// https://syzkaller.appspot.com/bug?id=004b0f7b61d4901cbfecfc33de7996e8cbe0a278
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

uint64_t r[1] = {0xffffffffffffffff};
void loop()
{
  long res = 0;
  res = syscall(__NR_socket, 0x2b, 1, 0);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20007000 = 0x20000080;
  *(uint16_t*)0x20000080 = 0x27;
  *(uint32_t*)0x20000084 = 1;
  *(uint32_t*)0x20000088 = 1;
  *(uint32_t*)0x2000008c = 3;
  *(uint8_t*)0x20000090 = 5;
  *(uint8_t*)0x20000091 = 0x42;
  memcpy((void*)0x20000092,
         "\xe7\x0a\x90\x4f\xb6\xfe\x68\x55\xca\xb4\x48\xb7\x08\x08\x73\xd4\x4f"
         "\x69\x24\xf2\x37\x91\xaa\x4f\x7d\x65\x23\x09\x0d\xf3\x77\x06\x7f\x63"
         "\x67\xd6\x9d\x12\x5f\x53\x71\x1a\x64\xee\x81\x9b\x1b\x4c\x48\x92\x21"
         "\x09\x51\xd6\x4c\xf7\x59\x48\x84\xb8\xa1\xb7\xab",
         63);
  *(uint64_t*)0x200000d8 = 0x17;
  *(uint32_t*)0x20007008 = 0x60;
  *(uint64_t*)0x20007010 = 0x20000000;
  *(uint64_t*)0x20000000 = 0x20000100;
  *(uint64_t*)0x20000008 = 0;
  *(uint64_t*)0x20000010 = 0x20000200;
  *(uint64_t*)0x20000018 = 0;
  *(uint64_t*)0x20000020 = 0x200002c0;
  *(uint64_t*)0x20000028 = 0;
  *(uint64_t*)0x20007018 = 3;
  *(uint64_t*)0x20007020 = 0;
  *(uint64_t*)0x20007028 = 0;
  *(uint32_t*)0x20007030 = 0x4008044;
  *(uint64_t*)0x20007038 = 0x20000380;
  *(uint16_t*)0x20000380 = 0x27;
  *(uint32_t*)0x20000384 = 1;
  *(uint32_t*)0x20000388 = 1;
  *(uint32_t*)0x2000038c = 5;
  *(uint8_t*)0x20000390 = 1;
  *(uint8_t*)0x20000391 = 0x79;
  memcpy((void*)0x20000392,
         "\x36\x54\x2a\x8e\x4f\x2a\x83\x81\xc7\x4c\x7a\x40\x26\x45\x9d\xa3\x05"
         "\x7e\xdc\x87\xe7\x50\xfa\x44\xf3\xf5\x32\x5d\xf1\x3d\x7f\xee\x01\x41"
         "\x8b\xa5\x64\x08\x6c\x92\x55\xc5\x2f\xee\x6a\x70\x96\xb1\x32\x02\x6d"
         "\xe1\x9e\x6f\xa9\xeb\x0b\xef\xef\x35\x60\x2f\xc6",
         63);
  *(uint64_t*)0x200003d8 = 0x36;
  *(uint32_t*)0x20007040 = 0x60;
  *(uint64_t*)0x20007048 = 0x200016c0;
  *(uint64_t*)0x200016c0 = 0x20000400;
  *(uint64_t*)0x200016c8 = 0;
  *(uint64_t*)0x200016d0 = 0x20000480;
  *(uint64_t*)0x200016d8 = 0;
  *(uint64_t*)0x200016e0 = 0x20000580;
  *(uint64_t*)0x200016e8 = 0;
  *(uint64_t*)0x200016f0 = 0x200005c0;
  *(uint64_t*)0x200016f8 = 0;
  *(uint64_t*)0x20001700 = 0x200006c0;
  *(uint64_t*)0x20001708 = 0;
  *(uint64_t*)0x20007050 = 5;
  *(uint64_t*)0x20007058 = 0x20001740;
  *(uint64_t*)0x20001740 = 0x10;
  *(uint32_t*)0x20001748 = 0x115;
