// https://syzkaller.appspot.com/bug?id=dbcb39beb96c35c5b1f579ec77a4c121d60d21a0
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, /*addr=*/0x1ffffffff000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0x1000000ul,
          /*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x200001000000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  const char* reason;
  (void)reason;
  intptr_t res = 0;
  if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
  }
  //  socket$alg arguments: [
  //    domain: const = 0x26 (8 bytes)
  //    type: const = 0x5 (8 bytes)
  //    proto: const = 0x0 (4 bytes)
  //  ]
  //  returns sock_alg
  res = syscall(__NR_socket, /*domain=*/0x26ul, /*type=*/5ul, /*proto=*/0);
  if (res != -1)
    r[0] = res;
  //  bind$alg arguments: [
  //    fd: sock_alg (resource)
  //    addr: ptr[in, sockaddr_alg] {
  //      sockaddr_alg {
  //        family: const = 0x26 (2 bytes)
  //        type: buffer: {73 6b 63 69 70 68 65 72 00 00 00 00 00 00} (length
  //        0xe) feat: af_alg_type = 0x0 (4 bytes) mask: af_alg_type = 0x0 (4
  //        bytes) name: buffer: {65 63 62 2d 63 61 73 74 36 2d 61 76 78 00 00
  //        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  //        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  //        00 00 00} (length 0x40)
  //      }
  //    }
  //    addrlen: len = 0x58 (8 bytes)
  //  ]
  *(uint16_t*)0x2000000004c0 = 0x26;
  memcpy((void*)0x2000000004c2, "skcipher\000\000\000\000\000\000", 14);
  *(uint32_t*)0x2000000004d0 = 0;
  *(uint32_t*)0x2000000004d4 = 0;
  memcpy(
      (void*)0x2000000004d8,
      "ecb-cast6-"
      "avx\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
      "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
      "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000",
      64);
  syscall(__NR_bind, /*fd=*/r[0], /*addr=*/0x2000000004c0ul,
          /*addrlen=*/0x58ul);
  //  setsockopt$ALG_SET_KEY arguments: [
  //    fd: sock_alg (resource)
  //    level: const = 0x117 (4 bytes)
  //    opt: const = 0x1 (4 bytes)
  //    key: ptr[in, buffer] {
  //      buffer: {ad 56 b6 c5 82 0f ae 9d 6d cd 32 92 ea 54 c7 be ef 91 5d 56
  //      4c 90 c2 00} (length 0x18)
  //    }
  //    keylen: len = 0x18 (8 bytes)
  //  ]
  memcpy((void*)0x200000000280,
         "\xad\x56\xb6\xc5\x82\x0f\xae\x9d\x6d\xcd\x32\x92\xea\x54\xc7\xbe\xef"
         "\x91\x5d\x56\x4c\x90\xc2\x00",
         24);
  syscall(__NR_setsockopt, /*fd=*/r[0], /*level=*/0x117, /*opt=*/1,
          /*key=*/0x200000000280ul, /*keylen=*/0x18ul);
  //  accept4 arguments: [
  //    fd: sock (resource)
  //    peer: nil
  //    peerlen: nil
  //    flags: accept_flags = 0x800 (8 bytes)
  //  ]
  //  returns sock
  res = syscall(__NR_accept4, /*fd=*/r[0], /*peer=*/0ul, /*peerlen=*/0ul,
                /*flags=SOCK_NONBLOCK*/ 0x800ul);
  if (res != -1)
    r[1] = res;
  //  sendmmsg$alg arguments: [
  //    fd: sock_algconn (resource)
  //    mmsg: ptr[in, array[msghdr_alg]] {
  //      array[msghdr_alg] {
  //        msghdr_alg {
  //          addr: const = 0x0 (8 bytes)
  //          addrlen: const = 0x0 (4 bytes)
  //          pad = 0x0 (4 bytes)
  //          vec: ptr[in, array[iovec[in, array[int8]]]] {
  //            array[iovec[in, array[int8]]] {
  //              iovec[in, array[int8]] {
