// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include <unistd.h>
#include <sys/syscall.h>
#include <string.h>
#include <stdint.h>
#include <pthread.h>

long r[367];

void *thr(void *arg)
{
	switch ((long)arg) {
	case 0:
		r[0] = syscall(SYS_mmap, 0x20000000ul, 0x11000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);
		break;
	case 1:
		*(uint32_t*)0x20000ace = (uint32_t)0x2;
		*(uint32_t*)0x20000ad2 = (uint32_t)0xffffffffffffffff;
		*(uint32_t*)0x20000ad6 = (uint32_t)0x8;
		*(uint32_t*)0x20000ada = (uint32_t)0x0;
		*(uint32_t*)0x20000ade = (uint32_t)0xf;
		*(uint8_t*)0x20000ae2 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae3 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae4 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae5 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae6 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae7 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae8 = (uint8_t)0x0;
		*(uint8_t*)0x20000ae9 = (uint8_t)0x0;
		*(uint8_t*)0x20000aea = (uint8_t)0x0;
		*(uint8_t*)0x20000aeb = (uint8_t)0x0;
		*(uint8_t*)0x20000aec = (uint8_t)0x0;
		*(uint8_t*)0x20000aed = (uint8_t)0x0;
		*(uint8_t*)0x20000aee = (uint8_t)0x0;
		*(uint8_t*)0x20000aef = (uint8_t)0x0;
		*(uint8_t*)0x20000af0 = (uint8_t)0x0;
		*(uint8_t*)0x20000af1 = (uint8_t)0x0;
		*(uint8_t*)0x20000af2 = (uint8_t)0x0;
		*(uint8_t*)0x20000af3 = (uint8_t)0x0;
		*(uint8_t*)0x20000af4 = (uint8_t)0x0;
		*(uint8_t*)0x20000af5 = (uint8_t)0x0;
		*(uint8_t*)0x20000af6 = (uint8_t)0x0;
		*(uint8_t*)0x20000af7 = (uint8_t)0x0;
		*(uint8_t*)0x20000af8 = (uint8_t)0x0;
		*(uint8_t*)0x20000af9 = (uint8_t)0x0;
		*(uint8_t*)0x20000afa = (uint8_t)0x0;
		*(uint8_t*)0x20000afb = (uint8_t)0x0;
		*(uint8_t*)0x20000afc = (uint8_t)0x0;
		*(uint8_t*)0x20000afd = (uint8_t)0x0;
		*(uint8_t*)0x20000afe = (uint8_t)0x0;
		*(uint8_t*)0x20000aff = (uint8_t)0x0;
		*(uint8_t*)0x20000b00 = (uint8_t)0x0;
		*(uint8_t*)0x20000b01 = (uint8_t)0x0;
		*(uint8_t*)0x20000b02 = (uint8_t)0x0;
		*(uint8_t*)0x20000b03 = (uint8_t)0x0;
		*(uint8_t*)0x20000b04 = (uint8_t)0x0;
		*(uint8_t*)0x20000b05 = (uint8_t)0x0;
		*(uint8_t*)0x20000b06 = (uint8_t)0x0;
		*(uint8_t*)0x20000b07 = (uint8_t)0x0;
		*(uint8_t*)0x20000b08 = (uint8_t)0x0;
		*(uint8_t*)0x20000b09 = (uint8_t)0x0;
		*(uint8_t*)0x20000b0a = (uint8_t)0x0;
		*(uint8_t*)0x20000b0b = (uint8_t)0x0;
		*(uint8_t*)0x20000b0c = (uint8_t)0x0;
		*(uint8_t*)0x20000b0d = (uint8_t)0x0;
		*(uint8_t*)0x20000b0e = (uint8_t)0x0;
		*(uint8_t*)0x20000b0f = (uint8_t)0x0;
		*(uint8_t*)0x20000b10 = (uint8_t)0x0;
		*(uint8_t*)0x20000b11 = (uint8_t)0x0;
		*(uint8_t*)0x20000b12 = (uint8_t)0x0;
		*(uint8_t*)0x20000b13 = (uint8_t)0x0;
		*(uint8_t*)0x20000b14 = (uint8_t)0x0;
		*(uint8_t*)0x20000b15 = (uint8_t)0x0;
		*(uint8_t*)0x20000b16 = (uint8_t)0x0;
