// https://syzkaller.appspot.com/bug?id=9af1b02de9c2c9d59a4beda7aecb08289aff9e7e
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#ifndef __NR_socket
#define __NR_socket 359
#endif
#ifndef __NR_setsockopt
#define __NR_setsockopt 366
#endif
#ifndef __NR_mmap
#define __NR_mmap 192
#endif
#undef __NR_mmap
#define __NR_mmap __NR_mmap2

long r[1];
void loop()
{
  memset(r, -1, sizeof(r));
  syscall(__NR_mmap, 0x20000000, 0xfff000, 3, 0x32, -1, 0);
  r[0] = syscall(__NR_socket, 2, 1, 0);
  memcpy((void*)0x206b2000, "\x6e\x61\x74\x00\x00\x00\x00\x00\x00\x00\x00\x00"
                            "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
                            "\x00\x00\x00\x00\x00\x00\x00\x00",
         32);
  *(uint32_t*)0x206b2020 = 0;
  *(uint32_t*)0x206b2024 = 0;
  *(uint32_t*)0x206b2028 = 0x90;
  *(uint32_t*)0x206b202c = 0;
  *(uint32_t*)0x206b2030 = 0;
  *(uint32_t*)0x206b2034 = 0;
  *(uint32_t*)0x206b2038 = 0;
  *(uint32_t*)0x206b203c = 0;
  *(uint32_t*)0x206b2040 = 0;
  *(uint32_t*)0x206b2044 = 0;
  *(uint32_t*)0x206b2048 = 0;
  *(uint32_t*)0x206b204c = 0;
  *(uint32_t*)0x206b2050 = 0;
  *(uint32_t*)0x206b2054 = 0x10;
  *(uint32_t*)0x206b2058 = 0x20cc6000;
  *(uint32_t*)0x206b205c = htobe32(0xe0000001);
  *(uint8_t*)0x206b2060 = 0xac;
  *(uint8_t*)0x206b2061 = 0x14;
  *(uint8_t*)0x206b2062 = 0;
  *(uint8_t*)0x206b2063 = 0xaa;
  *(uint32_t*)0x206b2064 = htobe32(0);
  *(uint32_t*)0x206b2068 = htobe32(0);
  memcpy((void*)0x206b206c,
         "\x62\x63\x73\x68\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
         16);
  *(uint8_t*)0x206b207c = 0x73;
  *(uint8_t*)0x206b207d = 0x79;
  *(uint8_t*)0x206b207e = 0x7a;
  *(uint8_t*)0x206b207f = 0;
  *(uint8_t*)0x206b2080 = 0;
  *(uint8_t*)0x206b208c = 0;
  *(uint8_t*)0x206b208d = 0;
  *(uint8_t*)0x206b208e = 0;
  *(uint8_t*)0x206b208f = 0;
  *(uint8_t*)0x206b2090 = 0;
  *(uint8_t*)0x206b2091 = 0;
  *(uint8_t*)0x206b2092 = 0;
  *(uint8_t*)0x206b2093 = 0;
  *(uint8_t*)0x206b2094 = 0;
  *(uint8_t*)0x206b2095 = 0;
  *(uint8_t*)0x206b2096 = 0;
  *(uint8_t*)0x206b2097 = 0;
  *(uint8_t*)0x206b2098 = 0;
  *(uint8_t*)0x206b2099 = 0;
  *(uint8_t*)0x206b209a = 0;
  *(uint8_t*)0x206b209b = 0;
  *(uint8_t*)0x206b209c = 0;
  *(uint8_t*)0x206b209d = 0;
  *(uint8_t*)0x206b209e = 0;
  *(uint8_t*)0x206b209f = 0;
  *(uint8_t*)0x206b20a0 = 0;
  *(uint8_t*)0x206b20a1 = 0;
  *(uint8_t*)0x206b20a2 = 0;
  *(uint8_t*)0x206b20a3 = 0;
  *(uint8_t*)0x206b20a4 = 0;
  *(uint8_t*)0x206b20a5 = 0;
  *(uint8_t*)0x206b20a6 = 0;
  *(uint8_t*)0x206b20a7 = 0;
  *(uint8_t*)0x206b20a8 = 0;
  *(uint8_t*)0x206b20a9 = 0;
  *(uint8_t*)0x206b20aa = 0;
  *(uint8_t*)0x206b20ab = 0;
  *(uint16_t*)0x206b20ac = 0;
  *(uint8_t*)0x206b20ae = 0;
  *(uint8_t*)0x206b20af = 0;
  *(uint32_t*)0x206b20b0 = 0;
  *(uint16_t*)0x206b20b4 = 0x70;
  *(uint16_t*)0x206b20b6 = 0x90;
  *(uint32_t*)0x206b20b8 = 0;
  *(uint64_t*)0x206b20bc = 0;
  *(uint64_t*)0x206b20c4 = 0;
  *(uint16_t*)0x206b20cc = 0x20;
  memcpy((void*)0x206b20ce, "\x8e\x13\xba\x57\xd8\x10\xd4\xe6\x51\x9c\x0f\x13"
                            "\x91\x2e\x9e\xf2\x8f\x01\xdc\xcf\xc5\x4e\xe1\xb9"
                            "\x6b\x3c\xe0\x5f\x83",
         29);
  *(uint8_t*)0x206b20eb = 0xfe;
  syscall(__NR_setsockopt, r[0], 0, 0x40, 0x206b2000, 0xec);
}

int main()
{
  loop();
  return 0;
}