*nodemask=*/0ul, /*maxnode=*/0ul,
- /*flags=MPOL_MF_MOVE*/ 2ul);
- *(uint16_t*)0x200000000000 = 1;
- *(uint64_t*)0x200000000008 = 0x200000000040;
- *(uint16_t*)0x200000000040 = 6;
- *(uint8_t*)0x200000000042 = 0x99;
- *(uint8_t*)0x200000000043 = -1;
- *(uint32_t*)0x200000000044 = 8;
- syscall(__NR_seccomp, /*op=*/1ul, /*flags=*/0ul, /*arg=*/0x200000000000ul);
- memcpy((void*)0x2000000002c0, "./file0\000", 8);
- syscall(__NR_open, /*file=*/0x2000000002c0ul,
- /*flags=O_SYNC|O_NONBLOCK|O_CLOEXEC|O_WRONLY*/ 0x181801ul,
- /*mode=S_IXGRP|S_IWGRP*/ 0x18ul);
- memcpy((void*)0x2000000000c0, "vfat\000", 5);
- memcpy((void*)0x200000000300, "./file0\000", 8);
- memcpy(
- (void*)0x200000000800,
- "\x78\x9c\xec\xdc\xcb\x6b\x13\x5f\x14\xc0\xf1\xd3\xf4\x95\xa6\xb4\xc9\xe2"
- "\xc7\x4f\x14\xa4\x07\xdd\xe8\x66\x68\xa3\x6b\x31\x48\x0b\x62\xc0\x52\x1b"
- "\xf1\x01\xc2\xb4\x9d\x68\xc8\x98\x94\x4c\xa8\x44\xc4\xea\xca\xad\xf8\x47"
- "\xb8\x28\x5d\x76\x57\xd0\xfe\x03\xdd\xb8\xd3\x8d\x1b\x77\xdd\x08\x2e\xec"
- "\x42\x1c\xc9\x3c\xfa\x4c\x69\x69\x9b\x4c\xdb\x7c\x3f\x10\xee\x4d\xee\x3d"
- "\x33\xf7\x4e\x26\xe1\xdc\x21\x93\xb5\x07\xef\x9f\x17\xf3\x8e\x91\x37\xab"
- "\x12\x8b\xab\x74\x88\x88\xac\x8b\xa4\x24\x26\xa1\x8e\xa0\x8c\x79\xf5\x1e"
- "\xd9\xea\x8d\x5c\xed\xff\xf5\xf5\xe2\xbd\x87\x8f\xee\x64\xb2\xd9\xd1\x09"
- "\xd5\xb1\xcc\xe4\xb5\xb4\xaa\x0e\x0e\x7d\x7a\xf1\xaa\x2f\xe8\xb6\xdc\x2b"
- "\xab\xa9\x27\x6b\x3f\xd3\x3f\x56\xff\x5f\x3d\xbf\xf6\x77\xf2\x59\xc1\xd1"
- "\x82\xa3\xa5\x72\x55\x4d\x9d\x2a\x7f\xaf\x9a\x53\xb6\xa5\x33\x05\xa7\x68"
- "\xa8\x8e\xdb\x96\xe9\x58\x5a\x28\x39\x56\xc5\x6f\x2f\xfb\xed\x79\xbb\x3c"
- "\x3b\x5b\x53\xb3\x34\x33\x90\x98\xad\x58\x8e\xa3\x66\xa9\xa6\x45\xab\xa6"
- "\xd5\xb2\x56\x2b\x35\x35\x9f\x9a\x85\x92\x1a\x86\xa1\x03\x09\xc1\x7e\x72"
- "\x0b\x13\x13\x66\xe6\x90\xc1\xd3\xc7\x3c\x18\x34\x49\xa5\x92\x31\x3b\x45"
- "\xa4\x6f\x57\x4b\x6e\x21\x92\x01\x01\x00\x80\x48\xed\xcc\xff\x63\xf5\x94"
- "\xfe\xf8\xf2\xff\xc5\x4b\x2b\xd5\xfe\xfb\x4b\x83\x41\xfe\xbf\xdc\xd3\x28"
- "\xff\xbf\xfe\xcd\xdf\xd6\xb6\xfc\x3f\x2e\x22\x4d\xcf\xff\x77\x67\x44\xed"
- "\xe5\x48\xf9\x3f\x4e\x89\x7a\xfe\x9f\x08\x3e\xbf\x9e\xb7\x8f\x17\x87\xbd"
- "\x0a\xf9\x3f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\xa7\xc1\xba\xeb\x26\x5d\xd7\x4d\x86\x65\xf8\xe8\x15\x91\xb8\x88"
- "\x84\xcf\xa3\x1e\x27\x9a\x83\xf7\xbf\xbd\x6d\xde\xb8\xd7\x35\x28\x62\xbf"
- "\x9b\xcb\xcd\xe5\xfc\x32\xe8\xb0\x22\x22\xb6\x58\x32\x2c\x49\xf9\xe3\x9d"
- "\x0f\x81\x7a\x3d\xbc\x17\x50\xeb\x52\xf2\xd9\x9e\x0f\xe2\xe7\xe7\x72\x9d"
- "\x5e\x4b\x26\x2f\x05\x2f\x7e\x44\x92\x92\xda\x19\xef\xba\x63\xb7\xb3\xa3"
- "\x23\xea\xdb\x1e\xdf\x2d\x89\xad\xf1\x69\x49\xca\x7f\x8d\xe3\xd3\x0d\xe3"
- "\x7b\xe4\xca\xe5\x2d\xf1\x86\x24\xe5\xcb\xb4\x94\xc5\x96\x19\xef\xbc\xde"
- "\x8c\x7f\x3d\xa2\x7a\xeb\x6e\x76\x47\x7c\x9f\xd7\x0f\x00\x00\x00\x00\x80"
- "\xb3\xc0\xd0\x0d\x0d\xd7\xef\x86\xb1\x57\xbb\x1f\xbf\xb1\xbe\x6e\x78\x7d"
- "\xc0\x5f\x5f\x0f\x37\x5c\x9f\x77\xc9\x85\xae\x68\xe7\x0e\x00\x00\x00\x00"
- "\x40\xbb\x70\x6a\x2f\x8b\xa6\x6d\x5b\x95\x33\x57\x09\x67\x78\xd0\xa8\xf0"
- "\xb7\x0c\x91\x8c\x39\xdc\xf9\xc9\x38\x74\x07\xa8\xc4\x0e\x35\xd4\x21\x11"
- "\xb1\xf5\xa8\x7b\x0f\x2f\x1b\xed\xd5\x47\xc6\xa3\x3a\x2c\xe7\x3e\x7c\xfc"
- "\x7d\x7c\x1b\xbc\xb1\x14\xdf\x67\xa6\x4d\xab\x74\xb7\xf6\x5b\x08\x00\x00"
- "\x00\x40\x2b\x6c\x26\xfd\xe1\x2b\x37\xa3\x1d\x10\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6d"
- "\xa8\x15\x7f\x27\x16\xf5\x1c\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x93"
- "\xe2\x5f\x00\x00\x00\xff\xff\x7b\x91\x12\x85",
- 695);
- syz_mount_image(/*fs=*/0x2000000000c0, /*dir=*/0x200000000300, /*flags=*/0,
- /*opts=*/0x200000000ac0, /*chdir=*/5, /*size=*/0x2b7,
- /*img=*/0x200000000800);
- memcpy((void*)0x200000000100, "net_prio.prioidx\000", 17);
- syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000100ul,
- /*flags=*/0x275a, /*mode=*/0);
- syscall(__NR_getsockopt, /*fd=*/-1, /*level=*/0, /*optname=*/0x10,
- /*optval=*/0ul, /*optlen=*/0ul);
- memcpy((void*)0x200000000080, "./bus\000", 6);
- res =
- syscall(__NR_open, /*file=*/0x200000000080ul,
- /*flags=O_SYNC|O_NOCTTY|O_NOATIME|O_CREAT|FASYNC|0x2*/ 0x143142ul,
- /*mode=*/0ul);
- if (res != -1)
- r[1] = res;
- *(uint32_t*)0x200000000140 = 0;
- syscall(__NR_ioctl, /*fd=*/r[1], /*cmd=*/0x40086602,
- /*arg=*/0x200000000140ul);
- *(uint64_t*)0x200000000100 = -1;
- *(uint64_t*)0x200000000108 = -1;
- syscall(__NR_setrlimit, /*res=RLIMIT_FSIZE*/ 1ul, /*rlim=*/0x200000000100ul);
- memcpy((void*)0x200000000040, "./bus\000", 6);
- res = syscall(__NR_creat, /*file=*/0x200000000040ul, /*mode=*/0ul);
- if (res != -1)
- r[2] = res;
- syscall(__NR_lseek, /*fd=*/r[2], /*offset=*/0x7ffffcul, /*whence=*/0ul);
- syscall(__NR_write, /*fd=*/r[2], /*data=*/0x2000000001c0ul, /*len=*/0xfd14ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/2ul, /*proto=*/0);
- if (res != -1)
- r[3] = res;
- *(uint16_t*)0x200000000000 = 0xa;
- *(uint16_t*)0x200000000002 = htobe16(0xe22);
- *(uint32_t*)0x200000000004 = htobe32(0);
- memset((void*)0x200000000008, 0, 16);
- *(uint32_t*)0x200000000018 = 0;
- syscall(__NR_bind, /*fd=*/r[3], /*addr=*/0x200000000000ul,
- /*addrlen=*/0x1cul);
- *(uint32_t*)0x200000000040 = 0;
- syscall(__NR_setsockopt, /*fd=*/r[3], /*level=*/0x11, /*optname=*/0x64,
- /*optval=*/0x200000000040ul, /*optlen=*/4ul);
- syscall(__NR_ftruncate, /*fd=*/r[1], /*len=*/0x2c451b81ul);
- memcpy((void*)0x200000000400, "./bus\000", 6);
- res = syscall(__NR_open, /*file=*/0x200000000400ul,
- /*flags=O_NOATIME|O_RDWR*/ 0x40002ul, /*mode=*/0ul);
- if (res != -1)
- r[4] = res;
- syscall(__NR_close, /*fd=*/r[2]);
- syscall(__NR_fallocate, /*fd=*/r[4],
- /*mode=FALLOC_FL_PUNCH_HOLE|FALLOC_FL_KEEP_SIZE*/ 3ul,
- /*off=*/0x802000ul, /*len=*/0x4010000bffeul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/2ul, /*proto=*/0x88);
- if (res != -1)
- r[5] = res;
- *(uint32_t*)0x200000000280 = 5;
- res = syscall(__NR_getsockopt, /*fd=*/r[5], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x200000000240ul, /*optlen=*/0x200000000280ul);
- if (res != -1)
- r[6] = *(uint32_t*)0x200000000244;
- *(uint32_t*)0x200000000080 = 0xe8;
- res = syscall(__NR_getsockopt, /*fd=*/r[5], /*level=*/0, /*optname=*/0x11,
- /*optval=*/0x200000000140ul, /*optlen=*/0x200000000080ul);
- if (res != -1)
- r[7] = *(uint32_t*)0x200000000174;
- syscall(__NR_setreuid, /*ruid=*/r[7], /*euid=*/r[6]);
- syscall(__NR_madvise, /*addr=*/0x200000ff9000ul, /*len=*/0xffffffffdf006ffful,
- /*advice=*/0ul);
- *(uint32_t*)0x200000000380 = 0x14;
- syscall(__NR_accept4, /*fd=*/r[0], /*peer=*/0x200000000340ul,
- /*peerlen=*/0x200000000380ul,
- /*flags=SOCK_NONBLOCK|0xe407305877c48183*/ 0xe407305877c48983ul);
- res = -1;
- res = syz_open_dev(/*dev=*/0xc, /*major=*/4, /*minor=*/1);
- if (res != -1)
- r[8] = res;
- *(uint64_t*)0x2000000021c0 = 0x200000000080;
- memcpy(
- (void*)0x200000000080,
- "\xee\xd6\x07\x05\x97\x03\xf2\xbc\xa1\xa2\xd2\x39\xe7\x9d\x8c\x1e\x95\xb6"
- "\x44\x99\x85\x74\xf6\x93\x60\x2d\xfc\xb8\x32\xcd\x60\x99\xd0\x3a\x7c\x7e"
- "\xa1\x05\x36\x1d\x2a\x09\x7a\x90\xcb\x0e\x87\x86\xbd\x0f\xf3\xc8\x4c\x72"
- "\x30\x40\x9d\x40\x12\x66\x21\x6c\xbe\x55\xe6\x9d\x7d\xa8\x9d\x96\xb7\x9a"
- "\xf5\x6b\xaa\x96\x46\xf0\x98\x6e\xf7\x46\x9b\xf3\x98\x90\xcb\x92\x41\xed"
- "\x47\x87\x58\xdc\xc8\xbe\xae\x60\xee\xed\x76\x0e\xd6\x2a\xf7\x8b\xa1\x91"
- "\xb5\xfd\xb9\xd4\x88\x82\x8f\x56\x2d\x84\x0f\x97\x15\x9f\x22\x4f\x4a\x9b"
- "\xea\xcb\x76\x15\x10\x18\x07\x26\x04\x6f\xfa\xa3\x1d\x70\xa4\xc5\x36\xe4"
- "\x81\xdf\xc1\xe0\x8d\xb2\x40\xee\x89\x67\xfc\x1b\x2f\xa7\x46\xa4\xec\x13"
- "\xdd\x24\xc1\xcf\xa2\x67\x79\x72\x5b\x99\x68\xb5\xc7\x55\x41\x87\xec\x1a"
- "\xc5\x11\xf5\xe2\x0c\x35\xd5\x6e\x9f\x41\xfb\x6c\xf0\xb0\x39\x7a\xd5\x84"
- "\xa9\x0b\x99\x68\xae\xbb\x94\x10\x31\x09\x90\x08\x2c\x02\x57\xaa\xc8\x98"
- "\x2f\x12\x1f\x3a\xa9\xdf\x9c\x22\xfc\xf5\x49\xb8\x4f\x46\x77\x2a\x27\xa5"
- "\x7e\x24\x86\x62\xbe\x3b\x7a\xe9\x10\x02\x04\xe8\xf7\x5d\xcd\x89\x11\xac"
- "\xdd\x37\x6b\x38\xb6\x42\xd1\xa9\x15\x11\x89\x4e\xda\x2f\x5f\xa5\xe6\xf7"
- "\xb2\xd1\x20\xd8\xba\x82\xb6\xa3\x93\x55\xbb\x4d\x13\xf2\x86\x88\xb4\xb0"
- "\x95\x6d\x7f\x7f\x7f\xb8\xbf\x06\x7a\xf6\x40\xc9\xed\x4a\x1c\x65\x73\xb9"
- "\x41\xb6\x41\x75\xe8\x7a\xa4\x16\x40\x52\xa9\xd9\x4e\xd8\x1f\x87\xec\x60"
- "\x69\xb8\x4c\x5a\xae\xf4\x67\xed\xba\xda\xbb\xe8\x45\xa7\xd7\x5a\xf3\x39"
- "\x99\x89\x9d\xfa\x88\x7c\x67\x00\x7e\x8c\xec\x6e\xad\x9f\x6c\xb3\xd2\xb5"
- "\x6d\xff\x0f\x3a\x0d\x06\xa7\x2d\x0c\x56\x0e\x31\x8a\xc4\x9c\x2f\xb6\x83"
- "\xb6\x4a\x51\x2f\x09\xcc\x3d\xc4\xe7\xdf\x6d\x58\xe3\x1b\x81\x63\x7d\x90"
- "\xe2\xf0\x12\x3f\xd0\x21\x42\x72\x3c\x97\x5e\x89\xb2\x96\x86\x57\x71\xa0"
- "\x93\x3e\x25\x91\x15\x82\x10\xe7\x93\x14\x32\x25\xf4\x67\x1b\x50\xc0\x2e"
- "\xfa\xa0\x32\xed\xfe\xf7\x93\x9a\x17\x75\x3f\x72\x43\x88\xa2\xd6\xba\x88"
- "\x21\xc3\xce\x4c\x40\x7a\xc7\x4d\x35\x1d\x35\x0c\xd2\xb9\x8a\x8a\x63\xdb"
- "\xb0\x0b\x7c\x68\x59\xb1\x1a\x64\x0e\x34\xa3\x38\x73\x63\x09\xe3\xc0\x80"
- "\x47\xf1\x80\x4b\x77\xdd\x13\x51\xa1\xfa\x66\xfe\x6b\x80\x59\xf9\xe6\x31"
- "\xfb\x44\xfa\xf6\xc4\xa2\xbd\xd7\x16\xd9\x3d\x66\x9d\xc1\x4d\xba\xa4\x2e"
- "\xf1\x28\x67\x1b\xba\x50\xc7\xcf\x25\x84\xea\x93\x0e\x1f\xfc\xb7\x11\x84"
- "\xe5\xa9\x29\xdb\xf7\xc7\xdb\xc0\x6d\x80\x4e\x6c\x1f\x53\x6a\x3a\x1b\x33"
- "\x6a\x7a\x55\x39\xa8\x87\x9c\xa4\xea\x3c\xbe\x4e\x25\x47\x22\xf4\x3f\x07"
- "\x08\x61\xd1\xd0\xdf\x18\xcb\xfc\xe8\x53\x84\x21\x34\x54\x7e\xd3\x7a\xd6"
- "\xc2\xd7\x57\xf7\x6f\x8a\x29\x94\x3d\x57\x38\xd5\xe7\xaa\xbf\x4c\xad\x6f"
- "\x5d\xe6\xf5\x3a\x2b\x6f\x33\x6f\x19\xf4\x1e\x14\x42\x31\x08\x32\x14\x62"
- "\x47\x33\xe3\x6a\xb7\x42\x08\x6d\x9f\x78\x68\x89\xd5\xaf\x36\xc0\xe2\xc6"
- "\xa7\x31\x14\x81\x58\xd8\xb6\xc6\xdb\x31\x8d\x33\x52\x9d\x98\x81\x5b\x93"
- "\xca\x9e\xfd\xa1\x46\xf8\xdc\x4e\xc9\xdf\x08\xf4\x32\x53\xf5\x5c\x2d\xcc"
- "\x48\x0a\x0e\x8b\x85\xc1\x84\xad\x13\xdb\x79\xd4\x01\x79\xad\x4c\x43\xe3"
- "\x0f\x6f\x8e\xe8\x8e\xa9\xfb\xd5\x22\x8b\x26\xb9\x07\xf4\x6f\xfc\x5c\x2b"
- "\x59\x4a\xde\x4f\x48\xde\xe4\x56\x1a\xe9\x9c\x7f\xb8\x1f\xd7\x49\xcf\x9a"
- "\xa3\x6a\x01\xb5\x7b\x77\x0b\x77\x21\xbf\x29\x44\x18\x24\x17\x35\x44\x97"
- "\x95\x01\x6e\xd0\x59\x7d\x66\xa6\x84\x5a\xf6\x8d\x0d\x44\x23\x2c\x4f\xfb"
- "\x61\x60\xa4\x57\xde\x63\xab\x8b\xf8\xfe\x5f\x02\xf4\x03\x77\x93\xa3\x59"
- "\xf0\x79\x9c\x90\x6a\x62\x87\xaa\x00\x00\x4a\xfa\x09\x94\x9e\xa7\x87\xaa"
- "\x73\xa6\x94\x16\xb3\xb9\xe3\x24\xca\x33\x6b\x35\x19\x7e\x7f\x3f\x8d\x14"
- "\x19\xb8\x56\x67\x6f\x9e\xf2\xf7\xce\x14\xce\x12\xe2\x3c\x72\xac\xa9\xe1"
- "\x2f\xba\xf1\x18\x63\xd5\xb9\xd7\x75\x99\x86\xfa\x00\x62\x59\x9f\x8c\x35"
- "\x16\x4b\x7f\xd7\xe9\xe1\x45\x49\xba\x88\x3a\x24\x4f\xea\xa6\x07\x82\x79"
- "\xcf\x64\x12\xf1\x3c\xb0\x88\x3f\x62\xba\xf7\xcd\xa4\xb4\x81\xc2\xb0\x88"
- "\xeb\xd3\x69\xc1\x2a\x24\x33\xa4\x8c\x24\xd3\x13\x31\xa9\x40\x16\x25\x1f"
- "\x3b\x86\xdd\xe8\x84\xbd\x5a\xa7\xb1\xd5\x4d\xc8\x92\xf6\xeb\x9f\xf8\x47"
- "\x76\xc3\x81\x84\x78\xb9\x8a\x8b\x9f\xb4\xa9\xbd\x18\xa2\x7e\xcf\x4e\x7d"
- "\xd9\x95\xcd\xc6\x96\xfb\xfa\x32\x60\xf1\x60\xe5\x90\xe6\xd3\x11\xb4\xba"
- "\x53\xeb\x11\x1c\xc6\x9c\x1a\x18\x6e\x98\x05\xd8\x0f\xdc\x03\x58\x24\x78"
- "\xc9\x9a\xef\x40\x29\x4c\xa7\x2b\xf9\x65\xba\x97\x7a\x7f\x6f\xca\x5f\xa8"
- "\x6a\x11\x0d\xe0\x02\x60\x3f\x2d\x0e\x92\xce\x93\x60\xbd\x83\x3d\xb6\x2c"
- "\xb8\x54\x7e\x28\x15\xa1\xf5\x4d\xe4\x81\xf7\x45\x88\xf1\x2e\x40\x31\x22"
- "\x23\xe3\x95\x79\xd5\xe3\xc9\x21\xeb\x4e\x62\xb2\x86\x80\xc6\xc3\x50\xb8"
- "\x0d\x6a\xa6\x25\x97\xd1\x9d\x3c\x1c\x12\x35\x64\xdb\xfa\x06\x86\xfd\xf8"
- "\x58\xa1\x0f\x81\xda\x38\x4e\x26\x1c\xed\x07\x8b\xb3\xb2\x26\x9a\xc9\xf6"
- "\x1c\xa0\x66\xbb\xb2\xbc\x65\xdb\x1f\x4b\xf1\xb4\x45\xca\x57\xdc\x32\x37"
- "\x4e\x67\xb9\x45\x93\x2f\x7f\x01\x96\x06\x92\x19\xc7\x77\x23\x67\x7d\x13"
- "\xef\x54\x05\x3b\xd0\x6a\x6b\xf7\x00\x41\x01\xcb\x0d\x1f\xce\x78\xc5\x9e"
- "\xce\x5e\x3a\x3c\xe4\x61\x5d\x5b\x03\xf2\x79\x7e\xed\x62\x48\xfa\xed\x2a"
- "\x49\x4c\x2c\xd5\x10\x28\x0f\x4f\x6b\x56\x99\xcc\x2c\xdb\x74\x03\x7a\x20"
- "\x2f\xf1\x1c\x24\xd9\x61\x09\xb8\x12\xd9\x7a\x2b\xab\x0f\xa0\xea\xed\x5b"
- "\x29\x21\xdb\xb3\x1b\xb9\x5a\x5f\x63\x4a\xd8\x4d\x23\x06\xa4\x0e\xdc\xaa"
- "\x3f\x81\xed\xf2\x89\xec\xda\xd9\x2c\x03\x64\x74\x54\xa7\x19\x74\x50\x8b"
- "\x53\xbc\x28\xf2\x63\x79\xa6\x9b\x4c\x51\xd9\x50\x5e\xac\x0a\x23\x5d\x5c"
- "\x31\xda\x3f\xa5\xcc\x7d\x74\x7c\xea\x40\xac\x54\xf8\x84\x35\x78\x21\xb6"
- "\xc3\x3c\xf6\x34\xf0\x16\xd5\x35\xb3\x34\x8a\x3b\x5e\x17\x9e\x6f\x48\x08"
- "\xfe\x3a\xda\xcb\x30\xf7\xfd\x17\x1a\xa2\x9a\x28\x65\x07\xb5\x16\xda\xbd"
- "\xea\x2d\xf7\x45\x6e\xbc\x32\xdd\xd8\x39\x1e\x47\x79\xbb\xfc\x65\xd0\x0e"
- "\xa1\x34\x0e\x27\x54\x43\xa4\x4f\xf1\x74\x85\xeb\xac\xd8\xcf\xdd\xb0\x82"
- "\xfe\x09\x6f\x7a\x61\x38\xc5\xf3\x5d\x66\x5b\x60\x85\x9d\x8c\x22\x82\x80"
- "\x17\x30\x9d\xa1\xfa\x5c\x48\xbf\x00\x88\x07\x6e\x46\x52\x15\xe9\x21\x35"
- "\x3f\xde\xc2\x46\x65\x18\x48\x88\x33\xf7\x94\x3a\x5f\x82\x93\x63\x07\x8d"
- "\xc9\x05\xbd\xf0\x54\x4f\x36\xd9\xff\x0a\x9e\x87\xec\x74\x71\xa2\x36\x81"
- "\x31\xa9\xc3\x99\x91\xa5\x72\xfd\xe0\xdc\x9b\x91\x07\x93\x36\x43\xc9\xb8"
- "\x99\xe0\x21\x18\x61\xfb\xe7\xf2\x64\x81\xfb\x15\x38\xc9\x86\x1d\xf4\xd8"
- "\xd8\x33\xf7\xa4\x8a\xa2\x1f\xd9\xc4\x62\x58\x9f\x0e\x90\x77\x2b\xe7\x89"
- "\xcb\x32\xa4\xe3\xaa\x16\xd8\x6a\xa4\x01\x67\xe5\xc4\xa8\xb1\x36\xf7\xe0"
- "\xbf\x65\xe9\xa1\x3c\xe5\xc0\x2e\xa0\x5c\x9b\xdc\x8b\x50\x48\xbd\x68\x43"
- "\x98\x84\x30\xe0\xe0\xfb\x06\x95\x22\xe7\xb2\x72\x70\x15\xd6\x3c\x94\x8f"
- "\xe1\xb8\x03\xe3\xb0\x8d\x6d\x5e\x73\x5f\x1b\xe2\x88\x23\x17\x7a\x08\xae"
- "\x31\xab\x41\x63\xf0\x9f\xf2\x09\xb8\x54\x05\x02\xb2\x64\xd1\x2b\xdd\x35"
- "\x6a\x43\x3b\x5f\x2c\x3b\xb0\xc0\xde\xd1\x28\xce\x5d\xed\x14\x76\x23\x7b"
- "\xb3\xf4\xd5\x58\xc5\xfc\x1e\x7e\x98\x36\x36\xfc\xb2\xe7\xe2\x69\xfb\x26"
- "\xb1\x78\x3a\x9a\x99\xc8\xbe\xcf\xc2\x14\x1a\x50\x1c\xf0\xfd\xba\xb9\xd1"
- "\x3d\xef\xb0\x0c\x9b\x3e\x0d\xc1\xf5\x48\x31\x13\x93\x14\xb5\x03\xc5\xa2"
- "\xc3\x77\xce\xfb\xb2\x95\xe6\x82\x4d\x77\x00\x32\xaa\x2b\x51\xdc\xcc\xea"
- "\xcd\xeb\x57\x2a\x2c\x25\xf9\xec\x99\x0e\x4b\x83\xaf\xa2\xa4\x06\xa7\x2a"
- "\x35\xa4\xca\xe6\x17\xf2\x54\x2f\x4a\x3d\x60\xfc\x02\xf6\x29\xfb\xf5\x4c"
- "\xda\x85\xa8\x4e\x97\xca\x24\x44\x57\x98\x97\xaa\xd3\xb7\x31\x6d\x4e\xe8"
- "\x00\x2f\x93\xb8\x2b\x13\xcd\xa7\xc5\x3e\xce\x97\xb9\x4a\x7c\xf1\x0f\x1a"
- "\x4c\x73\xda\x6f\x3a\x89\xbe\x51\x19\x42\x41\x42\x75\x47\xf3\x13\xcc\x47"
- "\x95\x53\x81\xcb\x74\xa5\xaf\xb7\x35\xa6\xe3\x69\x9f\x36\x43\xfe\xe5\x96"
- "\x98\x55\x3c\xc3\x58\x63\x1f\x2a\x47\x08\x28\x8d\x86\xe5\x29\xb8\x25\x58"
- "\xe5\x78\x93\x03\xdb\xc9\xad\x0d\xd7\x7a\x98\x9d\x07\xe1\x63\x8d\x39\xb0"
- "\x9e\x9e\x47\xf3\x91\x7e\x0f\x5b\x9d\x0e\x48\x61\xbb\x44\x04\x63\xd7\x33"
- "\x33\x63\x0e\x95\xf5\x1a\xb0\x13\xa6\x96\x17\x95\xfe\x44\x83\x9f\x57\x5a"
- "\x17\xb8\x0e\x96\x46\xa0\xd3\x80\xe2\xca\x35\x2e\x5c\x7c\x8a\x85\xe0\x78"
- "\xef\xca\x17\x00\x46\xaf\xa8\x23\xa9\x29\xa1\xf6\x92\x68\xd7\xf1\x8c\xae"
- "\xe6\x70\xa2\x9c\xb9\xe7\xee\x92\x4d\xf3\x48\xe3\xcb\xdd\x8c\x13\x24\xed"
- "\xd0\x8f\x07\xf1\x24\x3b\x48\xfa\x55\xab\x30\x3e\x51\x30\x4e\x6e\xdf\xe5"
- "\xfb\xc3\xb9\xde\x1a\x69\x24\x17\x9c\x9b\x99\x27\x34\xea\x5f\xa2\x71\xc0"
- "\x99\xfe\xc8\xa5\x24\x76\x72\xa6\xe0\xf5\x51\x69\x1d\xec\xb8\xbe\xc9\xf9"
- "\x49\x4c\x7a\x26\x19\x50\xd1\xc4\xcb\x24\x0c\xfa\xc0\x5e\x05\x72\x71\x8a"
- "\x33\xba\x40\x38\xec\x03\xaf\x1c\x68\xb0\x67\xda\x19\xaf\xda\x71\x58\x2c"
- "\xca\x97\xa8\x01\xb8\x9b\x27\x72\x66\xe2\x91\xe7\x74\x0e\x76\x7b\x91\xe1"
- "\x0a\x57\xa2\x80\x6a\x6f\xa9\x99\x0c\x51\xb5\x21\xd0\x0a\x47\x33\x38\x47"
- "\x63\x03\x21\x94\x5d\x1f\x53\x60\x1a\x21\x59\x6c\x28\x14\x13\x63\xcf\xd4"
- "\xa4\x57\x94\x78\x32\xd7\x54\x5f\xf6\x56\x6e\x10\xc1\xc1\x6d\xa8\xfe\x8a"
- "\xb4\x0d\x4a\x4a\xfa\x8f\x19\x13\x92\x33\x2a\xcb\x53\x71\xd1\xff\x86\xed"
- "\x2f\x58\x8a\x62\x01\xa0\x93\xa0\x0f\x86\x86\x84\x98\x14\x93\x60\x28\xae"
- "\x79\xaf\x9d\xd8\x64\x75\x7b\xb9\xc2\x61\x4a\x9e\x76\xd6\xfa\xe7\xe6\xc0"
- "\x84\x17\x88\xb7\x15\xaa\x73\xd2\xf0\x1c\x3d\x4b\x0d\xcd\xb3\x8c\x5c\x6b"
- "\x81\xe6\x0d\x12\xb1\xca\x72\xb6\xc4\x7f\x5f\x3e\xb8\x83\xaf\x96\x4b\x87"
- "\x7e\xfa\x0c\x5a\xcf\xbd\x7f\x41\x0a\x06\x0c\x56\xa1\x79\x8f\x0c\x40\x7c"
- "\xb3\x16\xf7\x88\xe3\x0c\xf3\xd6\x9f\x19\x25\x33\xe1\x9a\x81\x8c\x8f\x7a"
- "\xa9\x90\xa6\xd9\x94\xe2\xad\x77\x56\x38\x8e\xc0\x17\x4c\x1c\x0a\x42\x24"
- "\x9e\x90\x3f\x32\x35\xfe\xa2\xd6\x5d\x54\x0f\xdc\x1c\x03\xe1\x57\x86\x52"
- "\x87\x87\xc8\x0c\x61\x94\x76\x36\x41\xcf\x7f\x85\xf5\x49\xea\x70\x6a\xa1"
- "\xb0\x7e\x4b\x29\x03\x71\x4b\x7f\x17\x64\x20\x2e\x53\x2b\x52\xe7\xaa\x8c"
- "\x06\x3f\xae\x17\x0e\xa9\x33\x62\xc7\x79\x4f\x32\xcd\x5e\xd3\xcb\x39\xa2"
- "\xa1\x8a\xcd\xa3\x66\xed\x03\x1a\x11\x4e\x9f\xb4\x7b\xea\xc6\x9b\xf0\x5f"
- "\x25\x8d\x77\xad\x41\x81\x91\x60\x16\x7c\x5b\x0f\x6d\x34\xf1\xd0\x63\xab"
- "\x2e\xf3\x19\xfc\xef\x2c\x23\x05\x8f\x85\xcc\x45\x3f\x6e\x40\x54\x7a\x99"
- "\xbc\xcb\x31\x7a\x4c\x19\xe2\xb3\xd9\x95\x05\xa2\x4e\x77\x3f\x2e\xe1\x0b"
- "\x88\x44\x3f\x48\x9b\xcb\xa4\x76\xe7\x86\xb4\xdc\xce\x1c\xd8\x19\xe0\x08"
- "\x06\xd7\x66\xaf\x56\x80\x42\x04\xab\xbf\xb8\xa7\xf8\xe2\xf3\xb3\x99\x52"
- "\x4a\x06\xea\xcb\x20\xb1\x45\x9c\x8f\x9c\x8a\x15\x74\x23\xc4\xa0\xd1\x8e"
- "\x56\x09\x79\x59\x61\xa6\xb0\xb8\xac\xd6\x43\xfe\x30\xfd\xdd\x00\x77\x40"
- "\x14\x5a\xe3\x1b\x08\x55\xbb\x8b\x02\x83\xa4\xe1\x39\x40\xb9\xaf\x0f\x84"
- "\x27\xf0\x90\x59\xac\x0f\x1e\xe1\x50\x77\x75\xf6\x74\x3d\xeb\xef\x31\xc8"
- "\x2c\x63\xfa\x8c\x5a\xdb\x08\xf0\x5e\x38\xfc\x37\xb0\x7d\x8a\x2f\x4d\x62"
- "\xb9\xeb\x47\x48\xb9\xe0\x28\xc7\x66\x7a\xc8\xea\x03\xf6\x4c\xbe\x9f\x9a"
- "\x3e\x75\xe4\xd5\x7b\x11\xf0\x2c\x72\x02\x4a\x65\xbc\x4f\x14\xfd\x3a\x0e"
- "\xab\xb3\x9b\x06\x2a\x7c\x68\x54\xa2\x99\xee\xf7\x49\x1b\xf1\x0c\x09\x6c"
- "\x50\xcf\xa4\xa3\xda\x48\x3f\x42\x93\x92\x05\x38\x3a\xe8\x31\x96\x04\xf7"
- "\x42\xab\x49\x82\x80\x1f\x0c\x83\xda\xbb\xd9\xda\x48\xe8\x00\xf5\x10\xdf"
- "\xec\xc2\x24\xf0\xb1\x83\xa8\x01\xdf\x96\xd2\x87\x06\x8f\xca\xad\x6c\xdd"
- "\xd4\x12\xc7\x96\xa4\x81\xd6\x09\xdb\xfd\x77\xe8\xb2\x96\xdc\xe8\x6f\xf8"
- "\xef\xa1\x0b\x23\xae\xc2\x61\xc0\x27\x58\x2f\x6a\x77\x0f\xf9\xf0\xf7\xa9"
- "\x9d\x8b\xa4\x94\x95\xf4\x69\x6c\xd6\xec\xa9\x20\xce\x17\xe0\xf0\xb1\x35"
- "\x38\x33\x68\x20\xf8\xc0\x1c\x7e\x95\x55\x67\x7a\x94\x5c\xfe\x8c\x5b\x25"
- "\x8b\xee\xb2\x41\x5c\x58\xdc\xe1\x73\xb3\x45\x8e\x27\x3e\x23\xbf\x6e\xbe"
- "\x2f\xea\xa2\xe9\x3d\xa4\x24\xb5\x18\x81\xb7\x32\xc4\x73\x56\xbb\x60\xde"
- "\xa0\x0a\xe1\x24\xe1\x6a\xa0\xa0\x6a\x4f\xeb\x2a\x32\x1e\x91\xd7\x18\x1d"
- "\x25\x8a\x3e\xe9\x52\xda\xf8\x23\xe5\x18\xc9\x36\x37\xfa\x0e\xfc\xf5\x01"
- "\x9a\xa4\x9a\x1c\x7f\x38\xd7\x68\xa9\xbb\x7d\xbb\xa3\x7e\x1e\xbe\x90\x3b"
- "\xf9\xbf\x19\x7e\x6b\xa7\x87\x72\x64\xd8\x5e\xb2\x01\x46\xe5\x10\x50\x1c"
- "\x7c\x1e\xdb\x48\x7c\xf1\x2b\x1d\x8a\x7f\x39\xb2\x7f\xfd\x7c\xb4\xd8\xf8"
- "\x09\x2e\xe5\x4a\xcd\xc1\x39\x0b\x17\xea\xe1\x31\x14\x97\x87\xf0\xf5\x85"
- "\xef\xb6\xe3\xa7\x07\x32\x63\xf2\x95\x5c\x4d\xd6\xb6\xa4\xc9\x79\x1a\x66"
- "\x94\xa6\xce\x9f\x00\x59\x5e\x9c\x22\xed\xda\x61\x0d\x60\x62\x11\xf5\x62"
- "\x8a\x87\x16\x2d\x92\xa3\x75\xa7\xcd\x92\x71\x4a\x37\x83\x06\x52\xb9\xcd"
- "\x1f\xb8\x5d\xeb\x77\xe8\xc4\xf7\xac\x28\xf0\x86\x8a\x7e\x27\x61\xae\xeb"
- "\x91\xa3\x5a\xb7\x1b\x5a\x55\x7c\x21\x35\x8c\x60\xfb\xd0\xf5\x44\xb2\x60"
- "\xde\xfb\xc3\xae\xda\x44\x48\x11\xdf\x2f\x08\xc7\x4c\xcf\xad\x45\xc4\x21"
- "\x71\x42\x95\x4f\xaf\xc4\x2f\x66\xf4\x0d\x4e\xf9\x00\x95\x6e\xad\x58\xee"
- "\xb8\x7e\x2b\x1a\x74\x7f\x86\x9b\xc7\x1c\x36\xed\x4c\x01\x5a\x59\xb9\x6f"
- "\xd8\x50\x72\x09\x80\xa7\x8b\x8b\x1b\x63",
- 2944);
- *(uint64_t*)0x2000000021c8 = 0xb80;
- syscall(__NR_writev, /*fd=*/r[8], /*vec=*/0x2000000021c0ul, /*vlen=*/1ul);
- syscall(__NR_msgget, /*key=*/0x798e2636ul, /*flags=*/9ul);
- memcpy((void*)0x200000000000, "/dev/sr0\000", 9);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=O_NONBLOCK*/ 0x800,
- /*mode=*/0);
- if (res != -1)
- r[9] = res;
- res = syscall(__NR_socket, /*domain=AF_NETLINK*/ 0x10ul,
- /*type=SOCK_RAW*/ 3ul, /*proto=*/0);
- if (res != -1)
- r[10] = res;
- *(uint64_t*)0x200000000000 = 0;
- *(uint32_t*)0x200000000008 = 0;
- *(uint64_t*)0x200000000010 = 0x200000000080;
- *(uint64_t*)0x200000000080 = 0x2000000002c0;
- memcpy((void*)0x2000000002c0,
- "\x1c\x00\x00\x00\x31\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0a"
- "\x00\x00\x00\x08\x00\x01",
- 23);
- *(uint64_t*)0x200000000088 = 0x1c;
- *(uint64_t*)0x200000000018 = 1;
- *(uint64_t*)0x200000000020 = 0;
- *(uint64_t*)0x200000000028 = 0;
- *(uint32_t*)0x200000000030 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[10], /*msg=*/0x200000000000ul, /*f=*/0ul);
- syscall(__NR_ioctl, /*fd=*/r[9], /*cmd=*/0x1279, /*arg=*/0ul);
- syscall(__NR_shmget, /*key=*/0ul, /*size=*/0xfffffffffefffffful,
- /*flags=*/0ul, /*unused=*/0x200000ffc000ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[11] = res;
- memcpy((void*)0x2000000060c0, "/dev/sg#\000", 9);
- res = -1;
- res = syz_open_dev(/*dev=*/0x2000000060c0, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[12] = res;
- *(uint8_t*)0x200000000040 = 0;
- syscall(__NR_prctl, /*option=*/0x3bul, /*mode=*/1ul, /*offset=*/0ul,
- /*len=*/0ul, /*selector=*/0x200000000040ul);
- syscall(__NR_recvmsg, /*fd=*/-1, /*msg=*/0ul, /*f=*/0ul, 0);
- *(uint16_t*)0x200000000000 = 0xa;
- *(uint16_t*)0x200000000002 = htobe16(0);
- *(uint32_t*)0x200000000004 = htobe32(0);
- memset((void*)0x200000000008, 0, 16);
- *(uint32_t*)0x200000000018 = 0;
- syscall(__NR_bind, /*fd=*/-1, /*addr=*/0x200000000000ul, /*addrlen=*/0x1cul);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- syscall(__NR_mkdirat, /*fd=*/0xffffff9c, /*path=*/0x200000000000ul,
- /*mode=*/0ul);
- memcpy((void*)0x200000000180, "./file0\000", 8);
- res = syscall(__NR_creat, /*file=*/0x200000000180ul, /*mode=*/0ul);
- if (res != -1)
- r[13] = res;
- memcpy((void*)0x200000000000, "./file0\000", 8);
- memcpy((void*)0x200000000040, "9p\000", 3);
- memcpy((void*)0x2000000001c0, "trans=fd,", 9);
- memcpy((void*)0x2000000001c9, "rfdno", 5);
- *(uint8_t*)0x2000000001ce = 0x3d;
- sprintf((char*)0x2000000001cf, "0x%016llx", (long long)r[13]);
- *(uint8_t*)0x2000000001e1 = 0x2c;
- memcpy((void*)0x2000000001e2, "wfdno", 5);
- *(uint8_t*)0x2000000001e7 = 0x3d;
- sprintf((char*)0x2000000001e8, "0x%016llx", (long long)r[13]);
- *(uint8_t*)0x2000000001fa = 0x2c;
- *(uint8_t*)0x2000000001fb = 0;
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x200000000000ul,
- /*type=*/0x200000000040ul, /*flags=*/0ul, /*opts=*/0x2000000001c0ul);
- memcpy((void*)0x20000001c000, "./file0\000", 8);
- memcpy((void*)0x200000000b80, "configfs\000", 9);
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x20000001c000ul,
- /*type=*/0x200000000b80ul, /*flags=*/0ul, /*data=*/0ul);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- syscall(__NR_lchown, /*file=*/0x200000000040ul, /*uid=*/0, /*gid=*/-1);
- res = syscall(__NR_fcntl, /*fd=*/r[12], /*cmd=*/0ul, /*arg=*/r[12]);
- if (res != -1)
- r[14] = res;
- syscall(__NR_ioctl, /*fd=*/r[14], /*cmd=*/0x2282, /*arg=*/0x200000000000ul);
- *(uint64_t*)0x2000000003c0 = 0x200000000180;
- memcpy((void*)0x200000000180,
- "\x39\x00\x00\x00\x13\x00\x03\x47\x00\xbb\x65\xe1\xc3\xe4\xff\xff\x01"
- "\x00\x00\x00\x01\x00\x00\x00\x56\x00\x00\x00\x25\x00\x00\x00\x19\x00"
- "\x04\x00\x04\x00\x00\x00\x07\xfd\x17\xe5\xff\xff\x08\x00\x04\x00\x00"
- "\x00\x00\x00\x00\x00\x00",
- 57);
- *(uint64_t*)0x2000000003c8 = 0x39;
- syscall(__NR_writev, /*fd=*/r[11], /*vec=*/0x2000000003c0ul,
- /*vlen=*/0x10000000000002a5ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[15] = res;
- syscall(__NR_fcntl, /*fd=*/-1, /*cmd=*/8ul, /*pid=*/-1);
- syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0x10);
- *(uint16_t*)0x200000000000 = 0xa;
- *(uint16_t*)0x200000000002 = htobe16(2);
- *(uint32_t*)0x200000000004 = htobe32(0);
- memset((void*)0x200000000008, 0, 16);
- *(uint32_t*)0x200000000018 = 0;
- syscall(__NR_bind, /*fd=*/r[15], /*addr=*/0x200000000000ul,
- /*addrlen=*/0x1cul);
- *(uint16_t*)0x200000b63fe4 = 0xa;
- *(uint16_t*)0x200000b63fe6 = htobe16(2);
- *(uint32_t*)0x200000b63fe8 = htobe32(0);
- *(uint64_t*)0x200000b63fec = htobe64(0);
- *(uint64_t*)0x200000b63ff4 = htobe64(1);
- *(uint32_t*)0x200000b63ffc = 0;
- syscall(
- __NR_sendto, /*fd=*/r[15], /*buf=*/0ul, /*len=*/0x1eul,
- /*f=MSG_FASTOPEN|MSG_PROBE|MSG_OOB|MSG_NOSIGNAL|MSG_MORE|MSG_DONTWAIT|0x2000800*/
- 0x2200c851ul, /*addr=*/0x200000b63fe4ul, /*addrlen=*/0x1cul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/6);
- if (res != -1)
- r[16] = res;
- *(uint64_t*)0x200000000200 = 0;
- *(uint32_t*)0x200000000208 = 0;
- *(uint64_t*)0x200000000210 = 0x2000000001c0;
- *(uint64_t*)0x2000000001c0 = 0x200000000240;
- *(uint32_t*)0x200000000240 = 0xb8;
- *(uint16_t*)0x200000000244 = 0x19;
- *(uint16_t*)0x200000000246 = 1;
- *(uint32_t*)0x200000000248 = 0;
- *(uint32_t*)0x20000000024c = 0;
- *(uint32_t*)0x200000000250 = htobe32(0x7f000001);
- memset((void*)0x200000000260, 0, 16);
- *(uint16_t*)0x200000000270 = htobe16(0);
- *(uint16_t*)0x200000000272 = htobe16(0);
- *(uint16_t*)0x200000000274 = htobe16(0);
- *(uint16_t*)0x200000000276 = htobe16(0);
- *(uint16_t*)0x200000000278 = 0;
- *(uint8_t*)0x20000000027a = 0;
- *(uint8_t*)0x20000000027b = 0;
- *(uint8_t*)0x20000000027c = 0;
- *(uint32_t*)0x200000000280 = 0;
- *(uint32_t*)0x200000000284 = -1;
- *(uint64_t*)0x200000000288 = 0;
- *(uint64_t*)0x200000000290 = 0;
- *(uint64_t*)0x200000000298 = 0;
- *(uint64_t*)0x2000000002a0 = 0;
- *(uint64_t*)0x2000000002a8 = 0;
- *(uint64_t*)0x2000000002b0 = 0;
- *(uint64_t*)0x2000000002b8 = 0;
- *(uint64_t*)0x2000000002c0 = 0;
- *(uint64_t*)0x2000000002c8 = 0;
- *(uint64_t*)0x2000000002d0 = 0;
- *(uint64_t*)0x2000000002d8 = 0;
- *(uint64_t*)0x2000000002e0 = 0;
- *(uint32_t*)0x2000000002e8 = 0;
- *(uint32_t*)0x2000000002ec = 0;
- *(uint8_t*)0x2000000002f0 = 0;
- *(uint8_t*)0x2000000002f1 = 0;
- *(uint8_t*)0x2000000002f2 = 0;
- *(uint8_t*)0x2000000002f3 = 0;
- *(uint64_t*)0x2000000001c8 = 0xb8;
- *(uint64_t*)0x200000000218 = 1;
- *(uint64_t*)0x200000000220 = 0;
- *(uint64_t*)0x200000000228 = 0;
- *(uint32_t*)0x200000000230 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[16], /*msg=*/0x200000000200ul, /*f=*/0ul);
- memcpy(
- (void*)0x200000000080,
- "\x44\xf9\xb1\x08\xb1\xcd\xc8\x85\xc9\xc5\x33\xd2\x1f\x47\x4b\xec\x8b\xfe"
- "\xf1\xdf\x1e\x2d\xa7\x1e\x57\x8d\xc6\xb9\x1d\x09\xf7\xab\x15\x37\x85\x71"
- "\xd8\xe2\x75\x46\x09\x00\x11\x00\x6e\x75\x43\x69\x14\xab\x71\x75\x28\xee"
- "\x4b\x7a\x9b\xea\xf9\x08\xd1\x11\x37\xc1\x19\x03\x06\x4e\x83\xb4\x95\x1f"
- "\x4d\x43\x3a\x54\x04\x97\x0c\x85\xd9\x2d\x70\x83\xfd\x38\x84\x4c\xbb\x0c"
- "\x6c\x5e\xb5\x08\xdd\xc2\xdc\x7a\x59\x0a\xa7\x94\x1b\x1e\x9e\xeb\x5a\x68"
- "\x81\x38\xde\xa0\x9b\x77\x6c\xbf\xa7\x84\xcb\xf5\x50\xbf\x30\x74\xfb\x0d"
- "\x77\x5d\xa4\xdf\x5a\x3f\x48\xbb\xdf\x45\x2e\xeb\x6b\x92\x3d\xa9\xd0\xe2"
- "\x5b\x80\xf7\x6a\x87\x36\x64\xb5\x75\x34\x44\xfe\x05\xf3\x3e\x5f\x91\x04"
- "\x55\x40\x83\x6c\x3c\xd6\xaf\x10\xf0\xcd\x01\x8f\x0c\x6f\x57\xf9\x26\xac"
- "\x95\x9a\x56\x28\xc4\x50\x88\xfb\xe0\xc8\x7f\xbe\x6c\xbc\xda\x46\x62\xd2"
- "\xa1\x2f\x6d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- 215);
- syscall(__NR_sendto, /*fd=*/r[15], /*buf=*/0x200000000080ul, /*len=*/0xd7ul,
- /*f=MSG_FASTOPEN|MSG_OOB|MSG_DONTWAIT|MSG_CONFIRM*/ 0x20000841ul,
- /*addr=*/0ul, /*addrlen=*/0ul);
- memcpy((void*)0x200000000000, "vfat\000", 5);
- memcpy((void*)0x200000000300, "./file0\000", 8);
- memcpy(
- (void*)0x200000000800,
- "\x78\x9c\xec\xdc\xcb\x6b\x13\x5f\x14\xc0\xf1\xd3\xf4\x95\xa6\xb4\xc9\xe2"
- "\xc7\x4f\x14\xa4\x07\xdd\xe8\x66\x68\xa3\x6b\x31\x48\x0b\x62\xc0\x52\x1b"
- "\xf1\x01\xc2\xb4\x9d\x68\xc8\x98\x94\x4c\xa8\x44\xc4\xea\xca\xad\xf8\x47"
- "\xb8\x28\x5d\x76\x57\xd0\xfe\x03\xdd\xb8\xd3\x8d\x1b\x77\xdd\x08\x2e\xec"
- "\x42\x1c\xc9\x3c\xfa\x4c\x69\x69\x9b\x4c\xdb\x7c\x3f\x10\xee\x4d\xee\x3d"
- "\x33\xf7\x4e\x26\xe1\xdc\x21\x93\xb5\x07\xef\x9f\x17\xf3\x8e\x91\x37\xab"
- "\x12\x8b\xab\x74\x88\x88\xac\x8b\xa4\x24\x26\xa1\x8e\xa0\x8c\x79\xf5\x1e"
- "\xd9\xea\x8d\x5c\xed\xff\xf5\xf5\xe2\xbd\x87\x8f\xee\x64\xb2\xd9\xd1\x09"
- "\xd5\xb1\xcc\xe4\xb5\xb4\xaa\x0e\x0e\x7d\x7a\xf1\xaa\x2f\xe8\xb6\xdc\x2b"
- "\xab\xa9\x27\x6b\x3f\xd3\x3f\x56\xff\x5f\x3d\xbf\xf6\x77\xf2\x59\xc1\xd1"
- "\x82\xa3\xa5\x72\x55\x4d\x9d\x2a\x7f\xaf\x9a\x53\xb6\xa5\x33\x05\xa7\x68"
- "\xa8\x8e\xdb\x96\xe9\x58\x5a\x28\x39\x56\xc5\x6f\x2f\xfb\xed\x79\xbb\x3c"
- "\x3b\x5b\x53\xb3\x34\x33\x90\x98\xad\x58\x8e\xa3\x66\xa9\xa6\x45\xab\xa6"
- "\xd5\xb2\x56\x2b\x35\x35\x9f\x9a\x85\x92\x1a\x86\xa1\x03\x09\xc1\x7e\x72"
- "\x0b\x13\x13\x66\xe6\x90\xc1\xd3\xc7\x3c\x18\x34\x49\xa5\x92\x31\x3b\x45"
- "\xa4\x6f\x57\x4b\x6e\x21\x92\x01\x01\x00\x80\x48\xed\xcc\xff\x63\xf5\x94"
- "\xfe\xf8\xf2\xff\xc5\x4b\x2b\xd5\xfe\xfb\x4b\x83\x41\xfe\xbf\xdc\xd3\x28"
- "\xff\xbf\xfe\xcd\xdf\xd6\xb6\xfc\x3f\x2e\x22\x4d\xcf\xff\x77\x67\x44\xed"
- "\xe5\x48\xf9\x3f\x4e\x89\x7a\xfe\x9f\x08\x3e\xbf\x9e\xb7\x8f\x17\x87\xbd"
- "\x0a\xf9\x3f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\xa7\xc1\xba\xeb\x26\x5d\xd7\x4d\x86\x65\xf8\xe8\x15\x91\xb8\x88"
- "\x84\xcf\xa3\x1e\x27\x9a\x83\xf7\xbf\xbd\x6d\xde\xb8\xd7\x35\x28\x62\xbf"
- "\x9b\xcb\xcd\xe5\xfc\x32\xe8\xb0\x22\x22\xb6\x58\x32\x2c\x49\xf9\xe3\x9d"
- "\x0f\x81\x7a\x3d\xbc\x17\x50\xeb\x52\xf2\xd9\x9e\x0f\xe2\xe7\xe7\x72\x9d"
- "\x5e\x4b\x26\x2f\x05\x2f\x7e\x44\x92\x92\xda\x19\xef\xba\x63\xb7\xb3\xa3"
- "\x23\xea\xdb\x1e\xdf\x2d\x89\xad\xf1\x69\x49\xca\x7f\x8d\xe3\xd3\x0d\xe3"
- "\x7b\xe4\xca\xe5\x2d\xf1\x86\x24\xe5\xcb\xb4\x94\xc5\x96\x19\xef\xbc\xde"
- "\x8c\x7f\x3d\xa2\x7a\xeb\x6e\x76\x47\x7c\x9f\xd7\x0f\x00\x00\x00\x00\x80"
- "\xb3\xc0\xd0\x0d\x0d\xd7\xef\x86\xb1\x57\xbb\x1f\xbf\xb1\xbe\x6e\x78\x7d"
- "\xc0\x5f\x5f\x0f\x37\x5c\x9f\x77\xc9\x85\xae\x68\xe7\x0e\x00\x00\x00\x00"
- "\x40\xbb\x70\x6a\x2f\x8b\xa6\x6d\x5b\x95\x33\x57\x09\x67\x78\xd0\xa8\xf0"
- "\xb7\x0c\x91\x8c\x39\xdc\xf9\xc9\x38\x74\x07\xa8\xc4\x0e\x35\xd4\x21\x11"
- "\xb1\xf5\xa8\x7b\x0f\x2f\x1b\xed\xd5\x47\xc6\xa3\x3a\x2c\xe7\x3e\x7c\xfc"
- "\x7d\x7c\x1b\xbc\xb1\x14\xdf\x67\xa6\x4d\xab\x74\xb7\xf6\x5b\x08\x00\x00"
- "\x00\x40\x2b\x6c\x26\xfd\xe1\x2b\x37\xa3\x1d\x10\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6d"
- "\xa8\x15\x7f\x27\x16\xf5\x1c\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x93"
- "\xe2\x5f\x00\x00\x00\xff\xff\x7b\x91\x12\x85",
- 695);
- syz_mount_image(/*fs=*/0x200000000000, /*dir=*/0x200000000300, /*flags=*/0,
- /*opts=*/0x200000000ac0, /*chdir=*/0x45, /*size=*/0x2b7,
- /*img=*/0x200000000800);
- memcpy((void*)0x200000000000, ".\000", 2);
- res = syscall(__NR_fspick, /*dfd=*/0xffffff9c, /*path=*/0x200000000000ul,
- /*flags=*/0ul);
- if (res != -1)
- r[17] = res;
- memcpy((void*)0x2000000006c0, "posixacl\000", 9);
- syscall(__NR_fsconfig, /*fd=*/r[17], /*cmd=*/0ul, /*key=*/0x2000000006c0ul,
- /*value=*/0ul, /*aux=*/0ul);
- res = -1;
- res = syz_genetlink_get_family_id(/*name=*/0, /*fd=*/-1);
- if (res != -1)
- r[18] = res;
- memcpy((void*)0x200000000000, "./file0\000", 8);
- res = syscall(__NR_open, /*file=*/0x200000000000ul,
- /*flags=O_NONBLOCK|O_DIRECT|O_RDWR*/ 0x4802ul, /*mode=*/0ul);
- if (res != -1)
- r[19] = res;
- memcpy(
- (void*)0x200000000600,
- "\x34\xfd\x98\xaa\x1d\x0e\x7a\xde\xc9\x37\xa5\xf3\x31\xa7\x5f\x48\x79\x34"
- "\xf5\x02\x42\xa0\x75\x19\x44\x93\x69\x72\x89\x6c\x29\xa5\x06\x8c\x8e\xcb"
- "\xa1\xaa\x0a\x4e\x2a\x63\x1b\x51\x80\xe1\xfb\xde\x79\xf4\x50\x2d\xc4\xc4"
- "\xa1\xfb\xa9\xdc\xd9\xed\x83\xe6\x39\xae\xfa\x1b\x87\x63\x1c\x33\xd1\xa8"
- "\x2c\xb0\xc0\x03\x56\x76\xdd\xfe\xb0\xfe\x79\x84\xd7\x51\x9b\x0f\x83\x9d"
- "\x49\x7f\xc9\xd6\x4e\xf1\x4d\x1d\xe2\x22\x20\xff\x26\x23\xdf\x49\x50\x13"
- "\x4b\x9f\xb7\x34\xa5\x2a\xda\xd9\x5f\x13\x1c\xce\x36\x72\xa9\xd7\xd7\xb4"
- "\x00\xd2\xc6\x28\x10\xb5\xf2\x03\x51\x63\x93\x30\x94\x81\x07\xbf\x8d\x45"
- "\x34\xa0\x3a\xc3\x89\x45\x5c\x54\xd8\xeb\x4d\x60\x9b\x3e\x85\x8b\x72\x13"
- "\xb3\x8e\xb0\x1f\x0e\xea\xba\x37\x39\xae\x92\x79\x16\xe2\x8d\xa6\xa7\x9a"
- "\x3f\xd5\xe3\x2d\x30\xab\x30\xbf\x95\x9d\x45\x96\xe5\xff\xbf\xf6\x78\x9a"
- "\x65\x0b\x9e\x7d\x24\x8d\x1b\xa8\x68\x01\x23\x36\xa4\xf3\xef\x8f\xab\x07"
- "\xa8\xf5\xb8\x1b\xb0\xbc\x45\xb2\x17\x45\x38\x31\x5c\xa1\x2b\x7c\x72\x3b"
- "\x21\x57\x56\x25\x64\xa8\xa1\xf1\x9d\x28\x17\x9f\x8c\x56\x54\x48\xe0\xe9"
- "\x21\xb8\xc3\xe6\xfc\x4a\xda\xaf\xa8\xb9\x29\xad\x07\x7f\x63\x33\x25\xb6"
- "\xa6\xf7\x1a\x58\x6c\xab\xc4\x88\x3e\x03\xe1\x93\x15\xf9\x46\xb2\x77\x85"
- "\x85\x93\xa7\x36\x7e\x23\x22\x02\xfe\x9a\xd6\x56\xc6\x76\x8a\x15\x17\xda"
- "\x7f\x04\x98\xb4\x8c\xb0\x78\xe9\x29\xfb\x11\xdb\x0c\xc5\x51\xf7\x54\xbf"
- "\xfc\x48\x59\xdd\x89\xa3\x96\x91\x5c\xc8\x09\xb0\x7d\x44\x85\x73\x09\x84"
- "\x09\xea\x21\x37\x10\x56\xf6\x7e\xf4\x11\x4e\xc1\x05\x47\xf4\x98\xd2\x45"
- "\x13\xfe\x59\x43\x08\xbf\x02\x28\x68\xad\x21\xe8\x5b\xba\x81\x19\x42\xfd"
- "\xc4\x51\x61\xa1\xa8\xa7\xfe\x00\xd5\xc6\xb0\x5e\xd7\x95\x4f\x63\x1b\xbd"
- "\x12\xa5\xc9\xa5\xcf\xa5\x96\x5e\x05\x95\xde\x60\x8b\x04\xeb\xe0\x2b\x3f"
- "\xcb\xf3\xb9\xf5\x78\x07\xa1\xa7\xad\x85\x28\x99\x2e\x2e\xc6\x59\x49\xda"
- "\x2f\x4a\x04\x78\xdf\xd3\xae\x52\x63\x9c\x15\xd8\xae\xaa\x35\x1d\xa6\xd3"
- "\x93\xb5\x8c\x77\x21\x68\xfa\xe6\x04\xd0\x97\xfe\xf4\xd6\xb9\x36\x0e\xb1"
- "\x69\xa0\xb0\xee\x70\xcd\xc2\x24\x35\xa0\x03\xe6\x86\x98\xf6\x1b\x3b\x63"
- "\xb1\xf5\x10\x11\xbc\x8f\x4e\xf9\x44\xc1\xde\x82\x17\x85\xf6\x70\x12\x4a"
- "\x1c\x6e\xd1\x83\x35\xd6\x34\x12",
- 512);
- syscall(__NR_write, /*fd=*/r[19], /*buf=*/0x200000000600ul,
- /*count=*/0x200ul);
- memcpy((void*)0x200000001240, "iso9660\000", 8);
- memcpy((void*)0x200000001280, "./file0\000", 8);
- *(uint8_t*)0x200000000740 = 0;
- memcpy(
- (void*)0x2000000047c0,
- "\x78\x9c\xec\xdd\x6b\x70\xdc\x57\x7d\xf0\xf1\xdf\x7f\x7d\x53\x1c\x08\x0e"
- "\x21\x17\x12\xf3\xb0\x71\x12\x48\x42\xe2\x48\x72\x62\xc7\x24\x5c\x14\x69"
- "\x65\x6f\x22\x69\x85\x56\x0a\x31\xb7\xe0\xc4\xb2\x11\x91\xed\x60\x87\x40"
- "\xcc\x25\x09\x97\x00\xcf\xc3\xe5\x01\x9e\xa7\xf7\x0b\xb4\x85\xba\xb4\x25"
- "\xa5\x14\x5a\x66\x3a\x9d\xe9\xbb\xb6\x2f\xfa\x02\x3a\xc3\x8b\xbe\x6e\x3a"
- "\xd3\x19\x06\xd3\x0b\xbd\x70\x49\xe7\xec\x1e\xc9\x8a\x13\x5b\x4e\x6c\x59"
- "\xae\xcf\xe7\xe3\x81\x5d\x4b\x67\xf7\x7f\xfe\xc2\xe8\xbb\x67\xb5\xda\x13"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x54\x83\x43\xbd"
- "\xbd\x7d\x55\x8c\x34\xc7\xa6\xee\xa9\x1f\xdf\xe0\xd0\x44\x6b\xf4\x04\x9f"
- "\x9f\xbb\xbf\xef\x54\x9d\x7b\xfd\xce\xa2\xc7\x8d\xa8\xd2\x7f\xa2\xa7\x27"
- "\x2e\xeb\x7e\xe8\xb2\x17\x57\xf3\x9f\x7d\x49\xfa\xef\x0d\x71\x71\xf7\xde"
- "\x2e\x8e\x9e\x74\xd9\x13\x87\xce\xbf\x64\xdd\x6d\x17\xad\xac\xcd\xdd\xfe"
- "\x04\x13\x3a\x23\x0e\x3e\x72\xe8\x81\x9d\xb3\xb3\xd3\x07\x96\x7b\x22\xcb"
- "\x64\x5b\x63\xac\xd9\x6e\x35\x47\x07\xb6\x35\xea\xcd\x76\xab\xbe\x75\xf3"
- "\xe6\xde\x9b\xb6\x0f\xb7\xeb\xc3\xcd\x91\x46\x7b\x47\x7b\xb2\x31\x5a\x1f"
- "\x9c\x68\x0c\x4c\xb6\x26\xea\xd7\x0e\x5e\x57\xef\xdb\xba\x75\x53\xbd\xb1"
- "\x71\x47\x6b\x6a\x6c\xdb\xd0\xc0\x48\x63\xee\x83\x5b\x6e\xec\xef\xed\xdd"
- "\x5c\xbf\x73\xe3\x78\x63\x60\xa2\xdd\x1a\xbb\xe9\xce\x8d\xed\xc1\xed\xcd"
- "\x91\x91\xe6\xd8\xb6\xce\x98\xf4\xe9\x34\x66\x4b\xfa\x87\x78\x57\x73\xb2"
- "\x3e\xd9\x18\x18\xad\xd7\x77\xcf\xcc\x4e\x6f\x5a\x6c\x92\x69\x50\xdf\xc9"
- "\x0c\xea\x5f\x6c\x50\x7f\x6f\x7f\x7f\x5f\x5f\x7f\x7f\xdf\xe6\x5b\xb6\xde"
- "\xb2\xa5\xb7\x77\xe5\xb3\x3e\xd0\x7b\x8c\x78\xd6\x88\xe5\xff\x47\xcb\xf2"
- "\x5a\x92\xef\xe3\xf0\x42\xd4\x72\xff\x63\x24\x9a\x31\x16\x53\x71\x4f\xd4"
- "\x9f\xf3\xcf\x60\x0c\xc5\x44\xb4\x62\xf4\x38\x9f\xcf\xe6\xfa\x7f\x4d\x75"
- "\xe2\xe3\x2e\xec\xff\xfa\xee\x87\xd6\x5f\x78\xb4\xff\x17\x45\xa7\xff\x97"
- "\x76\xef\xed\xd2\xe3\xf5\xff\x38\x73\x39\x73\x7f\x0e\xc6\x23\x71\x28\x1e"
- "\x88\x9d\x31\x1b\xb3\x31\x1d\x07\x96\x7d\x46\x67\xf6\xcf\xb6\x68\xc4\x58"
- "\x34\xa3\x1d\xad\x68\xc6\x68\x0c\x74\x3e\x52\xcf\x1f\xa9\xc7\xd6\xd8\x1c"
- "\x9b\xa3\x37\xee\x8d\xed\x31\x1c\xed\xa8\xc7\x70\x34\x63\x24\x1a\xd1\x8e"
- "\x1d\xd1\x8e\xc9\x68\x74\xfe\x45\x0d\xc6\x44\x34\x62\x20\x26\xa3\x15\x13"
- "\x51\x8f\x6b\x63\x30\xae\x8b\x7a\xf4\xc5\xd6\xd8\x1a\x9b\xa2\x1e\x8d\xd8"
- "\x18\x3b\xa2\x15\x53\x31\x16\xdb\x62\x28\x06\x3a\xf7\xb2\x3b\x66\x3a\x5f"
- "\xf7\x4d\x27\x98\xe3\xfc\xa0\xbe\x93\x19\xd4\x7f\x82\x41\xdd\x98\xaf\xc8"
- "\xff\x48\xf5\x9f\x17\x62\x09\xbe\x8b\xc3\x0b\xf3\xf4\x5c\xff\x01\x80\x72"
- "\xdc\xd1\x18\xd0\x7f\x00\x28\xcc\x58\x7b\xa2\xb7\x5f\xff\x01\xa0\x28\x93"
- "\xd6\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x70\xba\x55\x51\x8b\xde\x88\xf8\xd6\x9e\x23\xd5\xc2"
- "\x9d\x29\x7b\x3a\x1b\xfe\x1f\xf7\x66\xab\xab\xce\x2d\x6b\x51\x75\xf7\xf2"
- "\x8d\x9e\xcd\x9b\xb6\x0c\x0e\xf7\x0d\x0f\xf5\xf6\xf6\xf6\xf6\x6d\x19\xec"
- "\x3b\x23\xb3\x9f\x77\x61\xb4\xda\x93\x03\xf5\xc1\xfd\x7b\x1f\x3c\x30\x7d"
- "\xf0\xe0\xf4\xae\xfa\xd4\xbe\x99\xfb\xf7\xef\x9a\x3e\xe9\x7b\x38\xd5\xdb"
- "\x3f\x4f\xb7\xaf\x7b\x6a\xcd\xf9\x97\xac\xbb\x6d\x6b\xfa\xcb\xf5\x7b\xa6"
- "\xf7\xcd\x1c\xdc\x3f\xb3\x77\xe7\x9e\x25\x3b\x20\x00\x2c\xb0\x32\x6a\xf1"
- "\x54\x44\xbc\xf2\xc9\x23\xd5\x95\xb9\xe5\x71\xfd\xd4\xd0\x70\x7d\xe4\xee"
- "\x7a\x73\xdf\xee\xfd\x0b\xc6\xd6\xe6\xb6\x09\x38\xc5\x56\x2e\xf2\xd8\x62"
- "\xa9\xad\x3e\xa3\x47\xd3\x76\x00\xce\x42\xab\xa2\x16\xf7\x45\xc4\xe1\x2f"
- "\x1d\xa9\x36\xa4\xc6\xe7\xc7\x00\xb5\xd7\x74\x36\x06\x5c\xee\xe9\x1d\x57"
- "\xe7\x79\x87\x2a\x22\xcd\x59\x63\x01\xe0\xf9\x59\x1d\xb5\x68\x45\xc4\xae"
- "\x0b\xbf\x5e\x5d\x15\x11\x2b\xe2\x1c\x58\xdf\xf7\xa4\xc7\x04\x9d\x93\x98"
- "\x1a\x1a\xee\x9c\xc8\xec\xcc\xce\x7d\x0f\x45\xe7\x39\x8c\x15\xdd\x51\xeb"
- "\x8e\xbd\xd1\xdc\x73\x1f\x67\xf9\x63\x89\x75\x11\x6f\x4c\x73\x5d\x6d\xcf"
- "\x46\x00\x5e\xb8\x35\x51\x8b\x6f\x44\xc4\xde\x97\xf4\xc4\xd5\x9d\x9f\x07"
- "\x00\x00\xe7\xba\x9e\xa8\x45\xf7\x75\x7f\x47\xaa\x6b\x96\x7b\x32\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x70\x8e\xa8\xa2\x16\x9f\x8b\x88\x43\x3f\x3a\x52\xf5\x2e\xf8\xf8\xa9"
- "\xed\xff\x7f\x6b\xdf\xcd\x67\x64\xf6\xf3\xec\xff\x0f\x00\xcf\xc3\xca\xa8"
- "\xc5\x8f\xf3\xfe\xff\x7d\xf6\xff\x3f\xfd\xb4\x1d\x80\xb3\xd0\xaa\xa8\xc5"
- "\x81\xbc\xff\x7f\xbf\xfd\xff\x01\xa0\x08\xab\xa3\x16\xf7\xe6\xfd\xff\x37"
- "\xd9\xff\xff\xec\x7f\x2c\x61\xff\x7f\x00\x4e\x83\x35\x51\x8b\xbf\xcc\xfb"
- "\xff\xdf\x6c\xff\x7f\x00\x28\x42\x4f\xd4\xa2\xfb\xba\xbf\x23\xd5\x2d\xcb"
- "\x3d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x38\x47\x9c\x17\xb5\xf8\xc7\x88\xf8\xf3\x77\x3f\xdc"
- "\xd9\x57\x66\xe1\xbe\xf4\x0b\x77\x98\x79\xf1\x22\xdb\xcd\xa4\x4f\x6f\xcc"
- "\xd7\x4f\x66\x4f\xbe\xd5\x79\xaf\xc1\x5a\x95\xfe\x9c\xc6\x13\x02\x00\x16"
- "\xd5\x13\xb5\xb8\xbd\x73\xed\x48\x35\xb0\xdc\x93\x01\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xce\x6a\xb5\xa8\xc5"
- "\xdf\x46\x44\xf5\xfd\x23\x55\x54\x11\xf1\x58\x44\x3d\xba\x97\xbd\xcb\x3d"
- "\x39\x00\x60\x69\x54\xb5\xf8\x87\x88\x78\xc5\xdf\x1d\x49\xf5\x8f\xdb\xd7"
- "\x3d\xb5\xe6\xfc\x4b\xd6\xdd\xb6\x35\x22\x56\xc4\x8a\xce\x43\x82\x6a\xe1"
- "\xf8\x56\x7b\x72\xa0\x3e\xb8\x7f\xef\x83\x07\xa6\x0f\x1e\x9c\xde\x55\x9f"
- "\xda\x37\x73\xff\xfe\x5d\xd3\x27\x7b\xb8\x9e\xc1\xa1\x89\xd6\xe8\x52\x9c"
- "\xc8\x49\x59\xbd\xc4\xf3\x5f\x7d\xca\x33\xec\x49\x8f\xc9\x16\xb8\xbe\x33"
- "\xe1\xa9\xa1\xe1\xce\xa4\x67\x67\x76\xee\x7b\x28\x7d\xb8\x56\xad\x38\xe5"
- "\x43\x01\x50\xae\x9e\xa8\xc5\x4f\x3b\xd7\x8e\x54\xd5\x72\x4f\x06\x00\x38"
- "\x23\x56\x55\xb5\xf8\xfb\x88\xf8\xa7\x37\x1c\x9e\x5f\x77\xae\xec\xae\xf9"
- "\x57\x76\xff\xd6\x3b\xbf\x1c\xfd\xca\xcb\x8e\xae\x4d\x7b\xf2\x83\x85\xb9"
- "\xc7\x0c\x73\xcf\x1b\x5c\x74\x82\xeb\xcf\xf9\xf8\xe2\xfa\x3d\xd3\xfb\x66"
- "\x0e\xee\x9f\xd9\xbb\x73\xcf\x62\x8b\xf0\x9e\x7c\x5c\x2b\x5f\x00\x38\x35"
- "\x55\x55\x8b\xbf\x8a\x88\x6d\xf7\x5d\xd6\xe9\x6a\x15\x6b\x9f\xfd\x1c\x74"
- "\x1e\xf7\xc3\x88\xd8\xf2\xf9\x7a\x1e\x17\x6b\xd3\xb8\xb9\x27\xbc\xd7\x74"
- "\xe2\xde\xb3\x7b\x66\x76\x7a\xe3\xfd\xfb\x67\x77\xa5\xf1\x5f\x88\x88\xbf"
- "\xfe\xea\xfa\x3c\xbe\xb6\x3a\x8d\xcf\x0f\x2a\x62\xd5\xd1\xf1\xbd\x69\xec"
- "\x93\x11\xf1\xfd\x6f\xcd\x8d\x8d\xce\xd8\x35\x79\x6c\xcf\xd1\xb1\x7d\x69"
- "\xec\x96\x88\xd8\xf9\xcd\x67\x8e\xed\xc9\x63\xcf\x3b\x3a\xb6\x3f\x8d\xdd"
- "\x10\x11\xb3\x5f\x7c\xe6\xd8\xf3\xf2\xd8\xb5\x47\xc7\x6e\x5a\xda\xaf\x32"
- "\x00\x9c\x5d\xd2\xfa\xff\xb5\x11\xb1\xa9\x7d\x78\xbe\xcd\x27\x5a\xff\xcf"
- "\xad\xe1\x1f\xcb\x97\x4b\xbd\xfe\x5f\xb5\xe0\x46\x3d\xf9\xb8\xab\x4e\xc3"
- "\x79\x03\x40\xc9\xd2\x1a\xf9\x6f\xf2\xfa\x7f\xd5\x22\xeb\xff\xef\x46\xc4"
- "\x93\x3f\x5f\x9f\xc7\x75\xd7\xd2\x6b\xf3\xe7\xcf\x3f\x66\x3d\xbf\x2f\x22"
- "\x1e\xfe\xde\x33\xc7\x9e\x9f\xc7\xbe\x68\xc1\x7a\xfe\x8c\x9e\x2c\x00\xd0"
- "\x91\xd6\xff\x4f\x44\xc4\xf7\x7e\x76\x78\xfe\xb9\xfc\xbc\xfe\xcf\xcb\xec"
- "\xa3\xeb\xff\x8f\xad\x3b\xba\x86\xdf\x95\x2f\x97\x7a\xfd\xbf\xe6\x98\xf5"
- "\x7f\x3a\xee\xcb\x4f\xc3\x79\x03\x40\xc9\x52\xff\x7f\x12\x11\xdf\x3d\x70"
- "\x78\xfe\xe7\xed\x27\xd3\xff\xb9\x75\xff\x52\xf7\xbf\xe7\x98\xfe\xa7\xe3"
- "\x5e\x7e\x1a\xce\x1b\x00\x4a\x96\xfa\xff\x54\x44\x7c\xf3\x03\x87\xe7\x5f"
- "\x43\x77\x4c\xff\x1f\x9f\x1b\xbb\xb0\xff\xd7\x5e\x95\x6f\x9f\xff\xbe\x54"
- "\xfd\x3f\xef\x98\xfe\xa7\xe3\x5e\x71\x3a\x4e\x1c\x00\x0a\x96\xfa\xff\xf9"
- "\x88\xf8\xf6\x86\xc3\xf3\xaf\x8b\x3f\x99\xf5\xff\x99\xea\xff\x5a\xfd\x07"
- "\x80\xd3\x2e\xf5\xff\xd6\x88\xf8\xec\x91\xc3\xf3\xcf\xe9\x9f\x4c\xff\x2f"
- "\xcf\xbf\x1d\xb0\xd4\xcf\xff\x9f\x7f\x4c\xff\xd3\x71\xeb\xa7\xe3\xc4\x01"
- "\xa0\x60\xab\xf2\xeb\xff\xfb\x9e\xfa\xd2\xfc\xeb\xf3\x4f\xa6\xff\xc7\x5a"
- "\xaa\xfe\xbf\xc8\x9b\x12\x02\xc0\x69\x57\xc5\xc5\x55\xb7\xcc\xab\xe2\x92"
- "\xce\xb5\xe1\xe6\x48\xc3\xce\x3f\x00\x00\x00\x70\x2e\xe9\xec\xef\x77\xf1"
- "\xdc\xd3\xfd\xd5\x25\x51\x59\xff\x03\x00\x00\xc0\xb9\xa6\x8a\x4b\xf3\xcf"
- "\xff\xd7\xc6\x65\xdd\x6b\xbb\x63\x26\x66\x63\x3a\x3c\x09\x00\x00\x00\x00"
- "\xe7\x88\xce\xcf\xff\x2f\xed\x6e\xe7\x1b\x51\x5d\x16\x95\xf5\x3f\x00\x00"
- "\x00\x9c\x6b\x3e\xd9\xf9\xfd\xff\xce\xef\x00\x74\xde\xfe\xbf\x27\x0e\x75"
- "\xde\xae\x67\x65\xad\xf3\xdc\x40\x55\x45\x7b\x7c\x4d\xf5\x17\x3f\x8c\x89"
- "\x89\x55\xd5\xe3\xe3\xf7\x5c\x5d\xed\x1d\x48\xe3\x06\xf6\xae\xe8\xde\xc1"
- "\x8a\x63\xef\x71\x72\xf8\xf2\xea\x82\x7c\x27\x9d\x8b\xcd\x2b\xf3\xdf\x06"
- "\x1b\xeb\xab\x97\x77\x8f\x36\xbf\x85\xdf\x0f\xf2\xc5\xee\xc5\xe6\x51\x9d"
- "\x86\x09\xc4\xa7\xe3\xf2\xee\x51\x2e\xcf\xfb\x17\xee\x9a\xfb\x4c\xf7\x28"
- "\x6b\x87\x9b\x23\x8d\x8d\x83\xad\x91\xdb\xfa\x62\x60\xe0\x82\xda\x64\xe3"
- "\x9e\xc9\xf7\xee\x9b\x79\x7f\x74\x4e\xff\x53\x63\xa3\x17\x54\xb1\x7b\x66"
- "\x76\x7a\xe3\xfd\xfb\x67\x77\x75\xe6\xd2\xd9\x1c\xe1\xf1\xbd\xf9\x5d\x8a"
- "\xba\x17\x4f\x3f\x7d\x32\x73\x79\xa8\xf3\x7e\x0b\x9d\xdf\xb9\x78\xce\x33"
- "\x5e\xd5\xf9\x45\x8c\x7c\xdc\xb5\xdd\xe3\xf6\x2e\x3c\xff\xfc\xbe\x4c\xc7"
- "\xee\xd4\x7c\xa2\x63\x3e\x11\x57\x74\x8f\x79\x45\x7e\xaf\xc7\xb5\xcf\x3c"
- "\xff\x9e\x74\xcc\xbe\x8d\xc7\x3b\xfb\x3c\x8b\xbe\xe3\x9e\xf9\xc9\xce\x62"
- "\x7d\x77\x16\xeb\xbb\xef\x22\x7d\xd5\xb5\xcf\x31\x8b\xfe\xc5\x66\xd1\xbf"
- "\x70\x16\x2f\xe8\x6b\x71\x12\xb3\xd8\xb4\xd8\x2c\x36\x9d\xe2\x2c\x00\x96"
- "\xcb\xee\x45\x2a\x54\x3d\x3b\xfc\x2f\xe0\xbb\xdc\x99\xa9\xfb\x13\x71\x65"
- "\xf7\x28\x57\x76\xdf\x9d\x78\xe5\xe5\xcf\xf1\x1d\xbd\x77\xb1\xef\xe8\xbd"
- "\xa7\x58\xb7\xaf\xc5\x86\xee\x2c\x36\xcc\x0d\x3e\x5e\x63\xd3\x71\x3f\x73"
- "\x4c\x55\xbf\x9c\x6e\xf0\xe5\xe3\x1e\xb7\x3d\xd2\x5f\xa5\x2f\xe1\x8a\x87"
- "\xf6\x3e\x18\x97\x1c\x7c\xe4\xd0\x8d\x9d\x37\x4e\xdc\x33\xbd\xaf\xbf\x7f"
- "\xd3\xe6\xde\x9b\x7b\x7b\x6f\xe9\x8f\x55\x9d\xd3\xc8\x17\xda\x03\xc0\x73"
- "\xd8\xd0\x79\xfd\x7f\xe7\x35\x00\xc7\xe9\xff\xa2\x23\xaa\x9b\x17\x59\x55"
- "\xbf\x74\xfe\x25\x05\x1b\xe3\xfe\xd8\x1f\xb3\xb1\x2b\x6e\xe8\xfc\xb6\x41"
- "\xe7\x15\x07\xcf\x79\xaf\x6b\x17\xbc\x0c\xe1\x86\x45\x56\xad\x47\xc7\xf6"
- "\xc5\x0d\x8b\xac\xea\x8e\x8e\xed\x7f\x1e\x63\x37\x9d\xf1\xff\x5d\x00\x60"
- "\x29\x6d\x58\xa4\xc3\x27\xd3\xff\x1b\x16\x59\x77\x3f\xb3\xe5\x27\x5e\x1d"
- "\x2f\x6c\x39\x00\xb0\x34\x1a\x13\x3f\xa8\xd6\x4e\x7e\xa2\x9a\x98\x68\x8e"
- "\xdf\xdb\xb7\x75\x6b\xdf\xc0\xe4\xf6\x46\x7d\xa2\x35\x78\x57\x7d\xa2\x39"
- "\xb4\xad\x51\x6f\x8e\x4d\x36\x26\x06\xb7\x0f\x8c\x6d\x6b\xd4\xc7\x27\x5a"
- "\x93\xad\xc1\xd6\x48\xba\x72\x77\x73\xa8\xd1\xae\xb7\xa7\xc6\xc7\x5b\x13"
- "\x93\xf5\xe1\xd6\x44\x7d\xbc\xd5\x6e\xde\x53\x1f\x6e\x8e\x34\xea\xed\x1d"
- "\xed\xc9\xc6\x68\xbd\xdd\x18\x1d\x18\x9b\x6c\x3e\xda\x1e\x1f\x69\x0c\xb4"
- "\x1b\xf5\xc1\xd6\xd8\xe4\xc0\xe0\x64\x7d\xa8\xd9\x1e\xac\x8f\x4f\xdd\x31"
- "\xd2\x6c\x6f\x6f\x4c\x74\x6e\xdc\x1e\x6f\x0c\x36\x87\x9b\x83\x03\x93\xcd"
- "\xd6\x58\xbd\xdd\x9a\x9a\x18\x6c\x6c\xac\xd7\xdb\x8d\xc6\x82\x81\xcd\xa1"
- "\xc6\xd8\x64\x73\xb8\x99\xae\x8e\xd5\xc7\x27\x9a\xa3\x03\x13\x3b\xea\x77"
- "\xb7\x46\xa6\x46\x1b\xf5\xa1\x46\x7b\x70\xa2\x39\x3e\xd9\xea\xde\xe1\xdc"
- "\xb1\x9a\x63\xc3\xad\x89\xd1\xce\xdd\x6e\x5c\xee\x2f\x36\x00\x9c\x25\x0e"
- "\x3e\x72\xe8\x81\x9d\xb3\xb3\xd3\x07\x96\xf0\xca\x72\x9f\x23\x00\xf0\x4c"
- "\x8b\x54\x7a\xf5\x19\x9f\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\xf0\x2c\x67\xe2\xf7\xff\x5c\x71\xe5\x7f\xde\x95\xa7\x9f\x7e\xfa\xd1\xf4"
- "\xff\x90\xb3\x65\x3e\x67\xfa\xca\x72\x7f\x67\x02\x96\x5a\x2d\x6a\x71\x24"
- "\x22\xaa\xef\x1f\xa9\x3a\xef\xcc\xf7\x58\x44\x3d\xba\x97\x36\x00\x06\x80"
- "\x73\x53\xea\xff\x8f\x72\xff\xaf\xd2\x7f\x00\x28\x42\xea\xff\x3f\xe7\xfe"
- "\x5f\xad\xff\x00\x50\x84\xd4\xff\x7f\xc9\xfd\xbf\x46\xff\x01\xa0\x08\xa9"
- "\xff\xff\x9a\xfb\xff\x2a\xfd\x07\x80\x22\xa4\xfe\xff\x5b\xee\xff\xab\xf5"
- "\x1f\x00\x8a\x90\xfa\xff\xe3\xdc\xff\x6b\xf5\x1f\x00\x8a\x90\xfa\xff\xef"
- "\xb9\xff\xd7\xe9\x3f\x00\x14\x21\xf5\xff\x3f\x72\xff\xaf\xd7\x7f\x00\x28"
- "\x42\xea\xff\x7f\xe6\xfe\xbf\x46\xff\x01\xa0\x08\xa9\xff\xff\x95\xfb\x7f"
- "\x83\xfe\x03\x40\x11\x52\xff\x7f\x92\xfb\x7f\xa3\xfe\x03\x40\x11\x52\xff"
- "\x7f\x9a\xfb\xbf\x51\xff\x01\xa0\x08\xa9\xff\x3f\xcb\xfd\xbf\x49\xff\x01"
- "\xa0\x08\xa9\xff\x3f\xcf\xfd\xef\xd5\x7f\x00\x28\x42\xea\xff\xd3\xb9\xff"
- "\x7d\xfa\x0f\x00\x45\x48\xfd\x8f\xdc\xff\x7e\xfd\x07\x80\x22\xa4\xfe\x57"
- "\xb9\xff\x9b\xf4\x1f\x00\x8a\x50\xcb\xcf\x00\xa4\xfe\xdf\xac\xff\x00\x50"
- "\x84\x54\xff\x15\xb9\xff\xb7\xe8\x3f\x00\x14\x21\xf5\x7f\x65\xee\xff\x66"
- "\xfd\x07\x80\x22\xa4\xfe\xaf\xca\xfd\xdf\xa2\xff\x00\x50\x84\xd4\xff\xd5"
- "\xb9\xff\xb7\xea\x3f\x00\x14\x21\xf5\x7f\x4d\xee\xff\x56\xfd\x07\x80\x22"
- "\xa4\xfe\xf7\xe4\xfe\xbf\x56\xff\x01\xa0\x08\xa9\xff\xe7\xe5\xfe\xdf\xa6"
- "\xff\x00\x50\x84\xd4\xff\xb5\xb9\xff\xb7\xeb\x3f\x00\x14\x21\xf5\xff\xfc"
- "\xdc\xff\xd7\xe9\x3f\x00\x14\x21\xf5\xff\x45\xb9\xff\xaf\xd7\x7f\x00\x28"
- "\x42\xea\xff\x8b\x73\xff\xdf\xa0\xff\x00\x50\x84\xd4\xff\x0b\x72\xff\xdf"
- "\xa8\xff\x00\x50\x84\xd4\xff\x97\xe4\xfe\x0f\xe8\x3f\x00\x14\x21\xf5\x7f"
- "\x5d\xee\xff\x1d\xfa\x0f\x00\x45\x48\xfd\xbf\x30\xf7\x7f\x50\xff\x01\xa0"
- "\x08\xa9\xff\x2f\xcd\xfd\x1f\xd2\x7f\x00\x28\x42\xea\xff\x45\xb9\xff\x0d"
- "\xfd\x07\x80\x22\xa4\xfe\xbf\x2c\xf7\x7f\x58\xff\x01\xa0\x08\xa9\xff\x17"
- "\xe7\xfe\x6f\xd3\x7f\x00\x28\x42\xea\xff\x25\xb9\xff\xdb\xf5\x1f\x00\x8a"
- "\x90\xfa\x7f\x69\xee\x7f\x53\xff\x01\xa0\x08\xa9\xff\x97\xe5\xfe\xdf\xa9"
- "\xff\x00\x50\x84\xd4\xff\x97\xe7\xfe\xdf\xa5\xff\x00\x50\x84\xd4\xff\xcb"
- "\x73\xff\x47\xf4\x1f\x00\x8a\x90\xfa\x7f\x45\xee\xff\xa8\xfe\x03\x40\x11"
- "\x52\xff\xd7\xe7\xfe\x8f\xe9\x3f\x00\x14\x21\xf5\xff\x15\xb9\xff\x2d\xfd"
- "\x07\x80\x22\xa4\xfe\xff\xaf\xdc\xff\x71\xfd\x07\x80\x22\xa4\xfe\xbf\x32"
- "\xf7\xff\x4d\xfa\x0f\x00\x45\x48\xfd\xaf\xe7\xfe\x4f\xe8\x3f\x00\x14\x21"
- "\xf5\xff\xca\xdc\xff\xb6\xfe\x03\x40\x11\x52\xff\x37\xe4\xfe\x4f\xea\x3f"
- "\x00\x14\x21\xf5\xff\xaa\xdc\xff\x29\xfd\x07\x80\x22\xa4\xfe\x5f\x9d\xfb"
- "\x7f\xb7\xfe\x03\x40\x11\x52\xff\xaf\xc9\xfd\x7f\xb3\xfe\x03\x40\x11\x52"
- "\xff\x5f\x95\xfb\x7f\x8f\xfe\x03\x40\x11\x52\xff\x5f\x9d\xfb\xbf\x43\xff"
- "\x01\xa0\x08\xa9\xff\xd7\xe6\xfe\xbf\x45\xff\x01\xa0\x08\xa9\xff\xd7\xe5"
- "\xfe\xbf\x55\xff\x01\xa0\x08\xa9\xff\xd7\xe7\xfe\xbf\x4d\xff\x01\xa0\x08"
- "\xa9\xff\xaf\xc9\xfd\x7f\xbb\xfe\x03\x40\x11\x52\xff\x6f\xc8\xfd\x7f\x87"
- "\xfe\x03\x40\x11\x52\xff\x6f\xcc\xfd\xbf\x57\xff\x01\xa0\x08\xa9\xff\x1b"
- "\x73\xff\xdf\xa9\xff\x00\x50\x84\xd4\xff\x9b\x72\xff\x77\xea\x3f\x00\x14"
- "\x21\xf5\xbf\x37\xf7\xff\x3e\xfd\x07\x80\x22\xa4\xfe\xf7\xe5\xfe\xdf\xaf"
- "\xff\x00\x50\x84\xd4\xff\xfe\xdc\xff\x5d\xfa\x0f\x00\x45\x48\xfd\xdf\x94"
- "\xfb\x3f\xad\xff\x00\x50\x84\xd4\xff\x9b\x73\xff\x77\xeb\x3f\x00\x14\x21"
- "\xf5\xff\x96\xdc\xff\x3d\xfa\x0f\x00\x45\x48\xfd\xdf\x1c\x11\xab\x22\xe2"
- "\x5d\xfa\x0f\x00\x45\x48\xfd\xdf\x92\xd7\xff\x33\xfa\x0f\x00\x45\x48\xfd"
- "\xbf\x35\xf7\xff\xdd\xfa\x0f\x00\x45\x48\xfd\xdf\x9a\xfb\xff\x80\xfe\x03"
- "\x40\x11\x52\xff\x5f\x9b\xfb\x3f\xab\xff\x00\x50\x84\xd4\xff\xdb\x72\xff"
- "\xf7\xea\x3f\x00\x14\x21\xf5\xff\xf6\xdc\xff\x7d\xfa\x0f\x00\x45\x48\xfd"
- "\x7f\x5d\xee\xff\x7e\xfd\x07\x80\x22\xa4\xfe\xbf\x3e\xf7\xff\x41\xfd\x07"
- "\x80\x22\xa4\xfe\xbf\x21\xf7\xff\x3d\xfa\x0f\x00\x45\x48\xfd\x7f\x63\xee"
- "\xff\x01\xfd\x07\x80\x22\xa4\xfe\x0f\xe4\xfe\x1f\xd4\x7f\x00\x28\x42\xea"
- "\xff\x1d\xb9\xff\x0f\xe9\x3f\x00\x14\x21\xf5\x7f\x30\xf7\xff\xbd\xfa\x0f"
- "\x00\x45\x48\xfd\x1f\xca\xfd\x7f\x58\xff\x01\xa0\x08\xa9\xff\x8d\xdc\xff"
- "\xf7\xe9\x3f\x00\x14\x21\xf5\x7f\x38\xf7\xff\xfd\xfa\x0f\x00\x45\x48\xfd"
- "\xdf\x96\xfb\xff\x88\xfe\x03\x40\x11\x52\xff\xb7\xe7\xfe\x1f\xd2\x7f\x00"
- "\x28\x42\xea\x7f\x33\xf7\xff\x03\xfa\x0f\x00\x45\x48\xfd\xbf\x33\xf7\xff"
- "\x83\xfa\x0f\x00\x45\x48\xfd\xbf\x2b\xf7\xff\x43\xfa\x0f\x00\x45\x48\xfd"
- "\x1f\xc9\xfd\xff\xb0\xfe\x03\x40\x11\x52\xff\x47\x73\xff\x1f\xd5\x7f\x00"
- "\x28\x42\xea\xff\x58\xee\xff\x63\xfa\x0f\x00\x45\x48\xfd\x6f\xe5\xfe\x3f"
- "\xae\xff\x00\x50\x84\xd4\xff\xf1\xdc\xff\x8f\xe8\x3f\x00\x14\x21\xf5\xff"
- "\x4d\xb9\xff\x1f\xd5\x7f\x00\x28\x42\xea\xff\x44\xee\xff\xc7\xf4\x1f\x00"
- "\x8a\x90\xfa\xdf\xce\xfd\xff\xb8\xfe\x03\x40\x11\x52\xff\x27\x73\xff\x9f"
- "\xd0\x7f\x00\x28\x42\xea\xff\x54\xee\xff\x27\xf4\x1f\x00\x8a\x90\xfa\x7f"
- "\x77\xee\xff\x27\xf5\x1f\x00\x8a\x90\xfa\xff\xe6\xdc\xff\x4f\xe9\x3f\x00"
- "\x14\x21\xf5\xff\x9e\xdc\xff\xff\xad\xff\x00\x50\x84\xd4\xff\x1d\xb9\xff"
- "\xff\x47\xff\x01\xa0\x08\xa9\xff\x6f\xc9\xfd\xff\xb4\xfe\x03\x40\x11\x52"
- "\xff\xdf\x9a\xfb\xff\x19\xfd\x07\x80\x22\xa4\xfe\xbf\x2d\xf7\xff\xb3\xfa"
- "\x0f\x00\x45\x48\xfd\x7f\x7b\xee\xff\xe7\xf4\x1f\x00\x8a\x90\xfa\xff\x8e"
- "\xdc\xff\xff\xab\xff\x00\x50\x84\xd4\xff\x7b\x73\xff\x3f\xaf\xff\x00\x50"
- "\x84\xd4\xff\x77\xe6\xfe\x7f\x41\xff\x01\xa0\x08\xa9\xff\x3b\x73\xff\xbf"
- "\xa8\xff\x00\x50\x84\xd4\xff\xfb\x72\xff\xff\x9f\xfe\x03\x40\x11\x52\xff"
- "\xef\xcf\xfd\xff\xff\xfa\x0f\x00\x45\x48\xfd\xdf\x95\xfb\xff\x0b\xfa\x0f"
- "\x00\x45\x48\xfd\x9f\xce\xfd\xff\x45\xfd\x07\x80\x22\xa4\xfe\xef\xce\xfd"
- "\xff\x25\xfd\x07\x80\x22\xa4\xfe\xef\xc9\xfd\xff\x65\xfd\x07\x80\x22\xa4"
- "\xfe\xbf\x2b\xf7\xff\x57\xf4\x1f\x00\x8a\x90\xfa\x3f\x93\xfb\xff\xab\xfa"
- "\x0f\x00\x45\x48\xfd\x7f\x77\xee\xff\xaf\xe9\x3f\x00\x14\x21\xf5\xff\x81"
- "\xdc\xff\x5f\xd7\x7f\x00\x28\x42\xea\xff\x6c\xee\xff\x6f\xe8\x3f\x00\x14"
- "\x21\xf5\x7f\x6f\xee\xff\x6f\xea\x3f\x00\x14\x21\xf5\x7f\x5f\xee\xff\x97"
- "\xf4\x1f\x00\x8a\x90\xfa\xbf\x3f\xf7\xff\xcb\xfa\x0f\x00\x45\x48\xfd\x7f"
- "\x30\xf7\xff\xb7\xf4\x1f\x00\x8a\x90\xfa\xff\x9e\xdc\xff\xdf\xd6\x7f\x00"