		*(uint8_t*)0x20000b17 = (uint8_t)0x0;
		*(uint8_t*)0x20000b18 = (uint8_t)0x0;
		*(uint8_t*)0x20000b19 = (uint8_t)0x0;
		*(uint8_t*)0x20000b1a = (uint8_t)0x0;
		*(uint8_t*)0x20000b1b = (uint8_t)0x0;
		*(uint8_t*)0x20000b1c = (uint8_t)0x0;
		*(uint8_t*)0x20000b1d = (uint8_t)0x0;
		r[66] = syscall(SYS_ioctl, 0xfffffffffffffffful, 0x40505412ul, 0x20000aceul, 0, 0, 0);
		break;
	case 2:
		memcpy((void*)0x20000990, "\x2f\x64\x65\x76\x2f\x73\x6e\x64\x2f\x74\x69\x6d\x65\x72", 14);
		r[68] = syscall(SYS_open, 0x20000990ul, 0x40ul, 0x0ul, 0, 0, 0);
		break;
	case 3:
		r[69] = syscall(SYS_mmap, 0x20011000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);
		break;
	case 4:
		*(uint32_t*)0x20011fb0 = (uint32_t)0x1;
		*(uint32_t*)0x20011fb4 = (uint32_t)0x0;
		*(uint32_t*)0x20011fb8 = (uint32_t)0x1;
		*(uint32_t*)0x20011fbc = (uint32_t)0x0;
		*(uint32_t*)0x20011fc0 = (uint32_t)0x7;
		*(uint8_t*)0x20011fc4 = (uint8_t)0x0;
		*(uint8_t*)0x20011fc5 = (uint8_t)0x0;
		*(uint8_t*)0x20011fc6 = (uint8_t)0x0;
		*(uint8_t*)0x20011fc7 = (uint8_t)0x0;
		*(uint8_t*)0x20011fc8 = (uint8_t)0x0;
		*(uint8_t*)0x20011fc9 = (uint8_t)0x0;
		*(uint8_t*)0x20011fca = (uint8_t)0x0;
		*(uint8_t*)0x20011fcb = (uint8_t)0x0;
		*(uint8_t*)0x20011fcc = (uint8_t)0x0;
		*(uint8_t*)0x20011fcd = (uint8_t)0x0;
		*(uint8_t*)0x20011fce = (uint8_t)0x0;
		*(uint8_t*)0x20011fcf = (uint8_t)0x0;
		*(uint8_t*)0x20011fd0 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd1 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd2 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd3 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd4 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd5 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd6 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd7 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd8 = (uint8_t)0x0;
		*(uint8_t*)0x20011fd9 = (uint8_t)0x0;
		*(uint8_t*)0x20011fda = (uint8_t)0x0;
		*(uint8_t*)0x20011fdb = (uint8_t)0x0;
		*(uint8_t*)0x20011fdc = (uint8_t)0x0;
		*(uint8_t*)0x20011fdd = (uint8_t)0x0;
		*(uint8_t*)0x20011fde = (uint8_t)0x0;
		*(uint8_t*)0x20011fdf = (uint8_t)0x0;
		*(uint8_t*)0x20011fe0 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe1 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe2 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe3 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe4 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe5 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe6 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe7 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe8 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe9 = (uint8_t)0x0;
		*(uint8_t*)0x20011fea = (uint8_t)0x0;
		*(uint8_t*)0x20011feb = (uint8_t)0x0;
		*(uint8_t*)0x20011fec = (uint8_t)0x0;
		*(uint8_t*)0x20011fed = (uint8_t)0x0;
