syzkaller-repros/linux/e4432806b1b9c791b6c3185785fcdbdcd8054d4f.c - pub/scm/linux/kernel/git/shuah/linux-arts - Git at Google

 // autogenerated by syzkaller (https://github.com/google/syzkaller)

 #define _GNU_SOURCE

 #include <endian.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/syscall.h>
 #include <sys/types.h>
 #include <unistd.h>

 uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

 int main(void)
 {
   syscall(__NR_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x32ul, -1, 0);
   intptr_t res = 0;
   res = syscall(__NR_socket, 0x10ul, 3ul, 0xcul);
   if (res != -1)
     r[0] = res;
   *(uint64_t*)0x20000300 = 0;
   *(uint32_t*)0x20000308 = 0;
   *(uint64_t*)0x20000310 = 0x200002c0;
   *(uint64_t*)0x200002c0 = 0x20000340;
   memcpy(
       (void*)0x20000340,
       "\x68\x00\x00\x00\x02\x06\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
       "\x00\x00\x12\x00\x03\x00\x62\x69\x74\x6d\x61\x70\x3a\x69\x70\x2c\x6d\x61"
       "\x63\x00\x00\x00\x09\x00\x02\x00\x73\x79\x7a\x30\x00\x00\x00\x00\x1c\x00"
       "\x07\x80\x0c\x00\x01\x80\x08\x00\x01\x40\x00\x00\x00\x00\x0c\x00\x02\x80"
       "\x08\x00\x01\x40\x00\x00\x00\x00\x05\x00\x01\x00\x07\x00\x00\x00\x05\x00"
       "\x04\x00\x00\x00\x00\x00\x05\x00\x05\x00\x02\x00\x00\x00\xb6\x2a\x12\xfd"
       "\x74\x8c\xf6\x60\xad\xec\xa6\xc4\xef\x7c\xf1\x6f\x57\xda\x44\x80\xd3\xe4"
       "\x00\x2e\xd7\xeb\xee\x07\x10\xdc\x9f\x9c\x47\x0c\xfe\x87\xf2\xeb\xa9\xa8"
       "\x00\xba\x95\xb7\xa4\x02\xca\x8a\x12\x92\x0e\x1c\xf5\x91\x56\xef\x34\x9f"
       "\xa3\x74\x75\x80\xb1\x2c\x13\x34\x70\x8d\xb7\xbe\x74\xd3\x37\xd2\x35\xaf"
       "\x31\x36\x68\xd2\x10\xc4\x96\x13\x46\xa5\xaa\xf0\x2e\x46\x87\xeb\x76\xab"
       "\xd7\x12\xd4\x4f\x2e\xd5\xdd\xc8\x0e\x39\x95\xdd\x0c\x3d\xbb\x56\x4f\x40"
       "\xa0\x1d\x4a\xbc\x99\x8e\x5a\x35\x70\xf1\xa1\xc0\x09\x0a\x5d\xb8\xf9\x3b"
       "\x80\xf9\x9c\xc1\xe8\xf9\x36\x93\x5b\x24\x8c\xf6\xe8\x15\xfb\x08\xb5\xc1"
       "\xfd\x52\xab\xa6\xbe\xe9\xf2\x15\x37\xcf\x05\x05\x76\x1e\x6a\xf1\xee\x83"
       "\xf5\x18\x27\xac\xc3\xf0\x37\x22\x28\x9f\xee\x28\xce\x31\xa5\x03\x4f\x8d"
       "\x43\xfe\xfb\x14\xde\x53\x6c\x92\xbe\xa5\x9e\xc3\x5a\xf1\xdc\xe3\x5d\x30"
       "\xc5\x90\x5c\x00\x18\xb9\x4a\x4f\xc0\x54\x1e\x51\xb2\xf5\x14\xa8\xe7\x0c"
       "\xb5\x3e\x64\xf6\x4c\x80\xbc\x05\x38\xf5\xe9\xf8\x49\x8a\x09\x55\x82\xf6"
       "\x3b\x2f",
       344);
   *(uint64_t*)0x200002c8 = 0x68;
   *(uint64_t*)0x20000318 = 1;
   *(uint64_t*)0x20000320 = 0;
   *(uint64_t*)0x20000328 = 0;
   *(uint32_t*)0x20000330 = 0;
   syscall(__NR_sendmsg, r[0], 0x20000300ul, 0ul);
   res = syscall(__NR_socket, 0x10ul, 3ul, 0xcul);
   if (res != -1)
     r[1] = res;
   *(uint64_t*)0x200000c0 = 0;
   *(uint32_t*)0x200000c8 = 0;
   *(uint64_t*)0x200000d0 = 0x20000080;
   *(uint64_t*)0x20000080 = 0x20000040;
   *(uint32_t*)0x20000040 = 0x1c;
   *(uint8_t*)0x20000044 = 8;
   *(uint8_t*)0x20000045 = 6;
   *(uint16_t*)0x20000046 = 3;
   *(uint32_t*)0x20000048 = 0;
   *(uint32_t*)0x2000004c = 0;
   *(uint8_t*)0x20000050 = 0;
   *(uint8_t*)0x20000051 = 0;
   *(uint16_t*)0x20000052 = htobe16(0);
   *(uint16_t*)0x20000054 = 5;
   *(uint16_t*)0x20000056 = 1;
   *(uint8_t*)0x20000058 = 7;
   *(uint64_t*)0x20000088 = 0x1c;
   *(uint64_t*)0x200000d8 = 1;
   *(uint64_t*)0x200000e0 = 0;
   *(uint64_t*)0x200000e8 = 0;
   *(uint32_t*)0x200000f0 = 0;
   syscall(__NR_sendmsg, r[1], 0x200000c0ul, 0ul);
   return 0;
 }
	// autogenerated by syzkaller (https://github.com/google/syzkaller)