- "\x28\x42\xea\xff\x81\xdc\xff\xdf\xd1\x7f\x00\x28\x42\xea\xff\xc1\xdc\xff"
- "\xaf\xe8\x3f\x00\x14\x21\xf5\xff\xa1\xdc\xff\xaf\xea\x3f\x00\x14\x21\xf5"
- "\xff\xbd\xb9\xff\xbf\xab\xff\x00\x50\x84\xd4\xff\x87\x73\xff\x0f\xeb\x3f"
- "\x00\x14\x21\xf5\xff\x7d\xb9\xff\xbf\xa7\xff\x00\x50\x84\xd4\xff\xf7\xe7"
- "\xfe\x7f\x4d\xff\x01\xa0\x08\xa9\xff\x8f\xe4\xfe\xff\xbe\xfe\x03\x40\x11"
- "\x52\xff\x0f\xe5\xfe\xff\x81\xfe\x03\x40\x11\x52\xff\x3f\x90\xfb\xff\x87"
- "\xfa\x0f\x00\x45\x48\xfd\xff\x60\xee\xff\xd7\xf5\x1f\x00\x8a\x90\xfa\xff"
- "\xa1\xdc\xff\x27\xf5\x1f\x00\x8a\x90\xfa\xff\xe1\xdc\xff\x3f\xd2\x7f\x00"
- "\x28\x42\xea\xff\xa3\xb9\xff\xdf\xd0\x7f\x00\x28\x42\xea\xff\x63\xb9\xff"
- "\x7f\xac\xff\x00\x50\x84\xd4\xff\xc7\x73\xff\xbf\xa9\xff\x00\x50\x84\xd4"
- "\xff\x8f\xe4\xfe\xff\x89\xfe\x03\x40\x11\x52\xff\x3f\x9a\xfb\xff\x2d\xfd"
- "\x07\x80\x22\xa4\xfe\x7f\x2c\xf7\xff\xdb\xfa\x0f\x00\x45\x48\xfd\xff\x78"
- "\xee\xff\x9f\xea\x3f\x00\x14\x21\xf5\xff\x89\xdc\xff\x3f\xd3\x7f\x00\x28"
- "\xc2\x7f\x07\x00\x00\xff\xff\x81\x63\x0f\x16",
- 4709);
- syz_mount_image(/*fs=*/0x200000001240, /*dir=*/0x200000001280, /*flags=*/0,
- /*opts=*/0x200000000740, /*chdir=*/1, /*size=*/0x1265,
- /*img=*/0x2000000047c0);
- memcpy((void*)0x200000000000, "/dev/rfkill\000", 12);
- res = syscall(
- __NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x200000000000ul,
- /*flags=O_TRUNC|O_CLOEXEC|O_APPEND|O_RDWR*/ 0x80602, /*mode=*/0);
- if (res != -1)
- r[20] = res;
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0x10);
- if (res != -1)
- r[21] = res;
- res = syscall(__NR_epoll_create1, /*flags=*/0ul);
- if (res != -1)
- r[22] = res;
- syscall(__NR_epoll_pwait2, /*epfd=*/r[22], /*events=*/0x200000000000ul,
- /*maxevents=*/1ul, /*timeout=*/0ul, /*sigmask=*/0ul, /*size=*/0ul);
- *(uint32_t*)0x200000001100 = 0x20000016;
- *(uint64_t*)0x200000001104 = 0;
- syscall(__NR_epoll_ctl, /*epfd=*/r[22], /*op=*/1ul, /*fd=*/r[21],
- /*ev=*/0x200000001100ul);
- *(uint32_t*)0x200000000040 = 0;
- *(uint8_t*)0x200000000044 = 6;
- *(uint8_t*)0x200000000045 = 3;
- *(uint8_t*)0x200000000046 = 0;
- *(uint8_t*)0x200000000047 = 0;
- syscall(__NR_write, /*fd=*/r[20], /*data=*/0x200000000040ul, /*len=*/8ul);
- memcpy((void*)0x200000000080, "ext3\000", 5);
- memcpy((void*)0x200000000480, "./file0\000", 8);
- memcpy((void*)0x200000000900, "init_itable", 11);
- *(uint8_t*)0x20000000090b = 0x2c;
- memcpy((void*)0x20000000090c, "resgid", 6);
- *(uint8_t*)0x200000000912 = 0x2c;
- sprintf((char*)0x200000000913, "0x%016llx", (long long)0xee00);
- *(uint8_t*)0x200000000925 = 0x2c;
- memcpy((void*)0x200000000926, "bh", 2);
- *(uint8_t*)0x200000000928 = 0x2c;
- memcpy((void*)0x200000000929, "noload", 6);
- *(uint8_t*)0x20000000092f = 0x2c;
- memcpy((void*)0x200000000930, "errors=remount-ro", 17);
- *(uint8_t*)0x200000000941 = 0x2c;
- memcpy((void*)0x200000000942, "usrjquota=", 10);
- *(uint8_t*)0x20000000094c = 0x2c;
- *(uint8_t*)0x20000000094d = 0;
- memcpy(
- (void*)0x200000000980,
- "\x78\x9c\xec\xdb\xcd\x6f\x14\x65\x18\x00\xf0\x67\x66\xbb\xe5\xdb\x56\xc4"
- "\x0f\x10\xb4\x8a\x46\xe2\x47\x4b\xcb\x87\x1c\xbc\x68\x34\xf1\xa0\x89\x89"
- "\x1e\x30\x9e\xea\xb6\x10\xa4\x50\x43\x6b\x22\xa4\x51\xf4\x80\x47\x43\xa2"
- "\x67\xe3\xd1\x44\xff\x01\x4f\x7a\x31\xea\xc9\xc4\xab\xde\x0d\x09\x31\xbd"
- "\x80\x9e\xd6\xcc\xce\x4c\x59\xda\xdd\x42\xe9\xb6\x5b\xd9\xdf\x2f\x99\xf6"
- "\x7d\x77\xde\xcd\xfb\x3c\x33\xf3\xee\xbe\x33\xb3\x13\x40\xcf\x1a\xca\xfe"
- "\x24\x11\xdb\x23\xe2\x8f\x88\x18\xc8\xab\x37\x37\x18\xca\xff\x5d\x9f\x9f"
- "\xab\xfd\x33\x3f\x57\x4b\xa2\x5e\x7f\xf3\xef\xa4\xd1\xee\xda\xfc\x5c\xad"
- "\x6c\x5a\xbe\x6f\x5b\x5e\xa9\xd7\x8b\xfa\xa6\x16\xfd\x5e\x7a\x27\x62\x7c"
- "\x6a\x6a\xf2\x5c\x51\x1f\x99\x3d\xf3\xfe\xc8\xcc\xf9\x0b\xcf\x9d\x3a\x33"
- "\x7e\x72\xf2\xe4\xe4\xd9\xb1\x63\xc7\x0e\x1f\xda\xd7\x7f\x74\xec\x48\x47"
- "\xf2\xcc\xf2\xba\xb6\xe7\xa3\xe9\xbd\xbb\x5f\x7d\xfb\xf2\xeb\xb5\xe3\x97"
- "\xdf\xfd\xe5\xdb\x2c\xde\xed\xc5\xfa\xe6\x3c\x3a\x65\x28\xdf\xba\x2d\x3d"
- "\xd9\xe9\xce\xba\x6c\x47\x53\x39\xe9\xeb\x62\x20\xac\x48\x25\x22\xb2\xdd"
- "\x55\x6d\x8c\xff\x81\xa8\xc4\x96\x85\x75\x03\xf1\xca\xa7\x5d\x0d\x0e\x58"
- "\x53\xf5\x7a\xbd\xde\xea\xfb\xb9\x70\xb1\x0e\xdc\xb5\xb2\xb9\x5a\xb7\x63"
- "\x00\xba\x23\xff\x9a\x2f\xcf\xdc\xe7\x6a\x6b\x71\x1e\xbc\x91\x5d\x7d\x31"
- "\x3f\x01\xca\xf2\xbe\x5e\x2c\xf9\x9a\xbe\x48\x8b\x36\xd5\x45\xe7\xb7\x9d"
- "\x34\x14\x11\xc7\x2f\xfe\xfb\x55\xb6\xc4\x1a\x5d\x87\x00\x00\x68\xf6\x43"
- "\x36\xff\x79\x36\x9f\x77\x94\x4b\xbe\x26\x8d\x07\x9a\xda\xdd\x53\xdc\x43"
- "\x19\x8c\x88\x7b\x23\x62\x67\x44\xdc\x17\x11\xbb\x22\xe2\xfe\x88\x46\xdb"
- "\x07\x23\xe2\xa1\x15\xf6\xbf\xf8\x0e\xc9\xd2\xf9\x4f\x7a\xe5\x8e\x12\xbb"
- "\x4d\xd9\xfc\xef\x85\xe2\xde\xd6\xcd\xf3\xbf\x72\xf6\x17\x83\x95\xa2\xb6"
- "\xa3\x91\x7f\x35\x39\x71\x6a\x6a\xf2\x60\xb1\x4d\x0e\x44\x75\x53\x56\x1f"
- "\x5d\xa6\x8f\x1f\x5f\xfe\xfd\xf3\x76\xeb\x9a\xe7\x7f\xd9\x72\xbd\x2f\x22"
- "\xf2\xb9\xe0\x77\x45\x93\xc3\x5f\x2e\xba\x40\x37\x31\x3e\x3b\xbe\xca\xb4"
- "\x17\x5c\xfd\x24\x62\x4f\x5f\xab\xfc\x93\x28\x6f\xe3\x64\x67\x07\xbb\x23"
- "\x62\xcf\x1d\xf6\x71\xea\xe9\x6f\xf6\xb6\x5b\xb7\x24\xff\xf9\xb9\x5a\x39"
- "\x17\xbe\xa5\x0e\xdc\x67\xaa\x7f\x1d\xf1\x54\xbe\xff\x2f\xc6\xa2\xfc\x4b"
- "\x49\xdb\xfb\x93\xa3\xcf\x1f\x1d\x3b\x32\xb2\x39\xa6\x26\x0f\x8e\x94\x47"
- "\xc5\x52\xbf\xfe\x76\xe9\x8d\x76\xfd\xaf\x2a\xff\x0e\xc8\xf6\xff\xd6\x96"
- "\xc7\xff\x42\xfe\x83\xc9\xe6\x88\x99\xf3\x17\x4e\x37\xee\xd7\xce\xac\xbc"
- "\x8f\x4b\x7f\x7e\xd6\xf6\x9c\xe6\xd6\xf9\xa7\x57\xfa\x5a\x1c\xff\xfd\xc9"
- "\x5b\x8d\x72\x7f\xf1\xda\x87\xe3\xb3\xb3\xe7\x46\x23\xfa\x93\xd7\x96\xbe"
- "\x3e\x76\xe3\xbd\x65\xbd\x6c\x9f\xe5\x7f\x60\x7f\xeb\xf1\xbf\x33\x6e\x6c"
- "\x89\x87\x23\x22\x3b\x88\xf7\x45\xc4\x23\x11\xf1\x68\x11\xfb\x63\x11\xf1"
- "\x78\x44\xec\x5f\x26\xff\x9f\x5f\x7a\xe2\xbd\x95\xe7\xbf\xcc\x55\xf9\x0e"
- "\xca\xf2\x9f\xb8\xd5\xfe\x8f\xe6\xfd\xbf\xf2\x42\xe5\xf4\x4f\xdf\xaf\x3c"
- "\xff\x52\xb6\xff\x0f\x37\x4a\x07\x8a\x57\x6e\xe7\xf3\xef\x46\x14\x95\x65"
- "\x63\x5f\xcd\xb6\x03\x00\x00\x80\xff\x8b\xb4\xf1\x1b\xf8\x24\x1d\x5e\x28"
- "\xa7\xe9\xf0\x70\xfe\x1b\xfe\x5d\xb1\x35\x9d\x9a\x9e\x99\x7d\xe6\xc4\xf4"
- "\x07\x67\x27\xf2\xdf\xca\x0f\x46\x35\x2d\xaf\x74\x0d\x34\x5d\x0f\x1d\x2d"
- "\xae\x0d\x97\xf5\xb1\x45\xf5\x43\xc5\x75\xe3\x2f\x2a\x5b\x1a\xf5\xe1\xda"
- "\xf4\xd4\x44\xb7\x93\x87\x1e\xb7\xad\xcd\xf8\xcf\xfc\x55\xe9\x76\x74\xc0"
- "\x9a\xf3\xbc\x16\xf4\x2e\xe3\x1f\x7a\x97\xf1\x0f\xbd\xeb\xb6\xc6\x7f\x92"
- "\xac\x7d\x20\xc0\xba\x6b\x31\xfe\xab\x65\xa1\x3e\xb0\xce\xc1\x00\xeb\xaa"
- "\xd5\xf7\xff\xc7\x5d\x88\x03\x58\x7f\xce\xff\xa1\x77\x19\xff\xd0\xbb\x8c"
- "\x7f\xe8\x5d\xc6\x3f\xf4\xa4\xb6\xcf\xc6\xa7\xab\x7a\xe4\xbf\x0b\x85\xec"
- "\x43\xac\xf5\x13\xfe\x1b\x25\xc2\x0e\x14\xaa\x1b\x23\x8c\xac\x10\xe9\x86"
- "\x08\xe3\xee\x2f\xf4\xc5\x1a\x77\xb1\xa9\xe5\xaa\x6e\x7f\x32\x01\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x74\xc6\x7f\x01\x00\x00\xff\xff\xf2"
- "\x8f\xd9\x8a",
- 1137);
- syz_mount_image(
- /*fs=*/0x200000000080, /*dir=*/0x200000000480,
- /*flags=MS_I_VERSION|MS_SLAVE|MS_PRIVATE|MS_POSIXACL|MS_RELATIME|MS_NOSUID|0xc0400004*/
- 0xc0ed0006, /*opts=*/0x200000000900, /*chdir=*/-1, /*size=*/0x471,
- /*img=*/0x200000000980);
- memcpy((void*)0x200000000000, "/dev/loop#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000000, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[23] = res;
- memcpy((void*)0x2000000000c0, "vfat\000", 5);
- memcpy((void*)0x2000000001c0, "./file0\000", 8);
- *(uint16_t*)0x200000000080 = 0;
- sprintf((char*)0x200000000082, "%023llo", (long long)-1);
- memcpy(
- (void*)0x200000000480,
- "\x78\x9c\xec\xdc\xcf\x4f\x13\x41\x14\xc0\xf1\x47\x29\xa5\x2d\xa1\xed\xc1"
- "\x68\x34\x31\x4c\xf4\xa2\x97\x0d\x54\xcf\xc6\xc6\x40\x62\x6c\x22\x01\x6a"
- "\x04\x13\x93\x05\xb6\xda\x74\x6d\x49\xb7\xc1\xd4\x18\xd1\x93\x57\xe3\x1f"
- "\xe1\x81\x70\xe4\x46\xa2\xfc\x03\x5c\xbc\xe9\xc5\x8b\x37\x2e\x26\x1e\xe4"
- "\x60\x5c\xb3\xbf\x68\x0b\x05\x4c\xa1\x14\xe1\xfb\x49\xc8\xbe\xee\xcc\x5b"
- "\x66\x32\x85\xbc\x69\x76\xbb\xf9\xf0\xdd\xb3\x62\xde\xd2\xf2\x7a\x55\x42"
- "\x51\x25\x3d\x22\x22\x5b\x22\x29\x09\x49\xa0\xc7\x3f\x86\xdc\x38\x22\x8d"
- "\x5e\xcb\xf5\x81\x9f\x5f\x2e\x4f\x4e\xcf\xdc\xcb\x64\xb3\xa3\x13\x4a\x8d"
- "\x65\xa6\x6e\xa4\x95\x52\x89\xa1\x8f\xcf\x5f\xc6\xfc\x6e\x6b\xfd\xb2\x91"
- "\x7a\xbc\xf9\x23\xfd\x7d\xe3\xfc\xc6\xc5\xcd\x3f\x53\x4f\x0b\x96\x2a\x58"
- "\xaa\x54\xae\x2a\x5d\xcd\x96\xbf\x55\xf5\x59\xd3\x50\xf3\x05\xab\xa8\x29"
- "\x35\x6e\x1a\xba\x65\xa8\x42\xc9\x32\x2a\x5e\x7b\xd9\x6b\xcf\x9b\xe5\x85"
- "\x85\x9a\xd2\x4b\xf3\x83\xf1\x85\x8a\x61\x59\x4a\x2f\xd5\x54\xd1\xa8\xa9"
- "\x6a\x59\x55\x2b\x35\xa5\x3f\xd1\x0b\x25\xa5\x69\x9a\x1a\x8c\x0b\x0e\x92"
- "\x5b\x9e\x98\xd0\x33\x6d\x26\xcf\x1d\xf1\x60\xd0\x21\x95\x4a\x46\xef\x15"
- "\x91\xd8\xae\x96\xdc\x72\x57\x06\x04\x00\x00\xba\x6a\x67\xfd\x1f\x72\x4a"
- "\xfa\xb6\xea\x7f\x49\xb8\xf5\xbf\xd3\xb9\x5e\xff\xaf\x5c\x59\xaf\x0e\x3c"
- "\x58\x4d\xf8\xf5\xff\x5a\xa4\x55\xfd\x7f\xf3\xab\x77\xad\xa6\xfa\x3f\x2a"
- "\x22\x1d\xaf\xff\x77\x57\x44\x67\xcb\xa1\xea\x7f\x9c\x0c\x43\x91\x5d\xa7"
- "\x7a\x9a\x5e\x39\xf5\x7f\xdc\xff\xfb\x75\xbd\x79\xb4\x32\xec\x06\xd4\xff"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfc"
- "\x0f\xb6\x6c\x3b\x69\xdb\x76\x32\x38\x06\x3f\xf5\x47\x08\xfc\xd7\x38\x95"
- "\xf6\x5a\xff\x7e\x11\x89\x3a\xab\x6f\xb3\xfe\xa7\xd9\xe4\xf4\x8c\x44\xdd"
- "\x07\xf7\xc2\x09\x11\xf3\xed\x62\x6e\x31\xe7\x1d\xfd\x0e\xeb\x22\x62\x8a"
- "\x21\xc3\x92\x94\xdf\xee\xfb\xc1\xe7\xc4\xc1\x93\x47\xca\x91\x92\x4f\xe6"
- "\x92\x9f\xbf\xb4\x98\xeb\x75\x5b\x32\x79\x29\xb8\xf9\x23\x92\x94\xd4\xce"
- "\x7c\xdb\x1e\xbb\x9b\x1d\x1d\x51\x9e\xe6\xfc\x3e\x89\x37\xe6\xa7\x25\x29"
- "\xe7\x5a\xe7\xa7\x5b\xe6\x47\xe4\xda\xd5\x86\x7c\x4d\x92\xf2\x79\x4e\xca"
- "\x62\xca\xbc\xfb\xbe\xae\xe7\xbf\x1a\x51\xea\xce\xfd\xec\x8e\xfc\x98\xdb"
- "\x0f\x00\x00\x00\x00\x80\xd3\x40\x53\xdb\x5a\xee\xdf\x35\x6d\xaf\x76\x2f"
- "\x7f\x7b\x7f\xdd\xf2\xf3\x01\x6f\x7f\x3d\xdc\x72\x7f\x1e\x4e\x5e\x0a\x77"
- "\x77\xee\x00\x00\x00\x00\x00\x9c\x15\x56\xed\x45\x51\x37\x4d\xa3\xb2\x4f"
- "\x10\x93\x83\xfb\xb4\x1f\x84\xdb\x4b\xef\xdb\xaf\x4f\x6f\xc3\x0c\xff\xf5"
- "\x82\x11\xf7\x7e\x17\x91\xce\xcd\x74\x9f\x20\xb8\x91\xa2\xa9\x29\xea\x9f"
- "\x6c\xef\xca\xc1\xfc\x3b\x33\xe6\x90\xb4\x93\x35\xe4\x8c\x47\x1d\xf6\xb7"
- "\x07\x1f\x1b\xed\xd5\x47\xc6\xbb\xb0\x82\x6e\x70\xe1\xfd\x87\x5f\x47\x77"
- "\xc1\x5b\xab\xd1\x03\x66\xda\xb1\xa0\xef\x38\xfe\xf7\x00\x00\x00\x00\x38"
- "\x5e\xf5\xa2\x3f\x38\x73\xbb\xbb\x03\x02\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x0c\x3a\x8e"
- "\xaf\x13\xeb\xf6\x1c\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x93\xe2\x6f"
- "\x00\x00\x00\xff\xff\x7f\xe1\x04\x71",
- 747);
- syz_mount_image(
- /*fs=*/0x2000000000c0, /*dir=*/0x2000000001c0,
- /*flags=MS_I_VERSION|MS_STRICTATIME|MS_NODEV|0x200*/ 0x1800204,
- /*opts=*/0x200000000080, /*chdir=*/8, /*size=*/0x2eb,
- /*img=*/0x200000000480);
- memcpy((void*)0x200000000300, "./bus\000", 6);
- res = syscall(__NR_creat, /*file=*/0x200000000300ul, /*mode=*/0ul);
- if (res != -1)
- r[24] = res;
- memcpy((void*)0x200000000440, "./bus\000", 6);
- res = syscall(__NR_open, /*file=*/0x200000000440ul, /*flags=*/0ul,
- /*mode=*/0ul);
- if (res != -1)
- r[25] = res;
- res = syscall(__NR_dup3, /*oldfd=*/r[25], /*newfd=*/r[24], /*flags=*/0ul);
- if (res != -1)
- r[26] = res;
- res = syscall(__NR_io_setup, /*n=*/6, /*ctx=*/0x200000000240ul);
- if (res != -1)
- r[27] = *(uint64_t*)0x200000000240;
- *(uint64_t*)0x200000000000 = 0x2000000000c0;
- *(uint64_t*)0x2000000000c0 = 0xf04aef;
- *(uint32_t*)0x2000000000c8 = 0x3d8;
- *(uint32_t*)0x2000000000cc = 8;
- *(uint16_t*)0x2000000000d0 = 0;
- *(uint16_t*)0x2000000000d2 = 0;
- *(uint32_t*)0x2000000000d4 = r[26];
- *(uint64_t*)0x2000000000d8 = 0;
- *(uint64_t*)0x2000000000e0 = 0;
- *(uint64_t*)0x2000000000e8 = 0;
- *(uint64_t*)0x2000000000f0 = 0;
- *(uint32_t*)0x2000000000f8 = 0;
- *(uint32_t*)0x2000000000fc = -1;
- syscall(__NR_io_submit, /*ctx=*/r[27], /*nr=*/1ul,
- /*iocbpp=*/0x200000000000ul);
- *(uint32_t*)0x200000000040 = 0x18;
- *(uint32_t*)0x200000000044 = 2;
- *(uint32_t*)0x200000000048 = 0;
- *(uint32_t*)0x20000000004c = 0;
- *(uint32_t*)0x200000000050 = 0;
- *(uint32_t*)0x200000000054 = 0;
- *(uint32_t*)0x200000000058 = 0;
- *(uint32_t*)0x20000000005c = 0;
- syscall(__NR_open_by_handle_at, /*mountdirfd=*/r[23],
- /*handle=*/0x200000000040ul, /*flags=*/0ul);
- *(uint64_t*)0x200000000140 = 0x200000000000;
- *(uint16_t*)0x200000000000 = 0x10;
- *(uint16_t*)0x200000000002 = 0;
- *(uint32_t*)0x200000000004 = 0;
- *(uint32_t*)0x200000000008 = 0x1000000;
- *(uint32_t*)0x200000000148 = 0xc;
- *(uint64_t*)0x200000000150 = 0x200000000100;
- *(uint64_t*)0x200000000100 = 0x2000000009c0;
- *(uint32_t*)0x2000000009c0 = 0x1ac;
- *(uint16_t*)0x2000000009c4 = r[18];
- *(uint16_t*)0x2000000009c6 = 0;
- *(uint32_t*)0x2000000009c8 = 0x70bd2a;
- *(uint32_t*)0x2000000009cc = 0x25dfdbfe;
- *(uint8_t*)0x2000000009d0 = 0x28;
- *(uint8_t*)0x2000000009d1 = 0;
- *(uint16_t*)0x2000000009d2 = 0;
- *(uint16_t*)0x2000000009d4 = 4;
- *(uint16_t*)0x2000000009d6 = 0x5f;
- *(uint16_t*)0x2000000009d8 = 0xa;
- *(uint16_t*)0x2000000009da = 6;
- memset((void*)0x2000000009dc, 0, 6);
- *(uint16_t*)0x2000000009e4 = 0xa;
- *(uint16_t*)0x2000000009e6 = 6;
- memset((void*)0x2000000009e8, 80, 6);
- *(uint16_t*)0x2000000009f0 = 0x29;
- *(uint16_t*)0x2000000009f2 = 0x2a;
- *(uint8_t*)0x2000000009f4 = 0x3e;
- *(uint8_t*)0x2000000009f5 = 1;
- *(uint8_t*)0x2000000009f6 = 3;
- *(uint8_t*)0x2000000009f7 = 0x76;
- *(uint8_t*)0x2000000009f8 = 6;
- *(uint8_t*)0x2000000009f9 = 0;
- *(uint8_t*)0x2000000009fa = 4;
- *(uint16_t*)0x2000000009fb = 0xe;
- *(uint16_t*)0x2000000009fd = 6;
- *(uint8_t*)0x2000000009ff = 0x75;
- *(uint8_t*)0x200000000a00 = 0x18;
- *(uint16_t*)0x200000000a01 = 1;
- *(uint16_t*)0x200000000a03 = 0x20;
- *(uint16_t*)0x200000000a05 = 5;
- *(uint16_t*)0x200000000a07 = 0x19;
- memcpy((void*)0x200000000a09,
- "\x57\xbc\x27\xf7\xb2\x41\x3a\x32\xdc\x18\x82\x61\x20\xa1\xf8\x58",
- 16);
- *(uint16_t*)0x200000000a1c = 4;
- *(uint16_t*)0x200000000a1e = 0x5f;
- *(uint16_t*)0x200000000a20 = 6;
- *(uint16_t*)0x200000000a22 = 0x36;
- *(uint16_t*)0x200000000a24 = 1;
- *(uint16_t*)0x200000000a28 = 0xa;
- *(uint16_t*)0x200000000a2a = 6;
- memcpy((void*)0x200000000a2c, "\x26\x10\x0f\x80\x79\x22", 6);
- *(uint16_t*)0x200000000a34 = 0x12e;
- *(uint16_t*)0x200000000a36 = 0x2a;
- *(uint8_t*)0x200000000a38 = 0x7e;
- *(uint8_t*)0x200000000a39 = 0x15;
- STORE_BY_BITMASK(uint8_t, , 0x200000000a3a, 0, 0, 1);
- STORE_BY_BITMASK(uint8_t, , 0x200000000a3a, 5, 1, 7);
- *(uint8_t*)0x200000000a3b = -1;
- *(uint8_t*)0x200000000a3c = 0;
- *(uint8_t*)0x200000000a3d = 8;
- *(uint8_t*)0x200000000a3e = 2;
- *(uint8_t*)0x200000000a3f = 0x11;
- *(uint8_t*)0x200000000a40 = 0;
- *(uint8_t*)0x200000000a41 = 0;
- *(uint8_t*)0x200000000a42 = 0;
- *(uint32_t*)0x200000000a43 = 1;
- *(uint32_t*)0x200000000a47 = 2;
- *(uint32_t*)0x200000000a4b = 8;
- *(uint8_t*)0x200000000a4f = 6;
- *(uint8_t*)0x200000000a50 = 2;
- *(uint16_t*)0x200000000a51 = 9;
- *(uint8_t*)0x200000000a53 = 3;
- *(uint8_t*)0x200000000a54 = 1;
- *(uint8_t*)0x200000000a55 = 0x30;
- *(uint8_t*)0x200000000a56 = 0x37;
- *(uint8_t*)0x200000000a57 = 0xb7;
- *(uint8_t*)0x200000000a58 = 0x67;
- *(uint8_t*)0x200000000a59 = 3;
- memcpy((void*)0x200000000a5a,
- "\x60\x0c\x80\xa8\x1d\x63\x77\xce\xf6\x7b\x2a\xd6\xac\x45\x9e\x68",
- 16);
- memcpy((void*)0x200000000a6a,
- "\x6e\xe3\x83\x44\x6e\x80\xbe\xbb\x60\x97\xaa\x4c\xff\xd9\x12\x80\xac"
- "\x73\x32\x29\x49\xe3\x67\xf6\xdd\x22\x97\xb0\x9e\x70\xd3\x84",
- 32);
- memcpy((void*)0x200000000a8a,
- "\x57\xe8\x43\x7d\x37\xce\x2d\x70\xeb\x05\xdc\x35\x09\xe8\xaa\x26\x9b"
- "\x29\xc3\x7a\x93\x2b\x21\x3e\xa6\x47\x6b\x12\x29\x4e\x52\xf0",
- 32);
- *(uint8_t*)0x200000000aaa = 3;
- *(uint8_t*)0x200000000aab = 0x23;
- memcpy(
- (void*)0x200000000aac,
- "\x82\xba\xdc\xbf\x55\x17\xa3\x76\x3f\x45\x09\x7a\xbd\x3e\x05\xcb\x6c\x8d"
- "\x4a\xf4\xe1\xd1\xbe\x32\xb2\xe5\x73\x48\x29\xdd\x28\xf1\x7e\x58\x4a",
- 35);
- *(uint8_t*)0x200000000acf = 2;
- *(uint8_t*)0x200000000ad0 = 0x1e;
- memcpy((void*)0x200000000ad1,
- "\xbd\x3d\x9a\x33\x7b\x87\xa1\x13\x61\x87\x12\xaa\xa3\xbe\xe2\x9d\x2a"
- "\xcc\x5c\xba\xd0\xe6\x0b\xef\x80\x58\x0a\xb2\x92\x12",
- 30);
- *(uint8_t*)0x200000000aef = 1;
- *(uint8_t*)0x200000000af0 = 0x1e;
- memcpy((void*)0x200000000af1,
- "\x35\xc1\xfc\x8a\xbf\xce\x88\xd3\x64\xc2\xc0\xbe\x2c\x5e\xb1\xdc\xa7"
- "\x4c\x2d\x11\xae\x67\xa4\xca\x48\x0e\xac\x33\x0e\xb9",
- 30);
- *(uint8_t*)0x200000000b0f = 0x76;
- *(uint8_t*)0x200000000b10 = 6;
- *(uint8_t*)0x200000000b11 = 0x81;
- *(uint8_t*)0x200000000b12 = 0x80;
- *(uint16_t*)0x200000000b13 = 0x36;
- *(uint16_t*)0x200000000b15 = 4;
- *(uint8_t*)0x200000000b17 = 0x3e;
- *(uint8_t*)0x200000000b18 = 1;
- *(uint8_t*)0x200000000b19 = 3;
- *(uint8_t*)0x200000000b1a = 0x83;
- *(uint8_t*)0x200000000b1b = 0x1f;
- STORE_BY_BITMASK(uint8_t, , 0x200000000b1c, 0, 0, 6);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b1c, 0, 6, 1);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b1c, 0, 7, 1);
- *(uint8_t*)0x200000000b1d = 0x80;
- *(uint8_t*)0x200000000b1e = 0xb;
- *(uint8_t*)0x200000000b1f = 8;
- *(uint8_t*)0x200000000b20 = 2;
- *(uint8_t*)0x200000000b21 = 0x11;
- *(uint8_t*)0x200000000b22 = 0;
- *(uint8_t*)0x200000000b23 = 0;
- *(uint8_t*)0x200000000b24 = 0;
- *(uint32_t*)0x200000000b25 = 2;
- *(uint32_t*)0x200000000b29 = 0x800;
- *(uint32_t*)0x200000000b2d = 7;
- memset((void*)0x200000000b31, 255, 6);
- *(uint32_t*)0x200000000b37 = 0x80000000;
- *(uint8_t*)0x200000000b3b = 0x83;
- *(uint8_t*)0x200000000b3c = 0x25;
- STORE_BY_BITMASK(uint8_t, , 0x200000000b3d, 0, 0, 6);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b3d, 1, 6, 1);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b3d, 0, 7, 1);
- *(uint8_t*)0x200000000b3e = 4;
- *(uint8_t*)0x200000000b3f = 5;
- *(uint8_t*)0x200000000b40 = 8;
- *(uint8_t*)0x200000000b41 = 2;
- *(uint8_t*)0x200000000b42 = 0x11;
- *(uint8_t*)0x200000000b43 = 0;
- *(uint8_t*)0x200000000b44 = 0;
- *(uint8_t*)0x200000000b45 = 1;
- *(uint32_t*)0x200000000b46 = 0x8410;
- *(uint8_t*)0x200000000b4a = 8;
- *(uint8_t*)0x200000000b4b = 2;
- *(uint8_t*)0x200000000b4c = 0x11;
- *(uint8_t*)0x200000000b4d = 0;
- *(uint8_t*)0x200000000b4e = 0;
- *(uint8_t*)0x200000000b4f = 0;
- *(uint32_t*)0x200000000b50 = 0x40;
- *(uint32_t*)0x200000000b54 = 0x400;
- memset((void*)0x200000000b58, 255, 6);
- *(uint32_t*)0x200000000b5e = 0x7d;
- *(uint16_t*)0x200000000b64 = 6;
- *(uint16_t*)0x200000000b66 = 0x36;
- *(uint16_t*)0x200000000b68 = 9;
- *(uint64_t*)0x200000000108 = 0x1ac;
- *(uint64_t*)0x200000000158 = 1;
- *(uint64_t*)0x200000000160 = 0;
- *(uint64_t*)0x200000000168 = 0;
- *(uint32_t*)0x200000000170 = 0x4000000;
- syscall(__NR_sendmsg, /*fd=*/-1, /*msg=*/0x200000000140ul,
- /*f=MSG_ZEROCOPY*/ 0x4000000ul);
- memcpy((void*)0x200000000000, "/proc/sys/net/ipv4/tcp_wmem\000", 28);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/1, /*mode=*/0);
- if (res != -1)
- r[28] = res;
- syscall(__NR_fstat, /*fd=*/r[28], /*statbuf=*/0x200000000040ul);
- memcpy((void*)0x2000000000c0, "./file0\000", 8);
- res = syscall(__NR_creat, /*file=*/0x2000000000c0ul, /*mode=S_IXGRP*/ 8ul);
- if (res != -1)
- r[29] = res;
- *(uint64_t*)0x200000000100 = 1;
- syscall(__NR_fcntl, /*fd=*/r[28], /*cmd=*/0x40cul, /*hint=*/0x200000000100ul);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/9);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/9);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/7);
- syscall(__NR_ioctl, /*fd=*/r[29], /*cmd=*/0x5451, 0);
- memcpy((void*)0x200000000140, "./file0\000", 8);
- *(uint64_t*)0x200000000280 = 0;
- *(uint64_t*)0x200000000400 = 0;
- syscall(__NR_execve, /*file=*/0x200000000140ul, /*argv=*/0x200000000280ul,
- /*envp=*/0x200000000400ul);
- *(uint64_t*)0x200000000540 = 0x200000000440;
- *(uint16_t*)0x200000000440 = 0x10;
- *(uint16_t*)0x200000000442 = 0;
- *(uint32_t*)0x200000000444 = 0;
- *(uint32_t*)0x200000000448 = 0x8000000;
- *(uint32_t*)0x200000000548 = 0xc;
- *(uint64_t*)0x200000000550 = 0x200000000500;
- *(uint64_t*)0x200000000500 = 0x200000000480;
- *(uint32_t*)0x200000000480 = 0x60;
- *(uint8_t*)0x200000000484 = 1;
- *(uint8_t*)0x200000000485 = 4;
- *(uint16_t*)0x200000000486 = 0x301;
- *(uint32_t*)0x200000000488 = 0;
- *(uint32_t*)0x20000000048c = 0;
- *(uint8_t*)0x200000000490 = 5;
- *(uint8_t*)0x200000000491 = 0;
- *(uint16_t*)0x200000000492 = htobe16(1);
- *(uint16_t*)0x200000000494 = 8;
- STORE_BY_BITMASK(uint16_t, , 0x200000000496, 5, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000497, 1, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000497, 0, 7, 1);
- *(uint32_t*)0x200000000498 = htobe32(4);
- *(uint16_t*)0x20000000049c = 0xa;
- *(uint16_t*)0x20000000049e = 2;
- *(uint32_t*)0x2000000004a0 = htobe32(0xae);
- *(uint8_t*)0x2000000004a4 = 0;
- *(uint8_t*)0x2000000004a5 = 0;
- *(uint16_t*)0x2000000004a8 = 6;
- STORE_BY_BITMASK(uint16_t, , 0x2000000004aa, 6, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x2000000004ab, 1, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x2000000004ab, 0, 7, 1);
- *(uint16_t*)0x2000000004ac = htobe16(6);
- *(uint16_t*)0x2000000004b0 = 6;
- STORE_BY_BITMASK(uint16_t, , 0x2000000004b2, 6, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x2000000004b3, 1, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x2000000004b3, 0, 7, 1);
- *(uint16_t*)0x2000000004b4 = htobe16(6);
- *(uint16_t*)0x2000000004b8 = 0xa;
- *(uint16_t*)0x2000000004ba = 2;
- *(uint32_t*)0x2000000004bc = htobe32(0x401);
- *(uint8_t*)0x2000000004c0 = 1;
- *(uint8_t*)0x2000000004c1 = 0;
- *(uint16_t*)0x2000000004c4 = 0xa;
- *(uint16_t*)0x2000000004c6 = 2;
- *(uint32_t*)0x2000000004c8 = htobe32(0);
- *(uint8_t*)0x2000000004cc = 2;
- *(uint8_t*)0x2000000004cd = 0;
- *(uint16_t*)0x2000000004d0 = 6;
- STORE_BY_BITMASK(uint16_t, , 0x2000000004d2, 6, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x2000000004d3, 1, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x2000000004d3, 0, 7, 1);
- *(uint16_t*)0x2000000004d4 = htobe16(4);
- *(uint16_t*)0x2000000004d8 = 5;
- *(uint16_t*)0x2000000004da = 1;
- *(uint8_t*)0x2000000004dc = 3;
- *(uint64_t*)0x200000000508 = 0x60;
- *(uint64_t*)0x200000000558 = 1;
- *(uint64_t*)0x200000000560 = 0;
- *(uint64_t*)0x200000000568 = 0;
- *(uint32_t*)0x200000000570 = 0x200008c0;
- syscall(__NR_sendmsg, /*fd=*/r[29], /*msg=*/0x200000000540ul,
- /*f=MSG_PROBE|MSG_NOSIGNAL|MSG_EOR|MSG_CONFIRM*/ 0x4890ul);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/7);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/5);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(
- /*val=*/0xffffff01);
- memcpy((void*)0x200000000580, "/dev/snd/seq\000", 13);
- syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x200000000580ul,
- /*flags=O_TRUNC|O_LARGEFILE|O_CREAT|O_CLOEXEC*/ 0x88240, 0);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/2);
- syscall(__NR_ftruncate, /*fd=*/r[28], /*len=*/1ul);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/3);
- memcpy((void*)0x2000000005c0, "net/stat\000", 9);
- res = -1;
- res = syz_open_procfs(/*pid=*/0, /*file=*/0x2000000005c0);
- if (res != -1)
- r[30] = res;
- res = syscall(__NR_socketpair, /*domain=AF_KCM*/ 0x29ul,
- /*type=SOCK_CLOEXEC*/ 0x80000ul, /*proto=*/8,
- /*fds=*/0x200000000600ul);
- if (res != -1) {
- r[31] = *(uint32_t*)0x200000000600;
- r[32] = *(uint32_t*)0x200000000604;
- }
- syscall(__NR_ioctl, /*fd=*/r[32], /*cmd=*/0x8905, /*arg=*/0x200000000640ul);
- *(uint16_t*)0x200000000680 = 1;
- memcpy((void*)0x200000000682,
- "./"
- "file0\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000",
- 108);
- syscall(__NR_bind, /*fd=*/r[30], /*addr=*/0x200000000680ul,
- /*addrlen=*/0x6eul);
- syscall(__NR_ioctl, /*fd=*/r[29], /*cmd=*/0x2401, /*flags=*/7ul);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/1);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(
- /*val=*/0x7f2da2e6);
- *(uint32_t*)0x200000000700 = -1;
- *(uint32_t*)0x200000000704 = 0;
- *(uint32_t*)0x200000000708 = 0x3cd;
- *(uint32_t*)0x20000000070c = 0x69e9;
- *(uint32_t*)0x200000000710 = 0x200;
- *(uint32_t*)0x200000000714 = 1;
- *(uint32_t*)0x200000000718 = 1;
- *(uint32_t*)0x20000000071c = 6;
- syscall(__NR_ioctl, /*fd=*/r[30], /*cmd=*/0xc02063a0,
- /*arg=*/0x200000000700ul);
- *(uint32_t*)0x200000000740 = r[28];
- memcpy(
- (void*)0x200000000748,
- "\x12\xfc\x2d\x0e\xff\x30\xc3\xe5\xf4\x05\x31\x15\xfe\xef\xcc\x02\x99\x3b"
- "\x9f\x38\x5b\xe8\x67\xf5\xa6\x2f\x9f\x2a\x3f\xe9\x62\x4e\x0f\xa8\xd7\x7c"
- "\xd1\x43\x0e\x48\x4b\x1c\x8b\x8d\x72\x83\xe0\x60\x91\x7e\x13\x67\xd1\xc0"
- "\x75\x70\xfb\x99\x1a\x91\x2b\x9c\x21\xfa\x8d\xa7\x3b\xdf\xeb\x28\x65\x0e"
- "\xd4\xba\xa1\x08\xa5\x91\xe9\x60\x7f\xa1\xaf\x81\x6e\xa7\x95\x6d\x74\x4b"
- "\xfc\xb4\x19\x24\x89\x15\x4b\x45\xfe\x75\x91\xce\xa4\x8d\x70\x2c\xa1\x78"
- "\x36\x29\x82\x8f\xc6\x1d\xa3\xfe\x69\x3f\xb4\x9d\x3b\xc9\x64\x2f\xbe\x11"
- "\x62\x28\xd5\x2d\x73\xa4\x0b\xe4\x27\x74\x5c\x8a\x16\xb9\x9b\xfb\x84\xfe"
- "\xc7\x6a\xa3\xc4\x7a\x2d\xbf\xf4\xfd\xfa\x61\x45\x69\x16\x21\xf0\x85\x3a"
- "\x15\x53\x0b\x43\xf0\x78\xd0\x87\x5b\x4c\x7e\xf0\x31\x61\x89\x80\x08\x14"
- "\xf2\x82\x57\xde\x67\x1f\xff\xd7\xe7\x6d\x55\x9a\x59\x01\xd4\x47\x41\x82"
- "\x38\x0f\x9a\x96\x73\x62\xe8\x80\x64\x24\xbd\x6c\x9a\xaf\x52\x8b\x67\xea"
- "\x06\x6a\x64\x5d\xf8\x84\xda\x65\xa5\x8a\xcc\x17\x1a\xee\x3a\x46\xa9\xd0"
- "\x8b\x0a\xc6\x08\xc9\xf5\x08\xba\x9b\x33\x9d\x0d\x2a\x02\x9a\xfb\xc8\x2c"
- "\x1a\xfc\xba\x37\x8c\xea\x75\xfd\x8c\x86\x0a\x17\xd2\x40\xd9\xda\x43\xcb"
- "\xb4\xd6\xf0\x03\x45\x30\x3a\x81\xe1\x31\x09\x67\xa1\x18\xc8\x3c\xc5\x0d"
- "\x4c\x15\x90\xca\x4b\x49\x2c\xee\x25\xbf\xcf\xe0\x0e\x2d\x0e\xb0\x47\xa8"
- "\x44\xf3\x70\x0c\x22\x9e\x9d\xe6\x46\x3c\x67\x9c\x2b\x59\x25\xa7\x64\x5f"
- "\xde\x6a\xa7\x61\xc3\x7b\x5a\x75\x09\xe1\x12\xe4\xd4\x48\xda\x54\xf3\xee"
- "\x08\x96\x45\x25\x47\x82\x98\x33\x73\x20\x62\xa3\xc8\xd5\x2c\x05\xc8\x1a"
- "\x5e\x0b\x8e\xb4\x0f\xa7\xb0\x83\xe3\xff\x28\x29\xe9\xde\x2d\x44\x02\xa1"
- "\xc4\xe4\xf6\x42\x74\x27\x8f\xb1\x2a\xbe\x5f\x46\x4d\xee\x3c\xb7\x54\x46"
- "\x14\x97\xae\xf9\xc6\x1b\x42\x1f\x98\xaf\x74\x07\x79\xbf\x13\x83\x5d\x60"
- "\x2b\x6c\x83\xdf\x4c\xd6\x37\xe4\x2d\x62\xd1\x19\xcb\x66\x0c\x2b\x37\x9b"
- "\x19\xa3\x10\x90\x90\xad\xaf\x3c\xdd\x78\x6c\x88\x99\x05\x19\xe7\xb4\xaf"
- "\xb4\xcc\x47\x2d\x61\x95\x9c\xe7\xad\x28\x29\x40\x2a\x33\x05\x4a\x54\xbe"
- "\xe0\xc8\x39\xbe\xa9\x45\x9b\xea\xc6\x8d\x1e\x19\xdb\x9d\xda\x49\x6c\x94"
- "\x60\x0d\xcc\x47\x91\xbd\xd0\x6a\xe8\xa2\xb9\x72\xd5\x6c\x5b\xdb\xbd\x72"
- "\x92\x58\x7e\x18\x4e\x97\x6a\xde\x0d\xbe\x4f\x91\xc8\x76\x82\xb2\xa5\xdf"
- "\x95\x7e\xc5\xc8\x2c\x1b\x4f\xbd\x5c\x19\xf5\xaa\x66\xc8\xce\x29\xb8\x7f"
- "\x4c\xb2\xb4\x96\xdf\x12\x73\x9b\xa2\x2d\x3d\x21\x5c\x13\x7c\xd7\x04\x41"
- "\xf3\x9a\x2c\xa2\x5d\xae\x2c\x3d\x94\x59\x62\x7f\x91\x76\x2c\x2b\x8f\x25"
- "\x9a\x36\xe8\xc6\xc1\x1e\x1f\x8a\x67\x26\x73\x77\xee\x9f\x88\x2c\xf3\x17"
- "\x75\x4c\x87\x3f\x83\x40\x61\xd5\xac\x4d\x21\xa7\x98\x24\xe1\x01\x56\xda"
- "\x84\xb6\xd3\xfd\x9c\x77\x3a\x45\x71\x65\x36\x0d\x5c\x01\xdc\x23\xbe\x94"
- "\xfb\x6f\x49\xfe\x36\xcd\x9d\x71\xf5\xbf\x2b\xbb\x7b\xfa\x6c\xf8\x26\x79"
- "\x61\x8e\x2f\x37\x67\xd7\xa2\x06\xa6\xa3\x18\xfc\x7f\xd4\xb7\x48\x88\x57"
- "\x49\x80\xe2\x36\x92\x3b\xa0\x01\xfa\x2d\x47\xfe\xbd\x48\xc2\x1b\xc7\xb9"
- "\x15\x46\xc1\xab\x0e\x32\x61\xbb\x7e\xcd\x51\xa1\xad\xcd\xcd\xe4\x8a\x96"
- "\x40\x83\xe0\x18\x18\xa2\x5f\x35\x3b\x1f\x68\x7f\xf0\xa2\xb1\x1b\x94\xe0"
- "\x05\x57\xae\x1e\x0b\xfb\xca\x9d\x5f\x01\x17\x6b\x3a\x8b\x69\x00\x61\x79"
- "\xee\x5f\xa3\x07\x3c\x96\x48\xbf\xff\x36\xe5\x4b\x8b\xe6\x83\x7f\x62\x54"
- "\x77\x2b\x89\x5e\x07\x2e\x8c\xfb\xd4\xf1\x5a\x6e\xdd\xce\xc6\xe1\xaf\x4c"
- "\x54\x8d\xf9\xee\xa5\xfd\x08\x80\xf9\xf4\x5f\x16\xd3\x42\x14\x1f\x55\xea"
- "\xd2\xa4\xb7\x7c\xec\x1a\x63\x85\x1d\x23\x05\x9e\x9c\x2d\xb9\x01\x5e\x42"
- "\x8c\xa1\xff\xb1\xd7\x71\x03\x7a\xc1\xc5\x27\x09\x18\x44\x8b\xc0\x71\x74"
- "\x5b\xde\xa7\x98\x25\xf9\xb9\x77\x9d\x66\x84\x3d\x2a\xed\x89\x58\x7e\xf5"
- "\x21\x97\xdf\x36\x6a\x85\xd3\xeb\x20\xb9\x86\x2f\x52\x8d\x73\xa8\xd7\x15"
- "\x17\x68\x15\x02\xd2\x91\x57\x55\x80\x3b\xb0\xef\x18\xd5\x7e\x88\x28\x26"
- "\x32\x90\x5b\x66\xe8\xdc\x64\x3d\x8f\x03\x81\x36\x72\x82\x22\xec\xcb\x27"
- "\x6d\xea\x82\x21\x2e\x19\xde\x44\xfb\xac\x21\x3d\x68\x70\xae\xec\x07\x8f"
- "\x96\xc3\x60\xa7\xca\x96\xd3\x93\x31\xc8\xae\x0a\x02\xf7\x66\x27\x36\x7a"
- "\xc3\xe2\xcc\x52\x61\xf5\x1b\x66\x83\x7a\x56\xee\x1c\x50\x94\x03\x6e\x09"
- "\x9d\x60\xed\x88\x67\x23\x4f\xd6\x07\x8d\xc1\x47\xe7\xb0\xad\x3c\x82\xdc"
- "\x8c\x3a\x19\x24\x82\x09\x41\x02\x80\x8c\x79\x3d\xc0\x2d\x63\xe6\xe4\x26"
- "\x43\x24\x91\x30\x16\x0d\x64\x58\xe9\x07\x54\xb4\x47\x2b\x03\xe8\x84\x2f"
- "\x1b\xa3\x98\x87\x0e\x17\x0f\xb6\x55\x5c\x43\x5d\x96\x11\xb8\x0e\xc5\xcf"
- "\x55\x99\x39\xa4\x8d\x5a\x77\xd2\x94\x99\x26\x0c\x8c\x74\x12\xed\x5f\x57"
- "\x8e\x5e\x88\x31\x05\x65\x77\x3f\x02\x22\x68\xad\xa3\x13\xe2\x1a\x6f\x75"
- "\xb5\xf1\xd2\x7f\xcd\xe0\xbd\x17\x4e\x68\xd0\x71\xe2\xe5\x66\xd5\xec\x62"
- "\x47\xfa\x2c\x53\x2e\x1e\xca\xb3\x0f\xdd\xc3\x2d\x5a\x87\x17\xe5\x8b\x1d"
- "\x7e\x41\xde\x44\x81\x60\x0a\xfa\x65\x15\x53\x5a\xd8\x17\x96\xa8\x06\xd8"
- "\xef\xe9\xd3\x2f\x56\x2e\xc8\x32\xfc\x56\x9e\xc6\x99\x1b\xae\x17\x56\x9f"
- "\xc3\x26\xd2\x73\x81\x0a\xac\x39\x5a\x25\x7f\x39\xbb\xfd\xa1\xcd\x6c\x5d"
- "\x9a\x9b\xc2\xd4\xbd\x99\x88\x44\xf0\xe0\x14\x93\x44\x74\xd1\x9f\x24\x80"
- "\x9b\xf7\x65\x01\x43\xe4\xa0\xc0\x8f\x0b\x70\x8a\xd1\xbc\x74\x50\x36\x70"
- "\x0a\x26\x1a\xfe\xea\xd3\x1e\xb8\x36\x5c\xc0\x24\xe0\x23\x56\x8a\x37\xea"
- "\x68\x97\x50\x6f\x30\xee\xfa\xf9\x19\xfd\x68\xda\x54\xdb\xa5\xef\x4d\x30"
- "\x7a\xa8\x4f\x0f\xc6\x23\x95\xc3\x24\x2b\xfa\xc5\x21\xbd\xb6\x31\xaf\xe3"
- "\x0a\x1f\x4e\x81\xfa\x45\xdf\xfe\x03\xae\xfa\xa6\x06\xdb\xcb\xef\x65\xcb"
- "\xbe\x87\x2d\xe9\xc8\xaa\x2c\x96\xe2\x1c\xa1\x72\x5e\x9e\x34\x2a\x62\x96"
- "\x24\x25\x31\x16\xd1\xe0\x85\xcc\x60\xd1\xd1\x1d\x16\x58\xa3\x57\xbd\xc6"
- "\x40\x27\x8b\xd4\x66\x8b\x46\x3b\x28\x44\xb6\x1f\x2f\x67\x8f\x6d\x8c\x2b"
- "\x8f\xbe\x8c\xc9\x7e\xf1\xb0\xf5\x08\x28\x5a\x96\x02\x6d\x05\x52\x32\xed"
- "\x15\x39\x12\x14\xf2\xe9\xeb\x07\x6c\x26\x17\xaf\xe1\xbe\xd0\x86\xed\xa2"
- "\x6c\x34\x22\x46\x30\x12\x9f\xb9\x04\x4d\x32\x72\x32\x3b\x59\xe3\xe6\x1e"
- "\x13\x17\x19\x52\x33\x39\xb3\x5e\x2e\xd1\xdc\x15\x61\xa8\xe7\xd2\x05\x3c"
- "\xa5\x0e\x59\xe9\xdd\x32\x45\x29\x71\xdc\x52\x51\x41\x70\x6b\x50\x98\x9b"
- "\x32\xb9\x24\xe0\x49\xd7\x11\x1e\x38\x65\x3a\xb9\x67\x0b\xda\xbb\xaf\x79"
- "\x3e\x6f\xd7\x5c\x60\xe9\xde\xd5\xdd\x14\x05\x62\x55\x70\x72\xeb\x0c\xf6"
- "\x98\xde\xf7\x39\x5e\xe9\x3f\x6e\xd2\x2a\x18\x0e\x01\x92\x22\xb1\xf3\xde"
- "\xd6\x0a\x5c\x2b\xe0\xa0\x2e\x3c\x61\x91\x61\x0d\x71\xd7\x8c\xf5\x25\x28"
- "\x1b\x8e\x3f\xe9\xd3\x01\x5f\x49\xc4\x78\x82\x41\x23\x9a\x6b\xb0\x41\x8d"
- "\xcc\xb2\x6e\x0a\xab\xd0\x45\x38\xa5\xb7\xb0\xf0\x53\x67\xaf\xa4\xde\xe5"
- "\x4b\x8e\x28\x05\xcc\x70\xbe\x63\xb5\x8e\xea\x0b\x3d\x91\x6a\x66\x83\x96"
- "\x86\x38\x5f\xef\x50\xdb\xf4\xca\xa1\x93\xbe\x18\x96\x64\x55\x2b\xf0\x95"
- "\x1f\x7e\xfc\xa8\xa0\x88\x05\xed\x30\x1a\xd0\xce\xda\x6e\x7e\x03\xe1\x0b"
- "\x7b\x0c\x9d\x47\xb5\x4c\x1b\x4e\x3b\xf3\x78\xaa\x21\x42\x5a\x49\x8b\x12"
- "\x76\xce\x2d\x0f\x4b\x06\x07\x3e\x1f\x14\xdc\xed\x4f\x9e\xbb\x93\x9d\x1b"
- "\x5f\x96\x46\xff\x41\x67\xc8\x3a\x15\xef\xf0\xf1\x56\x33\x52\x7a\x46\xdf"
- "\x9e\xfc\x58\xc1\x91\x65\xa3\xc7\x23\x57\xc8\xca\x1d\x88\x0b\x6b\xdf\xe7"
- "\x3d\x5d\xf0\xa7\xb1\x3f\x5e\xc0\xae\xc5\x4b\x8d\x28\x6a\x74\xea\xd9\xed"
- "\x38\x7d\x7b\xa7\x31\xc1\x96\x81\x46\x27\x44\xe0\x52\x07\x42\x13\xf0\x39"
- "\x30\x56\xb2\x80\x21\xf4\x52\x2c\xbc\x77\xf4\x25\xc8\x81\xb3\x94\x5f\x08"
- "\xd9\x7a\x2c\x4e\x4d\x9b\x8a\xba\x71\xf5\xba\x68\x32\x84\xa4\x34\xb5\xf3"
- "\x4b\x17\xf1\xfe\xf3\x4b\x93\x37\x00\xd6\x17\xd8\x02\x08\xf7\xd5\xc1\x79"
- "\xe0\xbb\x10\xd2\x61\xfb\xf1\x79\xbb\xdc\x54\xb7\x30\x24\x33\x43\x4b\x0e"
- "\x00\xd2\x62\x76\xb3\xbf\x22\x8e\xfe\x00\x16\x30\xd5\x1c\xdd\xe6\x6f\x28"
- "\x4a\xc9\xd2\xbd\x93\x83\x9e\xf0\x45\x16\xd8\xca\x38\x4b\xe7\xb9\x69\xf3"
- "\x89\x7f\xa5\xda\x9a\x99\x90\x9e\x2c\x33\xb3\xec\xff\xf4\x32\x57\x8f\x54"
- "\x3a\xa2\x4f\xbc\x94\x1f\x14\x30\xfe\x4b\x55\xd9\x7d\x26\xb0\xe6\xd4\x85"
- "\x19\xea\x8f\x39\x7b\x65\x82\xf5\x63\xaa\xdd\x7e\x4b\x4b\x77\x29\x7e\x44"
- "\x26\x77\xce\x9f\x38\x97\x0d\xd7\x0a\xd1\x80\xeb\xd7\x82\xca\x6f\xc4\x54"
- "\x8e\x6b\x11\x7a\x7c\x28\xb6\x52\xe1\xd2\x2e\x84\xe0\x9a\x74\x7c\x88\x83"
- "\x3d\xca\xb2\x42\xb2\xe7\x72\xa0\x05\xfc\x64\x77\x85\x14\x16\x88\x4a\x24"
- "\x5a\xcc\xac\xfe\xce\x29\xde\xa7\xbe\x47\x1f\xe0\x1d\x09\xf1\xa9\x5c\x72"
- "\xf6\x25\x22\x65\xa2\xa7\xc6\xe1\xa6\xee\x2d\x3b\xf0\xdb\x4c\xb4\x34\xf2"
- "\xdb\x8a\xe2\x40\xa6\xd5\x3e\x33\x2f\x9b\xd3\x78\x15\x5a\x19\x65\x1b\x35"
- "\xfc\xdc\x40\x9d\x7c\xca\x30\x03\xb3\x23\xb3\xaa\x1a\x60\x59\xea\xc7\xe3"
- "\xa6\xfe\xc2\xde\xc8\x5e\xc0\x7f\xd6\xe3\x9e\x57\x13\xcd\x80\x4b\xd6\xd7"
- "\x6d\x69\x51\x7a\xe9\xcd\x13\x55\xf3\x7b\x09\x06\x12\xbd\xe7\x5c\xf1\xd4"
- "\x08\x06\xa3\x51\x97\x63\x23\xa2\x6c\x5d\xc9\x54\x77\x86\x70\x55\x05\x7d"
- "\x1a\x5d\x2c\x39\x37\x9c\x2f\x1b\xcb\xfc\x49\xae\x79\x55\xa0\xad\x79\x3e"
- "\xd0\x4d\xfe\x27\xdd\xd8\x1f\xe8\xf4\x10\xdc\x52\x0d\x70\xa8\x2f\x84\x46"
- "\xa2\xa8\x61\x5b\xa9\xbd\xe9\x9b\x2b\xb2\x4f\x20\x11\x8a\xf7\x5b\x1f\x12"
- "\xf7\xbd\x91\x9c\x34\xb0\xc9\x06\xf7\xa0\x25\x24\x73\x71\x67\xbd\x0f\x83"
- "\xe7\x33\xcf\xdd\x63\x11\x7a\x9f\xff\xed\xa5\xa4\x38\xa9\x30\xb9\x56\x23"
- "\xfa\xc4\x7d\xcc\x2f\x7e\x8f\x8b\xff\xbc\x7b\xe8\xb6\xcb\x7a\x00\x87\x97"
- "\xdf\x83\xb7\x44\xf9\xfc\x85\xb9\xb9\x21\xb8\x65\x69\xb5\xbd\x40\x8a\xc4"
- "\x58\x7c\x4e\xdf\x5d\x70\x5a\x49\x4c\xc7\xcb\xf6\x92\x83\xf6\x82\xbc\xb6"
- "\x10\x4f\x11\x8b\xe6\x7c\xcd\xa8\x98\x5c\xaa\x9f\x52\x9a\xed\xba\x50\xa7"
- "\xf6\x78\xc0\x32\x19\x9b\x0f\xc3\xea\x21\x2a\x31\x01\xa3\x09\x1e\xea\x97"
- "\xbb\x3b\x31\xfa\x9f\xbe\x2d\xf5\x74\xfa\xc6\xcd\xb7\x32\x0f\x5b\x59\x5b"
- "\xcc\xe4\x6f\x12\xcb\x31\x8e\xd3\xfd\x82\x7d\xfa\x02\x51\xa6\x72\x21\xeb"
- "\x4f\x6b\xab\xca\x56\x8a\xa8\xe6\xe6\xcc\xea\xb5\xca\xdb\xb5\x04\x75\x32"
- "\x8a\x34\x97\x1c\x2e\x9d\x07\x11\x37\x88\x3f\xcd\x68\x42\x83\x8d\x64\x18"
- "\x1d\x87\x55\x4e\x2e\xe7\x31\xe9\x6a\x66\xb6\x5c\x96\xfa\xaa\x2a\x06\x92"
- "\x4a\x58\xaa\xd7\xd5\x21\x5e\x00\x1d\xe3\xb0\x2a\x05\x22\x28\xa6\xa4\xed"
- "\x49\x03\xf8\x41\x42\xb9\x90\x0f\x5c\xc3\x1c\xa9\x04\x27\x6a\xfe\x6f\x9b"
- "\x7b\x18\x7d\xa3\x7f\x79\x34\xac\xc5\xe0\x70\xed\x2c\x2f\xdb\x21\x5c\x58"
- "\x56\x11\x8b\xb3\x9a\xe5\x53\x65\xd5\xfd\x49\x43\xaf\x26\xf6\xd6\xe7\x1b"
- "\x7c\x31\x11\xe6\x34\xe5\x0e\x38\x2e\x58\x85\x6f\x16\xef\x6e\x0a\x66\xc4"
- "\x3c\xf4\x13\x40\xda\x55\x96\x67\xca\x77\x45\x68\xaf\x04\x68\x5c\xa6\x14"
- "\x99\x18\x35\x0c\xb6\x6b\x30\xf8\xf1\xb7\x11\x49\x76\xf3\x07\xb9\x72\x52"
- "\x60\x9e\xf5\x57\xc7\xa3\xb8\xda\x97\x0b\x30\x20\x4d\xe5\xe1\x21\xbc\x71"
- "\xe7\x3f\xab\x73\xf9\xee\x0a\x31\xc7\x44\xd2\x16\xa1\xd1\x16\x21\x39\x25"
- "\x52\x5e\x7e\x00\x49\x41\x1e\xf0\x1d\xda\x32\xaf\x76\xb9\x9d\x12\x1d\x85"
- "\x46\xa1\xe9\x9d\x0e\x60\x7f\x7f\x59\xa2\x72\xfc\x7d\x04\x97\x6a\x75\xc2"
- "\x43\xcc\xfb\xd2\xe1\xd3\x8a\x51\x45\xa4\x5c\x48\xa7\xd8\xc6\xae\x50\x75"
- "\x9b\x00\x92\x0d\xb2\xca\xab\x73\x94\x9a\x8f\x43\x3e\xe0\xdb\xed\x41\x57"
- "\xac\x3c\x13\x30\x23\xc4\x57\x1f\x78\x53\xc6\x6c\x7b\x1b\x57\x4b\x83\x29"
- "\x63\xa3\x4c\x4d\x23\x28\xc7\x44\x41\x4b\x4e\x86\x9b\xb3\x39\xd7\x97\x27"
- "\xf4\x36\x95\xfe\x7b\x5d\x81\xef\x81\xb8\xea\xe5\xc6\x56\x29\xc7\x00\xf0"
- "\x04\x64\x6c\x1f\xe6\x97\x99\x56\x87\x10\x5a\x32\x9b\x8a\x12\x55\xa1\x53"
- "\xcb\x83\xf1\x6f\x94\x87\xa9\x91\x36\x1c\x09\xb6\xb4\x78\xf4\xcf\x80\x73"
- "\x85\x80\xfb\xc2\x6f\x55\x08\x12\x6b\xc4\xba\xdb\x7a\x63\xa0\xdc\x5f\x2e"
- "\x72\x16\x37\x47\x2e\x5b\x94\xae\x3b\xae\xe6\xa7\x96\x55\xbc\x15\x17\x4b"
- "\xe3\x86\xac\x30\x05\xef\x92\xe8\xc6\x3f\x96\x4e\xbd\xe7\x11\x11\x60\x12"
- "\x1a\x8f\xaf\xc5\xcb\x84\x2c\xc7\xf5\x27\x54\x11\xc9\x09\x07\x07\x90\x3b"
- "\x6a\x3b\x58\x57\x3f\x1b\x7b\x3b\x14\x20\x98\xa6\x8e\x18\x54\x1c\xc3\x44"
- "\x33\x37\x11\xe7\x2d\x51\x18\x32\x98\x3b\xea\x1d\x68\xcd\xda\x1e\x9e\x45"
- "\xa0\xc9\xb1\x51\x1a\xfa\xe9\x00\x0c\x98\xf0\xa5\x71\x12\x32\x2d\xfe\x96"
- "\x0e\xa3\x3f\x00\xc2\xa2\x02\x78\x15\x3c\xbf\xe4\x67\xca\x79\xcc\xe4\xf4"
- "\xdb\xcf\x0c\x8f\x93\xc7\xc8\x73\x57\x80\xd3\x02\x5b\x6c\x97\xb8\x63\xac"
- "\x2b\x1d\x1d\x33\x5d\x3d\xad\x05\x64\x98\x2e\xe4\x41\x85\xbb\xff\x13\xf4"
- "\x88\x51\x1a\x97\x5d\x3e\x62\x24\x68\x60\x3e\x62\xeb\x81\xa7\xac\x16\xf6"
- "\x0a\xb0\x1f\xd7\x9d\x13\x1a\xda\x5b\xd7\x9f\x9b\xa6\x1b\x6a\x0a\xc5\x05"
- "\x08\x25\xfa\xf2\xb9\x13\xf8\x7d\xae\x28\x61\xa2\xa3\x3a\x50\x72\x20\x7f"
- "\x52\xa9\xd7\xeb\x31\x56\xd5\xb1\x72\x4e\x5b\xfc\x43\xe5\x67\x32\xa6\x41"
- "\xf2\xa9\x64\x03\x0b\x30\x3c\xfd\xca\x2d\x1f\x9b\x34\x27\x3e\x0a\xc7\x23"
- "\xb6\xb2\x5d\xef\xe6\xb1\x1f\x05\x50\xb2\x3d\x72\x57\x05\x33\x24\x3b\x75"
- "\xfd\xbd\x2e\x90\xf9\xe7\x71\x33\x7d\xbd\x54\xdf\x9c\x2f\xaa\x8f\x97\xff"
- "\xce\xa7\x5b\x3f\x49\xc9\xda\x09\x17\xfc\xe6\x35\xdb\x12\x67\x3b\x8b\x90"
- "\x8a\x94\xbf\xe0\x6f\x20\xb2\xf7\xb4\x08\xe9\x52\x80\xab\x22\x55\xbd\xa2"
- "\xec\xe3\xa0\x3f\x39\xa1\x9a\xef\x41\x72\x11\xfc\x3c\x14\xd8\xa0\xfe\x88"
- "\x02\xd2\x7d\x61\x90\x96\x56\x43\x41\x86\x3c\xfe\xff\x27\x12\x7c\x0d\xb5"
- "\x73\x35\xac\x6a\x41\xf6\xba\xca\xfe\x51\x5c\xb3\xac\x8a\xbd\xa6\x1f\xe9"
- "\x99\x2e\x8f\x00\x5a\x51\x49\x38\x96\x09\x31\x87\x8e\x1f\x82\x5c\x21\x41"
- "\x6f\x9d\xcf\x72\xdb\x3c\xb0\xe0\xad\xaa\x95\x14\xf2\xbb\x42\x06\xe0\x91"
- "\xa7\x6d\xde\xf2\x62\xf0\x4a\xfe\x0f\xc3\x26\x9e\xbe\x81\x43\xc0\x86\x04"
- "\x40\x31\xe4\xa6\x2b\x4d\x46\xd3\xf8\xff\x36\x85\xe6\x85\x04\xd4\x1e\xb6"
- "\x0d\x95\x76\x63\x53\x91\xd4\x1b\x17\xb1\x44\xd0\x9a\xe3\x67\xa2\xee\x4c"
- "\xde\x4f\x56\x4e\xca\x57\x3b\x61\xeb\xbe\x2c\xff\x9d\xfd\xa3\x35\x47\x03"
- "\x3c\xcc\xf2\xe6\x43\x66\x2e\x70\x37\xb0\x9f\xb3\xa6\x07\x39\x56\x15\x8a"
- "\xf7\xfd\x61\x6a\xfd\x2b\x6f\x86\x4b\x94\x48\x4d\x56\x82\x3e\x80\x74\x61"
- "\x33\x8f\x67\xf8\xfd\xab\x75\x82\x64\x59\xdc\xe8\xd9\x31\xa9\xed\x03\xae"
- "\x81\xbd\x65\x7f\x76\x19\x75\xc0\x3e\x9a\xfb\x7e\xae\x59\x44\x08\x4f\x91"
- "\x26\x31\x55\x56\xb8\xb6\x72\xe5\x53\xed\x5f\xb9\x50\xb2\xb9\xcc\x81\xfb"
- "\xc3\x34\x22\xc1\xb0\xc8\x96\x24\x99\xa7\xc6\x35\x7b\x6e\xd2\x7b\x6e\x91"
- "\xab\xc5\xb4\x58\xa8\x5b\x1b\xb3\x05\x3b\xcc\xa1\xa1\x84\x13\x73\x5b\x06"
- "\xfb\x93\x36\x3d\x81\x63\x09\x26\xec\x13\x58\x58\xd2\x20\x84\xab\x58\x18"
- "\x6c\xa0\x9d\x39\x74\x43\xb9\xff\xde\xcb\xdc\x5f\x63\x77\x42\x5c\x50\x88"
- "\x2b\x4c\xb1\x8f\x56\xe4\x11\x24\x5a\x51\x3f\x26\x44\x9b\xc3\xe6\x77\xc2"
- "\x77\x9d\x7d\x84\xbd\x68\x18\x69\x54\x05\xfc\x70\xee\xc9\x4c\x03\xa2\x6f"
- "\x58\xf8\xc3\x3f\xa8\xc9\x10\xca\xbd\x24\x1c\xad\x08\xc7\x67\x6f\xd2\x5d"
- "\xba\x6f\x05\x4d\xc9\xd5\x4c\x9c\x60\x79\x01\xf6\x96\x45\x29\x26\x85\xc6"
- "\x77\x21\x2e\x23\xd1\x35\x48\xba\x5c\x4e\xe7\xfc\xa6\x1f\xa0\xa6\x73\xfb"
- "\x69\xb7\xc0\x36\xcf\x2a\x51\x25\xc3\xd2\x19\x4e\x6b\x57\x1c\xbb\x31\x00"
- "\x73\xf4\x08\xa1\x64\x21\xcb\x85\xec\xe9\x6f\x4b\xa4\x28\x04\xc0\x9f\x96"
- "\x95\x78\xaf\x5f\x5e\xa0\xcd\xe8\xac\x17\x33\x61\x8a\x52\xfd\x76\x5a\xdc"
- "\x93\x8f\x3c\x8e\x66\x07\x93\xa4\xc7\xe0\x8d\x29\x5e\xe5\x0d\xd4\x24\x63"
- "\x00\xfc\x2c\x30\xe6\xc7\x21\x19\x53\xc6\x33\x5e\x1a\x4e\x28\x85\x44\x75"
- "\x5f\x25\x43\x98\x80\xb0\x53\xfb\x9b\xda\x17\xfa\x2f\x52\x62\xb4\xb5\xc4"
- "\xfd\xbe\xf8\x8d\x62\x41\x5c\xe5\xef\xd5\x2f\x61\xca\x7c\xe7\xd8\x5e\xb9"
- "\x2c\x8e\x97\xfb\x78\xf1\xca\xff\x60\x4f\xd8\x40\xb1\xca\x5f\xcf\x14\x0d"
- "\x5b\xcd\x39\x79\x51\x8b\x1d\x1d\x93\xb4\xb5\x84\x12\x27\x00\x2e\x5f\xce"
- "\x75\x32\x22\x83\x9d\x84\x6f\x4f\x55\x20\x3a\x69\x5c\x67\xf3\x22\x57\xb2"
- "\x7d\x02\x80\xdf\x54\x9a\xe1\xd6\x8f\x34\x7a\x17\xf3\x2c\x0a\xe5\xdb\xfc"
- "\x87\x11\xb2\xb9\x0f\x8e\x80\xfa\x7c\xf1\x09\x53\x8d\xff\x43\x6b\x2a\xdc"
- "\x99\xf9\xb3\x99\x7f\x00\x3e\xa7\xf1\x23\x46\xcb\xd9\x90\xe3\xb5\x31\xa9"
- "\x66\x8d\x28\xb8\xc0\x62\x00\x76\x5f\x09\x43\x7f\x63\x9b\x25\x26\x45\x83"
- "\x77\xcf\xff\x0d\x2a\x5f\xab\x60\x55\xcb\x17\x7e\x8f\x56\x99\x76\x92\x7b"
- "\xe3\x24\xdb\x16\x61\x55\x4b\xc1\xe5\x93\x2c\xa4\x64\xc1\xbc\x4a\x4a\x7e"
- "\xac\x7b\xfe\x82\xb8\x2f\x3f\x23\xa2\x0e\x45\x72\xee\xb0\x7c\x89\xce\x30"
- "\x0d\xe5\x6a\x8d\x77\xe5\xe5\x44\x25\xd1\xbd\xcb\xcd\x40\xf7\x01\xb6\x51"
- "\x08\x2f\xf7\xab\x40\x80\x5f\x01\xea\xfb\x46\xb5\x2c\x6c\x78\xb5\x33\xd8"
- "\x2b\x5f\xc4\xeb\xbb\x58\x2f\x83\xc5\xc4\x4f\x9a\xc9\x6f\x2b\x0c\x34\x6b"
- "\xec\x73\xe6\x97\xd5\xe3\x4c\x26\xb8\x8c\x52\xb1\x64\x0f\xf8\x91\xbc\x5f"
- "\xdf\x24\x4b\x48\x52\x40\xda\xb9\xc3\x9a\x66\x63\x36\x62\xf0\x31\x74\xe5"
- "\x84\xd4\x3b\x91\xe7\x74\xe3\x51\x23\x74\xec\x64\xfe\x5a\xfe\x16\x49\xd5"
- "\xe9\x89\xcd\x99\x68\x35\xf8\xff\xe4\x62\x25\xe3\x45\xdc\xb5\x68\x7e\xb9"
- "\xe4\xd1\xb3\xc8\x20\x81\x3c\xed\x36\x28\x1c\xd7\x1c\xfd\x9e\x7e\x28\xa4"
- "\xeb\xee\xd7\x16\xaa\x46\x15\xd0\x09\xb4\x52\xfe\xc6\x25\xdd\xa8\x84\xb2"
- "\x40\xf7\xb0\x8d\x4d\x7e\x5a\xb1\x13\x93\x6d\xd8\xf7\x05\xe7\xc4\x3d\xc4"
- "\xcf\x33\x03\x86\x0c\x0c\xf2\x51\x20\xc3\x53\x49\x3b\xb2\x6b\x77\xc9\x57"
- "\xf8\xeb\xa8\x44\x58\x04\x18\x24\xd9\x43\xd2\xaf\x92\x6f\xcc\x14\x2a\x7b"
- "\x0a\x57\xa8\xd1\x20\x3e\x33\x6f\xfb\x6f\x46\xcc\x8d\x8f\x1b\x0c\xdb\x57"
- "\xde\xab\xe5\x38\x29\xd8\x87\x4f\x1e\x97\xc4\x88\x03\x84\x9c\x28\x01\x64"
- "\x13\x5b\x49\x6a\xa0\x1b\x30\xc0\xf6\xa7\x92\x75\x6c\xff\xe1\xf4\xfd\x46"
- "\x5f\x1a\xcd\x6e\x5f\x6c\x83\x0d\x2b\x0e\x6a\xab\x98\x34\xed\xfb\x63\xc9"
- "\x36\xfe\x0c\x64\x7d\xde\xa7\xe7\xa0\xff\xa7\x5e\xf7\xb0\x6d\xec\xa2\x48"
- "\xdf\x85\xfd\xef\x32\xde\x3a\x26\xb0\x4c\x3f\xf6\xc5\xc2\x8f\xd1\x10\x90"
- "\x2e\x00\xf1\xd9\x5c\x55\xe2\x7a\x0b\x51\xe6\x57\x23\xe7\x29\x13\x6f\x56"
- "\x31\x8a\x48\x8c\x3b\x7e\xaa\xdc\x93\xd8\x2f\x1e\x77\xfa\xf2\x72\xf1\x57"
- "\x38\x08\x8a\x4c\xb4\xc8\xba\x45\x59\xf1\x26\x48\xd7\xed\x60\x2a\x8b\xe4"
- "\xde\x6a\xee\x3c\x4f\x01\xf8\x82\x83\x20\x85\x29\xd8\x85\x08\x89\x75\x36"
- "\x19\xd1\xb5\x80\xab\xcb\xc3\x4f\xd3\x9f\xa2\xeb\xed\x19\x95\x15\x8a\x00"
- "\xbf\x84",
- 4088);
- syscall(__NR_ioctl, /*fd=*/r[31], /*cmd=*/0x5000940a,
- /*arg=*/0x200000000740ul);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/3);
- *(uint64_t*)0x2000000018c0 = 0x200000001740;
- *(uint16_t*)0x200000001740 = 0x10;
- *(uint16_t*)0x200000001742 = 0;
- *(uint32_t*)0x200000001744 = 0;
- *(uint32_t*)0x200000001748 = 0x2000000;
- *(uint32_t*)0x2000000018c8 = 0xc;
- *(uint64_t*)0x2000000018d0 = 0x200000001880;
- *(uint64_t*)0x200000001880 = 0x200000001780;
- *(uint32_t*)0x200000001780 = 0xd4;
- *(uint16_t*)0x200000001784 = 0;
- *(uint16_t*)0x200000001786 = 2;
- *(uint32_t*)0x200000001788 = 0x70bd28;
- *(uint32_t*)0x20000000178c = 0x25dfdbfd;
- *(uint8_t*)0x200000001790 = 0xf;
- *(uint8_t*)0x200000001791 = 0;
- *(uint16_t*)0x200000001792 = 0;
- *(uint16_t*)0x200000001794 = 0xe;
- *(uint16_t*)0x200000001796 = 1;
- memcpy((void*)0x200000001798, "netdevsim\000", 10);
- *(uint16_t*)0x2000000017a4 = 0xf;
- *(uint16_t*)0x2000000017a6 = 2;
- memcpy((void*)0x2000000017a8, "netdevsim", 9);
- *(uint8_t*)0x2000000017b1 = 0x30;
- *(uint8_t*)0x2000000017b2 = 0;
- *(uint16_t*)0x2000000017b4 = 8;
- *(uint16_t*)0x2000000017b6 = 0xb;
- *(uint32_t*)0x2000000017b8 = 1;
- *(uint16_t*)0x2000000017bc = 6;
- *(uint16_t*)0x2000000017be = 0x11;
- *(uint16_t*)0x2000000017c0 = 7;
- *(uint16_t*)0x2000000017c4 = 0xe;
- *(uint16_t*)0x2000000017c6 = 1;
- memcpy((void*)0x2000000017c8, "netdevsim\000", 10);
- *(uint16_t*)0x2000000017d4 = 0xf;
- *(uint16_t*)0x2000000017d6 = 2;
- memcpy((void*)0x2000000017d8, "netdevsim", 9);
- *(uint8_t*)0x2000000017e1 = 0x30;
- *(uint8_t*)0x2000000017e2 = 0;
- *(uint16_t*)0x2000000017e4 = 8;
- *(uint16_t*)0x2000000017e6 = 0xb;
- *(uint32_t*)0x2000000017e8 = 0;
- *(uint16_t*)0x2000000017ec = 6;
- *(uint16_t*)0x2000000017ee = 0x11;
- *(uint16_t*)0x2000000017f0 = 3;
- *(uint16_t*)0x2000000017f4 = 0xe;
- *(uint16_t*)0x2000000017f6 = 1;
- memcpy((void*)0x2000000017f8, "netdevsim\000", 10);
- *(uint16_t*)0x200000001804 = 0xf;
- *(uint16_t*)0x200000001806 = 2;
- memcpy((void*)0x200000001808, "netdevsim", 9);
- *(uint8_t*)0x200000001811 = 0x30;
- *(uint8_t*)0x200000001812 = 0;
- *(uint16_t*)0x200000001814 = 8;
- *(uint16_t*)0x200000001816 = 0xb;
- *(uint32_t*)0x200000001818 = 4;
- *(uint16_t*)0x20000000181c = 6;
- *(uint16_t*)0x20000000181e = 0x11;
- *(uint16_t*)0x200000001820 = 0xdb81;
- *(uint16_t*)0x200000001824 = 0xe;
- *(uint16_t*)0x200000001826 = 1;
- memcpy((void*)0x200000001828, "netdevsim\000", 10);
- *(uint16_t*)0x200000001834 = 0xf;
- *(uint16_t*)0x200000001836 = 2;
- memcpy((void*)0x200000001838, "netdevsim", 9);
- *(uint8_t*)0x200000001841 = 0x30;
- *(uint8_t*)0x200000001842 = 0;
- *(uint16_t*)0x200000001844 = 8;
- *(uint16_t*)0x200000001846 = 0xb;
- *(uint32_t*)0x200000001848 = 3;
- *(uint16_t*)0x20000000184c = 6;
- *(uint16_t*)0x20000000184e = 0x11;
- *(uint16_t*)0x200000001850 = 0x14;
- *(uint64_t*)0x200000001888 = 0xd4;
- *(uint64_t*)0x2000000018d8 = 1;
- *(uint64_t*)0x2000000018e0 = 0;
- *(uint64_t*)0x2000000018e8 = 0;
- *(uint32_t*)0x2000000018f0 = 0x48004;
- syscall(__NR_sendmsg, /*fd=*/r[30], /*msg=*/0x2000000018c0ul,
- /*f=MSG_DONTWAIT*/ 0x40ul);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/9);
- syz_sysconfig_set__proc_sys_net_ipv6_conf_sit0_accept_source_route(/*val=*/3);
- syscall(
- __NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0xff5000ul, /*prot=*/0ul,
- /*flags=MAP_POPULATE|MAP_NORESERVE|MAP_NONBLOCK|MAP_HUGETLB|MAP_FIXED|0x2000000000821*/
- 0x200000005c831ul, /*fd=*/-1, /*offset=*/0ul);
- memcpy((void*)0x2000000001c0, "mounts\000", 7);
- res = -1;
- res = syz_open_procfs(/*pid=*/0, /*file=*/0x2000000001c0);
- if (res != -1)
- r[33] = res;
- memcpy((void*)0x200000002b80,
- "\276\375\031m\373\020\323\316`\261\325-g\245\354v\225\305:O`"
- "\231\227\233_\037S\341\266\341*"
- "\267\337\322E\347\\\301\360\225\217W\2229L\321\222="
- "o\315\2239\202K\203\335\256\367\242\302\306\230\305\330\251\245|("
- "M\2316\241\314\223$\275\3775AwUB\302)\265\356$"
- "\345\223\016T\231\273\225\336\031\n,\361\236f\256\2531@"
- "d\350\033h\201h1\033#k6",
- 116);
- syscall(__NR_memfd_create, /*name=*/0x200000002b80ul,
- /*flags=MFD_HUGETLB|MFD_CLOEXEC*/ 5ul);
- res = -1;
- res = syz_open_dev(/*dev=*/0xc, /*major=*/4, /*minor=*/1);
- if (res != -1)
- r[34] = res;
- memcpy((void*)0x200000000100, "#! ", 3);
- memcpy((void*)0x200000000103, "./file0", 7);
- *(uint8_t*)0x20000000010a = 0xa;
- memcpy((void*)0x20000000010b, "\xb3\x29\x0d", 3);
- syscall(__NR_write, /*fd=*/r[34], /*data=*/0x200000000100ul, /*len=*/0xeul);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_write, /*fd=*/r[34], /*data=*/0x200000000100ul, /*len=*/0xeul);
- }
- *(uint16_t*)0x200000000080 = 4;
- *(uint64_t*)0x200000000088 = 0x200000000040;
- *(uint16_t*)0x200000000040 = 1;
- *(uint8_t*)0x200000000042 = 0xf7;
- *(uint8_t*)0x200000000043 = 6;
- *(uint32_t*)0x200000000044 = 9;
- *(uint16_t*)0x200000000048 = 0x800;
- *(uint8_t*)0x20000000004a = 7;
- *(uint8_t*)0x20000000004b = 8;
- *(uint32_t*)0x20000000004c = 2;
- *(uint16_t*)0x200000000050 = 0xc2;
- *(uint8_t*)0x200000000052 = 3;
- *(uint8_t*)0x200000000053 = 0x40;
- *(uint32_t*)0x200000000054 = 8;
- *(uint16_t*)0x200000000058 = 0xdf1;
- *(uint8_t*)0x20000000005a = 0x40;
- *(uint8_t*)0x20000000005b = 3;
- *(uint32_t*)0x20000000005c = 0x3721;
- res = syscall(__NR_seccomp, /*op=*/1ul,
- /*flags=SECCOMP_FILTER_FLAG_NEW_LISTENER*/ 8ul,
- /*arg=*/0x200000000080ul);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_seccomp, /*op=*/1ul,
- /*flags=SECCOMP_FILTER_FLAG_NEW_LISTENER*/ 8ul,
- /*arg=*/0x200000000080ul);
- }
- if (res != -1)
- r[35] = res;
- syscall(__NR_dup3, /*oldfd=*/r[35], /*newfd=*/r[33], /*flags=*/0ul);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_dup3, /*oldfd=*/r[35], /*newfd=*/r[33], /*flags=*/0ul);
- }
- syscall(__NR_sendfile, /*fdout=*/r[35], /*fdin=*/r[35], /*off=*/0ul,
- /*count=*/0x100000002ul);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_sendfile, /*fdout=*/r[35], /*fdin=*/r[35], /*off=*/0ul,
- /*count=*/0x100000002ul);
- }
- syscall(__NR_mprotect, /*addr=*/0x200000000000ul, /*len=*/0x800000ul,
- /*prot=PROT_SEM|PROT_EXEC*/ 0xcul);
- syscall(__NR_mremap, /*addr=*/0x200000000000ul, /*len=*/0x600000ul,
- /*newlen=*/0x600000ul, /*flags=MREMAP_FIXED|MREMAP_MAYMOVE*/ 3ul,
- /*newaddr=*/0x200000a00000ul);
- res = -1;
- res = syz_init_net_socket(/*domain=*/0x10, /*type=*/3, /*proto=*/0x10);
- if (res != -1)
- r[36] = res;
- memcpy((void*)0x200000000000, "NLBL_UNLBL\000", 11);
- res = -1;
- res = syz_genetlink_get_family_id(/*name=*/0x200000000000, /*fd=*/r[36]);
- if (res != -1)
- r[37] = res;
- res = -1;
- res = syz_init_net_socket(/*domain=*/0x10, /*type=*/3, /*proto=*/0x10);
- if (res != -1)
- r[38] = res;
- *(uint64_t*)0x200000000200 = 0;
- *(uint32_t*)0x200000000208 = 0;
- *(uint64_t*)0x200000000210 = 0x200000000140;
- *(uint64_t*)0x200000000140 = 0x2000000000c0;
- memcpy((void*)0x2000000000c0, "\x44\xdd\x9b\x9b", 4);
- *(uint16_t*)0x2000000000c4 = r[37];
- memcpy((void*)0x2000000000c6,
- "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x14\x00\x03"
- "\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x14\x00\x02\x00\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x08\x00\x04\x00\x7f\x00\x00\x01",
- 62);
- *(uint64_t*)0x200000000148 = 0x44;
- *(uint64_t*)0x200000000218 = 1;
- *(uint64_t*)0x200000000220 = 0;
- *(uint64_t*)0x200000000228 = 0;
- *(uint32_t*)0x200000000230 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[38], /*msg=*/0x200000000200ul, /*f=*/0ul);
- memcpy((void*)0x200000000000, "/dev/vcsa#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000000, /*id=*/6, /*flags=*/0);
- if (res != -1)
- r[39] = res;
- *(uint64_t*)0x200000000380 = 0x200000000280;
- *(uint64_t*)0x200000000388 = 0xed;
- syscall(__NR_preadv, /*fd=*/r[39], /*vec=*/0x200000000380ul, /*vlen=*/1ul,
- /*off_low=*/8, /*off_high=*/0);
- res = syscall(__NR_geteuid);
- if (res != -1)
- r[40] = res;
- res =
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0xb704, /*arg=*/0x200000000040ul);
- if (res != -1)
- r[41] = *(uint32_t*)0x200000000040;
- memcpy((void*)0x200000000180, "vfat\000", 5);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- memcpy((void*)0x2000000002c0, "uni_xlate=1", 11);
- *(uint8_t*)0x2000000002cb = 0x2c;
- memcpy((void*)0x2000000002cc, "errors=continue", 15);
- *(uint8_t*)0x2000000002db = 0x2c;
- memcpy((void*)0x2000000002dc, "utf8=0", 6);
- *(uint8_t*)0x2000000002e2 = 0x2c;
- memcpy((void*)0x2000000002e3, "nocase", 6);
- *(uint8_t*)0x2000000002e9 = 0x2c;
- memcpy((void*)0x2000000002ea, "nonumtail=0", 11);
- *(uint8_t*)0x2000000002f5 = 0x2c;
- memcpy((void*)0x2000000002f6, "utf8=1", 6);
- *(uint8_t*)0x2000000002fc = 0x2c;
- memcpy((void*)0x2000000002fd, "uid", 3);
- *(uint8_t*)0x200000000300 = 0x3d;
- sprintf((char*)0x200000000301, "0x%016llx", (long long)0);
- *(uint8_t*)0x200000000313 = 0x2c;
- memcpy((void*)0x200000000314, "rodir", 5);