		*(uint8_t*)0x20011fee = (uint8_t)0x0;
		*(uint8_t*)0x20011fef = (uint8_t)0x0;
		*(uint8_t*)0x20011ff0 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff1 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff2 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff3 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff4 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff5 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff6 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff7 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff8 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff9 = (uint8_t)0x0;
		*(uint8_t*)0x20011ffa = (uint8_t)0x0;
		*(uint8_t*)0x20011ffb = (uint8_t)0x0;
		*(uint8_t*)0x20011ffc = (uint8_t)0x0;
		*(uint8_t*)0x20011ffd = (uint8_t)0x0;
		*(uint8_t*)0x20011ffe = (uint8_t)0x0;
		*(uint8_t*)0x20011fff = (uint8_t)0x0;
		r[135] = syscall(SYS_ioctl, r[68], 0x40505412ul, 0x20011fb0ul, 0, 0, 0);
		break;
	case 5:
		*(uint32_t*)0x20000000 = (uint32_t)0x1;
		*(uint32_t*)0x20000004 = (uint32_t)0x7;
		*(uint32_t*)0x20000008 = (uint32_t)0x3;
		*(uint32_t*)0x2000000c = (uint32_t)0x0;
		*(uint32_t*)0x20000010 = (uint32_t)0x0;
		*(uint8_t*)0x20000014 = (uint8_t)0x0;
		*(uint8_t*)0x20000015 = (uint8_t)0x0;
		*(uint8_t*)0x20000016 = (uint8_t)0x0;
		*(uint8_t*)0x20000017 = (uint8_t)0x0;
		*(uint8_t*)0x20000018 = (uint8_t)0x0;
		*(uint8_t*)0x20000019 = (uint8_t)0x0;
		*(uint8_t*)0x2000001a = (uint8_t)0x0;
		*(uint8_t*)0x2000001b = (uint8_t)0x0;
		*(uint8_t*)0x2000001c = (uint8_t)0x0;
		*(uint8_t*)0x2000001d = (uint8_t)0x0;
		*(uint8_t*)0x2000001e = (uint8_t)0x0;
		*(uint8_t*)0x2000001f = (uint8_t)0x0;
		*(uint8_t*)0x20000020 = (uint8_t)0x0;
		*(uint8_t*)0x20000021 = (uint8_t)0x0;
		*(uint8_t*)0x20000022 = (uint8_t)0x0;
		*(uint8_t*)0x20000023 = (uint8_t)0x0;
		*(uint8_t*)0x20000024 = (uint8_t)0x0;
		*(uint8_t*)0x20000025 = (uint8_t)0x0;
		*(uint8_t*)0x20000026 = (uint8_t)0x0;
		*(uint8_t*)0x20000027 = (uint8_t)0x0;
		*(uint8_t*)0x20000028 = (uint8_t)0x0;
		*(uint8_t*)0x20000029 = (uint8_t)0x0;
		*(uint8_t*)0x2000002a = (uint8_t)0x0;
		*(uint8_t*)0x2000002b = (uint8_t)0x0;
		*(uint8_t*)0x2000002c = (uint8_t)0x0;
		*(uint8_t*)0x2000002d = (uint8_t)0x0;
		*(uint8_t*)0x2000002e = (uint8_t)0x0;
		*(uint8_t*)0x2000002f = (uint8_t)0x0;
		*(uint8_t*)0x20000030 = (uint8_t)0x0;
		*(uint8_t*)0x20000031 = (uint8_t)0x0;
		*(uint8_t*)0x20000032 = (uint8_t)0x0;
		*(uint8_t*)0x20000033 = (uint8_t)0x0;
		r[173] = syscall(SYS_ioctl, r[68], 0x40345410ul, 0x20000000ul, 0, 0, 0);
		break;
	case 6:
		r[174] = syscall(SYS_ioctl, r[68], 0x54a0ul, 0, 0, 0, 0);
		break;
	case 7:
		r[175] = syscall(SYS_mmap, 0x20011000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);
		break;
	case 8:
		*(uint32_t*)0x20011f08 = (uint32_t)0x9;
		*(uint32_t*)0x20011f0c = (uint32_t)0x87a;
