// https://syzkaller.appspot.com/bug?id=7d86f0b7824f2121c9393522a4d7b2e49c1befdc
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <errno.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

#include <linux/genetlink.h>
#include <linux/netlink.h>

static long syz_genetlink_get_family_id(long name)
{
  char buf[512] = {0};
  struct nlmsghdr* hdr = (struct nlmsghdr*)buf;
  struct genlmsghdr* genlhdr = (struct genlmsghdr*)NLMSG_DATA(hdr);
  struct nlattr* attr = (struct nlattr*)(genlhdr + 1);
  hdr->nlmsg_len =
      sizeof(*hdr) + sizeof(*genlhdr) + sizeof(*attr) + GENL_NAMSIZ;
  hdr->nlmsg_type = GENL_ID_CTRL;
  hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
  genlhdr->cmd = CTRL_CMD_GETFAMILY;
  attr->nla_type = CTRL_ATTR_FAMILY_NAME;
  attr->nla_len = sizeof(*attr) + GENL_NAMSIZ;
  strncpy((char*)(attr + 1), (char*)name, GENL_NAMSIZ);
  struct iovec iov = {hdr, hdr->nlmsg_len};
  struct sockaddr_nl addr = {0};
  addr.nl_family = AF_NETLINK;
  int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC);
  if (fd == -1) {
    return -1;
  }
  struct msghdr msg = {&addr, sizeof(addr), &iov, 1, NULL, 0, 0};
  if (sendmsg(fd, &msg, 0) == -1) {
    close(fd);
    return -1;
  }
  ssize_t n = recv(fd, buf, sizeof(buf), 0);
  close(fd);
  if (n <= 0) {
    return -1;
  }
  if (hdr->nlmsg_type != GENL_ID_CTRL) {
    return -1;
  }
  for (; (char*)attr < buf + n;
       attr = (struct nlattr*)((char*)attr + NLMSG_ALIGN(attr->nla_len))) {
    if (attr->nla_type == CTRL_ATTR_FAMILY_ID)
      return *(uint16_t*)(attr + 1);
  }
  return -1;
}

uint64_t r[2] = {0xffffffffffffffff, 0x0};

int main(void)
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  long res = 0;
  res = syscall(__NR_socket, 0x10, 3, 0x10);
  if (res != -1)
    r[0] = res;
  memcpy((void*)0x200004c0, "TIPCv2", 7);
  res = syz_genetlink_get_family_id(0x200004c0);
  if (res != -1)
    r[1] = res;
  *(uint64_t*)0x20000700 = 0;
  *(uint32_t*)0x20000708 = 0;
  *(uint64_t*)0x20000710 = 0x200006c0;
  *(uint64_t*)0x200006c0 = 0x20000500;
  *(uint32_t*)0x20000500 = 0x1c0;
  *(uint16_t*)0x20000504 = r[1];
  *(uint16_t*)0x20000506 = 5;
  *(uint32_t*)0x20000508 = 0x70bd29;
  *(uint32_t*)0x2000050c = 0x25dfdbfd;
  *(uint8_t*)0x20000510 = 3;
  *(uint8_t*)0x20000511 = 0;
  *(uint16_t*)0x20000512 = 0;
  *(uint16_t*)0x20000514 = 0xf8;
  *(uint16_t*)0x20000516 = 5;
  *(uint16_t*)0x20000518 = 0x4c;
  *(uint16_t*)0x2000051a = 2;
  *(uint16_t*)0x2000051c = 8;
  *(uint16_t*)0x2000051e = 2;
  *(uint32_t*)0x20000520 = 6;
  *(uint16_t*)0x20000524 = 8;
  *(uint16_t*)0x20000526 = 4;
  *(uint32_t*)0x20000528 = 1;