- *(uint8_t*)0x200000000319 = 0x2c;
- memcpy((void*)0x20000000031a, "nfs", 3);
- *(uint8_t*)0x20000000031d = 0x2c;
- memcpy((void*)0x20000000031e, "shortname=lower", 15);
- *(uint8_t*)0x20000000032d = 0x2c;
- memcpy((void*)0x20000000032e, "fmask", 5);
- *(uint8_t*)0x200000000333 = 0x3d;
- sprintf((char*)0x200000000334, "%023llo", (long long)2);
- *(uint8_t*)0x20000000034b = 0x2c;
- memcpy((void*)0x20000000034c, "shortname=win95", 15);
- *(uint8_t*)0x20000000035b = 0x2c;
- memcpy((void*)0x20000000035c, "nfs", 3);
- *(uint8_t*)0x20000000035f = 0x2c;
- memcpy((void*)0x200000000360, "nonumtail=0", 11);
- *(uint8_t*)0x20000000036b = 0x2c;
- memcpy((void*)0x20000000036c, "utf8=0", 6);
- *(uint8_t*)0x200000000372 = 0x2c;
- memcpy((void*)0x200000000373, "uni_xlate=1", 11);
- *(uint8_t*)0x20000000037e = 0x2c;
- memcpy((void*)0x20000000037f, "nonumtail=0", 11);
- *(uint8_t*)0x20000000038a = 0x2c;
- memcpy((void*)0x20000000038b, "obj_type", 8);
- *(uint8_t*)0x200000000393 = 0x3d;
- memcpy((void*)0x200000000394, "%,*@(!(:#\254[", 11);
- *(uint8_t*)0x20000000039f = 0x2c;
- memcpy((void*)0x2000000003a0, "mask", 4);
- *(uint8_t*)0x2000000003a4 = 0x3d;
- memcpy((void*)0x2000000003a5, "MAY_EXEC", 8);
- *(uint8_t*)0x2000000003ad = 0x2c;
- memcpy((void*)0x2000000003ae, "uid", 3);
- *(uint8_t*)0x2000000003b1 = 0x3d;
- sprintf((char*)0x2000000003b2, "%020llu", (long long)r[40]);
- *(uint8_t*)0x2000000003c6 = 0x2c;
- memcpy((void*)0x2000000003c7, "uid<", 4);
- sprintf((char*)0x2000000003cb, "%020llu", (long long)r[41]);
- *(uint8_t*)0x2000000003df = 0x2c;
- memcpy((void*)0x2000000003e0, "dont_appraise", 13);
- *(uint8_t*)0x2000000003ed = 0x2c;
- memcpy((void*)0x2000000003ee, "uid>", 4);
- sprintf((char*)0x2000000003f2, "%020llu", (long long)r[40]);
- *(uint8_t*)0x200000000406 = 0x2c;
- memcpy((void*)0x200000000407, "uid<", 4);
- sprintf((char*)0x20000000040b, "%020llu", (long long)r[41]);
- *(uint8_t*)0x20000000041f = 0x2c;
- *(uint8_t*)0x200000000420 = 0;
- memcpy(
- (void*)0x200000002300,
- "\x78\x9c\xec\xdd\x3f\x6b\x23\x47\x14\x00\xf0\xb7\xb2\x2c\x29\x49\x21\x15"
- "\xa9\x42\x20\x0b\x49\x91\xca\xd8\x6e\xd3\xc8\x04\x1b\x4c\x54\x25\xa8\x48"
- "\x52\x24\x26\xb6\x21\x58\x22\x60\x83\x21\x7f\x88\xe2\x2a\x6d\x9a\x94\xf9"
- "\x04\x81\x40\xba\xfb\x12\xd7\xdc\x37\x38\xb8\xf6\xe0\xba\x73\x61\xd8\x63"
- "\xa5\xdd\x93\xec\x93\x65\xeb\xb0\xec\xfb\xf3\xfb\x35\x1e\xcf\xce\x9b\x79"
- "\x33\x1e\x6c\x5c\xec\xd3\xf7\x1f\xf6\x0f\x76\xd3\xd8\x3f\xf9\xed\x61\x34"
- "\x1a\x49\x54\xda\xd1\x8e\xd3\x24\x5a\x51\x89\xd2\x1f\x71\x4e\xfb\xaf\x00"
- "\x00\x5e\x67\xa7\x59\x16\x4f\xb2\x91\x79\xe2\x92\x88\x68\x2c\x2e\x2d\x00"
- "\x60\x81\xe6\xfe\xfb\xff\xff\xc2\x53\x02\x00\x16\xec\xab\xaf\xbf\xf9\x62"
- "\xa3\xd3\xd9\xfc\x32\x4d\x1b\xb1\xd5\xff\xf3\xb8\x9b\xff\x67\x9f\x7f\x1d"
- "\x3d\xdf\xd8\x8f\x1f\xa3\x17\x7b\xb1\x1a\xcd\x38\x8b\xc8\x9e\x1b\xb5\xb7"
- "\xb2\x2c\x1b\x54\xd3\x5c\x2b\x3e\xe9\x0f\x8e\xbb\x79\x64\xff\xbb\xfb\xc5"
- "\xfc\x1b\x8f\x23\x86\xf1\x6b\xd1\x8c\xd6\xb0\xeb\x7c\xfc\x76\x67\x73\x2d"
- "\x1d\x99\x88\x1f\xe4\x79\xbc\x5b\xac\xdf\xce\xe3\xd7\xa3\x19\xef\x4f\x59"
- "\x7f\xbb\xb3\xb9\x3e\x25\x3e\xba\xb5\xf8\xf4\xe3\x89\xfc\x57\xa2\x19\x0f"
- "\x7e\x88\x9f\xa2\x17\xbb\xc3\x24\xc6\xf1\xbf\xaf\xa5\xe9\xe7\xd9\xdf\x4f"
- "\x7f\xfd\x36\x4f\x2f\x8f\x4f\x06\xc7\xdd\xfa\x70\xdc\x58\xb6\x74\xcb\x3f"
- "\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\xde\x60\x2b\x45\xed\x9c\x7a\x0c\xeb\xf7\xe4\x5d\x45\xfd\x9d\xa5\xb3\xfc"
- "\x9b\xe5\x48\x4b\xad\xf3\xf5\x79\x46\xf1\x49\x39\xd1\x85\xfa\x40\x83\x2c"
- "\xfe\x29\xeb\xeb\xac\xa6\x69\x9a\x15\x03\xc7\xf1\xd5\xf8\xa0\x1a\xd5\xbb"
- "\xd9\x35\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbc"
- "\x5a\x8e\x7e\xfe\xe5\x60\xa7\xd7\xdb\x3b\xbc\x91\x46\x59\x0d\xa0\x7c\xad"
- "\xff\x65\xe7\x69\x4f\xf4\x7c\x14\xb3\x07\xd7\xc7\x6b\x55\x8a\xe6\x8c\x99"
- "\x63\xa9\x1c\x93\x44\xcc\x4c\x23\xdf\xc4\x0d\x1d\xcb\x55\x8d\x77\x2e\xcb"
- "\xf9\xdf\xff\xe6\x9d\xb0\x71\xf5\x98\xe5\x59\xe7\x73\x33\x8d\xf2\x76\x1d"
- "\xec\x24\xd3\xcf\xb0\x1e\x65\x4f\xa3\xbc\x24\xf7\x26\xc7\xd4\xe2\x9a\x6b"
- "\xd5\x2e\x7b\x94\xcd\x75\xfd\x6a\x53\x1f\x35\xe7\xde\x7b\xed\xbd\x61\x63"
- "\x30\x63\x4c\x24\xb3\x12\xfb\xec\xd1\xe8\xe4\x8a\x9e\xe4\xe2\x2e\x6a\xc3"
- "\x53\x9d\x1a\xbe\x5c\x34\x26\xc2\x2f\xdc\x8d\xb9\xee\xf3\x8b\xbf\x2b\x12"
- "\xd5\x3a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\xa1"
- "\xc6\x2f\xfd\x4e\x79\x78\x32\x33\xb4\x92\xd5\x17\x96\x16\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdc\xaa\xf1\xe7\xff\xcf\xd1\x18\x14"
- "\xc1\xd7\x18\x5c\x8b\xc3\xa3\x3b\xde\x22\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6f\x81\x67\x01\x00"
- "\x00\xff\xff\xc3\x51\x62\x02",
- 673);
- syz_mount_image(
- /*fs=*/0x200000000180, /*dir=*/0x200000000000,
- /*flags=MS_I_VERSION|MS_NOSUID|MS_NOEXEC|MS_DIRSYNC*/ 0x80008a,
- /*opts=*/0x2000000002c0, /*chdir=*/7, /*size=*/0x2a1,
- /*img=*/0x200000002300);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- syscall(__NR_creat, /*file=*/0x200000000000ul, /*mode=*/0ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/2ul, /*proto=*/0x88);
- if (res != -1)
- r[42] = res;
- *(uint16_t*)0x200000000040 = 1;
- *(uint64_t*)0x200000000048 = 0x200000000000;
- *(uint16_t*)0x200000000000 = 6;
- *(uint8_t*)0x200000000002 = 0;
- *(uint8_t*)0x200000000003 = 0;
- *(uint32_t*)0x200000000004 = 0x7fc00100;
- res = syscall(__NR_seccomp, /*op=*/1ul,
- /*flags=SECCOMP_FILTER_FLAG_NEW_LISTENER*/ 8ul,
- /*arg=*/0x200000000040ul);
- if (res != -1)
- r[43] = res;
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0xc0182101, /*arg=*/0ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[44] = res;
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/2ul, /*proto=*/0);
- if (res != -1)
- r[45] = res;
- *(uint32_t*)0x200000000080 = 0xbd9;
- syscall(__NR_setsockopt, /*fd=*/r[45], /*level=*/1,
- /*optname=SO_TIMESTAMPING_NEW*/ 0x41, /*optval=*/0x200000000080ul,
- /*optlen=*/4ul);
- *(uint32_t*)0x200000000000 = 0x918;
- syscall(__NR_setsockopt, /*fd=*/r[45], /*level=*/1,
- /*optname=SO_TIMESTAMPING_OLD*/ 0x25, /*optval=*/0x200000000000ul,
- /*optlen=*/4ul);
- *(uint32_t*)0x2000000000c0 = 0;
- syscall(__NR_getsockopt, /*fd=*/r[44], /*level=*/1, /*optname=*/0x26,
- /*optval=*/0ul, /*optlen=*/0x2000000000c0ul);
- res = syscall(__NR_ioctl, /*fd=*/r[43], /*cmd=*/0xc0502100,
- /*arg=*/0x200000000280ul);
- if (res != -1)
- r[46] = *(uint64_t*)0x200000000280;
- *(uint64_t*)0x200000000240 = r[46];
- *(uint64_t*)0x200000000248 = 0;
- *(uint32_t*)0x200000000250 = 0;
- *(uint32_t*)0x200000000254 = 0;
- syscall(__NR_ioctl, /*fd=*/r[43], /*cmd=*/0xc0182101,
- /*arg=*/0x200000000240ul);
- res = syscall(__NR_ioctl, /*fd=*/r[43], /*cmd=*/0xc0502100,
- /*arg=*/0x200000000400ul);
- if (res != -1)
- r[47] = *(uint64_t*)0x200000000400;
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[48] = res;
- *(uint64_t*)0x200000000140 = r[47];
- *(uint32_t*)0x200000000148 = 2;
- *(uint32_t*)0x20000000014c = r[48];
- *(uint32_t*)0x200000000150 = 0;
- *(uint32_t*)0x200000000154 = 0;
- syscall(__NR_ioctl, /*fd=*/r[43], /*cmd=*/0x40182103,
- /*arg=*/0x200000000140ul);
- *(uint32_t*)0x200000000280 = 5;
- res = syscall(__NR_getsockopt, /*fd=*/r[42], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x200000000240ul, /*optlen=*/0x200000000280ul);
- if (res != -1)
- r[49] = *(uint32_t*)0x200000000244;
- syscall(__NR_setreuid, /*ruid=*/0, /*euid=*/r[49]);
- memcpy((void*)0x200000000080, "./file0\000", 8);
- syscall(__NR_utimes, /*filename=*/0x200000000080ul, /*times=*/0ul);
- memcpy((void*)0x200000000440, "ext4\000", 5);
- memcpy((void*)0x200000000480, "./file0\000", 8);
- *(uint8_t*)0x200000000000 = 0;
- memcpy(
- (void*)0x200000001900,
- "\x78\x9c\xec\xdc\x4b\x6f\x1c\x45\x1e\x00\xf0\x7f\xf7\xd8\x79\x6c\xe2\xb5"
- "\x37\xbb\x0b\xe4\x01\x18\x02\xc2\xe2\x61\xc7\xce\xf3\xc0\x05\x04\x52\x2e"
- "\x20\x24\x38\x84\xa3\xb1\x9d\x28\xc4\x49\x50\x6c\x24\x12\x59\xc4\x20\x14"
- "\x8e\x28\x9f\x00\x38\x22\xf1\x09\x38\xc1\x05\xf1\xb8\x80\xb8\x82\xb8\x22"
- "\xa4\x08\xf9\x92\xc0\x01\x35\xea\x99\x6e\x67\x62\x7b\x9c\x19\x7b\xec\x49"
- "\x32\xbf\x9f\xd4\x49\x55\x77\x4d\x57\xfd\xbb\xbb\xec\xea\x2a\x8d\x03\xe8"
- "\x5a\x83\xf9\x3f\x49\xc4\xce\x88\xf8\x39\x22\xfa\x6b\xd9\x5b\x0b\x0c\xd6"
- "\xfe\xbb\xb1\x30\x37\xf1\xe7\xc2\xdc\x44\x12\x59\xf6\xea\x1f\x49\xb5\xdc"
- "\xf5\x85\xb9\x89\xb2\x68\xf9\xb9\x1d\x45\x66\x28\x8d\x48\x3f\x48\x62\xef"
- "\x0a\xf5\xce\x5c\xbc\x74\x66\x7c\x7a\x7a\xea\x42\x91\x1f\x99\x3d\xfb\xd6"
- "\xc8\xcc\xc5\x4b\xcf\x9c\x3e\x3b\x7e\x6a\xea\xd4\xd4\xb9\xb1\x63\xc7\x0e"
- "\x1d\xdc\x7e\xf4\xc8\xd8\xe1\xb6\xc4\xd9\x97\xb7\x75\xcf\xbb\xe7\xf7\xed"
- "\x3e\xfe\xfa\xd5\x97\x26\x4e\x5c\x7d\xe3\xdb\xcf\xf3\xf6\x66\xc5\xf1\xfa"
- "\x38\x6a\x06\xd6\x5d\xe7\x60\x0c\xde\x7a\x2d\xeb\x3c\xbe\xee\xb3\xdf\x59"
- "\xfa\xea\xd2\x49\x4f\x07\x1b\x42\x4b\x2a\x11\x91\xdf\xae\xde\x6a\xff\xef"
- "\x8f\x4a\xdc\xbc\x79\xfd\xf1\xe2\xfb\x1d\x6d\x1c\xb0\xa1\xb2\x2c\xcb\xb6"
- "\x2e\xdb\x5b\x29\x13\xf3\x19\x70\x0f\x4b\xa2\xd3\x2d\x00\x3a\xa3\xfc\x45"
- "\x7f\x7d\x21\x7f\x53\x9d\x9b\x58\xfe\x1e\x7c\x6f\xbb\xf6\x5c\xed\x55\x3f"
- "\x8f\xfb\x46\xb1\xd5\x8e\xf4\x44\x9a\xbf\xc3\x0f\xd4\xde\x8d\xd2\x0d\xaa"
- "\xff\x7f\x11\x71\x62\xfe\xaf\x8f\xf3\x2d\x56\x9c\x87\x00\x00\x68\xaf\x2f"
- "\xf3\xf1\xcf\xd3\xb5\x71\x47\xb9\xd5\x8e\xa4\x71\x5f\x5d\xb9\x7f\x17\x6b"
- "\x43\x03\x11\xf1\x9f\x88\xd8\x15\x11\xff\x2d\xc6\x2f\xff\x8f\xa8\x96\xbd"
- "\x3f\x22\x1e\x58\x5e\x45\xa3\x25\x90\xaa\xc1\x25\xf9\xe5\xe3\x9f\x1f\xb7"
- "\xaf\x39\xb8\x26\xe4\xe3\xbf\x67\x8b\xb5\xad\x5b\xc7\x7f\x8b\x23\xbe\x81"
- "\x4a\x91\xeb\xab\xc6\xdf\x9b\x9c\x3c\x3d\x3d\x75\xa0\xb8\x26\x43\xd1\xbb"
- "\x35\xcf\x8f\xae\x52\xc7\x57\x2f\xfc\xf4\x51\xa3\x63\x83\x75\xe3\xbf\x7c"
- "\xcb\xeb\x2f\xc7\x82\x45\x3b\x7e\xef\x59\x32\x41\x37\x39\x3e\x3b\xbe\x9e"
- "\x98\xeb\x5d\x7b\x2f\x62\x4f\xcf\x4a\xf1\x27\x8b\x2b\x01\xf9\x0d\xdc\x1d"
- "\x11\x7b\xd6\x70\xfe\xfc\x9a\x9d\x7e\xf2\xb3\x7d\x8d\x8e\xdf\x3e\xfe\x55"
- "\xb4\x61\x9d\x29\xfb\x34\xe2\x89\xda\xfd\x9f\x8f\x25\xf1\x97\x92\x86\xeb"
- "\x93\xa3\x47\x8f\x8c\x1d\x1e\xd9\x16\xd3\x53\x07\x46\xca\xa7\x62\xb9\xef"
- "\x7e\xb8\xf2\x4a\xa3\xfa\xf3\xf8\x5f\xfe\xfe\xe6\x35\x68\x29\xfe\x36\xc8"
- "\xef\xff\xbf\x56\x7c\xfe\x17\xe3\x1f\x48\xea\xd7\x6b\x67\x5a\xaf\xe3\xca"
- "\x2f\x1f\x36\x7c\xa7\x59\xeb\xf3\xbf\x25\x79\xad\x9a\xde\x52\xec\x7b\x67"
- "\x7c\x76\xf6\xc2\x68\xc4\x96\x64\x7e\xf9\xfe\xb1\x9b\x9f\x2d\xf3\x65\xf9"
- "\x3c\xfe\xa1\xfd\x2b\xf7\xff\x5d\x11\x7f\x7f\x52\x7c\x6e\x6f\x44\xe4\x0f"
- "\xf1\x83\x11\xf1\x50\x44\x3c\x5c\xb4\xfd\x91\x88\x78\x34\x22\xf6\xaf\x12"
- "\xff\x37\xcf\x3f\xf6\xe6\xda\xe3\xdf\x58\x79\xfc\x93\x2d\xdd\xff\x8b\x97"
- "\x92\x32\x71\xa6\xb9\x44\xe5\xcc\xd7\x5f\x34\xaa\xbf\xb9\xfb\x7f\xa8\x9a"
- "\x1a\x2a\xf6\x4c\x8e\xcf\x6e\xbb\x5d\x5c\xcd\x36\x70\x3d\xd7\x0e\x00\x00"
- "\x00\xee\x16\x69\x44\xec\x8c\x24\x1d\x5e\x4c\xa7\xe9\xf0\x70\xc4\x8e\xc5"
- "\x19\x94\x99\xd9\xa7\x4e\x9e\x7f\xfb\xdc\x64\xed\x3b\x02\x03\xd1\x9b\x96"
- "\x33\x5d\xfd\x75\xf3\xa1\xa3\xc5\xdc\x70\x99\x1f\x5b\x92\x3f\x58\x9d\x37"
- "\xce\xb2\x2c\xdb\x5e\xcd\x0f\x4f\x9c\x9f\xee\xeb\x70\xec\xd0\xed\x76\x34"
- "\xe8\xff\xb9\xdf\x2a\x9d\x6e\x1d\xb0\xe1\x5a\x5a\x47\x5b\x75\x39\x17\xb8"
- "\xdb\xac\x7d\x1d\x3d\x6b\x6b\x3b\x80\xcd\xe7\xfb\xda\xd0\xbd\xf4\x7f\xe8"
- "\x5e\x4d\xf7\xff\xde\x8d\x6d\x07\xb0\xf9\x56\xea\xff\x97\x23\x6e\x74\xa0"
- "\x29\xc0\x26\x33\xfe\x87\xee\xa5\xff\x43\xf7\xd2\xff\xa1\x7b\xe9\xff\xd0"
- "\x95\x9a\xff\x16\x7f\x6b\x89\x5d\xc7\x37\xea\xcc\x77\x46\xe2\xd7\x34\xa2"
- "\x3d\x27\xac\x6c\x7a\xe3\xb7\x45\x3b\xce\x13\xe9\x6d\xcb\xf4\xb4\xf0\x87"
- "\x18\x36\x37\x91\xde\x19\xcd\xa8\x25\xb6\x46\x44\xb3\x85\x2f\xb7\xe9\xa9"
- "\x5b\x25\x91\xd6\xaa\xe8\xf4\x4f\x26\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x80\xf6\xf8\x27\x00\x00\xff\xff\x9b\x66\xe0\xc9",
- 1166);
- syz_mount_image(/*fs=*/0x200000000440, /*dir=*/0x200000000480, /*flags=*/0,
- /*opts=*/0x200000000000, /*chdir=*/1, /*size=*/0x48c,
- /*img=*/0x200000001900);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- syscall(__NR_open, /*file=*/0x200000000040ul, /*flags=*/0ul, /*mode=*/0ul);
- memcpy((void*)0x200000000140, "/dev/sg#\000", 9);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000140, /*id=*/0x100000, /*flags=*/0);
- if (res != -1)
- r[50] = res;
- *(uint64_t*)0x200000000000 = 0xb5;
- syscall(__NR_ioctl, /*fd=*/r[50], /*cmd=FIOASYNC*/ 0x5452,
- /*v=*/0x200000000000ul);
- memcpy((void*)0x2000000060c0, "/dev/sg#\000", 9);
- res = -1;
- res = syz_open_dev(/*dev=*/0x2000000060c0, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[51] = res;
- res = syscall(__NR_fcntl, /*fd=*/r[51], /*cmd=*/0ul, /*arg=*/r[51]);
- if (res != -1)
- r[52] = res;
- syscall(__NR_ioctl, /*fd=*/r[52], /*cmd=*/0x2275, /*arg=*/0x200000000000ul);
- memcpy((void*)0x2000000004c0, "ext4\000", 5);
- memcpy((void*)0x200000000100, "./file0\000", 8);
- *(uint8_t*)0x200000000000 = 0;
- memcpy(
- (void*)0x200000000a00,
- "\x78\x9c\xec\xdd\xcf\x6f\x1b\x59\x1d\x00\xf0\xef\x4c\xe2\x26\x4d\xb3\x9b"
- "\x2c\xec\x01\x10\xb0\x65\x59\x28\xa8\xaa\x93\xb8\xbb\xd1\x6a\x25\xa4\xe5"
- "\x02\x42\xab\x95\x10\x2b\x4e\x1c\xba\x21\x71\xa2\x28\x76\x1c\xc5\x4e\x69"
- "\xd2\x1e\xd2\xff\x01\x89\x4a\x9c\xe0\x4f\xe0\x80\xc4\x01\xa9\x27\xee\xdc"
- "\xe0\xc6\xa5\x1c\x90\x0a\x94\xa2\x06\x89\x83\xd1\x8c\x9d\xe6\x47\xed\xa4"
- "\xb4\xa9\x67\x15\x7f\x3e\xd2\xeb\xcc\x9b\x71\xe7\xfb\x7d\x4e\xe6\x3d\xfb"
- "\x45\xf6\x0b\x60\x68\x5d\x8e\x88\xdd\x88\xb8\x10\x11\x9f\x46\xc4\x54\xf7"
- "\x78\xd2\x2d\xf1\x61\xa7\x64\x8f\x7b\xf2\xe8\xce\xe2\xde\xa3\x3b\x8b\x49"
- "\xb4\xdb\x9f\xfc\x23\xc9\xcf\x67\xc7\x2e\x1e\xfa\x3f\x99\x4b\xdd\x6b\x8e"
- "\x47\xc4\x8f\xbe\x1f\xf1\xd3\xe4\xd9\xb8\xcd\xed\x9d\xb5\x85\x5a\xad\xba"
- "\xd9\xad\xcf\xb4\xea\x1b\x33\xcd\xed\x9d\x6b\xab\xf5\x85\x95\xea\x4a\x75"
- "\xbd\x52\x99\x9f\x9b\x9f\x7d\xff\xfa\x7b\x95\x33\x6a\x69\x7b\xea\xad\xfa"
- "\x6f\x1e\x7e\x6f\xf5\xa3\x1f\xff\xfe\x77\x5f\x79\xf0\xc7\xdd\x6f\xdf\xce"
- "\xd2\x9a\xec\xe6\x9d\xb5\xe3\x8c\x02\x1d\xd1\x69\x7a\x29\x8f\xb3\x6f\x34"
- "\x22\x3e\x7a\x15\xc1\x0a\x30\xd2\x6d\xcf\x85\xa2\x13\xe1\x85\xa4\x11\xf1"
- "\xb9\x88\x78\x3b\xbf\xff\xa7\x62\x24\xff\x69\x02\x00\xe7\x59\xbb\x3d\x15"
- "\xed\xa9\xc3\x75\x00\xe0\xbc\x4b\xf3\x39\xb0\x24\x2d\x77\xe7\x02\x26\x23"
- "\x4d\xcb\xe5\xce\x1c\xde\x9b\x31\x91\xd6\x1a\xcd\xd6\xd5\xe5\xc6\xd6\xfa"
- "\x52\x67\xae\x6c\x3a\x4a\xe9\xf2\x6a\xad\x3a\xdb\x9d\x2b\x9c\x8e\x52\x92"
- "\xd5\xe7\xf2\xfd\x83\x7a\xe5\x58\xfd\x7a\x44\xbc\x11\x11\x3f\x1f\xbb\x98"
- "\xd7\xcb\x8b\x8d\xda\x52\x91\x2f\x7c\x00\x60\x88\x5d\x3a\x36\xfe\xff\x7b"
- "\xac\x33\xfe\x03\x00\xe7\xdc\x78\xd1\x09\x00\x00\x03\x67\xfc\x07\x80\xe1"
- "\x63\xfc\x07\x80\xe1\x63\xfc\x07\x80\xe1\x63\xfc\x07\x80\xe1\xd3\x6f\xfc"
- "\x6f\xb7\x07\x9c\x08\x00\x30\x30\xc7\xc6\xff\x52\x51\x79\x00\x00\x03\xf1"
- "\xc3\x8f\x3f\xce\x4a\x7b\xaf\xfb\xfd\xd7\x4b\x37\xb7\xb7\xd6\x1a\x37\xaf"
- "\x2d\x55\x9b\x6b\xe5\xfa\xd6\x62\x79\xb1\xb1\xb9\x51\x5e\x69\x34\x56\xf2"
- "\xef\xec\xa9\x9f\x76\xbd\x5a\xa3\xb1\x31\xf7\x6e\x6c\xdd\x9a\x69\x55\x9b"
- "\xad\x99\xe6\xf6\xce\x8d\x7a\x63\x6b\xbd\x75\x23\xff\x5e\xef\x1b\x55\xaf"
- "\x2d\x00\xa0\x78\x6f\xbc\x75\xff\xcf\x49\x44\xec\x7e\x70\x31\x2f\x71\x68"
- "\x2d\x07\x63\x35\x9c\x6f\x69\xd1\x09\x00\x85\x19\x29\x3a\x01\xa0\x30\x56"
- "\xfb\x82\xe1\xe5\x3d\x3e\xd0\x63\x89\xde\x23\xfa\x7e\x44\xe8\xde\xd9\xe7"
- "\x02\x0c\xc6\x95\x2f\x9a\xff\x87\x61\x75\xd2\xfc\xff\x77\x06\x98\x07\x30"
- "\x78\xe6\xff\x61\x78\xbd\xe0\xfc\x7f\xb2\x7b\xd6\x89\x00\x03\xd7\x6e\x27"
- "\xd6\xfc\x07\x80\x21\x63\x8e\x1f\xf0\xf7\x7f\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf8"
- "\xff\x4d\xe6\x25\x49\xcb\xdd\xb5\xc0\x27\x6f\x5f\x4a\xcb\xe5\x88\xd7\x22"
- "\x62\x3a\x4a\xed\x58\xad\x55\x67\x23\xe2\xf5\x88\xf8\xd3\x58\x69\x6c\x79"
- "\xb5\x56\x9d\x2b\x3a\x69\x00\xe0\x25\xa5\x7f\x4b\xba\xeb\x7f\x5d\x99\x7a"
- "\x67\xf2\xf8\xd9\x0b\xc9\x7f\xc6\xf2\x6d\x44\xfc\xec\x97\x9f\xfc\xe2\xd6"
- "\x42\xab\xb5\x39\x97\x1d\xff\xe7\xd3\xe3\xad\x7b\xdd\xe3\x95\x22\xf2\x07"
- "\x00\x4e\xb3\x3f\x4e\xef\x8f\xe3\xfb\x9e\x3c\xba\xb3\xb8\x5f\x06\x99\xcf"
- "\xc3\xef\x76\x16\x17\xcd\xe2\xee\x75\x4b\xe7\xcc\x68\x8c\xe6\xdb\xf1\x28"
- "\x45\xc4\xc4\xe3\xa4\x5b\xef\xc8\x5e\xaf\x8c\x9c\x41\xfc\xdd\xbb\x11\xf1"
- "\x85\x5e\xed\x4f\xf2\xb9\x91\xe9\xee\xca\xa7\xc7\xe3\x67\xb1\x5f\x1b\x68"
- "\xfc\xf4\x48\xfc\x34\x3f\xd7\xd9\x66\xcf\xc5\xe7\xcf\x20\x17\x18\x36\xf7"
- "\xb3\xfe\xe7\xc3\x5e\xf7\x5f\x1a\x97\xf3\x6d\xef\xfb\x7f\x3c\xef\xa1\x5e"
- "\xde\x7e\xff\xb7\xf7\x4c\xff\x97\x3e\xed\xff\x46\xfa\xf4\x7f\x97\x9f\x37"
- "\xc6\xbb\x7f\xf8\x41\xdf\x73\x77\x23\xbe\x34\xda\x2b\x7e\xf2\x34\x7e\xd2"
- "\x27\xfe\x3b\xbd\x2e\xd8\xa3\x53\xfe\xcb\x97\xbf\xfa\x76\xbf\xf8\xed\x5f"
- "\x45\x5c\x89\x9e\xf1\xef\x3f\x3e\x14\x6b\xa6\x55\xdf\x98\x69\x6e\xef\x5c"
- "\x5b\xad\x2f\xac\x54\x57\xaa\xeb\x95\xca\xfc\xdc\xfc\xec\xfb\xd7\xdf\xab"
- "\xcc\x2c\xaf\xd6\xaa\xb3\x9d\x7f\x7b\xc6\xf8\xfb\x07\x57\x5f\x3f\xa9\xfd"
- "\x13\x11\xff\x9a\xe8\x54\x8f\xb4\x7f\xfc\x94\xf6\x7f\xe3\xe8\xa5\xfa\xfe"
- "\x3a\xfc\xfa\xbf\x9f\xfe\xe4\x6b\x27\xc4\xff\xd6\xd7\x0f\xda\x7f\xf0\xf4"
- "\xa5\xf1\xe6\x09\xf1\xb3\x31\xf1\x9b\xfd\x02\x1e\xb3\x30\xf1\xdb\xbe\xcb"
- "\x77\x67\xf1\x97\x7a\x3f\xff\xa7\xfe\xfc\xaf\x3e\x67\xfc\x07\x7f\xdd\x59"
- "\x7a\xce\x87\x02\x00\x03\xd0\xdc\xde\x59\x5b\xa8\xd5\xaa\x9b\xe7\x73\x27"
- "\x7b\x7b\x7c\xc2\x63\x4a\x51\x78\x86\x47\x76\x46\x3f\x1b\x69\xd8\x39\xd8"
- "\x49\x4e\xfa\xfd\x39\xcf\x3b\x45\xf7\x4c\xc0\xab\x76\x70\xd3\x17\x9d\x09"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd0\xcf\x20\x3e\x4e\x54\x74"
- "\x1b\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x38\xbf\xfe\x17\x00\x00\xff\xff\x86\xb0\xd4"
- "\xfb",
- 1261);
- syz_mount_image(/*fs=*/0x2000000004c0, /*dir=*/0x200000000100, /*flags=*/0,
- /*opts=*/0x200000000000, /*chdir=*/0x24, /*size=*/0x4ed,
- /*img=*/0x200000000a00);
- memcpy((void*)0x200000000080, "cgroup.controllers\000", 19);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000080ul,
- /*flags=*/0x275a, /*mode=*/0);
- if (res != -1)
- r[53] = res;
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/6);
- if (res != -1)
- r[54] = res;
- *(uint64_t*)0x2000000001c0 = 0;
- *(uint32_t*)0x2000000001c8 = 0;
- *(uint64_t*)0x2000000001d0 = 0x200000000040;
- *(uint64_t*)0x200000000040 = 0x2000000000c0;
- *(uint32_t*)0x2000000000c0 = 0xb8;
- *(uint16_t*)0x2000000000c4 = 0x19;
- *(uint16_t*)0x2000000000c6 = 1;
- *(uint32_t*)0x2000000000c8 = 0;
- *(uint32_t*)0x2000000000cc = 0;
- *(uint8_t*)0x2000000000d0 = 0xfc;
- *(uint8_t*)0x2000000000d1 = 1;
- memset((void*)0x2000000000d2, 0, 13);
- *(uint8_t*)0x2000000000df = 0;
- *(uint8_t*)0x2000000000e0 = 0xfe;
- *(uint8_t*)0x2000000000e1 = 0x88;
- memset((void*)0x2000000000e2, 0, 12);
- *(uint8_t*)0x2000000000ee = 0;
- *(uint8_t*)0x2000000000ef = 1;
- *(uint16_t*)0x2000000000f0 = htobe16(0);
- *(uint16_t*)0x2000000000f2 = htobe16(0);
- *(uint16_t*)0x2000000000f4 = htobe16(0);
- *(uint16_t*)0x2000000000f6 = htobe16(0);
- *(uint16_t*)0x2000000000f8 = 0xa;
- *(uint8_t*)0x2000000000fa = 0;
- *(uint8_t*)0x2000000000fb = 0;
- *(uint8_t*)0x2000000000fc = 0;
- *(uint32_t*)0x200000000100 = 0;
- *(uint32_t*)0x200000000104 = -1;
- *(uint64_t*)0x200000000108 = 0;
- *(uint64_t*)0x200000000110 = 0;
- *(uint64_t*)0x200000000118 = 0;
- *(uint64_t*)0x200000000120 = 0;
- *(uint64_t*)0x200000000128 = 0;
- *(uint64_t*)0x200000000130 = 0;
- *(uint64_t*)0x200000000138 = 0;
- *(uint64_t*)0x200000000140 = 0;
- *(uint64_t*)0x200000000148 = 0;
- *(uint64_t*)0x200000000150 = 0;
- *(uint64_t*)0x200000000158 = 0;
- *(uint64_t*)0x200000000160 = 0;
- *(uint32_t*)0x200000000168 = 0;
- *(uint32_t*)0x20000000016c = 0x6e6bb9;
- *(uint8_t*)0x200000000170 = 1;
- *(uint8_t*)0x200000000171 = 0;
- *(uint8_t*)0x200000000172 = 0;
- *(uint8_t*)0x200000000173 = 0;
- *(uint64_t*)0x200000000048 = 0xb8;
- *(uint64_t*)0x2000000001d8 = 1;
- *(uint64_t*)0x2000000001e0 = 0;
- *(uint64_t*)0x2000000001e8 = 0;
- *(uint32_t*)0x2000000001f0 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[54], /*msg=*/0x2000000001c0ul, /*f=*/0ul);
- memcpy((void*)0x200000000140, "#! ", 3);
- memcpy((void*)0x200000000143, "./file0", 7);
- *(uint8_t*)0x20000000014a = 0x20;
- memcpy((void*)0x20000000014b, "ext4\000", 5);
- *(uint8_t*)0x200000000150 = 0x20;
- memcpy((void*)0x200000000151, "cgroup.controllers\000", 19);
- *(uint8_t*)0x200000000164 = 0x20;
- memcpy((void*)0x200000000165, "ext4\000", 5);
- *(uint8_t*)0x20000000016a = 0x20;
- memset((void*)0x20000000016b, 36, 1);
- *(uint8_t*)0x20000000016c = 0x20;
- memset((void*)0x20000000016d, 0, 1);
- *(uint8_t*)0x20000000016e = 0x20;
- memcpy((void*)0x20000000016f, "\\^}\332%&!,", 8);
- *(uint8_t*)0x200000000177 = 0x20;
- memset((void*)0x200000000178, 0, 1);
- *(uint8_t*)0x200000000179 = 0x20;
- memcpy((void*)0x20000000017a, "cgroup.controllers\000", 19);
- *(uint8_t*)0x20000000018d = 0xa;
- memcpy(
- (void*)0x20000000018e,
- "\x36\x7e\x3a\xa8\xac\x82\xb3\x58\xf8\x0e\x95\xa2\xb5\x36\x01\xf9\x13\x5c"
- "\xe4\x3c\x22\xc3\xb3\x10\x92\xa2\xd9\x6c\x81\x0e\xae\xdf\xae\xc6\x28\x15"
- "\xab\xe9\xd4\x07\x61\x41\x1c\x21\x56\xba\x43\xa9\x29\x8d\x4a\xaf\xb0\x9d"
- "\x25\xa7\xd5\x26\x5c\x41\x75\xc4\x31\x74\xfe\x23\x2b\xfe\xde\x2f\x15\x9a"
- "\x9a\x29\xef\x31\x81\x6a\x28\x67\x7d\x6e\x95\x55\x61\x96\x3a\x34\xf8\xa6"
- "\x83\x89\xe2\xc5\x81\xa3\x57\xe4\x53\x92\x9f\x8d\xb7\x72\xb8\xa7\xb0\x90"
- "\x3a\xb0\x4b\x9d\x4b\xd2\x92\xc7\xc4\xba\x99\xd1\x33\xb3\x66\xe8\x90\x26"
- "\x07\x42\x9a\x82\x44\x9c\xf5\x34\x98\x94\x55\x36\xdd\xdc\x64\xfd\x73\x92"
- "\x46\x9b\xf8\xf0\x3c\x5a\x7d\xa9\x05\xa6\x27\x92\x3b\xdf\xf7\x94\xce\xfd"
- "\x97\x8d\xf5\xc2\xaf\xdb\xd5\x62\x1a\x6e\x53\xa2\x70\x52\xc3\x37\x44\x1c"
- "\x4c\x08\x60\x6a\x19\xc3\x15\x16\x49\x61\xf7\xe9\x86\x84\x01\x89\xed\xf6"
- "\xa7\x6d\xee\x04\xbc\x7f\xa8\x92\xdb\x9f\x63\xb6\x13\x7a\x12\xe9\xd4\xfa"
- "\x23\x2f\xfb\x23\xb5\x12",
- 222);
- syscall(__NR_write, /*fd=*/r[53], /*data=*/0x200000000140ul, /*len=*/0x12cul);
- memcpy((void*)0x200000000280,
- "\x00\x00\x00\x00\x4c\x90\x02\x00\x00\x00\x00\x00\x03\x00\x01\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x23\x7b\x47\xd2"
- "\x1d\xff\xb2\x92\xc8\x8b\x82\x20\x00\x00\x40\x00\x00\x00\x00\x00\x2e"
- "\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- 204);
- syscall(__NR_ioctl, /*fd=*/r[53], /*cmd=*/0xc0c0583b,
- /*arg=*/0x200000000280ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=SOCK_DGRAM*/ 2ul,
- /*proto=*/0);
- if (res != -1)
- r[55] = res;
- *(uint32_t*)0x200000356ffc = 0xffffff40;
- syscall(__NR_setsockopt, /*fd=*/r[55], /*level=*/1,
- /*optname=SO_REUSEPORT*/ 0xf, /*optval=*/0x200000356ffcul,
- /*optlen=*/4ul);
- *(uint16_t*)0x200000000000 = 2;
- *(uint16_t*)0x200000000002 = htobe16(0x6e24);
- *(uint32_t*)0x200000000004 = htobe32(0);
- syscall(__NR_bind, /*fd=*/r[55], /*addr=*/0x200000000000ul,
- /*addrlen=*/0x10ul);
- memcpy((void*)0x200000000440, "ext4\000", 5);
- memcpy((void*)0x200000000480, "./file0\000", 8);
- *(uint8_t*)0x200000000000 = 0;
- memcpy(
- (void*)0x200000000500,
- "\x78\x9c\xec\xdc\x4d\x6f\x15\x55\x1c\x07\xe0\xdf\x4c\x5b\x08\x2f\x5a\x34"
- "\xbe\x56\x94\x0a\x2a\x15\xb4\xa5\xa8\xd5\x85\x1b\xf6\x26\x2e\x64\xe7\xaa"
- "\xa1\x85\x10\x0b\x18\x5a\x13\x21\x2c\x34\xc1\xb8\x91\x85\x89\x71\x69\xe2"
- "\x07\x30\x91\x9d\x89\x1b\x76\x6e\x59\xf0\x01\x58\x1a\x0c\x31\x2c\xb4\xd1"
- "\xc4\xd4\xcc\xed\x1d\x7a\x69\x7b\x0b\x85\xd6\x6b\x98\xe7\x49\xe6\xde\x73"
- "\xe6\x9c\x9b\x73\x66\x4e\xfe\x73\xef\x3d\x73\x32\x01\x1a\x6b\xb8\x7a\x29"
- "\x92\x9d\x49\xae\x25\x19\x5c\xcc\xde\x59\x61\x78\xf1\xed\xcf\x5b\x17\x8e"
- "\xcd\xdf\xba\x70\xac\xc8\xc2\xc2\x07\xbf\x17\xad\x7a\xd5\xbe\xba\x6a\xfd"
- "\xb9\x1d\xd5\x4b\x99\x8c\x94\x49\x79\xb1\xc8\x73\xab\xb4\x3b\x7b\xee\xfc"
- "\x47\x93\x33\x33\xd3\x67\xdb\xf9\xb1\xb9\x53\x1f\x8f\xcd\x9e\x3b\xff\xfa"
- "\xc9\x53\x93\x27\xa6\x4f\x4c\x9f\x1e\x9f\x98\x38\x74\x68\xe2\xed\x89\xb7"
- "\xde\xd9\xb0\x63\x1d\x9a\xfc\xf1\xbb\xdf\x2e\xbd\xff\xf5\xb7\x5f\x7c\x38"
- "\xb6\x67\xa8\xdc\x5b\xf5\x77\x67\xbb\xac\xf3\x38\x36\xca\x70\x86\xef\x3c"
- "\x97\x1d\x5e\xd9\xe8\xc6\x7a\xec\xc9\x8e\x74\xd1\xdf\xc3\x8e\xb0\x2e\x7d"
- "\x49\xaa\xe1\x1a\x68\xc5\xff\x60\xfa\xb2\x34\x78\x83\xf9\xe5\x7a\x4f\x3b"
- "\x07\x6c\xaa\x85\xca\xd6\xae\xc5\x9f\x2d\x00\x0f\xb1\x22\xbd\xee\x01\xd0"
- "\x1b\xf5\x17\x7d\xf5\xff\xb7\xde\xfe\xab\xdf\x1e\xf4\xde\xcd\x23\x8b\x7f"
- "\x00\xeb\xb9\x9d\xf9\xdb\xe3\xdf\x9f\xb2\x5d\x67\x60\xd9\xff\xfb\x8d\x34"
- "\x9c\xe4\xc2\xf5\xf9\xc1\x6a\xcb\x26\xcd\xc3\x00\x00\x00\x00\x34\xd9\x95"
- "\x23\x49\x5e\x5b\x6d\xfe\xaf\xcc\x53\x1d\xf5\xaa\xf4\xd3\x49\x9e\x49\xf2"
- "\x6c\x92\xa1\xa4\xb5\xae\x67\x77\x92\xe7\x93\xbc\x90\x64\x4f\xbd\x9e\x68"
- "\x1d\x96\xd7\x5f\x39\xff\x53\xde\xb8\xaf\x03\xe3\x9e\xdc\x3c\x92\xbc\x9b"
- "\x64\x7e\xc5\xfc\x5f\x3d\xfb\x97\x5d\x7d\xed\xdc\x23\x55\x26\x03\xc5\xf1"
- "\x93\x33\xd3\x87\x92\x3c\x9a\x64\x24\x03\x5b\xab\xfc\xf8\x1a\x6d\x4c\xfe"
- "\xf0\xc7\x4f\xdd\xca\xaa\xf1\xbf\xf6\x73\xdf\x60\xbd\x55\xed\x57\xef\x4b"
- "\x35\xca\x1b\xfd\xcb\xee\x4f\x4f\x4d\xce\x4d\x3e\xc8\x31\xb3\xe4\xe6\xe7"
- "\xc9\x50\xff\x6a\xe3\x5f\xdc\x5e\x09\x54\x24\x79\x31\xc9\xde\xfb\x6c\xe3"
- "\xe2\xa5\xdd\x97\xbb\x95\xdd\x7d\xfc\xd9\x4c\x0b\xdf\x27\xfb\x57\x8d\xff"
- "\xa5\x95\x8b\xc5\xda\xeb\x33\xc7\x5a\xd7\x83\xb1\xfa\xaa\xb0\xd2\xd5\x85"
- "\xe1\xf9\x6e\xed\x1b\xff\xde\xaa\xe2\x7f\xfb\xda\xe3\xbf\xab\xe8\x5c\xaf"
- "\x3b\xbb\xfe\x36\x2e\x0f\xfc\xf5\x4f\xb7\xb2\xfb\xbd\xfe\x6f\x29\x8e\xb6"
- "\x3a\xb8\xa5\xbd\xef\xd3\xc9\xb9\xb9\xb3\xe3\xc9\x96\xe2\xbd\x95\xfb\x0f"
- "\xaf\xbf\xcf\x0f\xab\xfa\x7c\xd4\xe7\xab\x1a\xff\x91\x7d\xab\x7f\xff\x3f"
- "\xde\xfe\x4c\x75\x42\xf7\x25\x79\x29\xc9\xcb\xed\xb5\xcb\xfb\x5b\xdf\xfd"
- "\xc9\xab\x49\x0e\x24\x39\xb8\x46\x9b\x5f\x1e\xf8\xea\x4a\xb7\x32\xf1\xdf"
- "\x5b\xd5\xf8\x4f\xad\x2b\xfe\xd7\x9f\xf8\x7b\xdb\xd1\xab\xdd\xda\xef\xbc"
- "\xff\x5b\x6d\x55\xfb\xf5\xbd\xe0\x45\x55\xfc\xbf\xd9\xea\xcc\x48\x7b\x8f"
- "\xdf\x7f\x77\x77\xaf\x03\xd4\xeb\x7e\x02\x00\x00\x00\x00\x00\x00\xb0\x31"
- "\xca\xd6\x33\xf0\x8a\x72\xf4\x76\xba\x2c\x47\x47\x17\x9f\xe1\xf7\x44\xb6"
- "\x97\x33\x67\x66\xe7\x0e\x1e\x3f\xf3\xc9\xe9\xa9\xc5\x67\xe5\xed\xca\x40"
- "\x59\xaf\xf4\x1a\xec\x58\x0f\x3a\xde\x4a\x2f\xe5\x0f\x2f\xcb\xbf\x91\xe4"
- "\xb1\x24\xdf\xf4\x6d\x6b\xe5\x47\x8f\x9d\x99\x99\xea\xf5\xc1\x43\xc3\xed"
- "\xe8\x12\xff\x95\x5f\xfb\x7a\xdd\x3b\x60\xd3\x79\x5e\x2b\x34\x97\xf8\x87"
- "\xe6\x12\xff\xd0\x5c\xe2\x1f\x9a\x4b\xfc\x43\x73\x89\x7f\x68\x2e\xf1\x0f"
- "\xcd\x25\xfe\xa1\xb9\xc4\x3f\x34\x97\xf8\x87\x46\x7a\x90\xe7\xfa\x49\x48"
- "\x48\x3c\xac\x89\x5e\x5f\x99\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\x1f\xfe\x0d\x00\x00\xff"
- "\xff\xbc\xb0\xdc\x06",
- 1049);
- syz_mount_image(/*fs=*/0x200000000440, /*dir=*/0x200000000480, /*flags=*/0,
- /*opts=*/0x200000000000, /*chdir=*/1, /*size=*/0x419,
- /*img=*/0x200000000500);
- *(uint32_t*)0x20000001d000 = 0;
- *(uint32_t*)0x20000001d004 = 0x80;
- *(uint8_t*)0x20000001d008 = 0;
- *(uint8_t*)0x20000001d009 = 0;
- *(uint8_t*)0x20000001d00a = 0;
- *(uint8_t*)0x20000001d00b = 0;
- *(uint32_t*)0x20000001d00c = 0;
- *(uint64_t*)0x20000001d010 = 0x18a;
- *(uint64_t*)0x20000001d018 = 0;
- *(uint64_t*)0x20000001d020 = 0;
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 0, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 1, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 2, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 3, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 4, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 5, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 6, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 7, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 8, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 9, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 10, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 11, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 12, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 13, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 14, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 15, 2);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 17, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 18, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 19, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 20, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 21, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 22, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 23, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 24, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 25, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 26, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 27, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 28, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 29, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 30, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 31, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 32, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 33, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 34, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 35, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 36, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 37, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 38, 26);
- *(uint32_t*)0x20000001d030 = 0;
- *(uint32_t*)0x20000001d034 = 0;
- *(uint64_t*)0x20000001d038 = 0;
- *(uint64_t*)0x20000001d040 = 0;
- *(uint64_t*)0x20000001d048 = 0;
- *(uint64_t*)0x20000001d050 = 0;
- *(uint32_t*)0x20000001d058 = 0;
- *(uint32_t*)0x20000001d05c = 0;
- *(uint64_t*)0x20000001d060 = 0;
- *(uint32_t*)0x20000001d068 = 0;
- *(uint16_t*)0x20000001d06c = 0;
- *(uint16_t*)0x20000001d06e = 0;
- *(uint32_t*)0x20000001d070 = 0;
- *(uint32_t*)0x20000001d074 = 0;
- *(uint64_t*)0x20000001d078 = 0;
- res = syscall(__NR_perf_event_open, /*attr=*/0x20000001d000ul, /*pid=*/0,
- /*cpu=*/0ul, /*group=*/-1, /*flags=*/0ul);
- if (res != -1)
- r[56] = res;
- *(uint64_t*)0x200000000080 = 0x1ff;
- syscall(__NR_ioctl, /*fd=*/r[56], /*cmd=FIOASYNC*/ 0x5452,
- /*v=*/0x200000000080ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[57] = res;
- *(uint32_t*)0x200000000180 = 7;
- syscall(__NR_setsockopt, /*fd=*/r[57], /*level=*/6,
- /*optname=TCP_FASTOPEN_NO_COOKIE*/ 0x22, /*optval=*/0x200000000180ul,
- /*optlen=*/4ul);
- syscall(__NR_shutdown, /*fd=*/r[57], /*how=*/0ul);
- *(uint32_t*)0x200000000140 = 1;
- syscall(__NR_setsockopt, /*fd=*/r[57], /*level=*/6,
- /*optname=TCP_FASTOPEN_NO_COOKIE*/ 0x22, /*optval=*/0x200000000140ul,
- /*optlen=*/4ul);
- *(uint16_t*)0x200000000040 = 0xa;
- *(uint16_t*)0x200000000042 = htobe16(0);
- *(uint32_t*)0x200000000044 = htobe32(0);
- memset((void*)0x200000000048, 0, 10);
- memset((void*)0x200000000052, 255, 2);
- *(uint32_t*)0x200000000054 = htobe32(0x7f000001);
- *(uint32_t*)0x200000000058 = 0;
- syscall(__NR_connect, /*fd=*/r[57], /*addr=*/0x200000000040ul,
- /*addrlen=*/0x1cul);
- res = syscall(__NR_io_setup, /*n=*/0xa, /*ctx=*/0x200000000080ul);
- if (res != -1)
- r[58] = *(uint64_t*)0x200000000080;
- *(uint64_t*)0x2000000002c0 = 0x200000000000;
- *(uint64_t*)0x200000000000 = 0x180a;
- *(uint32_t*)0x200000000008 = 0;
- *(uint32_t*)0x20000000000c = 0;
- *(uint16_t*)0x200000000010 = 5;
- *(uint16_t*)0x200000000012 = 0;
- *(uint32_t*)0x200000000014 = r[57];
- *(uint64_t*)0x200000000018 = 0;
- *(uint64_t*)0x200000000020 = 0;
- *(uint64_t*)0x200000000028 = 0;
- *(uint64_t*)0x200000000030 = 0;
- *(uint32_t*)0x200000000038 = 0;
- *(uint32_t*)0x20000000003c = -1;
- syscall(__NR_io_submit, /*ctx=*/r[58], /*nr=*/1ul,
- /*iocbpp=*/0x2000000002c0ul);
- *(uint64_t*)0x200000000680 = 0;
- *(uint32_t*)0x200000000688 = 0x21;
- *(uint32_t*)0x20000000068c = 0;
- *(uint32_t*)0x200000000690 = 0;
- syscall(__NR_timer_create, /*id=*/0ul, /*ev=*/0x200000000680ul,
- /*timerid=*/0x200000000100ul);
- syscall(__NR_read, /*fd=*/-1, /*data=*/0x200000000040ul, /*len=*/8ul);
- *(uint64_t*)0x20000006b000 = 0;
- *(uint64_t*)0x20000006b008 = 8;
- *(uint64_t*)0x20000006b010 = 0;
- *(uint64_t*)0x20000006b018 = 9;
- syscall(__NR_timer_settime, /*timerid=*/0, /*flags=*/0ul,
- /*new=*/0x20000006b000ul, /*old=*/0ul);
- res = syscall(__NR_timer_create, /*id=*/0ul, /*ev=*/0ul,
- /*timerid=*/0x200000000200ul);
- if (res != -1)
- r[59] = *(uint32_t*)0x200000000200;
- syscall(__NR_timer_settime, /*timerid=*/r[59], /*flags=*/0ul, /*new=*/0ul,
- /*old=*/0x200000000600ul);
- syscall(__NR_dup2, /*oldfd=*/-1, /*newfd=*/-1);
- res = syscall(__NR_pipe, /*pipefd=*/0x2000000000c0ul);
- if (res != -1)
- r[60] = *(uint32_t*)0x2000000000c4;
- syscall(__NR_write, /*fd=*/r[60], /*data=*/0x200000000000ul,
- /*len=*/0xfffffeccul);
- memcpy((void*)0x200000000640, ".\000", 2);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000640ul,
- /*flags=*/0, /*mode=*/0);
- if (res != -1)
- r[61] = res;
- syscall(__NR_splice, /*fdin=*/r[61], /*offin=*/0ul, /*fdout=*/r[60],
- /*offout=*/0ul, /*len=*/0x597bul, /*f=*/0ul);
- res = syscall(__NR_inotify_init1, /*flags=*/0ul);
- if (res != -1)
- r[62] = res;
- memcpy((void*)0x200000001240, "./file0\000", 8);
- res = syscall(__NR_inotify_add_watch, /*fd=*/r[62], /*file=*/0x200000001240ul,
- /*mask=IN_MODIFY|IN_DELETE_SELF|IN_DELETE*/ 0x602ul);
- if (res != -1)
- r[63] = res;
- syscall(__NR_inotify_rm_watch, /*fd=*/r[62], /*wd=*/r[63]);
- *(uint16_t*)0x200000000140 = 0;
- *(uint16_t*)0x200000000142 = 1;
- *(uint64_t*)0x200000000148 = 0x3f;
- *(uint64_t*)0x200000000150 = 5;
- *(uint32_t*)0x200000000158 = 0;
- *(uint32_t*)0x20000000015c = 0;
- memset((void*)0x200000000160, 0, 16);
- syscall(__NR_ioctl, /*fd=*/r[56], /*cmd=*/0x40305828,
- /*arg=*/0x200000000140ul);
- memcpy((void*)0x200000000080, "./file0\000", 8);
- memcpy((void*)0x200000000200, "trusted.overlay.upper\000", 22);
- syscall(__NR_setxattr, /*path=*/0x200000000080ul, /*name=*/0x200000000200ul,
- /*val=*/0x2000000000c0ul, /*size=*/0x7c8ul, /*flags=*/0ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=SOCK_DGRAM*/ 2ul,
- /*proto=*/0);
- if (res != -1)
- r[64] = res;
- *(uint32_t*)0x200000356ffc = 0xffffff40;
- syscall(__NR_setsockopt, /*fd=*/r[64], /*level=*/1,
- /*optname=SO_REUSEPORT*/ 0xf, /*optval=*/0x200000356ffcul,
- /*optlen=*/4ul);
- syz_sysconfig_reset__proc_sys_net_ipv6_ip6frag_time();
- memcpy((void*)0x200000000140, "./file0\000", 8);
- syscall(__NR_mkdir, /*path=*/0x200000000140ul, /*mode=*/0ul);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- memcpy((void*)0x200000000580, "cgroup2\000", 8);
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x200000000040ul,
- /*type=*/0x200000000580ul, /*flags=*/0ul, /*data=*/0ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/2ul, /*proto=*/0x88);
- if (res != -1)
- r[65] = res;
- *(uint32_t*)0x200000000280 = 5;
- res = syscall(__NR_getsockopt, /*fd=*/r[65], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x200000000240ul, /*optlen=*/0x200000000280ul);
- if (res != -1)
- r[66] = *(uint32_t*)0x200000000244;
- syscall(__NR_setreuid, /*ruid=*/r[66], /*euid=*/r[66]);
- memcpy((void*)0x200000000640, "./file0\000", 8);
- syscall(__NR_chmod, /*file=*/0x200000000640ul, /*mode=*/0ul);
- *(uint32_t*)0x200000000080 = 1;
- *(uint32_t*)0x200000000084 = 1;
- *(uint32_t*)0x200000000088 = 0x18;
- *(uint32_t*)0x20000000008c = -1;
- *(uint32_t*)0x200000000090 = 2;
- memcpy((void*)0x200000000098, "./file0/file0\000", 14);
- res = syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0xc018937e,
- /*arg=*/0x200000000080ul);
- if (res != -1)
- r[67] = *(uint32_t*)0x20000000008c;
- *(uint32_t*)0x200000000180 = 0x74;
- *(uint8_t*)0x200000000184 = 0x29;
- *(uint16_t*)0x200000000185 = 1;
- *(uint32_t*)0x200000000187 = 0;
- *(uint8_t*)0x20000000018b = 0x10;
- *(uint32_t*)0x20000000018c = 0;
- *(uint64_t*)0x200000000190 = 1;
- *(uint64_t*)0x200000000198 = 0;
- *(uint8_t*)0x2000000001a0 = 3;
- *(uint16_t*)0x2000000001a1 = 0xd;
- memcpy((void*)0x2000000001a3, "./file0/file0", 13);
- *(uint8_t*)0x2000000001b0 = 2;
- *(uint32_t*)0x2000000001b1 = 1;
- *(uint64_t*)0x2000000001b5 = 4;
- *(uint64_t*)0x2000000001bd = 7;
- *(uint8_t*)0x2000000001c5 = 4;
- *(uint16_t*)0x2000000001c6 = 7;
- memcpy((void*)0x2000000001c8, "./file0", 7);
- *(uint8_t*)0x2000000001cf = 0x20;
- *(uint32_t*)0x2000000001d0 = 1;
- *(uint64_t*)0x2000000001d4 = 1;
- *(uint64_t*)0x2000000001dc = 0x20;
- *(uint8_t*)0x2000000001e4 = 0x1f;
- *(uint16_t*)0x2000000001e5 = 0xd;
- memcpy((void*)0x2000000001e7, "./file0/file0", 13);
- syscall(__NR_write, /*fd=*/r[67], /*data=*/0x200000000180ul, /*size=*/0x74ul);
- memcpy((void*)0x200000000000, "./file0/file0\000", 14);
- syscall(__NR_faccessat, /*dirfd=*/-1, /*pathname=*/0x200000000000ul,
- /*mode=S_IXGRP|S_IWGRP*/ 0x18ul);
- memcpy((void*)0x200000000800, "./control\000", 10);
- res = syscall(__NR_creat, /*file=*/0x200000000800ul, /*mode=*/0ul);
- if (res != -1)
- r[68] = res;
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[69] = res;
- syscall(__NR_setsockopt, /*fd=*/r[69], /*level=*/0x29,
- /*optname=IPV6_AUTOFLOWLABEL*/ 0x46, /*optval=*/0ul, /*optlen=*/0ul);
- *(uint32_t*)0x200000000200 = 1;
- syscall(__NR_setsockopt, /*fd=*/r[69], /*level=*/6,
- /*optname=TCP_FASTOPEN_NO_COOKIE*/ 0x22, /*optval=*/0x200000000200ul,
- /*optlen=*/4ul);
- memset((void*)0x200000000240, 196, 1);
- *(uint16_t*)0x200000b63fe4 = 0xa;
- *(uint16_t*)0x200000b63fe6 = htobe16(0);
- *(uint32_t*)0x200000b63fe8 = htobe32(0);
- memset((void*)0x200000b63fec, 0, 16);
- *(uint32_t*)0x200000b63ffc = 0;
- syscall(__NR_sendto, /*fd=*/r[69], /*buf=*/0x200000000240ul, /*len=*/1ul,
- /*f=MSG_FASTOPEN|MSG_OOB|MSG_DONTWAIT|MSG_DONTROUTE|MSG_CONFIRM*/
- 0x20000845ul, /*addr=*/0x200000b63fe4ul, /*addrlen=*/0x1cul);
- *(uint32_t*)0x200000000080 = 0xd;
- syscall(__NR_setsockopt, /*fd=*/r[68], /*level=*/0, /*opt=*/0xd4,
- /*val=*/0x200000000080ul, /*len=*/4ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/6);
- if (res != -1)
- r[70] = res;
- syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul,
- /*proto=NETLINK_FIB_LOOKUP*/ 0xa);
- syscall(__NR_socket, /*domain=*/0xaul,
- /*type=SOCK_CLOEXEC|SOCK_DGRAM*/ 0x80002ul, /*proto=*/0);
- memcpy((void*)0x200000000440, "ext4\000", 5);
- memcpy((void*)0x200000000480, "./file0\000", 8);
- *(uint8_t*)0x200000000000 = 0;
- memcpy(
- (void*)0x200000000500,
- "\x78\x9c\xec\xdc\x4d\x6f\x15\x55\x1c\x07\xe0\xdf\x4c\x5b\x08\x2f\x5a\x34"
- "\xbe\x56\x94\x0a\x2a\x15\xb4\xa5\xa8\xd5\x85\x1b\xf6\x26\x2e\x64\xe7\xaa"
- "\xa1\x85\x10\x0b\x18\x5a\x13\x21\x2c\x34\xc1\xb8\x91\x85\x89\x71\x69\xe2"
- "\x07\x30\x91\x9d\x89\x1b\x76\x6e\x59\xf0\x01\x58\x1a\x0c\x31\x2c\xb4\xd1"
- "\xc4\xd4\xcc\xed\x1d\x7a\x69\x7b\x0b\x85\xd6\x6b\x98\xe7\x49\xe6\xde\x73"
- "\xe6\x9c\x9b\x73\x66\x4e\xfe\x73\xef\x3d\x73\x32\x01\x1a\x6b\xb8\x7a\x29"
- "\x92\x9d\x49\xae\x25\x19\x5c\xcc\xde\x59\x61\x78\xf1\xed\xcf\x5b\x17\x8e"
- "\xcd\xdf\xba\x70\xac\xc8\xc2\xc2\x07\xbf\x17\xad\x7a\xd5\xbe\xba\x6a\xfd"
- "\xb9\x1d\xd5\x4b\x99\x8c\x94\x49\x79\xb1\xc8\x73\xab\xb4\x3b\x7b\xee\xfc"
- "\x47\x93\x33\x33\xd3\x67\xdb\xf9\xb1\xb9\x53\x1f\x8f\xcd\x9e\x3b\xff\xfa"
- "\xc9\x53\x93\x27\xa6\x4f\x4c\x9f\x1e\x9f\x98\x38\x74\x68\xe2\xed\x89\xb7"
- "\xde\xd9\xb0\x63\x1d\x9a\xfc\xf1\xbb\xdf\x2e\xbd\xff\xf5\xb7\x5f\x7c\x38"
- "\xb6\x67\xa8\xdc\x5b\xf5\x77\x67\xbb\xac\xf3\x38\x36\xca\x70\x86\xef\x3c"
- "\x97\x1d\x5e\xd9\xe8\xc6\x7a\xec\xc9\x8e\x74\xd1\xdf\xc3\x8e\xb0\x2e\x7d"
- "\x49\xaa\xe1\x1a\x68\xc5\xff\x60\xfa\xb2\x34\x78\x83\xf9\xe5\x7a\x4f\x3b"
- "\x07\x6c\xaa\x85\xca\xd6\xae\xc5\x9f\x2d\x00\x0f\xb1\x22\xbd\xee\x01\xd0"
- "\x1b\xf5\x17\x7d\xf5\xff\xb7\xde\xfe\xab\xdf\x1e\xf4\xde\xcd\x23\x8b\x7f"
- "\x00\xeb\xb9\x9d\xf9\xdb\xe3\xdf\x9f\xb2\x5d\x67\x60\xd9\xff\xfb\x8d\x34"
- "\x9c\xe4\xc2\xf5\xf9\xc1\x6a\xcb\x26\xcd\xc3\x00\x00\x00\x00\x34\xd9\x95"
- "\x23\x49\x5e\x5b\x6d\xfe\xaf\xcc\x53\x1d\xf5\xaa\xf4\xd3\x49\x9e\x49\xf2"
- "\x6c\x92\xa1\xa4\xb5\xae\x67\x77\x92\xe7\x93\xbc\x90\x64\x4f\xbd\x9e\x68"
- "\x1d\x96\xd7\x5f\x39\xff\x53\xde\xb8\xaf\x03\xe3\x9e\xdc\x3c\x92\xbc\x9b"
- "\x64\x7e\xc5\xfc\x5f\x3d\xfb\x97\x5d\x7d\xed\xdc\x23\x55\x26\x03\xc5\xf1"
- "\x93\x33\xd3\x87\x92\x3c\x9a\x64\x24\x03\x5b\xab\xfc\xf8\x1a\x6d\x4c\xfe"
- "\xf0\xc7\x4f\xdd\xca\xaa\xf1\xbf\xf6\x73\xdf\x60\xbd\x55\xed\x57\xef\x4b"
- "\x35\xca\x1b\xfd\xcb\xee\x4f\x4f\x4d\xce\x4d\x3e\xc8\x31\xb3\xe4\xe6\xe7"
- "\xc9\x50\xff\x6a\xe3\x5f\xdc\x5e\x09\x54\x24\x79\x31\xc9\xde\xfb\x6c\xe3"
- "\xe2\xa5\xdd\x97\xbb\x95\xdd\x7d\xfc\xd9\x4c\x0b\xdf\x27\xfb\x57\x8d\xff"
- "\xa5\x95\x8b\xc5\xda\xeb\x33\xc7\x5a\xd7\x83\xb1\xfa\xaa\xb0\xd2\xd5\x85"
- "\xe1\xf9\x6e\xed\x1b\xff\xde\xaa\xe2\x7f\xfb\xda\xe3\xbf\xab\xe8\x5c\xaf"
- "\x3b\xbb\xfe\x36\x2e\x0f\xfc\xf5\x4f\xb7\xb2\xfb\xbd\xfe\x6f\x29\x8e\xb6"
- "\x3a\xb8\xa5\xbd\xef\xd3\xc9\xb9\xb9\xb3\xe3\xc9\x96\xe2\xbd\x95\xfb\x0f"
- "\xaf\xbf\xcf\x0f\xab\xfa\x7c\xd4\xe7\xab\x1a\xff\x91\x7d\xab\x7f\xff\x3f"
- "\xde\xfe\x4c\x75\x42\xf7\x25\x79\x29\xc9\xcb\xed\xb5\xcb\xfb\x5b\xdf\xfd"
- "\xc9\xab\x49\x0e\x24\x39\xb8\x46\x9b\x5f\x1e\xf8\xea\x4a\xb7\x32\xf1\xdf"
- "\x5b\xd5\xf8\x4f\xad\x2b\xfe\xd7\x9f\xf8\x7b\xdb\xd1\xab\xdd\xda\xef\xbc"
- "\xff\x5b\x6d\x55\xfb\xf5\xbd\xe0\x45\x55\xfc\xbf\xd9\xea\xcc\x48\x7b\x8f"
- "\xdf\x7f\x77\x77\xaf\x03\xd4\xeb\x7e\x02\x00\x00\x00\x00\x00\x00\xb0\x31"
- "\xca\xd6\x33\xf0\x8a\x72\xf4\x76\xba\x2c\x47\x47\x17\x9f\xe1\xf7\x44\xb6"
- "\x97\x33\x67\x66\xe7\x0e\x1e\x3f\xf3\xc9\xe9\xa9\xc5\x67\xe5\xed\xca\x40"
- "\x59\xaf\xf4\x1a\xec\x58\x0f\x3a\xde\x4a\x2f\xe5\x0f\x2f\xcb\xbf\x91\xe4"
- "\xb1\x24\xdf\xf4\x6d\x6b\xe5\x47\x8f\x9d\x99\x99\xea\xf5\xc1\x43\xc3\xed"
- "\xe8\x12\xff\x95\x5f\xfb\x7a\xdd\x3b\x60\xd3\x79\x5e\x2b\x34\x97\xf8\x87"
- "\xe6\x12\xff\xd0\x5c\xe2\x1f\x9a\x4b\xfc\x43\x73\x89\x7f\x68\x2e\xf1\x0f"
- "\xcd\x25\xfe\xa1\xb9\xc4\x3f\x34\x97\xf8\x87\x46\x7a\x90\xe7\xfa\x49\x48"
- "\x48\x3c\xac\x89\x5e\x5f\x99\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\x1f\xfe\x0d\x00\x00\xff"
- "\xff\xbc\xb0\xdc\x06",
- 1049);
- syz_mount_image(/*fs=*/0x200000000440, /*dir=*/0x200000000480, /*flags=*/0,
- /*opts=*/0x200000000000, /*chdir=*/1, /*size=*/0x419,
- /*img=*/0x200000000500);
- memcpy((void*)0x200000000040, "./file2\000", 8);
- res = syscall(
- __NR_open, /*file=*/0x200000000040ul,
- /*flags=O_TRUNC|O_SYNC|O_NOFOLLOW|O_NOCTTY|O_LARGEFILE|O_EXCL|0x82002*/
- 0x1ab382ul, /*mode=*/0ul);
- if (res != -1)
- r[71] = res;
- syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0xc);
- syscall(__NR_write, /*fd=*/-1, /*data=*/0x200000000280ul, /*len=*/0xfd14ul);
- syscall(__NR_write, /*fd=*/-1, /*data=*/0ul, /*size=*/0ul);
- syscall(__NR_chdir, /*dir=*/0ul);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0ul, /*flags=*/0x275a,
- /*mode=*/0);
- if (res != -1)
- r[72] = res;
- syscall(__NR_getsockopt, /*fd=*/-1, /*level=*/1, /*optname=*/0x11,
- /*optval=*/0ul, /*optlen=*/0ul);
- *(uint32_t*)0x20000001d000 = 0;
- *(uint32_t*)0x20000001d004 = 0x80;
- *(uint8_t*)0x20000001d008 = 0;
- *(uint8_t*)0x20000001d009 = 0;
- *(uint8_t*)0x20000001d00a = 0;
- *(uint8_t*)0x20000001d00b = 0;
- *(uint32_t*)0x20000001d00c = 0;
- *(uint64_t*)0x20000001d010 = 0;
- *(uint64_t*)0x20000001d018 = 0;
- *(uint64_t*)0x20000001d020 = 5;
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 0, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 1, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 2, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 3, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 4, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 5, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 6, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 7, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 8, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 9, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 10, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 11, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 12, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 13, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 14, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 15, 2);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 17, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 18, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 19, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 20, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 21, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 22, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 23, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 24, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 25, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 26, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 27, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 28, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 29, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 30, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 31, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 32, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 33, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 34, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 35, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 36, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 37, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 38, 26);
- *(uint32_t*)0x20000001d030 = 0;
- *(uint32_t*)0x20000001d034 = 0;
- *(uint64_t*)0x20000001d038 = 0;
- *(uint64_t*)0x20000001d040 = 0;
- *(uint64_t*)0x20000001d048 = 0;
- *(uint64_t*)0x20000001d050 = 0;
- *(uint32_t*)0x20000001d058 = 0;
- *(uint32_t*)0x20000001d05c = 6;
- *(uint64_t*)0x20000001d060 = 0;
- *(uint32_t*)0x20000001d068 = 0;
- *(uint16_t*)0x20000001d06c = 0;
- *(uint16_t*)0x20000001d06e = 0;
- *(uint32_t*)0x20000001d070 = 7;
- *(uint32_t*)0x20000001d074 = 0;
- *(uint64_t*)0x20000001d078 = 0;
- syscall(__NR_perf_event_open, /*attr=*/0x20000001d000ul, /*pid=*/0,
- /*cpu=*/-1, /*group=*/-1, /*flags=*/0ul);
- memcpy((void*)0x200000000000, "#! ", 3);
- *(uint8_t*)0x200000000003 = 0xa;
- syscall(__NR_write, /*fd=*/r[72], /*data=*/0x200000000000ul,
- /*len=*/0x208e24bul);
- syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0xb36000ul,
- /*prot=*/0ul, /*flags=MAP_FIXED*/ 0x10ul, /*fd=*/r[72],
- /*offset=*/0ul);
- syscall(__NR_sendmsg, /*fd=*/-1, /*msg=*/0ul, /*f=*/0ul);
- *(uint32_t*)0x2000000000c0 = 0xb;
- *(uint8_t*)0x2000000000c4 = 0x29;
- *(uint16_t*)0x2000000000c5 = 3;
- *(uint32_t*)0x2000000000c7 = 0;
- syscall(__NR_write, /*fd=*/r[72], /*data=*/0x2000000000c0ul, /*size=*/0xbul);
- *(uint64_t*)0x200000000240 = 0;
- syscall(__NR_sendfile, /*fdout=*/r[71], /*fdin=*/r[71],
- /*off=*/0x200000000240ul, /*count=*/7ul);
- memcpy((void*)0x200000000040, "./file2\000", 8);
- res = syscall(__NR_open, /*file=*/0x200000000040ul,
- /*flags=O_SYNC|O_CREAT|O_CLOEXEC|O_RDWR*/ 0x181042ul,
- /*mode=*/0ul);
- if (res != -1)
- r[73] = res;
- *(uint32_t*)0x200000000280 = 0x8b;
- *(uint8_t*)0x200000000284 = 0x29;
- *(uint16_t*)0x200000000285 = 1;
- *(uint32_t*)0x200000000287 = 2;
- *(uint8_t*)0x20000000028b = 1;
- *(uint32_t*)0x20000000028c = 2;
- *(uint64_t*)0x200000000290 = 7;
- *(uint64_t*)0x200000000298 = 0x1ff;
- *(uint8_t*)0x2000000002a0 = 2;
- *(uint16_t*)0x2000000002a1 = 9;
- memcpy((void*)0x2000000002a3, "./control", 9);
- *(uint8_t*)0x2000000002ac = 0x40;
- *(uint32_t*)0x2000000002ad = 0;
- *(uint64_t*)0x2000000002b1 = 1;
- *(uint64_t*)0x2000000002b9 = 0x49b;
- *(uint8_t*)0x2000000002c1 = 0x61;
- *(uint16_t*)0x2000000002c2 = 7;
- memcpy((void*)0x2000000002c4, "./file0", 7);
- *(uint8_t*)0x2000000002cb = 8;
- *(uint32_t*)0x2000000002cc = 2;
- *(uint64_t*)0x2000000002d0 = 8;
- *(uint64_t*)0x2000000002d8 = 8;
- *(uint8_t*)0x2000000002e0 = 0;
- *(uint16_t*)0x2000000002e1 = 9;
- memcpy((void*)0x2000000002e3, "./control", 9);
- *(uint8_t*)0x2000000002ec = 8;
- *(uint32_t*)0x2000000002ed = 1;
- *(uint64_t*)0x2000000002f1 = 3;
- *(uint64_t*)0x2000000002f9 = 4;
- *(uint8_t*)0x200000000301 = 0x80;
- *(uint16_t*)0x200000000302 = 7;
- memcpy((void*)0x200000000304, "./file0", 7);
- syscall(__NR_write, /*fd=*/r[73], /*data=*/0x200000000280ul, /*size=*/0x8bul);
- *(uint64_t*)0x200000000240 = 0;
- syscall(__NR_sendfile, /*fdout=*/r[73], /*fdin=*/r[73],
- /*off=*/0x200000000240ul, /*count=*/0x7f06ul);
- *(uint64_t*)0x200000000180 = 0;
- *(uint32_t*)0x200000000188 = 0;
- *(uint64_t*)0x200000000190 = 0x200000000000;
- *(uint64_t*)0x200000000000 = 0x200000000d80;
- memcpy(
- (void*)0x200000000d80,
- "\x50\x00\x13\x1f\x00\x00\x00\x00\x0a\x01\x39\xad\x83\xfa\x15\x38\xd6\x34"
- "\x00\x00\x00\x00\x00\x00\xe0\x00\x00\x01\x00\x00\x00\x00\xf7\xff\xfe\xd4"
- "\xff\xff\xff\xff\x02\x00\xab\xcd\x2d\xb9\x90\xb2\xe9\x6f\x00\x00\x00\x00"
- "\x67\xd9\x00\x01\x01\x00\x00\x84\xe3\xcc\xe4\x18\x81\xff\xff\xff\xff\xe3"
- "\x00\x00\x00\x00\x00\x72\xdf\x04\xe7\xbb\x0c\x33\x8c\x81\x67\x42\xed\xcc"
- "\xcc\x0b\xfc\xed\x63\x7d\xcc\xdb\x7e\x3a\xe5\x32\x4c\xaa\x99\x62\xfd\x9d"
- "\x52\xee\x50\xf9\x52\xbd\x74\x7b\x8a\x29\xa5\x53\x59\xeb\x1e\x51\x8e\xee"
- "\x8d\xa8\x6e\x65\xe4\x64\x99\x40\xa8\x40\x4f\xb0\x26\xb8\x25\xf5\x63\xca"
- "\xd0\x4b\x13\xd5\x02\xf7\x53\x0a\xe6\xa7\xf3\xd0\xb0\xd5\x83\x85\x18\x83"
- "\xbd\xd9\xc0\xd9\x39\xc5\x51\x60\xee\x85\xf8\x4e\xfd\x88\xeb\x5c\xce\xfd"
- "\x31\x0e\x83\xb4\xa7\xb8\x7f\xf1\x9d\xff\x07\x40\xb0\xaa\x24\x92\x3a\x6b"
- "\x6d\x1e\xd7\x07\x9e\xcb\xfe\x18\x16\x47\xb9\x75\x43\x3a\x94\x7d\x5d\xc7"
- "\x20\x23\xd7\x51\xe1\xcd\x83\x6b\xeb\x64\x01\x2f\xa6\x49\x31\x1e\x93",
- 233);
- sprintf((char*)0x200000000e69, "%020llu", (long long)r[69]);
- sprintf((char*)0x200000000e7d, "0x%016llx", (long long)r[70]);
- memcpy(
- (void*)0x200000000e8f,
- "\x0a\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x04\xd2\x32\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\xfc\xff\xff\xff\xff\xff\xff\xff\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0a\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x60\x00\x02\x00\x63\x62\x63\x28\x61\x65\x73\x29"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\xc0\x00\x00\x00\x60\x6d\xdc\x76\x8e\x38\xbe\x5f\x49\xab\x9e\x96"
- "\xac\xa8\x3e\x9d\x06\xf4\x2e\xba\xa3\xc0\xa0\xb2",
- 264);
- *(uint64_t*)0x200000000008 = 0x150;
- *(uint64_t*)0x200000000198 = 1;
- *(uint64_t*)0x2000000001a0 = 0;
- *(uint64_t*)0x2000000001a8 = 0;
- *(uint32_t*)0x2000000001b0 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[70], /*msg=*/0x200000000180ul,
- /*f=MSG_FASTOPEN|MSG_DONTROUTE*/ 0x20000004ul);
- res = syscall(__NR_socket, /*domain=*/0x11ul, /*type=SOCK_DGRAM*/ 2ul,
- /*proto=*/0x300);
- if (res != -1)
- r[74] = res;
- syscall(__NR_recvfrom, /*fd=*/r[74], /*buf=*/0ul, /*len=*/0ul,
- /*f=MSG_ERRQUEUE*/ 0x2000ul, /*addr=*/0ul, /*addrlen=*/0ul);