		*(uint32_t*)0x20011f10 = (uint32_t)0x9;
		*(uint32_t*)0x20011f14 = (uint32_t)0x6f0a;
		*(uint32_t*)0x20011f18 = (uint32_t)0x4;
		*(uint32_t*)0x20011f1c = (uint32_t)0x3;
		*(uint32_t*)0x20011f20 = (uint32_t)0xf5;
		*(uint8_t*)0x20011f24 = (uint8_t)0x3;
		*(uint8_t*)0x20011f25 = (uint8_t)0x56;
		*(uint8_t*)0x20011f26 = (uint8_t)0x9e1a;
		*(uint8_t*)0x20011f27 = (uint8_t)0x2;
		*(uint8_t*)0x20011f28 = (uint8_t)0x5;
		*(uint8_t*)0x20011f29 = (uint8_t)0x3;
		*(uint8_t*)0x20011f2a = (uint8_t)0xd8;
		*(uint8_t*)0x20011f2b = (uint8_t)0x8;
		*(uint8_t*)0x20011f2c = (uint8_t)0x0;
		*(uint8_t*)0x20011f2d = (uint8_t)0x5;
		*(uint8_t*)0x20011f2e = (uint8_t)0xfffffffffffffffb;
		*(uint8_t*)0x20011f2f = (uint8_t)0x2;
		*(uint8_t*)0x20011f30 = (uint8_t)0xfffffffffffffff7;
		*(uint8_t*)0x20011f31 = (uint8_t)0x2;
		*(uint8_t*)0x20011f32 = (uint8_t)0x1;
		*(uint8_t*)0x20011f33 = (uint8_t)0x3;
		*(uint8_t*)0x20011f34 = (uint8_t)0x2;
		*(uint8_t*)0x20011f35 = (uint8_t)0x4f4;
		*(uint8_t*)0x20011f36 = (uint8_t)0x6;
		*(uint8_t*)0x20011f37 = (uint8_t)0x0;
		*(uint8_t*)0x20011f38 = (uint8_t)0x8;
		*(uint8_t*)0x20011f39 = (uint8_t)0x2;
		*(uint8_t*)0x20011f3a = (uint8_t)0x9;
		*(uint8_t*)0x20011f3b = (uint8_t)0x4b5;
		*(uint8_t*)0x20011f3c = (uint8_t)0xfffffffffffffffc;
		*(uint8_t*)0x20011f3d = (uint8_t)0x7;
		*(uint8_t*)0x20011f3e = (uint8_t)0x64f;
		*(uint8_t*)0x20011f3f = (uint8_t)0x7;
		*(uint8_t*)0x20011f40 = (uint8_t)0x6;
		*(uint8_t*)0x20011f41 = (uint8_t)0x3;
		*(uint8_t*)0x20011f42 = (uint8_t)0xff09;
		*(uint8_t*)0x20011f43 = (uint8_t)0x3;
		*(uint8_t*)0x20011f44 = (uint8_t)0x6;
		*(uint8_t*)0x20011f45 = (uint8_t)0x0;
		*(uint8_t*)0x20011f46 = (uint8_t)0x9;
		*(uint8_t*)0x20011f47 = (uint8_t)0x9;
		*(uint8_t*)0x20011f48 = (uint8_t)0xfffffffffffffffe;
		*(uint8_t*)0x20011f49 = (uint8_t)0x2;
		*(uint8_t*)0x20011f4a = (uint8_t)0x7;
		*(uint8_t*)0x20011f4b = (uint8_t)0x53;
		*(uint8_t*)0x20011f4c = (uint8_t)0x3;
		*(uint8_t*)0x20011f4d = (uint8_t)0xea;
		*(uint8_t*)0x20011f4e = (uint8_t)0x3;
		*(uint8_t*)0x20011f4f = (uint8_t)0x3;
		*(uint8_t*)0x20011f50 = (uint8_t)0x0;
		*(uint8_t*)0x20011f51 = (uint8_t)0x8;
		*(uint8_t*)0x20011f52 = (uint8_t)0x8;
		*(uint8_t*)0x20011f53 = (uint8_t)0x7;
		*(uint8_t*)0x20011f54 = (uint8_t)0xfdc1;
		*(uint8_t*)0x20011f55 = (uint8_t)0x7;
		*(uint8_t*)0x20011f56 = (uint8_t)0x3;
		*(uint8_t*)0x20011f57 = (uint8_t)0x3;
		*(uint8_t*)0x20011f58 = (uint8_t)0x7d;
		*(uint8_t*)0x20011f59 = (uint8_t)0x7;
		*(uint8_t*)0x20011f5a = (uint8_t)0xfffffffffffffffd;
		*(uint8_t*)0x20011f5b = (uint8_t)0x5;
		*(uint8_t*)0x20011f5c = (uint8_t)0x3d;
		*(uint8_t*)0x20011f5d = (uint8_t)0x7;
		*(uint8_t*)0x20011f5e = (uint8_t)0x2;
		*(uint8_t*)0x20011f5f = (uint8_t)0x0;
		*(uint8_t*)0x20011f60 = (uint8_t)0x34;
		*(uint8_t*)0x20011f61 = (uint8_t)0x3;
