// https://syzkaller.appspot.com/bug?id=583b200c0464331b3f9cf1d67566de0834f916d6
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

#ifndef __NR_bpf
#define __NR_bpf 321
#endif

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, /*addr=*/0x1ffffffff000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0x1000000ul,
          /*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x200001000000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  const char* reason;
  (void)reason;
  intptr_t res = 0;
  if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
  }
  //  bpf$MAP_CREATE arguments: [
  //    cmd: const = 0x0 (8 bytes)
  //    arg: ptr[in, bpf_map_create_arg] {
  //      union bpf_map_create_arg {
  //        base: bpf_map_create_arg_t[flags[bpf_map_type, int32], int32, int32,
  //        int32, flags[map_flags, int32], const[0, int64]] {
  //          type: bpf_map_type = 0xd (4 bytes)
  //          ksize: int32 = 0x3 (4 bytes)
  //          vsize: int32 = 0x4 (4 bytes)
  //          max: int32 = 0x801 (4 bytes)
  //          flags: map_flags = 0x1 (4 bytes)
  //          inner: fd_bpf_map (resource)
  //          node: int32 = 0x15b4 (4 bytes)
  //          map_name: buffer: {00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  //          00} (length 0x10) map_ifindex: ifindex (resource) btf_fd: fd_btf
  //          (resource) btf_key_type_id: int32 = 0x0 (4 bytes)
  //          btf_value_type_id: int32 = 0x0 (4 bytes)
  //          btf_vmlinux_type_id: int32 = 0x0 (4 bytes)
  //          map_extra: const = 0x0 (8 bytes)
  //          value_type_btf_obj_fd: union
  //          _bpf_map_create_arg_t[flags[bpf_map_type, int32], int32, int32,
  //          int32, flags[map_flags, int32], const[0,
  //          int64]]_value_type_btf_obj_fd_wrapper {
  //            void: buffer: {} (length 0x0)
  //          }
  //          pad1: union _bpf_map_create_arg_t[flags[bpf_map_type, int32],
  //          int32, int32, int32, flags[map_flags, int32], const[0,
  //          int64]]_pad1_wrapper {
  //            value: const = 0x0 (4 bytes)
  //          }
  //          map_token_fd: union _bpf_map_create_arg_t[flags[bpf_map_type,
  //          int32], int32, int32, int32, flags[map_flags, int32], const[0,
  //          int64]]_map_token_fd_wrapper {
  //            void: buffer: {} (length 0x0)
  //          }
  //          pad2: union _bpf_map_create_arg_t[flags[bpf_map_type, int32],
  //          int32, int32, int32, flags[map_flags, int32], const[0,
  //          int64]]_pad2_wrapper {
  //            value: const = 0x0 (4 bytes)
  //          }
  //        }
  //      }
  //    }
  //    size: len = 0x50 (8 bytes)
  //  ]
  //  returns fd_bpf_map
  *(uint32_t*)0x200000000040 = 0xd;
  *(uint32_t*)0x200000000044 = 3;
  *(uint32_t*)0x200000000048 = 4;
  *(uint32_t*)0x20000000004c = 0x801;
  *(uint32_t*)0x200000000050 = 1;
  *(uint32_t*)0x200000000054 = -1;
  *(uint32_t*)0x200000000058 = 0x15b4;
  memset((void*)0x20000000005c, 0, 16);
