// https://syzkaller.appspot.com/bug?id=b7640dae2467568f05425b289a1f004faa2dc292
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

#ifndef __NR_execveat
#define __NR_execveat 322
#endif

uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, /*addr=*/0x1ffff000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul, /*fd=*/-1,
          /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x20000000ul, /*len=*/0x1000000ul,
          /*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul, /*fd=*/-1,
          /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x21000000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul, /*fd=*/-1,
          /*offset=*/0ul);
  intptr_t res = 0;
  memcpy((void*)0x20000100, "./file1\000", 8);
  res = syscall(
      __NR_openat, /*fd=*/0xffffff9c, /*file=*/0x20000100ul,
      /*flags=O_CREAT|O_RDWR*/ 0x42ul,
      /*mode=S_IXOTH|S_IWOTH|S_IROTH|S_IXGRP|S_IWGRP|S_IRGRP|S_IXUSR|S_IWUSR|0x100*/
      0x1fful);
  if (res != -1)
    r[0] = res;
  *(uint8_t*)0x20000440 = 0x7f;
  *(uint8_t*)0x20000441 = 0x45;
  *(uint8_t*)0x20000442 = 0x4c;
  *(uint8_t*)0x20000443 = 0x46;
  *(uint8_t*)0x20000444 = 0;
  *(uint8_t*)0x20000445 = 0x6a;
  *(uint8_t*)0x20000446 = 0;
  *(uint8_t*)0x20000447 = 0;
  *(uint64_t*)0x20000448 = 0xfffffffffffffffd;
  *(uint16_t*)0x20000450 = 3;
  *(uint16_t*)0x20000452 = 0x3e;
  *(uint32_t*)0x20000454 = 0;
  *(uint64_t*)0x20000458 = 0;
  *(uint64_t*)0x20000460 = 0x40;
  *(uint64_t*)0x20000468 = 0;
  *(uint32_t*)0x20000470 = 0x80;
  *(uint16_t*)0x20000474 = 0;
  *(uint16_t*)0x20000476 = 0x38;
  *(uint16_t*)0x20000478 = 1;
  *(uint16_t*)0x2000047a = 0;
  *(uint16_t*)0x2000047c = 0;
  *(uint16_t*)0x2000047e = 0;
  memcpy((void*)0x20000480,
         "\x0d\xd7\x54\x6b\x16\x5a\x3a\xe3\x35\x83\xfb\xa1\x8b\xeb\x94\xc8\x08"
         "\x07\x14\xbb\x19\x8b\x6e\x92\x35\xaf\xe7\x1c\x15\x2e\xa2\x03\xb1\x35"
         "\x06\x41\xa6\xbe\xaf\x50\x67\x05\x0d\xd7\x9d\x9a\x18\xbb\xf6\x40\x47"
         "\xa1\x59\x24\x97\x24\xc0\xda\x23\xf0\x0e\x35\xd0\xa3\x43\x95\x63\x0a"
         "\x18\xee\xb6\x28\x3a\x52\x4f\x06\x37\xfa\x8f\xab\x26\x2b\x62\xad\x13"
         "\xae\x60\xa1\xc0\xcf\x45\x00\x0d\xb4\x0e\x5b\x06\x28\xe6\x98\x27\xec"
         "\xfe\x1c\x3f\xf3\xbb\x26\x78\xfb\x46\xa9\xdf\xb5\x2e\x00\x29\x82\x0e"
         "\xfd\xf6\x65\x44\x2e\x1e\x7a\x40\xa2\x7e\x94\x29\x13\x47\x1f\x77\xf4"
         "\x15\xf5\x9a\x7f\x26\x07\xe1\x00\xfa\xdb\x64\xac\x4a\xf5\x4b\x8b\x7c"
         "\x19\xa8\xea\xb2\xad\x42\x7c\x73\xe5\x18\x72\x7f\x6d\x49",
         167);
  syscall(__NR_write, /*fd=*/r[0], /*data=*/0x20000440ul, /*len=*/0xe7ul);
  memcpy((void*)0x200015c0, "/dev/vhost-vsock\000", 17);
  res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x200015c0ul,
                /*flags=*/2ul, /*mode=*/0ul);
  if (res != -1)
    r[1] = res;
  syscall(__NR_ioctl, /*fd=*/r[1], /*cmd=*/0xaf01, /*arg=*/0ul);
  syscall(__NR_close, /*fd=*/r[0]);
  memcpy((void*)0x20000140, "./file1\000", 8);
  syscall(__NR_execveat, /*dirfd=*/0xffffff9c, /*file=*/0x20000140ul,
          /*argv=*/0ul, /*envp=*/0ul, /*flags=*/0ul);
  return 0;
}