Lines Matching +full:0 +full:x1c
7 # db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe01bac2a960
8 # vpanic() at vpanic+0x132/frame 0xfffffe01bac2aa90
9 # panic() at panic+0x43/frame 0xfffffe01bac2aaf0
10 # sctp_inpcb_free() at sctp_inpcb_free+0xf28/frame 0xfffffe01bac2ab60
11 # sctp_close() at sctp_close+0xc0/frame 0xfffffe01bac2abb0
12 # soclose() at soclose+0x154/frame 0xfffffe01bac2ac10
13 # _fdrop() at _fdrop+0x1b/frame 0xfffffe01bac2ac30
14 # closef() at closef+0x1e3/frame 0xfffffe01bac2acc0
15 # fdescfree() at fdescfree+0x41a/frame 0xfffffe01bac2ad80
16 # exit1() at exit1+0x4a1/frame 0xfffffe01bac2adf0
17 # sys_exit() at sys_exit+0xd/frame 0xfffffe01bac2ae00
18 # amd64_syscall() at amd64_syscall+0x14f/frame 0xfffffe01bac2af30
19 # fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe01bac2af30
20 # --- syscall (1, FreeBSD ELF64, exit), rip = 0x824db2f4a, rsp = 0x8211862b8, rbp = 0x8211862d0 ---
22 # Stopped at kdb_enter+0x32: movq $0,0xe27583(%rip)
24 # version: FreeBSD 15.0-CURRENT #0 main-n265298-10db91ecec98b1: Tue Sep 12 12:16:45 CEST 2023
28 uname -p | grep -Eq "amd64" || exit 0
29 [ `id -u ` -ne 0 ] && echo "Must be root!" && exit 1
33 prog=$(basename "$0" .sh)
62 while (waitpid(-1, status, 0) != pid) {
81 #define WAIT_FLAGS 0
85 int iter __unused = 0;
88 if (pid < 0)
90 if (pid == 0) {
92 exit(0);
94 int status = 0;
108 uint64_t r[1] = {0xffffffffffffffff};
112 intptr_t res = 0;
113 res = syscall(SYS_socket, 0x1cul, 1ul, 0x84);
115 r[0] = res;
116 *(uint8_t*)0x20000040 = 0x1c;
117 *(uint8_t*)0x20000041 = 0x1c;
118 *(uint16_t*)0x20000042 = htobe16(0x4e22 + procid * 4);
119 *(uint32_t*)0x20000044 = 0;
120 *(uint64_t*)0x20000048 = htobe64(0);
121 *(uint64_t*)0x20000050 = htobe64(1);
122 *(uint32_t*)0x20000058 = 0;
123 syscall(SYS_bind, r[0], 0x20000040ul, 0x1cul);
124 *(uint8_t*)0x20000180 = 0x1c;
125 *(uint8_t*)0x20000181 = 0x1c;
126 *(uint16_t*)0x20000182 = htobe16(0x4e22 + procid * 4);
127 *(uint32_t*)0x20000184 = 0;
128 *(uint64_t*)0x20000188 = htobe64(0);
129 *(uint64_t*)0x20000190 = htobe64(1);
130 *(uint32_t*)0x20000198 = 0;
131 syscall(SYS_connect, r[0], 0x20000180ul, 0x1cul);
132 *(uint32_t*)0x20000300 = 0x80000021;
133 syscall(SYS_setsockopt, r[0], 0x84, 0x1b, 0x20000300ul, 4ul);
134 memset((void*)0x20000480, 163, 1);
135 syscall(SYS_sendto, r[0], 0x20000480ul, 0xfffffe5cul, 0x188ul, 0ul, 0ul);
136 *(uint16_t*)0x200000c0 = 0;
137 *(uint16_t*)0x200000c2 = 0x200;
138 *(uint32_t*)0x200000c4 = 0;
139 *(uint32_t*)0x200000c8 = 0;
140 *(uint32_t*)0x200000cc = 0;
141 syscall(SYS_setsockopt, r[0], 0x84, 0x21, 0x200000c0ul, 0x10ul);
142 syscall(SYS_shutdown, r[0], 0ul);
143 syscall(SYS_writev, r[0], 0ul, 0ul);
147 syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 7ul, 0x1012ul, -1, 0ul);
148 for (procid = 0; procid < 4; procid++) {
149 if (fork() == 0) {
154 return 0;
171 exit 0