  //                addr: ptr[in, buffer] {
  //                  buffer: {f7 8d 9c a3 8f ff 48 f3 be 52 16 34 48 41 2b a8}
  //                  (length 0x10)
  //                }
  //                len: len = 0xfffffe3f (8 bytes)
  //              }
  //              iovec[in, array[int8]] {
  //                addr: ptr[in, buffer] {
  //                  buffer: {eb e3 a0 e9 79 6c fd 16 47 e2 99 f4 e3 76 fd ba
  //                  12 82 80 b3 72 21 9d 20 5e 81 f4 a7 f7 1c 19 26 aa e1 ef
  //                  d7 e0 05 4a 86 3f 3d 5c fe 6c b5 5b 5b b9 fa 69 35 84 9e
  //                  60 98 ed 88 4e 7c b5 17 26 b3 60 fb b3 7b 4f e0 35 bb b0
  //                  95 87 30 48} (length 0x4d)
  //                }
  //                len: len = 0x0 (8 bytes)
  //              }
  //              iovec[in, array[int8]] {
  //                addr: ptr[in, buffer] {
  //                  buffer: {e8 70 0e 44 4d 50 a9 69 ff 67 34 7c ff 61 27 e6
  //                  ef 12 ee 38 19 27 14 82 a4 97 5a 52 c1 ab 9b 8b 4d b3 94
  //                  5d 10 32 00 5e ab e9 7b 4d c3 3a 47 d3 a1 58 da 98 84 56
  //                  d3 00 26 b4 33 18 6f 53 cd cd b9 3a 47 22 bf 30 6a 10 47
  //                  0d 50 f5 cb 1e ce 9e ad 34 59 ba b1 cf 15 38 cd 0b 15 76
  //                  53 c5 e8 92 96 2c 80 f1 58 c4 43 e9 c6 ad 7d 2a 81 03 ef
  //                  2f 4b 93 76 6b 9a 21 50 1f 94 c1 56 8b 13 75 6b 66 f7 4f
  //                  46 cf 80 17 04 d2 da 8b 96 c3 40 70 b2 33 af 0a fc c4 36
  //                  71 2e 58 ed 25 e7 21 19 3a f0 5a 04 5a d3 fd c9 28 f0 2f
  //                  3d ba d1 9d 3e 66 ee bd a2 e6 3f 3f 46 ef 45 11 ce e2 6d
  //                  7b 48 24 18 47 bf 9e 34 3e f4 67 4c 45 e2 a0 85 06 0f 11}
  //                  (length 0xce)
  //                }
  //                len: len = 0x0 (8 bytes)
  //              }
  //            }
  //          }
  //          vlen: len = 0x1 (8 bytes)
  //          ctrl: ptr[in, array[cmsghdr_alg]] {
  //            array[cmsghdr_alg] {
  //              union cmsghdr_alg {
  //                op: cmsghdr_alg_op {
  //                  len: len = 0x18 (8 bytes)
  //                  level: const = 0x117 (4 bytes)
  //                  type: const = 0x3 (4 bytes)
  //                  op: alg_op_op = 0x1 (4 bytes)
  //                  pad = 0x0 (4 bytes)
  //                }
  //              }
  //            }
  //          }
  //          ctrllen: bytesize = 0x18 (8 bytes)
  //          f: send_flags = 0x0 (4 bytes)
  //          pad = 0x0 (4 bytes)
  //        }
  //      }
  //    }
  //    vlen: len = 0x1 (8 bytes)
  //    f: send_flags = 0x40800 (8 bytes)
  //  ]
  *(uint64_t*)0x200000000040 = 0;
  *(uint32_t*)0x200000000048 = 0;
  *(uint64_t*)0x200000000050 = 0x200000000000;
  *(uint64_t*)0x200000000000 = 0x200000000080;
  memcpy((void*)0x200000000080,
         "\xf7\x8d\x9c\xa3\x8f\xff\x48\xf3\xbe\x52\x16\x34\x48\x41\x2b\xa8",
         16);
  *(uint64_t*)0x200000000008 = 0xfffffe3f;
  *(uint64_t*)0x200000000010 = 0x200000000140;
  memcpy((void*)0x200000000140,
         "\xeb\xe3\xa0\xe9\x79\x6c\xfd\x16\x47\xe2\x99\xf4\xe3\x76\xfd\xba\x12"
         "\x82\x80\xb3\x72\x21\x9d\x20\x5e\x81\xf4\xa7\xf7\x1c\x19\x26\xaa\xe1"
         "\xef\xd7\xe0\x05\x4a\x86\x3f\x3d\x5c\xfe\x6c\xb5\x5b\x5b\xb9\xfa\x69"