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x5301, 0);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x3f);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x12000);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/2);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/1);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x101);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/8);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x80);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x800000);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x7fffffff);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x7fff);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/8);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/6);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0xffff8000);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/2);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/8);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0xfff);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/4);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/5);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/6);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/4);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x1000);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/8);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/-1);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/7);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x1ff);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x88c);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x3fbb);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0x15);
- syz_proconfig_set__sys_devices_pci0000_00_0000_00_03_0_net_eth0_mtu(
- /*val=*/0);
- memcpy((void*)0x200000000400, "/dev/net/tun\000", 13);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000400ul, /*flags=O_RDWR*/ 2, /*mode=*/0);
- if (res != -1)
- r[75] = res;
- memset((void*)0x200000000280, 0, 16);
- *(uint16_t*)0x200000000290 = 0x4009;
- syscall(__NR_ioctl, /*fd=*/r[75], /*cmd=*/0x400454ca,
- /*arg=*/0x200000000280ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[76] = res;
- res = syscall(__NR_dup2, /*oldfd=*/r[75], /*newfd=*/r[76]);
- if (res != -1)
- r[77] = res;
- memcpy((void*)0x200000000300,
- "\x00\x00\x00\x00\x04\x01\x00\x00\x01\x00\x00\x00\x88\x96", 14);
- syscall(__NR_write, /*fd=*/r[77], /*buf=*/0x200000000300ul,
- /*count=*/0xfdeful);
- memcpy((void*)0x2000000002c0, "./file0\000", 8);
- syscall(__NR_mkdir, /*path=*/0x2000000002c0ul, /*mode=*/0ul);
- memcpy((void*)0x200000000140, "./file0\000", 8);
- memcpy((void*)0x200000000580, "cgroup2\000", 8);
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x200000000140ul,
- /*type=*/0x200000000580ul, /*flags=*/0ul, /*data=*/0ul);
- memcpy((void*)0x200000000140, "./file0\000", 8);
- syscall(__NR_mkdir, /*path=*/0x200000000140ul, /*mode=*/0ul);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- memcpy((void*)0x200000000040, "ramfs\000", 6);
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x200000000000ul,
- /*type=*/0x200000000040ul, /*flags=*/0ul, /*data=*/0ul);
- memcpy((void*)0x200000000280, "./file0\000", 8);
- syscall(__NR_chdir, /*dir=*/0x200000000280ul);
- memcpy((void*)0x200000000080, "./file0\000", 8);
- memcpy((void*)0x2000000002c0, "./file0\000", 8);
- syscall(__NR_symlink, /*old=*/0x200000000080ul, /*new=*/0x2000000002c0ul);
- memcpy((void*)0x200000000180, "ext4\000", 5);
- memcpy((void*)0x2000000000c0, "./file0\000", 8);
- memcpy((void*)0x2000000001c0, "dioread_nolock", 14);
- *(uint8_t*)0x2000000001ce = 0x2c;
- memcpy((void*)0x2000000001cf, "grpquota", 8);
- *(uint8_t*)0x2000000001d7 = 0x2c;
- memcpy((void*)0x2000000001d8, "debug_want_extra_isize", 22);
- *(uint8_t*)0x2000000001ee = 0x3d;
- sprintf((char*)0x2000000001ef, "0x%016llx", (long long)0x5c);
- *(uint8_t*)0x200000000201 = 0x2c;
- memcpy((void*)0x200000000202, "journal_ioprio", 14);
- *(uint8_t*)0x200000000210 = 0x3d;
- sprintf((char*)0x200000000211, "0x%016llx", (long long)5);
- *(uint8_t*)0x200000000223 = 0x2c;
- memcpy((void*)0x200000000224, "errors=continue", 15);
- *(uint8_t*)0x200000000233 = 0x2c;
- memcpy((void*)0x200000000234, "errors=continue", 15);
- *(uint8_t*)0x200000000243 = 0x2c;
- memcpy((void*)0x200000000244, "usrjquota=", 10);
- *(uint8_t*)0x20000000024e = 0x2c;
- *(uint8_t*)0x20000000024f = 0;
- memcpy(
- (void*)0x200000000d00,
- "\x78\x9c\xec\xdb\xcf\x6f\x14\x55\x1c\x00\xf0\xef\xcc\xb6\xa0\x08\xb4\x22"
- "\xfe\x00\x51\xab\x68\x6c\xfc\xd1\xd2\x82\xca\xc1\x8b\x46\x13\x0f\x9a\x98"
- "\xe8\x01\x8f\xb5\x2d\x04\x59\xa8\xa1\x35\x11\x42\xb4\x1a\x83\x47\x43\xe2"
- "\xdd\x78\x34\xf1\x2f\xf0\xa4\x17\xa3\x9e\x4c\xbc\xea\xdd\x90\x10\xed\x05"
- "\xf4\x62\xcd\xcc\xce\x94\xed\x76\xb7\xf4\xc7\x96\x6d\xbb\x9f\x4f\x32\xed"
- "\x7b\x3b\x6f\xf7\xbd\xef\xbe\x79\x3b\x6f\xe6\xed\x06\xd0\xb5\x06\xb2\x3f"
- "\x49\xc4\xee\x88\xf8\x3d\x22\xfa\x6a\xd9\xc5\x05\x06\x6a\xff\x6e\xcc\x5d"
- "\x1a\xff\x67\xee\xd2\x78\x12\xf3\xf3\x6f\xfd\x95\xe4\xe5\xae\xcf\x5d\x1a"
- "\x2f\x8b\x96\xcf\xbb\xab\xc8\x0c\xa6\x11\xe9\x67\x49\x51\xc9\x62\xd3\x17"
- "\x2e\x9e\x19\xab\x56\x27\xcf\x17\xf9\xe1\x99\xb3\xef\x0f\x4f\x5f\xb8\xf8"
- "\xec\xe9\xb3\x63\xa7\x26\x4f\x4d\x9e\x1b\x3d\x7e\xfc\xd8\xd1\x91\x17\x9e"
- "\x1f\x7d\xae\x2d\x71\x66\x71\x5d\x3f\xf8\xd1\xd4\xa1\x03\xaf\xbd\x73\xe5"
- "\x8d\xf1\x13\x57\xde\xfd\xf9\xdb\xac\xbd\xbb\x8b\xfd\xf5\x71\xb4\xcb\x40"
- "\x16\xf8\xdf\xf3\xb9\xc6\x7d\x4f\xb4\xbb\xb2\x0e\xdb\x53\x97\x4e\x7a\x3a"
- "\xd8\x10\x56\xa5\x12\x11\x59\x77\xf5\xe6\xe3\xbf\x2f\x2a\x71\xb3\xf3\xfa"
- "\xe2\xd5\x4f\x3b\xda\x38\x60\x43\x65\xe7\xa6\x9d\xad\x77\xcf\x26\xc9\x3c"
- "\xb0\x6d\x25\xd1\xe9\x16\x00\x9d\x51\x9e\xe8\xb3\xeb\xdf\x72\xbb\x4d\x53"
- "\x8f\x4d\xe1\xda\x4b\xb5\x0b\xa0\x2c\xee\x1b\xc5\x56\xdb\xd3\x13\x69\x51"
- "\xa6\xb7\xe1\xfa\xb6\x9d\x06\x22\xe2\xc4\xec\xbf\x5f\x65\x5b\x6c\xd0\x7d"
- "\x08\x00\x80\x7a\xdf\x67\xf3\x9f\x67\x9a\xcd\xff\xd2\xb8\xaf\xae\xdc\xde"
- "\x62\x0d\xa5\x3f\x22\xee\x8e\x88\x7d\x11\x71\x4f\x44\xec\x8f\x88\x7b\x23"
- "\xf2\xb2\xf7\x47\xc4\x03\xab\xac\xbf\x71\x69\x68\xe9\xfc\x27\xbd\xba\xa6"
- "\xc0\x56\x28\x9b\xff\xbd\x58\xac\x6d\x2d\x9e\xff\x95\xb3\xbf\xe8\xaf\x14"
- "\xb9\x3d\x79\xfc\xbd\xc9\xc9\xd3\xd5\xc9\x23\xc5\x7b\x32\x18\xbd\x3b\xb3"
- "\xfc\xc8\x32\x75\xfc\xf0\xca\x6f\x5f\xb4\xda\x57\x3f\xff\xcb\xb6\xac\xfe"
- "\x72\x2e\x58\xb4\xe3\x6a\x4f\xc3\x0d\xba\x89\xb1\x99\xb1\x7c\x52\xda\x06"
- "\xd7\x3e\x89\x38\xd8\xd3\x2c\xfe\x64\x61\x25\x20\x89\x88\x03\x11\x71\x70"
- "\x75\x2f\xbd\xb7\x4c\x9c\x7e\xea\x9b\x43\xad\x0a\xdd\x3a\xfe\x65\xb4\x61"
- "\x9d\x69\xfe\xeb\x88\x27\x6b\xfd\x3f\x1b\x0d\xf1\x97\x92\xe5\xd7\x27\x87"
- "\xef\x88\xea\xe4\x91\xe1\xf2\xa8\x58\xea\x97\x5f\x2f\xbf\xd9\xaa\xfe\x75"
- "\xc5\xdf\x06\x59\xff\xef\x5a\x7c\xfc\x37\x16\xe9\x4f\xea\xd7\x6b\xa7\x57"
- "\x5f\xc7\xe5\x3f\x3e\x6f\x79\x4d\xb3\xd6\xe3\x7f\x47\xf2\x76\xde\x2f\x3b"
- "\x8a\xc7\x3e\x1c\x9b\x99\x39\x3f\x12\xb1\x23\x79\x3d\xcf\x2f\x7a\x7c\xf4"
- "\xe6\x73\xcb\x7c\x59\x3e\x8b\x7f\xf0\x70\xf3\xf1\xbf\xaf\x78\x4e\x56\xcf"
- "\x83\x11\x91\x1d\xc4\x0f\x45\xc4\xc3\x11\xf1\x48\xd1\xf6\x47\x23\xe2\xb1"
- "\x88\x38\x5c\x56\xf0\xdf\xd2\x18\x7f\x7a\xf9\xf1\xf7\xd6\x1e\xff\xc6\xca"
- "\xe2\x9f\x68\xfa\xf9\xb7\x70\xfc\x37\xf4\xff\xea\x13\x95\x33\x3f\x7e\xd7"
- "\xaa\xfe\x95\xf5\xff\xb1\x3c\x35\x58\x3c\x92\x7f\xfe\xdd\xc2\x4a\x1b\xb8"
- "\x9e\xf7\x0e\x00\x00\x00\xb6\x8a\x34\xff\x0e\x7c\x92\x0e\x2d\xa4\xd3\x74"
- "\x68\xa8\xf6\x1d\xfe\xfd\xb1\x2b\xad\x4e\x4d\xcf\x3c\x7d\x72\xea\x83\x73"
- "\x13\xb5\xef\xca\xf7\x47\x6f\x5a\xde\xe9\xea\xab\xbb\x1f\x3a\x92\xcc\x16"
- "\xaf\x58\xcb\x8f\xc6\x40\x5f\x7d\xfe\x68\x71\xdf\xf8\xcb\xca\x9d\x79\x7e"
- "\x68\x7c\xaa\x3a\xd1\xc9\xc0\x81\x7c\x9c\x37\x1b\xff\x99\x3f\x2b\x9d\x6e"
- "\x1d\xb0\xe1\xfc\x5e\x0b\xba\x57\xe3\xf8\x4f\x3b\xd4\x0e\xe0\xf6\x73\xfe"
- "\x87\xee\x65\xfc\x43\xf7\x32\xfe\xa1\x7b\x35\x1b\xff\x1f\x37\xe4\xad\x05"
- "\xc0\xf6\xe4\xfc\x0f\xdd\xcb\xf8\x87\xee\x65\xfc\x43\xf7\x32\xfe\xa1\x2b"
- "\xad\xe7\x77\xfd\x5b\x2b\x11\xe9\xa6\x68\xc6\xb6\x49\x44\xba\x29\x9a\x21"
- "\xb1\x31\x89\xc6\xfb\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x5b\xd4\xff\x01\x00\x00\xff\xff\x6c\xca\xeb\xbf",
- 1092);
- syz_mount_image(
- /*fs=*/0x200000000180, /*dir=*/0x2000000000c0,
- /*flags=MS_I_VERSION|MS_REC|MS_SYNCHRONOUS|MS_RELATIME|MS_NOATIME|0x300*/
- 0xa04710, /*opts=*/0x2000000001c0, /*chdir=*/1, /*size=*/0x444,
- /*img=*/0x200000000d00);
- syz_open_dev(/*dev=*/0xc, /*major=*/4, /*minor=*/0x15);
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x4b36, 0);
- memcpy((void*)0x200000000100, "./file0\000", 8);
- syscall(__NR_mknod, /*file=*/0x200000000100ul, /*mode=*/0ul, /*dev=*/0);
- *(uint64_t*)0x200000000680 = 0;
- *(uint32_t*)0x200000000688 = 0x21;
- *(uint32_t*)0x20000000068c = 0;
- *(uint32_t*)0x200000000690 = 0;
- syscall(__NR_timer_create, /*id=*/0ul, /*ev=*/0x200000000680ul,
- /*timerid=*/0x200000000100ul);
- *(uint64_t*)0x20000006b000 = 0;
- *(uint64_t*)0x20000006b008 = 8;
- *(uint64_t*)0x20000006b010 = 0;
- *(uint64_t*)0x20000006b018 = 9;
- syscall(__NR_timer_settime, /*timerid=*/0, /*flags=*/0ul,
- /*new=*/0x20000006b000ul, /*old=*/0ul);
- memcpy((void*)0x200000000000, "127.0.0.1\000", 10);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- memcpy((void*)0x200000000080, "9p\000", 3);
- memcpy((void*)0x200000000240, "trans=tcp,", 10);
- memcpy((void*)0x20000000024a, "port", 4);
- *(uint8_t*)0x20000000024e = 0x3d;
- sprintf((char*)0x20000000024f, "0x%016llx", (long long)0);
- *(uint8_t*)0x200000000261 = 0x2c;
- *(uint8_t*)0x200000000262 = 0;
- syscall(__NR_mount, /*src=*/0x200000000000ul, /*dst=*/0x200000000040ul,
- /*type=*/0x200000000080ul, /*flags=*/0ul, /*opts=*/0x200000000240ul);
- memcpy((void*)0x200000000000, "/dev/cdrom\000", 11);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=O_DIRECTORY*/ 0x10000,
- /*mode=*/0);
- if (res != -1)
- r[78] = res;
- *(uint8_t*)0x200000000080 = 0x2b;
- *(uint8_t*)0x200000000081 = 0x16;
- memset((void*)0x200000000082, 0, 6);
- *(uint8_t*)0x200000000088 = 0xf4;
- *(uint8_t*)0x200000000089 = 0xb5;
- memcpy((void*)0x20000000008a,
- "\x37\xc1\x2e\x88\xb5\x1b\xe5\x76\xc5\xbe\x45\x0a\xec\x35\x2c\x3d\xc4"
- "\x64\x88\xbc\x0a\x44\xf5\x00\x9f\x46\xde\xff\xaa\x54\x52\x13\x1a\x9f"
- "\xd8\x91\xaa\x02\x7c\x4e\xaa\xf4\xce\x92\x27\x60\x33\x15\x51\x89\xf0"
- "\x75\x34\x47\x26\x44\xac\x66\xf4\x67\xea\x55\x98\x0b\x29\x34\x1c\x7a"
- "\x43\xdd\x76\x19\x3f\xda\xd3\xf5\x9b\x9d\x09\x8b\x5c\xaa\xcb\x6b\x9e"
- "\x6e\x31\xc2\x65\x76\xf5\x06\x41\x0e\xa5\xce\x0e\x23\xe8\xee\x94\xd3"
- "\xca\xcd\x21\x6a\x3b\xee\xa4\x3c\x1f\x94\x03\xaf\x2c\xba\xc5\xc8\xf0"
- "\x70\x93\x7a\xcc\x93\xa1\x11\x63\x59\x35\x07\x2c\x3a\xa6\x78\x1d\x7b"
- "\x65\x70\xc3\xb0\x9e\xdf\x84\xa5\x5e\x70\x2f\xb7\x07\x71\x73\x37\x12"
- "\xcf\x15\x90\x9e\x9f\x96\x08\x18\xe2\x89\xb4\x48\xce\x5f\x02\x84\x89"
- "\x60\x61\xd6\xab\x20\xa5\x92\x31\x93\x48\x81",
- 181);
- syscall(__NR_setsockopt, /*fd=*/-1, /*level=*/0x29, /*optname=*/0x37,
- /*optval=*/0x200000000080ul, /*optlen=*/0xc0ul);
- memcpy((void*)0x200000000000, "/dev/snd/timer\000", 15);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0, 0);
- if (res != -1)
- r[79] = res;
- syscall(
- __NR_clock_getres,
- /*id=CLOCK_PROCESS_CPUTIME_ID|0x4b54da0c41cf7c50*/ 0x4b54da0c41cf7c52ul,
- /*tp=*/0ul);
- *(uint32_t*)0x200000000140 = 1;
- *(uint32_t*)0x200000000144 = 0;
- *(uint32_t*)0x200000000148 = 0;
- *(uint32_t*)0x20000000014c = 0;
- *(uint32_t*)0x200000000150 = 0;
- memset((void*)0x200000000154, 0, 32);
- syscall(__NR_ioctl, /*fd=*/r[79], /*cmd=*/0x40345410,
- /*arg=*/0x200000000140ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/3ul, /*proto=*/2);
- if (res != -1)
- r[80] = res;
- syscall(__NR_getsockopt, /*fd=*/r[80], /*level=*/1, /*optname=*/0,
- /*optval=*/0ul, /*optlen=*/0ul);
- memcpy(
- (void*)0x200000000940,
- "\0203q}2[\340\232\356\257\003\227\236t\v\"|"
- "Ma\206\347\300\024\237\271h\261\226\347=I\2060S6\265\250\302\225Je%"
- "\376G\'\250\345\217\370\322\034\300\373\034\246\253\bi\344^"
- "\325\375\251\r\2547A\224k\315\t\000\220k\326\005\266&\320\235aA\305\234_"
- "\324\030,\f\324s\262\231/"
- "\300\232\362Oc\300c\003gB!\260\270n\001\233T\225\020\206\350$\177\r["
- "\371\0161v\261\034\210\v\225uy\265:\342\341\334(\375\005\237B\204O\376@"
- "\000\000\000\000\000\000\000\000\000\000\000\000\032\240\212\033\003\"&"
- "\254\312p>\314Z\001\274\030\301\271\351\v\213\234\264Q\324\226EV<>"
- "\t\000\000\000\304tL\352\365W\275#"
- "\317\212\320\350\270\354\004\205\f\357\264\204\355\237/"
- "\324\273\352;-Dp\370\320F\220\370\222Ip6\364\026\350\024\340\222!\222-"
- "F\342\024D\221\250b\004\335\035\a\334\340\030\205{"
- "\200Q\366k\226\372Q\237W\vO\360\344O\\\316S\362\336\0049d\006#"
- "\210\303\337\205O\034\303\255?r\327\016\000\327\203\260\210\234\366Y-"
- "F\230\335\234~\375\225\303\266lC\252\"Y\365\320\267\334\213\027|"
- "\351q\242K\354z\204:*\365Y\321\2331}\233\025\324\354\002o\001&"
- "\252\220w\304\307yn\265\032g\253&?"
- "\276\313\350v\250\340\244\201sW\254f\0249\322}\357CGa\232$4\214\245!"
- "p\203\005\226%\002%\253j\n\b\310NC\221}&"
- "y\323\341\356p\'\305\253\031GsX5\214\n\237h\356;4\261%"
- "V\340\251\216\3630:\330\030N~G\0239\312\257\353o\035\027\325nAp\327\314("
- "A\230 "
- "\000;]\375;\320\234\031v\034\302]"
- "\264Dk\205\344\210\2154\200\231\301i\255\2466\223\v\321/"
- ";6U\344\261\233\247\270\335t8\226\301=W\321\001\333r\311n@"
- "fw\305\272\234\234}\375\214\333gE@N\307\252\210Z\001:\270\206\207#"
- "\365\324L->\271\021_\374h)\274\2525\255\267?\2530{"
- "8\207\346\253\200\272p<\223}"
- "1K\323\202\2651c\300\366\256\352\233ht\221N\021\002\24557\210&\a!"
- "\022D\037y\214\336\236`\253\345\234\320\233\214["
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\302"
- "\365\200\375\004\3544\340\n\252%R\301\273\271:"
- "\017\274\005\315\243\206\276\257\270S\352\234\006["
- "Q\231\003\325J\361\351}*\204\232\337\f\365\356\337H@"
- "\340\016\000\370\217Q;"
- "n2I\373\f\262\320\224\t\335\265\252\352\225\310\037\024\343\243\026\245"
- "\326\375\333\314\336\350q\351\306\265\211\341\304\317\337\\\2750\302~"
- "\355\000\332\351\307\265}"
- "\224\260\034\365\327\034\265\033\0168\252\242\261h\265P\002KQ",
- 737);
- res = syscall(__NR_memfd_create, /*name=*/0x200000000940ul, /*flags=*/0ul);
- if (res != -1)
- r[81] = res;
- memcpy((void*)0x200000000040, "/dev/loop#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000040, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[82] = res;
- syscall(__NR_ioctl, /*fd=*/r[82], /*cmd=*/0x4c06, /*arg=*/r[81]);
- syscall(__NR_ioctl, /*fd=*/r[79], /*cmd=*/0x54a0, 0);
- memcpy((void*)0x200000000000, "/dev/snd/timer\000", 15);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0x20, 0);
- if (res != -1)
- r[83] = res;
- *(uint32_t*)0x200000000140 = 1;
- *(uint32_t*)0x200000000144 = 0;
- *(uint32_t*)0x200000000148 = 0;
- *(uint32_t*)0x20000000014c = 0;
- *(uint32_t*)0x200000000150 = 0;
- memset((void*)0x200000000154, 0, 32);
- syscall(__NR_ioctl, /*fd=*/r[83], /*cmd=*/0x40345410,
- /*arg=*/0x200000000140ul);
- syscall(__NR_ioctl, /*fd=*/r[83], /*cmd=*/0x54a2, 0);
- syscall(__NR_ioctl, /*fd=*/r[79], /*cmd=*/0x54a1, 0);
- *(uint8_t*)0x200000000040 = 0xa;
- syscall(__NR_ioctl, /*fd=*/r[78], /*cmd=*/0x5390, /*arg=*/0x200000000040ul);
- *(uint32_t*)0x20000001d000 = 1;
- *(uint32_t*)0x20000001d004 = 0x80;
- *(uint8_t*)0x20000001d008 = 0;
- *(uint8_t*)0x20000001d009 = 0;
- *(uint8_t*)0x20000001d00a = 0;
- *(uint8_t*)0x20000001d00b = 0;
- *(uint32_t*)0x20000001d00c = 0;
- *(uint64_t*)0x20000001d010 = 0x18a;
- *(uint64_t*)0x20000001d018 = 0x308;
- *(uint64_t*)0x20000001d020 = 6;
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 0, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 1, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 2, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 3, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 4, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 5, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 6, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 7, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 8, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 9, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 10, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 11, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 12, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 13, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 14, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 15, 2);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 17, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 18, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 19, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 20, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 21, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 22, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 23, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 24, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 25, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 26, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 27, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 28, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 29, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 30, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 31, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 32, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 33, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 34, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 35, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 36, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 37, 1);
- STORE_BY_BITMASK(uint64_t, , 0x20000001d028, 0, 38, 26);
- *(uint32_t*)0x20000001d030 = 0;
- *(uint32_t*)0x20000001d034 = 0;
- *(uint64_t*)0x20000001d038 = 3;
- *(uint64_t*)0x20000001d040 = 0xb535;
- *(uint64_t*)0x20000001d048 = 0x107100;
- *(uint64_t*)0x20000001d050 = 2;
- *(uint32_t*)0x20000001d058 = 0;
- *(uint32_t*)0x20000001d05c = 0;
- *(uint64_t*)0x20000001d060 = 0;
- *(uint32_t*)0x20000001d068 = 0;
- *(uint16_t*)0x20000001d06c = 0;
- *(uint16_t*)0x20000001d06e = 0;
- *(uint32_t*)0x20000001d070 = 0x2c6;
- *(uint32_t*)0x20000001d074 = 0;
- *(uint64_t*)0x20000001d078 = 0;
- syscall(__NR_perf_event_open, /*attr=*/0x20000001d000ul, /*pid=*/0,
- /*cpu=*/-1, /*group=*/-1, /*flags=*/0ul);
- memcpy((void*)0x200000000040, "ext4\000", 5);
- memcpy((void*)0x200000000240, "./file0\000", 8);
- *(uint8_t*)0x2000000001c0 = 0;
- memcpy(
- (void*)0x2000000018c0,
- "\x78\x9c\xec\xdd\xcb\x6b\x5c\x65\x1b\x00\xf0\xe7\x4c\x6e\x4d\xda\xef\x4b"
- "\x3e\xf8\x40\xeb\x2a\x20\x68\xa0\x74\x62\x6a\x6c\x15\x5c\x54\x5c\x88\x60"
- "\xa1\xa0\x6b\xdb\x30\x99\x86\x36\x93\x4c\xc9\x4c\x4a\x13\x02\x6d\x11\xc1"
- "\x8d\xa0\xc5\x85\xa0\x9b\xee\x04\x2f\x75\xe7\xd6\xcb\x56\xff\x0b\x17\xd2"
- "\x52\x6c\x1a\x8c\xb8\x90\x91\x33\x99\x69\x27\xcd\x4c\x3a\x69\x6e\x8d\xf9"
- "\xfd\xe0\xb4\xef\x3b\xe7\x4c\x9e\xf7\x39\x97\xf7\xbc\x33\xe7\x30\x27\x80"
- "\x7d\x6b\x30\xfd\x27\x13\x71\x38\x22\x3e\x4a\x22\xfa\x6b\xaf\x27\x11\xd1"
- "\x55\x2d\x75\x46\x9c\x5c\x59\x6e\x79\x71\x21\x97\x4e\x49\x54\x2a\x6f\xff"
- "\x9e\x54\x97\x59\x5a\x5c\xc8\x45\xc3\x7b\x52\x07\x6b\x95\xa7\x23\xe2\xc7"
- "\xf7\x23\x8e\x64\xd6\xc6\x2d\xcd\xcd\x4f\x8e\x15\x0a\xf9\x99\x5a\x7d\xb8"
- "\x3c\x75\x71\xb8\x34\x37\x7f\xf4\xfc\xd4\xd8\x44\x7e\x22\x3f\x7d\x7c\x64"
- "\x74\xf4\xd8\x89\x97\x4e\x1c\xdf\xba\x5c\xff\xf8\x65\xfe\xd0\xed\x8f\xdf"
- "\x78\xfe\x9b\x93\x7f\xbd\xf7\xd4\xcd\x0f\x7f\x4a\xe2\x64\x1c\xaa\xcd\x6b"
- "\xcc\x63\xab\x0c\xc6\x60\x6d\x9d\x74\xa5\xab\x70\x95\xd7\xb7\x3a\xd8\x2e"
- "\x4b\xd6\x99\x77\x60\x07\xdb\xc1\xc6\xa4\x87\x66\xc7\xca\x51\x1e\x87\xa3"
- "\x3f\x3a\xaa\xa5\x16\x7a\x77\xb2\x65\x00\xc0\x76\xb9\x12\x11\x15\x00\x60"
- "\x9f\x49\x9c\xff\x01\x60\x9f\xa9\x7f\x0f\xb0\xb4\xb8\x90\xab\x4f\xeb\x7c"
- "\x5d\xb0\xce\xc5\x81\xbd\xe9\xce\x6b\x2b\x17\xa8\x96\x6a\xd7\x36\x97\xef"
- "\xe7\xdf\x59\xbb\x66\x77\xa0\x7a\x1d\xb4\x6f\x29\x59\x95\x7c\x12\x11\x03"
- "\x5b\x10\x7f\x30\x22\x3e\xff\xee\xdd\xaf\xd2\x29\xb6\xe9\x3a\x24\x40\x33"
- "\x57\xaf\x45\xc4\xd9\x81\xc1\xb5\xfd\x7f\xb2\xe6\x9e\x85\x8d\x7a\xa1\x8d"
- "\x65\x06\x1f\xaa\x37\xf4\x7f\xdd\x9b\x0c\x0f\x3c\xc2\xf7\xe9\xf8\xe7\xe5"
- "\x66\xe3\xbf\xcc\xfd\xf1\x4f\x34\x19\xff\xf4\x34\x39\x76\x1f\xc7\x3a\xc7"
- "\x7f\x4d\xe6\xd6\x16\x84\x69\x29\x1d\xff\xbd\xda\x70\x6f\xdb\x72\x43\xfe"
- "\x35\x03\x1d\xb5\xda\x7f\xaa\x63\xbe\xae\xe4\xdc\xf9\x42\x3e\xed\xdb\xfe"
- "\x1b\x11\x43\xd1\xd5\x93\xd6\x47\xd6\x89\x31\x74\xef\xef\x7b\xad\xe6\x35"
- "\x8e\xff\xee\x5e\xbf\x90\xf6\x79\xb9\xbb\xd7\x2f\x7c\xf9\x60\x89\xcc\xad"
- "\xce\x9e\xd5\xef\x19\x1f\x2b\x8f\x6d\x26\xe7\x46\x77\xae\x45\x3c\xd3\xd9"
- "\x2c\xff\x7a\xff\xbf\x72\x0f\x5b\xb3\xf1\xef\xe9\x36\x63\xbc\xf9\xca\x07"
- "\x9f\xb5\x9a\x97\xe6\x9f\xe6\x5b\x9f\xd2\xf8\xab\xf3\xdf\x5e\x95\x1b\x11"
- "\xcf\x35\xdd\xfe\x0f\xee\x68\x4b\xd6\xbd\x3f\x71\xb8\xba\x3b\x0c\xd7\x77"
- "\x8a\x26\xbe\xfd\xf5\xd3\xbe\x56\xf1\x1b\xb7\x7f\x3a\xa5\xf1\xeb\x9f\x05"
- "\x76\x42\xba\xfd\xfb\xd6\xcf\x7f\x20\x69\xbc\x5f\xb3\xb4\xf1\x18\x3f\xdf"
- "\xe8\xff\xa1\xd5\xbc\x47\xe7\xdf\x7c\xff\xef\x4e\xde\xa9\x96\xeb\x83\x84"
- "\xcb\x63\xe5\xf2\xcc\x48\x44\x77\xf2\xd6\xda\xd7\x8f\x3d\x78\x6f\xbd\x5e"
- "\x5f\x3e\xcd\x7f\xe8\xd9\xee\xa6\xc7\x7f\xbd\xff\x6b\xb6\xff\xa7\x9f\x09"
- "\xcf\xb6\x99\x7f\xe7\xed\x6b\x5f\x3f\x7e\xfe\xdb\x2b\xcd\x7f\x7c\x43\xdb"
- "\x7f\xe3\x85\x9b\xcb\x93\x1d\xad\xe2\xb7\xb7\xfd\x47\xab\xa5\xa1\xda\x2b"
- "\xed\xf4\x7f\xed\x36\x70\x33\xeb\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xda\x95\x89\x88\x43\x91\x64\xb2"
- "\xf7\xcb\x99\x4c\x36\xbb\xf2\x0c\xef\xff\x47\x5f\xa6\x50\x2c\x95\x8f\x9c"
- "\x2b\xce\x4e\x8f\x47\xf5\x59\xd9\x03\xd1\x95\xa9\xff\xd4\x65\x7f\xc3\xef"
- "\xa1\x8e\xd4\x7e\x0f\xbf\x5e\x3f\xf6\x50\xfd\xc5\x88\xf8\x5f\x44\x7c\xd2"
- "\xd3\x5b\xad\x67\x73\xc5\xc2\xf8\x6e\x27\x0f\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x35\x07\x5b\x3c\xff\x3f\xf5\x5b\xcf\x6e\xb7\x0e"
- "\x00\xd8\x36\x07\x76\xbb\x01\x00\xc0\x8e\x73\xfe\x07\x80\xfd\x67\x63\xe7"
- "\xff\xde\x6d\x6b\x07\x00\xb0\x73\x7c\xfe\x07\x80\xfd\xc7\xf9\x1f\x00\xf6"
- "\x1f\xe7\x7f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\xb6\xd9\xe9\x53\xa7\xd2\xa9\xf2\xe7\xe2\x42\x2e\xad\x8f\x5f\x9a\x9b\x9d"
- "\x2c\x5e\x3a\x3a\x9e\x2f\x4d\x66\xa7\x66\x73\xd9\x5c\x71\xe6\x62\x76\xa2"
- "\x58\x9c\x28\xe4\xb3\xb9\xe2\x54\xcb\x3f\x74\x75\xe5\xbf\x42\xb1\x78\x71"
- "\x34\xa6\x67\x2f\x0f\x97\xf3\xa5\xf2\x70\x69\x6e\xfe\xcc\x54\x71\x76\xba"
- "\x7c\xe6\xfc\xd4\xd8\x44\xfe\x4c\xbe\x6b\xc7\x32\x03\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x80\xf6\x95\xe6\xe6\x27\xc7\x0a\x85\xfc\xcc"
- "\x9e\x29\x54\x2a\x95\x2b\x4f\x40\x33\xfe\x0d\x85\x8e\xda\x4e\xf0\xa4\xb4"
- "\x67\xcf\x15\x32\x9b\x58\x75\x5f\xec\x76\xe3\x1f\x51\x68\xec\x25\x7a\x77"
- "\xa7\x73\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x03\xfe\x09\x00\x00"
- "\xff\xff\xaa\x8a\x25\x14",
- 1950);
- syz_mount_image(/*fs=*/0x200000000040, /*dir=*/0x200000000240, /*flags=*/0,
- /*opts=*/0x2000000001c0, /*chdir=*/1, /*size=*/0x79e,
- /*img=*/0x2000000018c0);
- memcpy((void*)0x200000000040, "./bus\000", 6);
- res = syscall(__NR_creat, /*file=*/0x200000000040ul, /*mode=*/0ul);
- if (res != -1)
- r[84] = res;
- *(uint64_t*)0x200000000600 = 0x200000000380;
- memset((void*)0x200000000380, 96, 1);
- *(uint64_t*)0x200000000608 = 1;
- syscall(__NR_pwritev2, /*fd=*/r[84], /*vec=*/0x200000000600ul, /*vlen=*/1ul,
- /*off_low=*/0xac04, /*off_high=*/0, /*flags=*/0ul);
- memcpy((void*)0x200000008140, "./bus\000", 6);
- res =
- syscall(__NR_open, /*file=*/0x200000008140ul,
- /*flags=O_NOFOLLOW|O_NOCTTY|O_NOATIME|O_CREAT|O_RDWR*/ 0x60142ul,
- /*mode=*/0ul);
- if (res != -1)
- r[85] = res;
- syscall(__NR_fallocate, /*fd=*/r[85], /*mode=FALLOC_FL_COLLAPSE_RANGE*/ 8ul,
- /*off=*/0ul, /*len=*/0x8000ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/2ul, /*proto=*/0x88);
- if (res != -1)
- r[86] = res;
- syscall(__NR_socket, /*domain=*/0xaul, /*type=*/2ul, /*proto=*/0x88);
- syscall(__NR_ioctl, /*fd=*/r[86], /*cmd=*/0x89f1, /*arg=*/0ul);
- syscall(__NR_setsockopt, /*fd=*/-1, /*level=*/0, /*optname=*/0x29,
- /*optval=*/0ul, /*optlen=*/0xfe3bul);
- memcpy((void*)0x200000000080, "./bus\000", 6);
- res = syscall(__NR_creat, /*file=*/0x200000000080ul, /*mode=*/0ul);
- if (res != -1)
- r[87] = res;
- memcpy((void*)0x200000000040, "blkio.throttle.io_service_bytes\000", 32);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000040ul,
- /*flags=*/0x275a, /*mode=*/0);
- if (res != -1)
- r[88] = res;
- syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0xb36000ul,
- /*prot=*/0ul,
- /*flags=MAP_STACK|MAP_POPULATE|MAP_FIXED|MAP_SHARED*/ 0x28011ul,
- /*fd=*/r[88], /*offset=*/0ul);
- res = syscall(__NR_socket,
- /*domain=AF_INET6|0x200000000000000*/ 0x20000000000000aul,
- /*type=SOCK_DGRAM*/ 2ul, /*proto=*/0);
- if (res != -1)
- r[89] = res;
- syscall(__NR_ioctl, /*fd=*/r[89], /*cmd=*/0x8916, /*arg=*/0ul);
- syscall(__NR_close_range, /*fd=*/-1, /*max_fd=*/-1,
- /*flags=CLOSE_RANGE_UNSHARE*/ 2ul);
- syscall(__NR_ioperm, /*from=*/0ul, /*num=*/0x800ul, /*on=*/8ul);
- res = syscall(__NR_socket, /*domain=*/1ul, /*type=SOCK_DGRAM*/ 2ul,
- /*proto=*/0);
- if (res != -1)
- r[90] = res;
- syscall(__NR_recvmmsg, /*fd=*/r[90], /*mmsg=*/0ul, /*vlen=*/0ul, /*f=*/0ul,
- /*timeout=*/0ul);
- syscall(__NR_open_by_handle_at, /*mountdirfd=*/r[87], /*handle=*/0ul,
- /*flags=*/0ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[91] = res;
- *(uint32_t*)0x200000000000 = 0xdf;
- syscall(__NR_setsockopt, /*fd=*/r[91], /*level=*/6,
- /*optname=TCP_THIN_LINEAR_TIMEOUTS|TCP_CORK*/ 0x13,
- /*optval=*/0x200000000000ul, /*optlen=*/4ul);
- syscall(__NR_socketpair, /*domain=*/1ul, /*type=*/1ul, /*proto=*/0,
- /*fds=*/0x200000000000ul);
- memcpy((void*)0x2000000000c0, "ext4\000", 5);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- memcpy((void*)0x200000001280, "quota", 5);
- *(uint8_t*)0x200000001285 = 0x2c;
- memcpy((void*)0x200000001286, "noload", 6);
- *(uint8_t*)0x20000000128c = 0x2c;
- memcpy((void*)0x20000000128d, "errors=remount-ro", 17);
- *(uint8_t*)0x20000000129e = 0x2c;
- memcpy((void*)0x20000000129f, "init_itable", 11);
- *(uint8_t*)0x2000000012aa = 0x2c;
- *(uint8_t*)0x2000000012ab = 0;
- memcpy(
- (void*)0x200000001380,
- "\x78\x9c\xec\xdd\x4d\x6f\x1b\x5b\x19\x00\xe0\x77\x26\x49\xf3\x71\x73\x6f"
- "\x72\xc5\x5d\x00\x02\x6e\x29\x85\x82\xaa\xda\x89\xdb\x46\xa8\xab\xb2\xe1"
- "\x43\x55\x25\x44\xc5\x8a\x45\x1b\x12\x37\x8a\x62\xc7\x51\xec\x94\x26\x74"
- "\x91\xfe\x07\x24\x2a\xb1\x82\x9f\xc0\x02\x89\x05\x52\x57\xec\xd9\xc1\x8e"
- "\x4d\xbb\x40\x2a\x50\x81\x1a\x24\x16\x46\x33\xb6\xd3\x24\x8d\x93\x94\x36"
- "\xb6\x6e\xfc\x3c\xd2\x68\xce\x99\x33\xcd\x7b\x4e\xad\x39\xaf\x7b\xdc\xf8"
- "\x04\x30\xb0\xce\x47\xc4\x76\x44\x9c\x8b\x88\x7b\x11\x31\xd5\xbe\x9e\xb4"
- "\x8f\xb8\xd9\x3a\xb2\xfb\x5e\xbd\x7c\xb4\xb0\xf3\xf2\xd1\x42\x12\xcd\xe6"
- "\x9d\x7f\x24\x79\x7b\x76\x2d\xf6\xfc\x99\xcc\x07\xed\x9f\x39\x16\x11\x3f"
- "\xfa\x5e\xc4\x4f\x93\x37\xe3\xd6\x37\xb7\x56\xe6\x2b\x95\xf2\x7a\xbb\x5e"
- "\x6c\x54\xd7\x8a\xf5\xcd\xad\x2b\xcb\xd5\xf9\xa5\xf2\x52\x79\xb5\x54\x9a"
- "\x9b\x9d\x9b\xf9\xf6\xd5\xeb\xa5\xf7\x36\xd6\x4f\xab\xbf\x7d\xf1\xdd\xe5"
- "\x5b\x3f\xfe\xc3\xef\xbf\xfc\xec\x4f\xdb\xdf\xfa\x79\xd6\xad\xc9\x76\xdb"
- "\xde\x71\xbc\x4f\xad\xa1\x8f\xec\xc6\xc9\x0c\x47\xc4\xad\xd3\x08\xd6\x07"
- "\x43\xed\xf1\x9c\xeb\x77\x47\xf8\xbf\xa4\x11\x51\x88\x88\x0b\xf9\xf3\x3f"
- "\x15\x43\xf9\xab\x09\x00\x9c\x65\xcd\xe6\x54\x34\xa7\xf6\xd6\x01\x80\xb3"
- "\x2e\xcd\xd7\xc0\x92\xb4\xd0\x5e\x0b\x98\x8c\x34\x2d\x14\x5a\x6b\x78\x9f"
- "\xc4\x44\x5a\xa9\xd5\x1b\x97\xef\xd7\x36\x56\x17\x5b\x6b\x65\xd3\x31\x92"
- "\xde\x5f\xae\x94\x67\xda\x6b\x85\xd3\x31\x92\x64\xf5\xd9\xbc\xfc\xba\x5e"
- "\x3a\x50\xbf\x1a\x11\x1f\x47\xc4\x2f\x46\xc7\xf3\x7a\x61\xa1\x56\x59\xec"
- "\xe7\x1b\x1f\x00\x18\x60\x1f\x1c\xc8\xff\xff\x1e\x6d\xe5\x7f\x00\xe0\x8c"
- "\x1b\xeb\x77\x07\x00\x80\x9e\x93\xff\x01\x60\xf0\xc8\xff\x00\x30\x78\xe4"
- "\x7f\x00\x18\x3c\xf2\x3f\x00\x0c\x1e\xf9\x1f\x00\x06\x8f\xfc\x0f\x00\x03"
- "\xe5\x87\xb7\x6f\x67\x47\x73\xa7\xfd\xfd\xd7\x8b\x0f\x36\x37\x56\x6a\x0f"
- "\xae\x2c\x96\xeb\x2b\x85\xea\xc6\x42\x61\xa1\xb6\xbe\x56\x58\xaa\xd5\x96"
- "\xf2\xef\xec\xa9\x1e\xf7\xf3\x2a\xb5\xda\xda\xec\xb5\xd8\x78\x58\x6c\x94"
- "\xeb\x8d\x62\x7d\x73\xeb\x6e\xb5\xb6\xb1\xda\xb8\x9b\x7f\xaf\xf7\xdd\xf2"
- "\x48\x4f\x46\x05\x00\x1c\xe5\xe3\x4f\x9f\xfe\x25\x89\x88\xed\x1b\xe3\xf9"
- "\x11\x7b\xf6\x72\x90\xab\xe1\x6c\x4b\xfb\xdd\x01\xa0\x6f\x86\xfa\xdd\x01"
- "\xa0\x6f\x8e\xd9\xed\xeb\x79\xaf\xfa\x01\xf4\x9e\x7f\xe3\xc3\xc0\xfb\xfe"
- "\x21\x5b\xf4\xee\xb3\xe7\xbf\x08\x8d\xef\x6b\x78\x72\x3a\x1d\x02\x4e\xdf"
- "\xa5\x2f\x58\xff\x87\x41\x65\xfd\x1f\x06\x97\xf5\x7f\x18\x5c\xc7\xac\xff"
- "\x03\x67\x58\xb3\x99\xd8\xf3\x1f\x00\x06\x8c\x35\x7e\xe0\x2d\x3e\xff\xdf"
- "\xcf\xe7\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\xb0\xc9\xfc\x48\xd2\x42\x7b\x2f"
- "\xf0\xc9\x48\xd3\x42\x21\xe2\xc3\x88\x98\x8e\x91\xe4\xfe\x72\xa5\x3c\x13"
- "\x11\x1f\x45\xc4\x9f\x47\x47\x46\xb3\xfa\x6c\xbf\x3b\x0d\x00\xbc\xa3\xf4"
- "\x6f\x49\x7b\xff\xaf\x4b\x53\x17\x27\x0f\xb6\x9e\x4b\xfe\x33\x9a\x9f\x23"
- "\xe2\x67\xbf\xba\xf3\xcb\x87\xf3\x8d\xc6\xfa\x6c\x76\xfd\x9f\xbb\xd7\x1b"
- "\x4f\xda\xd7\x4b\xfd\xe8\x3f\x00\x70\x9c\x4e\x9e\xee\xe4\xf1\x8e\x57\x2f"
- "\x1f\x2d\x74\x8e\x5e\xf6\xe7\xc5\x77\x5a\x9b\x8b\x66\x71\x77\xda\x47\xab"
- "\x65\x38\x86\xf3\xf3\x58\x8c\x44\xc4\xc4\xbf\x92\x76\xbd\x25\x7b\xbf\x32"
- "\xf4\x1e\xe2\x6f\x3f\x8e\x88\xcf\x1f\x36\xfe\x24\x5f\x1b\x99\x6e\xef\x7c"
- "\x7a\x30\x7e\x16\xfb\xc3\x9e\xc6\x4f\xf7\xc5\x4f\xf3\xb6\xd6\x39\xfb\xbb"
- "\xf8\xdc\xdb\x87\xee\xba\xa5\x2b\x0c\x8a\xa7\xd9\xfc\x73\xf3\xb0\xe7\x2f"
- "\x8d\xf3\xf9\xf9\xf0\xe7\x7f\x2c\x9f\xa1\xde\x5d\x67\xfe\xdb\x79\x63\xfe"
- "\x4b\x77\xe7\xbf\xa1\x2e\xf3\xdf\xf9\x93\xc6\xb8\xf6\xc7\x1f\x74\x6d\x7b"
- "\x1c\xf1\xc5\xe1\xc3\xe2\x27\xbb\xf1\x93\x2e\xf1\x2f\x1e\x19\xb5\xd9\xec"
- "\x94\xfe\xfa\xa5\xaf\x5c\xe8\x7a\xd7\xaf\x23\x2e\xc5\xe1\xf1\xf7\xc6\x2a"
- "\x36\xaa\x6b\xc5\xfa\xe6\xd6\x95\xe5\xea\xfc\x52\x79\xa9\xbc\x5a\x2a\xcd"
- "\xcd\xce\xcd\x8c\x5f\xbd\x5e\x2a\xe6\x6b\xd4\xc5\xce\x4a\xf5\x9b\xfe\x7e"
- "\xe3\xf2\x47\x47\x8d\x7f\xa2\x4b\xfc\xb1\x63\xc6\xff\xf5\x23\xc7\xff\xda"
- "\x6f\xfe\x7b\xef\x27\x5f\x3d\x22\xfe\x37\xbf\x76\xf8\xeb\xff\xc9\x11\xf1"
- "\xb3\x9c\xf8\x8d\x13\xc6\x9f\x9f\xf8\x5d\xd7\xb9\x3e\x8b\xbf\xd8\x65\xfc"
- "\xfb\x5f\xff\xfd\xf9\x22\xbb\x76\xf9\x84\xf1\x9f\x3d\xdf\x5a\x3c\xe1\xad"
- "\x00\x40\x0f\xd4\x37\xb7\x56\xe6\x2b\x95\xf2\xfa\xd1\x85\x4e\xee\x3f\xd1"
- "\xcd\x0a\x0a\x0a\x9f\xf5\x42\x9f\x27\x26\xe0\xd4\xbd\x7e\xe8\xfb\xdd\x13"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa0\x9b\x5e\xfc\x3a\x51\xbf"
- "\xc7\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\xc0\xd9\xf5\xbf\x00\x00\x00\xff\xff\xfb\x38"
- "\xd9\x0f",
- 1226);
- syz_mount_image(/*fs=*/0x2000000000c0, /*dir=*/0x200000000040, /*flags=*/0,
- /*opts=*/0x200000001280, /*chdir=*/1, /*size=*/0x4ca,
- /*img=*/0x200000001380);
- memcpy((void*)0x2000000002c0, "./file0\000", 8);
- syscall(__NR_stat, /*file=*/0x2000000002c0ul, /*statbuf=*/0x2000000001c0ul);
- memcpy((void*)0x200000000240, "/dev/input/event#\000", 18);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000240, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[92] = res;
- syscall(__NR_ioctl, /*fd=*/r[92], /*cmd=*/0x80084505, /*arg=*/0ul);
- *(uint32_t*)0x200000000000 = 0x6e;
- res = syscall(__NR_accept4, /*fd=*/-1, /*peer=*/0x200000000100ul,
- /*peerlen=*/0x200000000000ul, /*flags=SOCK_NONBLOCK*/ 0x800ul);
- if (res != -1)
- r[93] = res;
- *(uint32_t*)0x200000000180 = 0xc;
- syscall(__NR_getsockopt, /*fd=*/r[93], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x200000000080ul, /*optlen=*/0x200000000180ul);
- memcpy((void*)0x2000000000c0, "ext4\000", 5);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- memcpy((void*)0x200000001280, "quota", 5);
- *(uint8_t*)0x200000001285 = 0x2c;
- memcpy((void*)0x200000001286, "noload", 6);
- *(uint8_t*)0x20000000128c = 0x2c;
- memcpy((void*)0x20000000128d, "errors=remount-ro", 17);
- *(uint8_t*)0x20000000129e = 0x2c;
- memcpy((void*)0x20000000129f, "init_itable", 11);
- *(uint8_t*)0x2000000012aa = 0x2c;
- *(uint8_t*)0x2000000012ab = 0;
- memcpy(
- (void*)0x200000001380,
- "\x78\x9c\xec\xdd\x4d\x6f\x1b\x5b\x19\x00\xe0\x77\x26\x49\xf3\x71\x73\x6f"
- "\x72\xc5\x5d\x00\x02\x6e\x29\x85\x82\xaa\xda\x89\xdb\x46\xa8\xab\xb2\xe1"
- "\x43\x55\x25\x44\xc5\x8a\x45\x1b\x12\x37\x8a\x62\xc7\x51\xec\x94\x26\x74"
- "\x91\xfe\x07\x24\x2a\xb1\x82\x9f\xc0\x02\x89\x05\x52\x57\xec\xd9\xc1\x8e"
- "\x4d\xbb\x40\x2a\x50\x81\x1a\x24\x16\x46\x33\xb6\xd3\x24\x8d\x93\x94\x36"
- "\xb6\x6e\xfc\x3c\xd2\x68\xce\x99\x33\xcd\x7b\x4e\xad\x39\xaf\x7b\xdc\xf8"
- "\x04\x30\xb0\xce\x47\xc4\x76\x44\x9c\x8b\x88\x7b\x11\x31\xd5\xbe\x9e\xb4"
- "\x8f\xb8\xd9\x3a\xb2\xfb\x5e\xbd\x7c\xb4\xb0\xf3\xf2\xd1\x42\x12\xcd\xe6"
- "\x9d\x7f\x24\x79\x7b\x76\x2d\xf6\xfc\x99\xcc\x07\xed\x9f\x39\x16\x11\x3f"
- "\xfa\x5e\xc4\x4f\x93\x37\xe3\xd6\x37\xb7\x56\xe6\x2b\x95\xf2\x7a\xbb\x5e"
- "\x6c\x54\xd7\x8a\xf5\xcd\xad\x2b\xcb\xd5\xf9\xa5\xf2\x52\x79\xb5\x54\x9a"
- "\x9b\x9d\x9b\xf9\xf6\xd5\xeb\xa5\xf7\x36\xd6\x4f\xab\xbf\x7d\xf1\xdd\xe5"
- "\x5b\x3f\xfe\xc3\xef\xbf\xfc\xec\x4f\xdb\xdf\xfa\x79\xd6\xad\xc9\x76\xdb"
- "\xde\x71\xbc\x4f\xad\xa1\x8f\xec\xc6\xc9\x0c\x47\xc4\xad\xd3\x08\xd6\x07"
- "\x43\xed\xf1\x9c\xeb\x77\x47\xf8\xbf\xa4\x11\x51\x88\x88\x0b\xf9\xf3\x3f"
- "\x15\x43\xf9\xab\x09\x00\x9c\x65\xcd\xe6\x54\x34\xa7\xf6\xd6\x01\x80\xb3"
- "\x2e\xcd\xd7\xc0\x92\xb4\xd0\x5e\x0b\x98\x8c\x34\x2d\x14\x5a\x6b\x78\x9f"
- "\xc4\x44\x5a\xa9\xd5\x1b\x97\xef\xd7\x36\x56\x17\x5b\x6b\x65\xd3\x31\x92"
- "\xde\x5f\xae\x94\x67\xda\x6b\x85\xd3\x31\x92\x64\xf5\xd9\xbc\xfc\xba\x5e"
- "\x3a\x50\xbf\x1a\x11\x1f\x47\xc4\x2f\x46\xc7\xf3\x7a\x61\xa1\x56\x59\xec"
- "\xe7\x1b\x1f\x00\x18\x60\x1f\x1c\xc8\xff\xff\x1e\x6d\xe5\x7f\x00\xe0\x8c"
- "\x1b\xeb\x77\x07\x00\x80\x9e\x93\xff\x01\x60\xf0\xc8\xff\x00\x30\x78\xe4"
- "\x7f\x00\x18\x3c\xf2\x3f\x00\x0c\x1e\xf9\x1f\x00\x06\x8f\xfc\x0f\x00\x03"
- "\xe5\x87\xb7\x6f\x67\x47\x73\xa7\xfd\xfd\xd7\x8b\x0f\x36\x37\x56\x6a\x0f"
- "\xae\x2c\x96\xeb\x2b\x85\xea\xc6\x42\x61\xa1\xb6\xbe\x56\x58\xaa\xd5\x96"
- "\xf2\xef\xec\xa9\x1e\xf7\xf3\x2a\xb5\xda\xda\xec\xb5\xd8\x78\x58\x6c\x94"
- "\xeb\x8d\x62\x7d\x73\xeb\x6e\xb5\xb6\xb1\xda\xb8\x9b\x7f\xaf\xf7\xdd\xf2"
- "\x48\x4f\x46\x05\x00\x1c\xe5\xe3\x4f\x9f\xfe\x25\x89\x88\xed\x1b\xe3\xf9"
- "\x11\x7b\xf6\x72\x90\xab\xe1\x6c\x4b\xfb\xdd\x01\xa0\x6f\x86\xfa\xdd\x01"
- "\xa0\x6f\x8e\xd9\xed\xeb\x79\xaf\xfa\x01\xf4\x9e\x7f\xe3\xc3\xc0\xfb\xfe"
- "\x21\x5b\xf4\xee\xb3\xe7\xbf\x08\x8d\xef\x6b\x78\x72\x3a\x1d\x02\x4e\xdf"
- "\xa5\x2f\x58\xff\x87\x41\x65\xfd\x1f\x06\x97\xf5\x7f\x18\x5c\xc7\xac\xff"
- "\x03\x67\x58\xb3\x99\xd8\xf3\x1f\x00\x06\x8c\x35\x7e\xe0\x2d\x3e\xff\xdf"
- "\xcf\xe7\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\xb0\xc9\xfc\x48\xd2\x42\x7b\x2f"
- "\xf0\xc9\x48\xd3\x42\x21\xe2\xc3\x88\x98\x8e\x91\xe4\xfe\x72\xa5\x3c\x13"
- "\x11\x1f\x45\xc4\x9f\x47\x47\x46\xb3\xfa\x6c\xbf\x3b\x0d\x00\xbc\xa3\xf4"
- "\x6f\x49\x7b\xff\xaf\x4b\x53\x17\x27\x0f\xb6\x9e\x4b\xfe\x33\x9a\x9f\x23"
- "\xe2\x67\xbf\xba\xf3\xcb\x87\xf3\x8d\xc6\xfa\x6c\x76\xfd\x9f\xbb\xd7\x1b"
- "\x4f\xda\xd7\x4b\xfd\xe8\x3f\x00\x70\x9c\x4e\x9e\xee\xe4\xf1\x8e\x57\x2f"
- "\x1f\x2d\x74\x8e\x5e\xf6\xe7\xc5\x77\x5a\x9b\x8b\x66\x71\x77\xda\x47\xab"
- "\x65\x38\x86\xf3\xf3\x58\x8c\x44\xc4\xc4\xbf\x92\x76\xbd\x25\x7b\xbf\x32"
- "\xf4\x1e\xe2\x6f\x3f\x8e\x88\xcf\x1f\x36\xfe\x24\x5f\x1b\x99\x6e\xef\x7c"
- "\x7a\x30\x7e\x16\xfb\xc3\x9e\xc6\x4f\xf7\xc5\x4f\xf3\xb6\xd6\x39\xfb\xbb"
- "\xf8\xdc\xdb\x87\xee\xba\xa5\x2b\x0c\x8a\xa7\xd9\xfc\x73\xf3\xb0\xe7\x2f"
- "\x8d\xf3\xf9\xf9\xf0\xe7\x7f\x2c\x9f\xa1\xde\x5d\x67\xfe\xdb\x79\x63\xfe"
- "\x4b\x77\xe7\xbf\xa1\x2e\xf3\xdf\xf9\x93\xc6\xb8\xf6\xc7\x1f\x74\x6d\x7b"
- "\x1c\xf1\xc5\xe1\xc3\xe2\x27\xbb\xf1\x93\x2e\xf1\x2f\x1e\x19\xb5\xd9\xec"
- "\x94\xfe\xfa\xa5\xaf\x5c\xe8\x7a\xd7\xaf\x23\x2e\xc5\xe1\xf1\xf7\xc6\x2a"
- "\x36\xaa\x6b\xc5\xfa\xe6\xd6\x95\xe5\xea\xfc\x52\x79\xa9\xbc\x5a\x2a\xcd"
- "\xcd\xce\xcd\x8c\x5f\xbd\x5e\x2a\xe6\x6b\xd4\xc5\xce\x4a\xf5\x9b\xfe\x7e"
- "\xe3\xf2\x47\x47\x8d\x7f\xa2\x4b\xfc\xb1\x63\xc6\xff\xf5\x23\xc7\xff\xda"
- "\x6f\xfe\x7b\xef\x27\x5f\x3d\x22\xfe\x37\xbf\x76\xf8\xeb\xff\xc9\x11\xf1"
- "\xb3\x9c\xf8\x8d\x13\xc6\x9f\x9f\xf8\x5d\xd7\xb9\x3e\x8b\xbf\xd8\x65\xfc"
- "\xfb\x5f\xff\xfd\xf9\x22\xbb\x76\xf9\x84\xf1\x9f\x3d\xdf\x5a\x3c\xe1\xad"
- "\x00\x40\x0f\xd4\x37\xb7\x56\xe6\x2b\x95\xf2\xfa\xd1\x85\x4e\xee\x3f\xd1"
- "\xcd\x0a\x0a\x0a\x9f\xf5\x42\x9f\x27\x26\xe0\xd4\xbd\x7e\xe8\xfb\xdd\x13"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa0\x9b\x5e\xfc\x3a\x51\xbf"
- "\xc7\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\xc0\xd9\xf5\xbf\x00\x00\x00\xff\xff\xfb\x38"
- "\xd9\x0f",
- 1226);
- syz_mount_image(/*fs=*/0x2000000000c0, /*dir=*/0x200000000040, /*flags=*/0,
- /*opts=*/0x200000001280, /*chdir=*/1, /*size=*/0x4ca,
- /*img=*/0x200000001380);
- memcpy((void*)0x2000000002c0, "./file0\000", 8);
- syscall(__NR_stat, /*file=*/0x2000000002c0ul, /*statbuf=*/0x2000000001c0ul);
- memcpy((void*)0x200000000240, "/dev/input/event#\000", 18);
- syz_open_dev(/*dev=*/0x200000000240, /*id=*/0, /*flags=*/0);
- syscall(__NR_ioctl, /*fd=*/r[92], /*cmd=*/0x80084505, /*arg=*/0ul);
- *(uint32_t*)0x200000000000 = 0x6e;
- syscall(__NR_accept4, /*fd=*/-1, /*peer=*/0x200000000100ul,
- /*peerlen=*/0x200000000000ul, /*flags=SOCK_NONBLOCK*/ 0x800ul);
- *(uint32_t*)0x200000000180 = 0xc;
- syscall(__NR_getsockopt, /*fd=*/r[93], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x200000000080ul, /*optlen=*/0x200000000180ul);
- memcpy((void*)0x2000000002c0, "/dev/autofs\000", 12);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x2000000002c0ul, /*flags=*/0, /*mode=*/0);
- if (res != -1)
- r[94] = res;
- memcpy((void*)0x200000000780, "ext3\000", 5);
- memcpy((void*)0x2000000007c0, "./file0\000", 8);
- memcpy((void*)0x200000000000, "noblock_validity", 16);
- *(uint8_t*)0x200000000010 = 0x2c;
- memcpy((void*)0x200000000011, "noblock_validity", 16);
- *(uint8_t*)0x200000000021 = 0x2c;
- memcpy((void*)0x200000000022, "dioread_nolock", 14);
- *(uint8_t*)0x200000000030 = 0x2c;
- memcpy((void*)0x200000000031, "quota", 5);
- *(uint8_t*)0x200000000036 = 0x2c;
- memcpy((void*)0x200000000037, "nogrpid", 7);
- *(uint8_t*)0x20000000003e = 0x2c;
- memcpy((void*)0x20000000003f, "nombcache", 9);
- *(uint8_t*)0x200000000048 = 0x2c;
- *(uint8_t*)0x200000000049 = 0;
- memcpy(
- (void*)0x200000000840,
- "\x78\x9c\xec\xdd\xcd\x6b\x1c\xe5\x1f\x00\xf0\xef\x6c\x92\xa6\xbf\xb4\x3f"
- "\x13\x41\xd0\x7a\x0a\x08\x1a\x28\xdd\x98\x1a\x5b\x05\x0f\x15\x0f\x22\x58"
- "\x28\xe8\xd9\x76\xd9\x6c\x43\xcd\x6e\xb6\x64\x37\xa5\x09\x01\x2d\x22\x78"
- "\x11\x54\x3c\x08\x7a\xe9\xd9\x97\x7a\xf3\xea\xcb\x55\xff\x0b\x0f\xd2\x52"
- "\x35\x2d\x56\x3c\x48\x64\x36\xb3\xe9\xb6\xd9\x4d\x37\x6d\x92\x45\xf7\xf3"
- "\x81\xa7\x7d\x9e\x99\xd9\x3c\xf3\x9d\x67\x66\x9e\x67\x77\x86\x99\x00\xfa"
- "\xd6\x78\xfa\x4f\x2e\xe2\x50\x44\x7c\x90\x44\x8c\x66\xd3\x93\x88\x18\x6a"
- "\xe4\x06\x23\x4e\xac\x2f\x77\x6b\x75\xa5\x98\xa6\x24\xd6\xd6\x5e\xfb\x2d"
- "\x69\x2c\x73\x73\x75\xa5\x18\x2d\x9f\x49\x1d\xc8\x0a\x8f\x45\xc4\xf7\xef"
- "\x46\x1c\xce\x6d\xae\xb7\xb6\xb4\x3c\x57\x28\x97\x4b\x0b\x59\x79\xb2\x5e"
- "\x39\x3f\x59\x5b\x5a\x3e\x72\xae\x52\x98\x2d\xcd\x96\xe6\x8f\x4d\x4d\x4f"
- "\x1f\x3d\xfe\xec\xf1\x63\x3b\x17\xeb\x1f\x3f\x2d\x1f\xbc\xf6\xe1\xcb\x4f"
- "\x7d\x75\xe2\xaf\x77\x1e\xbd\xf2\xfe\x0f\x49\x9c\x88\x83\xd9\xbc\xd6\x38"
- "\x76\xca\x78\x8c\x67\xdb\x64\x28\xdd\x84\x77\x78\x69\xa7\x2b\xeb\xb1\xa4"
- "\xd7\x2b\xc0\x7d\x49\x0f\xcd\x81\xf5\xa3\x3c\x0e\xc5\x68\x0c\x34\x72\x00"
- "\xc0\x7f\xd9\x5b\x11\xb1\x06\x00\xf4\x99\x44\xff\x0f\x00\x7d\xa6\xf9\x3b"
- "\xc0\xcd\xd5\x95\x62\x33\xf5\xf6\x17\x89\xbd\x75\xfd\xc5\x88\xd8\xbf\x1e"
- "\x7f\xf3\xfa\xe6\xfa\x9c\xc1\xec\x9a\xdd\xfe\xc6\x75\xd0\x91\x9b\xc9\x1d"
- "\x57\x46\x92\x88\x18\xdb\x81\xfa\xc7\x23\xe2\xb3\x6f\xde\xf8\x22\x4d\xb1"
- "\x4b\xd7\x21\x01\xda\x79\xfb\x52\x44\x9c\x19\x1b\xdf\x7c\xfe\x4f\x36\xdd"
- "\xb3\xb0\x5d\x4f\x77\xb1\xcc\xf8\x5d\x65\xe7\x3f\xd8\x3b\xdf\xa6\xe3\x9f"
- "\xe7\xda\x8d\xff\x72\x1b\xe3\x9f\x68\x33\xfe\x19\x6e\x73\xec\xde\x8f\x7b"
- "\x1f\xff\xb9\xab\x3b\x50\x4d\x47\xe9\xf8\xef\x85\x96\x7b\xdb\x6e\xb5\xc4"
- "\x9f\x19\x1b\xc8\x4a\xff\x6f\x8c\xf9\x86\x92\xb3\xe7\xca\xa5\xf4\xdc\xf6"
- "\x50\x44\x4c\xc4\xd0\x70\x5a\x9e\xda\xa2\x8e\x89\x1b\x7f\xdf\xe8\x34\xaf"
- "\x75\xfc\xf7\xfb\x47\x6f\x7e\x9e\xd6\x9f\xfe\x7f\x7b\x89\xdc\xd5\xc1\xe1"
- "\x3b\x3f\x33\x53\xa8\x17\x1e\x24\xe6\x56\xd7\x2f\x45\x3c\x3e\xd8\x2e\xfe"
- "\x64\xa3\xfd\x93\x0e\xe3\xdf\x53\x5d\xd6\xf1\xca\xf3\xef\x7d\xda\x69\x5e"
- "\x1a\x7f\x1a\x6f\x33\x6d\x8e\x7f\x77\xad\x5d\x8e\x78\xb2\x6d\xfb\xdf\xbe"
- "\xa3\x2d\xd9\xf2\xfe\xc4\xc9\xc6\xee\x30\xd9\xdc\x29\xda\xf8\xfa\xe7\x4f"
- "\x46\x3a\xd5\xdf\xda\xfe\x69\x4a\xeb\x6f\x7e\x17\xd8\x0b\x69\xfb\x8f\x6c"
- "\x1d\xff\x58\xd2\x7a\xbf\x66\x6d\xfb\x75\xfc\x78\x79\xf4\xbb\x4e\xf3\xee"
- "\x1d\x7f\xfb\xfd\x7f\x5f\xf2\x7a\x23\xbf\x2f\x9b\x76\xb1\x50\xaf\x2f\x4c"
- "\x45\xec\x4b\x5e\xdd\x3c\xfd\xe8\xed\xcf\x36\xcb\xcd\xe5\xd3\xf8\x27\x9e"
- "\x68\x7f\xfc\x6f\xb5\xff\xa7\xdf\x09\xcf\x74\x19\xff\xe0\xb5\x5f\xbf\xbc"
- "\xff\xf8\x77\x57\x1a\xff\xcc\xb6\xda\x7f\xfb\x99\x2b\xb7\xe6\x06\x3a\xd5"
- "\xdf\x5d\xfb\x4f\x37\x72\x13\xd9\x94\x6e\xce\x7f\xdd\xae\xe0\x83\x6c\x3b"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\xe8\x56\x2e\x22\x0e\x46\x92\xcb\x6f\xe4\x73\xb9\x7c\x7e\xfd\x1d\xde"
- "\x8f\xc4\x48\xae\x5c\xad\xd5\x0f\x9f\xad\x2e\xce\xcf\x44\xe3\x5d\xd9\x63"
- "\x31\x94\x6b\x3e\xea\x72\xb4\xe5\x79\xa8\x53\xd9\xf3\xf0\x9b\xe5\xa3\x77"
- "\x95\x9f\x89\x88\x87\x23\xe2\xe3\xe1\xff\x35\xca\xf9\x62\xb5\x3c\xd3\xeb"
- "\xe0\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x73\xa0\xc3"
- "\xfb\xff\x53\xbf\x0c\xf7\x7a\xed\x00\x80\x5d\xb3\xbf\xd7\x2b\x00\x00\xec"
- "\x39\xfd\x3f\x00\xf4\x1f\xfd\x3f\x00\xf4\x1f\xfd\x3f\x00\xf4\x1f\xfd\x3f"
- "\x00\xf4\x1f\xfd\x3f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\xbb\xec\xd4\xc9\x93\x69\x5a\xfb\x73\x75\xa5\x98\x96\x67\x2e\x2c"
- "\x2d\xce\x55\x2f\x1c\x99\x29\xd5\xe6\xf2\x95\xc5\x62\xbe\x58\x5d\x38\x9f"
- "\x9f\xad\x56\x67\xcb\xa5\x7c\xb1\x5a\xb9\xd7\xdf\x2b\x57\xab\xe7\xa7\x63"
- "\x7e\xf1\xe2\x64\xbd\x54\xab\x4f\xd6\x96\x96\x4f\x57\xaa\x8b\xf3\xf5\xd3"
- "\xe7\x2a\x85\xd9\xd2\xe9\xd2\xd0\x9e\x44\x05\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\xdb\x53\x5b\x5a\x9e\x2b\x94\xcb\xa5\x05\x19\x19"
- "\x19\x99\x8d\x4c\xaf\xcf\x4c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff"
- "\x0e\xff\x04\x00\x00\xff\xff\x3e\x07\x2a\x2f",
- 1883);
- syz_mount_image(/*fs=*/0x200000000780, /*dir=*/0x2000000007c0,
- /*flags=MS_SYNCHRONOUS*/ 0x10, /*opts=*/0x200000000000,
- /*chdir=*/1, /*size=*/0x75b, /*img=*/0x200000000840);
- res = syscall(__NR_socket, /*domain=AF_INET6*/ 0xaul,
- /*type=SOCK_STREAM*/ 1ul, /*proto=*/0);
- if (res != -1)
- r[95] = res;
- memcpy((void*)0x200000000140,
- "lo\000\000\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint64_t*)0x200000000150 = 0x200000000040;
- *(uint32_t*)0x200000000040 = 0x51;
- memcpy((void*)0x200000000044,
- "\x65\xb3\x82\xcd\x76\x1d\x2c\x65\x8d\x52\x70\x7b\x70\x0a\xd1\xba\x5d"
- "\xe9\xa6\xb9\xf4\x41\xa4\x1d\x4b\xc8\x0f\x1a\xac\xc4\x82\xa0",
- 32);
- memcpy((void*)0x200000000064,
- "\x8d\xec\x25\xde\xfd\x0d\x0f\x66\xb4\x90\x2a\x8e\xce\x5a\x7a\x84\xbb"
- "\xa7\xed\x0d\x33\xd8\xca\xab\x92\xce\x00\x00\x00\x00\x00\x00",
- 32);
- memcpy((void*)0x200000000084,
- "\xbe\x9a\x04\x00\x10\x00\x80\x00\x00\x00\x00\x68\x3b\xbd\xda\xf2\x86"
- "\xe1\x5d\xe4\x6c\x14\xa5\xbd\xa9\x88\x8b\x05\xf2\xcf\x52\x65",
- 32);
- memcpy((void*)0x2000000000a4,
- "\xd7\x62\xb8\x94\x06\x00\x00\x00\x00\x00\x00\x00\xd1\x77\x5b\x60\x15"
- "\x7d\x8d\x13\x0a\x76\x44\x7e\x8b\x95\x18\x3b\x00\x9a\x10\x8c",
- 32);
- memcpy((void*)0x2000000000c4,
- "\xdc\x90\x38\xc4\xe7\xeb\x0b\xb0\xff\x1c\x64\x90\x62\x5f\xa8\xdb\x0f"
- "\xe9\xcc\xd5\xf4\x0d\x6d\x3f\x3f\x28\xee\x71\x61\xe5\x12\x4f",
- 32);
- memcpy((void*)0x2000000000e4,
- "\xa4\x1b\x16\x74\x00\x00\x00\x00\x00\x00\x00\x00", 12);
- *(uint32_t*)0x2000000000f0 = 0;
- *(uint32_t*)0x2000000000f4 = 0;
- *(uint32_t*)0x2000000000f8 = 0;
- *(uint32_t*)0x2000000000fc = 0;
- *(uint32_t*)0x200000000100 = 0;
- syscall(__NR_ioctl, /*fd=*/r[95], /*cmd=*/0x8946, /*arg=*/0x200000000140ul);
- *(uint32_t*)0x200000000280 = 1;
- *(uint32_t*)0x200000000284 = 1;
- *(uint32_t*)0x200000000288 = 0x52;
- *(uint32_t*)0x20000000028c = -1;
- *(uint64_t*)0x200000000290 = 0;
- memcpy((void*)0x200000000298, "./file0\000", 8);
- syscall(__NR_ioctl, /*fd=*/r[94], /*cmd=*/0xc018937e,
- /*arg=*/0x200000000280ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[96] = res;
- *(uint8_t*)0x200000000100 = 0x11;
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x541c, /*arg=*/0x200000000100ul);
- *(uint8_t*)0x200000000100 = 0x11;
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x541c, /*arg=*/0x200000000100ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[97] = res;
- *(uint64_t*)0x200000000000 = 0;
- *(uint64_t*)0x200000000008 = 1;
- *(uint64_t*)0x200000000010 = 0;
- *(uint64_t*)0x200000000018 = 0;
- *(uint64_t*)0x200000000020 = 0;
- *(uint64_t*)0x200000000028 = 0;
- *(uint64_t*)0x200000000030 = 0x7fffffff;
- *(uint64_t*)0x200000000038 = 0;
- *(uint64_t*)0x200000000040 = 0;
- *(uint64_t*)0x200000000048 = 0;
- *(uint64_t*)0x200000000050 = 0;
- *(uint64_t*)0x200000000058 = 0;
- *(uint64_t*)0x200000000060 = 0;
- *(uint64_t*)0x200000000068 = 0;
- *(uint64_t*)0x200000000070 = 0;
- *(uint64_t*)0x200000000078 = 0;
- *(uint64_t*)0x200000000080 = 0;
- *(uint64_t*)0x200000000088 = 0;
- *(uint64_t*)0x200000000090 = 0;
- *(uint64_t*)0x200000000098 = 0;
- *(uint64_t*)0x2000000000a0 = 0;
- *(uint64_t*)0x2000000000a8 = 0;
- *(uint64_t*)0x2000000000b0 = 0;
- *(uint64_t*)0x2000000000b8 = 0;
- *(uint64_t*)0x2000000000c0 = 0;
- *(uint64_t*)0x2000000000c8 = 0;
- syscall(__NR_clock_adjtime, /*id=CLOCK_PROCESS_CPUTIME_ID|0x8*/ 0xaul,
- /*tx=*/0x200000000000ul);
- *(uint64_t*)0x200000005400 = 0;
- *(uint32_t*)0x200000005408 = 0;
- *(uint64_t*)0x200000005410 = 0x200000000200;
- *(uint64_t*)0x200000000200 = 0x200000000380;
- memcpy(
- (void*)0x200000000380,
- "\x14\x01\x00\x00\x20\x00\x23\x01\x00\x00\x00\x00\x00\x00\x00\x00\x02\x01"
- "\x00\x00\xa9\x49\x8f\x68\x3e\x39\x54\x4a\x55\xba\x23\x26\xd2\x6f\xf5\x5a"
- "\xaa\x1e\x69\xc6\xc5\x49\xe1\x56\xca\xd0\x3d\x7b\x63\xfd\xa7\xce\xd4\x2d"
- "\x64\x23\x79\x55\x2b\x60\xfb\xb5\xff\xf5\x6e\x24\x00\x34\x96\xfd\x05\xf3"
- "\x39\xc7\xe2\x5f\x8a\xd5\x60\x6b\x40\xd8\x49\x86\x0b\x3f\xeb\x13\x17\x11"
- "\x62\xdb\x5e\x86\x34\x77\x9b\x76\x7c\xc5\x60\x73\x54\x43\x40\xa4\x0d\xfc"
- "\x26\xed\x7f\x45\xed\xc2\x75\x30\x66\x36\x61\x81\x73\x06\x86\xa9\x89\x7c"
- "\xcd\xcb\xb9\x87\x7f\x1d\xe7\x44\xdb\x11\x83\x43\xbf\x67\xeb\xf8\xa6\x3b"
- "\xfa\x12\x95\x9f\xb7\xce\xe4\xfb\x72\x23\xce\xb9\xf8\x1c\xf4\xaf\xf2\xe8"
- "\x63\xe5\xc1\xd5\xde\x03\xcc\x46\xb9\x01\x44\x6a\x7f\x71\x86\x21\xb6\xe7"
- "\x27\xac\x09\x8f\x4c\x38\x7d\x9d\x43\x22\x88\xa7\xea\x4a\x5a\x46\x65\x21"
- "\xc5\x8e\xaa\x5e\x6b\x84\x48\x23\x9b\x27\x3c\xe0\x1c\x42\x98\x7a\xd1\x9e"
- "\x48\x7d\xbb\x57\x76\x53\x1f\xc1\x0d\xe2\xc9\x1f\x42\x2b\xec\xd7\xbc\x13"
- "\x7f\x98\x0d\xdc\x5f\x1b\xcd\xd5\x8f\xca\xea\x09\xb8\x77\x3b\x0d\x31\x75"
- "\x33\xe0\x3e\x05\x38\x68\x17\x95\x07\x54\xc4\x32\x4a\xb2\x4c\x04\x77\xee"
- "\x1b\x85\x34\x7c\xfa\x3c\x8b\xac\x8d\x89\x02\x85\x59\x2d\xf8\x00\x00",
- 287);
- *(uint64_t*)0x200000000208 = 0x114;
- *(uint64_t*)0x200000005418 = 1;
- *(uint64_t*)0x200000005420 = 0;
- *(uint64_t*)0x200000005428 = 0;
- *(uint32_t*)0x200000005430 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[97], /*msg=*/0x200000005400ul, /*f=*/0ul);
- *(uint64_t*)0x200000000000 = htobe64(0);
- *(uint64_t*)0x200000000008 = htobe64(1);
- *(uint32_t*)0x200000000010 = 0;
- syscall(__NR_setsockopt, /*fd=*/r[96], /*level=*/0x29, /*optname=*/0x11,
- /*optval=*/0x200000000000ul, /*optlen=*/0x14ul);
- memcpy((void*)0x200000000000, "net/protocols\000", 14);
- syz_open_procfs(/*pid=*/0, /*file=*/0x200000000000);
- memcpy((void*)0x200000000000, "net/protocols\000", 14);
- syz_open_procfs(/*pid=*/0, /*file=*/0x200000000000);
- syscall(__NR_close_range, /*fd=*/-1, /*max_fd=*/-1,
- /*flags=CLOSE_RANGE_UNSHARE*/ 2ul);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- syscall(__NR_creat, /*file=*/0x200000000000ul, /*mode=*/0ul);
- res = syscall(__NR_inotify_init1, /*flags=*/0ul);
- if (res != -1)
- r[98] = res;
- memcpy((void*)0x200000000000, "/dev/rtc0\000", 10);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0, /*mode=*/0);
- if (res != -1)
- r[99] = res;
- syscall(__NR_ioctl, /*fd=*/r[99], /*cmd=*/0x4008700e, /*arg=*/0ul);
- memcpy((void*)0x200000001240, "./file0\000", 8);
- res = syscall(__NR_inotify_add_watch, /*fd=*/r[98], /*file=*/0x200000001240ul,
- /*mask=IN_MODIFY|IN_DELETE_SELF|IN_DELETE*/ 0x602ul);
- if (res != -1)
- r[100] = res;
- syscall(__NR_inotify_rm_watch, /*fd=*/r[98], /*wd=*/r[100]);
- res = syscall(__NR_getgid);
- if (res != -1)
- r[101] = res;
- memcpy((void*)0x200000001b40, "ext2\000", 5);
- memcpy((void*)0x200000000500, "./file0\000", 8);
- *(uint8_t*)0x200000000580 = 0;
- memcpy(
- (void*)0x200000003100,
- "\x78\x9c\xec\xdd\x4f\x6f\x23\x67\x19\x00\xf0\x67\x9c\xb8\x64\xbb\x59\x92"
- "\x02\x87\x52\xa9\xa5\xa2\x45\xd9\x0a\xd6\x4e\x1a\xda\x46\x1c\xda\x22\x21"
- "\x6e\x95\x40\xcb\x7d\x89\x12\x27\x8a\xe2\xc4\x51\xec\xb4\x9b\xa8\x42\xa9"
- "\xf8\x00\x48\x08\xc1\x4a\x9c\x38\x71\x41\xe2\x03\x20\xa1\xfd\x08\x68\xa5"
- "\x95\xd8\x3b\x02\x04\x42\xb0\x0b\x07\x0e\xc0\xa0\x19\x4f\xb2\x89\x35\xde"
- "\x64\xd5\xd8\x5e\x39\xbf\x9f\xf4\x7a\xde\x19\x7b\xe6\x79\x5e\x3b\x1e\xcf"
- "\x9f\x37\x33\x01\x5c\x5a\xaf\x46\xc4\xfb\x11\x31\x11\x11\x6f\x44\xc4\x4c"
- "\x31\xbd\x52\x94\x38\xec\x96\xec\x75\x8f\x1e\x7e\xbc\x92\x95\x24\xd2\xf4"
- "\xe6\xdf\x93\x7c\x9e\x6c\x3c\x22\x92\x93\xcb\xbc\x5a\xcc\x36\xd5\x1d\x94"
- "\x6a\xef\x1f\x6c\x2e\x37\x9b\x8d\xdd\x62\xbc\xde\xd9\xda\xa9\xb7\xf7\x0f"
- "\x6e\x6c\x6c\x2d\xaf\x37\xd6\x1b\xdb\x8b\x8b\x0b\x6f\x2f\xbd\xb3\xf4\xd6"
- "\xd2\xfc\x85\xb4\xf3\x5a\x44\xbc\xfb\xad\x3f\xff\xf4\x47\xbf\xfc\xf6\xbb"
- "\xbf\xfd\xda\x47\x7f\xb8\xf5\xd7\xeb\x3f\xc8\x92\x9e\x2e\x9e\x2f\xda\x71"
- "\xe1\x1e\xe4\x8f\xd5\xec\xbd\x38\x36\x19\x11\xbb\x83\x08\x36\x02\x13\x45"
- "\x7b\xaa\xa3\x4e\x04\x00\x80\x73\xa9\x45\xc4\xe7\x22\xe2\xcb\xf9\xf6\xff"
- "\x4c\x4c\xe4\x5b\x73\x39\x9b\x74\x00\x00\x00\x30\x26\xd2\xf7\xa6\xe3\x3f"
- "\x49\x44\x0a\x00\x00\x00\x8c\xad\xf7\xf2\x3e\xb0\x49\xa5\x56\xf4\xf7\x9d"
- "\x8e\x4a\xa5\x56\xeb\xf6\xe1\xfd\x42\x3c\x5f\x69\xb6\xda\x9d\xaf\xae\xb5"
- "\xf6\xb6\x57\xbb\x7d\x65\x67\xa3\x5a\x59\xdb\x68\x36\xe6\x8b\xbe\xc2\xb3"
- "\x51\x4d\xb2\xf1\x85\xbc\xfe\x78\xfc\xcd\x9e\xf1\xc5\x88\x78\x21\x22\x7e"
- "\x32\x73\x25\x1f\xaf\xad\xb4\x9a\xab\xa3\x3e\xf8\x01\x00\x00\x00\x97\xc4"
- "\xd5\x9e\xfd\xff\x7f\xcd\x74\xf7\xff\x01\x00\x00\x80\x31\x33\x3b\xea\x04"
- "\x00\x00\x00\x80\x81\xeb\xb7\xff\x9f\x0c\x39\x0f\x00\x00\x00\x60\x70\x9c"
- "\xff\x07\x00\x00\x80\xb1\xf6\x9d\x0f\x3e\xc8\x4a\x7a\x74\xff\xeb\xd5\x0f"
- "\xf7\xf7\x36\x5b\x1f\xde\x58\x6d\xb4\x37\x6b\x5b\x7b\x2b\xb5\x95\xd6\xee"
