// https://syzkaller.appspot.com/bug?id=fa551e80818a9ef8f55c0c90cdacad1fcf141496
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <sys/syscall.h>
#include <unistd.h>

#include <stdint.h>
#include <string.h>

long r[42];
void loop()
{
  memset(r, -1, sizeof(r));
  r[0] = syscall(__NR_mmap, 0x20000000ul, 0xfff000ul, 0x3ul, 0x32ul,
                 0xfffffffffffffffful, 0x0ul);
  r[1] = syscall(__NR_socket, 0x40000000015ul, 0x5ul, 0x0ul);
  *(uint16_t*)0x20ecdff0 = (uint16_t)0x2;
  *(uint16_t*)0x20ecdff2 = (uint16_t)0x204e;
  *(uint32_t*)0x20ecdff4 = (uint32_t)0x100007f;
  *(uint8_t*)0x20ecdff8 = (uint8_t)0x0;
  *(uint8_t*)0x20ecdff9 = (uint8_t)0x0;
  *(uint8_t*)0x20ecdffa = (uint8_t)0x0;
  *(uint8_t*)0x20ecdffb = (uint8_t)0x0;
  *(uint8_t*)0x20ecdffc = (uint8_t)0x0;
  *(uint8_t*)0x20ecdffd = (uint8_t)0x0;
  *(uint8_t*)0x20ecdffe = (uint8_t)0x0;
  *(uint8_t*)0x20ecdfff = (uint8_t)0x0;
  r[13] = syscall(__NR_bind, r[1], 0x20ecdff0ul, 0x10ul);
  *(uint16_t*)0x20fc4000 = (uint16_t)0x2;
  *(uint16_t*)0x20fc4002 = (uint16_t)0x204e;
  *(uint8_t*)0x20fc4004 = (uint8_t)0xac;
  *(uint8_t*)0x20fc4005 = (uint8_t)0x14;
  *(uint8_t*)0x20fc4006 = (uint8_t)0x0;
  *(uint8_t*)0x20fc4007 = (uint8_t)0xaa;
  *(uint8_t*)0x20fc4008 = (uint8_t)0x0;
  *(uint8_t*)0x20fc4009 = (uint8_t)0x0;
  *(uint8_t*)0x20fc400a = (uint8_t)0x0;
  *(uint8_t*)0x20fc400b = (uint8_t)0x0;
  *(uint8_t*)0x20fc400c = (uint8_t)0x0;
  *(uint8_t*)0x20fc400d = (uint8_t)0x0;
  *(uint8_t*)0x20fc400e = (uint8_t)0x0;
  *(uint8_t*)0x20fc400f = (uint8_t)0x0;
  r[28] = syscall(__NR_connect, r[1], 0x20fc4000ul, 0x10ul);
  *(uint64_t*)0x20159fc8 = (uint64_t)0x0;
  *(uint32_t*)0x20159fd0 = (uint32_t)0x0;
  *(uint64_t*)0x20159fd8 = (uint64_t)0x207f7000;
  *(uint64_t*)0x20159fe0 = (uint64_t)0x0;
  *(uint64_t*)0x20159fe8 = (uint64_t)0x20a23000;
  *(uint64_t*)0x20159ff0 = (uint64_t)0xa0;
  *(uint32_t*)0x20159ff8 = (uint32_t)0x0;
  *(uint64_t*)0x20a23000 = (uint64_t)0xa0;
  *(uint32_t*)0x20a23008 = (uint32_t)0x114;
  *(uint32_t*)0x20a2300c = (uint32_t)0x9;
  *(uint32_t*)0x20a23010 = (uint32_t)0x88;
  memcpy((void*)0x20a23014,
         "\x28\x57\x21\x29\x4f\x88\xf5\xfb\xc3\xc9\xf4\xa4\x62\x67\x6c"
         "\xe8\x6b\x68\x94\x8e\x4d\x6c\x2d\xa7\x67\x4b\xbf\xdb\x7b\x95"
         "\x11\x12\xea\x31\xbc\xae\x14\x09\x16\xbb\x50\x1a\x6a\x52\x89"
         "\xf2\x68\xae\x36\xbb\x68\x53\x3b\xaa\x72\x8e\x94\xb8\xef\x20"
         "\x7f\x70\xec\x42\xff\x62\x25\x88\x25\x6d\x56\xca\x6f\x64\x1f"
         "\xc1\x33\xbd\x3d\x4e\x05\xfb\x76\xbc\xd8\xce\x7d\x76\x3d\x37"
         "\xf3\x63\x09\x25\xb0\xbf\x84\x83\xbf\x44\x44\xfa\x52\xd5\x6a"
         "\x20\x31\x3c\x2c\x92\x0b\x7d\x05\x74\xe9\x71\xc2\x99\xbe\x6e"
         "\xd0\xab\x36\x9b\xbd\xd2\x86\x8f\xea\x96\xc2\x8f\xa4\x64\xab"
         "\x48",
         136);
  r[41] = syscall(__NR_sendmsg, r[1], 0x20159fc8ul, 0x0ul);
}

int main()
{
  loop();
  return 0;
}