// https://syzkaller.appspot.com/bug?id=15604084a6f209697fabd4658862a84efc6609fb
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <sys/syscall.h>
#include <unistd.h>

#include <stdint.h>
#include <string.h>

long r[82];
void loop()
{
  memset(r, -1, sizeof(r));
  r[0] = syscall(__NR_mmap, 0x20000000ul, 0xfff000ul, 0x3ul, 0x32ul,
                 0xfffffffffffffffful, 0x0ul);
  r[1] = syscall(__NR_socket, 0xaul, 0x2ul, 0x0ul);
  memcpy((void*)0x20faf000, "\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00"
                            "\x00\x00\x00\x00\x00\x00",
         16);
  *(uint32_t*)0x20faf010 = (uint32_t)0x0;
  *(uint8_t*)0x20faf014 = (uint8_t)0x0;
  *(uint8_t*)0x20faf015 = (uint8_t)0x0;
  *(uint8_t*)0x20faf016 = (uint8_t)0x0;
  *(uint8_t*)0x20faf017 = (uint8_t)0x0;
  *(uint8_t*)0x20faf018 = (uint8_t)0x0;
  *(uint8_t*)0x20faf019 = (uint8_t)0x0;
  *(uint8_t*)0x20faf01a = (uint8_t)0x0;
  *(uint8_t*)0x20faf01b = (uint8_t)0x0;
  *(uint8_t*)0x20faf01c = (uint8_t)0x0;
  *(uint8_t*)0x20faf01d = (uint8_t)0x0;
  *(uint8_t*)0x20faf01e = (uint8_t)0x0;
  *(uint8_t*)0x20faf01f = (uint8_t)0x0;
  *(uint8_t*)0x20faf020 = (uint8_t)0x0;
  *(uint8_t*)0x20faf021 = (uint8_t)0x0;
  *(uint8_t*)0x20faf022 = (uint8_t)0x0;
  *(uint8_t*)0x20faf023 = (uint8_t)0x0;
  *(uint8_t*)0x20faf024 = (uint8_t)0x0;
  *(uint8_t*)0x20faf025 = (uint8_t)0x0;
  *(uint8_t*)0x20faf026 = (uint8_t)0x0;
  *(uint8_t*)0x20faf027 = (uint8_t)0x0;
  r[24] = syscall(__NR_ioctl, r[1], 0x8933ul, 0x20faf000ul);
  if (r[24] != -1)
    r[25] = *(uint32_t*)0x20faf010;
  *(uint8_t*)0x206bb000 = (uint8_t)0xfe;
  *(uint8_t*)0x206bb001 = (uint8_t)0x80;
  *(uint8_t*)0x206bb002 = (uint8_t)0x0;
  *(uint8_t*)0x206bb003 = (uint8_t)0x0;
  *(uint8_t*)0x206bb004 = (uint8_t)0x0;
  *(uint8_t*)0x206bb005 = (uint8_t)0x0;
  *(uint8_t*)0x206bb006 = (uint8_t)0x0;
  *(uint8_t*)0x206bb007 = (uint8_t)0x0;
  *(uint8_t*)0x206bb008 = (uint8_t)0x0;
  *(uint8_t*)0x206bb009 = (uint8_t)0x0;
  *(uint8_t*)0x206bb00a = (uint8_t)0x0;
  *(uint8_t*)0x206bb00b = (uint8_t)0x0;
  *(uint8_t*)0x206bb00c = (uint8_t)0x0;
  *(uint8_t*)0x206bb00d = (uint8_t)0x0;
  *(uint8_t*)0x206bb00e = (uint8_t)0x0;
  *(uint8_t*)0x206bb00f = (uint8_t)0xbb;
  *(uint8_t*)0x206bb010 = (uint8_t)0xfe;
  *(uint8_t*)0x206bb011 = (uint8_t)0x80;
  *(uint8_t*)0x206bb012 = (uint8_t)0x0;
  *(uint8_t*)0x206bb013 = (uint8_t)0x0;
  *(uint8_t*)0x206bb014 = (uint8_t)0x0;
  *(uint8_t*)0x206bb015 = (uint8_t)0x0;
  *(uint8_t*)0x206bb016 = (uint8_t)0x0;
  *(uint8_t*)0x206bb017 = (uint8_t)0x0;
  *(uint8_t*)0x206bb018 = (uint8_t)0x0;
  *(uint8_t*)0x206bb019 = (uint8_t)0x0;
  *(uint8_t*)0x206bb01a = (uint8_t)0x0;
  *(uint8_t*)0x206bb01b = (uint8_t)0x0;
  *(uint8_t*)0x206bb01c = (uint8_t)0x0;
  *(uint8_t*)0x206bb01d = (uint8_t)0x0;
  *(uint8_t*)0x206bb01e = (uint8_t)0x0;
  *(uint8_t*)0x206bb01f = (uint8_t)0xaa;
  *(uint8_t*)0x206bb020 = (uint8_t)0x0;
  *(uint8_t*)0x206bb021 = (uint8_t)0x0;
  *(uint8_t*)0x206bb022 = (uint8_t)0x0;
  *(uint8_t*)0x206bb023 = (uint8_t)0x0;
  *(uint8_t*)0x206bb024 = (uint8_t)0x0;
  *(uint8_t*)0x206bb025 = (uint8_t)0x0;
  *(uint8_t*)0x206bb026 = (uint8_t)0x0;
  *(uint8_t*)0x206bb027 = (uint8_t)0x0;
  *(uint8_t*)0x206bb028 = (uint8_t)0x0;
  *(uint8_t*)0x206bb029 = (uint8_t)0x0;
  *(uint8_t*)0x206bb02a = (uint8_t)0x0;
  *(uint8_t*)0x206bb02b = (uint8_t)0x0;
  *(uint8_t*)0x206bb02c = (uint8_t)0x0;
  *(uint8_t*)0x206bb02d = (uint8_t)0x0;
  *(uint8_t*)0x206bb02e = (uint8_t)0x0;
  *(uint8_t*)0x206bb02f = (uint8_t)0x0;
  *(uint32_t*)0x206bb030 = (uint32_t)0x0;
  *(uint16_t*)0x206bb034 = (uint16_t)0x0;
  *(uint16_t*)0x206bb036 = (uint16_t)0x0;
  *(uint32_t*)0x206bb038 = (uint32_t)0x0;
  *(uint64_t*)0x206bb040 = (uint64_t)0x4;
  *(uint32_t*)0x206bb048 = (uint32_t)0x811ffdfc;
  *(uint32_t*)0x206bb04c = r[25];
  r[81] = syscall(__NR_ioctl, r[1], 0x890bul, 0x206bb000ul);
}

int main()
{
  loop();
  return 0;
}