// https://syzkaller.appspot.com/bug?id=447e526b90f32533b25bca64e4fdd86c08f6efd9
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE 

#include <dirent.h>
#include <endian.h>
#include <fcntl.h>
#include <poll.h>
#include <pwd.h>
#include <signal.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/event.h>
#include <sys/ioctl.h>
#include <sys/ktrace.h>
#include <sys/mman.h>
#include <sys/msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>

static void kill_and_wait(int pid, int* status)
{
	kill(pid, SIGKILL);
	while (waitpid(-1, status, 0) != pid) {
	}
}

static void sleep_ms(uint64_t ms)
{
	usleep(ms * 1000);
}

static uint64_t current_time_ms(void)
{
	struct timespec ts;
	if (clock_gettime(CLOCK_MONOTONIC, &ts))
	exit(1);
	return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000;
}

#define CAST 

static void execute_one(void);

#define WAIT_FLAGS 0

static void loop(void)
{
	int iter = 0;
	for (;; iter++) {
		int pid = fork();
		if (pid < 0)
	exit(1);
		if (pid == 0) {
			execute_one();
			exit(0);
		}
		int status = 0;
		uint64_t start = current_time_ms();
		for (;;) {
			if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid)
				break;
			sleep_ms(1);
			if (current_time_ms() - start < 5000)
				continue;
			kill_and_wait(pid, &status);
			break;
		}
	}
}

uint64_t r[3] = {0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff};