		*(uint8_t*)0x20011f62 = (uint8_t)0x9;
		*(uint8_t*)0x20011f63 = (uint8_t)0xffffffffffffff71;
		*(uint8_t*)0x20011f64 = (uint8_t)0x2;
		*(uint8_t*)0x20011f65 = (uint8_t)0x1834;
		*(uint8_t*)0x20011f66 = (uint8_t)0x0;
		*(uint8_t*)0x20011f67 = (uint8_t)0x6;
		*(uint8_t*)0x20011f68 = (uint8_t)0x0;
		*(uint8_t*)0x20011f69 = (uint8_t)0x7;
		*(uint8_t*)0x20011f6a = (uint8_t)0x2;
		*(uint8_t*)0x20011f6b = (uint8_t)0x5;
		*(uint8_t*)0x20011f6c = (uint8_t)0x5;
		*(uint8_t*)0x20011f6d = (uint8_t)0x7;
		*(uint8_t*)0x20011f6e = (uint8_t)0xfffffffffffffff9;
		*(uint8_t*)0x20011f6f = (uint8_t)0x3;
		*(uint8_t*)0x20011f70 = (uint8_t)0xfffffffffffffff7;
		*(uint8_t*)0x20011f71 = (uint8_t)0x8;
		*(uint8_t*)0x20011f72 = (uint8_t)0x7;
		*(uint8_t*)0x20011f73 = (uint8_t)0xb20;
		*(uint8_t*)0x20011f74 = (uint8_t)0xfffffffffffffffa;
		*(uint8_t*)0x20011f75 = (uint8_t)0x7;
		*(uint8_t*)0x20011f76 = (uint8_t)0x6;
		*(uint8_t*)0x20011f77 = (uint8_t)0x3;
		*(uint8_t*)0x20011f78 = (uint8_t)0x2;
		*(uint8_t*)0x20011f79 = (uint8_t)0xffffffffffffffff;
		*(uint8_t*)0x20011f7a = (uint8_t)0x1;
		*(uint8_t*)0x20011f7b = (uint8_t)0x6;
		*(uint8_t*)0x20011f7c = (uint8_t)0x20f;
		*(uint8_t*)0x20011f7d = (uint8_t)0x9;
		*(uint8_t*)0x20011f7e = (uint8_t)0x4;
		*(uint8_t*)0x20011f7f = (uint8_t)0xa469;
		*(uint8_t*)0x20011f80 = (uint8_t)0x7;
		*(uint8_t*)0x20011f81 = (uint8_t)0x5;
		*(uint8_t*)0x20011f82 = (uint8_t)0xb8b;
		*(uint8_t*)0x20011f83 = (uint8_t)0x2;
		*(uint8_t*)0x20011f84 = (uint8_t)0x5;
		*(uint8_t*)0x20011f85 = (uint8_t)0xfffffffffffffffb;
		*(uint8_t*)0x20011f86 = (uint8_t)0x4;
		*(uint8_t*)0x20011f87 = (uint8_t)0x6a;
		*(uint8_t*)0x20011f88 = (uint8_t)0x5;
		*(uint8_t*)0x20011f89 = (uint8_t)0xfffffffffffffe90;
		*(uint8_t*)0x20011f8a = (uint8_t)0x9;
		*(uint8_t*)0x20011f8b = (uint8_t)0x4;
		*(uint8_t*)0x20011f8c = (uint8_t)0xfffffffffffffff7;
		*(uint8_t*)0x20011f8d = (uint8_t)0x9;
		*(uint8_t*)0x20011f8e = (uint8_t)0x1;
		*(uint8_t*)0x20011f8f = (uint8_t)0x4;
		*(uint8_t*)0x20011f90 = (uint8_t)0x5;
		*(uint8_t*)0x20011f91 = (uint8_t)0x8;
		*(uint8_t*)0x20011f92 = (uint8_t)0x8;
		*(uint8_t*)0x20011f93 = (uint8_t)0x2;
		*(uint8_t*)0x20011f94 = (uint8_t)0x0;
		*(uint8_t*)0x20011f95 = (uint8_t)0x99c;
		*(uint8_t*)0x20011f96 = (uint8_t)0x7;
		*(uint8_t*)0x20011f97 = (uint8_t)0x4;
		*(uint8_t*)0x20011f98 = (uint8_t)0x0;
		*(uint8_t*)0x20011f99 = (uint8_t)0x701;
		*(uint8_t*)0x20011f9a = (uint8_t)0xfffffffffffffffa;
		*(uint8_t*)0x20011f9b = (uint8_t)0x0;
		*(uint8_t*)0x20011f9c = (uint8_t)0x7;
		*(uint8_t*)0x20011f9d = (uint8_t)0x1;
		*(uint8_t*)0x20011f9e = (uint8_t)0x6;
		*(uint8_t*)0x20011f9f = (uint8_t)0x8;
		*(uint8_t*)0x20011fa0 = (uint8_t)0x1;
		*(uint8_t*)0x20011fa1 = (uint8_t)0x2;
		*(uint8_t*)0x20011fa2 = (uint8_t)0x8;
		*(uint8_t*)0x20011fa3 = (uint8_t)0x1;
		*(uint8_t*)0x20011fa4 = (uint8_t)0x6;
