// https://syzkaller.appspot.com/bug?id=0f3f51343d723b1f87bdf56364a2b3a1824e36d7
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

long r[21];
void loop()
{
  memset(r, -1, sizeof(r));
  r[0] = syscall(__NR_mmap, 0x20000000ul, 0xfff000ul, 0x3ul, 0x32ul,
                 0xfffffffffffffffful, 0x0ul);
  r[1] = syscall(__NR_socket, 0x1eul, 0x5ul, 0x0ul);
  *(uint64_t*)0x207ca000 = (uint64_t)0x20fdbf80;
  *(uint32_t*)0x207ca008 = (uint32_t)0x80;
  *(uint64_t*)0x207ca010 = (uint64_t)0x20145000;
  *(uint64_t*)0x207ca018 = (uint64_t)0x0;
  *(uint64_t*)0x207ca020 = (uint64_t)0x2036bfa0;
  *(uint64_t*)0x207ca028 = (uint64_t)0x3;
  *(uint32_t*)0x207ca030 = (uint32_t)0x40;
  *(uint16_t*)0x20fdbf80 = (uint16_t)0x100010000000001e;
  memcpy((void*)0x20fdbf82,
         "\x01\xff\x01\x00\x00\x00\x20\xdf\x00\x00\x00\x00\x00\x8f\x00"
         "\x00\x80\x5b\xf8\x6c\x48\x02\x00\x02\x00\x00\x00\xf1\xff\xff"
         "\xff\x00\x9a\x48\x00\xff\xe6\xa5\x00\x00\x00\x01\x03\x00\x00"
         "\x00\x00\xe4\xff\x06\x4b\x3f\x01\x3a\x00\x00\x00\x08\x00\x00"
         "\x00\x00\x00\x00\x00\x00\xac\x50\xd5\xfe\x32\xc4\x88\x00\x00"
         "\x00\x7f\xff\xff\xff\x6a\x00\x83\x56\xed\xb9\xa6\x34\x1c\x1f"
         "\xd4\x56\x24\x28\x1e\x00\x07\x0e\xce\x00\x02\x06\xc3\x97\x5b"
         "\xc4\x00\x00\xfd\x00\x00\x09\x00\x00\x00\x00\x00\x0b\x00\x00"
         "\xdb\x00\x00\x04\xda\x36",
         126);
  *(uint64_t*)0x2036bfa0 = (uint64_t)0x10;
  *(uint32_t*)0x2036bfa8 = (uint32_t)0x18b;
  *(uint32_t*)0x2036bfac = (uint32_t)0x80000000;
  *(uint64_t*)0x2036bfb0 = (uint64_t)0x10;
  *(uint32_t*)0x2036bfb8 = (uint32_t)0x88;
  *(uint32_t*)0x2036bfbc = (uint32_t)0xe1b;
  *(uint64_t*)0x2036bfc0 = (uint64_t)0x10;
  *(uint32_t*)0x2036bfc8 = (uint32_t)0x197;
  *(uint32_t*)0x2036bfcc = (uint32_t)0x8;
  r[20] = syscall(__NR_sendmsg, r[1], 0x207ca000ul, 0x4ul);
}

int main()
{
  loop();
  return 0;
}