  *(uint16_t*)0x2000052c = 8;
  *(uint16_t*)0x2000052e = 1;
  *(uint32_t*)0x20000530 = 0xd;
  *(uint16_t*)0x20000534 = 8;
  *(uint16_t*)0x20000536 = 3;
  *(uint32_t*)0x20000538 = 0xd4;
  *(uint16_t*)0x2000053c = 8;
  *(uint16_t*)0x2000053e = 2;
  *(uint32_t*)0x20000540 = 7;
  *(uint16_t*)0x20000544 = 8;
  *(uint16_t*)0x20000546 = 4;
  *(uint32_t*)0x20000548 = 0xda;
  *(uint16_t*)0x2000054c = 8;
  *(uint16_t*)0x2000054e = 4;
  *(uint32_t*)0x20000550 = 7;
  *(uint16_t*)0x20000554 = 8;
  *(uint16_t*)0x20000556 = 4;
  *(uint32_t*)0x20000558 = -1;
  *(uint16_t*)0x2000055c = 8;
  *(uint16_t*)0x2000055e = 3;
  *(uint32_t*)0x20000560 = 0x800;
  *(uint16_t*)0x20000564 = 8;
  *(uint16_t*)0x20000566 = 1;
  memcpy((void*)0x20000568, "eth", 4);
  *(uint16_t*)0x2000056c = 0x24;
  *(uint16_t*)0x2000056e = 2;
  *(uint16_t*)0x20000570 = 8;
  *(uint16_t*)0x20000572 = 2;
  *(uint32_t*)0x20000574 = 0x401;
  *(uint16_t*)0x20000578 = 8;
  *(uint16_t*)0x2000057a = 1;
  *(uint32_t*)0x2000057c = 0x14;
  *(uint16_t*)0x20000580 = 8;
  *(uint16_t*)0x20000582 = 3;
  *(uint32_t*)0x20000584 = 4;
  *(uint16_t*)0x20000588 = 8;
  *(uint16_t*)0x2000058a = 2;
  *(uint32_t*)0x2000058c = 1;
  *(uint16_t*)0x20000590 = 8;
  *(uint16_t*)0x20000592 = 1;
  memcpy((void*)0x20000594, "eth", 4);
  *(uint16_t*)0x20000598 = 0xc;
  *(uint16_t*)0x2000059a = 2;
  *(uint16_t*)0x2000059c = 8;
  *(uint16_t*)0x2000059e = 3;
  *(uint32_t*)0x200005a0 = 0x100;
  *(uint16_t*)0x200005a4 = 0xc;
  *(uint16_t*)0x200005a6 = 2;
  *(uint16_t*)0x200005a8 = 8;
  *(uint16_t*)0x200005aa = 2;
  *(uint32_t*)0x200005ac = 1;
  *(uint16_t*)0x200005b0 = 8;
  *(uint16_t*)0x200005b2 = 1;
  memcpy((void*)0x200005b4, "udp", 4);
  *(uint16_t*)0x200005b8 = 0x54;
  *(uint16_t*)0x200005ba = 2;
  *(uint16_t*)0x200005bc = 8;
  *(uint16_t*)0x200005be = 1;
  *(uint32_t*)0x200005c0 = 0x12;
  *(uint16_t*)0x200005c4 = 8;
  *(uint16_t*)0x200005c6 = 1;
  *(uint32_t*)0x200005c8 = 0x14;
  *(uint16_t*)0x200005cc = 8;
  *(uint16_t*)0x200005ce = 1;
  *(uint32_t*)0x200005d0 = 2;
  *(uint16_t*)0x200005d4 = 8;
  *(uint16_t*)0x200005d6 = 3;
  *(uint32_t*)0x200005d8 = 0xb3;
  *(uint16_t*)0x200005dc = 8;
  *(uint16_t*)0x200005de = 3;
  *(uint32_t*)0x200005e0 = 0x81;
  *(uint16_t*)0x200005e4 = 8;
  *(uint16_t*)0x200005e6 = 4;
  *(uint32_t*)0x200005e8 = 2;
  *(uint16_t*)0x200005ec = 8;
  *(uint16_t*)0x200005ee = 3;
  *(uint32_t*)0x200005f0 = 0x80000001;
  *(uint16_t*)0x200005f4 = 8;
  *(uint16_t*)0x200005f6 = 2;
  *(uint32_t*)0x200005f8 = 2;
  *(uint16_t*)0x200005fc = 8;
  *(uint16_t*)0x200005fe = 2;
  *(uint32_t*)0x20000600 = 3;
  *(uint16_t*)0x20000604 = 8;