  *(uint32_t*)0x20000000006c = 0;
  *(uint32_t*)0x200000000070 = -1;
  *(uint32_t*)0x200000000074 = 0;
  *(uint32_t*)0x200000000078 = 0;
  *(uint32_t*)0x20000000007c = 0;
  *(uint64_t*)0x200000000080 = 0;
  *(uint32_t*)0x200000000088 = 0;
  *(uint32_t*)0x20000000008c = 0;
  syscall(__NR_bpf, /*cmd=*/0ul, /*arg=*/0x200000000040ul, /*size=*/0x50ul);
  //  bpf$MAP_CREATE arguments: [
  //    cmd: const = 0x100000000000000 (8 bytes)
  //    arg: ptr[inout, array[ANYUNION]] {
  //      array[ANYUNION] {
  //        union ANYUNION {
  //          ANYBLOB: buffer: {01} (length 0x1)
  //        }
  //      }
  //    }
  //    size: len = 0x48 (8 bytes)
  //  ]
  //  returns fd_bpf_map
  memset((void*)0x200000000040, 1, 1);
  res = syscall(__NR_bpf, /*cmd=*/0x100000000000000ul, /*arg=*/0x200000000040ul,
                /*size=*/0x48ul);
  if (res != -1)
    r[0] = res;
  //  bpf$BPF_PROG_RAW_TRACEPOINT_LOAD arguments: [
  //    cmd: const = 0x5 (8 bytes)
  //    arg: ptr[in, bpf_prog_t[flags[bpf_raw_tracepoint_prog_types, int32],
  //    const[0, int32], const[0, int32], const[0, int32]]] {
  //      bpf_prog_t[flags[bpf_raw_tracepoint_prog_types, int32], const[0,
  //      int32], const[0, int32], const[0, int32]] {
  //        type: bpf_raw_tracepoint_prog_types = 0x2 (4 bytes)
  //        ninsn: bytesize8 = 0xa (4 bytes)
  //        insns: ptr[inout, array[ANYUNION]] {
  //          array[ANYUNION] {
  //            union ANYUNION {
  //              ANYBLOB: buffer: {18 08 00 00 00 00 00 00 00 00 00 00 00 00 00
  //              00 85 10 00 00 06 00 00 00 18 10 00 00} (length 0x1c)
  //            }
  //            union ANYUNION {
  //              ANYRES32: ANYRES32 (resource)
  //            }
  //            union ANYUNION {
  //              ANYBLOB: buffer: {00 00 00 00 00 00 00 00 79 00 48 02 00 00 00
  //              00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 95 00 00 00
  //              00 00 00 00 95 00 00 00 00 00 00 00 96 74 a5 6f 93 11 44 ae e6
  //              21 c0 fc 0b a7 4a fa 1b 94 94 1d 56 5f 18 54 3a ea ea a5 de d6
  //              3f e1 05 00 00 00 97 fc 11 a5 3b 2b ae 41 50 06 00 5e b1 65 64
  //              75 3d 1c 78 67 27 10 ac e8 8b 3f df 08 1a a9 b6 17 4d 0a 88 87
  //              21 cb 1e 19 83 83 b4 4c 81 bb 62 3f 32 d0 6f 0d a1 19 a9 bf 9c
  //              02 c8 27 48 30 4c 29 fd dc 9f 6e 3a c9 7e 17 a9 86 f4 39 47 41
  //              1b a5 93 48 21 a9 95 e1 04 3d 0d db fa 39 57 fb 55 95 2b 0c f6
  //              16 7b b7 f2 c4 35 ec 11 8c 01 68 80 3f 92 e4 b5 8e 26 9d a2 2e
  //              25 af c7 cd 09 0d 4c 1b 68 5b 94 69 d7 5b b0 85 db 73 f5 1b b1
  //              ab 4b 72 fe f9 6a 8f ec fc 73 5a 79 87 84 1e cc 40 8b ab 2b be
  //              d3 36 f3 71 0d 94 aa 7b ac 92 cc ea 55 37 e0 1e b9 81 c6 60 de
  //              be 0b 6b 10 6a b3 96 55 91 ea 8e e0 8a eb a0 3b 26 e1 6a ce e7
  //              0f f4 fa df 77 66 db 9a 77 c7 52 0e 16 53 65 67 17 eb 0e b5 da