- "\x4e\x6d\xbd\xd5\x5a\xcf\xaf\xd9\xb7\x75\xd6\xf2\x9a\xad\xd6\xce\xd7\x63"
- "\x7b\xef\x76\xbd\xd3\x68\x77\xea\xed\xfd\x83\x5b\x5b\xad\xbd\xed\xce\xad"
- "\x8d\x53\xb7\xc0\x06\x00\x00\x00\x86\xe8\x85\x2f\xdd\x7d\x90\x44\xc4\xe1"
- "\x37\xae\xe4\x25\xf3\x5c\xf6\x30\xd1\x67\x06\x7d\x05\x60\x6c\x54\x9e\xe6"
- "\xc5\x7f\x1a\x5c\x1e\xc0\xf0\xf5\xfb\x99\x07\xc6\xdf\xe4\xa8\x13\x00\x46"
- "\xe7\x70\xd4\x09\x00\xa3\x76\xea\x52\x1f\x25\x1b\x05\x27\x3b\xef\x9c\x3a"
- "\x66\xf0\xbb\xc1\xe5\x04\x00\x00\x5c\xac\xb9\x2f\x96\x9f\xff\xcf\x76\x01"
- "\xaa\xa3\x4e\x0e\x18\xa8\xa7\x3a\xff\x0f\x8c\x15\xe7\xff\xe1\xf2\x7a\xca"
- "\xf3\xff\xf7\x06\x95\x07\x30\x7c\x55\x5b\x00\x70\xe9\x9d\x75\xab\x8f\xbe"
- "\x17\xef\x38\xf7\xf9\xff\x34\x3d\x73\x59\x00\x00\xc0\x40\x4d\xe7\x25\xa9"
- "\xd4\x8a\x73\x81\xd3\x51\xa9\xd4\x6a\x11\xd7\xf2\x7f\xf5\xaf\x26\x6b\x1b"
- "\xcd\xc6\x7c\x44\x7c\x36\x22\x7e\x3f\x53\xfd\x4c\x36\xbe\x90\xcf\x99\xb8"
- "\x3d\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x9c\x53\x9a\x26\x91\x02\x00\x00\x00\x63\x2d\xa2\xf2\x97\xa4"
- "\xb8\xff\xd7\xdc\xcc\xeb\xd3\xbd\xc7\x07\x9e\x4b\xfe\x3d\x93\x0f\x23\xe2"
- "\xa3\x9f\xdf\xac\xdc\x5e\xee\x74\x76\x17\xb2\xe9\xff\x38\x9e\xde\xb9\x73"
- "\xf3\x67\xf9\xf4\x37\x47\x71\x04\x03\x00\x00\x00\xe8\x75\xb4\x9f\x7e\xb4"
- "\x1f\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x17\xe9\xd1\xc3\x8f\x57\x8e\xca\x30\xe3\xfe\xed\x9b\x11\x31"
- "\x5b\x16\x7f\x32\xa6\xf2\xe1\x54\x54\x23\xe2\xf9\x7f\x26\x31\x79\x62\xbe"
- "\x24\x22\x26\x2e\x20\xfe\xe1\x27\x11\xf1\x62\x59\xfc\x24\x4b\x2b\x66\x8b"
- "\x2c\x7a\xe3\x57\x22\xe2\xca\x70\xe2\xbf\x9c\xa6\x69\x69\xfc\xab\x17\x10"
- "\x1f\x2e\xb3\xbb\xd9\xfa\xe7\xfd\xb2\xef\x5f\x25\x5e\xcd\x87\xe5\xdf\xff"
- "\xc9\xa2\x7c\x5a\xfd\xd7\x7f\x95\xe3\xf5\xdf\x44\x9f\xf5\xdf\xb5\x73\xc6"
- "\x78\xe9\xfe\xaf\xeb\x7d\xe3\x7f\x12\xf1\xd2\x64\xf9\xfa\xe7\x28\x7e\xd2"
- "\x27\xfe\x6b\x65\x0b\x2c\x79\x53\xbe\xff\xbd\x83\x83\x7e\xf1\xd3\x5f\x44"
- "\xcc\x95\xfe\xfe\x24\xa7\x62\xd5\x3b\x5b\x3b\xf5\xf6\xfe\xc1\x8d\x8d\xad"
- "\xe5\xf5\xc6\x7a\x63\x7b\x71\x71\xe1\xed\xa5\x77\x96\xde\x5a\x9a\xaf\xaf"
- "\x6d\x34\x1b\xc5\x63\x69\x8c\x1f\xbf\xfc\x9b\xff\xf5\x4c\xfa\x6f\xda\x95"
- "\xb7\x3f\xfa\xc4\x9f\x3d\xa3\xfd\xaf\x67\x95\xea\xc9\xc6\xf4\x86\x29\x82"
- "\xdd\xbf\xfd\xf0\xf3\xdd\x6a\xb5\x67\x11\x79\xfc\xeb\xaf\x95\x7f\xfe\x2f"
- "\x3e\x21\x7e\xf6\x37\xf1\x95\xe2\x77\x20\x7b\x7e\xee\xa8\x7e\xd8\xad\x9f"
- "\xf4\xca\xaf\xee\xbd\x52\x9a\x58\x11\x7f\xb5\x4f\xfb\x8f\x3f\xff\xac\x52"
- "\xd2\xfe\xeb\xfd\x16\xda\xe3\x8d\xef\xfe\xf0\x8f\xe7\x7c\x29\x00\x30\x04"
- "\xed\xfd\x83\xcd\xe5\x66\xb3\xb1\x3b\xf0\xca\x9d\x34\x4d\x87\x15\x4b\xe5"
- "\x19\xac\x4c\x3d\x1b\x69\xa8\x9c\x5d\xb9\x88\x23\x5b\x00\x00\xc0\xb3\xe6"
- "\xf1\x46\xff\xa8\x33\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x80\xcb\xab\xbd\x9f\x4e\x0c\xfa\x72\x62\xbd\x31\x0f\x47\xd3\x54"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x80\x27\xfa\x7f\x00\x00\x00\xff\xff\xa2\xc2\xe3\xbd",
- 1277);
- syz_mount_image(
- /*fs=*/0x200000001b40, /*dir=*/0x200000000500,
- /*flags=MS_POSIXACL|MS_RELATIME|MS_RDONLY|MS_NOSUID*/ 0x210003,
- /*opts=*/0x200000000580, /*chdir=*/1, /*size=*/0x4fc,
- /*img=*/0x200000003100);
- memcpy((void*)0x200000000040, ".\000", 2);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000040ul, /*flags=*/0, /*mode=*/0);
- if (res != -1)
- r[102] = res;
- syscall(__NR_fdatasync, /*fd=*/r[102]);
- syscall(__NR_unshare, /*flags=CLONE_NEWIPC*/ 0x8000000ul);
- syscall(__NR_semget, /*key=*/0ul, /*nsems=*/0x4004ul, /*flags=*/0ul);
- *(uint32_t*)0x200000000080 = r[101];
- *(uint32_t*)0x200000000084 = r[101];
- *(uint32_t*)0x200000000088 = r[101];
- syscall(__NR_setgroups, /*size=*/3ul, /*list=*/0x200000000080ul);
- syscall(__NR_semctl, /*semid=*/0, /*semnum=*/0ul, /*cmd=*/0x11ul,
- /*arg=*/0x200000000000ul);
- res = syscall(__NR_semget, /*key=*/0ul, /*nsems=*/0x4000000009ul,
- /*flags=*/0ul);
- if (res != -1)
- r[103] = res;
- *(uint16_t*)0x200000000040 = 4;
- *(uint16_t*)0x200000000042 = 0xfe01;
- *(uint16_t*)0x200000000044 = 0;
- syscall(__NR_semop, /*semid=*/r[103], /*ops=*/0x200000000040ul, /*nops=*/1ul);
- *(uint16_t*)0x200000000000 = 4;
- *(uint16_t*)0x200000000002 = 0xab3;
- *(uint16_t*)0x200000000004 = 0;
- syscall(__NR_semop, /*semid=*/r[103], /*ops=*/0x200000000000ul, /*nops=*/1ul);
- memcpy((void*)0x200000000000, "ext4\000", 5);
- memcpy((void*)0x200000000100, "./file1\000", 8);
- *(uint8_t*)0x200000000140 = 0;
- memcpy(
- (void*)0x200000000d40,
- "\x78\x9c\xec\xdb\xcb\x6f\x54\x55\x18\x00\xf0\xef\xde\x69\xa9\xbc\x6c\xc5"
- "\x27\x88\x5a\x45\x63\xe3\xa3\xa5\x05\x95\x05\x1b\x8c\x26\x2e\x34\x31\xd1"
- "\x05\x2e\x6b\x3b\x10\x64\xa0\x86\xd6\x44\x08\x11\x34\x06\x97\x86\xc4\xbd"
- "\x71\x69\xe2\x5f\xe0\x4a\x37\x06\x5d\x99\xb8\xd5\xbd\x21\x21\xca\x46\x70"
- "\x35\xe6\xce\xdc\x3b\x9d\x0e\x33\x6d\x69\xa7\x1d\x61\x7e\xbf\x64\xe0\xdc"
- "\xd7\x9c\xef\xeb\x39\x67\xee\x99\x7b\x32\x01\xf4\xad\xd1\xec\x9f\x24\x62"
- "\x47\xc4\x60\xb1\x2f\x69\x3d\x61\xb4\xfe\xdf\x8d\xeb\xe7\x67\x6e\x5e\x3f"
- "\x3f\x93\x44\xb5\xfa\xce\x5f\x49\xed\xbc\x7f\xae\x9f\x9f\x69\x9c\xfb\x77"
- "\xb5\x66\x7b\xfe\x26\x63\x69\x44\xfa\x79\xd2\xf2\x86\x75\xf3\x67\xcf\x9d"
- "\x9c\xae\x54\xca\x67\xf2\xed\x89\x85\x53\x1f\x4e\xcc\x9f\x3d\xf7\xe2\x89"
- "\x53\xd3\xc7\xcb\xc7\xcb\xa7\xa7\x0e\x1d\x3a\x78\x60\xf2\x95\x97\xa7\x5e"
- "\xea\x4a\x9e\xc3\x59\xac\x7b\x3e\x99\xdb\xbb\xfb\x8d\xf7\x2e\xbf\x35\x73"
- "\xf4\xf2\xfb\x3f\x7f\x97\x85\x75\xf8\x42\xfd\xf8\x92\x3c\xba\x64\xf4\xca"
- "\x68\xbb\xd4\x6b\x9e\xe9\x76\x65\x3d\xb6\xb3\xa9\x9c\x0c\x2c\x96\xab\xb9"
- "\x5e\xc4\xc4\xca\x4a\x11\x91\x35\x57\x36\xf8\x7f\x8f\xe1\x28\xc5\x62\xe3"
- "\x0d\xc7\xeb\x9f\xf5\x34\x38\x60\x43\x65\x9f\xcd\x43\x9d\x6e\x52\x11\x17"
- "\xab\xc0\x5d\x2c\x89\x5e\x47\x00\xf4\x46\x71\xa3\xcf\xbe\xff\x16\xaf\xcd"
- "\x9a\x7b\xfc\x1f\x5c\x3b\x12\x71\xb3\x54\xcf\xff\x46\xfe\xaa\x1f\x19\x88"
- "\x34\x3f\x67\xb0\xe5\xfb\x6d\x37\x8d\x46\xc4\xd1\x8b\xff\x7e\x9d\xbd\xa2"
- "\x78\x0e\xe1\xdb\x32\x00\xb0\x81\x7e\x38\x12\x11\x2f\xb4\x9b\xff\xa5\xf1"
- "\x50\xd3\x79\xf7\xe6\x6b\x28\x23\x11\x71\x5f\x44\xec\x8a\x88\xfb\x23\xe2"
- "\x81\x88\x78\x30\xa2\x76\xee\xc3\x11\xf1\xc8\x6d\xd6\x3f\xda\xb2\x7d\xeb"
- "\xfc\x33\xbd\xba\xa6\xc4\x56\x29\x9b\xff\x1d\xce\xd7\xb6\x96\xce\xff\x8a"
- "\xd9\x5f\x8c\x94\xf2\xad\x9d\xb5\xfc\x07\x93\x63\x27\x2a\xe5\xfd\xf9\xdf"
- "\x64\x2c\x06\x87\xb2\xed\xc9\x65\xea\xf8\xf1\xb5\xdf\xbe\xec\x74\xac\x31"
- "\xff\x1b\x8a\xda\x1c\x30\xab\xbf\x98\x0b\xe6\x71\x5c\x1d\x18\x5a\x7a\xcd"
- "\xec\xf4\xc2\xf4\x7a\x72\x6e\x76\xed\xd3\x88\x3d\x03\xed\xf2\x4f\x1a\x2b"
- "\x01\x49\x44\xec\x8e\x88\x3d\x6b\xac\xe3\xc4\x73\xdf\xee\xed\x74\xac\x79"
- "\xfe\xdb\x3e\xff\x56\x5b\x16\x8b\x03\x6b\x0c\xa8\x49\xf5\x9b\x88\x67\xeb"
- "\xfd\xfa\x62\xb4\xe4\x5f\x48\x1a\xeb\x93\x69\xbb\xf5\xc9\x89\x7b\xa2\x52"
- "\xde\x3f\x51\xf4\x8a\x5b\xfd\xf2\xeb\xa5\xb7\x3b\xd5\xbf\x6c\xfe\x23\xeb"
- "\xcf\x6f\x25\x59\xfb\x6f\x6b\xdb\xff\x1b\x46\x92\xe6\xf5\xda\xf9\xdb\xaf"
- "\xe3\xd2\x1f\x5f\x74\x4c\x65\xe5\xf6\x6f\xdf\xff\xb7\x24\xef\xd6\xca\x45"
- "\x6f\xf8\x78\x7a\x61\xe1\xcc\x64\xc4\x96\xe4\xcd\x5b\xf7\x4f\x2d\x5e\x5b"
- "\x6c\x17\xe7\x67\xf9\x8f\xed\x6b\x3f\xfe\x77\xe5\xd7\x64\xf9\x3f\x1a\x11"
- "\x59\x27\x7e\x2c\x22\x1e\x8f\x88\x27\xf2\xd8\x9f\x8c\x88\xa7\x22\x62\xdf"
- "\x32\xf9\x5f\x79\xf5\xe9\x0f\x3a\x1d\xbb\xfd\xfe\x1f\x4b\xf2\x5b\xaf\x2c"
- "\xff\xd9\xb6\xed\xdf\xe8\xff\x2d\xed\xbf\x4c\xa1\xb8\xa6\xe5\x50\xe9\xe4"
- "\x4f\xdf\x77\xaa\x7f\x75\xed\x7f\xb0\x56\x1a\xcb\xf7\xac\xe6\xf3\x6f\x85"
- "\x48\xd7\xd1\x9b\x01\x00\x00\xe0\xce\x93\x46\xc4\x8e\x48\xd2\xf1\x46\x39"
- "\x4d\xc7\xc7\x23\xb6\xd7\x9e\xed\x6e\x4b\x2b\x73\xf3\x0b\xcf\x1f\x9b\xfb"
- "\xe8\xf4\x6c\xed\x37\x02\x31\x12\x83\x69\xf1\xa4\x6b\xb8\xe9\x79\xe8\x64"
- "\xfe\xb8\xaa\xd8\x9e\x6a\xd9\x3e\x90\x3f\x37\xfe\xaa\xb4\x35\x39\x56\xaa"
- "\x94\xc7\x67\xe6\x2a\xb3\xbd\x4e\x1e\xfa\xdc\xf6\x0e\xe3\x3f\xf3\x67\xa9"
- "\xd7\xd1\x01\x1b\x6e\x8d\xeb\x68\x5b\xbb\x1d\x07\xb0\xf9\xba\xb0\x8e\x0e"
- "\xdc\xa1\x96\x1d\xff\x49\xfe\x5a\xf2\x73\x01\xe0\x6e\xe1\xfe\x0f\xfd\xcb"
- "\xf8\x87\xfe\xd5\x6e\xfc\x5f\xe8\x41\x1c\xc0\xe6\x73\xff\x87\xfe\x65\xfc"
- "\x43\xff\x6a\x8c\xff\xa1\xde\xc6\x01\x6c\x3e\xf7\x7f\xe8\x4b\xab\xfa\x91"
- "\xbc\x82\x42\xad\x50\x8a\xc5\x3d\x91\xf6\x3e\x1e\x85\x8d\x2b\xf4\xfa\x93"
- "\x09\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa0\x3b\xfe\x0b\x00\x00"
- "\xff\xff\xa1\xfe\xf3\xac",
- 1122);
- syz_mount_image(
- /*fs=*/0x200000000000, /*dir=*/0x200000000100,
- /*flags=MS_I_VERSION|MS_SLAVE|MS_PRIVATE|MS_POSIXACL|MS_SYNCHRONOUS|MS_SILENT|0xc0600307*/
- 0xc0ed8317, /*opts=*/0x200000000140, /*chdir=*/0xe, /*size=*/0x462,
- /*img=*/0x200000000d40);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/1ul, /*proto=*/0);
- if (res != -1)
- r[104] = res;
- syscall(__NR_fcntl, /*fd=*/-1, /*cmd=*/8ul, /*pid=*/-1);
- syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0x10);
- *(uint16_t*)0x200000000000 = 0xa;
- *(uint16_t*)0x200000000002 = htobe16(2);
- *(uint32_t*)0x200000000004 = htobe32(0);
- memset((void*)0x200000000008, 0, 16);
- *(uint32_t*)0x200000000018 = 0;
- syscall(__NR_bind, /*fd=*/r[104], /*addr=*/0x200000000000ul,
- /*addrlen=*/0x1cul);
- *(uint16_t*)0x200000b63fe4 = 0xa;
- *(uint16_t*)0x200000b63fe6 = htobe16(2);
- *(uint32_t*)0x200000b63fe8 = htobe32(0);
- *(uint64_t*)0x200000b63fec = htobe64(0);
- *(uint64_t*)0x200000b63ff4 = htobe64(1);
- *(uint32_t*)0x200000b63ffc = 0;
- syscall(
- __NR_sendto, /*fd=*/r[104], /*buf=*/0ul, /*len=*/0x1eul,
- /*f=MSG_FASTOPEN|MSG_PROBE|MSG_OOB|MSG_NOSIGNAL|MSG_MORE|MSG_DONTWAIT|0x2000800*/
- 0x2200c851ul, /*addr=*/0x200000b63fe4ul, /*addrlen=*/0x1cul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/6);
- if (res != -1)
- r[105] = res;
- *(uint64_t*)0x200000000200 = 0;
- *(uint32_t*)0x200000000208 = 0;
- *(uint64_t*)0x200000000210 = 0x2000000001c0;
- *(uint64_t*)0x2000000001c0 = 0x200000000240;
- *(uint32_t*)0x200000000240 = 0xb8;
- *(uint16_t*)0x200000000244 = 0x19;
- *(uint16_t*)0x200000000246 = 1;
- *(uint32_t*)0x200000000248 = 0;
- *(uint32_t*)0x20000000024c = 0;
- *(uint32_t*)0x200000000250 = htobe32(0x7f000001);
- memset((void*)0x200000000260, 0, 16);
- *(uint16_t*)0x200000000270 = htobe16(0);
- *(uint16_t*)0x200000000272 = htobe16(0);
- *(uint16_t*)0x200000000274 = htobe16(0);
- *(uint16_t*)0x200000000276 = htobe16(0);
- *(uint16_t*)0x200000000278 = 0;
- *(uint8_t*)0x20000000027a = 0;
- *(uint8_t*)0x20000000027b = 0;
- *(uint8_t*)0x20000000027c = 0;
- *(uint32_t*)0x200000000280 = 0;
- *(uint32_t*)0x200000000284 = -1;
- *(uint64_t*)0x200000000288 = 0;
- *(uint64_t*)0x200000000290 = 0;
- *(uint64_t*)0x200000000298 = 0;
- *(uint64_t*)0x2000000002a0 = 0;
- *(uint64_t*)0x2000000002a8 = 0;
- *(uint64_t*)0x2000000002b0 = 0;
- *(uint64_t*)0x2000000002b8 = 0;
- *(uint64_t*)0x2000000002c0 = 0;
- *(uint64_t*)0x2000000002c8 = 0;
- *(uint64_t*)0x2000000002d0 = 0;
- *(uint64_t*)0x2000000002d8 = 0;
- *(uint64_t*)0x2000000002e0 = 0;
- *(uint32_t*)0x2000000002e8 = 0;
- *(uint32_t*)0x2000000002ec = 0;
- *(uint8_t*)0x2000000002f0 = 0;
- *(uint8_t*)0x2000000002f1 = 0;
- *(uint8_t*)0x2000000002f2 = 0;
- *(uint8_t*)0x2000000002f3 = 0;
- *(uint64_t*)0x2000000001c8 = 0xb8;
- *(uint64_t*)0x200000000218 = 1;
- *(uint64_t*)0x200000000220 = 0;
- *(uint64_t*)0x200000000228 = 0;
- *(uint32_t*)0x200000000230 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[105], /*msg=*/0x200000000200ul, /*f=*/0ul);
- memcpy(
- (void*)0x200000000080,
- "\x44\xf9\xb1\x08\xb1\xcd\xc8\x85\xc9\xc5\x33\xd2\x1f\x47\x4b\xec\x8b\xfe"
- "\xf1\xdf\x1e\x2d\xa7\x1e\x57\x8d\xc6\xb9\x1d\x09\xf7\xab\x15\x37\x85\x71"
- "\xd8\xe2\x75\x46\x09\x00\x11\x00\x6e\x75\x43\x69\x14\xab\x71\x75\x28\xee"
- "\x4b\x7a\x9b\xea\xf9\x08\xd1\x11\x37\xc1\x19\x03\x06\x4e\x83\xb4\x95\x1f"
- "\x4d\x43\x3a\x54\x04\x97\x0c\x85\xd9\x2d\x70\x83\xfd\x38\x84\x4c\xbb\x0c"
- "\x6c\x5e\xb5\x08\xdd\xc2\xdc\x7a\x59\x0a\xa7\x94\x1b\x1e\x9e\xeb\x5a\x68"
- "\x81\x38\xde\xa0\x9b\x77\x6c\xbf\xa7\x84\xcb\xf5\x50\xbf\x30\x74\xfb\x0d"
- "\x77\x5d\xa4\xdf\x5a\x3f\x48\xbb\xdf\x45\x2e\xeb\x6b\x92\x3d\xa9\xd0\xe2"
- "\x5b\x80\xf7\x6a\x87\x36\x64\xb5\x75\x34\x44\xfe\x05\xf3\x3e\x5f\x91\x04"
- "\x55\x40\x83\x6c\x3c\xd6\xaf\x10\xf0\xcd\x01\x8f\x0c\x6f\x57\xf9\x26\xac"
- "\x95\x9a\x56\x28\xc4\x50\x88\xfb\xe0\xc8\x7f\xbe\x6c\xbc\xda\x46\x62\xd2"
- "\xa1\x2f\x6d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
- 215);
- syscall(__NR_sendto, /*fd=*/r[104], /*buf=*/0x200000000080ul, /*len=*/0xd7ul,
- /*f=MSG_FASTOPEN|MSG_OOB|MSG_DONTWAIT|MSG_CONFIRM*/ 0x20000841ul,
- /*addr=*/0ul, /*addrlen=*/0ul);
- res = -1;
- res = syz_open_dev(/*dev=*/0xc, /*major=*/4, /*minor=*/1);
- if (res != -1)
- r[106] = res;
- *(uint64_t*)0x2000000021c0 = 0x200000000080;
- memcpy(
- (void*)0x200000000080,
- "\xee\xd6\x07\x05\x97\x03\xf2\xbc\xa1\xa2\xd2\x39\xe7\x9d\x8c\x1e\x95\xb6"
- "\x44\x99\x85\x74\xf6\x93\x60\x2d\xfc\xb8\x32\xcd\x60\x99\xd0\x3a\x7c\x7e"
- "\xa1\x05\x36\x1d\x2a\x0a\x7a\x90\xcb\x0e\x87\x86\xbd\x0f\xf3\xc8\x4c\x72"
- "\x30\x40\x9d\x40\x12\x66\x21\x6c\xbe\x55\xe6\x9d\x7d\xa8\x9d\x96\xb7\x9a"
- "\xf5\x6b\xaa\x96\x46\xf0\x98\x6e\xf7\x46\x9b\xf3\x98\x90\xcb\x92\x41\xed"
- "\x47\x87\x58\xdc\xc8\xbe\xae\x60\xee\xed\x76\x0e\xd6\x2a\xf7\x8b\xa1\x91"
- "\xb5\xfd\xb9\xd4\x88\x82\x8f\x56\x2d\x84\x0f\x97\x15\x9f\x22\x4f\x4a\x9b"
- "\xea\xcb\x76\x15\x10\x18\x07\x26\x04\x6f\xfa\xa3\x1d\x70\xa4\xc5\x36\xe4"
- "\x81\xdf\xc1\xe0\x8d\xb2\x40\xee\x89\x67\xfc\x1b\x2f\xa7\x46\xa4\xec\x13"
- "\xdd\x24\xc1\xcf\xa2\x67\x79\x72\x5b\x99\x68\xb5\xc7\x55\x41\x87\xec\x1a"
- "\xc5\x11\xf5\xe2\x0c\x35\xd5\x6e\x9f\x41\xfb\x6c\xf0\xb0\x39\x7a\xd5\x84"
- "\xa9\x0b\x99\x68\xae\xbb\x94\x10\x31\x09\x90\x08\x2c\x02\x57\xaa\xc8\x98"
- "\x2f\x12\x1f\x3a\xa9\xdf\x9c\x22\xfc\xf5\x49\xb8\x4f\x46\x77\x2a\x27\xa5"
- "\x7e\x24\x86\x62\xbe\x3b\x7a\xe9\x10\x02\x04\xe8\xf7\x5d\xcd\x89\x11\xac"
- "\xdd\x37\x6b\x38\xb6\x42\xd1\xa9\x15\x11\x89\x4e\xda\x2f\x5f\xa5\xe6\xf7"
- "\xb2\xd1\x20\xd8\xba\x82\xb6\xa3\x93\x55\xbb\x4d\x13\xf2\x86\x88\xb4\xb0"
- "\x95\x6d\x7f\x7f\x7f\xb8\xbf\x06\x7a\xf6\x40\xc9\xed\x4a\x1c\x65\x73\xb9"
- "\x41\xb6\x41\x75\xe8\x7a\xa4\x16\x40\x52\xa9\xd9\x4e\xd8\x1f\x87\xec\x60"
- "\x69\xb8\x4c\x5a\xae\xf4\x67\xed\xba\xda\xbb\xe8\x45\xa7\xd7\x5a\xf3\x39"
- "\x99\x89\x9d\xfa\x88\x7c\x67\x00\x7e\x8c\xec\x6e\xad\x9f\x6c\xb3\xd2\xb5"
- "\x6d\xff\x0f\x3a\x0d\x06\xa7\x2d\x0c\x56\x0e\x31\x8a\xc4\x9c\x2f\xb6\x83"
- "\xb6\x4a\x51\x2f\x09\xcc\x3d\xc4\xe7\xdf\x6d\x58\xe3\x1b\x81\x63\x7d\x90"
- "\xe2\xf0\x12\x3f\xd0\x21\x42\x72\x3c\x97\x5e\x89\xb2\x96\x86\x57\x71\xa0"
- "\x93\x3e\x25\x91\x15\x82\x10\xe7\x93\x14\x32\x25\xf4\x67\x1b\x50\xc0\x2e"
- "\xfa\xa0\x32\xed\xfe\xf7\x93\x9a\x17\x75\x3f\x72\x43\x88\xa2\xd6\xba\x88"
- "\x21\xc3\xce\x4c\x40\x7a\xc7\x4d\x35\x1d\x35\x0c\xd2\xb9\x8a\x8a\x63\xdb"
- "\xb0\x0b\x7c\x68\x59\xb1\x1a\x64\x0e\x34\xa3\x38\x73\x63\x09\xe3\xc0\x80"
- "\x47\xf1\x80\x4b\x77\xdd\x13\x51\xa1\xfa\x66\xfe\x6b\x80\x59\xf9\xe6\x31"
- "\xfb\x44\xfa\xf6\xc4\xa2\xbd\xd7\x16\xd9\x3d\x66\x9d\xc1\x4d\xba\xa4\x2e"
- "\xf1\x28\x67\x1b\xba\x50\xc7\xcf\x25\x84\xea\x93\x0e\x1f\xfc\xb7\x11\x84"
- "\xe5\xa9\x29\xdb\xf7\xc7\xdb\xc0\x6d\x80\x4e\x6c\x1f\x53\x6a\x3a\x1b\x33"
- "\x6a\x7a\x55\x39\xa8\x87\x9c\xa4\xea\x3c\xbe\x4e\x25\x47\x22\xf4\x3f\x07"
- "\x08\x61\xd1\xd0\xdf\x18\xcb\xfc\xe8\x53\x84\x21\x34\x54\x7e\xd3\x7a\xd6"
- "\xc2\xd7\x57\xf7\x6f\x8a\x29\x94\x3d\x57\x38\xd5\xe7\xaa\xbf\x4c\xad\x6f"
- "\x5d\xe6\xf5\x3a\x2b\x6f\x33\x6f\x19\xf4\x1e\x14\x42\x31\x08\x32\x14\x62"
- "\x47\x33\xe3\x6a\xb7\x42\x08\x6d\x9f\x78\x68\x89\xd5\xaf\x36\xc0\xe2\xc6"
- "\xa7\x31\x14\x81\x58\xd8\xb6\xc6\xdb\x31\x8d\x33\x52\x9d\x98\x81\x5b\x93"
- "\xca\x9e\xfd\xa1\x46\xf8\xdc\x4e\xc9\xdf\x08\xf4\x32\x53\xf5\x5c\x2d\xcc"
- "\x48\x0a\x0e\x8b\x85\xc1\x84\xad\x13\xdb\x79\xd4\x01\x79\xad\x4c\x43\xe3"
- "\x0f\x6f\x8e\xe8\x8e\xa9\xfb\xd5\x22\x8b\x26\xb9\x07\xf4\x6f\xfc\x5c\x2b"
- "\x59\x4a\xde\x4f\x48\xde\xe4\x56\x1a\xe9\x9c\x7f\xb8\x1f\xd7\x49\xcf\x9a"
- "\xa3\x6a\x01\xb5\x7b\x77\x0b\x77\x21\xbf\x29\x44\x18\x24\x17\x35\x44\x97"
- "\x95\x01\x6e\xd0\x59\x7d\x66\xa6\x84\x5a\xf6\x8d\x0d\x44\x23\x2c\x4f\xfb"
- "\x61\x60\xa4\x57\xde\x63\xab\x8b\xf8\xfe\x5f\x02\xf4\x03\x77\x93\xa3\x59"
- "\xf0\x79\x9c\x90\x6a\x62\x87\xaa\x00\x00\x4a\xfa\x09\x94\x9e\xa7\x87\xaa"
- "\x73\xa6\x94\x16\xb3\xb9\xe3\x24\xca\x33\x6b\x35\x19\x7e\x7f\x3f\x8d\x14"
- "\x19\xb8\x56\x67\x6f\x9e\xf2\xf7\xce\x14\xce\x12\xe2\x3c\x72\xac\xa9\xe1"
- "\x2f\xba\xf1\x18\x63\xd5\xb9\xd7\x75\x99\x86\xfa\x00\x62\x59\x9f\x8c\x35"
- "\x16\x4b\x7f\xd7\xe9\xe1\x45\x49\xba\x88\x3a\x24\x4f\xea\xa6\x07\x82\x79"
- "\xcf\x64\x12\xf1\x3c\xb0\x88\x3f\x62\xba\xf7\xcd\xa4\xb4\x81\xc2\xb0\x88"
- "\xeb\xd3\x69\xc1\x2a\x24\x33\xa4\x8c\x24\xd3\x13\x31\xa9\x40\x16\x25\x1f"
- "\x3b\x86\xdd\xe8\x84\xbd\x5a\xa7\xb1\xd5\x4d\xc8\x92\xf6\xeb\x9f\xf8\x47"
- "\x76\xc3\x81\x84\x78\xb9\x8a\x8b\x9f\xb4\xa9\xbd\x18\xa2\x7e\xcf\x4e\x7d"
- "\xd9\x95\xcd\xc6\x96\xfb\xfa\x32\x60\xf1\x60\xe5\x90\xe6\xd3\x11\xb4\xba"
- "\x53\xeb\x11\x1c\xc6\x9c\x1a\x18\x6e\x98\x05\xd8\x0f\xdc\x03\x58\x24\x78"
- "\xc9\x9a\xef\x40\x29\x4c\xa7\x2b\xf9\x65\xba\x97\x7a\x7f\x6f\xca\x5f\xa8"
- "\x6a\x11\x0d\xe0\x02\x60\x3f\x2d\x0e\x92\xce\x93\x60\xbd\x83\x3d\xb6\x2c"
- "\xb8\x54\x7e\x28\x15\xa1\xf5\x4d\xe4\x81\xf7\x45\x88\xf1\x2e\x40\x31\x22"
- "\x23\xe3\x95\x79\xd5\xe3\xc9\x21\xeb\x4e\x62\xb2\x86\x80\xc6\xc3\x50\xb8"
- "\x0d\x6a\xa6\x25\x97\xd1\x9d\x3c\x1c\x12\x35\x64\xdb\xfa\x06\x86\xfd\xf8"
- "\x58\xa1\x0f\x81\xda\x38\x4e\x26\x1c\xed\x07\x8b\xb3\xb2\x26\x9a\xc9\xf6"
- "\x1c\xa0\x66\xbb\xb2\xbc\x65\xdb\x1f\x4b\xf1\xb4\x45\xca\x57\xdc\x32\x37"
- "\x4e\x67\xb9\x45\x93\x2f\x7f\x01\x96\x06\x92\x19\xc7\x77\x23\x67\x7d\x13"
- "\xef\x54\x05\x3b\xd0\x6a\x6b\xf7\x00\x41\x01\xcb\x0d\x1f\xce\x78\xc5\x9e"
- "\xce\x5e\x3a\x3c\xe4\x61\x5d\x5b\x03\xf2\x79\x7e\xed\x62\x48\xfa\xed\x2a"
- "\x49\x4c\x2c\xd5\x10\x28\x0f\x4f\x6b\x56\x99\xcc\x2c\xdb\x74\x03\x7a\x20"
- "\x2f\xf1\x1c\x24\xd9\x61\x09\xb8\x12\xd9\x7a\x2b\xab\x0f\xa0\xea\xed\x5b"
- "\x29\x21\xdb\xb3\x1b\xb9\x5a\x5f\x63\x4a\xd8\x4d\x23\x06\xa4\x0e\xdc\xaa"
- "\x3f\x81\xed\xf2\x89\xec\xda\xd9\x2c\x03\x64\x74\x54\xa7\x19\x74\x50\x8b"
- "\x53\xbc\x28\xf2\x63\x79\xa6\x9b\x4c\x51\xd9\x50\x5e\xac\x0a\x23\x5d\x5c"
- "\x31\xda\x3f\xa5\xcc\x7d\x74\x7c\xea\x40\xac\x54\xf8\x84\x35\x78\x21\xb6"
- "\xc3\x3c\xf6\x34\xf0\x16\xd5\x35\xb3\x34\x8a\x3b\x5e\x17\x9e\x6f\x48\x08"
- "\xfe\x3a\xda\xcb\x30\xf7\xfd\x17\x1a\xa2\x9a\x28\x65\x07\xb5\x16\xda\xbd"
- "\xea\x2d\xf7\x45\x6e\xbc\x32\xdd\xd8\x39\x1e\x47\x79\xbb\xfc\x65\xd0\x0e"
- "\xa1\x34\x0e\x27\x54\x43\xa4\x4f\xf1\x74\x85\xeb\xac\xd8\xcf\xdd\xb0\x82"
- "\xfe\x09\x6f\x7a\x61\x38\xc5\xf3\x5d\x66\x5b\x60\x85\x9d\x8c\x22\x82\x80"
- "\x17\x30\x9d\xa1\xfa\x5c\x48\xbf\x00\x88\x07\x6e\x46\x52\x15\xe9\x21\x35"
- "\x3f\xde\xc2\x46\x65\x18\x48\x88\x33\xf7\x94\x3a\x5f\x82\x93\x63\x07\x8d"
- "\xc9\x05\xbd\xf0\x54\x4f\x36\xd9\xff\x0a\x9e\x87\xec\x74\x71\xa2\x36\x81"
- "\x31\xa9\xc3\x99\x91\xa5\x72\xfd\xe0\xdc\x9b\x91\x07\x93\x36\x43\xc9\xb8"
- "\x99\xe0\x21\x18\x61\xfb\xe7\xf2\x64\x81\xfb\x15\x38\xc9\x86\x1d\xf4\xd8"
- "\xd8\x33\xf7\xa4\x8a\xa2\x1f\xd9\xc4\x62\x58\x9f\x0e\x90\x77\x2b\xe7\x89"
- "\xcb\x32\xa4\xe3\xaa\x16\xd8\x6a\xa4\x01\x67\xe5\xc4\xa8\xb1\x36\xf7\xe0"
- "\xbf\x65\xe9\xa1\x3c\xe5\xc0\x2e\xa0\x5c\x9b\xdc\x8b\x50\x48\xbd\x68\x43"
- "\x98\x84\x30\xe0\xe0\xfb\x06\x95\x22\xe7\xb2\x72\x70\x15\xd6\x3c\x94\x8f"
- "\xe1\xb8\x03\xe3\xb0\x8d\x6d\x5e\x73\x5f\x1b\xe2\x88\x23\x17\x7a\x08\xae"
- "\x31\xab\x41\x63\xf0\x9f\xf2\x09\xb8\x54\x05\x02\xb2\x64\xd1\x2b\xdd\x35"
- "\x6a\x43\x3b\x5f\x2c\x3b\xb0\xc0\xde\xd1\x28\xce\x5d\xed\x14\x76\x23\x7b"
- "\xb3\xf4\xd5\x58\xc5\xfc\x1e\x7e\x98\x36\x36\xfc\xb2\xe7\xe2\x69\xfb\x26"
- "\xb1\x78\x3a\x9a\x99\xc8\xbe\xcf\xc2\x14\x1a\x50\x1c\xf0\xfd\xba\xb9\xd1"
- "\x3d\xef\xb0\x0c\x9b\x3e\x0d\xc1\xf5\x48\x31\x13\x93\x14\xb5\x03\xc5\xa2"
- "\xc3\x77\xce\xfb\xb2\x95\xe6\x82\x4d\x77\x00\x32\xaa\x2b\x51\xdc\xcc\xea"
- "\xcd\xeb\x57\x2a\x2c\x25\xf9\xec\x99\x0e\x4b\x83\xaf\xa2\xa4\x06\xa7\x2a"
- "\x35\xa4\xca\xe6\x17\xf2\x54\x2f\x4a\x3d\x60\xfc\x02\xf6\x29\xfb\xf5\x4c"
- "\xda\x85\xa8\x4e\x97\xca\x24\x44\x57\x98\x97\xaa\xd3\xb7\x31\x6d\x4e\xe8"
- "\x00\x2f\x93\xb8\x2b\x13\xcd\xa7\xc5\x3e\xce\x97\xb9\x4a\x7c\xf1\x0f\x1a"
- "\x4c\x73\xda\x6f\x3a\x89\xbe\x51\x19\x42\x41\x42\x75\x47\xf3\x13\xcc\x47"
- "\x95\x53\x81\xcb\x74\xa5\xaf\xb7\x35\xa6\xe3\x69\x9f\x36\x43\xfe\xe5\x96"
- "\x98\x55\x3c\xc3\x58\x63\x1f\x2a\x47\x08\x28\x8d\x86\xe5\x29\xb8\x25\x58"
- "\xe5\x78\x93\x03\xdb\xc9\xad\x0d\xd7\x7a\x98\x9d\x07\xe1\x63\x8d\x39\xb0"
- "\x9e\x9e\x47\xf3\x91\x7e\x0f\x5b\x9d\x0e\x48\x61\xbb\x44\x04\x63\xd7\x33"
- "\x33\x63\x0e\x95\xf5\x1a\xb0\x13\xa6\x96\x17\x95\xfe\x44\x83\x9f\x57\x5a"
- "\x17\xb8\x0e\x96\x46\xa0\xd3\x80\xe2\xca\x35\x2e\x5c\x7c\x8a\x85\xe0\x78"
- "\xef\xca\x17\x00\x46\xaf\xa8\x23\xa9\x29\xa1\xf6\x92\x68\xd7\xf1\x8c\xae"
- "\xe6\x70\xa2\x9c\xb9\xe7\xee\x92\x4d\xf3\x48\xe3\xcb\xdd\x8c\x13\x24\xed"
- "\xd0\x8f\x07\xf1\x24\x3b\x48\xfa\x55\xab\x30\x3e\x51\x30\x4e\x6e\xdf\xe5"
- "\xfb\xc3\xb9\xde\x1a\x69\x24\x17\x9c\x9b\x99\x27\x34\xea\x5f\xa2\x71\xc0"
- "\x99\xfe\xc8\xa5\x24\x76\x72\xa6\xe0\xf5\x51\x69\x1d\xec\xb8\xbe\xc9\xf9"
- "\x49\x4c\x7a\x26\x19\x50\xd1\xc4\xcb\x24\x0c\xfa\xc0\x5e\x05\x72\x71\x8a"
- "\x33\xba\x40\x38\xec\x03\xaf\x1c\x68\xb0\x67\xda\x19\xaf\xda\x71\x58\x2c"
- "\xca\x97\xa8\x01\xb8\x9b\x27\x72\x66\xe2\x91\xe7\x74\x0e\x76\x7b\x91\xe1"
- "\x0a\x57\xa2\x80\x6a\x6f\xa9\x99\x0c\x51\xb5\x21\xd0\x0a\x47\x33\x38\x47"
- "\x63\x03\x21\x94\x5d\x1f\x53\x60\x1a\x21\x59\x6c\x28\x14\x13\x63\xcf\xd4"
- "\xa4\x57\x94\x78\x32\xd7\x54\x5f\xf6\x56\x6e\x10\xc1\xc1\x6d\xa8\xfe\x8a"
- "\xb4\x0d\x4a\x4a\xfa\x8f\x19\x13\x92\x33\x2a\xcb\x53\x71\xd1\xff\x86\xed"
- "\x2f\x58\x8a\x62\x01\xa0\x93\xa0\x0f\x86\x86\x84\x98\x14\x93\x60\x28\xae"
- "\x79\xaf\x9d\xd8\x64\x75\x7b\xb9\xc2\x61\x4a\x9e\x76\xd6\xfa\xe7\xe6\xc0"
- "\x84\x17\x88\xb7\x15\xaa\x73\xd2\xf0\x1c\x3d\x4b\x0d\xcd\xb3\x8c\x5c\x6b"
- "\x81\xe6\x0d\x12\xb1\xca\x72\xb6\xc4\x7f\x5f\x3e\xb8\x83\xaf\x96\x4b\x87"
- "\x7e\xfa\x0c\x5a\xcf\xbd\x7f\x41\x0a\x06\x0c\x56\xa1\x79\x8f\x0c\x40\x7c"
- "\xb3\x16\xf7\x88\xe3\x0c\xf3\xd6\x9f\x19\x25\x33\xe1\x9a\x81\x8c\x8f\x7a"
- "\xa9\x90\xa6\xd9\x94\xe2\xad\x77\x56\x38\x8e\xc0\x17\x4c\x1c\x0a\x42\x24"
- "\x9e\x90\x3f\x32\x35\xfe\xa2\xd6\x5d\x54\x0f\xdc\x1c\x03\xe1\x57\x86\x52"
- "\x87\x87\xc8\x0c\x61\x94\x76\x36\x41\xcf\x7f\x85\xf5\x49\xea\x70\x6a\xa1"
- "\xb0\x7e\x4b\x29\x03\x71\x4b\x7f\x17\x64\x20\x2e\x53\x2b\x52\xe7\xaa\x8c"
- "\x06\x3f\xae\x17\x0e\xa9\x33\x62\xc7\x79\x4f\x32\xcd\x5e\xd3\xcb\x39\xa2"
- "\xa1\x8a\xcd\xa3\x66\xed\x03\x1a\x11\x4e\x9f\xb4\x7b\xea\xc6\x9b\xf0\x5f"
- "\x25\x8d\x77\xad\x41\x81\x91\x60\x16\x7c\x5b\x0f\x6d\x34\xf1\xd0\x63\xab"
- "\x2e\xf3\x19\xfc\xef\x2c\x23\x05\x8f\x85\xcc\x45\x3f\x6e\x40\x54\x7a\x99"
- "\xbc\xcb\x31\x7a\x4c\x19\xe2\xb3\xd9\x95\x05\xa2\x4e\x77\x3f\x2e\xe1\x0b"
- "\x88\x44\x3f\x48\x9b\xcb\xa4\x76\xe7\x86\xb4\xdc\xce\x1c\xd8\x19\xe0\x08"
- "\x06\xd7\x66\xaf\x56\x80\x42\x04\xab\xbf\xb8\xa7\xf8\xe2\xf3\xb3\x99\x52"
- "\x4a\x06\xea\xcb\x20\xb1\x45\x9c\x8f\x9c\x8a\x15\x74\x23\xc4\xa0\xd1\x8e"
- "\x56\x09\x79\x59\x61\xa6\xb0\xb8\xac\xd6\x43\xfe\x30\xfd\xdd\x00\x77\x40"
- "\x14\x5a\xe3\x1b\x08\x55\xbb\x8b\x02\x83\xa4\xe1\x39\x40\xb9\xaf\x0f\x84"
- "\x27\xf0\x90\x59\xac\x0f\x1e\xe1\x50\x77\x75\xf6\x74\x3d\xeb\xef\x31\xc8"
- "\x2c\x63\xfa\x8c\x5a\xdb\x08\xf0\x5e\x38\xfc\x37\xb0\x7d\x8a\x2f\x4d\x62"
- "\xb9\xeb\x47\x48\xb9\xe0\x28\xc7\x66\x7a\xc8\xea\x03\xf6\x4c\xbe\x9f\x9a"
- "\x3e\x75\xe4\xd5\x7b\x11\xf0\x2c\x72\x02\x4a\x65\xbc\x4f\x14\xfd\x3a\x0e"
- "\xab\xb3\x9b\x06\x2a\x7c\x68\x54\xa2\x99\xee\xf7\x49\x1b\xf1\x0c\x09\x6c"
- "\x50\xcf\xa4\xa3\xda\x48\x3f\x42\x93\x92\x05\x38\x3a\xe8\x31\x96\x04\xf7"
- "\x42\xab\x49\x82\x80\x1f\x0c\x83\xda\xbb\xd9\xda\x48\xe8\x00\xf5\x10\xdf"
- "\xec\xc2\x24\xf0\xb1\x83\xa8\x01\xdf\x96\xd2\x87\x06\x8f\xca\xad\x6c\xdd"
- "\xd4\x12\xc7\x96\xa4\x81\xd6\x09\xdb\xfd\x77\xe8\xb2\x96\xdc\xe8\x6f\xf8"
- "\xef\xa1\x0b\x23\xae\xc2\x61\xc0\x27\x58\x2f\x6a\x77\x0f\xf9\xf0\xf7\xa9"
- "\x9d\x8b\xa4\x94\x95\xf4\x69\x6c\xd6\xec\xa9\x20\xce\x17\xe0\xf0\xb1\x35"
- "\x38\x33\x68\x20\xf8\xc0\x1c\x7e\x95\x55\x67\x7a\x94\x5c\xfe\x8c\x5b\x25"
- "\x8b\xee\xb2\x41\x5c\x58\xdc\xe1\x73\xb3\x45\x8e\x27\x3e\x23\xbf\x6e\xbe"
- "\x2f\xea\xa2\xe9\x3d\xa4\x24\xb5\x18\x81\xb7\x32\xc4\x73\x56\xbb\x60\xde"
- "\xa0\x0a\xe1\x24\xe1\x6a\xa0\xa0\x6a\x4f\xeb\x2a\x32\x1e\x91\xd7\x18\x1d"
- "\x25\x8a\x3e\xe9\x52\xda\xf8\x23\xe5\x18\xc9\x36\x37\xfa\x0e\xfc\xf5\x01"
- "\x9a\xa4\x9a\x1c\x7f\x38\xd7\x68\xa9\xbb\x7d\xbb\xa3\x7e\x1e\xbe\x90\x3b"
- "\xf9\xbf\x19\x7e\x6b\xa7\x87\x72\x64\xd8\x5e\xb2\x01\x46\xe5\x10\x50\x1c"
- "\x7c\x1e\xdb\x48\x7c\xf1\x2b\x1d\x8a\x7f\x39\xb2\x7f\xfd\x7c\xb4\xd8\xf8"
- "\x09\x2e\xe5\x4a\xcd\xc1\x39\x0b\x17\xea\xe1\x31\x14\x97\x87\xf0\xf5\x85"
- "\xef\xb6\xe3\xa7\x07\x32\x63\xf2\x95\x5c\x4d\xd6\xb6\xa4\xc9\x79\x1a\x66"
- "\x94\xa6\xce\x9f\x00\x59\x5e\x9c\x22\xed\xda\x61\x0d\x60\x62\x11\xf5\x62"
- "\x8a\x87\x16\x2d\x92\xa3\x75\xa7\xcd\x92\x71\x4a\x37\x83\x06\x52\xb9\xcd"
- "\x1f\xb8\x5d\xeb\x77\xe8\xc4\xf7\xac\x28\xf0\x86\x8a\x7e\x27\x61\xae\xeb"
- "\x91\xa3\x5a\xb7\x1b\x5a\x55\x7c\x21\x35\x8c\x60\xfb\xd0\xf5\x44\xb2\x60"
- "\xde\xfb\xc3\xae\xda\x44\x48\x11\xdf\x2f\x08\xc7\x4c\xcf\xad\x45\xc4\x21"
- "\x71\x42\x95\x4f\xaf\xc4\x2f\x66\xf4\x0d\x4e\xf9\x00\x95\x6e\xad\x58\xee"
- "\xb8\x7e\x2b\x1a\x74\x7f\x86\x9b\xc7\x1c\x36\xed\x4c\x01\x5a\x59\xb9\x6f"
- "\xd8\x50\x72\x09\x80\xa7\x8b\x8b\x1b\x63",
- 2944);
- *(uint64_t*)0x2000000021c8 = 0xb80;
- syscall(__NR_writev, /*fd=*/r[106], /*vec=*/0x2000000021c0ul, /*vlen=*/1ul);
- memcpy((void*)0x200000000000, "/sys/module/snd_hda_core", 24);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*dir=*/0x200000000000ul, /*flags=*/0, /*mode=*/0);
- if (res != -1)
- r[107] = res;
- *(uint64_t*)0x2000000003c0 = 0x200000000300;
- *(uint64_t*)0x2000000003c8 = 0x87;
- syscall(__NR_readv, /*fd=*/r[107], /*vec=*/0x2000000003c0ul, /*vlen=*/1ul);
- memcpy((void*)0x200000000200, "ext4\000", 5);
- memcpy((void*)0x2000000047c0, "./file0\000", 8);
- *(uint8_t*)0x200000000580 = 0;
- memcpy(
- (void*)0x200000000240,
- "\x78\x9c\xec\xdd\x4d\x6c\x23\x57\x1d\x00\xf0\xff\xd8\xf1\x36\xdb\xcd\x92"
- "\x14\x38\x94\x4a\x2d\x2b\x28\xda\xad\x60\xed\xa4\xa1\x6d\xc4\xa1\x5d\x24"
- "\xc4\xad\x12\xa8\xdc\x97\x28\xf1\x46\xd1\x3a\x71\x14\x3b\xed\x26\xaa\x68"
- "\x2a\xae\x48\x48\x08\x01\x12\x27\x4e\x5c\x90\x38\x70\x44\x42\x3d\x73\x42"
- "\x95\x2a\xd1\x3b\x02\x04\x42\x74\x0b\x07\x0e\xc0\xa0\x19\x8f\xb3\x8e\x6b"
- "\x27\xbb\xc2\x1f\x69\xf2\xfb\x49\xcf\x7e\x6f\xbe\xfe\xef\x25\xf2\x9b\x79"
- "\x33\xe3\x71\x00\x17\xd6\xb5\x88\xb8\x15\x11\xe5\x88\x78\x2e\x22\xe6\x8b"
- "\xe9\xa5\x22\xc5\x61\x27\x65\xcb\x7d\x78\xff\xcd\xb5\x2c\x25\x91\xa6\xaf"
- "\xfd\x3d\xc9\xd7\xc9\xca\x11\x91\xf4\x6e\xf3\x4a\xb6\x4a\xf9\x78\x8c\x7e"
- "\xad\xfd\x83\xbb\xab\x8d\x46\x7d\xb7\x28\xd7\xda\x5b\x3b\xb5\xd6\xfe\xc1"
- "\xcd\xcd\xad\xd5\x8d\xfa\x46\x7d\x7b\x79\x79\xe9\xc5\x95\x97\x56\x5e\x58"
- "\x59\x3c\xb5\x0d\xc9\x07\xa7\xb7\xf3\x6a\x44\xbc\xfc\xb5\x3f\xff\xe8\xfb"
- "\x3f\xff\xfa\xcb\xbf\xf9\xd2\x1b\x7f\xb8\xfd\xd7\x1b\xdf\xc9\x2a\x3d\x57"
- "\xcc\x2f\xda\xd1\x63\xe7\x7b\xa7\x6f\xf5\x74\xef\xe7\xaf\x95\x98\xed\x99"
- "\x36\x13\x11\xbb\xa3\xd8\xf8\x19\x50\x2e\xda\x53\x39\x69\xa1\xcb\x93\xab"
- "\x0f\x00\x00\x27\xab\x46\xc4\x27\x23\xe2\x73\xf9\xf1\xff\x7c\x94\xf3\xa3"
- "\xb9\xdc\x89\x87\x74\x00\x00\x00\xc0\xc7\x47\xfa\xca\x5c\xfc\x3b\x89\x48"
- "\x01\x00\x00\x80\x73\xeb\x95\xfc\x1e\xd8\xa4\x54\x2d\xee\xf7\x9d\x8b\x52"
- "\xa9\x5a\xed\xdc\xc3\xfb\xe9\x78\xbc\xd4\x68\xb6\xda\x5f\xbc\xd3\xdc\xdb"
- "\x5e\xef\xdc\x2b\xbb\x10\x95\xd2\x9d\xcd\x46\x7d\xb1\xb8\x57\x78\x21\x2a"
- "\x49\x56\x5e\xca\xf3\x0f\xca\xcf\xf7\x95\x97\x23\xe2\x89\x88\xf8\xe1\xfc"
- "\xe5\xbc\x5c\x5d\x6b\x36\xd6\xa7\x7d\xf2\x03\x00\x00\x00\x2e\x88\x2b\x7d"
- "\xe3\xff\x7f\xce\x77\xc6\xff\x99\xf2\x48\xbe\x01\x0b\x00\x00\x00\x9c\x09"
- "\x0b\xd3\xae\x00\x00\x00\x00\x30\x76\xc3\xc6\xff\x47\x4f\xf5\x7e\x6c\x72"
- "\x75\x01\x00\x00\x00\xc6\xe3\x68\xfc\x6f\x9c\x0f\x00\x00\x00\xe7\xd1\x37"
- "\x5e\x7d\x35\x4b\x69\xf7\xf7\xaf\xd7\x5f\xdf\xdf\xbb\xdb\x7c\xfd\xe6\x7a"
- "\xbd\x75\xb7\xba\xb5\xb7\x56\x5d\x6b\xee\xee\x54\x37\x9a\xcd\x8d\xfc\x99"
- "\x7d\x5b\xa7\x6d\xaf\xd1\x6c\xee\x7c\x39\xb6\xf7\xee\xd5\xda\xf5\x56\xbb"
- "\xd6\xda\x3f\xb8\xbd\xd5\xdc\xdb\x6e\xdf\xde\x3c\xf6\x13\xd8\x00\x00\x00"
- "\xc0\x04\x3d\xf1\xd9\x77\xde\x4f\x22\xe2\xf0\x2b\x97\xf3\x94\xb9\x94\xbd"
- "\x94\x87\xac\xe0\x59\x01\x70\x6e\x94\x1e\x65\xe1\x3f\x8d\xaf\x1e\xc0\xe4"
- "\x0d\xdb\xcd\x03\xe7\xdf\xcc\xa3\xae\x90\x1e\xe5\x74\x1d\xf0\x71\x77\x38"
- "\xed\x0a\x00\xd3\x96\xf4\x16\x06\x1c\x14\xf4\xde\xbc\x73\xec\x9c\xc1\xef"
- "\xc6\x57\x27\x00\x00\x60\xb4\xae\x7f\x66\xf0\xf5\xff\x6c\x08\x50\x39\x71"
- "\xcd\x6b\x13\xaa\x21\x30\x2e\x8f\x74\xfd\x1f\x38\x57\x5c\xc4\x83\x8b\xeb"
- "\x84\xeb\xff\x8b\x03\x8e\x0d\xde\x1d\x6b\x65\x80\x89\xaa\x38\x02\x80\x0b"
- "\xaf\xe7\xfa\x7f\x3a\x68\xfe\xd0\x87\x77\x3c\xf4\xf5\xff\x34\x3d\x75\x5b"
- "\x00\x00\xc0\x58\xcd\xe5\x29\x29\x55\x8b\x6b\x81\x73\x51\x2a\x55\xaf\x45"
- "\x5c\xcd\xbf\xea\x5f\x49\xee\x6c\x36\xea\x8b\x11\xf1\x89\x88\xf8\xfd\x7c"
- "\xe5\xb1\xac\xbc\x94\xaf\x99\x1c\xbf\x67\x18\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x18\x2a\x4d\x93\x48\x01"
- "\x00\x00\x80\x73\x2d\xa2\xf4\x97\xa4\xf8\xfd\xaf\xeb\xf3\xcf\xce\xf5\x9f"
- "\x1f\xb8\x94\xfc\x6b\x3e\x7f\x8f\x88\x37\x7e\xfa\x5a\xe9\xde\x6a\xbb\xbd"
- "\xbb\x94\x4d\xff\xa0\x3b\xfd\x56\x44\xfc\x38\x9f\xfe\xfc\x34\xce\x60\x00"
- "\x00\x00\x00\xfd\xba\xe3\xf4\xee\x38\x1e\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x46\xe9\xc3\xfb\x6f\xae\x75"
- "\xd3\x24\xe3\xfe\xed\xab\x11\xb1\x70\x14\x3f\x39\x8c\x28\xe2\xcf\xc4\x6c"
- "\xfe\x3e\x1b\x95\x88\x78\xfc\x1f\x49\xcc\xf4\xac\x97\x44\x44\x79\x04\xf1"
- "\x0f\xdf\x8e\x88\x27\x7b\xdb\x5f\xc9\x63\x67\x11\x16\xf2\xaa\x75\x6a\xd1"
- "\x1f\xbf\x14\x11\x97\xc7\x12\xbf\xfb\xf7\xef\xc4\xbf\x14\xb3\x4f\xa7\x69"
- "\x3a\x30\xfe\x95\x11\xc4\x87\x8b\xec\x9d\xac\xff\xb9\x35\xe8\xf3\x57\x8a"
- "\x6b\xf9\xfb\xe0\xcf\xff\x4c\x91\xfe\x5f\x7d\xfd\xdf\xb1\xf8\xdd\xfe\xaf"
- "\x1c\x79\x17\xf8\x91\xfe\xef\xea\x43\xc6\x78\xea\xbd\x5f\xd6\x86\xc6\x7f"
- "\x3b\xe2\xa9\x99\xc1\xfd\x4f\x37\x7e\xf2\xa0\xfd\x47\x55\x18\xda\xf7\x0d"
- "\xf8\xa3\x7c\xfb\x5b\x07\x07\xc3\x16\x4f\x7f\x16\x71\x7d\xe0\xfe\x27\x39"
- "\x5a\x26\xcb\xd5\xda\x5b\x3b\xb5\xd6\xfe\xc1\xcd\xcd\xad\xd5\x8d\xfa\x46"
- "\x7d\x7b\x79\x79\xe9\xc5\x95\x97\x56\x5e\x58\x59\xac\xdd\xd9\x6c\xd4\x8b"
- "\xd7\x81\x31\x7e\xf0\xf4\xaf\xff\xdb\x37\xe9\x3f\x69\x47\xde\xfe\x18\x12"
- "\x7f\xe1\xa3\xed\x3f\x56\xa7\x67\xb3\x4c\xa5\xb7\x31\xfd\x61\x8a\x60\xef"
- "\xdd\xbb\xff\xa9\x4e\xb6\xd2\xb7\x89\x3c\xfe\x8d\xcf\x0f\xfe\xff\x3f\x79"
- "\x42\xfc\x6c\xdf\xf7\x85\x62\x3f\x90\xcd\xbf\xde\xcd\x1f\x76\xf2\xbd\x9e"
- "\xf9\xc5\xbb\xcf\x0c\xac\x58\x11\x7f\xfd\x41\xfb\x7f\x3b\xf0\xff\x3f\x7b"
- "\x29\x2f\xf7\xb7\xff\xc6\xb0\x8d\xf6\x79\xee\x9b\xdf\xfd\xe3\x43\x2e\x0a"
- "\x00\x4c\x40\x6b\xff\xe0\xee\x6a\xa3\x51\xdf\x1d\x5d\x26\x7d\x6b\xe0\xac"
- "\x9f\xa4\x69\x3a\xf2\x58\x32\x53\xcf\xbc\xf5\xb0\x0b\xcf\x8e\x30\xe8\xaf"
- "\xce\x46\xdb\x27\x9f\x29\x06\x25\x31\xde\x58\xa3\x38\xb3\x05\x00\x00\x9c"
- "\x35\x0f\x0e\xfa\xa7\x5d\x13\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\xb8\xb8\x5a\xfb\x69\x79\xc4\x0f\x0f\x4b\x22\x89\x63\x53"
- "\xfa\x63\x1e\x4e\xa7\xa9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x27\xfa\x5f\x00\x00\x00\xff"
- "\xff\xbe\x67\xde\x15",
- 1373);
- syz_mount_image(
- /*fs=*/0x200000000200, /*dir=*/0x2000000047c0,
- /*flags=MS_POSIXACL|MS_RELATIME|MS_NOSUID|MS_NOEXEC*/ 0x21000a,
- /*opts=*/0x200000000580, /*chdir=*/0xfe, /*size=*/0x55d,
- /*img=*/0x200000000240);
- *(uint64_t*)0x2000000003c0 = 0x200000000180;
- memcpy((void*)0x200000000180,
- "\x39\x00\x00\x00\x13\x00\x03\x47\x00\xbb\x65\xe1\xc3\xe4\xff\xff\x01"
- "\x00\x00\x00\x01\x00\x00\x00\x56\x00\x00\x00\x25\x00\x00\x00\x19\x00"
- "\x04\x00\x04\x00\x00\x00\x07\xfd\x17\xe5\xff\xff\x08\x00\x04\x00\x00"
- "\x00\x00\x00\x00\x00\x00",
- 57);
- *(uint64_t*)0x2000000003c8 = 0x39;
- syscall(__NR_writev, /*fd=*/-1, /*vec=*/0x2000000003c0ul,
- /*vlen=*/0x10000000000002a5ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=SOCK_RAW*/ 3ul,
- /*proto=*/1);
- if (res != -1)
- r[108] = res;
- res = syscall(__NR_socketpair, /*domain=*/1ul, /*type=SOCK_DGRAM*/ 2ul,
- /*proto=*/0, /*fds=*/0x2000000000c0ul);
- if (res != -1) {
- r[109] = *(uint32_t*)0x2000000000c0;
- r[110] = *(uint32_t*)0x2000000000c4;
- }
- *(uint16_t*)0x200000000180 = 0;
- *(uint8_t*)0x200000000182 = 0;
- *(uint32_t*)0x200000000184 = 0;
- syscall(__NR_connect, /*fd=*/r[109], /*addr=*/0x200000000180ul,
- /*addrlen=*/0x6eul);
- syscall(__NR_sendmmsg, /*fd=*/r[110], /*mmsg=*/0x2000000bd000ul,
- /*vlen=*/0x318ul, /*f=*/0ul);
- *(uint16_t*)0x2000000017c0 = 0;
- *(uint8_t*)0x2000000017c2 = 0;
- *(uint32_t*)0x2000000017c4 = 0;
- syscall(__NR_connect, /*fd=*/r[110], /*addr=*/0x2000000017c0ul,
- /*addrlen=*/0x6eul);
- syscall(__NR_close_range, /*fd=*/r[108], /*max_fd=*/-1, /*flags=*/0ul);
- memcpy((void*)0x200000000080, "memory.events\000", 14);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000080ul,
- /*flags=*/0x275a, /*mode=*/0);
- if (res != -1)
- r[111] = res;
- memcpy((void*)0x200000000140, "memory.events\000", 14);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000140ul,
- /*flags=*/0x7a05, /*mode=*/0x1700);
- if (res != -1)
- r[112] = res;
- sprintf((char*)0x200000000200, "0x%016llx", (long long)0);
- syscall(__NR_write, /*fd=*/r[112], /*buf=*/0x200000000200ul,
- /*len=*/0xf000ul);
- syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0xb36000ul,
- /*prot=PROT_GROWSUP|PROT_SEM|PROT_READ*/ 0x2000009ul,
- /*flags=MAP_SHARED_VALIDATE|MAP_FIXED*/ 0x13ul, /*fd=*/r[111],
- /*offset=*/0ul);
- *(uint64_t*)0x2000000000c0 = 0;
- *(uint64_t*)0x2000000000c8 = 0;
- syscall(__NR_cachestat, /*fd=*/r[111], /*cstat_range=*/0x2000000000c0ul,
- /*cstat=*/0ul, /*flags=*/0ul);
- memcpy((void*)0x200000007cc0, "ns/pid\000", 7);
- syz_open_procfs(/*pid=*/-1, /*file=*/0x200000007cc0);
- syz_init_net_socket(/*domain=*/0x10, /*type=*/3, /*proto=*/0x10);
- syscall(
- __NR_io_uring_enter, /*fd=*/-1, /*to_submit=*/0, /*min_complete=*/0,
- /*flags=IORING_ENTER_REGISTERED_RING|IORING_ENTER_EXT_ARG|IORING_ENTER_SQ_WAIT|IORING_ENTER_SQ_WAKEUP*/
- 0x1eul, /*sigmask=*/0ul, /*size=*/0ul);
- syscall(
- __NR_io_uring_enter, /*fd=*/-1, /*to_submit=*/0, /*min_complete=*/0,
- /*flags=IORING_ENTER_REGISTERED_RING|IORING_ENTER_EXT_ARG|IORING_ENTER_SQ_WAIT|IORING_ENTER_SQ_WAKEUP*/
- 0x1eul, /*sigmask=*/0ul, /*size=*/0ul);
- memcpy((void*)0x200000000100, "./file0\000", 8);
- res = -1;
- res = syz_mount_image(
- /*fs=*/0, /*dir=*/0x200000000100,
- /*flags=MS_SYNCHRONOUS|MS_RELATIME|MS_NOATIME*/ 0x200410, /*opts=*/0,
- /*chdir=*/1, /*size=*/0, /*img=*/0x200000000000);
- if (res != -1)
- r[113] = res;
- *(uint16_t*)0x200000000140 = 2;
- *(uint64_t*)0x200000000148 = 0x2000000000c0;
- *(uint16_t*)0x2000000000c0 = 0x61;
- *(uint8_t*)0x2000000000c2 = 0;
- *(uint8_t*)0x2000000000c3 = 0;
- *(uint32_t*)0x2000000000c4 = 0;
- *(uint16_t*)0x2000000000c8 = 6;
- *(uint8_t*)0x2000000000ca = 0;
- *(uint8_t*)0x2000000000cb = 0;
- *(uint32_t*)0x2000000000cc = 0;
- syscall(__NR_seccomp, /*op=*/1ul, /*flags=*/0ul, /*arg=*/0x200000000140ul);
- *(uint16_t*)0x200000000140 = 2;
- *(uint64_t*)0x200000000148 = 0x2000000000c0;
- *(uint16_t*)0x2000000000c0 = 0x61;
- *(uint8_t*)0x2000000000c2 = 0;
- *(uint8_t*)0x2000000000c3 = 0;
- *(uint32_t*)0x2000000000c4 = 0;
- *(uint16_t*)0x2000000000c8 = 6;
- *(uint8_t*)0x2000000000ca = 0;
- *(uint8_t*)0x2000000000cb = 0;
- *(uint32_t*)0x2000000000cc = 0;
- syscall(__NR_seccomp, /*op=*/1ul, /*flags=*/0ul, /*arg=*/0x200000000140ul);
- memcpy((void*)0x200000000080, "./file0\000", 8);
- memcpy((void*)0x200000000940, "tmpfs\000", 6);
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x200000000080ul,
- /*type=*/0x200000000940ul, /*flags=*/0ul, /*data=*/0ul);
- syscall(__NR_pidfd_getfd, /*pidfd=*/-1, /*fd=*/r[113], /*flags=*/0ul);
- res = syscall(__NR_pidfd_getfd, /*pidfd=*/-1, /*fd=*/r[113], /*flags=*/0ul);
- if (res != -1)
- r[114] = res;
- syscall(__NR_io_uring_register, /*fd=*/-1, /*opcode=*/9ul, /*arg=*/0ul,
- /*nr_args=*/0ul);
- res = syscall(__NR_io_uring_register, /*fd=*/-1, /*opcode=*/9ul, /*arg=*/0ul,
- /*nr_args=*/0ul);
- if (res != -1)
- r[115] = res;
- syscall(__NR_io_uring_register, /*fd=*/r[114], /*opcode=*/0xaul, /*arg=*/0ul,
- /*nr_args=*/r[115]);
- memcpy((void*)0x200000000200, "./file0\000", 8);
- syscall(__NR_chdir, /*dir=*/0x200000000200ul);
- memcpy((void*)0x200000000640, ".\000", 2);
- syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000640ul,
- /*flags=*/0, /*mode=*/0);
- memcpy((void*)0x200000000640, ".\000", 2);
- res = syscall(__NR_openat, /*fd=*/0xffffff9c, /*file=*/0x200000000640ul,
- /*flags=*/0, /*mode=*/0);
- if (res != -1)
- r[116] = res;
- syscall(__NR_getdents64, /*fd=*/r[116], /*ent=*/0ul, /*count=*/0ul);
- *(uint64_t*)0x200000000000 = 0;
- *(uint32_t*)0x200000000008 = 0x14;
- *(uint32_t*)0x20000000000c = 0;
- *(uint64_t*)0x200000000010 = 0;
- *(uint64_t*)0x200000000018 = 0;
- res = syscall(__NR_timer_create, /*id=*/0ul, /*ev=*/0x200000000000ul,
- /*timerid=*/0x200000000200ul);
- if (res != -1)
- r[117] = *(uint32_t*)0x200000000200;
- memcpy((void*)0x2000000000c0, "./file0\000", 8);
- *(uint64_t*)0x200000000180 = 0;
- *(uint64_t*)0x200000000280 = 0;
- syscall(__NR_execve, /*file=*/0x2000000000c0ul, /*argv=*/0x200000000180ul,
- /*envp=*/0x200000000280ul);
- *(uint32_t*)0x2000000002c0 = 9;
- *(uint32_t*)0x2000000002c4 = 0;
- *(uint32_t*)0x2000000002c8 = 7;
- *(uint32_t*)0x2000000002cc = 0xffff0001;
- *(uint32_t*)0x2000000002d0 = 0;
- *(uint32_t*)0x2000000002d4 = 0x8000;
- syscall(__NR_ioctl, /*fd=*/r[116], /*cmd=*/0x401845ff,
- /*arg=*/0x2000000002c0ul);
- res = syscall(__NR_clock_gettime, /*id=*/0ul, /*tp=*/0x200000000080ul);
- if (res != -1) {
- r[118] = *(uint64_t*)0x200000000080;
- r[119] = *(uint64_t*)0x200000000088;
- }
- *(uint64_t*)0x200000000940 = r[118];
- *(uint64_t*)0x200000000948 = r[119] + 10000000;
- *(uint64_t*)0x200000000950 = 0x77359400;
- *(uint64_t*)0x200000000958 = 0;
- syscall(__NR_timer_settime, /*timerid=*/r[117], /*flags=TIMER_ABSTIME*/ 1ul,
- /*new=*/0x200000000940ul, /*old=*/0ul);
- *(uint64_t*)0x200000000000 = 0x77359400;
- *(uint64_t*)0x200000000008 = 0;
- *(uint64_t*)0x200000000010 = 0;
- *(uint64_t*)0x200000000018 = 0;
- syscall(__NR_timer_settime, /*timerid=*/r[117], /*flags=TIMER_ABSTIME*/ 1ul,
- /*new=*/0x200000000000ul, /*old=*/0x200000000040ul);
- res =
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0xb704, /*arg=*/0x200000000000ul);
- if (res != -1)
- r[120] = *(uint32_t*)0x200000000000;
- memcpy((void*)0x200000000040, "ext4\000", 5);
- memcpy((void*)0x200000000480, "./file2\000", 8);
- memcpy((void*)0x2000000000c0, "resuid", 6);
- *(uint8_t*)0x2000000000c6 = 0x3d;
- sprintf((char*)0x2000000000c7, "0x%016llx", (long long)r[120]);
- *(uint8_t*)0x2000000000d9 = 0x2c;
- *(uint8_t*)0x2000000000da = 0;
- memcpy(
- (void*)0x2000000004c0,
- "\x78\x9c\xec\xdd\xcb\x6f\x54\xd5\x1f\x00\xf0\xef\x9d\x69\x0b\x3f\x1e\xbf"
- "\x16\xc4\x17\xa0\x54\xd1\xd8\xf8\x68\x69\x41\x65\x61\x42\x34\x92\xb8\xd0"
- "\xc4\x44\x17\xb8\xac\x6d\x21\x48\xa1\x86\xd6\x44\x08\x91\x62\x0c\x2e\x0d"
- "\x89\x7b\xe3\xd2\x44\xff\x01\x57\xba\xf1\xb5\x32\x71\xab\x7b\x43\x42\x0c"
- "\x1b\xd1\x98\x38\xe6\xce\xdc\x0b\x33\xd3\xe9\x6b\x98\x47\xd3\xf9\x7c\x92"
- "\xdb\x39\xe7\xde\x33\x73\xcf\x77\xce\x3d\x33\xe7\x9e\x7b\x07\x02\xe8\x59"
- "\xc3\xe9\x9f\x24\x62\x47\x44\xfc\x1a\x11\x83\x95\x6c\x6d\x81\xe1\xca\xc3"
- "\xad\x9b\x97\xa6\xfe\xba\x79\x69\x2a\x89\x52\xe9\x8d\x3f\x92\x72\xb9\x3f"
- "\x6f\x5e\x9a\xca\x8b\xe6\xcf\xdb\x9e\x65\x46\x0a\x11\x85\x8f\x92\xd8\xd7"
- "\x60\xbf\xf3\x17\x2e\x9e\x99\x9c\x9d\x9d\x39\x9f\xe5\xc7\x16\xce\xbe\x3b"
- "\x36\x7f\xe1\xe2\x33\xa7\xcf\x4e\x9e\x9a\x39\x35\x73\x6e\xe2\xe8\xd1\x23"
- "\x87\xc7\x9f\x7f\x6e\xe2\xd9\x96\xc4\xb9\x33\xad\xeb\xde\x0f\xe6\xf6\x3f"
- "\xf8\xca\x5b\xd7\x5e\x9b\x3a\x71\xed\xed\x1f\xbf\x4c\xeb\xbb\x23\xdb\x5e"
- "\x1d\x47\x93\x92\xfa\x15\xc3\x31\xbc\x74\x65\xe6\xf1\xbb\xdc\xd9\x46\xb3"
- "\xb3\x2a\x9d\xf4\x75\xb1\x22\xac\x4b\x31\x22\xd2\xe6\xea\x2f\xf7\xff\xc1"
- "\x28\xc6\x9d\xc6\x1b\x8c\xe3\x1f\x76\xb5\x72\x40\x5b\x95\x4a\xa5\xd2\x96"
- "\xe5\x37\x2f\x96\x4a\xc5\xac\x14\xb0\xf9\x24\x7a\x37\xf4\xa8\xfc\x8b\x3e"
- "\x3d\xff\xcd\x97\x0e\x0d\x3d\x36\x84\x1b\x2f\x56\x4e\x80\xd2\xb8\x6f\x65"
- "\x4b\x65\x4b\x5f\x14\xb2\x32\xfd\x75\xe7\xb7\xad\xb4\x18\x11\x27\x16\xff"
- "\xfe\x2c\x5d\xa2\x35\xf3\x10\x00\x00\x2b\xfa\x26\x1d\xff\x3c\xdd\x68\xfc"
- "\x57\x88\xfb\xaa\xca\xfd\x3f\xbb\x36\x34\x14\x11\xbb\x22\x62\x77\x44\xdc"
- "\x13\x11\x7b\x22\xe2\xde\x88\x72\xd9\xfb\x23\xe2\x81\x75\xee\x7f\xb8\x26"
- "\x77\xac\xc1\xf8\xa7\x70\xbd\xc9\xd0\xd6\x24\x1d\xff\xbd\x90\x5d\xdb\xaa"
- "\x1d\xff\xe5\xa3\xbf\x18\x2a\x66\xb9\x9d\xe5\xf8\xfb\x93\x93\xa7\x67\x67"
- "\x0e\x65\xef\xc9\x48\xf4\x6f\x49\xf3\xe3\x2b\xec\xe3\xdb\x97\x7f\xf9\x64"
- "\xb9\x6d\xc3\x55\xe3\xbf\x74\x49\xf7\x9f\x8f\x05\xb3\x7a\x5c\xef\xab\x9b"
- "\xa0\x9b\x9e\x5c\x98\xbc\x9b\x98\xab\xdd\xb8\x52\x9e\xdd\xbb\xbc\x34\xfe"
- "\x24\xbf\x12\x30\x94\x97\xdd\xdb\xc4\xeb\xa7\xef\xd9\xe9\x27\xbf\xd8\x9f"
- "\xa6\xff\x69\xb0\xbd\x6f\xd5\xf8\x57\xd0\x82\xeb\x4c\xa5\xcf\x23\x9e\xa8"
- "\xb4\xff\x62\xd4\xc5\x9f\x4b\x56\xbe\x3e\x39\xb6\x35\x66\x67\x0e\x8d\xe5"
- "\x47\xc5\x52\x3f\xfd\x7c\xf5\xf5\xe5\xf6\xbf\x7a\xfb\xb7\x57\xda\xfe\xdb"
- "\x1a\x1e\xff\xb7\xe3\x1f\x4a\xaa\xaf\xd7\xce\xd7\x6d\x5d\x83\xab\xbf\x7d"
- "\xbc\xec\x39\x4d\xb3\xc7\xff\x40\xf2\x66\xc4\xf1\x88\x81\x6c\xdd\xfb\x93"
- "\x0b\x0b\xe7\xc7\x23\x06\x92\x57\xcb\xf9\x9a\xf5\x13\x77\x9e\x9b\xe7\xf3"
- "\xf2\x69\xfc\x23\x07\x1b\xf7\xff\xdd\x71\x27\xd6\x7d\x11\x91\x1e\xc4\x0f"
- "\x45\xc4\xc3\x11\x71\x20\xab\xfb\x23\x11\xf1\x68\x44\x1c\xac\x8b\xab\x58"
- "\x79\xb8\x92\xfe\xf9\xe1\xa5\xc7\xde\x69\x3e\xfe\xf6\x4a\xe3\x9f\x6e\xdc"
- "\xfe\xa5\x7f\x2b\x89\xba\xf6\x5f\x3d\x91\x7e\x56\x56\xaf\x29\x9e\xf9\xee"
- "\xeb\xe6\xe3\x4f\xdb\xff\x48\x39\x35\x92\xad\x59\xcb\xe7\xdf\xda\x6a\x9a"
- "\x1f\xcd\x00\x00\x00\xb0\xb9\x15\xca\xf7\xc0\x27\x85\xd1\xdb\xe9\x42\x61"
- "\x74\xb4\x72\x0f\xff\x9e\xd8\x56\x98\x9d\x9b\x5f\x78\xea\xe4\xdc\x7b\xe7"
- "\xa6\x2b\xf7\xca\x0f\x45\x7f\x21\x9f\xe9\x1a\xac\x9a\x0f\x1d\xcf\x26\x0a"
- "\xf3\xfc\x44\x5d\xfe\x70\x36\x6f\xfc\x69\xf1\x7f\xe5\xfc\xe8\xd4\xdc\xec"
- "\x74\xb7\x83\x87\x1e\xb7\x7d\x99\xfe\x9f\xfa\xbd\xd8\xed\xda\x01\x6d\xe7"
- "\xf7\x5a\xd0\xbb\xd6\xd6\xff\xfb\xdb\x5e\x0f\xa0\xf3\x56\xed\xff\xc7\x6a"
- "\xb3\x8b\x6d\xac\x0b\xd0\x59\x4d\x8e\xff\xbf\x6a\x75\x3d\x80\xce\x73\xfe"
- "\x0f\xbd\xab\x51\xff\xbf\xdc\x85\x7a\x00\x9d\xe7\xfb\x1f\x7a\x57\xc3\xfe"
- "\xbf\x6b\x47\xe7\x2b\x02\x74\x9c\xef\x7f\xe8\x5d\x79\xff\x5f\xe1\x1f\x02"
- "\xbd\xfd\x8b\x66\x60\xd3\x58\xcf\xef\xfa\x37\x4d\x22\xbf\x93\xa9\x95\xaf"
- "\x1c\x8b\x35\x6b\x2e\xc7\x81\x8d\x10\xe9\xc5\x33\x5b\x23\xa2\x2d\xaf\x1c"
- "\x85\xf5\x3c\xeb\xfb\x5b\x6d\x08\x30\xff\x8f\x06\x36\xc2\xfb\x5c\x49\x0c"
- "\x44\x44\x8b\x0e\xd1\x6e\x87\xd3\xcd\x4f\x25\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x80\xd6\xf9\x2f\x00\x00\xff\xff\xbf\x00\xde\xd7",
- 1168);
- syz_mount_image(/*fs=*/0x200000000040, /*dir=*/0x200000000480,
- /*flags=MS_STRICTATIME|MS_MANDLOCK*/ 0x1000040,
- /*opts=*/0x2000000000c0, /*chdir=*/0, /*size=*/0x490,
- /*img=*/0x2000000004c0);
- res = syscall(__NR_socket, /*domain=*/0xaul,
- /*type=SOCK_CLOEXEC|SOCK_DGRAM*/ 0x80002ul, /*proto=*/0);
- if (res != -1)
- r[121] = res;
- memcpy((void*)0x200000000440, "ext4\000", 5);
- memcpy((void*)0x200000000480, "./file0\000", 8);
- *(uint8_t*)0x200000000000 = 0;
- memcpy(
- (void*)0x200000000500,
- "\x78\x9c\xec\xdc\x4d\x6f\x15\x55\x1c\x07\xe0\xdf\x4c\x5b\x08\x2f\x5a\x34"
- "\xbe\x56\x94\x0a\x2a\x15\xb4\xa5\xa8\xd5\x85\x1b\xf6\x26\x2e\x64\xe7\xaa"
- "\xa1\x85\x10\x0b\x18\x5a\x13\x21\x2c\x34\xc1\xb8\x91\x85\x89\x71\x69\xe2"
- "\x07\x30\x91\x9d\x89\x1b\x76\x6e\x59\xf0\x01\x58\x1a\x0c\x31\x2c\xb4\xd1"
- "\xc4\xd4\xcc\xed\x1d\x7a\x69\x7b\x0b\x85\xd6\x6b\x98\xe7\x49\xe6\xde\x73"
- "\xe6\x9c\x9b\x73\x66\x4e\xfe\x73\xef\x3d\x73\x32\x01\x1a\x6b\xb8\x7a\x29"
- "\x92\x9d\x49\xae\x25\x19\x5c\xcc\xde\x59\x61\x78\xf1\xed\xcf\x5b\x17\x8e"
- "\xcd\xdf\xba\x70\xac\xc8\xc2\xc2\x07\xbf\x17\xad\x7a\xd5\xbe\xba\x6a\xfd"
- "\xb9\x1d\xd5\x4b\x99\x8c\x94\x49\x79\xb1\xc8\x73\xab\xb4\x3b\x7b\xee\xfc"
- "\x47\x93\x33\x33\xd3\x67\xdb\xf9\xb1\xb9\x53\x1f\x8f\xcd\x9e\x3b\xff\xfa"
- "\xc9\x53\x93\x27\xa6\x4f\x4c\x9f\x1e\x9f\x98\x38\x74\x68\xe2\xed\x89\xb7"
- "\xde\xd9\xb0\x63\x1d\x9a\xfc\xf1\xbb\xdf\x2e\xbd\xff\xf5\xb7\x5f\x7c\x38"
- "\xb6\x67\xa8\xdc\x5b\xf5\x77\x67\xbb\xac\xf3\x38\x36\xca\x70\x86\xef\x3c"
- "\x97\x1d\x5e\xd9\xe8\xc6\x7a\xec\xc9\x8e\x74\xd1\xdf\xc3\x8e\xb0\x2e\x7d"
- "\x49\xaa\xe1\x1a\x68\xc5\xff\x60\xfa\xb2\x34\x78\x83\xf9\xe5\x7a\x4f\x3b"
- "\x07\x6c\xaa\x85\xca\xd6\xae\xc5\x9f\x2d\x00\x0f\xb1\x22\xbd\xee\x01\xd0"
- "\x1b\xf5\x17\x7d\xf5\xff\xb7\xde\xfe\xab\xdf\x1e\xf4\xde\xcd\x23\x8b\x7f"
- "\x00\xeb\xb9\x9d\xf9\xdb\xe3\xdf\x9f\xb2\x5d\x67\x60\xd9\xff\xfb\x8d\x34"
- "\x9c\xe4\xc2\xf5\xf9\xc1\x6a\xcb\x26\xcd\xc3\x00\x00\x00\x00\x34\xd9\x95"
- "\x23\x49\x5e\x5b\x6d\xfe\xaf\xcc\x53\x1d\xf5\xaa\xf4\xd3\x49\x9e\x49\xf2"
- "\x6c\x92\xa1\xa4\xb5\xae\x67\x77\x92\xe7\x93\xbc\x90\x64\x4f\xbd\x9e\x68"
- "\x1d\x96\xd7\x5f\x39\xff\x53\xde\xb8\xaf\x03\xe3\x9e\xdc\x3c\x92\xbc\x9b"
- "\x64\x7e\xc5\xfc\x5f\x3d\xfb\x97\x5d\x7d\xed\xdc\x23\x55\x26\x03\xc5\xf1"
- "\x93\x33\xd3\x87\x92\x3c\x9a\x64\x24\x03\x5b\xab\xfc\xf8\x1a\x6d\x4c\xfe"
- "\xf0\xc7\x4f\xdd\xca\xaa\xf1\xbf\xf6\x73\xdf\x60\xbd\x55\xed\x57\xef\x4b"
- "\x35\xca\x1b\xfd\xcb\xee\x4f\x4f\x4d\xce\x4d\x3e\xc8\x31\xb3\xe4\xe6\xe7"
- "\xc9\x50\xff\x6a\xe3\x5f\xdc\x5e\x09\x54\x24\x79\x31\xc9\xde\xfb\x6c\xe3"
- "\xe2\xa5\xdd\x97\xbb\x95\xdd\x7d\xfc\xd9\x4c\x0b\xdf\x27\xfb\x57\x8d\xff"
- "\xa5\x95\x8b\xc5\xda\xeb\x33\xc7\x5a\xd7\x83\xb1\xfa\xaa\xb0\xd2\xd5\x85"
- "\xe1\xf9\x6e\xed\x1b\xff\xde\xaa\xe2\x7f\xfb\xda\xe3\xbf\xab\xe8\x5c\xaf"
- "\x3b\xbb\xfe\x36\x2e\x0f\xfc\xf5\x4f\xb7\xb2\xfb\xbd\xfe\x6f\x29\x8e\xb6"
- "\x3a\xb8\xa5\xbd\xef\xd3\xc9\xb9\xb9\xb3\xe3\xc9\x96\xe2\xbd\x95\xfb\x0f"
- "\xaf\xbf\xcf\x0f\xab\xfa\x7c\xd4\xe7\xab\x1a\xff\x91\x7d\xab\x7f\xff\x3f"
- "\xde\xfe\x4c\x75\x42\xf7\x25\x79\x29\xc9\xcb\xed\xb5\xcb\xfb\x5b\xdf\xfd"
- "\xc9\xab\x49\x0e\x24\x39\xb8\x46\x9b\x5f\x1e\xf8\xea\x4a\xb7\x32\xf1\xdf"
- "\x5b\xd5\xf8\x4f\xad\x2b\xfe\xd7\x9f\xf8\x7b\xdb\xd1\xab\xdd\xda\xef\xbc"
- "\xff\x5b\x6d\x55\xfb\xf5\xbd\xe0\x45\x55\xfc\xbf\xd9\xea\xcc\x48\x7b\x8f"
- "\xdf\x7f\x77\x77\xaf\x03\xd4\xeb\x7e\x02\x00\x00\x00\x00\x00\x00\xb0\x31"
- "\xca\xd6\x33\xf0\x8a\x72\xf4\x76\xba\x2c\x47\x47\x17\x9f\xe1\xf7\x44\xb6"
- "\x97\x33\x67\x66\xe7\x0e\x1e\x3f\xf3\xc9\xe9\xa9\xc5\x67\xe5\xed\xca\x40"
- "\x59\xaf\xf4\x1a\xec\x58\x0f\x3a\xde\x4a\x2f\xe5\x0f\x2f\xcb\xbf\x91\xe4"
- "\xb1\x24\xdf\xf4\x6d\x6b\xe5\x47\x8f\x9d\x99\x99\xea\xf5\xc1\x43\xc3\xed"
- "\xe8\x12\xff\x95\x5f\xfb\x7a\xdd\x3b\x60\xd3\x79\x5e\x2b\x34\x97\xf8\x87"
- "\xe6\x12\xff\xd0\x5c\xe2\x1f\x9a\x4b\xfc\x43\x73\x89\x7f\x68\x2e\xf1\x0f"
- "\xcd\x25\xfe\xa1\xb9\xc4\x3f\x34\x97\xf8\x87\x46\x7a\x90\xe7\xfa\x49\x48"
- "\x48\x3c\xac\x89\x5e\x5f\x99\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\x1f\xfe\x0d\x00\x00\xff"
- "\xff\xbc\xb0\xdc\x06",
- 1049);
- syz_mount_image(/*fs=*/0x200000000440, /*dir=*/0x200000000480, /*flags=*/0,
- /*opts=*/0x200000000000, /*chdir=*/1, /*size=*/0x419,
- /*img=*/0x200000000500);
- memcpy((void*)0x200000000000,
- "lo\000\000\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- res =
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x8933, /*arg=*/0x200000000000ul);
- if (res != -1)
- r[122] = *(uint32_t*)0x200000000010;
- *(uint16_t*)0x200000000580 = 0x11;
- *(uint16_t*)0x200000000582 = htobe16(7);
- *(uint32_t*)0x200000000584 = r[122];
- *(uint16_t*)0x200000000588 = 1;
- *(uint8_t*)0x20000000058a = 0;
- *(uint8_t*)0x20000000058b = 6;
- memset((void*)0x20000000058c, 255, 6);
- memset((void*)0x200000000592, 0, 2);
- syscall(__NR_bind, /*fd=*/-1, /*addr=*/0x200000000580ul, /*addrlen=*/0x14ul);
- memcpy((void*)0x200000000180,
- "team0\000\000\000\000\000\000\000\000\000\000\000", 16);
- res = syscall(__NR_ioctl, /*fd=*/r[121], /*cmd=*/0x8933,
- /*arg=*/0x200000000180ul);
- if (res != -1)
- r[123] = *(uint32_t*)0x200000000190;
- memcpy((void*)0x2000000001c0,
- "team0\000\000\000\000\000\000\000\000\000\000\000", 16);
- res = syscall(__NR_ioctl, /*fd=*/r[121], /*cmd=*/0x8933,
- /*arg=*/0x2000000001c0ul);
- if (res != -1)
- r[124] = *(uint32_t*)0x2000000001d0;
- *(uint32_t*)0x200000000280 = 0x14;
- res = syscall(__NR_getsockname, /*fd=*/-1, /*addr=*/0x200000000200ul,
- /*addrlen=*/0x200000000280ul);
- if (res != -1)
- r[125] = *(uint32_t*)0x200000000204;
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=SOCK_RAW*/ 3ul,
- /*proto=*/3);
- if (res != -1)
- r[126] = res;
- memcpy((void*)0x200000000300,
- "lo\000\000\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- res = syscall(__NR_ioctl, /*fd=*/r[126], /*cmd=*/0x8933,
- /*arg=*/0x200000000300ul);
- if (res != -1)
- r[127] = *(uint32_t*)0x200000000310;
- res = syscall(__NR_socket, /*domain=*/0x11ul, /*type=SOCK_RAW*/ 3ul,
- /*proto=*/0x300);
- if (res != -1)
- r[128] = res;
- memcpy((void*)0x200000000000,
- "\xb3\xa2\xea\x52\x22\x30\x0a\xed\xdd\xc6\x56\xc6\x68\xb7", 14);
- *(uint16_t*)0x200000000100 = 0x11;
- *(uint16_t*)0x200000000102 = htobe16(0);
- *(uint32_t*)0x200000000104 = r[127];
- *(uint16_t*)0x200000000108 = 1;
- *(uint8_t*)0x20000000010a = 0;
- *(uint8_t*)0x20000000010b = 6;
- memset((void*)0x20000000010c, 170, 5);
- *(uint8_t*)0x200000000111 = 0;
- memset((void*)0x200000000112, 0, 2);
- syscall(__NR_sendto, /*fd=*/r[128], /*buf=*/0x200000000000ul, /*len=*/0xeul,
- /*f=*/0ul, /*addr=*/0x200000000100ul, /*addrlen=*/0x14ul);
- memcpy((void*)0x2000000002c0, "batadv_slave_1\000\000", 16);
- res = syscall(__NR_ioctl, /*fd=*/r[121], /*cmd=*/0x8933,
- /*arg=*/0x2000000002c0ul);
- if (res != -1)
- r[129] = *(uint32_t*)0x2000000002d0;
- memcpy((void*)0x200000000380, "ip_vti0\000\000\000\000\000\000\000\000\000",
- 16);
- *(uint64_t*)0x200000000390 = 0x200000000300;
- memcpy((void*)0x200000000300,
- "tunl0\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint32_t*)0x200000000310 = 0;
- *(uint16_t*)0x200000000314 = htobe16(0x10);
- *(uint16_t*)0x200000000316 = htobe16(0x20);
- *(uint32_t*)0x200000000318 = htobe32(0x3f);
- *(uint32_t*)0x20000000031c = htobe32(9);
- STORE_BY_BITMASK(uint8_t, , 0x200000000320, 0xa, 0, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000000320, 4, 4, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000000321, 1, 0, 2);
- STORE_BY_BITMASK(uint8_t, , 0x200000000321, 0x1f, 2, 6);
- *(uint16_t*)0x200000000322 = htobe16(0x28);
- *(uint16_t*)0x200000000324 = htobe16(0x67);
- *(uint16_t*)0x200000000326 = htobe16(0);
- *(uint8_t*)0x200000000328 = 0x97;
- *(uint8_t*)0x200000000329 = 0x29;
- *(uint16_t*)0x20000000032a = htobe16(0);
- *(uint8_t*)0x20000000032c = 0xac;
- *(uint8_t*)0x20000000032d = 0x14;
