// https://syzkaller.appspot.com/bug?id=7c7bd742d3b6b7473427759ad255c581dbd94412
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#ifndef __NR_socket
#define __NR_socket 359
#endif
#ifndef __NR_ioctl
#define __NR_ioctl 54
#endif
#ifndef __NR_setsockopt
#define __NR_setsockopt 366
#endif
#ifndef __NR_sendto
#define __NR_sendto 369
#endif
#ifndef __NR_mmap
#define __NR_mmap 192
#endif
#undef __NR_mmap
#define __NR_mmap __NR_mmap2

long r[2];
void loop()
{
  memset(r, -1, sizeof(r));
  syscall(__NR_mmap, 0x20000000, 0xffe000, 3, 0x32, -1, 0);
  r[0] = syscall(__NR_socket, 2, 0x80001, 0);
  memcpy((void*)0x2003b000,
         "\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
         16);
  *(uint16_t*)0x2003b010 = 0xfffd;
  syscall(__NR_ioctl, r[0], 0x8914, 0x2003b000);
  r[1] = syscall(__NR_socket, 2, 1, 0);
  *(uint32_t*)0x20ff7000 = 1;
  syscall(__NR_setsockopt, r[1], 6, 0x13, 0x20ff7000, 4);
  *(uint32_t*)0x20ff9ffc = 1;
  syscall(__NR_setsockopt, r[1], 6, 0x14, 0x20ff9ffc, 4);
  memcpy((void*)0x203e0000, "\xc8", 1);
  *(uint16_t*)0x2025e000 = 2;
  *(uint16_t*)0x2025e002 = htobe16(0x4e20);
  *(uint32_t*)0x2025e004 = htobe32(0x7f000001);
  *(uint8_t*)0x2025e008 = 0;
  *(uint8_t*)0x2025e009 = 0;
  *(uint8_t*)0x2025e00a = 0;
  *(uint8_t*)0x2025e00b = 0;
  *(uint8_t*)0x2025e00c = 0;
  *(uint8_t*)0x2025e00d = 0;
  *(uint8_t*)0x2025e00e = 0;
  *(uint8_t*)0x2025e00f = 0;
  syscall(__NR_sendto, r[1], 0x203e0000, 1, 0x20000002, 0x2025e000, 0x10);
  memcpy((void*)0x20ffcfab,
         "\xbd\x4c\x6a\x1c\x6f\xc2\x99\x55\x7a\x94\x29\x14\x10\xb3\xd9\xda\xaf"
         "\xc3\x41\xa4\x05\xa4\x3d\x61\x56\xe8\x09\xdf\x4e\x1e\x61\x08\x80\xff"
         "\x00\xc0\xf8\x4c\x39\x48\xa0\x13\xc4\x62\xec\x6c\x84\xaf\xa5\xcc\x6d"
         "\xb1\x6f\xbd\x74\xac\x65\xd1\x10\xdb\xa5\xb8\xdf\x74\x52\xa9\x8a\x3c"
         "\x9c\xcd\xb7\x71\x1e\x51\x5c\xe7\x72\xaa\x33\x21\x06\x6d\xd2\xcc\xef"
         "\x22\x9c\xd7\x93\x7a\x9c\x6c\xd9\xbf\xf4\x5c\x55\x0a\xe8\xdb\x52\x7a"
         "\x25\x21\xec\x6c\x21\x47\x39\xe8\x2a\xdd\xd0\xaa\xd8\xb5\xc9\x39\x4d"
         "\x5a\x0f",
         121);
  *(uint16_t*)0x20b1a000 = 2;
  *(uint16_t*)0x20b1a002 = htobe16(0x4e20);
  *(uint32_t*)0x20b1a004 = htobe32(-1);
  *(uint8_t*)0x20b1a008 = 0;
  *(uint8_t*)0x20b1a009 = 0;
  *(uint8_t*)0x20b1a00a = 0;
  *(uint8_t*)0x20b1a00b = 0;
  *(uint8_t*)0x20b1a00c = 0;
  *(uint8_t*)0x20b1a00d = 0;
  *(uint8_t*)0x20b1a00e = 0;
  *(uint8_t*)0x20b1a00f = 0;
  syscall(__NR_sendto, r[1], 0x20ffcfab, 0x79, 0, 0x20b1a000, 0x10);
}

int main()
{
  loop();
  return 0;
}