  //              65 ad 44 be 8c 9c b6 f6 c5 bc 6f 57 c4 11 68 43 c7 86 a8 63 47
  //              bd 2c e7 b7 a7 65 08 78 5b 2d 7d 76 c9 27 73 69 e3 5b 28 2f 00
  //              11 43 3c a4 64 0d 8d 69 b0 88 1c cd 75 a7 e2 68 f9 83 55 5a 66
  //              37 55 18 e6 18 74 67 e6 f9 18 cc d3 d0 41 60 00 1f 0d ef 82 1d
  //              84 40 9a a6 cd 78 6e 6f 01 c3 7e 4e a9 24 98 2f 14 30 48 9c 36
  //              63 7a f0 fc 4a 81 b3 3e 66 30 38 c2 6e 1b 0c 97 5f aa 71 e0 0f
  //              b9 68 71 95 4d 9e 24 6a b1 79 d0 47 02 83 4a da 3e d9 fa b8 8d
  //              f2 0a 36 d6 f3 8d 44 8b f0 5d 92 9c e7 ed 83 c6 ac 65 2a 16 33
  //              21 72 a3 b6 4d 61 03} (length 0x1e4)
  //            }
  //          }
  //        }
  //        license: ptr[in, buffer] {
  //          buffer: {47 50 4c 00} (length 0x4)
  //        }
  //        loglev: int32 = 0x4 (4 bytes)
  //        logsize: len = 0xee (4 bytes)
  //        log: ptr[out, buffer] {
  //          buffer: (DirOut)
  //        }
  //        kern_version: bpf_kern_version = 0x0 (4 bytes)
  //        flags: bpf_prog_load_flags = 0x0 (4 bytes)
  //        prog_name: buffer: {00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00}
  //        (length 0x10) prog_ifindex: ifindex (resource) expected_attach_type:
  //        const = 0x0 (4 bytes) btf_fd: fd_btf (resource) func_info_rec_size:
  //        const = 0x8 (4 bytes) func_info: nil func_info_cnt: len = 0x0 (4
  //        bytes) line_info_rec_size: const = 0x10 (4 bytes) line_info: nil
  //        line_info_cnt: len = 0x0 (4 bytes)
  //        attach_btf_id: const = 0x0 (4 bytes)
  //        attach_prog_fd: const = 0x0 (4 bytes)
  //        core_relo_cnt: len = 0x0 (4 bytes)
  //        fd_array: nil
  //        core_relos: nil
  //        core_relo_rec_size: const = 0x10 (4 bytes)
  //        log_true_size: int32 = 0x0 (4 bytes)
  //        prog_token_fd: union
  //        _bpf_prog_t[flags[bpf_raw_tracepoint_prog_types, int32], const[0,
  //        int32], const[0, int32], const[0, int32]]_prog_token_fd_wrapper {
  //          void: buffer: {} (length 0x0)
  //        }
  //        pad: union _bpf_prog_t[flags[bpf_raw_tracepoint_prog_types, int32],
  //        const[0, int32], const[0, int32], const[0, int32]]_pad_wrapper {
  //          value: const = 0x0 (4 bytes)
  //        }
  //      }
  //    }
  //    size: len = 0x80 (8 bytes)
  //  ]
  //  returns fd_bpf_prog_raw_tracepoint
  *(uint32_t*)0x200000000440 = 2;
  *(uint32_t*)0x200000000444 = 0xa;
  *(uint64_t*)0x200000000448 = 0x200000000cc0;
  memcpy((void*)0x200000000cc0,
         "\x18\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x85"
         "\x10\x00\x00\x06\x00\x00\x00\x18\x10\x00\x00",
         28);
  *(uint32_t*)0x200000000cdc = r[0];
  memcpy(
      (void*)0x200000000ce0,
      "\x00\x00\x00\x00\x00\x00\x00\x00\x79\x00\x48\x02\x00\x00\x00\x00\x18\x00"
      "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x95\x00\x00\x00"