- *(uint8_t*)0x20000000032e = 0x14;
- *(uint8_t*)0x20000000032f = 0xbb;
- *(uint32_t*)0x200000000330 = htobe32(-1);
- *(uint8_t*)0x200000000334 = 1;
- *(uint8_t*)0x200000000335 = 0x89;
- *(uint8_t*)0x200000000336 = 0xf;
- *(uint8_t*)0x200000000337 = 0x8d;
- *(uint8_t*)0x200000000338 = 0xac;
- *(uint8_t*)0x200000000339 = 0x1e;
- *(uint8_t*)0x20000000033a = 0;
- *(uint8_t*)0x20000000033b = 1;
- *(uint32_t*)0x20000000033c = htobe32(0);
- *(uint32_t*)0x200000000340 = htobe32(0xa010102);
- *(uint8_t*)0x200000000344 = 0;
- struct csum_inet csum_2;
- csum_inet_init(&csum_2);
- csum_inet_update(&csum_2, (const uint8_t*)0x200000000320, 40);
- *(uint16_t*)0x20000000032a = csum_inet_digest(&csum_2);
- res =
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x89f2, /*arg=*/0x200000000380ul);
- if (res != -1)
- r[130] = *(uint32_t*)0x200000000310;
- memcpy((void*)0x2000000003c0,
- "gre0\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint64_t*)0x2000000003d0 = 0x200000000940;
- memcpy((void*)0x200000000940, "syztnl0\000\000\000\000\000\000\000\000\000",
- 16);
- *(uint32_t*)0x200000000950 = 0;
- *(uint16_t*)0x200000000954 = htobe16(0x40);
- *(uint16_t*)0x200000000956 = htobe16(0x700);
- *(uint32_t*)0x200000000958 = htobe32(0xfffffffc);
- *(uint32_t*)0x20000000095c = htobe32(2);
- STORE_BY_BITMASK(uint8_t, , 0x200000000960, 0x33, 0, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000000960, 4, 4, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000000961, 1, 0, 2);
- STORE_BY_BITMASK(uint8_t, , 0x200000000961, 0x39, 2, 6);
- *(uint16_t*)0x200000000962 = htobe16(0xcc);
- *(uint16_t*)0x200000000964 = htobe16(0x68);
- *(uint16_t*)0x200000000966 = htobe16(0);
- *(uint8_t*)0x200000000968 = 2;
- *(uint8_t*)0x200000000969 = 4;
- *(uint16_t*)0x20000000096a = htobe16(0);
- *(uint32_t*)0x20000000096c = htobe32(0x64010100);
- *(uint32_t*)0x200000000970 = htobe32(0xe0000001);
- *(uint8_t*)0x200000000974 = 0x44;
- *(uint8_t*)0x200000000975 = 0xc;
- *(uint8_t*)0x200000000976 = 0x35;
- STORE_BY_BITMASK(uint8_t, , 0x200000000977, 1, 0, 4);
- STORE_BY_BITMASK(uint8_t, , 0x200000000977, 0, 4, 4);
- *(uint32_t*)0x200000000978 = htobe32(0);
- *(uint32_t*)0x20000000097c = htobe32(5);
- *(uint8_t*)0x200000000980 = 0x86;
- *(uint8_t*)0x200000000981 = 0x57;
- *(uint32_t*)0x200000000982 = htobe32(1);
- *(uint8_t*)0x200000000986 = 2;
- *(uint8_t*)0x200000000987 = 0xf;
- memcpy((void*)0x200000000988,
- "\xfe\x77\x00\xef\x32\x59\x1e\x53\xb0\x21\x09\xab\xee", 13);
- *(uint8_t*)0x200000000995 = 0;
- *(uint8_t*)0x200000000996 = 9;
- memcpy((void*)0x200000000997, "\x7c\xa1\xad\xe9\x86\x92\x94", 7);
- *(uint8_t*)0x20000000099e = 1;
- *(uint8_t*)0x20000000099f = 0xb;
- memcpy((void*)0x2000000009a0, "\x45\x8c\x95\x02\xd2\x28\x5d\x7f\xc9", 9);
- *(uint8_t*)0x2000000009a9 = 6;
- *(uint8_t*)0x2000000009aa = 0xc;
- memcpy((void*)0x2000000009ab, "\xe2\x5c\x80\x66\x82\x2c\x6b\xd7\x3b\x6c", 10);
- *(uint8_t*)0x2000000009b5 = 0;
- *(uint8_t*)0x2000000009b6 = 0x12;
- memcpy((void*)0x2000000009b7,
- "\x45\x8b\xba\xbf\xac\xe4\x82\xde\xf7\x8d\xe6\xd1\x61\x05\xd8\xc2",
- 16);
- *(uint8_t*)0x2000000009c7 = 1;
- *(uint8_t*)0x2000000009c8 = 4;
- memcpy((void*)0x2000000009c9, "\xea\xef", 2);
- *(uint8_t*)0x2000000009cb = 6;
- *(uint8_t*)0x2000000009cc = 0xc;
- memcpy((void*)0x2000000009cd, "\xbc\xe9\x07\x69\xc9\xcd\x77\x85\xe1\xe7", 10);
- *(uint8_t*)0x2000000009d7 = 0x86;
- *(uint8_t*)0x2000000009d8 = 0x55;
- *(uint32_t*)0x2000000009d9 = htobe32(-1);
- *(uint8_t*)0x2000000009dd = 1;
- *(uint8_t*)0x2000000009de = 2;
- *(uint8_t*)0x2000000009df = 7;
- *(uint8_t*)0x2000000009e0 = 0xc;
- memcpy((void*)0x2000000009e1, "\x2b\x2a\x01\xdf\x96\xc5\x3c\x8f\x29\x90", 10);
- *(uint8_t*)0x2000000009eb = 2;
- *(uint8_t*)0x2000000009ec = 0x10;
- memcpy((void*)0x2000000009ed,
- "\x6d\xc1\x2a\xa5\x18\xc0\x1b\xd0\x8b\x4f\xee\xed\x4e\xe9", 14);
- *(uint8_t*)0x2000000009fb = 5;
- *(uint8_t*)0x2000000009fc = 0x11;
- memcpy((void*)0x2000000009fd,
- "\xdc\x23\x28\xb2\xf2\xe3\xee\xd4\xda\xc3\x10\xae\xa5\xfd\x1a", 15);
- *(uint8_t*)0x200000000a0c = 6;
- *(uint8_t*)0x200000000a0d = 0x10;
- memcpy((void*)0x200000000a0e,
- "\x5b\xc1\xdd\x8e\x4a\x48\xbe\xd8\x4e\x98\x8f\xf3\x6f\xa8", 14);
- *(uint8_t*)0x200000000a1c = 7;
- *(uint8_t*)0x200000000a1d = 0x10;
- memcpy((void*)0x200000000a1e,
- "\xa4\x47\xe7\x28\x12\xe8\x71\x7a\x96\xf2\xea\x4a\xfe\x24", 14);
- struct csum_inet csum_3;
- csum_inet_init(&csum_3);
- csum_inet_update(&csum_3, (const uint8_t*)0x200000000960, 204);
- *(uint16_t*)0x20000000096a = csum_inet_digest(&csum_3);
- res =
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x89f0, /*arg=*/0x2000000003c0ul);
- if (res != -1)
- r[131] = *(uint32_t*)0x200000000950;
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[132] = res;
- memcpy((void*)0x200000001b40,
- "sit0\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- res = syscall(__NR_ioctl, /*fd=*/r[132], /*cmd=*/0x8933,
- /*arg=*/0x200000001b40ul);
- if (res != -1)
- r[133] = *(uint32_t*)0x200000001b50;
- *(uint64_t*)0x200000000380 = 0;
- *(uint32_t*)0x200000000388 = 0;
- *(uint64_t*)0x200000000390 = 0x200000000340;
- *(uint64_t*)0x200000000340 = 0x200000001b80;
- *(uint32_t*)0x200000001b80 = 0xec4;
- *(uint16_t*)0x200000001b84 = 0x64;
- *(uint16_t*)0x200000001b86 = 1;
- *(uint32_t*)0x200000001b88 = 0;
- *(uint32_t*)0x200000001b8c = 0;
- *(uint8_t*)0x200000001b90 = 0;
- *(uint8_t*)0x200000001b91 = 0;
- *(uint16_t*)0x200000001b92 = 0;
- *(uint32_t*)0x200000001b94 = r[133];
- *(uint16_t*)0x200000001b98 = 0;
- *(uint16_t*)0x200000001b9a = 0;
- *(uint16_t*)0x200000001b9c = 0;
- *(uint16_t*)0x200000001b9e = 4;
- *(uint16_t*)0x200000001ba0 = 0;
- *(uint16_t*)0x200000001ba2 = 0;
- *(uint16_t*)0x200000001ba4 = 0xc;
- *(uint16_t*)0x200000001ba6 = 1;
- memcpy((void*)0x200000001ba8, "tcindex\000", 8);
- *(uint16_t*)0x200000001bb0 = 0x24;
- *(uint16_t*)0x200000001bb2 = 2;
- *(uint16_t*)0x200000001bb4 = 8;
- *(uint16_t*)0x200000001bb6 = 3;
- *(uint32_t*)0x200000001bb8 = 0;
- *(uint16_t*)0x200000001bbc = 8;
- *(uint16_t*)0x200000001bbe = 1;
- *(uint32_t*)0x200000001bc0 = 0;
- *(uint16_t*)0x200000001bc4 = 8;
- *(uint16_t*)0x200000001bc6 = 5;
- *(uint16_t*)0x200000001bc8 = 0;
- *(uint16_t*)0x200000001bca = 0;
- *(uint16_t*)0x200000001bcc = 8;
- *(uint16_t*)0x200000001bce = 1;
- *(uint32_t*)0x200000001bd0 = 0;
- *(uint16_t*)0x200000001bd4 = 0xa;
- *(uint16_t*)0x200000001bd6 = 1;
- memcpy((void*)0x200000001bd8, "rsvp6\000", 6);
- *(uint16_t*)0x200000001be0 = 0xe64;
- *(uint16_t*)0x200000001be2 = 2;
- *(uint16_t*)0x200000001be4 = 0xe60;
- *(uint16_t*)0x200000001be6 = 6;
- *(uint16_t*)0x200000001be8 = 0x124;
- STORE_BY_BITMASK(uint16_t, , 0x200000001bea, 0, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001beb, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001beb, 0, 7, 1);
- *(uint16_t*)0x200000001bec = 8;
- *(uint16_t*)0x200000001bee = 1;
- memcpy((void*)0x200000001bf0, "nat\000", 4);
- *(uint16_t*)0x200000001bf4 = 0x54;
- STORE_BY_BITMASK(uint16_t, , 0x200000001bf6, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001bf7, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001bf7, 1, 7, 1);
- *(uint16_t*)0x200000001bf8 = 0x28;
- *(uint16_t*)0x200000001bfa = 1;
- *(uint32_t*)0x200000001bfc = 0;
- *(uint32_t*)0x200000001c00 = 0;
- *(uint32_t*)0x200000001c04 = 0;
- *(uint32_t*)0x200000001c08 = 0;
- *(uint32_t*)0x200000001c0c = 0;
- *(uint8_t*)0x200000001c10 = 0xac;
- *(uint8_t*)0x200000001c11 = 0x14;
- *(uint8_t*)0x200000001c12 = 0x14;
- *(uint8_t*)0x200000001c13 = 0xaa;
- *(uint32_t*)0x200000001c14 = htobe32(0xe0000001);
- *(uint32_t*)0x200000001c18 = htobe32(0);
- *(uint32_t*)0x200000001c1c = 0;
- *(uint16_t*)0x200000001c20 = 0x28;
- *(uint16_t*)0x200000001c22 = 1;
- *(uint32_t*)0x200000001c24 = 0;
- *(uint32_t*)0x200000001c28 = 0;
- *(uint32_t*)0x200000001c2c = 0;
- *(uint32_t*)0x200000001c30 = 0;
- *(uint32_t*)0x200000001c34 = 0;
- *(uint32_t*)0x200000001c38 = htobe32(0);
- *(uint32_t*)0x200000001c3c = htobe32(-1);
- *(uint32_t*)0x200000001c40 = htobe32(0);
- *(uint32_t*)0x200000001c44 = 0;
- *(uint16_t*)0x200000001c48 = 0xa9;
- *(uint16_t*)0x200000001c4a = 6;
- memcpy((void*)0x200000001c4c,
- "\x7f\x55\xdb\xe4\xf0\x61\x52\x21\xd8\x96\xfe\x3e\xfa\x06\x3c\x44\xe9"
- "\x1e\xd3\x68\x14\x75\xce\xc0\xa7\x42\x2b\x98\xa3\xd4\xcd\x1d\xdc\x31"
- "\x9a\x99\xc1\x5c\x37\xb5\x70\xed\xbc\xb5\x3f\x30\x49\xf3\x39\x53\x17"
- "\xc7\x8b\xef\x16\x3d\xcb\x2b\x4c\x62\xfd\x86\x6d\x04\xf2\xd8\xd4\xf1"
- "\x97\xb0\xbf\x2f\x1c\xee\xf3\xa5\xb1\xf7\x2a\x04\x7b\xe6\x82\xb7\x52"
- "\x71\xb9\x32\xbd\xaa\xfb\x03\x87\xb3\xce\x7b\x9f\x55\xae\xa4\x9d\x9c"
- "\xba\xf5\x6c\x29\xf1\x8a\x3d\x85\x9b\xc4\x4e\xda\x6d\x73\xc5\x51\x9c"
- "\x7a\x56\x25\x46\x53\xf8\xd8\x91\x5e\x58\x18\xac\x43\x2e\x25\xe1\x88"
- "\x8f\xf1\x36\x91\xd1\x95\x65\xd4\xdc\x99\x0c\x4e\x4c\xdb\x2b\x58\x0c"
- "\xac\xcf\xdc\x71\x2b\x24\x2e\x62\x19\xd8\xc5\x83",
- 165);
- *(uint16_t*)0x200000001cf4 = 0xc;
- *(uint16_t*)0x200000001cf6 = 7;
- *(uint32_t*)0x200000001cf8 = 0;
- *(uint32_t*)0x200000001cfc = 0;
- *(uint16_t*)0x200000001d00 = 0xc;
- *(uint16_t*)0x200000001d02 = 8;
- *(uint32_t*)0x200000001d04 = 0;
- *(uint32_t*)0x200000001d08 = 0;
- *(uint16_t*)0x200000001d0c = 0x190;
- STORE_BY_BITMASK(uint16_t, , 0x200000001d0e, 0, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001d0f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001d0f, 0, 7, 1);
- *(uint16_t*)0x200000001d10 = 9;
- *(uint16_t*)0x200000001d12 = 1;
- memcpy((void*)0x200000001d14, "gact\000", 5);
- *(uint16_t*)0x200000001d1c = 0x64;
- STORE_BY_BITMASK(uint16_t, , 0x200000001d1e, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001d1f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001d1f, 1, 7, 1);
- *(uint16_t*)0x200000001d20 = 0x18;
- *(uint16_t*)0x200000001d22 = 2;
- *(uint32_t*)0x200000001d24 = 0;
- *(uint32_t*)0x200000001d28 = 0;
- *(uint32_t*)0x200000001d2c = 0;
- *(uint32_t*)0x200000001d30 = 0;
- *(uint32_t*)0x200000001d34 = 0;
- *(uint16_t*)0x200000001d38 = 0x18;
- *(uint16_t*)0x200000001d3a = 2;
- *(uint32_t*)0x200000001d3c = 0;
- *(uint32_t*)0x200000001d40 = 0;
- *(uint32_t*)0x200000001d44 = 0;
- *(uint32_t*)0x200000001d48 = 0;
- *(uint32_t*)0x200000001d4c = 0;
- *(uint16_t*)0x200000001d50 = 0x18;
- *(uint16_t*)0x200000001d52 = 2;
- *(uint32_t*)0x200000001d54 = 0;
- *(uint32_t*)0x200000001d58 = 0;
- *(uint32_t*)0x200000001d5c = 0;
- *(uint32_t*)0x200000001d60 = 0;
- *(uint32_t*)0x200000001d64 = 0;
- *(uint16_t*)0x200000001d68 = 0x18;
- *(uint16_t*)0x200000001d6a = 2;
- *(uint32_t*)0x200000001d6c = 0;
- *(uint32_t*)0x200000001d70 = 0;
- *(uint32_t*)0x200000001d74 = 0;
- *(uint32_t*)0x200000001d78 = 0;
- *(uint32_t*)0x200000001d7c = 0;
- *(uint16_t*)0x200000001d80 = 0x101;
- *(uint16_t*)0x200000001d82 = 6;
- memcpy((void*)0x200000001d84,
- "\x9f\xcf\x28\x83\xff\xf3\x70\x4c\xca\xa4\x9c\x8f\xc8\x6e\xf5\xd7\x08"
- "\x03\xbc\x93\xf6\xf9\x13\xd0\x43\xff\xd1\x2c\xb9\x87\xc6\xc7\xa8\x28"
- "\x81\x27\xd1\x5b\x8c\xe7\x9b\x75\x6e\x56\x2a\xf0\x83\x81\x82\x7b\xd0"
- "\x1e\xc5\x07\x89\xbd\x26\x4c\x1c\x39\x64\xf9\x62\x7a\x8f\x9f\x6c\x3b"
- "\xbf\x31\x50\x2d\xc5\x78\x1d\xfe\x7b\x3d\x7f\xd7\xb6\xc9\x6b\xbb\xb4"
- "\xe0\x4f\x39\xa6\xa2\xb0\x5c\xc4\x98\x8d\x5a\x5a\x6d\xed\x70\x1d\xbc"
- "\xbd\x08\x96\xdd\xb2\x16\xcc\x26\x87\x5e\xc7\x4a\xfa\xab\xe4\x88\x74"
- "\xdd\x09\x06\xb5\x80\xfc\x92\x38\xc2\x01\xe8\x27\x39\x74\x6d\xe3\xbd"
- "\x36\x82\xc5\x79\x1c\x3c\xc5\xe8\x97\x5c\xc7\x68\xb4\x18\xd3\xb6\x3f"
- "\x23\x56\x3c\x24\x3e\x9e\x55\x4e\xa4\x65\x2f\xd7\x93\x47\x78\xca\x69"
- "\x9b\xcb\x17\xe7\x66\x22\x5a\xef\xde\xbf\x20\x7d\xb5\xb5\xa1\xbe\x5b"
- "\x92\xbd\x99\x08\x0a\x95\xb4\x73\x35\x9f\x62\xb0\x78\xd8\x7d\xb1\xa2"
- "\x5d\x33\xaf\x09\x70\xee\x94\x41\xca\x08\x99\x7d\xdc\x80\xd4\xcb\x87"
- "\x58\xd4\x7d\x16\xdd\x63\x2f\x0e\x1a\x28\x7e\x2a\x8e\x2e\x33\x64\x2c"
- "\x1b\xe0\x1f\x7e\xe9\xfd\xe1\xc0\x9e\xbe\x67\x8a\x95\x31\x20",
- 253);
- *(uint16_t*)0x200000001e84 = 0xc;
- *(uint16_t*)0x200000001e86 = 7;
- *(uint32_t*)0x200000001e88 = 0;
- *(uint32_t*)0x200000001e8c = 0;
- *(uint16_t*)0x200000001e90 = 0xc;
- *(uint16_t*)0x200000001e92 = 8;
- *(uint32_t*)0x200000001e94 = 0;
- *(uint32_t*)0x200000001e98 = 0;
- *(uint16_t*)0x200000001e9c = 0xac;
- STORE_BY_BITMASK(uint16_t, , 0x200000001e9e, 0, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001e9f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001e9f, 0, 7, 1);
- *(uint16_t*)0x200000001ea0 = 8;
- *(uint16_t*)0x200000001ea2 = 1;
- memcpy((void*)0x200000001ea4, "nat\000", 4);
- *(uint16_t*)0x200000001ea8 = 0x54;
- STORE_BY_BITMASK(uint16_t, , 0x200000001eaa, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001eab, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001eab, 1, 7, 1);
- *(uint16_t*)0x200000001eac = 0x28;
- *(uint16_t*)0x200000001eae = 1;
- *(uint32_t*)0x200000001eb0 = 0;
- *(uint32_t*)0x200000001eb4 = 0;
- *(uint32_t*)0x200000001eb8 = 0;
- *(uint32_t*)0x200000001ebc = 0;
- *(uint32_t*)0x200000001ec0 = 0;
- *(uint32_t*)0x200000001ec4 = htobe32(0xe0000001);
- *(uint8_t*)0x200000001ec8 = 0xac;
- *(uint8_t*)0x200000001ec9 = 0x14;
- *(uint8_t*)0x200000001eca = 0x14;
- *(uint8_t*)0x200000001ecb = 0xbb;
- *(uint32_t*)0x200000001ecc = htobe32(0);
- *(uint32_t*)0x200000001ed0 = 0;
- *(uint16_t*)0x200000001ed4 = 0x28;
- *(uint16_t*)0x200000001ed6 = 1;
- *(uint32_t*)0x200000001ed8 = 0;
- *(uint32_t*)0x200000001edc = 0;
- *(uint32_t*)0x200000001ee0 = 0;
- *(uint32_t*)0x200000001ee4 = 0;
- *(uint32_t*)0x200000001ee8 = 0;
- *(uint32_t*)0x200000001eec = htobe32(0xe0000001);
- *(uint8_t*)0x200000001ef0 = 0xac;
- *(uint8_t*)0x200000001ef1 = 0x14;
- *(uint8_t*)0x200000001ef2 = 0x14;
- *(uint8_t*)0x200000001ef3 = 0;
- *(uint32_t*)0x200000001ef4 = htobe32(0);
- *(uint32_t*)0x200000001ef8 = 0;
- *(uint16_t*)0x200000001efc = 0x31;
- *(uint16_t*)0x200000001efe = 6;
- memcpy((void*)0x200000001f00,
- "\x72\xad\x1f\x5d\xa6\x46\x30\x4a\xed\x9d\xf0\xef\x31\x30\x4a\x92\xc8"
- "\xc6\x16\xee\x53\xeb\xf1\x3e\x60\x2e\xff\x93\x15\x5d\xe0\x7b\x07\xaa"
- "\x33\x77\xf0\xf7\x8a\x47\xd6\x0b\xbc\x8d\x94",
- 45);
- *(uint16_t*)0x200000001f30 = 0xc;
- *(uint16_t*)0x200000001f32 = 7;
- *(uint32_t*)0x200000001f34 = 0;
- *(uint32_t*)0x200000001f38 = 0;
- *(uint16_t*)0x200000001f3c = 0xc;
- *(uint16_t*)0x200000001f3e = 8;
- *(uint32_t*)0x200000001f40 = 0;
- *(uint32_t*)0x200000001f44 = 0;
- *(uint16_t*)0x200000001f48 = 0x130;
- STORE_BY_BITMASK(uint16_t, , 0x200000001f4a, 0, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001f4b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001f4b, 0, 7, 1);
- *(uint16_t*)0x200000001f4c = 0xb;
- *(uint16_t*)0x200000001f4e = 1;
- memcpy((void*)0x200000001f50, "mirred\000", 7);
- *(uint16_t*)0x200000001f58 = 0xc4;
- STORE_BY_BITMASK(uint16_t, , 0x200000001f5a, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000001f5b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000001f5b, 1, 7, 1);
- *(uint16_t*)0x200000001f5c = 0x20;
- *(uint16_t*)0x200000001f5e = 2;
- *(uint32_t*)0x200000001f60 = 0;
- *(uint32_t*)0x200000001f64 = 0;
- *(uint32_t*)0x200000001f68 = 0;
- *(uint32_t*)0x200000001f6c = 0;
- *(uint32_t*)0x200000001f70 = 0;
- *(uint32_t*)0x200000001f74 = 0;
- *(uint32_t*)0x200000001f78 = 0;
- *(uint16_t*)0x200000001f7c = 0x20;
- *(uint16_t*)0x200000001f7e = 2;
- *(uint32_t*)0x200000001f80 = 0;
- *(uint32_t*)0x200000001f84 = 0;
- *(uint32_t*)0x200000001f88 = 0;
- *(uint32_t*)0x200000001f8c = 0;
- *(uint32_t*)0x200000001f90 = 0;
- *(uint32_t*)0x200000001f94 = 0;
- *(uint32_t*)0x200000001f98 = 0;
- *(uint16_t*)0x200000001f9c = 0x20;
- *(uint16_t*)0x200000001f9e = 2;
- *(uint32_t*)0x200000001fa0 = 0;
- *(uint32_t*)0x200000001fa4 = 0;
- *(uint32_t*)0x200000001fa8 = 0;
- *(uint32_t*)0x200000001fac = 0;
- *(uint32_t*)0x200000001fb0 = 0;
- *(uint32_t*)0x200000001fb4 = 0;
- *(uint32_t*)0x200000001fb8 = 0;
- *(uint16_t*)0x200000001fbc = 0x20;
- *(uint16_t*)0x200000001fbe = 2;
- *(uint32_t*)0x200000001fc0 = 0;
- *(uint32_t*)0x200000001fc4 = 0;
- *(uint32_t*)0x200000001fc8 = 0;
- *(uint32_t*)0x200000001fcc = 0;
- *(uint32_t*)0x200000001fd0 = 0;
- *(uint32_t*)0x200000001fd4 = 0;
- *(uint32_t*)0x200000001fd8 = 0;
- *(uint16_t*)0x200000001fdc = 0x20;
- *(uint16_t*)0x200000001fde = 2;
- *(uint32_t*)0x200000001fe0 = 0;
- *(uint32_t*)0x200000001fe4 = 0;
- *(uint32_t*)0x200000001fe8 = 0;
- *(uint32_t*)0x200000001fec = 0;
- *(uint32_t*)0x200000001ff0 = 0;
- *(uint32_t*)0x200000001ff4 = 0;
- *(uint32_t*)0x200000001ff8 = 0;
- *(uint16_t*)0x200000001ffc = 0x20;
- *(uint16_t*)0x200000001ffe = 2;
- *(uint32_t*)0x200000002000 = 0;
- *(uint32_t*)0x200000002004 = 0;
- *(uint32_t*)0x200000002008 = 0;
- *(uint32_t*)0x20000000200c = 5;
- *(uint32_t*)0x200000002010 = 0;
- *(uint32_t*)0x200000002014 = 0;
- *(uint32_t*)0x200000002018 = 0;
- *(uint16_t*)0x20000000201c = 0x41;
- *(uint16_t*)0x20000000201e = 6;
- memcpy((void*)0x200000002020,
- "\x0d\x75\x58\xfa\x48\x39\x43\x00\x9c\xc3\xd0\x54\x1d\x5d\x1b\x78\x98"
- "\xe6\x29\xd0\xe4\xb3\x04\xb3\x96\x90\x40\xef\x8d\xfd\xc5\x5e\x79\xa8"
- "\x72\xfc\xa1\xc2\x8b\xf2\x38\x16\x04\xad\xa9\x2f\x70\x65\x6d\x4c\x89"
- "\x4d\x2c\xce\x1a\xe9\x3d\x61\x66\x43\x13",
- 61);
- *(uint16_t*)0x200000002060 = 0xc;
- *(uint16_t*)0x200000002062 = 7;
- *(uint32_t*)0x200000002064 = 0;
- *(uint32_t*)0x200000002068 = 0;
- *(uint16_t*)0x20000000206c = 0xc;
- *(uint16_t*)0x20000000206e = 8;
- *(uint32_t*)0x200000002070 = 0;
- *(uint32_t*)0x200000002074 = 0;
- *(uint16_t*)0x200000002078 = 0x9cc;
- STORE_BY_BITMASK(uint16_t, , 0x20000000207a, 0, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000207b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000207b, 0, 7, 1);
- *(uint16_t*)0x20000000207c = 0xb;
- *(uint16_t*)0x20000000207e = 1;
- memcpy((void*)0x200000002080, "skbmod\000", 7);
- *(uint16_t*)0x200000002088 = 4;
- STORE_BY_BITMASK(uint16_t, , 0x20000000208a, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000208b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000208b, 1, 7, 1);
- *(uint16_t*)0x20000000208c = 0x99d;
- *(uint16_t*)0x20000000208e = 6;
- memcpy(
- (void*)0x200000002090,
- "\x91\x44\x10\xc3\x14\x2f\x4b\x77\x1a\x94\x34\xcc\x0f\x95\xe7\x04\x01\xb8"
- "\x48\xb6\x22\xff\x33\x17\x89\x14\x27\x49\x2c\x39\x12\xa8\x31\x5a\xce\xdc"
- "\xfb\x38\xe3\x96\x1c\x96\x20\x11\x76\xf4\x3b\x00\x35\xc0\x65\xf0\x1b\x1f"
- "\x4f\x3f\x06\x1f\xe8\x29\xa0\xdf\xbb\x01\x4a\xcd\xd4\x3c\x0d\x31\x51\x01"
- "\xf0\x89\x7d\xfe\x91\x57\x4a\xcf\x5b\x86\xe0\x96\x12\x4c\x50\x65\x0f\xce"
- "\x68\x28\x0c\x58\xd5\x6e\xc8\x50\x7a\xf5\x95\xd9\x8c\xa6\xf4\x48\x97\xbb"
- "\x7c\x58\xe9\x44\x62\x91\x23\xd9\x6f\x22\xac\x0b\xd6\x6d\x1b\x95\x2c\xdf"
- "\x47\x5b\x84\xb2\xa7\xab\x6f\xa7\xbc\xec\x0e\x72\x45\x55\x90\x2a\x25\x49"
- "\x2c\xd4\x08\x47\x97\x15\x0c\x5e\xf3\x05\x15\x45\x62\x1a\x78\xab\xd9\xff"
- "\x86\xc8\x82\x05\xe6\xdf\x41\x33\x76\x8e\x82\x71\xc6\x34\x35\x51\x52\x93"
- "\xcd\xdd\x75\xe0\x96\xe9\x28\x67\x2d\x99\xc6\x30\xb2\x85\xc3\x9e\xc1\xf0"
- "\xc5\x6e\x66\xb6\x7e\xb4\x38\x26\x72\xc8\xde\x49\x56\x98\x16\x4c\x19\xde"
- "\x6d\x2a\xcb\x8c\xdb\xa3\x40\x6d\xb2\x48\x68\xba\xe0\xfc\x93\xa1\xa6\x79"
- "\x85\xc0\x40\x96\x8c\x05\x92\x36\x1e\x5e\xcc\x0d\xde\xda\x42\x2e\x37\x66"
- "\x12\x75\x58\xcd\x30\xbc\xf6\xc5\xd7\xd2\x33\x39\xc2\x28\xdf\x7f\xb1\xe4"
- "\x5b\x5d\x29\xfc\x28\x1f\x9a\x1f\xad\x68\xc7\x9d\x11\x10\xe6\x16\x84\x21"
- "\x90\x56\x59\x8f\xbd\xb3\x55\xb3\x36\x97\xda\x47\xb0\x00\x02\x58\x4c\x72"
- "\x5f\xf7\x53\x86\x50\x3e\xbd\x9b\x1a\xb4\x52\x17\x3f\x31\xc9\x0d\xac\x89"
- "\x24\x20\x7d\xc1\xe6\xb5\x66\xdf\x35\x52\x89\x9e\x85\xb1\xa7\xa3\x31\x3b"
- "\x54\x26\x81\xf0\xae\x5d\x10\x03\x66\xdb\x60\xa9\x85\xc5\x09\x3d\x18\xcc"
- "\x32\x6a\x44\xd8\x70\x4f\xc8\x02\xc9\xf7\x2c\x54\x33\xe5\xc5\xd7\xd9\x68"
- "\xce\x9c\xc6\x4d\x43\x17\xe0\x8d\x96\x53\xd5\xc3\x37\x8e\x94\xd0\x0e\x68"
- "\x3c\xd0\x49\x9a\x28\x15\x8c\x62\x0c\x79\x0d\xfe\x93\x01\x47\x10\x0a\x60"
- "\x6f\x70\x44\x38\xe3\xc2\x8f\x9d\xad\x21\x8e\x57\x93\x77\x0a\xb2\x79\xd6"
- "\xe1\xee\x0c\xdc\xbd\x0e\x58\x5e\xb0\x17\x36\x20\x6e\x68\x48\xa8\x75\xb7"
- "\xd3\x8f\x36\xe4\x00\xba\x7a\xee\x0e\x68\x74\xa3\xf2\xc1\x78\xec\xc8\xc3"
- "\x3b\x85\xc1\x1a\x8b\xc4\xd1\xf6\x4d\x1f\x4f\x42\xad\x92\x4e\x0a\x2e\xa6"
- "\x8c\x09\x6b\x6a\xf0\x29\x05\x84\x16\x3c\x0f\x74\xd4\x5b\xf2\xf7\x01\x41"
- "\x4a\xd5\xe9\xeb\x2d\x8c\x1f\xd9\x32\x60\x51\x08\x9c\x2e\x74\x22\xed\x2b"
- "\x14\xab\x97\x26\x0a\x7b\xb0\xb0\xa4\x14\x18\xe9\x79\x8d\xa6\x69\x0f\x0d"
- "\x41\xd6\xfe\x41\xbe\x78\xef\x09\x97\x6e\xb1\x9d\xbc\xd7\xdb\x0a\xbc\x49"
- "\x3e\x35\x73\xe3\x89\x14\xba\x11\x56\x84\x90\x41\xed\x39\x56\x82\x7c\x07"
- "\x9e\xc8\xf7\x8b\xb1\x01\xf0\xea\xa0\x62\xe4\x2e\x14\x7c\xbb\xe0\xc4\xbc"
- "\xd0\x4a\x21\x72\x56\x7b\x75\x2c\xaa\x45\x5d\x55\x47\x1a\xe2\x95\x74\xbc"
- "\xd2\x7c\xb3\x6f\xba\xb6\xbc\xbe\xf2\xf7\x08\x67\x93\xa8\x60\xa7\xc5\x3d"
- "\x55\xa1\xe0\x5a\xb4\x70\x12\x83\xf8\xfa\x5d\x98\xd4\x27\x8d\x17\x7b\xe2"
- "\x6d\xfa\x7a\x45\x91\x01\x4d\x78\xd7\x46\x7e\xb1\x72\x25\x02\x3e\xae\x7d"
- "\xfa\xaf\x48\xf8\xd1\x93\x68\xfc\x51\x9a\x94\x5e\x7b\xfe\x87\x10\x00\xd8"
- "\x67\x55\x30\xca\xf7\x25\xcf\xf6\x0f\xdf\x02\xbd\xef\xf7\x7f\xa0\xcf\xe0"
- "\x20\x41\x26\x5b\xe3\xa1\xb5\x49\xb4\x4d\xa6\x48\xd2\xb2\x78\x57\xac\xab"
- "\x39\x98\x90\x43\xb1\xe3\xf0\xd6\x28\x96\x84\x3b\x47\xbc\xfe\x76\x73\x1f"
- "\x97\x38\x6b\xf8\x71\xcf\x8d\xd1\x19\x62\x21\x73\x68\x7c\x17\xb6\xd9\xe5"
- "\x1f\x3a\x05\x80\x0e\x81\xaf\x53\x43\x7d\x2f\xef\x3c\x96\x3d\x56\x60\xd9"
- "\xd6\x42\x74\xc0\x63\x6b\x5c\xf4\xc0\x55\x2b\x85\xf4\x1f\xe5\x11\x0e\x0b"
- "\x0c\x15\x93\x42\x44\x5e\x56\xbd\x00\x74\x4f\x65\x05\xde\x57\xdf\x44\x25"
- "\x1e\x47\x33\xb4\x9e\xdd\x8b\x14\x10\x05\x56\xb0\x4c\x1e\xc8\x87\x64\xb7"
- "\xad\xfc\xb6\xf0\x7e\xdc\x9e\x6a\x10\x4e\xb2\xfc\xfd\x16\x01\x2d\xd0\xe2"
- "\x88\x0e\x3e\xbd\x27\xc3\x98\x90\xdb\x33\x18\xd7\xc9\xf7\xa3\x6c\x49\xeb"
- "\x9c\xba\x81\xa7\x1d\x54\xab\x18\xa4\x54\xab\x5b\x29\xb9\xb3\x71\x16\x0a"
- "\xb5\x0e\xdb\x80\xe5\x7a\x0c\xcb\xc6\xa3\xd5\x77\x19\x98\xbe\xed\x38\x1d"
- "\x5b\x1a\xf1\x8c\x39\xba\xa2\x64\x70\x15\xdb\x44\x6c\xbd\x8f\x28\xae\xdd"
- "\x56\x39\x7d\x88\xaf\xcd\x5c\xd0\x33\x17\x85\x83\xcf\xa3\xd2\xf0\xe6\xe9"
- "\xf3\x15\x5c\x30\x02\xd1\x96\x56\x44\x10\x9f\x82\xd6\xe8\x84\xfd\xee\x36"
- "\x6d\x10\xdc\xce\x30\x90\x74\x7d\xea\xd8\x34\x27\xac\x35\x28\x33\xd0\xf0"
- "\xef\x98\xe2\xea\x39\x53\xb0\x17\x86\x7b\x21\x8e\xb6\x74\xe4\x98\xff\xbc"
- "\x6f\x8d\x38\xcf\xec\x66\x07\xe9\x72\x84\xa6\x37\xfe\xc1\x0b\x91\x56\x26"
- "\x8b\x00\x82\xa4\xb1\x78\xf6\x05\xd1\xd4\xe1\x24\xc3\x90\xe4\xad\xb5\xfa"
- "\x79\x68\x82\xcd\x5b\x94\xd7\xa2\xf9\xba\x05\xbc\x53\x10\xdd\x48\x72\xfb"
- "\x65\xb9\x37\x87\x59\xaa\xe0\xd2\xd4\xa4\x9c\x36\x0d\xfe\x15\x2a\x03\xe6"
- "\xcc\x89\xf9\x1a\x7e\x07\xe5\x36\x1f\xcf\xa9\xc9\x38\x8a\xea\xc6\xf8\xe2"
- "\xa3\x16\x1b\x6b\x66\x83\xf6\x4c\x6f\xd9\x1e\x3e\xac\xe2\xb9\xb8\x88\xb8"
- "\xb0\x69\x3c\xc4\x39\xc5\x65\x52\x38\x91\x61\x12\x8f\xfd\xd1\xe7\x01\x2e"
- "\xb9\xf0\xbc\xbb\x6e\x8f\xc5\xc4\xf1\x0d\xb3\xc8\x5e\x2d\x83\x60\x1d\xae"
- "\xe7\xfa\x9c\x40\xcf\x9a\x90\x96\xe2\x52\x82\xb3\x62\xed\x31\x27\xfa\x71"
- "\xe9\x06\x14\x4c\x7d\x8c\x1d\xa1\x52\xe8\xd6\x83\xec\x13\xac\x8c\x7c\x48"
- "\x01\xf2\x2f\xb2\x9f\x81\xcd\x26\xf4\xf8\xe7\xec\x1d\x79\x0d\x63\x48\x40"
- "\x29\x9e\xc7\xf6\x9b\x62\xb6\xc3\x49\x18\xb1\xf7\xd4\x56\xce\xf0\x15\x28"
- "\x6c\x5c\x16\x9d\x5a\xb9\x85\x49\xec\x79\xec\xb9\xcc\x72\xff\x89\x58\x3f"
- "\xb4\xab\xf4\x5f\x07\xe4\x36\xc4\x38\xd5\x25\xb0\x16\x89\xc9\x8d\x8f\xdc"
- "\xa4\xe2\x73\xe8\x92\x3f\x82\x0d\x7a\x3d\x2e\x02\x5d\x8f\x88\x31\xba\x75"
- "\x9a\x4d\x34\x46\xd3\xb7\x81\x5f\x8b\x09\x27\x20\x01\xa1\xe7\x46\xba\xdc"
- "\x24\xbf\x23\xdd\x9b\x16\x02\x2d\x77\x7d\x15\xd1\xac\x48\x79\xf3\x5b\xdc"
- "\xd2\x84\xf1\x88\x48\x85\x8b\x4b\x8b\x57\x42\xc8\x9a\x25\xfe\x7a\x6c\xc1"
- "\xea\x28\x45\x19\x07\xdd\xcf\x2c\x5d\x59\x29\x80\x50\xd5\xcf\x9d\x42\xc7"
- "\x0e\xf3\xbc\xf5\x1f\x7e\x55\xc6\xc4\xe3\xac\x93\xef\x41\x01\xa3\x83\x5c"
- "\x96\x85\xb3\xbc\x78\x3c\xdf\xce\x00\x0d\x02\x48\xbf\x3e\x78\xb2\x63\xc8"
- "\x3a\x38\x0b\xf3\xe7\x6b\xb3\x76\x5b\xa3\xa9\x99\x6a\x38\x55\x03\xbd\x35"
- "\x53\x5e\x23\x7a\x45\xe8\x41\x62\xae\xab\xd6\x00\x19\xbf\xde\xf2\x6f\xc7"
- "\xbf\x74\x6b\xe8\x6e\xec\xa6\xd5\x78\xe8\x76\x27\x77\xa0\xfa\x96\xa1\xd0"
- "\x04\x86\x85\xf9\x0c\x6a\xfd\xca\xaa\xe5\x28\xb6\xa0\x83\x7f\xa3\x04\x2b"
- "\x69\x1b\xb3\x12\x40\xe1\xae\x9c\x98\xce\x54\xc4\xdb\x70\xfb\x5b\x37\x34"
- "\x27\xe1\xd1\x04\xd2\xe0\xce\x65\x59\x5a\x30\x92\x04\x4d\xb2\x55\xfe\xec"
- "\x45\xc1\x41\x10\xb1\xc2\xf9\x83\x72\x39\xbb\x02\x83\xa2\xc8\xa7\xf2\xe4"
- "\x04\x64\x0b\x7b\x4e\xc9\xd7\x20\x7d\xf4\xb2\x70\xf2\x80\xca\x07\x15\x03"
- "\x48\x32\x41\x15\xf7\x4e\x2c\xfe\xfc\x11\x36\x29\x1b\x84\x3b\xdb\x17\x37"
- "\xfe\x17\x46\xcd\x65\xba\xca\xa3\x5a\x53\x50\x72\xf3\x1a\x35\x5e\xd1\xe9"
- "\x18\x50\x33\x68\xcf\xc3\x60\x71\xff\x87\x2a\x65\xb3\x83\xe1\x89\x17\xaa"
- "\x83\xd0\x59\xbc\x5c\x25\xaf\xf5\xba\xb3\x7f\x5b\x47\x32\x61\x7c\x0f\x37"
- "\xcd\x1c\xd8\x70\xa3\x67\xa7\xbe\x52\xb4\xc5\x5d\x15\x99\x0e\x88\xa5\xbb"
- "\x03\x49\xb0\x80\x77\x63\x2c\x1e\x3f\x61\x57\x1b\x0a\x38\x93\x71\xe5\xb2"
- "\x1c\x79\x61\x67\x59\x94\xe0\x3c\xcd\xc3\x7b\xb5\x08\x7b\xb1\x41\x0c\xd4"
- "\x46\x3b\x6b\x33\xf2\x10\xb0\x3b\x7c\x91\xbe\xce\x9e\x0e\x53\xa1\xc0\xaf"
- "\xae\x9e\x08\x27\x03\xbf\xb0\x52\xe7\x56\x8d\xb1\x91\xa2\x8a\x13\xd9\x5d"
- "\xf9\x55\xfd\xde\x43\x14\xb1\xa7\x77\x90\x9b\x71\xca\x19\x3d\x93\x0c\x60"
- "\x19\x98\x1d\x73\x60\xa4\x38\xb8\x4d\xb7\x82\x33\x9e\xd8\x1f\xdc\x47\xb9"
- "\x68\x69\x7e\xa1\xac\x14\x25\xcf\xde\x80\x84\x9a\xfd\x0d\xb4\x98\x2b\x69"
- "\xea\xfd\xf9\x18\xee\x84\xcd\x31\x0d\x51\xc5\x77\x08\x18\x8c\xa1\x8e\x81"
- "\xf0\x8f\x82\x27\x14\xc3\xc3\x14\xaf\x2b\xab\x6d\xaa\xa4\x09\x98\xee\x45"
- "\x34\x10\x85\x56\x4d\xe1\xfe\x3b\xdd\x84\xad\xfa\x3d\xb4\x63\x21\x33\x6a"
- "\x89\xe2\x2a\x3d\x2b\x29\x02\x15\xc8\x3a\x62\x45\x52\x5f\xc8\xe3\x7a\xd7"
- "\x3e\xce\xfb\x47\x30\xf8\xc5\x39\x11\x99\x94\x70\x7c\xbc\xce\x0a\xb8\x8f"
- "\x18\x57\x33\x04\xc9\x20\x22\x9b\x35\x60\xfb\x57\xc6\xde\x11\xa8\xe2\xe9"
- "\x6d\x4d\x6f\xbc\xa5\x7e\x6d\x73\xae\x78\x82\x4a\x90\x23\x3e\xba\x1a\xf4"
- "\xbc\x91\x45\x48\x5a\x06\x73\x01\xf6\x30\xef\x0d\x2a\x60\xab\x4a\xdf\xe2"
- "\x3f\x26\x1b\x8f\x53\xd7\xa0\x79\x04\x13\x64\xf9\x3d\x7b\xda\x2d\x16\x2e"
- "\x88\xe8\xe0\x93\xf7\x77\x38\x06\xdd\x5a\x2f\x29\xa0\x4d\x39\xfa\x03\xfa"
- "\xc7\x97\x1f\xd2\x93\xae\xfb\x8c\x36\xae\xb5\xe8\x52\xa8\xf6\xe4\x28\x5a"
- "\x7f\x90\xdb\x0c\xf8\x31\xa8\x53\x94\x80\xf0\x29\x1d\x9b\xa5\x4d\x97\xa9"
- "\x91\x2f\x24\xbe\x39\xaa\x71\x32\x56\xb2\x4a\xfa\xec\x31\xf6\x7d\xd6\xb6"
- "\xcf\xeb\x2f\x19\xa6\x1f\xbc\x1f\xe2\xb1\x6b\xb1\x80\xbc\x6b\xa9\xcc\x06"
- "\x48\xfb\x30\xc4\x0c\x27\x3a\x17\x4d\x7a\xd3\x9c\xb6\xd7\xf8\x20\x88\xfa"
- "\x80\x6c\xcc\x99\xa8\xcf\x19\x07\x43\xac\x23\x7d\x18\x84\xec\x73\x00\xfb"
- "\x8d\x34\x56\x68\x77\xf8\x4e\x8c\x63\xbe\xaa\x51\xfc\xaf\xf3\x30\x9e\x15"
- "\x02\xec\x0f\xde\xf5\xae\x0c\xed\x65\x7e\xde\xe1\xaf\x16\x15\xf0\xc6\xa3"
- "\x03\xe1\x07\x21\xb1\x7e\x01\x07\x99\xfd\x70\xff\x6f\x89\x26\x23\x64\x9a"
- "\xc3\x48\x3d\x98\x28\x2b\xda\x34\x45\x77\x8f\x0f\x85\xda\x32\xbd\xcc\x80"
- "\xcc\xb1\x13\x8a\x90\xee\x07\x4d\xc2\xea\x43\x27\x45\xff\xbc\xd1\x59\x5f"
- "\x72\xba\x0a\xeb\x41\x21\x2c\x97\xff\x37\x7a\xc4\x7b\xcb\x7d\xd2\x39\x36"
- "\x09\x47\xf2\xb9\xa2\x7b\x72\x75\x8a\xaf\xdd\x0e\x68\xee\x24\x71\x2d\x10"
- "\x05\xaa\x86\x9a\x7a\x6b\x02\x47\xf2\xd6\xd7\xd6\xfd\x7d\x4a\x71\xe4\xa9"
- "\xf0\x76\xa0\x87\x6f\x0a\xf9\xab\xfa\x1a\x8f\xf4\x04\xb2\xf9\xf9\x0a\x96"
- "\x1f\xb3\xef\x81\x4b\x9f\x2e\xda\xe0\x5d\x09\x46\xe5\x83\x05\x2b\x19\x99"
- "\x4b\xd0\x19\xd1\x44\xa1\x69\x0d\xca\xb6\xdc\x3a\x3c\xf4\x73\xcd\x1c\x1d"
- "\xb1\xc4\xc7\xd1\x90\x7b\xd9\x43\xe3\x05\xa4\x3b\x65\x67\x74\x4e\x99\x50"
- "\x11\xb6\xf2\x9d\xaf\xaa\xcf\xae\x9b\x6d\x61\xee\x85\xb1\xec\xeb\xef\x5d"
- "\xba\x7c\x41\xc4\x8d\xee\x92\xab\x35\x8d\xb8\x0e\x29\x81\x3b\xbe\xfe\xfb"
- "\xe0\x39\x4d\x67\xc2\x5a\x4b\x3a\x71\xa3\x1a\x1d\x09\x1d\xd3\x16\x63\x30"
- "\x88\xb1\xa2\x04\xc5\xf2\xd9\x41\x12\x8c\x1f\x6f\x1f\xc4\xea\x19\x23\x53"
- "\xd4\xd6\xce\x50\xa3\x92\x12\x94\x86\x2c\xca\xad\x37\x47\x4b\x2d\xb7\xc1"
- "\x05\xeb\x73\xe2\x61\x8b\xbb\xaf\x8c\xb6\x9f\xc4\x67\x5b\xfc\x68\xa2\x14"
- "\xa7\x31\xcc\xd1\x99\x02\x10\x30\x44\x66\xd6\xd4\xf8\x7f\x9e\x08\x01\x46"
- "\x80\x90\x94\x7c\xdd\xbe\xf8\x3a\x93\x10\xe5\xb1\x2f\x77\x37\xcb\x55\x0a"
- "\xb3\x57\x9b\x4f\x3e\xb7\xe5\x7f\xd5\x90\xb9\x32\xa2\x03\xa7\xa5\x08\xa8"
- "\xfb\x3b\x4b\xd1\x81\x55\xfe\xf4\xdb\x3a\x58\x04\x87\x1b\xdc\x63\x35\x54"
- "\x69\xf3\x4a\x16\x43\x1a\x0a\xf6\x27\xd1\x51\xaa\x66\xf0\x2d\x30\x81\x14"
- "\x92\x06\x45\x25\xd6\x9b\xde\x36\xe8\x0a\x53\xdd\x03\xfd\x41\x73\x6e\x9e"
- "\x77\x77\x09\xce\x2c\x72\xcc\xdc\xc3",
- 2457);
- *(uint16_t*)0x200000002a2c = 0xc;
- *(uint16_t*)0x200000002a2e = 7;
- *(uint32_t*)0x200000002a30 = 0;
- *(uint32_t*)0x200000002a34 = 0;
- *(uint16_t*)0x200000002a38 = 0xc;
- *(uint16_t*)0x200000002a3a = 8;
- *(uint32_t*)0x200000002a3c = 0;
- *(uint32_t*)0x200000002a40 = 0;
- *(uint64_t*)0x200000000348 = 0xec4;
- *(uint64_t*)0x200000000398 = 1;
- *(uint64_t*)0x2000000003a0 = 0;
- *(uint64_t*)0x2000000003a8 = 0;
- *(uint32_t*)0x2000000003b0 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[132], /*msg=*/0x200000000380ul, /*f=*/0ul);
- memcpy((void*)0x200000000140, "batadv_slave_0\000\000", 16);
- res =
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x8933, /*arg=*/0x200000000140ul);
- if (res != -1)
- r[134] = *(uint32_t*)0x200000000150;
- memcpy((void*)0x2000000001c0, "syztnl0\000\000\000\000\000\000\000\000\000",
- 16);
- *(uint64_t*)0x2000000001d0 = 0x200000000180;
- memcpy((void*)0x200000000180,
- "sit0\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint32_t*)0x200000000190 = r[134];
- *(uint16_t*)0x200000000194 = htobe16(0x700);
- *(uint16_t*)0x200000000196 = htobe16(0x40);
- *(uint32_t*)0x200000000198 = htobe32(0x808b);
- *(uint32_t*)0x20000000019c = htobe32(0);
- STORE_BY_BITMASK(uint8_t, , 0x2000000001a0, 6, 0, 4);
- STORE_BY_BITMASK(uint8_t, , 0x2000000001a0, 4, 4, 4);
- STORE_BY_BITMASK(uint8_t, , 0x2000000001a1, 0, 0, 2);
- STORE_BY_BITMASK(uint8_t, , 0x2000000001a1, 0xa, 2, 6);
- *(uint16_t*)0x2000000001a2 = htobe16(0x18);
- *(uint16_t*)0x2000000001a4 = htobe16(0x64);
- *(uint16_t*)0x2000000001a6 = htobe16(0);
- *(uint8_t*)0x2000000001a8 = 0x33;
- *(uint8_t*)0x2000000001a9 = 0x29;
- *(uint16_t*)0x2000000001aa = htobe16(0);
- *(uint32_t*)0x2000000001ac = htobe32(0);
- *(uint32_t*)0x2000000001b0 = htobe32(0);
- *(uint8_t*)0x2000000001b4 = 0x86;
- *(uint8_t*)0x2000000001b5 = 2;
- struct csum_inet csum_4;
- csum_inet_init(&csum_4);
- csum_inet_update(&csum_4, (const uint8_t*)0x2000000001a0, 24);
- *(uint16_t*)0x2000000001aa = csum_inet_digest(&csum_4);
- syscall(__NR_ioctl, /*fd=*/-1, /*cmd=*/0x89f8, /*arg=*/0x2000000001c0ul);
- memcpy((void*)0x200000000400,
- "team0\000\000\000\000\000\000\000\000\000\000\000", 16);
- res = syscall(__NR_ioctl, /*fd=*/r[121], /*cmd=*/0x8933,
- /*arg=*/0x200000000400ul);
- if (res != -1)
- r[135] = *(uint32_t*)0x200000000410;
- *(uint64_t*)0x200000000c40 = 0x200000000080;
- *(uint16_t*)0x200000000080 = 0x10;
- *(uint16_t*)0x200000000082 = 0;
- *(uint32_t*)0x200000000084 = 0;
- *(uint32_t*)0x200000000088 = 0x2000000;
- *(uint32_t*)0x200000000c48 = 0xc;
- *(uint64_t*)0x200000000c50 = 0x2000000004c0;
- *(uint64_t*)0x2000000004c0 = 0x200000000a40;
- *(uint32_t*)0x200000000a40 = 0x1cc;
- *(uint16_t*)0x200000000a44 = 0;
- *(uint16_t*)0x200000000a46 = 0x400;
- *(uint32_t*)0x200000000a48 = 0x70bd2b;
- *(uint32_t*)0x200000000a4c = 0x25dfdbfd;
- *(uint8_t*)0x200000000a50 = 0xb;
- *(uint8_t*)0x200000000a51 = 0;
- *(uint16_t*)0x200000000a52 = 0;
- *(uint16_t*)0x200000000a54 = 0x18;
- STORE_BY_BITMASK(uint16_t, , 0x200000000a56, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000a57, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000a57, 1, 7, 1);
- *(uint16_t*)0x200000000a58 = 0x14;
- *(uint16_t*)0x200000000a5a = 2;
- memcpy((void*)0x200000000a5c, "team_slave_0\000\000\000\000", 16);
- *(uint16_t*)0x200000000a6c = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x200000000a6e, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000a6f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000a6f, 1, 7, 1);
- *(uint16_t*)0x200000000a70 = 8;
- *(uint16_t*)0x200000000a72 = 1;
- *(uint32_t*)0x200000000a74 = 0;
- *(uint16_t*)0x200000000a78 = 0x48;
- STORE_BY_BITMASK(uint16_t, , 0x200000000a7a, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000a7b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000a7b, 1, 7, 1);
- *(uint16_t*)0x200000000a7c = 0x14;
- *(uint16_t*)0x200000000a7e = 2;
- memcpy((void*)0x200000000a80,
- "lo\000\000\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint16_t*)0x200000000a90 = 0x14;
- *(uint16_t*)0x200000000a92 = 2;
- memset((void*)0x200000000a94, 0, 16);
- *(uint16_t*)0x200000000aa4 = 8;
- *(uint16_t*)0x200000000aa6 = 3;
- *(uint32_t*)0x200000000aa8 = 2;
- *(uint16_t*)0x200000000aac = 0x14;
- *(uint16_t*)0x200000000aae = 2;
- memcpy((void*)0x200000000ab0,
- "nicvf0\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint16_t*)0x200000000ac0 = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x200000000ac2, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000ac3, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000ac3, 1, 7, 1);
- *(uint16_t*)0x200000000ac4 = 8;
- *(uint16_t*)0x200000000ac6 = 1;
- *(uint32_t*)0x200000000ac8 = r[122];
- *(uint16_t*)0x200000000acc = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x200000000ace, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000acf, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000acf, 1, 7, 1);
- *(uint16_t*)0x200000000ad0 = 8;
- *(uint16_t*)0x200000000ad2 = 1;
- *(uint32_t*)0x200000000ad4 = r[123];
- *(uint16_t*)0x200000000ad8 = 0x30;
- STORE_BY_BITMASK(uint16_t, , 0x200000000ada, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000adb, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000adb, 1, 7, 1);
- *(uint16_t*)0x200000000adc = 8;
- *(uint16_t*)0x200000000ade = 1;
- *(uint32_t*)0x200000000ae0 = r[124];
- *(uint16_t*)0x200000000ae4 = 8;
- *(uint16_t*)0x200000000ae6 = 1;
- *(uint32_t*)0x200000000ae8 = 0;
- *(uint16_t*)0x200000000aec = 0x14;
- *(uint16_t*)0x200000000aee = 2;
- memcpy((void*)0x200000000af0, "veth0_to_team\000\000\000", 16);
- *(uint16_t*)0x200000000b00 = 8;
- *(uint16_t*)0x200000000b02 = 1;
- *(uint32_t*)0x200000000b04 = r[125];
- *(uint16_t*)0x200000000b08 = 0x60;
- STORE_BY_BITMASK(uint16_t, , 0x200000000b0a, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000b0b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000b0b, 1, 7, 1);
- *(uint16_t*)0x200000000b0c = 8;
- *(uint16_t*)0x200000000b0e = 1;
- *(uint32_t*)0x200000000b10 = r[127];
- *(uint16_t*)0x200000000b14 = 8;
- *(uint16_t*)0x200000000b16 = 1;
- *(uint32_t*)0x200000000b18 = r[129];
- *(uint16_t*)0x200000000b1c = 8;
- *(uint16_t*)0x200000000b1e = 3;
- *(uint32_t*)0x200000000b20 = 2;
- *(uint16_t*)0x200000000b24 = 8;
- *(uint16_t*)0x200000000b26 = 1;
- *(uint32_t*)0x200000000b28 = r[130];
- *(uint16_t*)0x200000000b2c = 8;
- *(uint16_t*)0x200000000b2e = 1;
- *(uint32_t*)0x200000000b30 = r[131];
- *(uint16_t*)0x200000000b34 = 8;
- *(uint16_t*)0x200000000b36 = 3;
- *(uint32_t*)0x200000000b38 = 1;
- *(uint16_t*)0x200000000b3c = 0x14;
- *(uint16_t*)0x200000000b3e = 2;
- memcpy((void*)0x200000000b40, "veth1_vlan\000\000\000\000\000\000", 16);
- *(uint16_t*)0x200000000b50 = 8;
- *(uint16_t*)0x200000000b52 = 1;
- *(uint32_t*)0x200000000b54 = r[133];
- *(uint16_t*)0x200000000b58 = 8;
- *(uint16_t*)0x200000000b5a = 3;
- *(uint32_t*)0x200000000b5c = 0;
- *(uint16_t*)0x200000000b60 = 8;
- *(uint16_t*)0x200000000b62 = 3;
- *(uint32_t*)0x200000000b64 = 1;
- *(uint16_t*)0x200000000b68 = 0x64;
- STORE_BY_BITMASK(uint16_t, , 0x200000000b6a, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000b6b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000b6b, 1, 7, 1);
- *(uint16_t*)0x200000000b6c = 8;
- *(uint16_t*)0x200000000b6e = 3;
- *(uint32_t*)0x200000000b70 = 0;
- *(uint16_t*)0x200000000b74 = 8;
- *(uint16_t*)0x200000000b76 = 3;
- *(uint32_t*)0x200000000b78 = 1;
- *(uint16_t*)0x200000000b7c = 8;
- *(uint16_t*)0x200000000b7e = 3;
- *(uint32_t*)0x200000000b80 = 0;
- *(uint16_t*)0x200000000b84 = 8;
- *(uint16_t*)0x200000000b86 = 1;
- *(uint32_t*)0x200000000b88 = r[134];
- *(uint16_t*)0x200000000b8c = 0x14;
- *(uint16_t*)0x200000000b8e = 2;
- memcpy((void*)0x200000000b90, "team_slave_0\000\000\000\000", 16);
- *(uint16_t*)0x200000000ba0 = 8;
- *(uint16_t*)0x200000000ba2 = 3;
- *(uint32_t*)0x200000000ba4 = 5;
- *(uint16_t*)0x200000000ba8 = 8;
- *(uint16_t*)0x200000000baa = 3;
- *(uint32_t*)0x200000000bac = 0;
- *(uint16_t*)0x200000000bb0 = 8;
- *(uint16_t*)0x200000000bb2 = 1;
- *(uint32_t*)0x200000000bb4 = r[135];
- *(uint16_t*)0x200000000bb8 = 0x14;
- *(uint16_t*)0x200000000bba = 2;
- memcpy((void*)0x200000000bbc, "veth1_macvtap\000\000\000", 16);
- *(uint16_t*)0x200000000bcc = 0x34;
- STORE_BY_BITMASK(uint16_t, , 0x200000000bce, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000bcf, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000bcf, 1, 7, 1);
- *(uint16_t*)0x200000000bd0 = 0x14;
- *(uint16_t*)0x200000000bd2 = 2;
- memcpy((void*)0x200000000bd4,
- "veth0\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint16_t*)0x200000000be4 = 0x14;
- *(uint16_t*)0x200000000be6 = 2;
- memcpy((void*)0x200000000be8, "batadv0\000\000\000\000\000\000\000\000\000",
- 16);
- *(uint16_t*)0x200000000bf8 = 8;
- *(uint16_t*)0x200000000bfa = 3;
- *(uint32_t*)0x200000000bfc = 1;
- *(uint16_t*)0x200000000c00 = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x200000000c02, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000c03, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000c03, 1, 7, 1);
- *(uint16_t*)0x200000000c04 = 8;
- *(uint16_t*)0x200000000c06 = 3;
- *(uint32_t*)0x200000000c08 = 1;
- *(uint64_t*)0x2000000004c8 = 0x1cc;
- *(uint64_t*)0x200000000c58 = 1;
- *(uint64_t*)0x200000000c60 = 0;
- *(uint64_t*)0x200000000c68 = 0;
- *(uint32_t*)0x200000000c70 = 4;
- syscall(__NR_sendmsg, /*fd=*/-1, /*msg=*/0x200000000c40ul,
- /*f=MSG_ZEROCOPY*/ 0x4000000ul);
- memcpy((void*)0x200000000040, "./file2\000", 8);
- res = syscall(
- __NR_open, /*file=*/0x200000000040ul,
- /*flags=O_TRUNC|O_SYNC|O_NOFOLLOW|O_NOCTTY|O_LARGEFILE|O_EXCL|0x82002*/
- 0x1ab382ul, /*mode=*/0ul);
- if (res != -1)
- r[136] = res;
- syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0xc);
- syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0xc);
- syscall(__NR_sendmsg, /*fd=*/-1, /*msg=*/0ul, /*f=*/0ul);
- *(uint32_t*)0x200000000100 = 0;
- *(uint8_t*)0x200000000104 = 0x29;
- *(uint16_t*)0x200000000105 = 0;
- *(uint32_t*)0x200000000107 = 0;
- syscall(__NR_write, /*fd=*/r[136], /*data=*/0x200000000100ul,
- /*size=*/0xbful);
- *(uint64_t*)0x200000000240 = 0;
- syscall(__NR_sendfile, /*fdout=*/r[136], /*fdin=*/r[136],
- /*off=*/0x200000000240ul, /*count=*/0x7f06ul);
- memcpy((void*)0x200000000040, "./file2\000", 8);
- res = syscall(__NR_open, /*file=*/0x200000000040ul,
- /*flags=O_SYNC|O_CREAT|O_CLOEXEC|O_RDWR*/ 0x181042ul,
- /*mode=*/0ul);
- if (res != -1)
- r[137] = res;
- *(uint32_t*)0x200000000100 = 0;
- *(uint8_t*)0x200000000104 = 0x29;
- *(uint16_t*)0x200000000105 = 0;
- *(uint32_t*)0x200000000107 = 0;
- syscall(__NR_write, /*fd=*/r[137], /*data=*/0x200000000100ul,
- /*size=*/0xbful);
- *(uint64_t*)0x200000000240 = 0;
- syscall(__NR_sendfile, /*fdout=*/r[137], /*fdin=*/r[137],
- /*off=*/0x200000000240ul, /*count=*/0x7f06ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=SOCK_RAW*/ 3ul,
- /*proto=*/0x71);
- if (res != -1)
- r[138] = res;
- *(uint32_t*)0x200000000080 = 4;
- syscall(__NR_setsockopt, /*fd=*/r[138], /*level=*/0,
- /*optname=IP_CHECKSUM*/ 0x17, /*optval=*/0x200000000080ul,
- /*optlen=*/4ul);
- *(uint32_t*)0x200000000100 = 0x10000;
- syscall(__NR_setsockopt, /*fd=*/r[138], /*level=*/0,
- /*optname=IP_CHECKSUM*/ 0x17, /*optval=*/0x200000000100ul,
- /*optlen=*/4ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul,
- /*proto=NETLINK_INET_DIAG*/ 4);
- if (res != -1)
- r[139] = res;
- memcpy((void*)0x2000000000c0, "TIPCv2\000", 7);
- res = -1;
- res = syz_genetlink_get_family_id(/*name=*/0x2000000000c0, /*fd=*/r[139]);
- if (res != -1)
- r[140] = res;
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0x10);
- if (res != -1)
- r[141] = res;
- memcpy((void*)0x200000000280, "ethtool\000", 8);
- res = -1;
- res = syz_genetlink_get_family_id(/*name=*/0x200000000280, /*fd=*/r[139]);
- if (res != -1)
- r[142] = res;
- *(uint64_t*)0x200000000340 = 0x200000000240;
- *(uint16_t*)0x200000000240 = 0x10;
- *(uint16_t*)0x200000000242 = 0;
- *(uint32_t*)0x200000000244 = 0;
- *(uint32_t*)0x200000000248 = 0x80000000;
- *(uint32_t*)0x200000000348 = 0xc;
- *(uint64_t*)0x200000000350 = 0x200000000300;
- *(uint64_t*)0x200000000300 = 0x2000000002c0;
- *(uint32_t*)0x2000000002c0 = 0x1c;
- *(uint16_t*)0x2000000002c4 = r[142];
- *(uint16_t*)0x2000000002c6 = 0x800;
- *(uint32_t*)0x2000000002c8 = 0x70bd25;
- *(uint32_t*)0x2000000002cc = 0x25dfdbfb;
- *(uint8_t*)0x2000000002d0 = 3;
- *(uint8_t*)0x2000000002d1 = 0;
- *(uint16_t*)0x2000000002d2 = 0;
- *(uint16_t*)0x2000000002d4 = 5;
- *(uint16_t*)0x2000000002d6 = 5;
- *(uint8_t*)0x2000000002d8 = 3;
- *(uint64_t*)0x200000000308 = 0x1c;
- *(uint64_t*)0x200000000358 = 1;
- *(uint64_t*)0x200000000360 = 0;
- *(uint64_t*)0x200000000368 = 0;
- *(uint32_t*)0x200000000370 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[141], /*msg=*/0x200000000340ul,
- /*f=MSG_DONTROUTE*/ 4ul);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- syscall(__NR_mkdirat, /*fd=*/0xffffff9c, /*path=*/0x200000000000ul,
- /*mode=*/0ul);
- res = syscall(__NR_pipe2, /*pipefd=*/0x200000000240ul, /*flags=*/0ul);
- if (res != -1) {
- r[143] = *(uint32_t*)0x200000000240;
- r[144] = *(uint32_t*)0x200000000244;
- }
- memcpy((void*)0x2000000002c0,
- "\x15\x00\x00\x00\x65\xff\xff\x01\x80\x00\x00\x08\x00\x39\x50\x32\x30"
- "\x30\x30",
- 19);
- syscall(__NR_write, /*fd=*/r[144], /*data=*/0x2000000002c0ul,
- /*size=*/0x15ul);
- res = syscall(__NR_dup, /*oldfd=*/r[144]);
- if (res != -1)
- r[145] = res;
- res = syscall(__NR_socket, /*domain=*/2ul,
- /*type=SOCK_STREAM|0x4000000000000000*/ 0x4000000000000001ul,
- /*proto=*/0);
- if (res != -1)
- r[146] = res;
- *(uint16_t*)0x200000000080 = 2;
- *(uint16_t*)0x200000000082 = htobe16(0x4e23);
- *(uint32_t*)0x200000000084 = htobe32(0xe0000001);
- syscall(__NR_bind, /*fd=*/r[146], /*addr=*/0x200000000080ul,
- /*addrlen=*/0x10ul);
- *(uint16_t*)0x200000e68000 = 2;
- *(uint16_t*)0x200000e68002 = htobe16(0x4e23);
- *(uint32_t*)0x200000e68004 = htobe32(0);
- syscall(__NR_sendto, /*fd=*/r[146], /*buf=*/0ul, /*len=*/0ul,
- /*f=MSG_FASTOPEN|MSG_PROBE|MSG_OOB|MSG_EOR|MSG_DONTROUTE|0x728*/
- 0x200007bdul, /*addr=*/0x200000e68000ul, /*addrlen=*/0x10ul);
- *(uint32_t*)0x2000000001c0 = 0xa;
- syscall(__NR_setsockopt, /*fd=*/r[146], /*level=*/1,
- /*optname=SO_KEEPALIVE*/ 9, /*optval=*/0x2000000001c0ul,
- /*optlen=*/0x44ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/6);
- if (res != -1)
- r[147] = res;
- *(uint64_t*)0x200000000180 = 0;
- *(uint32_t*)0x200000000188 = 0;
- *(uint64_t*)0x200000000190 = 0x200000000340;
- *(uint64_t*)0x200000000340 = 0x200000000d80;
- *(uint32_t*)0x200000000d80 = 0x140;
- *(uint16_t*)0x200000000d84 = 0x10;
- *(uint16_t*)0x200000000d86 = 0x713;
- *(uint32_t*)0x200000000d88 = 0;
- *(uint32_t*)0x200000000d8c = 0;
- *(uint8_t*)0x200000000d90 = 0xfe;
- *(uint8_t*)0x200000000d91 = 0x88;
- memset((void*)0x200000000d92, 0, 12);
- *(uint8_t*)0x200000000d9e = 0;
- *(uint8_t*)0x200000000d9f = 1;
- *(uint8_t*)0x200000000da0 = -1;
- *(uint8_t*)0x200000000da1 = 1;
- memset((void*)0x200000000da2, 0, 13);
- *(uint8_t*)0x200000000daf = 1;
- *(uint16_t*)0x200000000db0 = htobe16(0);
- *(uint16_t*)0x200000000db2 = htobe16(0);
- *(uint16_t*)0x200000000db4 = htobe16(0);
- *(uint16_t*)0x200000000db6 = htobe16(0);
- *(uint16_t*)0x200000000db8 = 0;
- *(uint8_t*)0x200000000dba = 0;
- *(uint8_t*)0x200000000dbb = 0;
- *(uint8_t*)0x200000000dbc = 0;
- *(uint32_t*)0x200000000dc0 = 0;
- *(uint32_t*)0x200000000dc4 = 0;
- *(uint32_t*)0x200000000dc8 = htobe32(0);
- *(uint32_t*)0x200000000dd8 = htobe32(0);
- *(uint8_t*)0x200000000ddc = 0x32;
- *(uint8_t*)0x200000000de0 = 0xfc;
- *(uint8_t*)0x200000000de1 = 2;
- memset((void*)0x200000000de2, 0, 13);
- *(uint8_t*)0x200000000def = 0;
- *(uint64_t*)0x200000000df0 = 0;
- *(uint64_t*)0x200000000df8 = 0;
- *(uint64_t*)0x200000000e00 = 0;
- *(uint64_t*)0x200000000e08 = 0;
- *(uint64_t*)0x200000000e10 = 0;
- *(uint64_t*)0x200000000e18 = 0;
- *(uint64_t*)0x200000000e20 = 0;
- *(uint64_t*)0x200000000e28 = 0;
- *(uint64_t*)0x200000000e30 = 0;
- *(uint64_t*)0x200000000e38 = 0;
- *(uint64_t*)0x200000000e40 = 0;
- *(uint64_t*)0x200000000e48 = 0;
- *(uint32_t*)0x200000000e50 = 0;
- *(uint32_t*)0x200000000e54 = 0;
- *(uint32_t*)0x200000000e58 = 0;
- *(uint32_t*)0x200000000e5c = 0;
- *(uint32_t*)0x200000000e60 = 0;
- *(uint16_t*)0x200000000e64 = 0xa;
- *(uint8_t*)0x200000000e66 = 0;
- *(uint8_t*)0x200000000e67 = 0;
- *(uint8_t*)0x200000000e68 = 0;
- *(uint16_t*)0x200000000e70 = 0x48;
- *(uint16_t*)0x200000000e72 = 2;
- memcpy((void*)0x200000000e74,
- "ecb(cipher_null)"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000",
- 64);
- *(uint32_t*)0x200000000eb4 = 0;
- *(uint16_t*)0x200000000eb8 = 8;
- *(uint16_t*)0x200000000eba = 0xc;
- *(uint32_t*)0x200000000ebc = 0;
- *(uint64_t*)0x200000000348 = 0x140;
- *(uint64_t*)0x200000000198 = 1;
- *(uint64_t*)0x2000000001a0 = 0;
- *(uint64_t*)0x2000000001a8 = 0;
- *(uint32_t*)0x2000000001b0 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[147], /*msg=*/0x200000000180ul, /*f=*/0ul);
- memcpy((void*)0x200000000340,
- "\x53\x00\x00\x00\x07\x00\x00\x46\x00\x9c\xe6\xe7\xe6\x76", 14);
- syscall(__NR_write, /*fd=*/r[145], /*data=*/0x200000000340ul,
- /*size=*/0x53ul);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- memcpy((void*)0x200000000180, "9p\000", 3);
- memcpy((void*)0x200000000080, "trans=fd,", 9);
- memcpy((void*)0x200000000089, "rfdno", 5);
- *(uint8_t*)0x20000000008e = 0x3d;
- sprintf((char*)0x20000000008f, "0x%016llx", (long long)r[143]);
- *(uint8_t*)0x2000000000a1 = 0x2c;
- memcpy((void*)0x2000000000a2, "wfdno", 5);
- *(uint8_t*)0x2000000000a7 = 0x3d;
- sprintf((char*)0x2000000000a8, "0x%016llx", (long long)r[145]);
- *(uint8_t*)0x2000000000ba = 0x2c;
- *(uint8_t*)0x2000000000bb = 0x6b;
- syscall(__NR_mount, /*src=*/0ul, /*dst=*/0x200000000000ul,
- /*type=*/0x200000000180ul, /*flags=*/0ul, /*opts=*/0x200000000080ul);
- *(uint64_t*)0x200000000200 = 0x200000000000;
- *(uint16_t*)0x200000000000 = 0x10;
- *(uint16_t*)0x200000000002 = 0;
- *(uint32_t*)0x200000000004 = 0;
- *(uint32_t*)0x200000000008 = 0x4000000;
- *(uint32_t*)0x200000000208 = 0xc;
- *(uint64_t*)0x200000000210 = 0x2000000001c0;
- *(uint64_t*)0x2000000001c0 = 0x200000000140;
- *(uint32_t*)0x200000000140 = 0x58;
- *(uint16_t*)0x200000000144 = r[140];
- *(uint16_t*)0x200000000146 = 0x100;
- *(uint32_t*)0x200000000148 = 0x70bd2a;
- *(uint32_t*)0x20000000014c = 0x25dfdbfe;
- *(uint8_t*)0x200000000150 = 0x15;
- *(uint8_t*)0x200000000151 = 0;
- *(uint16_t*)0x200000000152 = 0;
- *(uint16_t*)0x200000000154 = 0x2c;
- STORE_BY_BITMASK(uint16_t, , 0x200000000156, 7, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000157, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000157, 1, 7, 1);
- *(uint16_t*)0x200000000158 = 0xc;
- *(uint16_t*)0x20000000015a = 3;
- *(uint64_t*)0x20000000015c = 0x14c;
- *(uint16_t*)0x200000000164 = 0xc;
- *(uint16_t*)0x200000000166 = 4;
- *(uint64_t*)0x200000000168 = 9;
- *(uint16_t*)0x200000000170 = 8;
- *(uint16_t*)0x200000000172 = 1;
- *(uint32_t*)0x200000000174 = -1;
- *(uint16_t*)0x200000000178 = 8;
- *(uint16_t*)0x20000000017a = 1;
- *(uint32_t*)0x20000000017c = 5;
- *(uint16_t*)0x200000000180 = 4;
- STORE_BY_BITMASK(uint16_t, , 0x200000000182, 7, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000183, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000183, 1, 7, 1);
- *(uint16_t*)0x200000000184 = 0x14;
- STORE_BY_BITMASK(uint16_t, , 0x200000000186, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000187, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000187, 1, 7, 1);
- *(uint16_t*)0x200000000188 = 0x10;
- *(uint16_t*)0x20000000018a = 1;
- memcpy((void*)0x20000000018c, "eth", 3);
- *(uint8_t*)0x20000000018f = 0x3a;
- memcpy((void*)0x200000000190, "macsec0\000", 8);
- *(uint64_t*)0x2000000001c8 = 0x58;
- *(uint64_t*)0x200000000218 = 1;
- *(uint64_t*)0x200000000220 = 0;
- *(uint64_t*)0x200000000228 = 0;
- *(uint32_t*)0x200000000230 = 0x10;
- syscall(__NR_sendmsg, /*fd=*/r[139], /*msg=*/0x200000000200ul,
- /*f=MSG_DONTWAIT*/ 0x40ul);
- *(uint64_t*)0x200000009900 = 0;
- *(uint32_t*)0x200000009908 = 0;
- *(uint64_t*)0x200000009910 = 0x200000009800;
- *(uint64_t*)0x200000009800 = 0x200000000040;
- *(uint32_t*)0x200000000040 = 0x10;
- *(uint16_t*)0x200000000044 = 0x15;
- *(uint16_t*)0x200000000046 = 1;
- *(uint32_t*)0x200000000048 = 0;
- *(uint32_t*)0x20000000004c = 0;
- *(uint64_t*)0x200000009808 = 0x10;
- *(uint64_t*)0x200000009918 = 1;
- *(uint64_t*)0x200000009920 = 0;
- *(uint64_t*)0x200000009928 = 0;
- *(uint32_t*)0x200000009930 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[139], /*msg=*/0x200000009900ul, /*f=*/0ul);
- memcpy((void*)0x200000000400, "/dev/net/tun\000", 13);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000400ul, /*flags=O_RDWR*/ 2, /*mode=*/0);
- if (res != -1)
- r[148] = res;
- memset((void*)0x200000000280, 0, 16);
- *(uint16_t*)0x200000000290 = 0x4009;
- syscall(__NR_ioctl, /*fd=*/r[148], /*cmd=*/0x400454ca,
- /*arg=*/0x200000000280ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[149] = res;
- res = syscall(__NR_dup2, /*oldfd=*/r[148], /*newfd=*/r[149]);
- if (res != -1)
- r[150] = res;
- memcpy((void*)0x200000000300,
- "\x00\x00\x00\x00\x10\x01\x00\x00\x01\x00\x00\x00\x88\x96", 14);
- syscall(__NR_write, /*fd=*/r[150], /*buf=*/0x200000000300ul,
- /*count=*/0xfdeful);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[151] = res;
- *(uint64_t*)0x200000000040 = 0;
- *(uint32_t*)0x200000000048 = 0;
- *(uint64_t*)0x200000000050 = 0x200000000000;
- *(uint64_t*)0x200000000000 = 0x200000000080;
- *(uint32_t*)0x200000000080 = 0x24;
- *(uint16_t*)0x200000000084 = 0x19;
- *(uint16_t*)0x200000000086 = 0x515;
- *(uint32_t*)0x200000000088 = 0;
- *(uint32_t*)0x20000000008c = 0;
- *(uint8_t*)0x200000000090 = 2;
- *(uint8_t*)0x200000000091 = 0;
- *(uint16_t*)0x200000000092 = 0;
- *(uint16_t*)0x200000000094 = 8;
- STORE_BY_BITMASK(uint16_t, , 0x200000000096, 0, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000097, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000097, 0, 7, 1);
- *(uint32_t*)0x200000000098 = 0;
- *(uint16_t*)0x20000000009c = 8;
- STORE_BY_BITMASK(uint16_t, , 0x20000000009e, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000009f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000009f, 0, 7, 1);