         "\x35\x84\x9e\x60\x98\xed\x88\x4e\x7c\xb5\x17\x26\xb3\x60\xfb\xb3\x7b"
         "\x4f\xe0\x35\xbb\xb0\x95\x87\x30\x48",
         77);
  *(uint64_t*)0x200000000018 = 0;
  *(uint64_t*)0x200000000020 = 0x2000000003c0;
  memcpy(
      (void*)0x2000000003c0,
      "\xe8\x70\x0e\x44\x4d\x50\xa9\x69\xff\x67\x34\x7c\xff\x61\x27\xe6\xef\x12"
      "\xee\x38\x19\x27\x14\x82\xa4\x97\x5a\x52\xc1\xab\x9b\x8b\x4d\xb3\x94\x5d"
      "\x10\x32\x00\x5e\xab\xe9\x7b\x4d\xc3\x3a\x47\xd3\xa1\x58\xda\x98\x84\x56"
      "\xd3\x00\x26\xb4\x33\x18\x6f\x53\xcd\xcd\xb9\x3a\x47\x22\xbf\x30\x6a\x10"
      "\x47\x0d\x50\xf5\xcb\x1e\xce\x9e\xad\x34\x59\xba\xb1\xcf\x15\x38\xcd\x0b"
      "\x15\x76\x53\xc5\xe8\x92\x96\x2c\x80\xf1\x58\xc4\x43\xe9\xc6\xad\x7d\x2a"
      "\x81\x03\xef\x2f\x4b\x93\x76\x6b\x9a\x21\x50\x1f\x94\xc1\x56\x8b\x13\x75"
      "\x6b\x66\xf7\x4f\x46\xcf\x80\x17\x04\xd2\xda\x8b\x96\xc3\x40\x70\xb2\x33"
      "\xaf\x0a\xfc\xc4\x36\x71\x2e\x58\xed\x25\xe7\x21\x19\x3a\xf0\x5a\x04\x5a"
      "\xd3\xfd\xc9\x28\xf0\x2f\x3d\xba\xd1\x9d\x3e\x66\xee\xbd\xa2\xe6\x3f\x3f"
      "\x46\xef\x45\x11\xce\xe2\x6d\x7b\x48\x24\x18\x47\xbf\x9e\x34\x3e\xf4\x67"
      "\x4c\x45\xe2\xa0\x85\x06\x0f\x11",
      206);
  *(uint64_t*)0x200000000028 = 0;
  *(uint64_t*)0x200000000058 = 1;
  *(uint64_t*)0x200000000060 = 0x200000000380;
  *(uint64_t*)0x200000000380 = 0x18;
  *(uint32_t*)0x200000000388 = 0x117;
  *(uint32_t*)0x20000000038c = 3;
  *(uint32_t*)0x200000000390 = 1;
  *(uint64_t*)0x200000000068 = 0x18;
  *(uint32_t*)0x200000000070 = 0;
  syscall(__NR_sendmmsg, /*fd=*/r[1], /*mmsg=*/0x200000000040ul, /*vlen=*/1ul,
          /*f=MSG_BATCH|MSG_CONFIRM*/ 0x40800ul);
  //  recvmmsg$unix arguments: [
  //    fd: sock_unix (resource)
  //    mmsg: ptr[in, array[recv_mmsghdr_un]] {
  //      array[recv_mmsghdr_un] {
  //        recv_mmsghdr_un {
  //          msg_hdr: recv_msghdr_un {
  //            addr: nil
  //            addrlen: len = 0x0 (4 bytes)
  //            pad = 0x0 (4 bytes)
  //            vec: ptr[in, array[iovec[out, array[int8]]]] {
  //              array[iovec[out, array[int8]]] {
  //                iovec[out, array[int8]] {
  //                  addr: ptr[out, buffer] {
  //                    buffer: (DirOut)
  //                  }
  //                  len: len = 0x1000 (8 bytes)
  //                }
  //              }
  //            }
  //            vlen: len = 0x1 (8 bytes)
  //            ctrl: nil
  //            ctrllen: bytesize = 0x0 (8 bytes)
  //            f: const = 0x0 (4 bytes)
  //            pad = 0x0 (4 bytes)
  //          }
  //          msg_len: const = 0x0 (4 bytes)
  //          pad = 0x0 (4 bytes)
  //        }
  //      }
  //    }
  //    vlen: len = 0x1 (8 bytes)
  //    f: recv_flags = 0x40004041 (8 bytes)
  //    timeout: nil
  //  ]
  *(uint64_t*)0x200000000900 = 0;
  *(uint32_t*)0x200000000908 = 0;
  *(uint64_t*)0x200000000910 = 0x200000003e00;
  *(uint64_t*)0x200000003e00 = 0x200000000c00;
  *(uint64_t*)0x200000003e08 = 0x1000;
  *(uint64_t*)0x200000000918 = 1;
  *(uint64_t*)0x200000000920 = 0;
  *(uint64_t*)0x200000000928 = 0;
  *(uint32_t*)0x200000000930 = 0;
  *(uint32_t*)0x200000000938 = 0;
  syscall(__NR_recvmmsg, /*fd=*/r[1], /*mmsg=*/0x200000000900ul, /*vlen=*/1ul,
          /*f=MSG_OOB|MSG_DONTWAIT|MSG_CMSG_CLOEXEC|0x4000*/ 0x40004041ul,
          /*timeout=*/0ul);
  return 0;
}