// https://syzkaller.appspot.com/bug?id=178f2528d10720d563091fb51dceb4cb20f75525
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

static void execute_one();
extern unsigned long long procid;

void loop()
{
  while (1) {
    execute_one();
  }
}

uint64_t r[3] = {0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff};
unsigned long long procid;
void execute_one()
{
  long res = 0;
  res = syscall(__NR_socket, 0x26, 5, 0);
  if (res != -1)
    r[0] = res;
  *(uint16_t*)0x20000300 = 0x26;
  memcpy((void*)0x20000302,
         "\x61\x65\x61\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 14);
  *(uint32_t*)0x20000310 = 0;
  *(uint32_t*)0x20000314 = 0;
  memcpy((void*)0x20000318,
         "\x67\x63\x6d\x28\x61\x65\x73\x29\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
         64);
  syscall(__NR_bind, r[0], 0x20000300, 0x58);
  memcpy((void*)0x20c18000,
         "\xad\x56\xb6\xc5\x04\x00\xae\xb9\x95\x29\x89\x92\xea\x54\x00\xc2",
         16);
  syscall(__NR_setsockopt, r[0], 0x117, 1, 0x20c18000, 0x10);
  res = syscall(__NR_accept, r[0], 0, 0);
  if (res != -1)
    r[1] = res;
  memcpy((void*)0x20000000,
         "\x7f\x45\x4c\x46\x07\x16\xff\x00\x00\x3e\x00\x03\x00\x00\x12\x6f\xb5"
         "\x82\x94\xea\xee\x8f\x9d\x13\xb5\x94\xcb\x80\x9d\x32\xbf\x51\xab\x86"
         "\x3e\x2f\x54\xfb\xa6\x7e\x5b\x82\xed\x60\x93\xc3\x4f\x75\x4f\x72\x3e"
         "\xf7\xb2\xad\x6a\x3c\x2a\x86\x64\xad\x47\xd1\x4b\x63\x20\xfd\x17\x31"
         "\x41\xe8\xbd\xee\xd3\x35\xf0\x73\xf7\x69\xd1\x50\xd0\xde\x82\x15\x05"
         "\x9b\xc2\x96\x5d\x7e\x17\x41\xed\xb8\x19\x1c\x7b\x9a\x7b\xb7\x85\xa9"
         "\xfc\x59\x8d\x86\x25\xea\x7b\x63\x53\xf9\x28\xf5\xd2\x60\x39\x30\x7c"
         "\xb8\xe0\xee\xb6\x3e\x58\xa6\x4e\xa8\x45\x30\x10\x9d\xe2\xbe\xd2\x11"
         "\xf8\x4a\xf5\xe4\x00\xc4\xc3\x37\xc6\xda\x77\x8c\xbd\xb2\x60\xf5\x03"
         "\x62\x1a\xfc\xe5\x8d\x50\x32\xd3\x0d\x3a\x29\xfe\x09\xc8\x3c\x65\x13"
         "\x8c\xc4\xf0\xa0\xd8\x91\xd3\x0f\xc3\x3d\x4d",
         181);
  syscall(__NR_write, r[1], 0x20000000, 0xb5);
  *(uint64_t*)0x20003340 = 0x200000c0;
  *(uint32_t*)0x20003348 = 0x80;
  *(uint64_t*)0x20003350 = 0x20000100;
  *(uint64_t*)0x20003358 = 0;
  *(uint64_t*)0x20003360 = 0x20000540;
  *(uint64_t*)0x20003368 = 0x5e;
  *(uint32_t*)0x20003370 = 0;
  *(uint32_t*)0x20003378 = 0;
  *(uint64_t*)0x20003380 = 0x200003c0;
  *(uint32_t*)0x20003388 = 0x80;
  *(uint64_t*)0x20003390 = 0x20003200;
  *(uint64_t*)0x20003200 = 0x20003100;
  *(uint64_t*)0x20003208 = 0xe2;
  *(uint64_t*)0x20003398 = 0x25;
  *(uint64_t*)0x200033a0 = 0x200005c0;
  *(uint64_t*)0x200033a8 = 0xef;
  *(uint32_t*)0x200033b0 = 0;
  *(uint32_t*)0x200033b8 = 0;
  syscall(__NR_recvmmsg, r[1], 0x20003340, 2, 0, 0);
  res = syscall(__NR_socket, 0x26, 5, 0);
  if (res != -1)
    r[2] = res;
  *(uint16_t*)0x20000080 = 0x26;
  memcpy((void*)0x20000082,
         "\x61\x65\x61\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 14);
  *(uint32_t*)0x20000090 = 0;
  *(uint32_t*)0x20000094 = 0;
  memcpy((void*)0x20000098,
         "\x70\x63\x72\x79\x70\x74\x28\x67\x63\x6d\x28\x61\x65\x73\x29\x29\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
         "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
         64);
  syscall(__NR_bind, r[2], 0x20000080, 0x58);
}

int main()
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  for (procid = 0; procid < 8; procid++) {
    if (fork() == 0) {
      for (;;) {
        loop();
      }
    }
  }
  sleep(1000000);
  return 0;
}