void execute_one(void)
{
		intptr_t res = 0;
memcpy((void*)0x200000c0, "./file0\000", 8);
	res = -1;
res = ((intptr_t(*)(intptr_t,intptr_t,intptr_t))CAST(open))(/*file=*/0x200000c0, /*flags=O_CREAT|O_RDWR|0x80000000000004*/0x80000000000206, /*mode=*/0);
	if (res != -1)
		r[0] = res;
*(uint64_t*)0x20000040 = 0x20000340;
memcpy((void*)0x20000340, "\xca\x60\xac\xa3\xe6\x3d\x99\xf3\xf7\xd5\xb4\x7a\xdf\x2f\x1f\x0c\x8c\x69\x32\xcc\x3d\xaa\xa2\x19\xfe\xe4\xb0\x76\xfa\x58\x4d\xe6\x6f\xa7\x48\xa0\xad\xbb\x53\xda\x15\xea\x70\x9d\x72\x9d\x29\x55\xb3\xa7\x87\x0e\xf8\x7e\xd2\xa2\xa7\x82\x31\x9d\x54\x8b\x8d\x04\x16\xed\x36\x20\xfc\x0d\x10\xde\x2f\x4b\xc1\xb4\x94\xe8\xf4\x8a\xb3\x49\x89\xe4\xfc\x54\x0d\x51\xd1\xdf\xf2\xb8\x38\xbe\xe1\xd7\x31\x31\xc5\x38\xd0\xe8\x17\xdc\x40\xd8\x1f\x36\x4b\x6f\x0a\x5e\xac\x0d\xfa\x0b\xd5\xb5\xed\xb6\x59\xf1\xc2\xe3\x97\x57\x25\x14\x1f\x4a\x5e\xc3\x01\x6f\x40\x82\x56\x04\xbb\xb3\xa0\x81\x58\xe8\xfe\xdf\xbe\xe3\xf3\x7f\x96\xa0\xb3\xc1\x44\xb7\xba\xe8\x97\xb8\x3a\x3c\xe2\x84\xac\xc3\x51\x55\x75\xbe\x3b\x74\xa0\x0e\x19\xbc\x34\x26\x83\xe3\x72\xae\x4a\x30\x0f\x99\xe8\xb4\x5d\x4d\xe5\x3d\xc7\x91\x56\xeb\x2b\xcf\x41\xc6\x6e\x08\x42\x6f\x11\xd2\x55\x43\xba\xf3\x3b\xfc\x80\x37\xd1\xad\xfb\x52\xaa\xad\x42\x05\x4d\xb0\x4a\xe3\x38\x4a\x25\xae\xd1\xa9\xda\xc0\xf2\x3a\xf7\xb6\xd8\xe2\x57\x6e\x47\xc9", 244);
*(uint64_t*)0x20000048 = 0xf4;
*(uint64_t*)0x20000050 = 0x20000440;
memcpy((void*)0x20000440, "\x3a\xd8\x0c\x96\xce\x89\xe4\x33\xc4\xd0\x45\xae\x36\x49\xb8\xa9\x31\x4e\xf5\x34\xe4\x50\xdc\xd7\xce\x73\x9c\xdf\xf7\x24\x92\x14\xbb\xd1\x6a\xf1\x74\xc4\xb6\xfd\xce\x0e\xf7\x78\x59\x3e\x45\x38\xde\xf2\xa5\x8c\xe0\x22\x7a\x3a\x11\x06\x21\xed\x9c\x18\x17\xe8\x7c\x45\x25\xed\x0d\x15\x36\xd5\x1e\x7a\xaa\x6d\x27\xfc\xc5\xd6\x9c\x62\xd4\xf5\xea\x69\xfd\xf4\xec\xff\xbd\xa2\x11\xce\xda\x01\x9e\x58\x39\xf0\xef\x2d\xe8\xf8\x04\x50\x75\xd3\x15\x9a\x80\xe1\x36\x54\x35\x9e\xb1\x74\x23\x1c\x35\x35\x07\x39\x5b\x6e\x1a\x9a\xee\xd5\x75\x37\x05\xe1\x36\xab\x80\x6f\x3f\x90\x01\x18\x5f\x88\x34\x69\x4f\x25\xaa\x91\xc4\x18\x50\x92\xc8\x7f\x65\x27\x54\x57\x04\x4a\xf7\xf5\xc6\x87\x41\x7a\xa5\x1a\x94\x40\xb4\x5d\x65\x5d\x15\x84\xb9\x5e\x37\x28\x37\x4d\x40\x45\x5e\xeb\xaa\x16\xb2\x92\xdb\x68\x4c\x31\x20\x99\x06\xb1\x7b\xfd\x78\x81\x62\x37\x6f\xee\x09\x60\x90\xf9\xa0\xf3\x52\x45\x81\x2f\x23\x4d\x82\x0a\x44\xa7\x37\xa5\xcc\x5f\x73\x34\x72\x02\x1f\xca\xb7\x10", 236);
*(uint64_t*)0x20000058 = 0xec;
*(uint64_t*)0x20000060 = 0x20000540;
