// https://syzkaller.appspot.com/bug?id=87fed950dc8e3a0e4863cba188bfb5e4e6d12b34
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  intptr_t res = 0;
  res = syscall(__NR_socket, 0x10, 3, 0);
  if (res != -1)
    r[0] = res;
  memcpy((void*)0x20000300, "dummy0\000\000\000\000\000\000\000\000\000\000",
         16);
  *(uint32_t*)0x20000310 = 0;
  res = syscall(__NR_ioctl, r[0], 0x8933, 0x20000300);
  if (res != -1)
    r[1] = *(uint32_t*)0x20000310;
  *(uint64_t*)0x20000280 = 0;
  *(uint32_t*)0x20000288 = 0;
  *(uint64_t*)0x20000290 = 0x20000000;
  *(uint64_t*)0x20000000 = 0x20000340;
  memcpy((void*)0x20000340, "\x38\x00\x00\x00\x13\x00\x01\x00\x00\x00\x00\x00"
                            "\x00\x00\x00\x00\x00\x00\x00\x00",
         20);
  *(uint32_t*)0x20000354 = r[1];
  memcpy((void*)0x20000358,
         "\x00\x00\x00\x00\x00\x00\x00\x00\x18\x00\x16\x00\x14\x00\x01\x00\x10"
         "\x00\x06\x00\x55\xee\x0b\xd2\x08\xf1\x05\x70\x00\x00\x00\x00\xba\x5a"
         "\x9e\xfb\x12\xfd\xe9\xf3\xc0\x01\xbe\xed\x71\xfd\x66\x02\x2d\x01\xe8"
         "\xfe\x56\xee\x20\x61\xd0\xb2\xc6\x1a\x22\xb8\xfd\x54\x11\x2d\x00\x09"
         "\xa9\xab\x48\xa9\xb7\x35\x76\xa5\xae\x80\x6a\x12\xe6\x37\x0b\x86\xe1"
         "\xb2\x69\x6f\x02\xa7\x12\x59\x56\x08\xd5\x39\xa4\x50\xfd\xd3\x4c\x5c"
         "\x3d\x44\xe5\x04\x88\xf0\xbf\x4a\x2d\x2c\xf3\x45\xcd\xe7\x64\xa2\x33"
         "\x64\x56\xd0\xd0\xb6\xe3\x74\x60\x24\xe8\x64\x9f\xad\xb2\xec\x14\x02"
         "\xf7\x1d\x84\x47\x41\xdd\xd5\xe1\xb0\x6a\x42\x18\xec\x3c\x74\x1e\xdd"
         "\x7b\x6d\x03\x01\xfb\x62\xa1\xfa\xf6\x2e\xfc\x6e\x66\xeb\x30\x6d\x5e"
         "\x53\xe5\x12\x62\x8a\x28\x27\x12\xb0\x02\x08\xae\xbe\xf1\x82\x98\x52"
         "\x60\xc5\x5a\x37\x1b\x88\x98\x6e\x80\x42\xe3\x5d\x76\x2f\x3e\x9b\x27"
         "\x49\x5e\xd6\x98\x50\x9c\x51\x4e\x8d\x76\xa4\x8f\x08",
         217);
  *(uint64_t*)0x20000008 = 0x38;
  *(uint64_t*)0x20000298 = 1;
  *(uint64_t*)0x200002a0 = 0;
  *(uint64_t*)0x200002a8 = 0;
  *(uint32_t*)0x200002b0 = 0;
  syscall(__NR_sendmsg, r[0], 0x20000280, 0);
  return 0;
}