	#define _GNU_SOURCE

	#include <endian.h>
	#include <stdint.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <sys/syscall.h>
	#include <sys/types.h>
	#include <unistd.h>

	uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

	int main(void)
	{
	syscall(__NR_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x32ul, -1, 0);
	intptr_t res = 0;
	res = syscall(__NR_socket, 0x10ul, 3ul, 0xcul);
	if (res != -1)
	r[0] = res;
	(uint64_t)0x20000300 = 0;
	(uint32_t)0x20000308 = 0;
	(uint64_t)0x20000310 = 0x200002c0;
	(uint64_t)0x200002c0 = 0x20000340;
	memcpy(
	(void*)0x20000340,
	"\x68\x00\x00\x00\x02\x06\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
	"\x00\x00\x12\x00\x03\x00\x62\x69\x74\x6d\x61\x70\x3a\x69\x70\x2c\x6d\x61"
	"\x63\x00\x00\x00\x09\x00\x02\x00\x73\x79\x7a\x30\x00\x00\x00\x00\x1c\x00"
	"\x07\x80\x0c\x00\x01\x80\x08\x00\x01\x40\x00\x00\x00\x00\x0c\x00\x02\x80"
	"\x08\x00\x01\x40\x00\x00\x00\x00\x05\x00\x01\x00\x07\x00\x00\x00\x05\x00"
	"\x04\x00\x00\x00\x00\x00\x05\x00\x05\x00\x02\x00\x00\x00\xb6\x2a\x12\xfd"
	"\x74\x8c\xf6\x60\xad\xec\xa6\xc4\xef\x7c\xf1\x6f\x57\xda\x44\x80\xd3\xe4"
	"\x00\x2e\xd7\xeb\xee\x07\x10\xdc\x9f\x9c\x47\x0c\xfe\x87\xf2\xeb\xa9\xa8"
	"\x00\xba\x95\xb7\xa4\x02\xca\x8a\x12\x92\x0e\x1c\xf5\x91\x56\xef\x34\x9f"
	"\xa3\x74\x75\x80\xb1\x2c\x13\x34\x70\x8d\xb7\xbe\x74\xd3\x37\xd2\x35\xaf"
	"\x31\x36\x68\xd2\x10\xc4\x96\x13\x46\xa5\xaa\xf0\x2e\x46\x87\xeb\x76\xab"
	"\xd7\x12\xd4\x4f\x2e\xd5\xdd\xc8\x0e\x39\x95\xdd\x0c\x3d\xbb\x56\x4f\x40"
	"\xa0\x1d\x4a\xbc\x99\x8e\x5a\x35\x70\xf1\xa1\xc0\x09\x0a\x5d\xb8\xf9\x3b"
	"\x80\xf9\x9c\xc1\xe8\xf9\x36\x93\x5b\x24\x8c\xf6\xe8\x15\xfb\x08\xb5\xc1"
	"\xfd\x52\xab\xa6\xbe\xe9\xf2\x15\x37\xcf\x05\x05\x76\x1e\x6a\xf1\xee\x83"
	"\xf5\x18\x27\xac\xc3\xf0\x37\x22\x28\x9f\xee\x28\xce\x31\xa5\x03\x4f\x8d"
	"\x43\xfe\xfb\x14\xde\x53\x6c\x92\xbe\xa5\x9e\xc3\x5a\xf1\xdc\xe3\x5d\x30"
	"\xc5\x90\x5c\x00\x18\xb9\x4a\x4f\xc0\x54\x1e\x51\xb2\xf5\x14\xa8\xe7\x0c"
	"\xb5\x3e\x64\xf6\x4c\x80\xbc\x05\x38\xf5\xe9\xf8\x49\x8a\x09\x55\x82\xf6"
	"\x3b\x2f",
	344);
	(uint64_t)0x200002c8 = 0x68;
	(uint64_t)0x20000318 = 1;
	(uint64_t)0x20000320 = 0;
	(uint64_t)0x20000328 = 0;
	(uint32_t)0x20000330 = 0;
	syscall(__NR_sendmsg, r[0], 0x20000300ul, 0ul);
	res = syscall(__NR_socket, 0x10ul, 3ul, 0xcul);
	if (res != -1)
	r[1] = res;
	(uint64_t)0x200000c0 = 0;
	(uint32_t)0x200000c8 = 0;
	(uint64_t)0x200000d0 = 0x20000080;
	(uint64_t)0x20000080 = 0x20000040;
	(uint32_t)0x20000040 = 0x1c;
	(uint8_t)0x20000044 = 8;
	(uint8_t)0x20000045 = 6;
	(uint16_t)0x20000046 = 3;
	(uint32_t)0x20000048 = 0;
	(uint32_t)0x2000004c = 0;
	(uint8_t)0x20000050 = 0;
	(uint8_t)0x20000051 = 0;
	(uint16_t)0x20000052 = htobe16(0);
	(uint16_t)0x20000054 = 5;
	(uint16_t)0x20000056 = 1;
	(uint8_t)0x20000058 = 7;
	(uint64_t)0x20000088 = 0x1c;
	(uint64_t)0x200000d8 = 1;
	(uint64_t)0x200000e0 = 0;
	(uint64_t)0x200000e8 = 0;
	(uint32_t)0x200000f0 = 0;
	syscall(__NR_sendmsg, r[1], 0x200000c0ul, 0ul);
	return 0;
	}