  *(uint16_t*)0x20000606 = 1;
  *(uint32_t*)0x20000608 = 0x11;
  *(uint16_t*)0x2000060c = 0xc;
  *(uint16_t*)0x2000060e = 2;
  *(uint16_t*)0x20000610 = 8;
  *(uint16_t*)0x20000612 = 1;
  *(uint32_t*)0x20000614 = 0;
  *(uint16_t*)0x20000618 = 0x14;
  *(uint16_t*)0x2000061a = 7;
  *(uint16_t*)0x2000061c = 8;
  *(uint16_t*)0x2000061e = 1;
  *(uint32_t*)0x20000620 = 6;
  *(uint16_t*)0x20000624 = 8;
  *(uint16_t*)0x20000626 = 2;
  *(uint32_t*)0x20000628 = 6;
  *(uint16_t*)0x2000062c = 0x14;
  *(uint16_t*)0x2000062e = 9;
  *(uint16_t*)0x20000630 = 8;
  *(uint16_t*)0x20000632 = 1;
  *(uint32_t*)0x20000634 = 0x87ab;
  *(uint16_t*)0x20000638 = 8;
  *(uint16_t*)0x2000063a = 2;
  *(uint32_t*)0x2000063c = 2;
  *(uint16_t*)0x20000640 = 0x60;
  *(uint16_t*)0x20000642 = 1;
  *(uint16_t*)0x20000644 = 8;
  *(uint16_t*)0x20000646 = 3;
  *(uint32_t*)0x20000648 = 0;
  *(uint16_t*)0x2000064c = 0x10;
  *(uint16_t*)0x2000064e = 1;
  memcpy((void*)0x20000650, "udp:syz0", 9);
  *(uint16_t*)0x2000065c = 0x44;
  *(uint16_t*)0x2000065e = 4;
  *(uint16_t*)0x20000660 = 0x20;
  *(uint16_t*)0x20000662 = 1;
  *(uint16_t*)0x20000664 = 0xa;
  *(uint16_t*)0x20000666 = htobe16(0x4e22);
  *(uint32_t*)0x20000668 = 0x7fffffff;
  *(uint64_t*)0x2000066c = htobe64(0);
  *(uint64_t*)0x20000674 = htobe64(1);
  *(uint32_t*)0x2000067c = 0x8001;
  *(uint16_t*)0x20000680 = 0x20;
  *(uint16_t*)0x20000682 = 2;
  *(uint16_t*)0x20000684 = 0xa;
  *(uint16_t*)0x20000686 = htobe16(0x4e24);
  *(uint32_t*)0x20000688 = 0x67da;
  *(uint8_t*)0x2000068c = 0xfe;
  *(uint8_t*)0x2000068d = 0x80;
  *(uint8_t*)0x2000068e = 0;
  *(uint8_t*)0x2000068f = 0;
  *(uint8_t*)0x20000690 = 0;
  *(uint8_t*)0x20000691 = 0;
  *(uint8_t*)0x20000692 = 0;
  *(uint8_t*)0x20000693 = 0;
  *(uint8_t*)0x20000694 = 0;
  *(uint8_t*)0x20000695 = 0;
  *(uint8_t*)0x20000696 = 0;
  *(uint8_t*)0x20000697 = 0;
  *(uint8_t*)0x20000698 = 0;
  *(uint8_t*)0x20000699 = 0;
  *(uint8_t*)0x2000069a = 0;
  *(uint8_t*)0x2000069b = 0xaa;
  *(uint32_t*)0x2000069c = 1;
  *(uint16_t*)0x200006a0 = 0x20;
  *(uint16_t*)0x200006a2 = 5;
  *(uint16_t*)0x200006a4 = 0x14;
  *(uint16_t*)0x200006a6 = 2;
  *(uint16_t*)0x200006a8 = 8;
  *(uint16_t*)0x200006aa = 4;
  *(uint32_t*)0x200006ac = 1;
  *(uint16_t*)0x200006b0 = 8;
  *(uint16_t*)0x200006b2 = 2;
  *(uint32_t*)0x200006b4 = 1;
  *(uint16_t*)0x200006b8 = 8;
  *(uint16_t*)0x200006ba = 1;
  memcpy((void*)0x200006bc, "udp", 4);
  *(uint64_t*)0x200006c8 = 0x1c0;
  *(uint64_t*)0x20000718 = 1;
  *(uint64_t*)0x20000720 = 0;
  *(uint64_t*)0x20000728 = 0;
  *(uint32_t*)0x20000730 = 0x801;
  syscall(__NR_sendmsg, r[0], 0x20000700, 0);
  return 0;
}