  *(uint32_t*)0x2000174c = 0x80000001;
  *(uint64_t*)0x20007060 = 0x10;
  *(uint32_t*)0x20007068 = 0x4000;
  *(uint64_t*)0x20007070 = 0x20001780;
  *(uint16_t*)0x20001780 = 0x27;
  *(uint32_t*)0x20001784 = 0;
  *(uint32_t*)0x20001788 = 0;
  *(uint32_t*)0x2000178c = 2;
  *(uint8_t*)0x20001790 = 0x95;
  *(uint8_t*)0x20001791 = 4;
  memcpy((void*)0x20001792,
         "\x3d\xcf\x6c\x0d\x42\x34\xc4\xdb\x4e\x5e\x55\x3e\x5f\x71\xc5\x3b\x13"
         "\x6d\x28\x80\x54\x59\xdc\x96\xa1\x1d\x84\x1f\x58\x5f\x7d\x16\xb9\x5e"
         "\x4a\x0d\xa0\xba\xe5\x14\x0f\x11\xc4\xfc\x7f\xd8\x13\xa2\x0c\xc4\xd5"
         "\xc6\x43\x1b\xb9\x6d\xfe\x08\x69\x13\xa2\x74\xb9",
         63);
  *(uint64_t*)0x200017d8 = 0x17;
  *(uint32_t*)0x20007078 = 0x60;
  *(uint64_t*)0x20007080 = 0x20001940;
  *(uint64_t*)0x20001940 = 0x20001800;
  *(uint64_t*)0x20001948 = 0;
  *(uint64_t*)0x20001950 = 0x20001900;
  *(uint64_t*)0x20001958 = 0;
  *(uint64_t*)0x20007088 = 2;
  *(uint64_t*)0x20007090 = 0x20001980;
  *(uint64_t*)0x20007098 = 0;
  *(uint32_t*)0x200070a0 = 0x80;
  *(uint64_t*)0x200070a8 = 0x20001a80;
  *(uint16_t*)0x20001a80 = 0x27;
  *(uint32_t*)0x20001a84 = 0;
  *(uint32_t*)0x20001a88 = 0;
  *(uint32_t*)0x20001a8c = 7;
  *(uint8_t*)0x20001a90 = 6;
  *(uint8_t*)0x20001a91 = 0x60;
  memcpy((void*)0x20001a92,
         "\x44\x81\x50\x0b\x64\x1d\x15\x0a\xbf\x72\xa6\x17\xd7\x5d\xf8\xa2\x20"
         "\x44\xe5\xbb\x8c\x80\x43\x30\x7f\x5b\xca\x41\x85\x5c\xfe\x64\x59\xbe"
         "\x75\x85\xff\x81\x15\x5e\x2d\xa3\x83\xdb\x7b\x1f\xa5\x7d\xfb\x4c\x35"
         "\x89\x98\x3a\x30\x7a\xe7\x6d\x8e\xa9\xf4\x87\x92",
         63);
  *(uint64_t*)0x20001ad8 = 0x35;
  *(uint32_t*)0x200070b0 = 0x60;
  *(uint64_t*)0x200070b8 = 0x20001e40;
  *(uint64_t*)0x20001e40 = 0x20001b00;
  *(uint64_t*)0x20001e48 = 0;
  *(uint64_t*)0x20001e50 = 0x20001b80;
  *(uint64_t*)0x20001e58 = 0;
  *(uint64_t*)0x20001e60 = 0x20001c00;
  *(uint64_t*)0x20001e68 = 0;
  *(uint64_t*)0x20001e70 = 0x20001d00;
  *(uint64_t*)0x20001e78 = 0;
  *(uint64_t*)0x20001e80 = 0x20001d40;
  *(uint64_t*)0x20001e88 = 0;
  *(uint64_t*)0x200070c0 = 5;
  *(uint64_t*)0x200070c8 = 0x20001ec0;
  *(uint64_t*)0x20001ec0 = 0x10;
  *(uint32_t*)0x20001ec8 = 0x105;
  *(uint32_t*)0x20001ecc = 4;
  *(uint64_t*)0x200070d0 = 0x10;
  *(uint32_t*)0x200070d8 = 1;
  *(uint64_t*)0x200070e0 = 0x20001f40;
  *(uint16_t*)0x20001f40 = 0x27;
  *(uint32_t*)0x20001f44 = 0;
