// https://syzkaller.appspot.com/bug?id=77d9a62c6781d69dd833adc06ead030abc367218
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

uint64_t r[3] = {0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff};
void loop()
{
  long res = 0;
  res = syscall(__NR_socket, 2, 1, 0);
  if (res != -1)
    r[0] = res;
  memcpy((void*)0x20001d40,
         "\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
         16);
  *(uint16_t*)0x20001d50 = 0xfff;
  syscall(__NR_ioctl, r[0], 0x8914, 0x20001d40);
  res = syscall(__NR_socket, 0xa, 1, 0);
  if (res != -1)
    r[1] = res;
  res = syscall(__NR_socket, 0xa, 1, 0);
  if (res != -1)
    r[2] = res;
  *(uint16_t*)0x2012afe4 = 0xa;
  *(uint16_t*)0x2012afe6 = htobe16(0x4e22);
  *(uint32_t*)0x2012afe8 = 0;
  *(uint8_t*)0x2012afec = 0;
  *(uint8_t*)0x2012afed = 0;
  *(uint8_t*)0x2012afee = 0;
  *(uint8_t*)0x2012afef = 0;
  *(uint8_t*)0x2012aff0 = 0;
  *(uint8_t*)0x2012aff1 = 0;
  *(uint8_t*)0x2012aff2 = 0;
  *(uint8_t*)0x2012aff3 = 0;
  *(uint8_t*)0x2012aff4 = 0;
  *(uint8_t*)0x2012aff5 = 0;
  *(uint8_t*)0x2012aff6 = 0;
  *(uint8_t*)0x2012aff7 = 0;
  *(uint8_t*)0x2012aff8 = 0;
  *(uint8_t*)0x2012aff9 = 0;
  *(uint8_t*)0x2012affa = 0;
  *(uint8_t*)0x2012affb = 0;
  *(uint32_t*)0x2012affc = 0;
  syscall(__NR_bind, r[2], 0x2012afe4, 0x1c);
  syscall(__NR_listen, r[2], 0);
  *(uint16_t*)0x2031e000 = 0xa;
  *(uint16_t*)0x2031e002 = htobe16(0x4e22);
  *(uint32_t*)0x2031e004 = 0;
  *(uint8_t*)0x2031e008 = 0;
  *(uint8_t*)0x2031e009 = 0;
  *(uint8_t*)0x2031e00a = 0;
  *(uint8_t*)0x2031e00b = 0;
  *(uint8_t*)0x2031e00c = 0;
  *(uint8_t*)0x2031e00d = 0;
  *(uint8_t*)0x2031e00e = 0;
  *(uint8_t*)0x2031e00f = 0;
  *(uint8_t*)0x2031e010 = 0;
  *(uint8_t*)0x2031e011 = 0;
  *(uint8_t*)0x2031e012 = 0;
  *(uint8_t*)0x2031e013 = 0;
  *(uint8_t*)0x2031e014 = 0;
  *(uint8_t*)0x2031e015 = 0;
  *(uint8_t*)0x2031e016 = 0;
  *(uint8_t*)0x2031e017 = 0;
  *(uint32_t*)0x2031e018 = 0;
  syscall(__NR_sendto, r[1], 0x20eb9fff, 0xffffff31, 0x20000003, 0x2031e000,
          0x1c);
  syscall(__NR_mmap, 0x20ffc000, 0x3000, 4, 0x80011, r[1], 0);
}

int main()
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  loop();
  return 0;
}