- *(uint32_t*)0x2000000000a0 = 0;
- *(uint64_t*)0x200000000008 = 0x24;
- *(uint64_t*)0x200000000058 = 1;
- *(uint64_t*)0x200000000060 = 0;
- *(uint64_t*)0x200000000068 = 0;
- *(uint32_t*)0x200000000070 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[151], /*msg=*/0x200000000040ul, /*f=*/0ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=*/2ul, /*proto=*/0x88);
- if (res != -1)
- r[152] = res;
- *(uint32_t*)0x200000000080 = 0x2d;
- syscall(__NR_getsockopt, /*fd=*/r[152], /*level=*/0x29, /*optname=*/0x41,
- /*optval=*/0ul, /*optlen=*/0x200000000080ul);
- memcpy((void*)0x200000000400, "./file1\000", 8);
- syscall(__NR_mkdir, /*path=*/0x200000000400ul, /*mode=*/0ul);
- memcpy((void*)0x2000000001c0,
- "\023\023w\305\3745\324\024T\325\324\035)\255\032`)"
- "Y\201F\346\276\026nA\255\r\275@T\003<\2373\273\332\202$"
- "\242\363\327r\347cnH\263<\277p\203r\350\361\271\223>"
- "\305\022wC\276\"\006 \236\360-\371\313\362\366\350\200\3238/\000",
- 78);
- syscall(__NR_mkdir, /*path=*/0x2000000001c0ul, /*mode=*/0ul);
- memcpy((void*)0x200000000040, "./file1\000", 8);
- memcpy((void*)0x200000000240, "system.posix_acl_default\000", 25);
- *(uint32_t*)0x200000000640 = 2;
- *(uint16_t*)0x200000000644 = 1;
- *(uint16_t*)0x200000000646 = 0;
- *(uint32_t*)0x200000000648 = 0;
- *(uint16_t*)0x20000000064c = 4;
- *(uint16_t*)0x20000000064e = 0;
- *(uint32_t*)0x200000000650 = 0;
- *(uint16_t*)0x200000000654 = 0x10;
- *(uint16_t*)0x200000000656 = 0;
- *(uint32_t*)0x200000000658 = 0;
- *(uint16_t*)0x20000000065c = 0x20;
- *(uint16_t*)0x20000000065e = 0;
- *(uint32_t*)0x200000000660 = 0;
- syscall(__NR_lsetxattr, /*path=*/0x200000000040ul, /*name=*/0x200000000240ul,
- /*val=*/0x200000000640ul, /*size=*/0x24ul, /*flags=*/0ul);
- memcpy((void*)0x200000000480, ".\000", 2);
- res = syscall(__NR_open, /*file=*/0x200000000480ul, /*flags=*/0ul,
- /*mode=*/0ul);
- if (res != -1)
- r[153] = res;
- memcpy((void*)0x200000000140,
- "\023\023w\305\3745\324\024T\325\324\035)\255\032`)"
- "Y\201F\346\276\026nA\255\r\275@T\003<\2373\273\332\202$"
- "\242\363\327r\347cnH\263<\277p\203r\350\361\271\223>"
- "\305\022wC\276\"\006 \236\360-\371\313\362\366\350\200\3238/\000",
- 78);
- memcpy((void*)0x2000000002c0, "./file1\000", 8);
- syscall(__NR_renameat2, /*oldfd=*/r[153], /*old=*/0x200000000140ul,
- /*newfd=*/r[153], /*new=*/0x2000000002c0ul, /*flags=*/0ul);
- memcpy((void*)0x200000000180, "vfat\000", 5);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- memcpy(
- (void*)0x2000000004c0,
- "\x75\x6e\x69\x5f\x78\x6c\x61\x74\x65\x3d\x31\x2c\x65\x72\x72\x6f\x72\x73"
- "\x3d\x63\x6f\x6e\x74\x69\x6e\x0f\x65\x2c\x73\x68\x6f\x72\x74\x6e\x61\x6d"
- "\x65\x3d\x6d\x69\x78\x65\x64\x2c\x6e\x6f\x63\x61\x73\x65\x5b\xda\x2c\x6e"
- "\x6f\x6e\x75\x6d\x74\x61\x69\x6c\x3d\x30\x2c\x75\x74\x66\x38\x3d\x31\x2c"
- "\x75\x69\x64\x3d\xda\x39\xb7\x99\xbd\xb5\xb1\x0c\xa5\xc4\x06\x0f\x23\xf4"
- "\x0c\xbe\x89\xe8\x26\x78\x47\x46\x25\x13\xfa\x54\x68\x9f\x6c\xa9\xa0\xdd"
- "\x82\x0c\x29\xbb\xdc\x8b\x59\x65\x44\x6f\x2b\x12\xab\xc5\x14\x69\x0d\x29"
- "\x9c\x5d\x9f\x6a\x23\xb5\x68\x81\x9c\xe6\x6f\xfa\x6d\x98\xd6\xca\x55\xe3"
- "\x96\x1e\xdd\xe4\x0f\x8b\xca\x2d\xab\x2a\x48\x22\xcb\x44\x74\xad\x5a\xb5"
- "\x38\xb5\xb6\x80\x9d\x82\x60\x84\x7d\x62\xf1\x05\x00\x00\x00\x48\xae\x6e"
- "\x1c\xbf\x37\x63\x9b\x44\x66\x1e\xf9\x37\x42\xf1\x7a\x1b\x99\x8b\x40\xe2"
- "\x05\xf5\x77\x15\x10\xdd\x2f\x3a\x59\xf3\xbb\x29\x90\x83\x76\x2e\x28\x53"
- "\xc7\x05\x6a\x9a\x5b\xb6\xe2\x37\xe9\x4a\x25\x61\xa2\x5b\xdc\x03\x57\xce"
- "\x7a\x25\x57\x01\x14\xbb\x42",
- 241);
- sprintf((char*)0x2000000005b1, "0x%016llx", (long long)0);
- memcpy((void*)0x2000000005c3,
- ",rodir,nfs,shortname=lower,fmask=00000000000000000000002,shortname="
- "win95,nfs,nonumtail=0,utf8=0,uni_xlate=1,nonumtail=0,\000",
- 121);
- memcpy(
- (void*)0x200000002300,
- "\x78\x9c\xec\xdd\x3f\x6b\x23\x47\x14\x00\xf0\xb7\xb2\x2c\x29\x49\x21\x15"
- "\xa9\x42\x20\x0b\x49\x91\xca\xd8\x6e\xd3\xc8\x04\x1b\x4c\x54\x25\xa8\x48"
- "\x52\x24\x26\xb6\x21\x58\x22\x60\x83\x21\x7f\x88\xe2\x2a\x6d\x9a\x94\xf9"
- "\x04\x81\x40\xba\xfb\x12\xd7\xdc\x37\x38\xb8\xf6\xe0\xba\x73\x61\xd8\x63"
- "\xa5\xdd\x93\xec\x93\x65\xeb\xb0\xec\xfb\xf3\xfb\x35\x1e\xcf\xce\x9b\x79"
- "\x33\x1e\x6c\x5c\xec\xd3\xf7\x1f\xf6\x0f\x76\xd3\xd8\x3f\xf9\xed\x61\x34"
- "\x1a\x49\x54\xda\xd1\x8e\xd3\x24\x5a\x51\x89\xd2\x1f\x71\x4e\xfb\xaf\x00"
- "\x00\x5e\x67\xa7\x59\x16\x4f\xb2\x91\x79\xe2\x92\x88\x68\x2c\x2e\x2d\x00"
- "\x60\x81\xe6\xfe\xfb\xff\xff\xc2\x53\x02\x00\x16\xec\xab\xaf\xbf\xf9\x62"
- "\xa3\xd3\xd9\xfc\x32\x4d\x1b\xb1\xd5\xff\xf3\xb8\x9b\xff\x67\x9f\x7f\x1d"
- "\x3d\xdf\xd8\x8f\x1f\xa3\x17\x7b\xb1\x1a\xcd\x38\x8b\xc8\x9e\x1b\xb5\xb7"
- "\xb2\x2c\x1b\x54\xd3\x5c\x2b\x3e\xe9\x0f\x8e\xbb\x79\x64\xff\xbb\xfb\xc5"
- "\xfc\x1b\x8f\x23\x86\xf1\x6b\xd1\x8c\xd6\xb0\xeb\x7c\xfc\x76\x67\x73\x2d"
- "\x1d\x99\x88\x1f\xe4\x79\xbc\x5b\xac\xdf\xce\xe3\xd7\xa3\x19\xef\x4f\x59"
- "\x7f\xbb\xb3\xb9\x3e\x25\x3e\xba\xb5\xf8\xf4\xe3\x89\xfc\x57\xa2\x19\x0f"
- "\x7e\x88\x9f\xa2\x17\xbb\xc3\x24\xc6\xf1\xbf\xaf\xa5\xe9\xe7\xd9\xdf\x4f"
- "\x7f\xfd\x36\x4f\x2f\x8f\x4f\x06\xc7\xdd\xfa\x70\xdc\x58\xb6\x74\xcb\x3f"
- "\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\xde\x60\x2b\x45\xed\x9c\x7a\x0c\xeb\xf7\xe4\x5d\x45\xfd\x9d\xa5\xb3\xfc"
- "\x9b\xe5\x48\x4b\xad\xf3\xf5\x79\x46\xf1\x49\x39\xd1\x85\xfa\x40\x83\x2c"
- "\xfe\x29\xeb\xeb\xac\xa6\x69\x9a\x15\x03\xc7\xf1\xd5\xf8\xa0\x1a\xd5\xbb"
- "\xd9\x35\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbc"
- "\x5a\x8e\x7e\xfe\xe5\x60\xa7\xd7\xdb\x3b\xbc\x91\x46\x59\x0d\xa0\x7c\xad"
- "\xff\x65\xe7\x69\x4f\xf4\x7c\x14\xb3\x07\xd7\xc7\x6b\x55\x8a\xe6\x8c\x99"
- "\x63\xa9\x1c\x93\x44\xcc\x4c\x23\xdf\xc4\x0d\x1d\xcb\x55\x8d\x77\x2e\xcb"
- "\xf9\xdf\xff\xe6\x9d\xb0\x71\xf5\x98\xe5\x59\xe7\x73\x33\x8d\xf2\x76\x1d"
- "\xec\x24\xd3\xcf\xb0\x1e\x65\x4f\xa3\xbc\x24\xf7\x26\xc7\xd4\xe2\x9a\x6b"
- "\xd5\x2e\x7b\x94\xcd\x75\xfd\x6a\x53\x1f\x35\xe7\xde\x7b\xed\xbd\x61\x63"
- "\x30\x63\x4c\x24\xb3\x12\xfb\xec\xd1\xe8\xe4\x8a\x9e\xe4\xe2\x2e\x6a\xc3"
- "\x53\x9d\x1a\xbe\x5c\x34\x26\xc2\x2f\xdc\x8d\xb9\xee\xf3\x8b\xbf\x2b\x12"
- "\xd5\x3a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\xa1"
- "\xc6\x2f\xfd\x4e\x79\x78\x32\x33\xb4\x92\xd5\x17\x96\x16\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdc\xaa\xf1\xe7\xff\xcf\xd1\x18\x14"
- "\xc1\xd7\x18\x5c\x8b\xc3\xa3\x3b\xde\x22\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6f\x81\x67\x01\x00"
- "\x00\xff\xff\xc3\x51\x62\x02",
- 673);
- syz_mount_image(
- /*fs=*/0x200000000180, /*dir=*/0x200000000000,
- /*flags=MS_I_VERSION|MS_NOSUID|MS_NOEXEC|MS_DIRSYNC*/ 0x80008a,
- /*opts=*/0x2000000004c0, /*chdir=*/7, /*size=*/0x2a1,
- /*img=*/0x200000002300);
- memcpy((void*)0x200000000000, "./file0\000", 8);
- syscall(__NR_creat, /*file=*/0x200000000000ul, /*mode=*/0ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/2ul, /*proto=*/0x88);
- if (res != -1)
- r[154] = res;
- *(uint32_t*)0x200000000280 = 5;
- res = syscall(__NR_getsockopt, /*fd=*/r[154], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x200000000240ul, /*optlen=*/0x200000000280ul);
- if (res != -1)
- r[155] = *(uint32_t*)0x200000000244;
- syscall(__NR_setreuid, /*ruid=*/0, /*euid=*/r[155]);
- memcpy((void*)0x200000000080, "./file0\000", 8);
- syscall(__NR_utimes, /*filename=*/0x200000000080ul, /*times=*/0ul);
- memcpy((void*)0x200000000000, "vfat\000", 5);
- memcpy((void*)0x200000000300, "./file0\000", 8);
- memcpy(
- (void*)0x200000000800,
- "\x78\x9c\xec\xdc\xcb\x6b\x13\x5f\x14\xc0\xf1\xd3\xf4\x95\xa6\xb4\xc9\xe2"
- "\xc7\x4f\x14\xa4\x07\xdd\xe8\x66\x68\xa3\x6b\x31\x48\x0b\x62\xc0\x52\x1b"
- "\xf1\x01\xc2\xb4\x9d\x68\xc8\x98\x94\x4c\xa8\x44\xc4\xea\xca\xad\xf8\x47"
- "\xb8\x28\x5d\x76\x57\xd0\xfe\x03\xdd\xb8\xd3\x8d\x1b\x77\xdd\x08\x2e\xec"
- "\x42\x1c\xc9\x3c\xfa\x4c\x69\x69\x9b\x4c\xdb\x7c\x3f\x10\xee\x4d\xee\x3d"
- "\x33\xf7\x4e\x26\xe1\xdc\x21\x93\xb5\x07\xef\x9f\x17\xf3\x8e\x91\x37\xab"
- "\x12\x8b\xab\x74\x88\x88\xac\x8b\xa4\x24\x26\xa1\x8e\xa0\x8c\x79\xf5\x1e"
- "\xd9\xea\x8d\x5c\xed\xff\xf5\xf5\xe2\xbd\x87\x8f\xee\x64\xb2\xd9\xd1\x09"
- "\xd5\xb1\xcc\xe4\xb5\xb4\xaa\x0e\x0e\x7d\x7a\xf1\xaa\x2f\xe8\xb6\xdc\x2b"
- "\xab\xa9\x27\x6b\x3f\xd3\x3f\x56\xff\x5f\x3d\xbf\xf6\x77\xf2\x59\xc1\xd1"
- "\x82\xa3\xa5\x72\x55\x4d\x9d\x2a\x7f\xaf\x9a\x53\xb6\xa5\x33\x05\xa7\x68"
- "\xa8\x8e\xdb\x96\xe9\x58\x5a\x28\x39\x56\xc5\x6f\x2f\xfb\xed\x79\xbb\x3c"
- "\x3b\x5b\x53\xb3\x34\x33\x90\x98\xad\x58\x8e\xa3\x66\xa9\xa6\x45\xab\xa6"
- "\xd5\xb2\x56\x2b\x35\x35\x9f\x9a\x85\x92\x1a\x86\xa1\x03\x09\xc1\x7e\x72"
- "\x0b\x13\x13\x66\xe6\x90\xc1\xd3\xc7\x3c\x18\x34\x49\xa5\x92\x31\x3b\x45"
- "\xa4\x6f\x57\x4b\x6e\x21\x92\x01\x01\x00\x80\x48\xed\xcc\xff\x63\xf5\x94"
- "\xfe\xf8\xf2\xff\xc5\x4b\x2b\xd5\xfe\xfb\x4b\x83\x41\xfe\xbf\xdc\xd3\x28"
- "\xff\xbf\xfe\xcd\xdf\xd6\xb6\xfc\x3f\x2e\x22\x4d\xcf\xff\x77\x67\x44\xed"
- "\xe5\x48\xf9\x3f\x4e\x89\x7a\xfe\x9f\x08\x3e\xbf\x9e\xb7\x8f\x17\x87\xbd"
- "\x0a\xf9\x3f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\xa7\xc1\xba\xeb\x26\x5d\xd7\x4d\x86\x65\xf8\xe8\x15\x91\xb8\x88"
- "\x84\xcf\xa3\x1e\x27\x9a\x83\xf7\xbf\xbd\x6d\xde\xb8\xd7\x35\x28\x62\xbf"
- "\x9b\xcb\xcd\xe5\xfc\x32\xe8\xb0\x22\x22\xb6\x58\x32\x2c\x49\xf9\xe3\x9d"
- "\x0f\x81\x7a\x3d\xbc\x17\x50\xeb\x52\xf2\xd9\x9e\x0f\xe2\xe7\xe7\x72\x9d"
- "\x5e\x4b\x26\x2f\x05\x2f\x7e\x44\x92\x92\xda\x19\xef\xba\x63\xb7\xb3\xa3"
- "\x23\xea\xdb\x1e\xdf\x2d\x89\xad\xf1\x69\x49\xca\x7f\x8d\xe3\xd3\x0d\xe3"
- "\x7b\xe4\xca\xe5\x2d\xf1\x86\x24\xe5\xcb\xb4\x94\xc5\x96\x19\xef\xbc\xde"
- "\x8c\x7f\x3d\xa2\x7a\xeb\x6e\x76\x47\x7c\x9f\xd7\x0f\x00\x00\x00\x00\x80"
- "\xb3\xc0\xd0\x0d\x0d\xd7\xef\x86\xb1\x57\xbb\x1f\xbf\xb1\xbe\x6e\x78\x7d"
- "\xc0\x5f\x5f\x0f\x37\x5c\x9f\x77\xc9\x85\xae\x68\xe7\x0e\x00\x00\x00\x00"
- "\x40\xbb\x70\x6a\x2f\x8b\xa6\x6d\x5b\x95\x33\x57\x09\x67\x78\xd0\xa8\xf0"
- "\xb7\x0c\x91\x8c\x39\xdc\xf9\xc9\x38\x74\x07\xa8\xc4\x0e\x35\xd4\x21\x11"
- "\xb1\xf5\xa8\x7b\x0f\x2f\x1b\xed\xd5\x47\xc6\xa3\x3a\x2c\xe7\x3e\x7c\xfc"
- "\x7d\x7c\x1b\xbc\xb1\x14\xdf\x67\xa6\x4d\xab\x74\xb7\xf6\x5b\x08\x00\x00"
- "\x00\x40\x2b\x6c\x26\xfd\xe1\x2b\x37\xa3\x1d\x10\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6d"
- "\xa8\x15\x7f\x27\x16\xf5\x1c\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x93"
- "\xe2\x5f\x00\x00\x00\xff\xff\x7b\x91\x12\x85",
- 695);
- syz_mount_image(/*fs=*/0x200000000000, /*dir=*/0x200000000300, /*flags=*/0,
- /*opts=*/0x200000000ac0, /*chdir=*/0x45, /*size=*/0x2b7,
- /*img=*/0x200000000800);
- memcpy((void*)0x200000000000, ".\000", 2);
- res = syscall(__NR_fspick, /*dfd=*/0xffffff9c, /*path=*/0x200000000000ul,
- /*flags=*/0ul);
- if (res != -1)
- r[156] = res;
- memcpy((void*)0x2000000006c0, "posixacl\000", 9);
- syscall(__NR_fsconfig, /*fd=*/r[156], /*cmd=*/0ul, /*key=*/0x2000000006c0ul,
- /*value=*/0ul, /*aux=*/0ul);
- res = -1;
- res = syz_genetlink_get_family_id(/*name=*/0, /*fd=*/-1);
- for (int i = 0; i < 32; i++) {
- syz_genetlink_get_family_id(/*name=*/0, /*fd=*/-1);
- }
- if (res != -1)
- r[157] = res;
- memcpy((void*)0x200000000000, "./file0\000", 8);
- res = syscall(__NR_open, /*file=*/0x200000000000ul,
- /*flags=O_NONBLOCK|O_DIRECT|O_RDWR*/ 0x4802ul, /*mode=*/0ul);
- for (int i = 0; i < 32; i++) {
- syscall(__NR_open, /*file=*/0x200000000000ul,
- /*flags=O_NONBLOCK|O_DIRECT|O_RDWR*/ 0x4802ul, /*mode=*/0ul);
- }
- if (res != -1)
- r[158] = res;
- memcpy(
- (void*)0x200000000600,
- "\x34\xfd\x98\xaa\x1d\x0e\x7a\xde\xc9\x37\xa5\xf3\x31\xa7\x5f\x48\x79\x34"
- "\xf5\x02\x42\xa0\x75\x19\x44\x93\x69\x72\x89\x6c\x29\xa5\x06\x8c\x8e\xcb"
- "\xa1\xaa\x0a\x4e\x2a\x63\x1b\x51\x80\xe1\xfb\xde\x79\xf4\x50\x2d\xc4\xc4"
- "\xa1\xfb\xa9\xdc\xd9\xed\x83\xe6\x39\xae\xfa\x1b\x87\x63\x1c\x33\xd1\xa8"
- "\x2c\xb0\xc0\x03\x56\x76\xdd\xfe\xb0\xfe\x79\x84\xd7\x51\x9b\x0f\x83\x9d"
- "\x49\x7f\xc9\xd6\x4e\xf1\x4d\x1d\xe2\x22\x20\xff\x26\x23\xdf\x49\x50\x13"
- "\x4b\x9f\xb7\x34\xa5\x2a\xda\xd9\x5f\x13\x1c\xce\x36\x72\xa9\xd7\xd7\xb4"
- "\x00\xd2\xc6\x28\x10\xb5\xf2\x03\x51\x63\x93\x30\x94\x81\x07\xbf\x8d\x45"
- "\x34\xa0\x3a\xc3\x89\x45\x5c\x54\xd8\xeb\x4d\x60\x9b\x3e\x85\x8b\x72\x13"
- "\xb3\x8e\xb0\x1f\x0e\xea\xba\x37\x39\xae\x92\x79\x16\xe2\x8d\xa6\xa7\x9a"
- "\x3f\xd5\xe3\x2d\x30\xab\x30\xbf\x95\x9d\x45\x96\xe5\xff\xbf\xf6\x78\x9a"
- "\x65\x0b\x9e\x7d\x24\x8d\x1b\xa8\x68\x01\x23\x36\xa4\xf3\xef\x8f\xab\x07"
- "\xa8\xf5\xb8\x1b\xb0\xbc\x45\xb2\x17\x45\x38\x31\x5c\xa1\x2b\x7c\x72\x3b"
- "\x21\x57\x56\x25\x64\xa8\xa1\xf1\x9d\x28\x17\x9f\x8c\x56\x54\x48\xe0\xe9"
- "\x21\xb8\xc3\xe6\xfc\x4a\xda\xaf\xa8\xb9\x29\xad\x07\x7f\x63\x33\x25\xb6"
- "\xa6\xf7\x1a\x58\x6c\xab\xc4\x88\x3e\x03\xe1\x93\x15\xf9\x46\xb2\x77\x85"
- "\x85\x93\xa7\x36\x7e\x23\x22\x02\xfe\x9a\xd6\x56\xc6\x76\x8a\x15\x17\xda"
- "\x7f\x04\x98\xb4\x8c\xb0\x78\xe9\x29\xfb\x11\xdb\x0c\xc5\x51\xf7\x54\xbf"
- "\xfc\x48\x59\xdd\x89\xa3\x96\x91\x5c\xc8\x09\xb0\x7d\x44\x85\x73\x09\x84"
- "\x09\xea\x21\x37\x10\x56\xf6\x7e\xf4\x11\x4e\xc1\x05\x47\xf4\x98\xd2\x45"
- "\x13\xfe\x59\x43\x08\xbf\x02\x28\x68\xad\x21\xe8\x5b\xba\x81\x19\x42\xfd"
- "\xc4\x51\x61\xa1\xa8\xa7\xfe\x00\xd5\xc6\xb0\x5e\xd7\x95\x4f\x63\x1b\xbd"
- "\x12\xa5\xc9\xa5\xcf\xa5\x96\x5e\x05\x95\xde\x60\x8b\x04\xeb\xe0\x2b\x3f"
- "\xcb\xf3\xb9\xf5\x78\x07\xa1\xa7\xad\x85\x28\x99\x2e\x2e\xc6\x59\x49\xda"
- "\x2f\x4a\x04\x78\xdf\xd3\xae\x52\x63\x9c\x15\xd8\xae\xaa\x35\x1d\xa6\xd3"
- "\x93\xb5\x8c\x77\x21\x68\xfa\xe6\x04\xd0\x97\xfe\xf4\xd6\xb9\x36\x0e\xb1"
- "\x69\xa0\xb0\xee\x70\xcd\xc2\x24\x35\xa0\x03\xe6\x86\x98\xf6\x1b\x3b\x63"
- "\xb1\xf5\x10\x11\xbc\x8f\x4e\xf9\x44\xc1\xde\x82\x17\x85\xf6\x70\x12\x4a"
- "\x1c\x6e\xd1\x83\x35\xd6\x34\x12",
- 512);
- syscall(__NR_write, /*fd=*/r[158], /*buf=*/0x200000000600ul,
- /*count=*/0x200ul);
- for (int i = 0; i < 32; i++) {
- syscall(__NR_write, /*fd=*/r[158], /*buf=*/0x200000000600ul,
- /*count=*/0x200ul);
- }
- memcpy((void*)0x200000001240, "iso9660\000", 8);
- memcpy((void*)0x200000001280, "./file0\000", 8);
- *(uint8_t*)0x200000000740 = 0;
- memcpy(
- (void*)0x2000000047c0,
- "\x78\x9c\xec\xdd\x6b\x70\xdc\x57\x7d\xf0\xf1\xdf\x7f\x7d\x53\x1c\x08\x0e"
- "\x21\x17\x12\xf3\xb0\x71\x12\x48\x42\xe2\x48\x72\x62\xc7\x24\x5c\x14\x69"
- "\x65\x6f\x22\x69\x85\x56\x0a\x31\xb7\xe0\xc4\xb2\x11\x91\xed\x60\x87\x40"
- "\xcc\x25\x09\x97\x00\xcf\xc3\xe5\x01\x9e\xa7\xf7\x0b\xb4\x85\xba\xb4\x25"
- "\xa5\x14\x5a\x66\x3a\x9d\xe9\xbb\xb6\x2f\xfa\x02\x3a\xc3\x8b\xbe\x6e\x3a"
- "\xd3\x19\x06\xd3\x0b\xbd\x70\x49\xe7\xec\x1e\xc9\x8a\x13\x5b\x4e\x6c\x59"
- "\xae\xcf\xe7\xe3\x81\x5d\x4b\x67\xf7\x7f\xfe\xc2\xe8\xbb\x67\xb5\xda\x13"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x54\x83\x43\xbd"
- "\xbd\x7d\x55\x8c\x34\xc7\xa6\xee\xa9\x1f\xdf\xe0\xd0\x44\x6b\xf4\x04\x9f"
- "\x9f\xbb\xbf\xef\x54\x9d\x7b\xfd\xce\xa2\xc7\x8d\xa8\xd2\x7f\xa2\xa7\x27"
- "\x2e\xeb\x7e\xe8\xb2\x17\x57\xf3\x9f\x7d\x49\xfa\xef\x0d\x71\x71\xf7\xde"
- "\x2e\x8e\x9e\x74\xd9\x13\x87\xce\xbf\x64\xdd\x6d\x17\xad\xac\xcd\xdd\xfe"
- "\x04\x13\x3a\x23\x0e\x3e\x72\xe8\x81\x9d\xb3\xb3\xd3\x07\x96\x7b\x22\xcb"
- "\x64\x5b\x63\xac\xd9\x6e\x35\x47\x07\xb6\x35\xea\xcd\x76\xab\xbe\x75\xf3"
- "\xe6\xde\x9b\xb6\x0f\xb7\xeb\xc3\xcd\x91\x46\x7b\x47\x7b\xb2\x31\x5a\x1f"
- "\x9c\x68\x0c\x4c\xb6\x26\xea\xd7\x0e\x5e\x57\xef\xdb\xba\x75\x53\xbd\xb1"
- "\x71\x47\x6b\x6a\x6c\xdb\xd0\xc0\x48\x63\xee\x83\x5b\x6e\xec\xef\xed\xdd"
- "\x5c\xbf\x73\xe3\x78\x63\x60\xa2\xdd\x1a\xbb\xe9\xce\x8d\xed\xc1\xed\xcd"
- "\x91\x91\xe6\xd8\xb6\xce\x98\xf4\xe9\x34\x66\x4b\xfa\x87\x78\x57\x73\xb2"
- "\x3e\xd9\x18\x18\xad\xd7\x77\xcf\xcc\x4e\x6f\x5a\x6c\x92\x69\x50\xdf\xc9"
- "\x0c\xea\x5f\x6c\x50\x7f\x6f\x7f\x7f\x5f\x5f\x7f\x7f\xdf\xe6\x5b\xb6\xde"
- "\xb2\xa5\xb7\x77\xe5\xb3\x3e\xd0\x7b\x8c\x78\xd6\x88\xe5\xff\x47\xcb\xf2"
- "\x5a\x92\xef\xe3\xf0\x42\xd4\x72\xff\x63\x24\x9a\x31\x16\x53\x71\x4f\xd4"
- "\x9f\xf3\xcf\x60\x0c\xc5\x44\xb4\x62\xf4\x38\x9f\xcf\xe6\xfa\x7f\x4d\x75"
- "\xe2\xe3\x2e\xec\xff\xfa\xee\x87\xd6\x5f\x78\xb4\xff\x17\x45\xa7\xff\x97"
- "\x76\xef\xed\xd2\xe3\xf5\xff\x38\x73\x39\x73\x7f\x0e\xc6\x23\x71\x28\x1e"
- "\x88\x9d\x31\x1b\xb3\x31\x1d\x07\x96\x7d\x46\x67\xf6\xcf\xb6\x68\xc4\x58"
- "\x34\xa3\x1d\xad\x68\xc6\x68\x0c\x74\x3e\x52\xcf\x1f\xa9\xc7\xd6\xd8\x1c"
- "\x9b\xa3\x37\xee\x8d\xed\x31\x1c\xed\xa8\xc7\x70\x34\x63\x24\x1a\xd1\x8e"
- "\x1d\xd1\x8e\xc9\x68\x74\xfe\x45\x0d\xc6\x44\x34\x62\x20\x26\xa3\x15\x13"
- "\x51\x8f\x6b\x63\x30\xae\x8b\x7a\xf4\xc5\xd6\xd8\x1a\x9b\xa2\x1e\x8d\xd8"
- "\x18\x3b\xa2\x15\x53\x31\x16\xdb\x62\x28\x06\x3a\xf7\xb2\x3b\x66\x3a\x5f"
- "\xf7\x4d\x27\x98\xe3\xfc\xa0\xbe\x93\x19\xd4\x7f\x82\x41\xdd\x98\xaf\xc8"
- "\xff\x48\xf5\x9f\x17\x62\x09\xbe\x8b\xc3\x0b\xf3\xf4\x5c\xff\x01\x80\x72"
- "\xdc\xd1\x18\xd0\x7f\x00\x28\xcc\x58\x7b\xa2\xb7\x5f\xff\x01\xa0\x28\x93"
- "\xd6\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x70\xba\x55\x51\x8b\xde\x88\xf8\xd6\x9e\x23\xd5\xc2"
- "\x9d\x29\x7b\x3a\x1b\xfe\x1f\xf7\x66\xab\xab\xce\x2d\x6b\x51\x75\xf7\xf2"
- "\x8d\x9e\xcd\x9b\xb6\x0c\x0e\xf7\x0d\x0f\xf5\xf6\xf6\xf6\xf6\x6d\x19\xec"
- "\x3b\x23\xb3\x9f\x77\x61\xb4\xda\x93\x03\xf5\xc1\xfd\x7b\x1f\x3c\x30\x7d"
- "\xf0\xe0\xf4\xae\xfa\xd4\xbe\x99\xfb\xf7\xef\x9a\x3e\xe9\x7b\x38\xd5\xdb"
- "\x3f\x4f\xb7\xaf\x7b\x6a\xcd\xf9\x97\xac\xbb\x6d\x6b\xfa\xcb\xf5\x7b\xa6"
- "\xf7\xcd\x1c\xdc\x3f\xb3\x77\xe7\x9e\x25\x3b\x20\x00\x2c\xb0\x32\x6a\xf1"
- "\x54\x44\xbc\xf2\xc9\x23\xd5\x95\xb9\xe5\x71\xfd\xd4\xd0\x70\x7d\xe4\xee"
- "\x7a\x73\xdf\xee\xfd\x0b\xc6\xd6\xe6\xb6\x09\x38\xc5\x56\x2e\xf2\xd8\x62"
- "\xa9\xad\x3e\xa3\x47\xd3\x76\x00\xce\x42\xab\xa2\x16\xf7\x45\xc4\xe1\x2f"
- "\x1d\xa9\x36\xa4\xc6\xe7\xc7\x00\xb5\xd7\x74\x36\x06\x5c\xee\xe9\x1d\x57"
- "\xe7\x79\x87\x2a\x22\xcd\x59\x63\x01\xe0\xf9\x59\x1d\xb5\x68\x45\xc4\xae"
- "\x0b\xbf\x5e\x5d\x15\x11\x2b\xe2\x1c\x58\xdf\xf7\xa4\xc7\x04\x9d\x93\x98"
- "\x1a\x1a\xee\x9c\xc8\xec\xcc\xce\x7d\x0f\x45\xe7\x39\x8c\x15\xdd\x51\xeb"
- "\x8e\xbd\xd1\xdc\x73\x1f\x67\xf9\x63\x89\x75\x11\x6f\x4c\x73\x5d\x6d\xcf"
- "\x46\x00\x5e\xb8\x35\x51\x8b\x6f\x44\xc4\xde\x97\xf4\xc4\xd5\x9d\x9f\x07"
- "\x00\x00\xe7\xba\x9e\xa8\x45\xf7\x75\x7f\x47\xaa\x6b\x96\x7b\x32\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x70\x8e\xa8\xa2\x16\x9f\x8b\x88\x43\x3f\x3a\x52\xf5\x2e\xf8\xf8\xa9"
- "\xed\xff\x7f\x6b\xdf\xcd\x67\x64\xf6\xf3\xec\xff\x0f\x00\xcf\xc3\xca\xa8"
- "\xc5\x8f\xf3\xfe\xff\x7d\xf6\xff\x3f\xfd\xb4\x1d\x80\xb3\xd0\xaa\xa8\xc5"
- "\x81\xbc\xff\x7f\xbf\xfd\xff\x01\xa0\x08\xab\xa3\x16\xf7\xe6\xfd\xff\x37"
- "\xd9\xff\xff\xec\x7f\x2c\x61\xff\x7f\x00\x4e\x83\x35\x51\x8b\xbf\xcc\xfb"
- "\xff\xdf\x6c\xff\x7f\x00\x28\x42\x4f\xd4\xa2\xfb\xba\xbf\x23\xd5\x2d\xcb"
- "\x3d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x38\x47\x9c\x17\xb5\xf8\xc7\x88\xf8\xf3\x77\x3f\xdc"
- "\xd9\x57\x66\xe1\xbe\xf4\x0b\x77\x98\x79\xf1\x22\xdb\xcd\xa4\x4f\x6f\xcc"
- "\xd7\x4f\x66\x4f\xbe\xd5\x79\xaf\xc1\x5a\x95\xfe\x9c\xc6\x13\x02\x00\x16"
- "\xd5\x13\xb5\xb8\xbd\x73\xed\x48\x35\xb0\xdc\x93\x01\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xce\x6a\xb5\xa8\xc5"
- "\xdf\x46\x44\xf5\xfd\x23\x55\x54\x11\xf1\x58\x44\x3d\xba\x97\xbd\xcb\x3d"
- "\x39\x00\x60\x69\x54\xb5\xf8\x87\x88\x78\xc5\xdf\x1d\x49\xf5\x8f\xdb\xd7"
- "\x3d\xb5\xe6\xfc\x4b\xd6\xdd\xb6\x35\x22\x56\xc4\x8a\xce\x43\x82\x6a\xe1"
- "\xf8\x56\x7b\x72\xa0\x3e\xb8\x7f\xef\x83\x07\xa6\x0f\x1e\x9c\xde\x55\x9f"
- "\xda\x37\x73\xff\xfe\x5d\xd3\x27\x7b\xb8\x9e\xc1\xa1\x89\xd6\xe8\x52\x9c"
- "\xc8\x49\x59\xbd\xc4\xf3\x5f\x7d\xca\x33\xec\x49\x8f\xc9\x16\xb8\xbe\x33"
- "\xe1\xa9\xa1\xe1\xce\xa4\x67\x67\x76\xee\x7b\x28\x7d\xb8\x56\xad\x38\xe5"
- "\x43\x01\x50\xae\x9e\xa8\xc5\x4f\x3b\xd7\x8e\x54\xd5\x72\x4f\x06\x00\x38"
- "\x23\x56\x55\xb5\xf8\xfb\x88\xf8\xa7\x37\x1c\x9e\x5f\x77\xae\xec\xae\xf9"
- "\x57\x76\xff\xd6\x3b\xbf\x1c\xfd\xca\xcb\x8e\xae\x4d\x7b\xf2\x83\x85\xb9"
- "\xc7\x0c\x73\xcf\x1b\x5c\x74\x82\xeb\xcf\xf9\xf8\xe2\xfa\x3d\xd3\xfb\x66"
- "\x0e\xee\x9f\xd9\xbb\x73\xcf\x62\x8b\xf0\x9e\x7c\x5c\x2b\x5f\x00\x38\x35"
- "\x55\x55\x8b\xbf\x8a\x88\x6d\xf7\x5d\xd6\xe9\x6a\x15\x6b\x9f\xfd\x1c\x74"
- "\x1e\xf7\xc3\x88\xd8\xf2\xf9\x7a\x1e\x17\x6b\xd3\xb8\xb9\x27\xbc\xd7\x74"
- "\xe2\xde\xb3\x7b\x66\x76\x7a\xe3\xfd\xfb\x67\x77\xa5\xf1\x5f\x88\x88\xbf"
- "\xfe\xea\xfa\x3c\xbe\xb6\x3a\x8d\xcf\x0f\x2a\x62\xd5\xd1\xf1\xbd\x69\xec"
- "\x93\x11\xf1\xfd\x6f\xcd\x8d\x8d\xce\xd8\x35\x79\x6c\xcf\xd1\xb1\x7d\x69"
- "\xec\x96\x88\xd8\xf9\xcd\x67\x8e\xed\xc9\x63\xcf\x3b\x3a\xb6\x3f\x8d\xdd"
- "\x10\x11\xb3\x5f\x7c\xe6\xd8\xf3\xf2\xd8\xb5\x47\xc7\x6e\x5a\xda\xaf\x32"
- "\x00\x9c\x5d\xd2\xfa\xff\xb5\x11\xb1\xa9\x7d\x78\xbe\xcd\x27\x5a\xff\xcf"
- "\xad\xe1\x1f\xcb\x97\x4b\xbd\xfe\x5f\xb5\xe0\x46\x3d\xf9\xb8\xab\x4e\xc3"
- "\x79\x03\x40\xc9\xd2\x1a\xf9\x6f\xf2\xfa\x7f\xd5\x22\xeb\xff\xef\x46\xc4"
- "\x93\x3f\x5f\x9f\xc7\x75\xd7\xd2\x6b\xf3\xe7\xcf\x3f\x66\x3d\xbf\x2f\x22"
- "\x1e\xfe\xde\x33\xc7\x9e\x9f\xc7\xbe\x68\xc1\x7a\xfe\x8c\x9e\x2c\x00\xd0"
- "\x91\xd6\xff\x4f\x44\xc4\xf7\x7e\x76\x78\xfe\xb9\xfc\xbc\xfe\xcf\xcb\xec"
- "\xa3\xeb\xff\x8f\xad\x3b\xba\x86\xdf\x95\x2f\x97\x7a\xfd\xbf\xe6\x98\xf5"
- "\x7f\x3a\xee\xcb\x4f\xc3\x79\x03\x40\xc9\x52\xff\x7f\x12\x11\xdf\x3d\x70"
- "\x78\xfe\xe7\xed\x27\xd3\xff\xb9\x75\xff\x52\xf7\xbf\xe7\x98\xfe\xa7\xe3"
- "\x5e\x7e\x1a\xce\x1b\x00\x4a\x96\xfa\xff\x54\x44\x7c\xf3\x03\x87\xe7\x5f"
- "\x43\x77\x4c\xff\x1f\x9f\x1b\xbb\xb0\xff\xd7\x5e\x95\x6f\x9f\xff\xbe\x54"
- "\xfd\x3f\xef\x98\xfe\xa7\xe3\x5e\x71\x3a\x4e\x1c\x00\x0a\x96\xfa\xff\xf9"
- "\x88\xf8\xf6\x86\xc3\xf3\xaf\x8b\x3f\x99\xf5\xff\x99\xea\xff\x5a\xfd\x07"
- "\x80\xd3\x2e\xf5\xff\xd6\x88\xf8\xec\x91\xc3\xf3\xcf\xe9\x9f\x4c\xff\x2f"
- "\xcf\xbf\x1d\xb0\xd4\xcf\xff\x9f\x7f\x4c\xff\xd3\x71\xeb\xa7\xe3\xc4\x01"
- "\xa0\x60\xab\xf2\xeb\xff\xfb\x9e\xfa\xd2\xfc\xeb\xf3\x4f\xa6\xff\xc7\x5a"
- "\xaa\xfe\xbf\xc8\x9b\x12\x02\xc0\x69\x57\xc5\xc5\x55\xb7\xcc\xab\xe2\x92"
- "\xce\xb5\xe1\xe6\x48\xc3\xce\x3f\x00\x00\x00\x70\x2e\xe9\xec\xef\x77\xf1"
- "\xdc\xd3\xfd\xd5\x25\x51\x59\xff\x03\x00\x00\xc0\xb9\xa6\x8a\x4b\xf3\xcf"
- "\xff\xd7\xc6\x65\xdd\x6b\xbb\x63\x26\x66\x63\x3a\x3c\x09\x00\x00\x00\x00"
- "\xe7\x88\xce\xcf\xff\x2f\xed\x6e\xe7\x1b\x51\x5d\x16\x95\xf5\x3f\x00\x00"
- "\x00\x9c\x6b\x3e\xd9\xf9\xfd\xff\xce\xef\x00\x74\xde\xfe\xbf\x27\x0e\x75"
- "\xde\xae\x67\x65\xad\xf3\xdc\x40\x55\x45\x7b\x7c\x4d\xf5\x17\x3f\x8c\x89"
- "\x89\x55\xd5\xe3\xe3\xf7\x5c\x5d\xed\x1d\x48\xe3\x06\xf6\xae\xe8\xde\xc1"
- "\x8a\x63\xef\x71\x72\xf8\xf2\xea\x82\x7c\x27\x9d\x8b\xcd\x2b\xf3\xdf\x06"
- "\x1b\xeb\xab\x97\x77\x8f\x36\xbf\x85\xdf\x0f\xf2\xc5\xee\xc5\xe6\x51\x9d"
- "\x86\x09\xc4\xa7\xe3\xf2\xee\x51\x2e\xcf\xfb\x17\xee\x9a\xfb\x4c\xf7\x28"
- "\x6b\x87\x9b\x23\x8d\x8d\x83\xad\x91\xdb\xfa\x62\x60\xe0\x82\xda\x64\xe3"
- "\x9e\xc9\xf7\xee\x9b\x79\x7f\x74\x4e\xff\x53\x63\xa3\x17\x54\xb1\x7b\x66"
- "\x76\x7a\xe3\xfd\xfb\x67\x77\x75\xe6\xd2\xd9\x1c\xe1\xf1\xbd\xf9\x5d\x8a"
- "\xba\x17\x4f\x3f\x7d\x32\x73\x79\xa8\xf3\x7e\x0b\x9d\xdf\xb9\x78\xce\x33"
- "\x5e\xd5\xf9\x45\x8c\x7c\xdc\xb5\xdd\xe3\xf6\x2e\x3c\xff\xfc\xbe\x4c\xc7"
- "\xee\xd4\x7c\xa2\x63\x3e\x11\x57\x74\x8f\x79\x45\x7e\xaf\xc7\xb5\xcf\x3c"
- "\xff\x9e\x74\xcc\xbe\x8d\xc7\x3b\xfb\x3c\x8b\xbe\xe3\x9e\xf9\xc9\xce\x62"
- "\x7d\x77\x16\xeb\xbb\xef\x22\x7d\xd5\xb5\xcf\x31\x8b\xfe\xc5\x66\xd1\xbf"
- "\x70\x16\x2f\xe8\x6b\x71\x12\xb3\xd8\xb4\xd8\x2c\x36\x9d\xe2\x2c\x00\x96"
- "\xcb\xee\x45\x2a\x54\x3d\x3b\xfc\x2f\xe0\xbb\xdc\x99\xa9\xfb\x13\x71\x65"
- "\xf7\x28\x57\x76\xdf\x9d\x78\xe5\xe5\xcf\xf1\x1d\xbd\x77\xb1\xef\xe8\xbd"
- "\xa7\x58\xb7\xaf\xc5\x86\xee\x2c\x36\xcc\x0d\x3e\x5e\x63\xd3\x71\x3f\x73"
- "\x4c\x55\xbf\x9c\x6e\xf0\xe5\xe3\x1e\xb7\x3d\xd2\x5f\xa5\x2f\xe1\x8a\x87"
- "\xf6\x3e\x18\x97\x1c\x7c\xe4\xd0\x8d\x9d\x37\x4e\xdc\x33\xbd\xaf\xbf\x7f"
- "\xd3\xe6\xde\x9b\x7b\x7b\x6f\xe9\x8f\x55\x9d\xd3\xc8\x17\xda\x03\xc0\x73"
- "\xd8\xd0\x79\xfd\x7f\xe7\x35\x00\xc7\xe9\xff\xa2\x23\xaa\x9b\x17\x59\x55"
- "\xbf\x74\xfe\x25\x05\x1b\xe3\xfe\xd8\x1f\xb3\xb1\x2b\x6e\xe8\xfc\xb6\x41"
- "\xe7\x15\x07\xcf\x79\xaf\x6b\x17\xbc\x0c\xe1\x86\x45\x56\xad\x47\xc7\xf6"
- "\xc5\x0d\x8b\xac\xea\x8e\x8e\xed\x7f\x1e\x63\x37\x9d\xf1\xff\x5d\x00\x60"
- "\x29\x6d\x58\xa4\xc3\x27\xd3\xff\x1b\x16\x59\x77\x3f\xb3\xe5\x27\x5e\x1d"
- "\x2f\x6c\x39\x00\xb0\x34\x1a\x13\x3f\xa8\xd6\x4e\x7e\xa2\x9a\x98\x68\x8e"
- "\xdf\xdb\xb7\x75\x6b\xdf\xc0\xe4\xf6\x46\x7d\xa2\x35\x78\x57\x7d\xa2\x39"
- "\xb4\xad\x51\x6f\x8e\x4d\x36\x26\x06\xb7\x0f\x8c\x6d\x6b\xd4\xc7\x27\x5a"
- "\x93\xad\xc1\xd6\x48\xba\x72\x77\x73\xa8\xd1\xae\xb7\xa7\xc6\xc7\x5b\x13"
- "\x93\xf5\xe1\xd6\x44\x7d\xbc\xd5\x6e\xde\x53\x1f\x6e\x8e\x34\xea\xed\x1d"
- "\xed\xc9\xc6\x68\xbd\xdd\x18\x1d\x18\x9b\x6c\x3e\xda\x1e\x1f\x69\x0c\xb4"
- "\x1b\xf5\xc1\xd6\xd8\xe4\xc0\xe0\x64\x7d\xa8\xd9\x1e\xac\x8f\x4f\xdd\x31"
- "\xd2\x6c\x6f\x6f\x4c\x74\x6e\xdc\x1e\x6f\x0c\x36\x87\x9b\x83\x03\x93\xcd"
- "\xd6\x58\xbd\xdd\x9a\x9a\x18\x6c\x6c\xac\xd7\xdb\x8d\xc6\x82\x81\xcd\xa1"
- "\xc6\xd8\x64\x73\xb8\x99\xae\x8e\xd5\xc7\x27\x9a\xa3\x03\x13\x3b\xea\x77"
- "\xb7\x46\xa6\x46\x1b\xf5\xa1\x46\x7b\x70\xa2\x39\x3e\xd9\xea\xde\xe1\xdc"
- "\xb1\x9a\x63\xc3\xad\x89\xd1\xce\xdd\x6e\x5c\xee\x2f\x36\x00\x9c\x25\x0e"
- "\x3e\x72\xe8\x81\x9d\xb3\xb3\xd3\x07\x96\xf0\xca\x72\x9f\x23\x00\xf0\x4c"
- "\x8b\x54\x7a\xf5\x19\x9f\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\xf0\x2c\x67\xe2\xf7\xff\x5c\x71\xe5\x7f\xde\x95\xa7\x9f\x7e\xfa\xd1\xf4"
- "\xff\x90\xb3\x65\x3e\x67\xfa\xca\x72\x7f\x67\x02\x96\x5a\x2d\x6a\x71\x24"
- "\x22\xaa\xef\x1f\xa9\x3a\xef\xcc\xf7\x58\x44\x3d\xba\x97\x36\x00\x06\x80"
- "\x73\x53\xea\xff\x8f\x72\xff\xaf\xd2\x7f\x00\x28\x42\xea\xff\x3f\xe7\xfe"
- "\x5f\xad\xff\x00\x50\x84\xd4\xff\x7f\xc9\xfd\xbf\x46\xff\x01\xa0\x08\xa9"
- "\xff\xff\x9a\xfb\xff\x2a\xfd\x07\x80\x22\xa4\xfe\xff\x5b\xee\xff\xab\xf5"
- "\x1f\x00\x8a\x90\xfa\xff\xe3\xdc\xff\x6b\xf5\x1f\x00\x8a\x90\xfa\xff\xef"
- "\xb9\xff\xd7\xe9\x3f\x00\x14\x21\xf5\xff\x3f\x72\xff\xaf\xd7\x7f\x00\x28"
- "\x42\xea\xff\x7f\xe6\xfe\xbf\x46\xff\x01\xa0\x08\xa9\xff\xff\x95\xfb\x7f"
- "\x83\xfe\x03\x40\x11\x52\xff\x7f\x92\xfb\x7f\xa3\xfe\x03\x40\x11\x52\xff"
- "\x7f\x9a\xfb\xbf\x51\xff\x01\xa0\x08\xa9\xff\x3f\xcb\xfd\xbf\x49\xff\x01"
- "\xa0\x08\xa9\xff\x3f\xcf\xfd\xef\xd5\x7f\x00\x28\x42\xea\xff\xd3\xb9\xff"
- "\x7d\xfa\x0f\x00\x45\x48\xfd\x8f\xdc\xff\x7e\xfd\x07\x80\x22\xa4\xfe\x57"
- "\xb9\xff\x9b\xf4\x1f\x00\x8a\x50\xcb\xcf\x00\xa4\xfe\xdf\xac\xff\x00\x50"
- "\x84\x54\xff\x15\xb9\xff\xb7\xe8\x3f\x00\x14\x21\xf5\x7f\x65\xee\xff\x66"
- "\xfd\x07\x80\x22\xa4\xfe\xaf\xca\xfd\xdf\xa2\xff\x00\x50\x84\xd4\xff\xd5"
- "\xb9\xff\xb7\xea\x3f\x00\x14\x21\xf5\x7f\x4d\xee\xff\x56\xfd\x07\x80\x22"
- "\xa4\xfe\xf7\xe4\xfe\xbf\x56\xff\x01\xa0\x08\xa9\xff\xe7\xe5\xfe\xdf\xa6"
- "\xff\x00\x50\x84\xd4\xff\xb5\xb9\xff\xb7\xeb\x3f\x00\x14\x21\xf5\xff\xfc"
- "\xdc\xff\xd7\xe9\x3f\x00\x14\x21\xf5\xff\x45\xb9\xff\xaf\xd7\x7f\x00\x28"
- "\x42\xea\xff\x8b\x73\xff\xdf\xa0\xff\x00\x50\x84\xd4\xff\x0b\x72\xff\xdf"
- "\xa8\xff\x00\x50\x84\xd4\xff\x97\xe4\xfe\x0f\xe8\x3f\x00\x14\x21\xf5\x7f"
- "\x5d\xee\xff\x1d\xfa\x0f\x00\x45\x48\xfd\xbf\x30\xf7\x7f\x50\xff\x01\xa0"
- "\x08\xa9\xff\x2f\xcd\xfd\x1f\xd2\x7f\x00\x28\x42\xea\xff\x45\xb9\xff\x0d"
- "\xfd\x07\x80\x22\xa4\xfe\xbf\x2c\xf7\x7f\x58\xff\x01\xa0\x08\xa9\xff\x17"
- "\xe7\xfe\x6f\xd3\x7f\x00\x28\x42\xea\xff\x25\xb9\xff\xdb\xf5\x1f\x00\x8a"
- "\x90\xfa\x7f\x69\xee\x7f\x53\xff\x01\xa0\x08\xa9\xff\x97\xe5\xfe\xdf\xa9"
- "\xff\x00\x50\x84\xd4\xff\x97\xe7\xfe\xdf\xa5\xff\x00\x50\x84\xd4\xff\xcb"
- "\x73\xff\x47\xf4\x1f\x00\x8a\x90\xfa\x7f\x45\xee\xff\xa8\xfe\x03\x40\x11"
- "\x52\xff\xd7\xe7\xfe\x8f\xe9\x3f\x00\x14\x21\xf5\xff\x15\xb9\xff\x2d\xfd"
- "\x07\x80\x22\xa4\xfe\xff\xaf\xdc\xff\x71\xfd\x07\x80\x22\xa4\xfe\xbf\x32"
- "\xf7\xff\x4d\xfa\x0f\x00\x45\x48\xfd\xaf\xe7\xfe\x4f\xe8\x3f\x00\x14\x21"
- "\xf5\xff\xca\xdc\xff\xb6\xfe\x03\x40\x11\x52\xff\x37\xe4\xfe\x4f\xea\x3f"
- "\x00\x14\x21\xf5\xff\xaa\xdc\xff\x29\xfd\x07\x80\x22\xa4\xfe\x5f\x9d\xfb"
- "\x7f\xb7\xfe\x03\x40\x11\x52\xff\xaf\xc9\xfd\x7f\xb3\xfe\x03\x40\x11\x52"
- "\xff\x5f\x95\xfb\x7f\x8f\xfe\x03\x40\x11\x52\xff\x5f\x9d\xfb\xbf\x43\xff"
- "\x01\xa0\x08\xa9\xff\xd7\xe6\xfe\xbf\x45\xff\x01\xa0\x08\xa9\xff\xd7\xe5"
- "\xfe\xbf\x55\xff\x01\xa0\x08\xa9\xff\xd7\xe7\xfe\xbf\x4d\xff\x01\xa0\x08"
- "\xa9\xff\xaf\xc9\xfd\x7f\xbb\xfe\x03\x40\x11\x52\xff\x6f\xc8\xfd\x7f\x87"
- "\xfe\x03\x40\x11\x52\xff\x6f\xcc\xfd\xbf\x57\xff\x01\xa0\x08\xa9\xff\x1b"
- "\x73\xff\xdf\xa9\xff\x00\x50\x84\xd4\xff\x9b\x72\xff\x77\xea\x3f\x00\x14"
- "\x21\xf5\xbf\x37\xf7\xff\x3e\xfd\x07\x80\x22\xa4\xfe\xf7\xe5\xfe\xdf\xaf"
- "\xff\x00\x50\x84\xd4\xff\xfe\xdc\xff\x5d\xfa\x0f\x00\x45\x48\xfd\xdf\x94"
- "\xfb\x3f\xad\xff\x00\x50\x84\xd4\xff\x9b\x73\xff\x77\xeb\x3f\x00\x14\x21"
- "\xf5\xff\x96\xdc\xff\x3d\xfa\x0f\x00\x45\x48\xfd\xdf\x1c\x11\xab\x22\xe2"
- "\x5d\xfa\x0f\x00\x45\x48\xfd\xdf\x92\xd7\xff\x33\xfa\x0f\x00\x45\x48\xfd"
- "\xbf\x35\xf7\xff\xdd\xfa\x0f\x00\x45\x48\xfd\xdf\x9a\xfb\xff\x80\xfe\x03"
- "\x40\x11\x52\xff\x5f\x9b\xfb\x3f\xab\xff\x00\x50\x84\xd4\xff\xdb\x72\xff"
- "\xf7\xea\x3f\x00\x14\x21\xf5\xff\xf6\xdc\xff\x7d\xfa\x0f\x00\x45\x48\xfd"
- "\x7f\x5d\xee\xff\x7e\xfd\x07\x80\x22\xa4\xfe\xbf\x3e\xf7\xff\x41\xfd\x07"
- "\x80\x22\xa4\xfe\xbf\x21\xf7\xff\x3d\xfa\x0f\x00\x45\x48\xfd\x7f\x63\xee"
- "\xff\x01\xfd\x07\x80\x22\xa4\xfe\x0f\xe4\xfe\x1f\xd4\x7f\x00\x28\x42\xea"
- "\xff\x1d\xb9\xff\x0f\xe9\x3f\x00\x14\x21\xf5\x7f\x30\xf7\xff\xbd\xfa\x0f"
- "\x00\x45\x48\xfd\x1f\xca\xfd\x7f\x58\xff\x01\xa0\x08\xa9\xff\x8d\xdc\xff"
- "\xf7\xe9\x3f\x00\x14\x21\xf5\x7f\x38\xf7\xff\xfd\xfa\x0f\x00\x45\x48\xfd"
- "\xdf\x96\xfb\xff\x88\xfe\x03\x40\x11\x52\xff\xb7\xe7\xfe\x1f\xd2\x7f\x00"
- "\x28\x42\xea\x7f\x33\xf7\xff\x03\xfa\x0f\x00\x45\x48\xfd\xbf\x33\xf7\xff"
- "\x83\xfa\x0f\x00\x45\x48\xfd\xbf\x2b\xf7\xff\x43\xfa\x0f\x00\x45\x48\xfd"
- "\x1f\xc9\xfd\xff\xb0\xfe\x03\x40\x11\x52\xff\x47\x73\xff\x1f\xd5\x7f\x00"
- "\x28\x42\xea\xff\x58\xee\xff\x63\xfa\x0f\x00\x45\x48\xfd\x6f\xe5\xfe\x3f"
- "\xae\xff\x00\x50\x84\xd4\xff\xf1\xdc\xff\x8f\xe8\x3f\x00\x14\x21\xf5\xff"
- "\x4d\xb9\xff\x1f\xd5\x7f\x00\x28\x42\xea\xff\x44\xee\xff\xc7\xf4\x1f\x00"
- "\x8a\x90\xfa\xdf\xce\xfd\xff\xb8\xfe\x03\x40\x11\x52\xff\x27\x73\xff\x9f"
- "\xd0\x7f\x00\x28\x42\xea\xff\x54\xee\xff\x27\xf4\x1f\x00\x8a\x90\xfa\x7f"
- "\x77\xee\xff\x27\xf5\x1f\x00\x8a\x90\xfa\xff\xe6\xdc\xff\x4f\xe9\x3f\x00"
- "\x14\x21\xf5\xff\x9e\xdc\xff\xff\xad\xff\x00\x50\x84\xd4\xff\x1d\xb9\xff"
- "\xff\x47\xff\x01\xa0\x08\xa9\xff\x6f\xc9\xfd\xff\xb4\xfe\x03\x40\x11\x52"
- "\xff\xdf\x9a\xfb\xff\x19\xfd\x07\x80\x22\xa4\xfe\xbf\x2d\xf7\xff\xb3\xfa"
- "\x0f\x00\x45\x48\xfd\x7f\x7b\xee\xff\xe7\xf4\x1f\x00\x8a\x90\xfa\xff\x8e"
- "\xdc\xff\xff\xab\xff\x00\x50\x84\xd4\xff\x7b\x73\xff\x3f\xaf\xff\x00\x50"
- "\x84\xd4\xff\x77\xe6\xfe\x7f\x41\xff\x01\xa0\x08\xa9\xff\x3b\x73\xff\xbf"
- "\xa8\xff\x00\x50\x84\xd4\xff\xfb\x72\xff\xff\x9f\xfe\x03\x40\x11\x52\xff"
- "\xef\xcf\xfd\xff\xff\xfa\x0f\x00\x45\x48\xfd\xdf\x95\xfb\xff\x0b\xfa\x0f"
- "\x00\x45\x48\xfd\x9f\xce\xfd\xff\x45\xfd\x07\x80\x22\xa4\xfe\xef\xce\xfd"
- "\xff\x25\xfd\x07\x80\x22\xa4\xfe\xef\xc9\xfd\xff\x65\xfd\x07\x80\x22\xa4"
- "\xfe\xbf\x2b\xf7\xff\x57\xf4\x1f\x00\x8a\x90\xfa\x3f\x93\xfb\xff\xab\xfa"
- "\x0f\x00\x45\x48\xfd\x7f\x77\xee\xff\xaf\xe9\x3f\x00\x14\x21\xf5\xff\x81"
- "\xdc\xff\x5f\xd7\x7f\x00\x28\x42\xea\xff\x6c\xee\xff\x6f\xe8\x3f\x00\x14"
- "\x21\xf5\x7f\x6f\xee\xff\x6f\xea\x3f\x00\x14\x21\xf5\x7f\x5f\xee\xff\x97"
- "\xf4\x1f\x00\x8a\x90\xfa\xbf\x3f\xf7\xff\xcb\xfa\x0f\x00\x45\x48\xfd\x7f"
- "\x30\xf7\xff\xb7\xf4\x1f\x00\x8a\x90\xfa\xff\x9e\xdc\xff\xdf\xd6\x7f\x00"
- "\x28\x42\xea\xff\x81\xdc\xff\xdf\xd1\x7f\x00\x28\x42\xea\xff\xc1\xdc\xff"
- "\xaf\xe8\x3f\x00\x14\x21\xf5\xff\xa1\xdc\xff\xaf\xea\x3f\x00\x14\x21\xf5"
- "\xff\xbd\xb9\xff\xbf\xab\xff\x00\x50\x84\xd4\xff\x87\x73\xff\x0f\xeb\x3f"
- "\x00\x14\x21\xf5\xff\x7d\xb9\xff\xbf\xa7\xff\x00\x50\x84\xd4\xff\xf7\xe7"
- "\xfe\x7f\x4d\xff\x01\xa0\x08\xa9\xff\x8f\xe4\xfe\xff\xbe\xfe\x03\x40\x11"
- "\x52\xff\x0f\xe5\xfe\xff\x81\xfe\x03\x40\x11\x52\xff\x3f\x90\xfb\xff\x87"
- "\xfa\x0f\x00\x45\x48\xfd\xff\x60\xee\xff\xd7\xf5\x1f\x00\x8a\x90\xfa\xff"
- "\xa1\xdc\xff\x27\xf5\x1f\x00\x8a\x90\xfa\xff\xe1\xdc\xff\x3f\xd2\x7f\x00"
- "\x28\x42\xea\xff\xa3\xb9\xff\xdf\xd0\x7f\x00\x28\x42\xea\xff\x63\xb9\xff"
- "\x7f\xac\xff\x00\x50\x84\xd4\xff\xc7\x73\xff\xbf\xa9\xff\x00\x50\x84\xd4"
- "\xff\x8f\xe4\xfe\xff\x89\xfe\x03\x40\x11\x52\xff\x3f\x9a\xfb\xff\x2d\xfd"
- "\x07\x80\x22\xa4\xfe\x7f\x2c\xf7\xff\xdb\xfa\x0f\x00\x45\x48\xfd\xff\x78"
- "\xee\xff\x9f\xea\x3f\x00\x14\x21\xf5\xff\x89\xdc\xff\x3f\xd3\x7f\x00\x28"
- "\xc2\x7f\x07\x00\x00\xff\xff\x81\x63\x0f\x16",
- 4709);
- syz_mount_image(/*fs=*/0x200000001240, /*dir=*/0x200000001280, /*flags=*/0,
- /*opts=*/0x200000000740, /*chdir=*/1, /*size=*/0x1265,
- /*img=*/0x2000000047c0);
- for (int i = 0; i < 32; i++) {
- syz_mount_image(/*fs=*/0x200000001240, /*dir=*/0x200000001280, /*flags=*/0,
- /*opts=*/0x200000000740, /*chdir=*/1, /*size=*/0x1265,
- /*img=*/0x2000000047c0);
- }
- memcpy((void*)0x200000000000, "/dev/rfkill\000", 12);
- res = syscall(
- __NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x200000000000ul,
- /*flags=O_TRUNC|O_CLOEXEC|O_APPEND|O_RDWR*/ 0x80602, /*mode=*/0);
- if (res != -1)
- r[159] = res;
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0x10);
- if (res != -1)
- r[160] = res;
- res = syscall(__NR_epoll_create1, /*flags=*/0ul);
- if (res != -1)
- r[161] = res;
- syscall(__NR_epoll_pwait2, /*epfd=*/r[161], /*events=*/0x200000000000ul,
- /*maxevents=*/1ul, /*timeout=*/0ul, /*sigmask=*/0ul, /*size=*/0ul);
- *(uint32_t*)0x200000001100 = 0x20000016;
- *(uint64_t*)0x200000001104 = 0;
- syscall(__NR_epoll_ctl, /*epfd=*/r[161], /*op=*/1ul, /*fd=*/r[160],
- /*ev=*/0x200000001100ul);
- *(uint32_t*)0x200000000040 = 0;
- *(uint8_t*)0x200000000044 = 6;
- *(uint8_t*)0x200000000045 = 3;
- *(uint8_t*)0x200000000046 = 0;
- *(uint8_t*)0x200000000047 = 0;
- syscall(__NR_write, /*fd=*/r[159], /*data=*/0x200000000040ul, /*len=*/8ul);
- memcpy((void*)0x200000000080, "ext3\000", 5);
- memcpy((void*)0x200000000480, "./file0\000", 8);
- memcpy((void*)0x200000000900, "init_itable", 11);
- *(uint8_t*)0x20000000090b = 0x2c;
- memcpy((void*)0x20000000090c, "resgid", 6);
- *(uint8_t*)0x200000000912 = 0x2c;
- sprintf((char*)0x200000000913, "0x%016llx", (long long)0xee00);
- *(uint8_t*)0x200000000925 = 0x2c;
- memcpy((void*)0x200000000926, "bh", 2);
- *(uint8_t*)0x200000000928 = 0x2c;
- memcpy((void*)0x200000000929, "noload", 6);
- *(uint8_t*)0x20000000092f = 0x2c;
- memcpy((void*)0x200000000930, "errors=remount-ro", 17);
- *(uint8_t*)0x200000000941 = 0x2c;
- memcpy((void*)0x200000000942, "usrjquota=", 10);
- *(uint8_t*)0x20000000094c = 0x2c;
- *(uint8_t*)0x20000000094d = 0;
- memcpy(
- (void*)0x200000000980,
- "\x78\x9c\xec\xdb\xcd\x6f\x14\x65\x18\x00\xf0\x67\x66\xbb\xe5\xdb\x56\xc4"
- "\x0f\x10\xb4\x8a\x46\xe2\x47\x4b\xcb\x87\x1c\xbc\x68\x34\xf1\xa0\x89\x89"
- "\x1e\x30\x9e\xea\xb6\x10\xa4\x50\x43\x6b\x22\xa4\x51\xf4\x80\x47\x43\xa2"
- "\x67\xe3\xd1\x44\xff\x01\x4f\x7a\x31\xea\xc9\xc4\xab\xde\x0d\x09\x31\xbd"
- "\x80\x9e\xd6\xcc\xce\x4c\x59\xda\xdd\x42\xe9\xb6\x5b\xd9\xdf\x2f\x99\xf6"
- "\x7d\x77\xde\xcd\xfb\x3c\x33\xf3\xee\xbe\x33\xb3\x13\x40\xcf\x1a\xca\xfe"
- "\x24\x11\xdb\x23\xe2\x8f\x88\x18\xc8\xab\x37\x37\x18\xca\xff\x5d\x9f\x9f"
- "\xab\xfd\x33\x3f\x57\x4b\xa2\x5e\x7f\xf3\xef\xa4\xd1\xee\xda\xfc\x5c\xad"
- "\x6c\x5a\xbe\x6f\x5b\x5e\xa9\xd7\x8b\xfa\xa6\x16\xfd\x5e\x7a\x27\x62\x7c"
- "\x6a\x6a\xf2\x5c\x51\x1f\x99\x3d\xf3\xfe\xc8\xcc\xf9\x0b\xcf\x9d\x3a\x33"
- "\x7e\x72\xf2\xe4\xe4\xd9\xb1\x63\xc7\x0e\x1f\xda\xd7\x7f\x74\xec\x48\x47"
- "\xf2\xcc\xf2\xba\xb6\xe7\xa3\xe9\xbd\xbb\x5f\x7d\xfb\xf2\xeb\xb5\xe3\x97"
- "\xdf\xfd\xe5\xdb\x2c\xde\xed\xc5\xfa\xe6\x3c\x3a\x65\x28\xdf\xba\x2d\x3d"
- "\xd9\xe9\xce\xba\x6c\x47\x53\x39\xe9\xeb\x62\x20\xac\x48\x25\x22\xb2\xdd"
- "\x55\x6d\x8c\xff\x81\xa8\xc4\x96\x85\x75\x03\xf1\xca\xa7\x5d\x0d\x0e\x58"
- "\x53\xf5\x7a\xbd\xde\xea\xfb\xb9\x70\xb1\x0e\xdc\xb5\xb2\xb9\x5a\xb7\x63"
- "\x00\xba\x23\xff\x9a\x2f\xcf\xdc\xe7\x6a\x6b\x71\x1e\xbc\x91\x5d\x7d\x31"
- "\x3f\x01\xca\xf2\xbe\x5e\x2c\xf9\x9a\xbe\x48\x8b\x36\xd5\x45\xe7\xb7\x9d"
- "\x34\x14\x11\xc7\x2f\xfe\xfb\x55\xb6\xc4\x1a\x5d\x87\x00\x00\x68\xf6\x43"
- "\x36\xff\x79\x36\x9f\x77\x94\x4b\xbe\x26\x8d\x07\x9a\xda\xdd\x53\xdc\x43"
- "\x19\x8c\x88\x7b\x23\x62\x67\x44\xdc\x17\x11\xbb\x22\xe2\xfe\x88\x46\xdb"
- "\x07\x23\xe2\xa1\x15\xf6\xbf\xf8\x0e\xc9\xd2\xf9\x4f\x7a\xe5\x8e\x12\xbb"
- "\x4d\xd9\xfc\xef\x85\xe2\xde\xd6\xcd\xf3\xbf\x72\xf6\x17\x83\x95\xa2\xb6"
- "\xa3\x91\x7f\x35\x39\x71\x6a\x6a\xf2\x60\xb1\x4d\x0e\x44\x75\x53\x56\x1f"
- "\x5d\xa6\x8f\x1f\x5f\xfe\xfd\xf3\x76\xeb\x9a\xe7\x7f\xd9\x72\xbd\x2f\x22"
- "\xf2\xb9\xe0\x77\x45\x93\xc3\x5f\x2e\xba\x40\x37\x31\x3e\x3b\xbe\xca\xb4"
- "\x17\x5c\xfd\x24\x62\x4f\x5f\xab\xfc\x93\x28\x6f\xe3\x64\x67\x07\xbb\x23"
- "\x62\xcf\x1d\xf6\x71\xea\xe9\x6f\xf6\xb6\x5b\xb7\x24\xff\xf9\xb9\x5a\x39"
- "\x17\xbe\xa5\x0e\xdc\x67\xaa\x7f\x1d\xf1\x54\xbe\xff\x2f\xc6\xa2\xfc\x4b"
- "\x49\xdb\xfb\x93\xa3\xcf\x1f\x1d\x3b\x32\xb2\x39\xa6\x26\x0f\x8e\x94\x47"
- "\xc5\x52\xbf\xfe\x76\xe9\x8d\x76\xfd\xaf\x2a\xff\x0e\xc8\xf6\xff\xd6\x96"
- "\xc7\xff\x42\xfe\x83\xc9\xe6\x88\x99\xf3\x17\x4e\x37\xee\xd7\xce\xac\xbc"
- "\x8f\x4b\x7f\x7e\xd6\xf6\x9c\xe6\xd6\xf9\xa7\x57\xfa\x5a\x1c\xff\xfd\xc9"
- "\x5b\x8d\x72\x7f\xf1\xda\x87\xe3\xb3\xb3\xe7\x46\x23\xfa\x93\xd7\x96\xbe"
- "\x3e\x76\xe3\xbd\x65\xbd\x6c\x9f\xe5\x7f\x60\x7f\xeb\xf1\xbf\x33\x6e\x6c"
- "\x89\x87\x23\x22\x3b\x88\xf7\x45\xc4\x23\x11\xf1\x68\x11\xfb\x63\x11\xf1"
- "\x78\x44\xec\x5f\x26\xff\x9f\x5f\x7a\xe2\xbd\x95\xe7\xbf\xcc\x55\xf9\x0e"
- "\xca\xf2\x9f\xb8\xd5\xfe\x8f\xe6\xfd\xbf\xf2\x42\xe5\xf4\x4f\xdf\xaf\x3c"
- "\xff\x52\xb6\xff\x0f\x37\x4a\x07\x8a\x57\x6e\xe7\xf3\xef\x46\x14\x95\x65"
- "\x63\x5f\xcd\xb6\x03\x00\x00\x80\xff\x8b\xb4\xf1\x1b\xf8\x24\x1d\x5e\x28"
- "\xa7\xe9\xf0\x70\xfe\x1b\xfe\x5d\xb1\x35\x9d\x9a\x9e\x99\x7d\xe6\xc4\xf4"
- "\x07\x67\x27\xf2\xdf\xca\x0f\x46\x35\x2d\xaf\x74\x0d\x34\x5d\x0f\x1d\x2d"
- "\xae\x0d\x97\xf5\xb1\x45\xf5\x43\xc5\x75\xe3\x2f\x2a\x5b\x1a\xf5\xe1\xda"
- "\xf4\xd4\x44\xb7\x93\x87\x1e\xb7\xad\xcd\xf8\xcf\xfc\x55\xe9\x76\x74\xc0"
- "\x9a\xf3\xbc\x16\xf4\x2e\xe3\x1f\x7a\x97\xf1\x0f\xbd\xeb\xb6\xc6\x7f\x92"
- "\xac\x7d\x20\xc0\xba\x6b\x31\xfe\xab\x65\xa1\x3e\xb0\xce\xc1\x00\xeb\xaa"
- "\xd5\xf7\xff\xc7\x5d\x88\x03\x58\x7f\xce\xff\xa1\x77\x19\xff\xd0\xbb\x8c"
- "\x7f\xe8\x5d\xc6\x3f\xf4\xa4\xb6\xcf\xc6\xa7\xab\x7a\xe4\xbf\x0b\x85\xec"
- "\x43\xac\xf5\x13\xfe\x1b\x25\xc2\x0e\x14\xaa\x1b\x23\x8c\xac\x10\xe9\x86"
- "\x08\xe3\xee\x2f\xf4\xc5\x1a\x77\xb1\xa9\xe5\xaa\x6e\x7f\x32\x01\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x74\xc6\x7f\x01\x00\x00\xff\xff\xf2"
- "\x8f\xd9\x8a",
- 1137);
- syz_mount_image(
- /*fs=*/0x200000000080, /*dir=*/0x200000000480,
- /*flags=MS_I_VERSION|MS_SLAVE|MS_PRIVATE|MS_POSIXACL|MS_RELATIME|MS_NOSUID|0xc0400004*/
- 0xc0ed0006, /*opts=*/0x200000000900, /*chdir=*/-1, /*size=*/0x471,
- /*img=*/0x200000000980);
- memcpy((void*)0x200000000000, "/dev/loop#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000000, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[162] = res;
- memcpy((void*)0x2000000000c0, "vfat\000", 5);
- memcpy((void*)0x2000000001c0, "./file0\000", 8);
- *(uint16_t*)0x200000000080 = 0;
- sprintf((char*)0x200000000082, "%023llo", (long long)-1);
- memcpy(
- (void*)0x200000000480,
- "\x78\x9c\xec\xdc\xcf\x4f\x13\x41\x14\xc0\xf1\x47\x29\xa5\x2d\xa1\xed\xc1"
- "\x68\x34\x31\x4c\xf4\xa2\x97\x0d\x54\xcf\xc6\xc6\x40\x62\x6c\x22\x01\x6a"
- "\x04\x13\x93\x05\xb6\xda\x74\x6d\x49\xb7\xc1\xd4\x18\xd1\x93\x57\xe3\x1f"
- "\xe1\x81\x70\xe4\x46\xa2\xfc\x03\x5c\xbc\xe9\xc5\x8b\x37\x2e\x26\x1e\xe4"
- "\x60\x5c\xb3\xbf\x68\x0b\x05\x4c\xa1\x14\xe1\xfb\x49\xc8\xbe\xee\xcc\x5b"
- "\x66\x32\x85\xbc\x69\x76\xbb\xf9\xf0\xdd\xb3\x62\xde\xd2\xf2\x7a\x55\x42"
- "\x51\x25\x3d\x22\x22\x5b\x22\x29\x09\x49\xa0\xc7\x3f\x86\xdc\x38\x22\x8d"
- "\x5e\xcb\xf5\x81\x9f\x5f\x2e\x4f\x4e\xcf\xdc\xcb\x64\xb3\xa3\x13\x4a\x8d"
- "\x65\xa6\x6e\xa4\x95\x52\x89\xa1\x8f\xcf\x5f\xc6\xfc\x6e\x6b\xfd\xb2\x91"
- "\x7a\xbc\xf9\x23\xfd\x7d\xe3\xfc\xc6\xc5\xcd\x3f\x53\x4f\x0b\x96\x2a\x58"
- "\xaa\x54\xae\x2a\x5d\xcd\x96\xbf\x55\xf5\x59\xd3\x50\xf3\x05\xab\xa8\x29"
- "\x35\x6e\x1a\xba\x65\xa8\x42\xc9\x32\x2a\x5e\x7b\xd9\x6b\xcf\x9b\xe5\x85"
- "\x85\x9a\xd2\x4b\xf3\x83\xf1\x85\x8a\x61\x59\x4a\x2f\xd5\x54\xd1\xa8\xa9"
- "\x6a\x59\x55\x2b\x35\xa5\x3f\xd1\x0b\x25\xa5\x69\x9a\x1a\x8c\x0b\x0e\x92"
- "\x5b\x9e\x98\xd0\x33\x6d\x26\xcf\x1d\xf1\x60\xd0\x21\x95\x4a\x46\xef\x15"
- "\x91\xd8\xae\x96\xdc\x72\x57\x06\x04\x00\x00\xba\x6a\x67\xfd\x1f\x72\x4a"
- "\xfa\xb6\xea\x7f\x49\xb8\xf5\xbf\xd3\xb9\x5e\xff\xaf\x5c\x59\xaf\x0e\x3c"
- "\x58\x4d\xf8\xf5\xff\x5a\xa4\x55\xfd\x7f\xf3\xab\x77\xad\xa6\xfa\x3f\x2a"
- "\x22\x1d\xaf\xff\x77\x57\x44\x67\xcb\xa1\xea\x7f\x9c\x0c\x43\x91\x5d\xa7"
- "\x7a\x9a\x5e\x39\xf5\x7f\xdc\xff\xfb\x75\xbd\x79\xb4\x32\xec\x06\xd4\xff"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfc"
- "\x0f\xb6\x6c\x3b\x69\xdb\x76\x32\x38\x06\x3f\xf5\x47\x08\xfc\xd7\x38\x95"
- "\xf6\x5a\xff\x7e\x11\x89\x3a\xab\x6f\xb3\xfe\xa7\xd9\xe4\xf4\x8c\x44\xdd"
- "\x07\xf7\xc2\x09\x11\xf3\xed\x62\x6e\x31\xe7\x1d\xfd\x0e\xeb\x22\x62\x8a"
- "\x21\xc3\x92\x94\xdf\xee\xfb\xc1\xe7\xc4\xc1\x93\x47\xca\x91\x92\x4f\xe6"
- "\x92\x9f\xbf\xb4\x98\xeb\x75\x5b\x32\x79\x29\xb8\xf9\x23\x92\x94\xd4\xce"
- "\x7c\xdb\x1e\xbb\x9b\x1d\x1d\x51\x9e\xe6\xfc\x3e\x89\x37\xe6\xa7\x25\x29"
- "\xe7\x5a\xe7\xa7\x5b\xe6\x47\xe4\xda\xd5\x86\x7c\x4d\x92\xf2\x79\x4e\xca"
- "\x62\xca\xbc\xfb\xbe\xae\xe7\xbf\x1a\x51\xea\xce\xfd\xec\x8e\xfc\x98\xdb"
- "\x0f\x00\x00\x00\x00\x80\xd3\x40\x53\xdb\x5a\xee\xdf\x35\x6d\xaf\x76\x2f"
- "\x7f\x7b\x7f\xdd\xf2\xf3\x01\x6f\x7f\x3d\xdc\x72\x7f\x1e\x4e\x5e\x0a\x77"
- "\x77\xee\x00\x00\x00\x00\x00\x9c\x15\x56\xed\x45\x51\x37\x4d\xa3\xb2\x4f"
- "\x10\x93\x83\xfb\xb4\x1f\x84\xdb\x4b\xef\xdb\xaf\x4f\x6f\xc3\x0c\xff\xf5"
- "\x82\x11\xf7\x7e\x17\x91\xce\xcd\x74\x9f\x20\xb8\x91\xa2\xa9\x29\xea\x9f"
- "\x6c\xef\xca\xc1\xfc\x3b\x33\xe6\x90\xb4\x93\x35\xe4\x8c\x47\x1d\xf6\xb7"
- "\x07\x1f\x1b\xed\xd5\x47\xc6\xbb\xb0\x82\x6e\x70\xe1\xfd\x87\x5f\x47\x77"
- "\xc1\x5b\xab\xd1\x03\x66\xda\xb1\xa0\xef\x38\xfe\xf7\x00\x00\x00\x00\x38"
- "\x5e\xf5\xa2\x3f\x38\x73\xbb\xbb\x03\x02\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x0c\x3a\x8e"
- "\xaf\x13\xeb\xf6\x1c\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x93\xe2\x6f"
- "\x00\x00\x00\xff\xff\x7f\xe1\x04\x71",
- 747);
- syz_mount_image(
- /*fs=*/0x2000000000c0, /*dir=*/0x2000000001c0,
- /*flags=MS_I_VERSION|MS_STRICTATIME|MS_NODEV|0x200*/ 0x1800204,
- /*opts=*/0x200000000080, /*chdir=*/8, /*size=*/0x2eb,
- /*img=*/0x200000000480);
- for (int i = 0; i < 32; i++) {
- syz_mount_image(
- /*fs=*/0x2000000000c0, /*dir=*/0x2000000001c0,
- /*flags=MS_I_VERSION|MS_STRICTATIME|MS_NODEV|0x200*/ 0x1800204,
- /*opts=*/0x200000000080, /*chdir=*/8, /*size=*/0x2eb,
- /*img=*/0x200000000480);
- }
- memcpy((void*)0x200000000300, "./bus\000", 6);
- res = syscall(__NR_creat, /*file=*/0x200000000300ul, /*mode=*/0ul);
- for (int i = 0; i < 32; i++) {
- syscall(__NR_creat, /*file=*/0x200000000300ul, /*mode=*/0ul);
- }
- if (res != -1)
- r[163] = res;
- memcpy((void*)0x200000000440, "./bus\000", 6);
- res = syscall(__NR_open, /*file=*/0x200000000440ul, /*flags=*/0ul,
- /*mode=*/0ul);
- if (res != -1)
- r[164] = res;
- res = syscall(__NR_dup3, /*oldfd=*/r[164], /*newfd=*/r[163], /*flags=*/0ul);
- if (res != -1)
- r[165] = res;
- res = syscall(__NR_io_setup, /*n=*/6, /*ctx=*/0x200000000240ul);
- if (res != -1)
- r[166] = *(uint64_t*)0x200000000240;
- *(uint64_t*)0x200000000000 = 0x2000000000c0;
- *(uint64_t*)0x2000000000c0 = 0xf04aef;
- *(uint32_t*)0x2000000000c8 = 0x3d8;
- *(uint32_t*)0x2000000000cc = 8;
- *(uint16_t*)0x2000000000d0 = 0;
- *(uint16_t*)0x2000000000d2 = 0;
- *(uint32_t*)0x2000000000d4 = r[165];
- *(uint64_t*)0x2000000000d8 = 0;
- *(uint64_t*)0x2000000000e0 = 0;
- *(uint64_t*)0x2000000000e8 = 0;
- *(uint64_t*)0x2000000000f0 = 0;
- *(uint32_t*)0x2000000000f8 = 0;
- *(uint32_t*)0x2000000000fc = -1;
- syscall(__NR_io_submit, /*ctx=*/r[166], /*nr=*/1ul,
- /*iocbpp=*/0x200000000000ul);
- *(uint32_t*)0x200000000040 = 0x18;
- *(uint32_t*)0x200000000044 = 2;
- *(uint32_t*)0x200000000048 = 0;
- *(uint32_t*)0x20000000004c = 0;
- *(uint32_t*)0x200000000050 = 0;
- *(uint32_t*)0x200000000054 = 0;
- *(uint32_t*)0x200000000058 = 0;
- *(uint32_t*)0x20000000005c = 0;
- syscall(__NR_open_by_handle_at, /*mountdirfd=*/r[162],
- /*handle=*/0x200000000040ul, /*flags=*/0ul);
- *(uint64_t*)0x200000000140 = 0x200000000000;
- *(uint16_t*)0x200000000000 = 0x10;
- *(uint16_t*)0x200000000002 = 0;
- *(uint32_t*)0x200000000004 = 0;
- *(uint32_t*)0x200000000008 = 0x1000000;
- *(uint32_t*)0x200000000148 = 0xc;
- *(uint64_t*)0x200000000150 = 0x200000000100;
- *(uint64_t*)0x200000000100 = 0x2000000009c0;
- *(uint32_t*)0x2000000009c0 = 0x1ac;
- *(uint16_t*)0x2000000009c4 = r[157];
- *(uint16_t*)0x2000000009c6 = 0;
- *(uint32_t*)0x2000000009c8 = 0x70bd2a;
- *(uint32_t*)0x2000000009cc = 0x25dfdbfe;
- *(uint8_t*)0x2000000009d0 = 0x28;
- *(uint8_t*)0x2000000009d1 = 0;
- *(uint16_t*)0x2000000009d2 = 0;
- *(uint16_t*)0x2000000009d4 = 4;
- *(uint16_t*)0x2000000009d6 = 0x5f;
- *(uint16_t*)0x2000000009d8 = 0xa;
- *(uint16_t*)0x2000000009da = 6;
- memset((void*)0x2000000009dc, 0, 6);
- *(uint16_t*)0x2000000009e4 = 0xa;
- *(uint16_t*)0x2000000009e6 = 6;
- memset((void*)0x2000000009e8, 80, 6);
- *(uint16_t*)0x2000000009f0 = 0x29;
- *(uint16_t*)0x2000000009f2 = 0x2a;
- *(uint8_t*)0x2000000009f4 = 0x3e;
- *(uint8_t*)0x2000000009f5 = 1;
- *(uint8_t*)0x2000000009f6 = 3;
- *(uint8_t*)0x2000000009f7 = 0x76;
- *(uint8_t*)0x2000000009f8 = 6;
- *(uint8_t*)0x2000000009f9 = 0;
- *(uint8_t*)0x2000000009fa = 4;
- *(uint16_t*)0x2000000009fb = 0xe;
- *(uint16_t*)0x2000000009fd = 6;
- *(uint8_t*)0x2000000009ff = 0x75;
- *(uint8_t*)0x200000000a00 = 0x18;
- *(uint16_t*)0x200000000a01 = 1;
- *(uint16_t*)0x200000000a03 = 0x20;
- *(uint16_t*)0x200000000a05 = 5;
- *(uint16_t*)0x200000000a07 = 0x19;
- memcpy((void*)0x200000000a09,
- "\x57\xbc\x27\xf7\xb2\x41\x3a\x32\xdc\x18\x82\x61\x20\xa1\xf8\x58",
- 16);
- *(uint16_t*)0x200000000a1c = 4;
- *(uint16_t*)0x200000000a1e = 0x5f;
- *(uint16_t*)0x200000000a20 = 6;
- *(uint16_t*)0x200000000a22 = 0x36;
- *(uint16_t*)0x200000000a24 = 1;
- *(uint16_t*)0x200000000a28 = 0xa;
- *(uint16_t*)0x200000000a2a = 6;
- memcpy((void*)0x200000000a2c, "\x26\x10\x0f\x80\x79\x22", 6);
- *(uint16_t*)0x200000000a34 = 0x12e;
- *(uint16_t*)0x200000000a36 = 0x2a;
- *(uint8_t*)0x200000000a38 = 0x7e;
- *(uint8_t*)0x200000000a39 = 0x15;
- STORE_BY_BITMASK(uint8_t, , 0x200000000a3a, 0, 0, 1);
- STORE_BY_BITMASK(uint8_t, , 0x200000000a3a, 5, 1, 7);
- *(uint8_t*)0x200000000a3b = -1;
- *(uint8_t*)0x200000000a3c = 0;
- *(uint8_t*)0x200000000a3d = 8;
- *(uint8_t*)0x200000000a3e = 2;
- *(uint8_t*)0x200000000a3f = 0x11;
- *(uint8_t*)0x200000000a40 = 0;
- *(uint8_t*)0x200000000a41 = 0;
- *(uint8_t*)0x200000000a42 = 0;
- *(uint32_t*)0x200000000a43 = 1;
- *(uint32_t*)0x200000000a47 = 2;
- *(uint32_t*)0x200000000a4b = 8;
- *(uint8_t*)0x200000000a4f = 6;
- *(uint8_t*)0x200000000a50 = 2;
- *(uint16_t*)0x200000000a51 = 9;
- *(uint8_t*)0x200000000a53 = 3;
- *(uint8_t*)0x200000000a54 = 1;
- *(uint8_t*)0x200000000a55 = 0x30;
- *(uint8_t*)0x200000000a56 = 0x37;
- *(uint8_t*)0x200000000a57 = 0xb7;
- *(uint8_t*)0x200000000a58 = 0x67;
- *(uint8_t*)0x200000000a59 = 3;
- memcpy((void*)0x200000000a5a,
- "\x60\x0c\x80\xa8\x1d\x63\x77\xce\xf6\x7b\x2a\xd6\xac\x45\x9e\x68",
- 16);
- memcpy((void*)0x200000000a6a,
- "\x6e\xe3\x83\x44\x6e\x80\xbe\xbb\x60\x97\xaa\x4c\xff\xd9\x12\x80\xac"
- "\x73\x32\x29\x49\xe3\x67\xf6\xdd\x22\x97\xb0\x9e\x70\xd3\x84",
- 32);
- memcpy((void*)0x200000000a8a,
- "\x57\xe8\x43\x7d\x37\xce\x2d\x70\xeb\x05\xdc\x35\x09\xe8\xaa\x26\x9b"
- "\x29\xc3\x7a\x93\x2b\x21\x3e\xa6\x47\x6b\x12\x29\x4e\x52\xf0",
- 32);
- *(uint8_t*)0x200000000aaa = 3;
- *(uint8_t*)0x200000000aab = 0x23;
- memcpy(
- (void*)0x200000000aac,
- "\x82\xba\xdc\xbf\x55\x17\xa3\x76\x3f\x45\x09\x7a\xbd\x3e\x05\xcb\x6c\x8d"
- "\x4a\xf4\xe1\xd1\xbe\x32\xb2\xe5\x73\x48\x29\xdd\x28\xf1\x7e\x58\x4a",
- 35);
- *(uint8_t*)0x200000000acf = 2;
- *(uint8_t*)0x200000000ad0 = 0x1e;
- memcpy((void*)0x200000000ad1,
- "\xbd\x3d\x9a\x33\x7b\x87\xa1\x13\x61\x87\x12\xaa\xa3\xbe\xe2\x9d\x2a"
- "\xcc\x5c\xba\xd0\xe6\x0b\xef\x80\x58\x0a\xb2\x92\x12",
- 30);
- *(uint8_t*)0x200000000aef = 1;
- *(uint8_t*)0x200000000af0 = 0x1e;
- memcpy((void*)0x200000000af1,
- "\x35\xc1\xfc\x8a\xbf\xce\x88\xd3\x64\xc2\xc0\xbe\x2c\x5e\xb1\xdc\xa7"
- "\x4c\x2d\x11\xae\x67\xa4\xca\x48\x0e\xac\x33\x0e\xb9",
- 30);
- *(uint8_t*)0x200000000b0f = 0x76;
- *(uint8_t*)0x200000000b10 = 6;
- *(uint8_t*)0x200000000b11 = 0x81;
- *(uint8_t*)0x200000000b12 = 0x80;
- *(uint16_t*)0x200000000b13 = 0x36;
- *(uint16_t*)0x200000000b15 = 4;
- *(uint8_t*)0x200000000b17 = 0x3e;
- *(uint8_t*)0x200000000b18 = 1;
- *(uint8_t*)0x200000000b19 = 3;
- *(uint8_t*)0x200000000b1a = 0x83;
- *(uint8_t*)0x200000000b1b = 0x1f;
- STORE_BY_BITMASK(uint8_t, , 0x200000000b1c, 0, 0, 6);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b1c, 0, 6, 1);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b1c, 0, 7, 1);
- *(uint8_t*)0x200000000b1d = 0x80;
- *(uint8_t*)0x200000000b1e = 0xb;
- *(uint8_t*)0x200000000b1f = 8;
- *(uint8_t*)0x200000000b20 = 2;
- *(uint8_t*)0x200000000b21 = 0x11;
- *(uint8_t*)0x200000000b22 = 0;
- *(uint8_t*)0x200000000b23 = 0;
- *(uint8_t*)0x200000000b24 = 0;
- *(uint32_t*)0x200000000b25 = 2;
- *(uint32_t*)0x200000000b29 = 0x800;
- *(uint32_t*)0x200000000b2d = 7;
- memset((void*)0x200000000b31, 255, 6);
- *(uint32_t*)0x200000000b37 = 0x80000000;
- *(uint8_t*)0x200000000b3b = 0x83;
- *(uint8_t*)0x200000000b3c = 0x25;
- STORE_BY_BITMASK(uint8_t, , 0x200000000b3d, 0, 0, 6);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b3d, 1, 6, 1);
- STORE_BY_BITMASK(uint8_t, , 0x200000000b3d, 0, 7, 1);
- *(uint8_t*)0x200000000b3e = 4;
- *(uint8_t*)0x200000000b3f = 5;
- *(uint8_t*)0x200000000b40 = 8;
- *(uint8_t*)0x200000000b41 = 2;
- *(uint8_t*)0x200000000b42 = 0x11;
- *(uint8_t*)0x200000000b43 = 0;
- *(uint8_t*)0x200000000b44 = 0;
- *(uint8_t*)0x200000000b45 = 1;
- *(uint32_t*)0x200000000b46 = 0x8410;
- *(uint8_t*)0x200000000b4a = 8;
- *(uint8_t*)0x200000000b4b = 2;
- *(uint8_t*)0x200000000b4c = 0x11;
- *(uint8_t*)0x200000000b4d = 0;
- *(uint8_t*)0x200000000b4e = 0;
- *(uint8_t*)0x200000000b4f = 0;
- *(uint32_t*)0x200000000b50 = 0x40;
- *(uint32_t*)0x200000000b54 = 0x400;
- memset((void*)0x200000000b58, 255, 6);
- *(uint32_t*)0x200000000b5e = 0x7d;
- *(uint16_t*)0x200000000b64 = 6;
- *(uint16_t*)0x200000000b66 = 0x36;
- *(uint16_t*)0x200000000b68 = 9;
- *(uint64_t*)0x200000000108 = 0x1ac;
- *(uint64_t*)0x200000000158 = 1;
- *(uint64_t*)0x200000000160 = 0;
- *(uint64_t*)0x200000000168 = 0;
- *(uint32_t*)0x200000000170 = 0x4000000;
- syscall(__NR_sendmsg, /*fd=*/-1, /*msg=*/0x200000000140ul,
- /*f=MSG_ZEROCOPY*/ 0x4000000ul);
- memcpy(
- (void*)0x200000000000,
- "prodM\260\352\a\006\276\256n/"
- "\3164\267\301\357\272!"