  *(uint32_t*)0x20001f48 = 1;
  *(uint32_t*)0x20001f4c = 5;
  *(uint8_t*)0x20001f50 = 3;
  *(uint8_t*)0x20001f51 = 0xa0;
  memcpy((void*)0x20001f52,
         "\x87\xa1\xad\x49\x5a\x49\x37\xf7\x8e\xa1\x3a\x57\x09\xdd\xef\x00\x7a"
         "\x4e\xa6\x85\x64\x3c\x2a\x93\xab\x04\xcb\xd2\xe0\x50\x43\xb3\x7d\xc3"
         "\x03\x5b\x1e\xe7\xed\xec\x0d\x69\x26\x70\x47\x04\x21\xff\xa2\x94\xee"
         "\xd6\xc0\xfc\xce\x32\x08\xfd\xee\x80\x80\xa1\x64",
         63);
  *(uint64_t*)0x20001f98 = 0x11;
  *(uint32_t*)0x200070e8 = 0x60;
  *(uint64_t*)0x200070f0 = 0x20002000;
  *(uint64_t*)0x20002000 = 0x20001fc0;
  *(uint64_t*)0x20002008 = 0;
  *(uint64_t*)0x200070f8 = 1;
  *(uint64_t*)0x20007100 = 0x20002040;
  *(uint64_t*)0x20002040 = 0x10;
  *(uint32_t*)0x20002048 = 0x29;
  *(uint32_t*)0x2000204c = 0x1f;
  *(uint64_t*)0x20007108 = 0x10;
  *(uint32_t*)0x20007110 = 0x40001;
  *(uint64_t*)0x20007118 = 0x200020c0;
  *(uint16_t*)0x200020c0 = 0x27;
  *(uint32_t*)0x200020c4 = 0;
  *(uint32_t*)0x200020c8 = 1;
  *(uint32_t*)0x200020cc = 3;
  *(uint8_t*)0x200020d0 = 0;
  *(uint8_t*)0x200020d1 = 8;
  memcpy((void*)0x200020d2,
         "\xa5\xa4\x38\x2b\xb1\x5d\x6d\x9a\xf3\x3a\x47\x21\x97\xd0\x46\x9d\xe9"
         "\xdc\x49\xf9\x6f\x3b\x04\xf2\xf5\x92\x0c\x46\x68\x13\xad\xe2\xf7\xa4"
         "\x79\xca\x27\x28\xaf\xb6\x04\x9a\x26\xdc\x78\x98\xd2\x62\xcc\x46\xe1"
         "\xe5\x03\x7d\x0e\x78\xc6\x23\x2c\x42\xa4\x37\xb6",
         63);
  *(uint64_t*)0x20002118 = 1;
  *(uint32_t*)0x20007120 = 0x60;
  *(uint64_t*)0x20007128 = 0x20004600;
  *(uint64_t*)0x20004600 = 0x20002140;
  *(uint64_t*)0x20004608 = 0;
  *(uint64_t*)0x20004610 = 0x200021c0;
  *(uint64_t*)0x20004618 = 0;
  *(uint64_t*)0x20004620 = 0x20002280;
  *(uint64_t*)0x20004628 = 0;
  *(uint64_t*)0x20004630 = 0x20002380;
  *(uint64_t*)0x20004638 = 0;
  *(uint64_t*)0x20004640 = 0x20003380;
  *(uint64_t*)0x20004648 = 0;
  *(uint64_t*)0x20004650 = 0x20003440;
  *(uint64_t*)0x20004658 = 0;
  *(uint64_t*)0x20004660 = 0x20004440;
  *(uint64_t*)0x20004668 = 0;
  *(uint64_t*)0x20004670 = 0x20004500;
  *(uint64_t*)0x20004678 = 0;
  *(uint64_t*)0x20007130 = 8;
  *(uint64_t*)0x20007138 = 0;
  *(uint64_t*)0x20007140 = 0;
  *(uint32_t*)0x20007148 = 0x40000;
  *(uint64_t*)0x20007150 = 0x20004680;
  *(uint16_t*)0x20004680 = 0x27;
  *(uint32_t*)0x20004684 = 0;
  *(uint32_t*)0x20004688 = 0;
  *(uint32_t*)0x2000468c = 7;
  *(uint8_t*)0x20004690 = 2;
  *(uint8_t*)0x20004691 = 0;