		*(uint8_t*)0x20011fa5 = (uint8_t)0x66;
		*(uint8_t*)0x20011fa6 = (uint8_t)0xffffffffffffabfa;
		*(uint8_t*)0x20011fa7 = (uint8_t)0x61f8;
		*(uint8_t*)0x20011fa8 = (uint8_t)0x7;
		*(uint8_t*)0x20011fa9 = (uint8_t)0x9;
		*(uint8_t*)0x20011faa = (uint8_t)0x5;
		*(uint8_t*)0x20011fab = (uint8_t)0x0;
		*(uint8_t*)0x20011fac = (uint8_t)0x0;
		*(uint8_t*)0x20011fad = (uint8_t)0x4;
		*(uint8_t*)0x20011fae = (uint8_t)0x7;
		*(uint8_t*)0x20011faf = (uint8_t)0x0;
		*(uint8_t*)0x20011fb0 = (uint8_t)0x3;
		*(uint8_t*)0x20011fb1 = (uint8_t)0x3;
		*(uint8_t*)0x20011fb2 = (uint8_t)0x9;
		*(uint8_t*)0x20011fb3 = (uint8_t)0x2;
		*(uint64_t*)0x20011fb8 = (uint64_t)0x0;
		*(uint64_t*)0x20011fc0 = (uint64_t)0xdc;
		*(uint64_t*)0x20011fc8 = (uint64_t)0x1;
		*(uint64_t*)0x20011fd0 = (uint64_t)0x3;
		*(uint32_t*)0x20011fd8 = (uint32_t)0x0;
		*(uint8_t*)0x20011fdc = (uint8_t)0x0;
		*(uint8_t*)0x20011fdd = (uint8_t)0x0;
		*(uint8_t*)0x20011fde = (uint8_t)0x0;
		*(uint8_t*)0x20011fdf = (uint8_t)0x0;
		*(uint8_t*)0x20011fe0 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe1 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe2 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe3 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe4 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe5 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe6 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe7 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe8 = (uint8_t)0x0;
		*(uint8_t*)0x20011fe9 = (uint8_t)0x0;
		*(uint8_t*)0x20011fea = (uint8_t)0x0;
		*(uint8_t*)0x20011feb = (uint8_t)0x0;
		*(uint8_t*)0x20011fec = (uint8_t)0x0;
		*(uint8_t*)0x20011fed = (uint8_t)0x0;
		*(uint8_t*)0x20011fee = (uint8_t)0x0;
		*(uint8_t*)0x20011fef = (uint8_t)0x0;
		*(uint8_t*)0x20011ff0 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff1 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff2 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff3 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff4 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff5 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff6 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff7 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff8 = (uint8_t)0x0;
		*(uint8_t*)0x20011ff9 = (uint8_t)0x0;
		*(uint8_t*)0x20011ffa = (uint8_t)0x0;
		*(uint8_t*)0x20011ffb = (uint8_t)0x0;
		r[364] = syscall(SYS_ioctl, r[68], 0xc0f85403ul, 0x20011f08ul, 0, 0, 0);
		break;
	case 9:
		r[365] = syscall(SYS_ioctl, r[68], 0x54a2ul, 0, 0, 0, 0);
		break;
	case 10:
		r[366] = syscall(SYS_ioctl, r[68], 0x54a1ul, 0, 0, 0, 0);
		break;
	}
	return 0;
}

int main()
{
	long i;
	pthread_t th[11];

	memset(r, -1, sizeof(r));
	for (i = 0; i < 11; i++) {
		pthread_create(&th[i], 0, thr, (void*)i);
		usleep(10000);
	}
	usleep(100000);
	return 0;
}