syzkaller-repros/linux/733ece0b61c8f760d054c265f8908f16a4e5b659.c - pub/scm/linux/kernel/git/shuah/linux-arts - Git at Google

 // general protection fault in in_aton
 // https://syzkaller.appspot.com/bug?id=733ece0b61c8f760d054c265f8908f16a4e5b659
 // status:dup
 // autogenerated by syzkaller (http://github.com/google/syzkaller)

 #define _GNU_SOURCE
 #include <endian.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <string.h>
 #include <sys/syscall.h>
 #include <unistd.h>

 void loop()
 {
   memcpy((void*)0x20000140, "./file0", 8);
   syscall(__NR_mkdir, 0x20000140, 0);
   memcpy((void*)0x20000000, "127.0.0.1", 10);
   memcpy((void*)0x20000040, "./file0", 8);
   memcpy((void*)0x20000080, "9p", 3);
   memcpy((void*)0x20000180, "trans=rdma,", 11);
   memcpy((void*)0x2000018b, "port", 4);
   *(uint8_t*)0x2000018f = 0x3d;
   sprintf((char*)0x20000190, "0x%016llx", (long long)0x4e22);
   *(uint8_t*)0x200001a2 = 0x2c;
   memcpy((void*)0x200001a3, "posixacl", 8);
   *(uint8_t*)0x200001ab = 0x2c;
   memcpy((void*)0x200001ac, "sq", 2);
   *(uint8_t*)0x200001ae = 0x3d;
   sprintf((char*)0x200001af, "0x%016llx", (long long)4);
   *(uint8_t*)0x200001c1 = 0x2c;
   memcpy((void*)0x200001c2, "timeout", 7);
   *(uint8_t*)0x200001c9 = 0x3d;
   sprintf((char*)0x200001ca, "0x%016llx", (long long)2);
   *(uint8_t*)0x200001dc = 0x2c;
   memcpy((void*)0x200001dd, "sq", 2);
   *(uint8_t*)0x200001df = 0x3d;
   sprintf((char*)0x200001e0, "0x%016llx", (long long)0);
   *(uint8_t*)0x200001f2 = 0x2c;
   memcpy((void*)0x200001f3, "timeout", 7);
   *(uint8_t*)0x200001fa = 0x3d;
   sprintf((char*)0x200001fb, "0x%016llx", (long long)5);
   *(uint8_t*)0x2000020d = 0x2c;
   memcpy((void*)0x2000020e, "timeout", 7);
   *(uint8_t*)0x20000215 = 0x3d;
   sprintf((char*)0x20000216, "0x%016llx", (long long)0x100);
   *(uint8_t*)0x20000228 = 0x2c;
   *(uint8_t*)0x20000229 = 0;
   syscall(__NR_mount, 0x20000000, 0x20000040, 0x20000080, 0x10000, 0x20000180);
   memcpy((void*)0x200000c0, "./file0", 8);
   memcpy((void*)0x20000340, "9p", 3);
   syscall(__NR_mount, 0, 0x200000c0, 0x20000340, 0, 0x20000180);
 }

 int main()
 {
   syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
   loop();
   return 0;
 }
	// general protection fault in in_aton
	// https://syzkaller.appspot.com/bug?id=733ece0b61c8f760d054c265f8908f16a4e5b659
	// status:dup
	// autogenerated by syzkaller (http://github.com/google/syzkaller)

	#define _GNU_SOURCE
	#include <endian.h>
	#include <stdint.h>
	#include <stdio.h>
	#include <string.h>
	#include <sys/syscall.h>
	#include <unistd.h>

	void loop()
	{
	memcpy((void*)0x20000140, "./file0", 8);
	syscall(__NR_mkdir, 0x20000140, 0);
	memcpy((void*)0x20000000, "127.0.0.1", 10);
	memcpy((void*)0x20000040, "./file0", 8);
	memcpy((void*)0x20000080, "9p", 3);
	memcpy((void*)0x20000180, "trans=rdma,", 11);
	memcpy((void*)0x2000018b, "port", 4);
	(uint8_t)0x2000018f = 0x3d;
	sprintf((char*)0x20000190, "0x%016llx", (long long)0x4e22);
	(uint8_t)0x200001a2 = 0x2c;
	memcpy((void*)0x200001a3, "posixacl", 8);
	(uint8_t)0x200001ab = 0x2c;
	memcpy((void*)0x200001ac, "sq", 2);
	(uint8_t)0x200001ae = 0x3d;
	sprintf((char*)0x200001af, "0x%016llx", (long long)4);
	(uint8_t)0x200001c1 = 0x2c;
	memcpy((void*)0x200001c2, "timeout", 7);
	(uint8_t)0x200001c9 = 0x3d;
	sprintf((char*)0x200001ca, "0x%016llx", (long long)2);
	(uint8_t)0x200001dc = 0x2c;
	memcpy((void*)0x200001dd, "sq", 2);
	(uint8_t)0x200001df = 0x3d;
	sprintf((char*)0x200001e0, "0x%016llx", (long long)0);
	(uint8_t)0x200001f2 = 0x2c;
	memcpy((void*)0x200001f3, "timeout", 7);
	(uint8_t)0x200001fa = 0x3d;
	sprintf((char*)0x200001fb, "0x%016llx", (long long)5);
	(uint8_t)0x2000020d = 0x2c;
	memcpy((void*)0x2000020e, "timeout", 7);
	(uint8_t)0x20000215 = 0x3d;
	sprintf((char*)0x20000216, "0x%016llx", (long long)0x100);
	(uint8_t)0x20000228 = 0x2c;
	(uint8_t)0x20000229 = 0;
	syscall(__NR_mount, 0x20000000, 0x20000040, 0x20000080, 0x10000, 0x20000180);
	memcpy((void*)0x200000c0, "./file0", 8);
	memcpy((void*)0x20000340, "9p", 3);
	syscall(__NR_mount, 0, 0x200000c0, 0x20000340, 0, 0x20000180);
	}

	int main()
	{
	syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
	loop();
	return 0;
	}