memcpy((void*)0x20000540, "\x91\xae\xac\x0e\xbb\xf8\x5f\x78\x34\x5f\x43\xbf\xd3\xd8\xa4\x54\x19\xb6\xe4\x00\x69\x21\xf5\x9a\x1a\x8d\x71\xd7\x71\x3a\x9c\xb9\xad\x18\x36\x96\x35\x26\xd6\x1a\x14\xe6\xc8\x4e\xc1\x13\x6b\x8a\x61\xbc\x7e\xfd\x79\xf9\x2a\xda\x1b\x64\x3c\x81\x03\x32\x7c\x29\xb0\xb7\x9b\x3d\xd9\xa3\xd7\xad\xdf\x73\xfc\xe1\x13\x23\x70\x7c\x96\x24\xb7\x4a\xba\xf6\xfb\x6b\x7f\x4e\x4f\x1e\x31\x50\xc6\xf7\x0d\xd2\x8d\x9c\x3b\xea\x21\x3a\x85\xa4\x2a\x1d\xa5\xe2\x36\x5e\xa4\x47\x49\x65\x63\xf2\xbf\x4c\xac\x60\x89\x4e\x67\xcd\xf9\x74\x0c\xb3\xd0\x1e\x4d\xf4\x85\x6e\x83\x41\x10\xc0\x3d\x9a\xe0\x1a\x05\xab\x98\x09\xc1\x09\x8c\xdc\x7d\x45\xe6\x17\xc2\xf4\xaf\xd9\x45\x13\xa9\xa2\x0b\x8c\x5f\x28\xf7\x4e\x89\x80\xeb\x02\x2f\xb7\x9b\xec\x7a\x35\x1e\xc8\x2e\x3d\xc9\xe8\x7c\x79\x3e\x01\x95\x72\x16\x0b\x99\x33\xeb\x80\x79\xd1\xcb\x5e\xa1\x6f\xa1\x91\x85\x3c\x57\x16\x4d\x43\x9b\x36\x69\x5a\xfc\x86\x11\x2d\x76\xc7\xea\xef\xd1\xc8\x27\xd8\x57\x8f\xcc\xa6\x00\xbc\x50\xb2\x65\x38", 238);
*(uint64_t*)0x20000068 = 0xee;
((intptr_t(*)(intptr_t,intptr_t,intptr_t))CAST(writev))(/*fd=*/r[0], /*vec=*/0x20000040, /*vlen=*/3);
memcpy((void*)0x20000200, "/dev/rvnd0c\000", 12);
	res = -1;
res = ((intptr_t(*)(intptr_t,intptr_t,intptr_t,intptr_t))CAST(openat))(/*fd=*/0xffffffffffffff9c, /*file=*/0x20000200, /*flags=O_CREAT*/0x200, /*mode=*/0);
	if (res != -1)
		r[1] = res;
*(uint64_t*)0x20000680 = 0x20000240;
memcpy((void*)0x20000240, "./file0\000", 8);
*(uint64_t*)0x20000688 = 9;
*(uint64_t*)0x20000690 = 0x20000640;
memcpy((void*)0x20000640, "./file0\000", 8);
*(uint32_t*)0x20000698 = 8;
((intptr_t(*)(intptr_t,intptr_t,intptr_t))CAST(ioctl))(/*fd=*/r[1], /*cmd=*/0xc0384600, /*arg=*/0x20000680);
memcpy((void*)0x20000000, "/dev/rvnd0c\000", 12);
	res = -1;
res = ((intptr_t(*)(intptr_t,intptr_t,intptr_t,intptr_t))CAST(openat))(/*fd=*/0xffffffffffffff9c, /*file=*/0x20000000, /*flags=*/0, /*mode=*/0);
	if (res != -1)
		r[2] = res;
*(uint64_t*)0x20000ac0 = 0x20000740;
*(uint64_t*)0x20000ac8 = 0x1d;
*(uint64_t*)0x20000ad0 = 0;
*(uint64_t*)0x20000ad8 = 0;
*(uint64_t*)0x20000ae0 = 0;
*(uint64_t*)0x20000ae8 = 0;
*(uint64_t*)0x20000af0 = 0x9999999999999999;
*(uint64_t*)0x20000af8 = 0;
*(uint64_t*)0x20000b00 = 0;
*(uint64_t*)0x20000b08 = 0;
*(uint64_t*)0x20000b10 = 0;
*(uint64_t*)0x20000b18 = 0;
*(uint64_t*)0x20000b20 = 0;
*(uint64_t*)0x20000b28 = 0;
*(uint64_t*)0x20000b30 = 0;
*(uint64_t*)0x20000b38 = 0;
((intptr_t(*)(intptr_t,intptr_t,intptr_t))CAST(readv))(/*fd=*/r[2], /*vec=*/0x20000ac0, /*vlen=*/8);

}
int main(void)
{
((intptr_t(*)(intptr_t,intptr_t,intptr_t,intptr_t,intptr_t,intptr_t))CAST(mmap))(/*addr=*/0x20000000, /*len=*/0x1000000, /*prot=PROT_WRITE|PROT_READ*/3, /*flags=MAP_ANONYMOUS|MAP_FIXED|MAP_PRIVATE*/0x1012, /*fd=*/-1, /*offset=*/0);
			loop();
	return 0;
}