- "\235\rSt\2424\t\000\000\000\000\000\000\000\377\377\020\004\000\000\035z"
- "\3205\342e,\261\204\352\221^%A\345\236\023TdT\306^p\260#"
- "R\004\006\256\353A;"
- "Y\353\217\354\264\371\027\267\004\302\300\306\264\v\377\374\210\220\253C"
- "\002\000\3604\003\210\2569\'>R^P{Vr!"
- "\342W\3072\352\267Wp\3036\226\377Z\\A@\000\000\000\311\363Y\270\211#"
- "\241\261)Dk\353\241\t\000{u[\275\235\364\277\\\316\002P\362MY\005^"
- "\377j\234\024\267\266v\035*1>\000 "
- "\000\000\000\000\024C?]\214\264Y\317\200\205\326\0036\310~"
- "\250\f\000\000\265U\354\3406\355\344\333\337\a\320lg\023\371\213:s>"
- "\327s\357\263\237#\025)\371\3410\307\26262<"
- "k\250\210\001\000fhD\347\266\027\200\225\250\036\t\2601KB\313\000\036"
- "\177E\177\002\000\000\000y<"
- "nGR\224\231\270\211\233\217\325\346\002\265C\255\"u\364>-"
- "\000\000\000\000\310X\332Nz\016u\217\001\000\000\000\000\000\000\335\377"
- "\377\377\000\000\000\000\000\000\000\000\000\303\247/"
- "\017\233`\245\230\201a\356v\000\000\000\000\a\000\000m2\362\330,"
- "\027\370\216\256\310\255\355<\"\216\n\235\2613\215\357\226\322M\"8="
- "tg\337U\320q\225/"
- "f\354\334\243\341[\300\252\357z\311\364[R\3036b\242]"
- "\355\350\260\372\"\242\3227)\325yQ\377}5\224\210\241\334\241g\340q\305:"
- "\344\337\200\263,\271\262\334\201\2376\017\204WY\277SY`"
- "\270\a\031\261\0058\244\303\273\370aB:\204\002?"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\363o-"
- "GU\260\000F\263o(aI[\326\237G\256I\203\223\214C\300#\340q\320Ex|"
- "\333\250\026\376>:\t0\375\212\307\204\265\307M-"
- "0A\360\224\363\314\215\2733\\\"\2102\263\2504\254\000\335}\016\301 "
- "\353Ft\306\314\f}1X#"
- "\344\341\224i\316\241\377\225\200\264T\234\001\363\034LB\224m("
- "m\f\274\353Y\240\367\360\235\020\275\206\033y\346\337\300\305\271\271"
- "\277\337~9\nC\351\305\016\332\234(\233\"\307\227\374\b\331\302T\247*}]"
- "\310\263 .\233\211\017\370$\335>lU\023EG\2731] "
- "\332\031\305\233\025\225\304\374w\273\222\221\304\246\2207XK\374\027]"
- "\372\377\'\357\222\034\270\037K\262o "
- "\321\275\262\021+\243R\357gi\016(\343?Q\302\275W\005\354\263=@\003\306^"
- "\242\025%\260\'D#\266Q\217\202?S>\000P\234E\222{"
- "d\346\234j1\207\263\001\336\350\211\304s\267\024~}"
- "\252\214\303\225BAE\362.\217#;"
- "a\224\"\321U\377\350v\323\204d\364\0234\246XI\345h\252\025\232\367Z\343%"
- "\210p\220\273\235t\243\341\r\215\224\"\031\213\027)"
- "\352\325\027\353\344\033\017BZ1\276\356\372\034\371\246\021\224\006\\P:"
- "\257\316x\302\202\232\026\374\241\371q\022\343\032\334\267\022\273a\b"
- "\273\355\262\321W\342\213\2158}\020W\275\2460A\303\003\372\2110~#"
- "\bQ\313)\366]\236\024\322\352\202\250\267ZG\025r\361n 1\215 "
- "\301\257\031\\\221\023\0338\341\303\244\v\224\277J\265\336\225\202\000]"
- "B|\342[%\343\360\004\272\355\333\365\177\235\376>\366m$M&\177q]"
- "\344\366\202\303\000\261zg}\231E\244\031\351\0324a\3275D-k\204\246\022+"
- "\353k\241\376k\211\357\030\301)"
- "6\2465\342D\276\341\337q\33568\3637g\2539m\347\335O\v?\340\276}"
- "\251U\307{\323\026W\273\345\322\223\376\244\235\r$\3511c8`\206\274)"
- "\3429\303}\271P\325F\306\022\214_"
- "x\250\372\265K\003\205\223k\341\216\037)\"."
- "\314\'\v\246\033j\\\n\3518yA\330T\205\200A\313o\231\231\353)"
- "r\032\316\030(\0305LL\274OeO\'\342\206&\344\342\347~"
- "\222\242\262\033\303\000\205\316\2557\207\240\374c\365\370\257\v,"
- "q\324\030\275M\032\336\210*"
- "L\005m6\354H\320T\270m\333\b\246\002\373\023\254\221\212\215\224\223\215"
- "=\261\204\234\233\345\307\246\311Q\301eUc\314\0300^"
- "\000\000\000\000\000\000\000\000\000\000\000\000K",
- 1147);
- res = syscall(__NR_memfd_create, /*name=*/0x200000000000ul,
- /*flags=MFD_HUGETLB|MFD_ALLOW_SEALING*/ 6ul);
- if (res != -1)
- r[167] = res;
- syscall(__NR_lseek, /*fd=*/r[167], /*offset=*/0ul, /*whence=SEEK_CUR*/ 1ul);
- memcpy((void*)0x200000000140, "/dev/sg#\000", 9);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000140, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[168] = res;
- *(uint64_t*)0x200000000000 = 0xb5;
- syscall(__NR_ioctl, /*fd=*/r[168], /*cmd=FIOASYNC*/ 0x5452,
- /*v=*/0x200000000000ul);
- res = syscall(__NR_socket, /*domain=*/0xaul, /*type=SOCK_RAW*/ 3ul,
- /*proto=*/5);
- if (res != -1)
- r[169] = res;
- *(uint32_t*)0x200000000440 = 0xc;
- res = syscall(__NR_getsockopt, /*fd=*/r[169], /*level=*/1, /*optname=*/0x11,
- /*optval=*/0x2000000001c0ul, /*optlen=*/0x200000000440ul);
- if (res != -1)
- r[170] = *(uint32_t*)0x2000000001c8;
- syscall(__NR_setregid, /*rgid=*/0xee00, /*egid=*/0);
- syscall(__NR_setregid, /*rgid=*/r[170], /*egid=*/0);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_setregid, /*rgid=*/r[170], /*egid=*/0);
- }
- res = syscall(__NR_semget, /*key=*/0ul, /*nsems=*/0x4000000009ul,
- /*flags=*/0ul);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_semget, /*key=*/0ul, /*nsems=*/0x4000000009ul, /*flags=*/0ul);
- }
- if (res != -1)
- r[171] = res;
- *(uint16_t*)0x2000000000c0 = 0;
- *(uint16_t*)0x2000000000c2 = 0x949c;
- *(uint16_t*)0x2000000000c4 = 0;
- *(uint16_t*)0x2000000000c6 = 0;
- *(uint16_t*)0x2000000000c8 = 0;
- *(uint16_t*)0x2000000000ca = 0;
- syscall(__NR_semop, /*semid=*/r[171], /*ops=*/0x2000000000c0ul, /*nops=*/2ul);
- syscall(__NR_timer_create, /*id=*/0ul, /*ev=*/0ul, /*timerid=*/0ul);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_timer_create, /*id=*/0ul, /*ev=*/0ul, /*timerid=*/0ul);
- }
- memcpy((void*)0x2000000000c0, "ext4\000", 5);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- memcpy((void*)0x200000000100, "quota", 5);
- *(uint8_t*)0x200000000105 = 0x2c;
- memcpy((void*)0x200000000106, "nodelalloc", 10);
- *(uint8_t*)0x200000000110 = 0x2c;
- memcpy((void*)0x200000000111, "errors=remount-ro", 17);
- *(uint8_t*)0x200000000122 = 0x2c;
- memcpy((void*)0x200000000123, "grpid", 5);
- *(uint8_t*)0x200000000128 = 0x2c;
- *(uint8_t*)0x200000000129 = 0;
- memcpy(
- (void*)0x200000000a00,
- "\x78\x9c\xec\xdd\x4f\x6f\x54\x5f\x19\x00\xe0\xf7\xde\xb6\xf4\xcf\xaf\xd0"
- "\x12\x59\xa8\x51\x41\x44\xd1\x10\x66\xda\x01\x1a\xc3\x0a\x37\x1a\x43\x48"
- "\x8c\xc4\x95\x0b\xa8\xed\xd0\x34\x9d\xe9\x34\x9d\x29\xd2\xca\xa2\x7c\x07"
- "\x13\x49\x5c\xe9\x47\x70\x61\xe2\xc2\x84\x95\x7b\x77\xba\x73\x03\x0b\x13"
- "\x54\xa2\xa1\x26\x2e\xc6\xdc\x3b\xd3\xd2\x96\x4e\x5b\x84\xce\xc4\xce\xf3"
- "\x24\x27\xf7\x9e\x7b\x86\x79\xcf\x61\x72\xcf\x3b\x3d\xd3\xce\x09\xa0\x6f"
- "\x5d\x8a\x88\xcd\x88\x38\x13\x11\x0f\x23\x62\xa2\x7d\x3d\x69\x97\xb8\xd3"
- "\x2a\xd9\xe3\xde\xbe\x79\x3a\xb7\xf5\xe6\xe9\x5c\x12\xcd\xe6\xfd\xbf\x27"
- "\x79\x7b\x76\x2d\x76\xfd\x9b\xcc\x67\xed\xe7\x1c\x89\x88\x1f\x7e\x2f\xe2"
- "\x27\xc9\xfb\x71\xeb\xeb\x1b\x4b\xb3\x95\x4a\x79\xb5\x5d\x2f\x36\xaa\x2b"
- "\xc5\xfa\xfa\xc6\xf5\xc5\xea\xec\x42\x79\xa1\xbc\x5c\x2a\xcd\x4c\xcf\x4c"
- "\x7d\xfb\xc6\xad\xd2\x27\x1b\xeb\xc5\xea\x6f\x5e\x7f\x77\xf1\xee\x8f\x7e"
- "\xff\xbb\x2f\xbf\xfc\xe3\xe6\xb7\x7e\x96\x75\x6b\xbc\xdd\xb6\x7b\x1c\x9f"
- "\x52\x6b\xe8\x43\x3b\x71\x32\x83\x11\x71\xf7\x24\x82\xf5\xc0\x40\x7b\x3c"
- "\x67\x7a\xdd\x11\xfe\x27\x69\x44\x14\x22\xe2\x72\x7e\xff\x4f\xc4\x40\xfe"
- "\x6a\x02\x00\xa7\x59\xb3\x39\x11\xcd\x89\xdd\x75\x00\xe0\xb4\x4b\xf3\x35"
- "\xb0\x24\x2d\xb4\xd7\x02\xc6\x23\x4d\x0b\x85\xd6\x1a\xde\x85\x18\x4b\x2b"
- "\xb5\x7a\xe3\xda\xa3\xda\xda\xf2\x7c\x6b\xad\x6c\x32\x86\xd2\x47\x8b\x95"
- "\xf2\x54\x7b\xad\x70\x32\x86\x92\xac\x3e\x9d\x9f\xbf\xab\x97\xf6\xd5\x6f"
- "\x44\xc4\xf9\x88\xf8\xf9\xf0\x68\x5e\x2f\xcc\xd5\x2a\xf3\xbd\x7c\xe3\x03"
- "\x00\x7d\xec\xb3\x7d\xf9\xff\x5f\xc3\xad\xfc\x0f\x00\x9c\x72\x23\xbd\xee"
- "\x00\x00\xd0\x75\xf2\x3f\x00\xf4\x1f\xf9\x1f\x00\xfa\x8f\xfc\x0f\x00\xfd"
- "\x47\xfe\x07\x80\xfe\x23\xff\x03\x40\xff\x91\xff\x01\xa0\xaf\xfc\xe0\xde"
- "\xbd\xac\x34\xb7\xda\xdf\x7f\x3d\xff\x78\x7d\x6d\xa9\xf6\xf8\xfa\x7c\xb9"
- "\xbe\x54\xa8\xae\xcd\x15\xe6\x6a\xab\x2b\x85\x85\x5a\x6d\x21\xff\xce\x9e"
- "\xea\x51\xcf\x57\xa9\xd5\x56\xa6\x6f\xc6\xda\x93\x62\xa3\x5c\x6f\x14\xeb"
- "\xeb\x1b\x0f\xaa\xb5\xb5\xe5\xc6\x83\xfc\x7b\xbd\x1f\x94\x87\xba\x32\x2a"
- "\x00\xe0\x30\xe7\x2f\xbe\xf8\x73\x12\x11\x9b\xb7\x47\xf3\x12\xbb\xf6\x72"
- "\x90\xab\xe1\x74\x4b\x7b\xdd\x01\xa0\x67\x06\x7a\xdd\x01\xa0\x67\x8e\xd8"
- "\xed\xeb\x55\xb7\xfa\x01\x74\x9f\x9f\xf1\x81\x03\xb6\xe8\xdd\x63\xd7\xaf"
- "\x08\x8d\xee\x69\x78\x7e\x32\xfd\x01\x4e\xde\xd5\x2f\x58\xff\x87\x7e\x65"
- "\xfd\x1f\xfa\x97\xf5\x7f\xe8\x5f\x47\xac\xff\x03\xa7\x58\xb3\x99\xd8\xf3"
- "\x1f\x00\xfa\x8c\x35\x7e\xe0\x03\x3e\xff\xdf\xcb\xe7\xff\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\xf4\xb1\xf1\xbc\x24\x69\xa1\xbd\x17\xf8\x78\xa4\x69\xa1\x10\x71"
- "\x36\x22\x26\x63\x28\x79\xb4\x58\x29\x4f\x45\xc4\xb9\x88\xf8\xd3\xf0\xd0"
- "\x70\x56\x9f\xee\x75\xa7\x01\x80\x8f\x94\xfe\x35\x69\xef\xff\x75\x75\xe2"
- "\xca\xf8\xfe\xd6\x33\xc9\xbf\x87\xf3\x63\x44\xfc\xf4\x97\xf7\x7f\xf1\x64"
- "\xb6\xd1\x58\x9d\xce\xae\xff\x63\xe7\x7a\xe3\x79\xfb\x7a\xa9\x17\xfd\x07"
- "\x00\x8e\xb2\x9d\xa7\xb7\xf3\xf8\xb6\xb7\x6f\x9e\xce\x6d\x97\x6e\xf6\xe7"
- "\xf5\x77\x5a\x9b\x8b\x66\x71\xb7\xda\xa5\xd5\x32\x18\x83\xf9\x71\x24\x86"
- "\x22\x62\xec\x9f\x49\xbb\xde\x92\xbd\x5f\x19\xf8\x04\xf1\x37\x9f\x45\xc4"
- "\xe7\x0f\x1a\x7f\x92\xaf\x8d\x4c\xb6\x77\x3e\xdd\x1f\x3f\x8b\x7d\xb6\xab"
- "\xf1\xd3\x3d\xf1\xd3\xbc\xad\x75\xcc\xfe\x2f\x3e\xf7\xe1\xa1\x3b\x6e\xe9"
- "\x0a\xfd\xe2\x45\x36\xff\xdc\x39\xe8\xfe\x4b\xe3\x52\x7e\x3c\xf8\xfe\x1f"
- "\xc9\x67\xa8\x8f\xb7\x3d\xff\x6d\xbd\x37\xff\xa5\x3b\xf3\xdf\x40\x87\xf9"
- "\xef\xd2\x71\x63\xdc\xfc\xc3\xf7\x3b\xb6\x3d\x8b\xf8\xe2\xe0\x41\xf1\x93"
- "\x9d\xf8\x49\x87\xf8\x57\x8e\x19\xff\x2f\x5f\xfa\xca\xe5\x4e\x6d\xcd\x5f"
- "\x45\x5c\x8d\x83\xe3\xef\x8e\x55\x6c\x54\x57\x8a\xf5\xf5\x8d\xeb\x8b\xd5"
- "\xd9\x85\xf2\x42\x79\xb9\x54\x9a\x99\x9e\x99\x1a\xbd\x71\xab\x54\xcc\xd7"
- "\xa8\x8b\xdb\x2b\xd5\xef\xfb\xdb\xed\x6b\xe7\x0e\x1b\xff\x58\x87\xf8\x23"
- "\x47\x8c\xff\xeb\xc7\x1c\xff\xaf\xff\xf3\xf0\xc7\x5f\x3d\x24\xfe\x37\xbf"
- "\x76\xf0\xeb\x7f\xe1\x90\xf8\x59\x4e\xfc\xc6\x31\xe3\xcf\x8e\xfd\xb6\xe3"
- "\x5c\x9f\xc5\x9f\xef\x30\xfe\xbd\xaf\xff\xde\x7c\x91\x5d\xbb\x76\xcc\xf8"
- "\x2f\x5f\x6d\xcc\x1f\xf3\xa1\x00\x40\x17\xd4\xd7\x37\x96\x66\x2b\x95\xf2"
- "\xea\xe1\x27\xdb\xb9\xff\x58\x0f\x76\xe2\xc4\xc9\xff\xfb\x49\x8f\x27\x26"
- "\xe0\xc4\xbd\xbb\xe9\x7b\xdd\x13\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\xa0\x93\x6e\xfc\x39\x51\xaf\xc7\x08\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc0\xe9\xf5"
- "\xdf\x00\x00\x00\xff\xff\xff\x96\xd6\xc9",
- 1216);
- syz_mount_image(/*fs=*/0x2000000000c0, /*dir=*/0x200000000040, /*flags=*/0,
- /*opts=*/0x200000000100, /*chdir=*/1, /*size=*/0x4c0,
- /*img=*/0x200000000a00);
- for (int i = 0; i < 64; i++) {
- syz_mount_image(/*fs=*/0x2000000000c0, /*dir=*/0x200000000040, /*flags=*/0,
- /*opts=*/0x200000000100, /*chdir=*/1, /*size=*/0x4c0,
- /*img=*/0x200000000a00);
- }
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0xc);
- if (res != -1)
- r[172] = res;
- *(uint64_t*)0x200000000300 = 0;
- *(uint32_t*)0x200000000308 = 0;
- *(uint64_t*)0x200000000310 = 0x2000000000c0;
- *(uint64_t*)0x2000000000c0 = 0x200000000200;
- *(uint32_t*)0x200000000200 = 0x68;
- *(uint8_t*)0x200000000204 = 0;
- *(uint8_t*)0x200000000205 = 1;
- *(uint16_t*)0x200000000206 = 0x401;
- *(uint32_t*)0x200000000208 = 0;
- *(uint32_t*)0x20000000020c = 0;
- *(uint8_t*)0x200000000210 = 2;
- *(uint8_t*)0x200000000211 = 0;
- *(uint16_t*)0x200000000212 = htobe16(0);
- *(uint16_t*)0x200000000214 = 0x24;
- STORE_BY_BITMASK(uint16_t, , 0x200000000216, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000217, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000217, 1, 7, 1);
- *(uint16_t*)0x200000000218 = 0x14;
- STORE_BY_BITMASK(uint16_t, , 0x20000000021a, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000021b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000021b, 1, 7, 1);
- *(uint16_t*)0x20000000021c = 8;
- *(uint16_t*)0x20000000021e = 1;
- *(uint8_t*)0x200000000220 = 0xac;
- *(uint8_t*)0x200000000221 = 0x14;
- *(uint8_t*)0x200000000222 = 0x14;
- *(uint8_t*)0x200000000223 = 0;
- *(uint16_t*)0x200000000224 = 8;
- *(uint16_t*)0x200000000226 = 2;
- *(uint8_t*)0x200000000228 = 0xac;
- *(uint8_t*)0x200000000229 = 0x14;
- *(uint8_t*)0x20000000022a = 0x14;
- *(uint8_t*)0x20000000022b = 0xbb;
- *(uint16_t*)0x20000000022c = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x20000000022e, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000022f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000022f, 1, 7, 1);
- *(uint16_t*)0x200000000230 = 5;
- *(uint16_t*)0x200000000232 = 1;
- *(uint8_t*)0x200000000234 = 0;
- *(uint16_t*)0x200000000238 = 0x24;
- STORE_BY_BITMASK(uint16_t, , 0x20000000023a, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000023b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000023b, 1, 7, 1);
- *(uint16_t*)0x20000000023c = 0x14;
- STORE_BY_BITMASK(uint16_t, , 0x20000000023e, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000023f, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000023f, 1, 7, 1);
- *(uint16_t*)0x200000000240 = 8;
- *(uint16_t*)0x200000000242 = 1;
- *(uint8_t*)0x200000000244 = 0xac;
- *(uint8_t*)0x200000000245 = 0x14;
- *(uint8_t*)0x200000000246 = 0x14;
- *(uint8_t*)0x200000000247 = 0xaa;
- *(uint16_t*)0x200000000248 = 8;
- *(uint16_t*)0x20000000024a = 2;
- *(uint8_t*)0x20000000024c = 0xac;
- *(uint8_t*)0x20000000024d = 0x14;
- *(uint8_t*)0x20000000024e = 0x14;
- *(uint8_t*)0x20000000024f = 0;
- *(uint16_t*)0x200000000250 = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x200000000252, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000253, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000253, 1, 7, 1);
- *(uint16_t*)0x200000000254 = 5;
- *(uint16_t*)0x200000000256 = 1;
- *(uint8_t*)0x200000000258 = 0;
- *(uint16_t*)0x20000000025c = 8;
- STORE_BY_BITMASK(uint16_t, , 0x20000000025e, 7, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000025f, 1, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000025f, 0, 7, 1);
- *(uint32_t*)0x200000000260 = htobe32(0);
- *(uint16_t*)0x200000000264 = 4;
- STORE_BY_BITMASK(uint16_t, , 0x200000000266, 0xf, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000267, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000267, 1, 7, 1);
- *(uint64_t*)0x2000000000c8 = 0x68;
- *(uint64_t*)0x200000000318 = 1;
- *(uint64_t*)0x200000000320 = 0;
- *(uint64_t*)0x200000000328 = 0;
- *(uint32_t*)0x200000000330 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[172], /*msg=*/0x200000000300ul, /*f=*/0ul);
- memcpy((void*)0x200000000040, "./bus\000", 6);
- syscall(
- __NR_open, /*file=*/0x200000000040ul,
- /*flags=O_NOFOLLOW|O_NOCTTY|O_NOATIME|O_CREAT|O_CLOEXEC|0x2*/ 0xe0142ul,
- /*mode=*/0ul);
- for (int i = 0; i < 32; i++) {
- syscall(
- __NR_open, /*file=*/0x200000000040ul,
- /*flags=O_NOFOLLOW|O_NOCTTY|O_NOATIME|O_CREAT|O_CLOEXEC|0x2*/ 0xe0142ul,
- /*mode=*/0ul);
- }
- memcpy((void*)0x200000000000, ".\000", 2);
- res = syscall(__NR_fspick, /*dfd=*/0xffffff9c, /*path=*/0x200000000000ul,
- /*flags=*/0ul);
- for (int i = 0; i < 32; i++) {
- syscall(__NR_fspick, /*dfd=*/0xffffff9c, /*path=*/0x200000000000ul,
- /*flags=*/0ul);
- }
- if (res != -1)
- r[173] = res;
- memcpy((void*)0x200000000080, "ro\000", 3);
- syscall(__NR_fsconfig, /*fd=*/r[173], /*cmd=*/0ul, /*key=*/0x200000000080ul,
- /*value=*/0ul, /*aux=*/0ul);
- for (int i = 0; i < 32; i++) {
- syscall(__NR_fsconfig, /*fd=*/r[173], /*cmd=*/0ul, /*key=*/0x200000000080ul,
- /*value=*/0ul, /*aux=*/0ul);
- }
- syscall(__NR_fsconfig, /*fd=*/r[173], /*cmd=*/7ul, /*key=*/0ul, /*value=*/0ul,
- /*aux=*/0ul);
- for (int i = 0; i < 32; i++) {
- syscall(__NR_fsconfig, /*fd=*/r[173], /*cmd=*/7ul, /*key=*/0ul,
- /*value=*/0ul, /*aux=*/0ul);
- }
- syscall(__NR_semctl, /*semid=*/r[171], /*semnum=*/0ul, /*cmd=*/0ul, 0);
- for (int i = 0; i < 64; i++) {
- syscall(__NR_semctl, /*semid=*/r[171], /*semnum=*/0ul, /*cmd=*/0ul, 0);
- }
- syz_sysconfig_reset__proc_sys_net_ipv6_conf_eth0_accept_untracked_na();
- for (int i = 0; i < 64; i++) {
- syz_sysconfig_reset__proc_sys_net_ipv6_conf_eth0_accept_untracked_na();
- }
- memcpy((void*)0x200000007f80, "./bus\000", 6);
- res =
- syscall(__NR_open, /*file=*/0x200000007f80ul,
- /*flags=O_SYNC|O_NOCTTY|O_NOATIME|O_EXCL|O_CREAT|0x2*/ 0x1411c2ul,
- /*mode=S_IWOTH|S_IROTH|S_IXGRP|S_IWUSR*/ 0x8eul);
- if (res != -1)
- r[174] = res;
- syscall(__NR_ftruncate, /*fd=*/r[174], /*len=*/0x2007ffbul);
- syscall(__NR_sendfile, /*fdout=*/-1, /*fdin=*/-1, /*off=*/0ul, /*count=*/4ul);
- res = syscall(__NR_eventfd2, /*initval=*/0x800,
- /*flags=EFD_NONBLOCK|EFD_CLOEXEC*/ 0x80800ul);
- if (res != -1)
- r[175] = res;
- syscall(__NR_sendfile, /*fdout=*/-1, /*fdin=*/r[175], /*off=*/0ul,
- /*count=*/6ul);
- syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0xb36000ul,
- /*prot=PROT_WRITE*/ 2ul,
- /*flags=MAP_STACK|MAP_POPULATE|MAP_FIXED|MAP_SHARED*/ 0x28011ul,
- /*fd=*/r[174], /*offset=*/0ul);
- syscall(__NR_mbind, /*addr=*/0x200000001000ul, /*len=*/0x800000ul,
- /*mode=*/0ul, /*nodemask=*/0ul, /*maxnode=*/0ul,
- /*flags=MPOL_MF_MOVE*/ 2ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0x10);
- if (res != -1)
- r[176] = res;
- memcpy((void*)0x200000000040, "nl80211\000", 8);
- syz_genetlink_get_family_id(/*name=*/0x200000000040, /*fd=*/-1);
- syscall(__NR_fsmount, /*fs_fd=*/-1, /*flags=*/0ul, /*attr_flags=*/0x10ul);
- syscall(__NR_ioctl, /*fd=*/r[176], /*cmd=*/0x8933, /*arg=*/0ul);
- syscall(__NR_sendmsg, /*fd=*/-1, /*msg=*/0ul, /*f=*/0ul);
- memcpy((void*)0x200000000000, "task\000", 5);
- res = -1;
- res = syz_open_procfs(/*pid=*/0, /*file=*/0x200000000000);
- if (res != -1)
- r[177] = res;
- syscall(__NR_getdents64, /*fd=*/r[177], /*ent=*/0ul, /*count=*/0ul);
- res = syscall(__NR_socketpair, /*domain=*/1ul, /*type=SOCK_STREAM*/ 1ul,
- /*proto=*/0, /*fds=*/0x200000000180ul);
- if (res != -1)
- r[178] = *(uint32_t*)0x200000000184;
- memcpy((void*)0x200000000100,
- "sit0\000\000\000\000\000\000\000\000\000\000\000\000", 16);
- *(uint64_t*)0x200000000110 = 0x200000000040;
- *(uint32_t*)0x200000000040 = 0x1e;
- *(uint32_t*)0x200000000044 = 0;
- *(uint32_t*)0x200000000048 = 0;
- *(uint16_t*)0x20000000004c = 0;
- *(uint8_t*)0x20000000004e = 0;
- *(uint8_t*)0x20000000004f = 0;
- *(uint8_t*)0x200000000050 = 0;
- *(uint8_t*)0x200000000051 = 0;
- *(uint8_t*)0x200000000052 = 0;
- *(uint8_t*)0x200000000053 = 0;
- *(uint32_t*)0x200000000054 = 0;
- *(uint32_t*)0x200000000058 = 0;
- *(uint16_t*)0x20000000005c = 0;
- *(uint8_t*)0x20000000005e = 0;
- *(uint8_t*)0x20000000005f = 0;
- *(uint32_t*)0x200000000060 = 0;
- *(uint32_t*)0x200000000064 = 0;
- *(uint32_t*)0x200000000068 = 0;
- syscall(__NR_ioctl, /*fd=*/r[178], /*cmd=*/0x8946, /*arg=*/0x200000000100ul);
- memcpy((void*)0x200000000000, "/dev/vcsa#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000000, /*id=*/6, /*flags=*/0);
- if (res != -1)
- r[179] = res;
- *(uint64_t*)0x200000000380 = 0x200000000280;
- *(uint64_t*)0x200000000388 = 0xe6;
- syscall(__NR_preadv, /*fd=*/r[179], /*vec=*/0x200000000380ul, /*vlen=*/1ul,
- /*off_low=*/8, /*off_high=*/0);
- memcpy((void*)0x200000000040, "./file0\000", 8);
- syscall(__NR_open, /*file=*/0x200000000040ul,
- /*flags=O_NOFOLLOW|O_NOCTTY|O_NOATIME|O_RDWR*/ 0x60102ul,
- /*mode=S_IRUSR*/ 0x100ul);
- memcpy((void*)0x200000000040, "ext4\000", 5);
- memcpy((void*)0x200000000500, "./file0\000", 8);
- memcpy((void*)0x2000000001c0, "noblock_validity", 16);
- *(uint8_t*)0x2000000001d0 = 0x2c;
- memcpy((void*)0x2000000001d1, "max_dir_size_kb", 15);
- *(uint8_t*)0x2000000001e0 = 0x3d;
- sprintf((char*)0x2000000001e1, "0x%016llx", (long long)0xb);
- *(uint8_t*)0x2000000001f3 = 0x2c;
- memcpy((void*)0x2000000001f4, "lazytime", 8);
- *(uint8_t*)0x2000000001fc = 0x2c;
- memcpy((void*)0x2000000001fd, "norecovery", 10);
- *(uint8_t*)0x200000000207 = 0x2c;
- memcpy((void*)0x200000000208, "journal_dev", 11);
- *(uint8_t*)0x200000000213 = 0x3d;
- sprintf((char*)0x200000000214, "0x%016llx", (long long)0x4d40);
- *(uint8_t*)0x200000000226 = 0x2c;
- memcpy((void*)0x200000000227, "noauto_da_alloc", 15);
- *(uint8_t*)0x200000000236 = 0x2c;
- memcpy((void*)0x200000000237, "nogrpid", 7);
- *(uint8_t*)0x20000000023e = 0x2c;
- memcpy((void*)0x20000000023f, "noload", 6);
- *(uint8_t*)0x200000000245 = 0x2c;
- memcpy((void*)0x200000000246, "resgid", 6);
- *(uint8_t*)0x20000000024c = 0x3d;
- sprintf((char*)0x20000000024d, "0x%016llx", (long long)0);
- *(uint8_t*)0x20000000025f = 0x32;
- *(uint8_t*)0x200000000260 = 0;
- memcpy(
- (void*)0x200000000540,
- "\x78\x9c\xec\xdd\x5d\x6b\x1c\x5d\x1d\x00\xf0\xff\x4c\xb2\x8f\x7d\xc9\x63"
- "\xf2\xf8\x02\xb5\x60\x5b\x6d\x25\x2d\xda\xdd\xa4\xb1\x6d\xf0\xa2\x2f\x20"
- "\xde\x15\x94\x7a\x5f\x63\xb2\x09\x21\x9b\x6c\xc8\x6e\xda\x26\x14\x9b\xe2"
- "\x07\x10\x44\x54\xf0\xca\x2b\x6f\x04\x3f\x80\x20\xfd\x08\x22\x14\xec\xbd"
- "\xa8\x28\xa2\xad\x5e\x78\xa1\x1d\xd9\x37\x93\xc6\xdd\x64\xab\x9b\x5d\x9f"
- "\xec\xef\x07\xb3\x73\x66\xce\xce\xfe\xff\x87\x65\xcf\xcc\x99\x19\x76\x02"
- "\x18\x5a\x17\x22\xe2\x4e\x44\xbc\xc9\xb2\xec\x4a\x44\x8c\x37\xd7\xa7\xcd"
- "\x69\x67\xb1\xf6\xd2\x78\xdf\xeb\x57\x4f\xe6\x6b\x53\x12\x59\x76\xff\xcf"
- "\x49\x24\xcd\x75\xad\xcf\x3a\x9f\x65\x59\x6d\x7e\xba\xb1\x49\x44\x8c\xd6"
- "\x37\xfc\x66\xf2\x9f\x71\x2b\x5b\xdb\x2b\x73\xa5\x52\x71\xa3\xb9\x5c\xa8"
- "\xae\xae\x17\x2a\x5b\xdb\x57\x97\x57\xe7\x96\x8a\x4b\xc5\xb5\x99\x99\xe9"
- "\x1b\xb3\x37\x67\xaf\xcf\x4e\xf5\xa4\x9d\xb5\x9c\x6e\x7d\xf9\xf7\xdf\xff"
- "\xce\x4f\xbe\x72\xeb\x17\x5f\x78\xf4\x9b\x07\x7f\xbc\xfc\xad\x5a\x5a\x9f"
- "\x6c\xd6\xef\x6d\x47\x2f\x35\x9a\x9e\x8b\x13\x7b\xd6\x8d\x46\xc4\xc6\x51"
- "\x04\x1b\x80\x91\xe6\x3c\x37\xe0\x3c\x00\x00\xe8\x4e\xed\x18\xff\x63\x11"
- "\xf1\xd9\x88\xb8\x12\xe3\x31\x52\x3f\x3a\x05\x00\x00\x00\x8e\x93\xec\xf6"
- "\x58\xfc\x23\x89\xc8\x00\x00\x00\x80\x63\x2b\x8d\x88\xb1\x48\xd2\x7c\xf3"
- "\x5e\x80\xb1\x48\xd3\x7c\xbe\x71\xbf\xec\x27\xe2\x54\x5a\x2a\x57\xaa\x9f"
- "\x5f\x2c\x6f\xae\x2d\xd4\xea\x22\x26\x22\x97\x2e\x2e\x97\x8a\x53\xcd\x7b"
- "\x85\x27\x22\x97\xd4\x96\xa7\xeb\xe5\xdd\xe5\x6b\xfb\x96\x67\x22\xe2\x83"
- "\x88\xf8\xde\xf8\xc9\xfa\x72\x7e\xbe\x5c\x5a\x18\xf4\xc9\x0f\x00\x00\x00"
- "\x18\x12\xa7\xf7\x8d\xff\xff\x36\xde\x18\xff\x03\x00\x00\x00\xc7\xcc\xc4"
- "\xa0\x13\x00\x00\x00\x00\x8e\x9c\xf1\x3f\x00\x00\x00\x1c\x7f\xc6\xff\x00"
- "\x00\x00\x70\xac\x7d\xf5\xde\xbd\xda\x94\xb5\x9e\x7f\xbd\xf0\x70\x6b\x73"
- "\xa5\xfc\xf0\xea\x42\xb1\xb2\x92\x5f\xdd\x9c\xcf\xcf\x97\x37\xd6\xf3\x4b"
- "\xe5\xf2\x52\xfd\x3f\xfb\x56\x0f\xfb\xbc\x52\xb9\xbc\xfe\xc5\x58\xdb\x7c"
- "\x5c\xa8\x16\x2b\xd5\x42\x65\x6b\xfb\xc1\x6a\x79\x73\xad\xfa\x60\xf9\xad"
- "\x47\x60\x03\x00\x00\x00\x7d\xf4\xc1\xf9\xe7\x2f\x93\x88\xd8\xf9\xd2\xc9"
- "\xfa\x04\x0c\x8f\xd1\x77\x79\xf3\xef\x8e\x2e\x0f\xa0\xff\x46\x06\x9d\x00"
- "\x30\x30\xef\xb4\xff\x07\x8e\x95\xdc\xa0\x13\x00\x06\x2e\x39\xa4\xbe\xe3"
- "\xcd\x3b\xbf\xec\x7d\x2e\x00\x00\xc0\xd1\x98\xfc\xd4\xf3\x97\xb7\xf7\x5d"
- "\xff\x7f\xaf\x59\x77\xf0\xb9\x81\x9d\xb4\x0f\xe9\x01\x47\xc8\xf9\x3f\x18"
- "\x5e\x07\x5e\xff\xcf\xb2\xec\x69\xff\x52\x01\xfa\xcc\xf5\x7f\x18\x5e\xb9"
- "\x18\x09\x03\x79\x18\x6e\x87\x5d\xff\xbf\xdb\xa9\xa2\xeb\xeb\xff\x59\xf6"
- "\x4e\x09\x01\x00\x00\x3d\x37\x56\x9f\x92\x34\x1f\x51\x3f\x0f\x30\x16\x69"
- "\x9a\xcf\x47\xbc\x5f\x7f\x2c\x40\x2e\x59\x5c\x2e\x15\xa7\x22\xe2\xa3\x11"
- "\xf1\xeb\xf1\xdc\x47\x6a\xcb\xd3\xf5\x2d\x93\x43\xc7\x0c\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x43\x96"
- "\x25\x91\x01\x00\x00\x00\xc7\x5a\x44\xfa\x87\xa4\xf9\xfc\xaf\xc9\xf1\x4b"
- "\x63\xfb\xcf\x0f\xbc\x97\xfc\x7d\xbc\x3e\x8f\x88\x47\x3f\xba\xff\x83\xc7"
- "\x73\xd5\xea\xc6\x74\x6d\xfd\x5f\xfe\xbd\xbe\xfa\xc3\xe6\xfa\x6b\x83\x38"
- "\x83\x01\x00\x00\x00\xec\xd7\x1a\xa7\xb7\xc6\xf1\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd0\x4b\xaf\x5f\x3d"
- "\x99\x6f\x4d\xfd\x8c\xfb\xa7\xbb\x11\x31\xb1\x1b\x7f\xb7\x66\x34\x4e\xd4"
- "\xe7\x27\x22\x17\x11\xa7\xfe\x9a\xc4\xe8\x9e\xed\x92\x88\x18\xe9\x41\xfc"
- "\x9d\x67\x11\x71\xa6\x5d\xfb\x93\x5a\x5a\x31\xd1\xcc\xa2\x5d\xfc\x93\x03"
- "\x8c\x9f\x46\xc4\xe9\x1e\xc4\x87\x61\xf6\xbc\xd6\xff\xdc\x69\xf7\xfb\x4b"
- "\xe3\x42\x7d\xde\xfe\xf7\x77\xa3\xde\x43\xfd\xef\xf6\xf7\x7f\x7b\xe3\xb7"
- "\xfa\xbf\x91\x0e\xfd\xcf\xfb\x5d\xc6\x38\xfb\xe2\x67\x85\x8e\xf1\x9f\x45"
- "\x9c\x1d\x6d\xdf\xff\xb4\xe2\x27\x1d\xe2\x5f\xec\x32\xfe\x37\xbe\xbe\xbd"
- "\xdd\xa9\x2e\xfb\x71\xc4\x64\xdb\xfd\x4f\xf2\x56\xac\x42\x75\x75\xbd\x50"
- "\xd9\xda\xbe\xba\xbc\x3a\xb7\x54\x5c\x2a\xae\xcd\xcc\x4c\xdf\x98\xbd\x39"
- "\x7b\x7d\x76\xaa\xb0\xb8\x5c\x2a\x36\x5f\xdb\xc6\xf8\xee\xa7\x7f\xfe\xe6"
- "\xa0\xf6\x9f\xea\x10\x7f\xe2\x90\xf6\x5f\xea\xb2\xfd\xff\x7c\xf1\xf8\xd5"
- "\xc7\x1b\xc5\x5c\xbb\xf8\x97\x2f\xb6\xff\xfe\xcf\x74\x88\x9f\x36\xf7\x7d"
- "\x9f\x6b\x96\x6b\xf5\x93\xad\xf2\x4e\xa3\xbc\xd7\xb9\x9f\xfe\xea\xdc\x41"
- "\xed\x5f\xe8\xd0\xfe\xc3\xbe\xff\xcb\x5d\xb6\xff\xca\xd7\xbe\xfd\xdb\x2e"
- "\xdf\x0a\x00\xf4\x41\x65\x6b\x7b\x65\xae\x54\x2a\x6e\x28\xfc\xb7\x85\xda"
- "\x61\x51\x9f\x83\xa6\xf1\x7f\xd2\xf6\x0f\x79\xe1\x69\xdf\x62\x7d\x66\xa7"
- "\xf1\x7b\x1b\x78\x93\xbb\x2e\x0c\xba\x67\x02\x00\x00\x7a\x6d\xf7\xa0\x7f"
- "\xd0\x99\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc0"
- "\xf0\xea\xc7\xdf\x89\xed\x8f\xb9\xb3\x5b\xcc\x92\x3e\xb7\x17\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\xa0\x93\x7f\x05\x00\x00\xff\xff\xfa\xda\xd9\x8d",
- 1255);
- syz_mount_image(/*fs=*/0x200000000040, /*dir=*/0x200000000500,
- /*flags=MS_SYNCHRONOUS|MS_SILENT|MS_MANDLOCK*/ 0x8050,
- /*opts=*/0x2000000001c0, /*chdir=*/1, /*size=*/0x4e5,
- /*img=*/0x200000000540);
- memcpy((void*)0x200000000140, "./file0\000", 8);
- res = syscall(__NR_creat, /*file=*/0x200000000140ul, /*mode=*/0ul);
- if (res != -1)
- r[180] = res;
- res = syscall(__NR_socketpair, /*domain=*/1ul, /*type=SOCK_SEQPACKET*/ 5ul,
- /*proto=*/0, /*fds=*/0x2000000001c0ul);
- if (res != -1) {
- r[181] = *(uint32_t*)0x2000000001c0;
- r[182] = *(uint32_t*)0x2000000001c4;
- }
- syscall(__NR_close, /*fd=*/r[180]);
- syscall(__NR_fcntl, /*fd=*/r[181], /*cmd=*/0ul, /*arg=*/r[182]);
- syscall(__NR_lseek, /*fd=*/-1, /*offset=*/0x49ul, /*whence=*/0ul);
- syscall(__NR_getdents64, /*fd=*/-1, /*ent=*/0ul, /*count=*/0ul);
- memcpy((void*)0x200000000000, "/dev/cdrom\000", 11);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=O_DIRECTORY*/ 0x10000,
- /*mode=*/0);
- if (res != -1)
- r[183] = res;
- *(uint8_t*)0x200000000080 = 0x2b;
- *(uint8_t*)0x200000000081 = 0x16;
- memset((void*)0x200000000082, 0, 6);
- *(uint8_t*)0x200000000088 = 0xf4;
- *(uint8_t*)0x200000000089 = 0xb5;
- memcpy((void*)0x20000000008a,
- "\x37\xc1\x2e\x88\xb5\x1b\xe5\x76\xc5\xbe\x45\x0a\xec\x35\x2c\x3d\xc4"
- "\x64\x88\xbc\x0a\x44\xf5\x00\x9f\x46\xde\xff\xaa\x54\x52\x13\x1a\x9f"
- "\xd8\x91\xaa\x02\x7c\x4e\xaa\xf4\xce\x92\x27\x60\x33\x15\x51\x89\xf0"
- "\x75\x34\x47\x26\x44\xac\x66\xf4\x67\xea\x55\x98\x0b\x29\x34\x1c\x7a"
- "\x43\xdd\x76\x19\x3f\xda\xd3\xf5\x9b\x9d\x09\x8b\x5c\xaa\xcb\x6b\x9e"
- "\x6e\x31\xc2\x65\x76\xf5\x06\x41\x0e\xa5\xce\x0e\x23\xe8\xee\x94\xd3"
- "\xca\xcd\x21\x6a\x3b\xee\xa4\x3c\x1f\x94\x03\xaf\x2c\xba\xc5\xc8\xf0"
- "\x70\x93\x7a\xcc\x93\xa1\x11\x63\x59\x35\x07\x2c\x3a\xa6\x78\x1d\x7b"
- "\x65\x70\xc3\xb0\x9e\xdf\x84\xa5\x5e\x70\x2f\xb7\x07\x71\x73\x37\x12"
- "\xcf\x15\x90\x9e\x9f\x96\x08\x18\xe2\x89\xb4\x48\xce\x5f\x02\x84\x89"
- "\x60\x61\xd6\xab\x20\xa5\x92\x31\x93\x48\x81",
- 181);
- syscall(__NR_setsockopt, /*fd=*/-1, /*level=*/0x29, /*optname=*/0x37,
- /*optval=*/0x200000000080ul, /*optlen=*/0xc0ul);
- memcpy((void*)0x200000000000, "/dev/snd/timer\000", 15);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0, 0);
- if (res != -1)
- r[184] = res;
- syscall(
- __NR_clock_getres,
- /*id=CLOCK_PROCESS_CPUTIME_ID|0x4b54da0c41cf7c50*/ 0x4b54da0c41cf7c52ul,
- /*tp=*/0ul);
- *(uint32_t*)0x200000000140 = 1;
- *(uint32_t*)0x200000000144 = 0;
- *(uint32_t*)0x200000000148 = 0;
- *(uint32_t*)0x20000000014c = 0;
- *(uint32_t*)0x200000000150 = 0;
- memset((void*)0x200000000154, 0, 32);
- syscall(__NR_ioctl, /*fd=*/r[184], /*cmd=*/0x40345410,
- /*arg=*/0x200000000140ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/3ul, /*proto=*/2);
- if (res != -1)
- r[185] = res;
- syscall(__NR_getsockopt, /*fd=*/r[185], /*level=*/1, /*optname=*/0,
- /*optval=*/0ul, /*optlen=*/0ul);
- memcpy(
- (void*)0x200000000940,
- "\0203q}2[\340\232\356\257\003\227\236t\v\"|"
- "Ma\206\347\300\024\237\271h\261\226\347=I\2060S6\265\250\302\225Je%"
- "\376G\'\250\345\217\370\322\034\300\373\034\246\253\bi\344^"
- "\325\375\251\r\2547A\224k\315\t\000\220k\326\005\266&\320\235aA\305\234_"
- "\324\030,\f\324s\262\231/"
- "\300\232\362Oc\300c\003gB!\260\270n\001\233T\225\020\206\350$\177\r["
- "\371\0161v\261\034\210\v\225uy\265:\342\341\334(\375\005\237B\204O\376@"
- "\000\000\000\000\000\000\000\000\000\000\000\000\032\240\212\033\003\"&"
- "\254\312p>\314Z\001\274\030\301\271\351\v\213\234\264Q\324\226EV<>"
- "\t\000\000\000\304tL\352\365W\275#"
- "\317\212\320\350\270\354\004\205\f\357\264\204\355\237/"
- "\324\273\352;-Dp\370\320F\220\370\222Ip6\364\026\350\024\340\222!\222-"
- "F\342\024D\221\250b\004\335\035\a\334\340\030\205{"
- "\200Q\366k\226\372Q\237W\vO\360\344O\\\316S\362\336\0049d\006#"
- "\210\303\337\205O\034\303\255?r\327\016\000\327\203\260\210\234\366Y-"
- "F\230\335\234~\375\225\303\266lC\252\"Y\365\320\267\334\213\027|"
- "\351q\242K\354z\204:*\365Y\321\2331}\233\025\324\354\002o\001&"
- "\252\220w\304\307yn\265\032g\253&?"
- "\276\313\350v\250\340\244\201sW\254f\0249\322}\357CGa\232$4\214\245!"
- "p\203\005\226%\002%\253j\n\b\310NC\221}&"
- "y\323\341\356p\'\305\253\031GsX5\214\n\237h\356;4\261%"
- "V\340\251\216\3630:\330\030N~G\0239\312\257\353o\035\027\325nAp\327\314("
- "A\230 "
- "\000;]\375;\320\234\031v\034\302]"
- "\264Dk\205\344\210\2154\200\231\301i\255\2466\223\v\321/"
- ";6U\344\261\233\247\270\335t8\226\301=W\321\001\333r\311n@"
- "fw\305\272\234\234}\375\214\333gE@N\307\252\210Z\001:\270\206\207#"
- "\365\324L->\271\021_\374h)\274\2525\255\267?\2530{"
- "8\207\346\253\200\272p<\223}"
- "1K\323\202\2651c\300\366\256\352\233ht\221N\021\002\24557\210&\a!"
- "\022D\037y\214\336\236`\253\345\234\320\233\214["
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\302"
- "\365\200\375\004\3544\340\n\252%R\301\273\271:"
- "\017\274\005\315\243\206\276\257\270S\352\234\006["
- "Q\231\003\325J\361\351}*\204\232\337\f\365\356\337H@"
- "\340\016\000\370\217Q;"
- "n2I\373\f\262\320\224\t\335\265\252\352\225\310\037\024\343\243\026\245"
- "\326\375\333\314\336\350q\351\306\265\211\341\304\317\337\\\2750\302~"
- "\355\000\332\351\307\265}"
- "\224\260\034\365\327\034\265\033\0168\252\242\261h\265P\002KQ",
- 737);
- res = syscall(__NR_memfd_create, /*name=*/0x200000000940ul, /*flags=*/0ul);
- if (res != -1)
- r[186] = res;
- memcpy((void*)0x200000000040, "/dev/loop#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000040, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[187] = res;
- syscall(__NR_ioctl, /*fd=*/r[187], /*cmd=*/0x4c06, /*arg=*/r[186]);
- syscall(__NR_ioctl, /*fd=*/r[184], /*cmd=*/0x54a0, 0);
- memcpy((void*)0x200000000000, "/dev/snd/timer\000", 15);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0x20, 0);
- if (res != -1)
- r[188] = res;
- *(uint32_t*)0x200000000140 = 1;
- *(uint32_t*)0x200000000144 = 0;
- *(uint32_t*)0x200000000148 = 0;
- *(uint32_t*)0x20000000014c = 0;
- *(uint32_t*)0x200000000150 = 0;
- memset((void*)0x200000000154, 0, 32);
- syscall(__NR_ioctl, /*fd=*/r[188], /*cmd=*/0x40345410,
- /*arg=*/0x200000000140ul);
- syscall(__NR_ioctl, /*fd=*/r[188], /*cmd=*/0x54a2, 0);
- syscall(__NR_ioctl, /*fd=*/r[184], /*cmd=*/0x54a1, 0);
- *(uint8_t*)0x200000000040 = 0xa;
- syscall(__NR_ioctl, /*fd=*/r[183], /*cmd=*/0x5390, /*arg=*/0x200000000040ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0xc);
- if (res != -1)
- r[189] = res;
- *(uint64_t*)0x200000000280 = 0;
- *(uint32_t*)0x200000000288 = 0;
- *(uint64_t*)0x200000000290 = 0x200000000240;
- *(uint64_t*)0x200000000240 = 0x200000000000;
- *(uint32_t*)0x200000000000 = 0x50;
- *(uint8_t*)0x200000000004 = 1;
- *(uint8_t*)0x200000000005 = 2;
- *(uint16_t*)0x200000000006 = 0x101;
- *(uint32_t*)0x200000000008 = 0;
- *(uint32_t*)0x20000000000c = 0;
- *(uint8_t*)0x200000000010 = 2;
- *(uint8_t*)0x200000000011 = 0;
- *(uint16_t*)0x200000000012 = htobe16(0);
- *(uint16_t*)0x200000000014 = 0x3c;
- STORE_BY_BITMASK(uint16_t, , 0x200000000016, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000017, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000017, 1, 7, 1);
- *(uint16_t*)0x200000000018 = 0xc;
- STORE_BY_BITMASK(uint16_t, , 0x20000000001a, 2, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x20000000001b, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x20000000001b, 1, 7, 1);
- *(uint16_t*)0x20000000001c = 5;
- *(uint16_t*)0x20000000001e = 1;
- *(uint8_t*)0x200000000020 = 0;
- *(uint16_t*)0x200000000024 = 0x2c;
- STORE_BY_BITMASK(uint16_t, , 0x200000000026, 1, 0, 14);
- STORE_BY_BITMASK(uint16_t, , 0x200000000027, 0, 6, 1);
- STORE_BY_BITMASK(uint16_t, , 0x200000000027, 1, 7, 1);
- *(uint16_t*)0x200000000028 = 0x14;
- *(uint16_t*)0x20000000002a = 3;
- *(uint8_t*)0x20000000002c = -1;
- *(uint8_t*)0x20000000002d = 2;
- memset((void*)0x20000000002e, 0, 13);
- *(uint8_t*)0x20000000003b = 1;
- *(uint16_t*)0x20000000003c = 0x14;
- *(uint16_t*)0x20000000003e = 4;
- memset((void*)0x200000000040, 0, 10);
- memset((void*)0x20000000004a, 255, 2);
- *(uint32_t*)0x20000000004c = htobe32(0xe0000001);
- *(uint64_t*)0x200000000248 = 0x50;
- *(uint64_t*)0x200000000298 = 1;
- *(uint64_t*)0x2000000002a0 = 0;
- *(uint64_t*)0x2000000002a8 = 0;
- *(uint32_t*)0x2000000002b0 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[189], /*msg=*/0x200000000280ul, /*f=*/0ul);
- res = syscall(__NR_socket, /*domain=*/0x10ul, /*type=*/3ul, /*proto=*/0);
- if (res != -1)
- r[190] = res;
- *(uint64_t*)0x2000000009c0 = 0;
- *(uint32_t*)0x2000000009c8 = 0;
- *(uint64_t*)0x2000000009d0 = 0x200000000940;
- *(uint64_t*)0x200000000940 = 0x200000000080;
- memcpy((void*)0x200000000080,
- "\x1c\x00\x00\x00\xb8\xb0\xd6\x10\xb3\x7b\x4e\xcf\xe3\x76\x00\x0b\x0f"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x80\xa3\x9d\x2a\x73\x6c"
- "\x00\x00\x02",
- 37);
- *(uint64_t*)0x200000000948 = 0x1c;
- *(uint64_t*)0x2000000009d8 = 1;
- *(uint64_t*)0x2000000009e0 = 0;
- *(uint64_t*)0x2000000009e8 = 0;
- *(uint32_t*)0x2000000009f0 = 0;
- syscall(__NR_sendmsg, /*fd=*/r[190], /*msg=*/0x2000000009c0ul, /*f=*/0ul);
- memcpy((void*)0x200000000000, "/dev/cdrom\000", 11);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=O_DIRECTORY*/ 0x10000,
- /*mode=*/0);
- if (res != -1)
- r[191] = res;
- *(uint8_t*)0x200000000080 = 0x2b;
- *(uint8_t*)0x200000000081 = 0x16;
- memset((void*)0x200000000082, 0, 6);
- *(uint8_t*)0x200000000088 = 0xf4;
- *(uint8_t*)0x200000000089 = 0xb5;
- memcpy((void*)0x20000000008a,
- "\x37\xc1\x2e\x88\xb5\x1b\xe5\x76\xc5\xbe\x45\x0a\xec\x35\x2c\x3d\xc4"
- "\x64\x88\xbc\x0a\x44\xf5\x00\x9f\x46\xde\xff\xaa\x54\x52\x13\x1a\x9f"
- "\xd8\x91\xaa\x02\x7c\x4e\xaa\xf4\xce\x92\x27\x60\x33\x15\x51\x89\xf0"
- "\x75\x34\x47\x26\x44\xac\x66\xf4\x67\xea\x55\x98\x0b\x29\x34\x1c\x7a"
- "\x43\xdd\x76\x19\x3f\xda\xd3\xf5\x9b\x9d\x09\x8b\x5c\xaa\xcb\x6b\x9e"
- "\x6e\x31\xc2\x65\x76\xf5\x06\x41\x0e\xa5\xce\x0e\x23\xe8\xee\x94\xd3"
- "\xca\xcd\x21\x6a\x3b\xee\xa4\x3c\x1f\x94\x03\xaf\x2c\xba\xc5\xc8\xf0"
- "\x70\x93\x7a\xcc\x93\xa1\x11\x63\x59\x35\x07\x2c\x3a\xa6\x78\x1d\x7b"
- "\x65\x70\xc3\xb0\x9e\xdf\x84\xa5\x5e\x70\x2f\xb7\x07\x71\x73\x37\x12"
- "\xcf\x15\x90\x9e\x9f\x96\x08\x18\xe2\x89\xb4\x48\xce\x5f\x02\x84\x89"
- "\x60\x61\xd6\xab\x20\xa5\x92\x31\x93\x48\x81",
- 181);
- syscall(__NR_setsockopt, /*fd=*/-1, /*level=*/0x29, /*optname=*/0x37,
- /*optval=*/0x200000000080ul, /*optlen=*/0xc0ul);
- memcpy((void*)0x200000000000, "/dev/snd/timer\000", 15);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0, 0);
- if (res != -1)
- r[192] = res;
- syscall(
- __NR_clock_getres,
- /*id=CLOCK_PROCESS_CPUTIME_ID|0x4b54da0c41cf7c50*/ 0x4b54da0c41cf7c52ul,
- /*tp=*/0ul);
- *(uint32_t*)0x200000000140 = 1;
- *(uint32_t*)0x200000000144 = 0;
- *(uint32_t*)0x200000000148 = 0;
- *(uint32_t*)0x20000000014c = 0;
- *(uint32_t*)0x200000000150 = 0;
- memset((void*)0x200000000154, 0, 32);
- syscall(__NR_ioctl, /*fd=*/r[192], /*cmd=*/0x40345410,
- /*arg=*/0x200000000140ul);
- res = syscall(__NR_socket, /*domain=*/2ul, /*type=*/3ul, /*proto=*/2);
- if (res != -1)
- r[193] = res;
- syscall(__NR_getsockopt, /*fd=*/r[193], /*level=*/1, /*optname=*/0,
- /*optval=*/0ul, /*optlen=*/0ul);
- memcpy(
- (void*)0x200000000940,
- "\0203q}2[\340\232\356\257\003\227\236t\v\"|"
- "Ma\206\347\300\024\237\271h\261\226\347=I\2060S6\265\250\302\225Je%"
- "\376G\'\250\345\217\370\322\034\300\373\034\246\253\bi\344^"
- "\325\375\251\r\2547A\224k\315\t\000\220k\326\005\266&\320\235aA\305\234_"
- "\324\030,\f\324s\262\231/"
- "\300\232\362Oc\300c\003gB!\260\270n\001\233T\225\020\206\350$\177\r["
- "\371\0161v\261\034\210\v\225uy\265:\342\341\334(\375\005\237B\204O\376@"
- "\000\000\000\000\000\000\000\000\000\000\000\000\032\240\212\033\003\"&"
- "\254\312p>\314Z\001\274\030\301\271\351\v\213\234\264Q\324\226EV<>"
- "\t\000\000\000\304tL\352\365W\275#"
- "\317\212\320\350\270\354\004\205\f\357\264\204\355\237/"
- "\324\273\352;-Dp\370\320F\220\370\222Ip6\364\026\350\024\340\222!\222-"
- "F\342\024D\221\250b\004\335\035\a\334\340\030\205{"
- "\200Q\366k\226\372Q\237W\vO\360\344O\\\316S\362\336\0049d\006#"
- "\210\303\337\205O\034\303\255?r\327\016\000\327\203\260\210\234\366Y-"
- "F\230\335\234~\375\225\303\266lC\252\"Y\365\320\267\334\213\027|"
- "\351q\242K\354z\204:*\365Y\321\2331}\233\025\324\354\002o\001&"
- "\252\220w\304\307yn\265\032g\253&?"
- "\276\313\350v\250\340\244\201sW\254f\0249\322}\357CGa\232$4\214\245!"
- "p\203\005\226%\002%\253j\n\b\310NC\221}&"
- "y\323\341\356p\'\305\253\031GsX5\214\n\237h\356;4\261%"
- "V\340\251\216\3630:\330\030N~G\0239\312\257\353o\035\027\325nAp\327\314("
- "A\230 "
- "\000;]\375;\320\234\031v\034\302]"
- "\264Dk\205\344\210\2154\200\231\301i\255\2466\223\v\321/"
- ";6U\344\261\233\247\270\335t8\226\301=W\321\001\333r\311n@"
- "fw\305\272\234\234}\375\214\333gE@N\307\252\210Z\001:\270\206\207#"
- "\365\324L->\271\021_\374h)\274\2525\255\267?\2530{"
- "8\207\346\253\200\272p<\223}"
- "1K\323\202\2651c\300\366\256\352\233ht\221N\021\002\24557\210&\a!"
- "\022D\037y\214\336\236`\253\345\234\320\233\214["
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\302"
- "\365\200\375\004\3544\340\n\252%R\301\273\271:"
- "\017\274\005\315\243\206\276\257\270S\352\234\006["
- "Q\231\003\325J\361\351}*\204\232\337\f\365\356\337H@"
- "\340\016\000\370\217Q;"
- "n2I\373\f\262\320\224\t\335\265\252\352\225\310\037\024\343\243\026\245"
- "\326\375\333\314\336\350q\351\306\265\211\341\304\317\337\\\2750\302~"
- "\355\000\332\351\307\265}"
- "\224\260\034\365\327\034\265\033\0168\252\242\261h\265P\002KQ",
- 737);
- res = syscall(__NR_memfd_create, /*name=*/0x200000000940ul, /*flags=*/0ul);
- if (res != -1)
- r[194] = res;
- memcpy((void*)0x200000000040, "/dev/loop#\000", 11);
- res = -1;
- res = syz_open_dev(/*dev=*/0x200000000040, /*id=*/0, /*flags=*/0);
- if (res != -1)
- r[195] = res;
- syscall(__NR_ioctl, /*fd=*/r[195], /*cmd=*/0x4c06, /*arg=*/r[194]);
- syscall(__NR_ioctl, /*fd=*/r[192], /*cmd=*/0x54a0, 0);
- memcpy((void*)0x200000000000, "/dev/snd/timer\000", 15);
- res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
- /*file=*/0x200000000000ul, /*flags=*/0x20, 0);
- if (res != -1)
- r[196] = res;
- *(uint32_t*)0x200000000140 = 1;
- *(uint32_t*)0x200000000144 = 0;
- *(uint32_t*)0x200000000148 = 0;
- *(uint32_t*)0x20000000014c = 0;
- *(uint32_t*)0x200000000150 = 0;
- memset((void*)0x200000000154, 0, 32);
- syscall(__NR_ioctl, /*fd=*/r[196], /*cmd=*/0x40345410,
- /*arg=*/0x200000000140ul);
- syscall(__NR_ioctl, /*fd=*/r[196], /*cmd=*/0x54a2, 0);
- syscall(__NR_ioctl, /*fd=*/r[192], /*cmd=*/0x54a1, 0);
- *(uint8_t*)0x200000000040 = 0xa;
- syscall(__NR_ioctl, /*fd=*/r[191], /*cmd=*/0x5390, /*arg=*/0x200000000040ul);
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