      "\x00\x00\x00\x00\x95\x00\x00\x00\x00\x00\x00\x00\x96\x74\xa5\x6f\x93\x11"
      "\x44\xae\xe6\x21\xc0\xfc\x0b\xa7\x4a\xfa\x1b\x94\x94\x1d\x56\x5f\x18\x54"
      "\x3a\xea\xea\xa5\xde\xd6\x3f\xe1\x05\x00\x00\x00\x97\xfc\x11\xa5\x3b\x2b"
      "\xae\x41\x50\x06\x00\x5e\xb1\x65\x64\x75\x3d\x1c\x78\x67\x27\x10\xac\xe8"
      "\x8b\x3f\xdf\x08\x1a\xa9\xb6\x17\x4d\x0a\x88\x87\x21\xcb\x1e\x19\x83\x83"
      "\xb4\x4c\x81\xbb\x62\x3f\x32\xd0\x6f\x0d\xa1\x19\xa9\xbf\x9c\x02\xc8\x27"
      "\x48\x30\x4c\x29\xfd\xdc\x9f\x6e\x3a\xc9\x7e\x17\xa9\x86\xf4\x39\x47\x41"
      "\x1b\xa5\x93\x48\x21\xa9\x95\xe1\x04\x3d\x0d\xdb\xfa\x39\x57\xfb\x55\x95"
      "\x2b\x0c\xf6\x16\x7b\xb7\xf2\xc4\x35\xec\x11\x8c\x01\x68\x80\x3f\x92\xe4"
      "\xb5\x8e\x26\x9d\xa2\x2e\x25\xaf\xc7\xcd\x09\x0d\x4c\x1b\x68\x5b\x94\x69"
      "\xd7\x5b\xb0\x85\xdb\x73\xf5\x1b\xb1\xab\x4b\x72\xfe\xf9\x6a\x8f\xec\xfc"
      "\x73\x5a\x79\x87\x84\x1e\xcc\x40\x8b\xab\x2b\xbe\xd3\x36\xf3\x71\x0d\x94"
      "\xaa\x7b\xac\x92\xcc\xea\x55\x37\xe0\x1e\xb9\x81\xc6\x60\xde\xbe\x0b\x6b"
      "\x10\x6a\xb3\x96\x55\x91\xea\x8e\xe0\x8a\xeb\xa0\x3b\x26\xe1\x6a\xce\xe7"
      "\x0f\xf4\xfa\xdf\x77\x66\xdb\x9a\x77\xc7\x52\x0e\x16\x53\x65\x67\x17\xeb"
      "\x0e\xb5\xda\x65\xad\x44\xbe\x8c\x9c\xb6\xf6\xc5\xbc\x6f\x57\xc4\x11\x68"
      "\x43\xc7\x86\xa8\x63\x47\xbd\x2c\xe7\xb7\xa7\x65\x08\x78\x5b\x2d\x7d\x76"
      "\xc9\x27\x73\x69\xe3\x5b\x28\x2f\x00\x11\x43\x3c\xa4\x64\x0d\x8d\x69\xb0"
      "\x88\x1c\xcd\x75\xa7\xe2\x68\xf9\x83\x55\x5a\x66\x37\x55\x18\xe6\x18\x74"
      "\x67\xe6\xf9\x18\xcc\xd3\xd0\x41\x60\x00\x1f\x0d\xef\x82\x1d\x84\x40\x9a"
      "\xa6\xcd\x78\x6e\x6f\x01\xc3\x7e\x4e\xa9\x24\x98\x2f\x14\x30\x48\x9c\x36"
      "\x63\x7a\xf0\xfc\x4a\x81\xb3\x3e\x66\x30\x38\xc2\x6e\x1b\x0c\x97\x5f\xaa"
      "\x71\xe0\x0f\xb9\x68\x71\x95\x4d\x9e\x24\x6a\xb1\x79\xd0\x47\x02\x83\x4a"
      "\xda\x3e\xd9\xfa\xb8\x8d\xf2\x0a\x36\xd6\xf3\x8d\x44\x8b\xf0\x5d\x92\x9c"
      "\xe7\xed\x83\xc6\xac\x65\x2a\x16\x33\x21\x72\xa3\xb6\x4d\x61\x03",
      484);
  *(uint64_t*)0x200000000450 = 0x200000000000;
  memcpy((void*)0x200000000000, "GPL\000", 4);
  *(uint32_t*)0x200000000458 = 4;
  *(uint32_t*)0x20000000045c = 0xee;
  *(uint64_t*)0x200000000460 = 0x200000000340;
  *(uint32_t*)0x200000000468 = 0;
  *(uint32_t*)0x20000000046c = 0;
  memset((void*)0x200000000470, 0, 16);
  *(uint32_t*)0x200000000480 = 0;
  *(uint32_t*)0x200000000484 = 0;
  *(uint32_t*)0x200000000488 = -1;
  *(uint32_t*)0x20000000048c = 8;
  *(uint64_t*)0x200000000490 = 0;
  *(uint32_t*)0x200000000498 = 0;
  *(uint32_t*)0x20000000049c = 0x10;
  *(uint64_t*)0x2000000004a0 = 0;
  *(uint32_t*)0x2000000004a8 = 0;
  *(uint32_t*)0x2000000004ac = 0;
  *(uint32_t*)0x2000000004b0 = 0;
  *(uint32_t*)0x2000000004b4 = 0;
  *(uint64_t*)0x2000000004b8 = 0;
  *(uint64_t*)0x2000000004c0 = 0;
  *(uint32_t*)0x2000000004c8 = 0x10;
  *(uint32_t*)0x2000000004cc = 0;
  *(uint32_t*)0x2000000004d0 = 0;
  syscall(__NR_bpf, /*cmd=*/5ul, /*arg=*/0x200000000440ul, /*size=*/0x80ul);
  return 0;
}