// https://syzkaller.appspot.com/bug?id=97007760b0b054bf70fb213519c109bbab8daaa3
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <sys/syscall.h>
#include <unistd.h>

#include <stdint.h>
#include <string.h>

long r[40];
void loop()
{
  memset(r, -1, sizeof(r));
  r[0] = syscall(__NR_mmap, 0x20000000ul, 0xfff000ul, 0x3ul, 0x32ul,
                 0xfffffffffffffffful, 0x0ul);
  memcpy((void*)0x20eac000, "\x6b\x65\x79\x72\x69\x6e\x67\x00", 8);
  *(uint8_t*)0x20000ffb = (uint8_t)0x73;
  *(uint8_t*)0x20000ffc = (uint8_t)0x79;
  *(uint8_t*)0x20000ffd = (uint8_t)0x7a;
  *(uint8_t*)0x20000ffe = (uint8_t)0x20;
  *(uint8_t*)0x20000fff = (uint8_t)0x0;
  r[7] = syscall(__NR_add_key, 0x20eac000ul, 0x20000ffbul, 0x0ul, 0x0ul,
                 0x0ul);
  memcpy((void*)0x20176000, "\x75\x73\x65\x72\x00", 5);
  *(uint8_t*)0x209d5ffb = (uint8_t)0x73;
  *(uint8_t*)0x209d5ffc = (uint8_t)0x79;
  *(uint8_t*)0x209d5ffd = (uint8_t)0x7a;
  *(uint8_t*)0x209d5ffe = (uint8_t)0x20;
  *(uint8_t*)0x209d5fff = (uint8_t)0x0;
  memcpy((void*)0x2003e000, "\xfa", 1);
  r[15] = syscall(__NR_add_key, 0x20176000ul, 0x209d5ffbul,
                  0x2003e000ul, 0x1ul, r[7]);
  memcpy((void*)0x20893000, "\x75\x73\x65\x72\x00", 5);
  *(uint8_t*)0x20752ffb = (uint8_t)0x73;
  *(uint8_t*)0x20752ffc = (uint8_t)0x79;
  *(uint8_t*)0x20752ffd = (uint8_t)0x7a;
  *(uint8_t*)0x20752ffe = (uint8_t)0x23;
  *(uint8_t*)0x20752fff = (uint8_t)0x0;
  memcpy((void*)0x20f28000,
         "\xb3\x3a\xb7\x60\x79\xeb\xe0\xd9\x4f\x72\x9c\xd6\x53\xe5\x20"
         "\xc1\x9a\xd7\xd9\x7f\xe2\x17\x69\xe7\xc4\xdb\x44\xc2\x49\xb5"
         "\x44\x23\x0b\xa2\x87\xfb\x8b\xd6\xed\x26\x6c\xcf\x59\xef\x70"
         "\x99\x5b\xf2\xe8\xe0\xec\xd3\xff\xf3\x28\x53\x74\x7e\xda\x22"
         "\xd2\x81\x8d\x08\xca\x27\xe0\xec\x82\x16\x20\xe3\x65\xa0\xe6"
         "\xb9\x48\x5f\x2d\x92\x54\x93\xf6\x21\x13\xe3\x3e\x5f\x8c\x7e"
         "\xba\x67\xfc\x19\xa9\x49\x7f\x5b\x07\xe5\x84\x9d\x2e\x87\x5b"
         "\x06\x6c\xd6\x40\xb3\x36\x61\x6f\xe0\xf3\xc3\x00\x28\x01\xb4"
         "\x62\x7e\xe7\x59\x76\x89\x52\x5e\x8e\x81\xf7\x50\xa8\x6e\xb5"
         "\x80\xfb\x46\x90\xea\x52\x24\x6b\xd3\xd3\x2b\x1a\x91\xf9\x44"
         "\xed\xb7\x4b\x1f\x50\xae\x08\xc5\x38\x7e\xd8\xfd\x05\x98\xb6"
         "\x00\x57\x9f\x3a\xf3\xf8\x64\xe1\xc3\x24\xf6\x92\x8f\x66\x72"
         "\xf9\x8f\x7e\x14\x9b\xe3\x1b\xd7\x8b\x50\x6e\x8b",
         192);
  r[23] = syscall(__NR_add_key, 0x20893000ul, 0x20752ffbul,
                  0x20f28000ul, 0xc0ul, r[7]);
  *(uint32_t*)0x204c8ff4 = r[15];
  *(uint32_t*)0x204c8ff8 = r[23];
  *(uint32_t*)0x204c8ffc = r[15];
  *(uint64_t*)0x20550000 = (uint64_t)0x20f17ff8;
  *(uint64_t*)0x20550008 = (uint64_t)0x20027fc9;
  *(uint32_t*)0x20550010 = (uint32_t)0x0;
  *(uint32_t*)0x20550014 = (uint32_t)0x0;
  *(uint32_t*)0x20550018 = (uint32_t)0x0;
  *(uint32_t*)0x2055001c = (uint32_t)0x0;
  *(uint32_t*)0x20550020 = (uint32_t)0x0;
  *(uint32_t*)0x20550024 = (uint32_t)0x0;
  *(uint32_t*)0x20550028 = (uint32_t)0x0;
  *(uint32_t*)0x2055002c = (uint32_t)0x0;
  *(uint32_t*)0x20550030 = (uint32_t)0x0;
  memcpy((void*)0x20f17ff8,
         "\x68\x6d\x61\x63\x28\x73\x68\x61\x33\x2d\x33\x38\x34\x29",
         14);
  r[39] = syscall(__NR_keyctl, 0x17ul, 0x204c8ff4ul, 0x205cd000ul,
                  0x30ul, 0x20550000ul);
}

int main()
{
  loop();
  return 0;
}