  memcpy((void*)0x20004692,
         "\x26\xa5\xfa\xd8\x7d\x29\xad\x3d\x2c\x19\x1d\x11\x54\x14\x84\xdd\xea"
         "\x1a\x43\x73\x7b\x26\x3c\xe7\x1c\xaa\xef\x76\x18\xfc\xd9\xd8\xdc\xcf"
         "\x5b\x42\x8c\xd0\x59\x27\x61\xfd\x90\x35\xa9\x2f\x3e\xf2\xae\x1e\xd7"
         "\x2d\x62\xd0\x1e\xb8\x03\xfe\x0f\xb0\x78\x54\x6c",
         63);
  *(uint64_t*)0x200046d8 = 0x16;
  *(uint32_t*)0x20007158 = 0x60;
  *(uint64_t*)0x20007160 = 0x200069c0;
  *(uint64_t*)0x200069c0 = 0x20004700;
  *(uint64_t*)0x200069c8 = 0;
  *(uint64_t*)0x200069d0 = 0x20005700;
  *(uint64_t*)0x200069d8 = 0;
  *(uint64_t*)0x200069e0 = 0x200057c0;
  *(uint64_t*)0x200069e8 = 0;
  *(uint64_t*)0x200069f0 = 0x200058c0;
  *(uint64_t*)0x200069f8 = 0;
  *(uint64_t*)0x20006a00 = 0x200059c0;
  *(uint64_t*)0x20006a08 = 0;
  *(uint64_t*)0x20007168 = 5;
  *(uint64_t*)0x20007170 = 0x20006a40;
  *(uint64_t*)0x20006a40 = 0x10;
  *(uint32_t*)0x20006a48 = 0x29;
  *(uint32_t*)0x20006a4c = 9;
  *(uint64_t*)0x20007178 = 0x10;
  *(uint32_t*)0x20007180 = 0x10;
  *(uint64_t*)0x20007188 = 0x20006ac0;
  *(uint16_t*)0x20006ac0 = 0x27;
  *(uint32_t*)0x20006ac4 = 0;
  *(uint32_t*)0x20006ac8 = 0;
  *(uint32_t*)0x20006acc = 7;
  *(uint8_t*)0x20006ad0 = -1;
  *(uint8_t*)0x20006ad1 = 4;
  memcpy((void*)0x20006ad2,
         "\x1e\x75\x88\xd4\x92\x6b\x86\xab\x8a\x0b\xd3\x6d\x4d\x40\x0a\x46\xc4"
         "\x1e\x88\xc0\x5c\x64\xf8\xba\x30\x7f\x9a\x8d\xf5\x54\x4e\x76\xc7\xeb"
         "\xa8\xd5\x81\xd8\x1f\x02\xc6\x82\x1f\xd0\xc3\x08\xdb\x5f\xe2\xd9\xef"
         "\x35\x1b\x77\xf4\xf1\x36\xf6\xfc\x99\xcc\x0e\x2d",
         63);
  *(uint64_t*)0x20006b18 = 6;
  *(uint32_t*)0x20007190 = 0x60;
  *(uint64_t*)0x20007198 = 0x20006ec0;
  *(uint64_t*)0x20006ec0 = 0x20006b40;
  *(uint64_t*)0x20006ec8 = 0;
  *(uint64_t*)0x20006ed0 = 0x20006b80;
  *(uint64_t*)0x20006ed8 = 0;
  *(uint64_t*)0x20006ee0 = 0x20006c80;
  *(uint64_t*)0x20006ee8 = 0;
  *(uint64_t*)0x20006ef0 = 0x20006d80;
  *(uint64_t*)0x20006ef8 = 0;
  *(uint64_t*)0x20006f00 = 0x20006e80;
  *(uint64_t*)0x20006f08 = 0;
  *(uint64_t*)0x200071a0 = 5;
  *(uint64_t*)0x200071a8 = 0x20006f40;
  *(uint64_t*)0x20006f40 = 0x10;
  *(uint32_t*)0x20006f48 = 0x10a;
  *(uint32_t*)0x20006f4c = 2;
  *(uint64_t*)0x200071b0 = 0x10;
  *(uint32_t*)0x200071b8 = 0x4000000;
  syscall(__NR_sendmmsg, r[0], 0x20007000, 8, 0x20000001);
}

int main()
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  loop();
  return 0;
}