syzkaller-repros/linux/c10e35cea23d1e9c36c784c3b79607c78849c9f0.c - pub/scm/linux/kernel/git/shuah/linux-arts - Git at Google

 // WARNING in fib6_repair_tree
 // https://syzkaller.appspot.com/bug?id=c10e35cea23d1e9c36c784c3b79607c78849c9f0
 // status:open
 // autogenerated by syzkaller (http://github.com/google/syzkaller)

 #define _GNU_SOURCE
 #include <endian.h>
 #include <stdint.h>
 #include <string.h>
 #include <sys/syscall.h>
 #include <unistd.h>

 long r[2];
 void loop()
 {
   memset(r, -1, sizeof(r));
   syscall(__NR_mmap, 0x20000000, 0xfff000, 3, 0x32, -1, 0);
   r[0] = syscall(__NR_socket, 0x10, 3, 0);
   *(uint64_t*)0x2001bfc8 = 0x20016000;
   *(uint32_t*)0x2001bfd0 = 0xc;
   *(uint64_t*)0x2001bfd8 = 0x2000b000;
   *(uint64_t*)0x2001bfe0 = 1;
   *(uint64_t*)0x2001bfe8 = 0;
   *(uint64_t*)0x2001bff0 = 0;
   *(uint32_t*)0x2001bff8 = 0;
   *(uint16_t*)0x20016000 = 0x10;
   *(uint16_t*)0x20016002 = 0;
   *(uint32_t*)0x20016004 = 0;
   *(uint32_t*)0x20016008 = 0;
   *(uint64_t*)0x2000b000 = 0x2001f000;
   *(uint64_t*)0x2000b008 = 0x24;
   *(uint32_t*)0x2001f000 = 0x24;
   *(uint16_t*)0x2001f004 = 0x18;
   *(uint16_t*)0x2001f006 = 0x251f;
   *(uint32_t*)0x2001f008 = 0;
   *(uint32_t*)0x2001f00c = 0;
   *(uint8_t*)0x2001f010 = 0xa;
   *(uint8_t*)0x2001f011 = 0;
   *(uint8_t*)0x2001f012 = 0;
   *(uint8_t*)0x2001f013 = 0;
   *(uint8_t*)0x2001f014 = 0;
   *(uint8_t*)0x2001f015 = 0;
   *(uint8_t*)0x2001f016 = 0;
   *(uint8_t*)0x2001f017 = 8;
   *(uint32_t*)0x2001f018 = 0;
   *(uint16_t*)0x2001f01c = 8;
   *(uint16_t*)0x2001f01e = 6;
   *(uint32_t*)0x2001f020 = -1;
   syscall(__NR_sendmsg, r[0], 0x2001bfc8, 0);
   r[1] = syscall(__NR_socket, 2, 0xa, 0);
   memcpy((void*)0x20dc4000,
          "\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
          16);
   *(uint32_t*)0x20dc4010 = 0;
   syscall(__NR_ioctl, r[1], 0x8922, 0x20dc4000);
 }

 int main()
 {
   loop();
   return 0;
 }
	// WARNING in fib6_repair_tree
	// https://syzkaller.appspot.com/bug?id=c10e35cea23d1e9c36c784c3b79607c78849c9f0
	// status:open
	// autogenerated by syzkaller (http://github.com/google/syzkaller)

	#define _GNU_SOURCE
	#include <endian.h>
	#include <stdint.h>
	#include <string.h>
	#include <sys/syscall.h>
	#include <unistd.h>

	long r[2];
	void loop()
	{
	memset(r, -1, sizeof(r));
	syscall(__NR_mmap, 0x20000000, 0xfff000, 3, 0x32, -1, 0);
	r[0] = syscall(__NR_socket, 0x10, 3, 0);
	(uint64_t)0x2001bfc8 = 0x20016000;
	(uint32_t)0x2001bfd0 = 0xc;
	(uint64_t)0x2001bfd8 = 0x2000b000;
	(uint64_t)0x2001bfe0 = 1;
	(uint64_t)0x2001bfe8 = 0;
	(uint64_t)0x2001bff0 = 0;
	(uint32_t)0x2001bff8 = 0;
	(uint16_t)0x20016000 = 0x10;
	(uint16_t)0x20016002 = 0;
	(uint32_t)0x20016004 = 0;
	(uint32_t)0x20016008 = 0;
	(uint64_t)0x2000b000 = 0x2001f000;
	(uint64_t)0x2000b008 = 0x24;
	(uint32_t)0x2001f000 = 0x24;
	(uint16_t)0x2001f004 = 0x18;
	(uint16_t)0x2001f006 = 0x251f;
	(uint32_t)0x2001f008 = 0;
	(uint32_t)0x2001f00c = 0;
	(uint8_t)0x2001f010 = 0xa;
	(uint8_t)0x2001f011 = 0;
	(uint8_t)0x2001f012 = 0;
	(uint8_t)0x2001f013 = 0;
	(uint8_t)0x2001f014 = 0;
	(uint8_t)0x2001f015 = 0;
	(uint8_t)0x2001f016 = 0;
	(uint8_t)0x2001f017 = 8;
	(uint32_t)0x2001f018 = 0;
	(uint16_t)0x2001f01c = 8;
	(uint16_t)0x2001f01e = 6;
	(uint32_t)0x2001f020 = -1;
	syscall(__NR_sendmsg, r[0], 0x2001bfc8, 0);
	r[1] = syscall(__NR_socket, 2, 0xa, 0);
	memcpy((void*)0x20dc4000,
	"\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
	16);
	(uint32_t)0x20dc4010 = 0;
	syscall(__NR_ioctl, r[1], 0x8922, 0x20dc4000);
	}

	int main()
	{
	loop();
	return 0;
	}