// https://syzkaller.appspot.com/bug?id=95abfa7feeb1b111f6991798f0587771d69674a5
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <dirent.h>
#include <endian.h>
#include <errno.h>
#include <fcntl.h>
#include <signal.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/prctl.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <time.h>
#include <unistd.h>

static void sleep_ms(uint64_t ms)
{
  usleep(ms * 1000);
}

static uint64_t current_time_ms(void)
{
  struct timespec ts;
  if (clock_gettime(CLOCK_MONOTONIC, &ts))
    exit(1);
  return (uint64_t)ts.tv_sec * 1000 + (uint64_t)ts.tv_nsec / 1000000;
}

static void kill_and_wait(int pid, int* status)
{
  kill(-pid, SIGKILL);
  kill(pid, SIGKILL);
  int i;
  for (i = 0; i < 100; i++) {
    if (waitpid(-1, status, WNOHANG | __WALL) == pid)
      return;
    usleep(1000);
  }
  DIR* dir = opendir("/sys/fs/fuse/connections");
  if (dir) {
    for (;;) {
      struct dirent* ent = readdir(dir);
      if (!ent)
        break;
      if (strcmp(ent->d_name, ".") == 0 || strcmp(ent->d_name, "..") == 0)
        continue;
      char abort[300];
      snprintf(abort, sizeof(abort), "/sys/fs/fuse/connections/%s/abort",
               ent->d_name);
      int fd = open(abort, O_WRONLY);
      if (fd == -1) {
        continue;
      }
      if (write(fd, abort, 1) < 0) {
      }
      close(fd);
    }
    closedir(dir);
  } else {
  }
  while (waitpid(-1, status, __WALL) != pid) {
  }
}

#define SYZ_HAVE_SETUP_TEST 1
static void setup_test()
{
  prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0);
  setpgrp();
}

#define SYZ_HAVE_RESET_TEST 1
static void reset_test()
{
  int fd;
  for (fd = 3; fd < 30; fd++)
    close(fd);
}

static void execute_one(void);

#define WAIT_FLAGS __WALL

static void loop(void)
{
  int iter;
  for (iter = 0;; iter++) {
    int pid = fork();
    if (pid < 0)
      exit(1);
    if (pid == 0) {
      setup_test();
      execute_one();
      reset_test();
      exit(0);
    }
    int status = 0;
    uint64_t start = current_time_ms();
    for (;;) {
      if (waitpid(-1, &status, WNOHANG | WAIT_FLAGS) == pid)
        break;
      sleep_ms(1);
      if (current_time_ms() - start < 5 * 1000)
        continue;
      kill_and_wait(pid, &status);
      break;
    }
  }
}

uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

void execute_one(void)
{
  long res = 0;
  memcpy((void*)0x20000000, "/dev/snapshot", 14);
  syscall(__NR_openat, 0xffffffffffffff9c, 0x20000000, 0, 0);
  res = syscall(__NR_socket, 0xa, 2, 0);
  if (res != -1)
    r[0] = res;
  res = syscall(__NR_socket, 0x18, 1, 1);
  if (res != -1)
    r[1] = res;
  *(uint16_t*)0x20000080 = 0x18;
  *(uint32_t*)0x20000082 = 1;
  *(uint32_t*)0x20000086 = 0;
  *(uint32_t*)0x2000008a = r[0];
  *(uint16_t*)0x2000008e = 2;
  *(uint16_t*)0x20000090 = htobe16(0);
  *(uint32_t*)0x20000092 = htobe32(0xe0000002);
  *(uint8_t*)0x20000096 = 0;
  *(uint8_t*)0x20000097 = 0;
  *(uint8_t*)0x20000098 = 0;
  *(uint8_t*)0x20000099 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint8_t*)0x2000009c = 0;
  *(uint8_t*)0x2000009d = 0;
  *(uint32_t*)0x2000009e = 4;
  *(uint32_t*)0x200000a2 = 0;
  *(uint32_t*)0x200000a6 = 0;
  *(uint32_t*)0x200000aa = 0;
  syscall(__NR_connect, r[1], 0x20000080, 0x2e);
  *(uint8_t*)0x20007f00 = 0x7f;
  *(uint8_t*)0x20007f01 = 0x45;
  *(uint8_t*)0x20007f02 = 0x4c;
  *(uint8_t*)0x20007f03 = 0x46;
  *(uint8_t*)0x20007f04 = 0xa0;
  *(uint8_t*)0x20007f05 = 1;
  *(uint8_t*)0x20007f06 = 0;
  *(uint8_t*)0x20007f07 = 0;
  *(uint64_t*)0x20007f08 = 0xfffffffffffff000;
  *(uint16_t*)0x20007f10 = 3;
  *(uint16_t*)0x20007f12 = 0x3e;
  *(uint32_t*)0x20007f14 = 0x20;
  *(uint32_t*)0x20007f18 = 0xec;
  *(uint32_t*)0x20007f1c = 0x38;
  *(uint32_t*)0x20007f20 = 0xfc;
  *(uint32_t*)0x20007f24 = 1;
  *(uint16_t*)0x20007f28 = 5;
  *(uint16_t*)0x20007f2a = 0x20;
  *(uint16_t*)0x20007f2c = 2;
  *(uint16_t*)0x20007f2e = 2;
  *(uint16_t*)0x20007f30 = 0x81;
  *(uint16_t*)0x20007f32 = 0x1000;
  *(uint32_t*)0x20007f38 = 4;
  *(uint32_t*)0x20007f3c = 0xec57;
  *(uint32_t*)0x20007f40 = 0xfff;
  *(uint32_t*)0x20007f44 = 0xae;
  *(uint32_t*)0x20007f48 = 3;
  *(uint32_t*)0x20007f4c = 0xfdb0;
  *(uint32_t*)0x20007f50 = 0x3f;
  *(uint32_t*)0x20007f54 = 7;
  *(uint64_t*)0x20007f58 = 0;
  *(uint64_t*)0x20007f60 = 0;
  *(uint64_t*)0x20007f68 = 0;
  *(uint64_t*)0x20007f70 = 0;
  *(uint64_t*)0x20007f78 = 0;
  *(uint64_t*)0x20007f80 = 0;
  *(uint64_t*)0x20007f88 = 0;
  *(uint64_t*)0x20007f90 = 0;
  *(uint64_t*)0x20007f98 = 0;
  *(uint64_t*)0x20007fa0 = 0;
  *(uint64_t*)0x20007fa8 = 0;
  *(uint64_t*)0x20007fb0 = 0;
  *(uint64_t*)0x20007fb8 = 0;
  *(uint64_t*)0x20007fc0 = 0;
  *(uint64_t*)0x20007fc8 = 0;
  *(uint64_t*)0x20007fd0 = 0;
  *(uint64_t*)0x20007fd8 = 0;
  *(uint64_t*)0x20007fe0 = 0;
  *(uint64_t*)0x20007fe8 = 0;
  *(uint64_t*)0x20007ff0 = 0;
  *(uint64_t*)0x20007ff8 = 0;
  *(uint64_t*)0x20008000 = 0;
  *(uint64_t*)0x20008008 = 0;
  *(uint64_t*)0x20008010 = 0;
  *(uint64_t*)0x20008018 = 0;
  *(uint64_t*)0x20008020 = 0;
  *(uint64_t*)0x20008028 = 0;
  *(uint64_t*)0x20008030 = 0;
  *(uint64_t*)0x20008038 = 0;
  *(uint64_t*)0x20008040 = 0;
  *(uint64_t*)0x20008048 = 0;
  *(uint64_t*)0x20008050 = 0;
  *(uint64_t*)0x20008058 = 0;
  *(uint64_t*)0x20008060 = 0;
  *(uint64_t*)0x20008068 = 0;
  *(uint64_t*)0x20008070 = 0;
  *(uint64_t*)0x20008078 = 0;
  *(uint64_t*)0x20008080 = 0;
  *(uint64_t*)0x20008088 = 0;
  *(uint64_t*)0x20008090 = 0;
  *(uint64_t*)0x20008098 = 0;
  *(uint64_t*)0x200080a0 = 0;
  *(uint64_t*)0x200080a8 = 0;
  *(uint64_t*)0x200080b0 = 0;
  *(uint64_t*)0x200080b8 = 0;
  *(uint64_t*)0x200080c0 = 0;
  *(uint64_t*)0x200080c8 = 0;
  *(uint64_t*)0x200080d0 = 0;
  *(uint64_t*)0x200080d8 = 0;
  *(uint64_t*)0x200080e0 = 0;
  *(uint64_t*)0x200080e8 = 0;
  *(uint64_t*)0x200080f0 = 0;
  *(uint64_t*)0x200080f8 = 0;
  *(uint64_t*)0x20008100 = 0;
  *(uint64_t*)0x20008108 = 0;
  *(uint64_t*)0x20008110 = 0;
  *(uint64_t*)0x20008118 = 0;
  *(uint64_t*)0x20008120 = 0;
  *(uint64_t*)0x20008128 = 0;
  *(uint64_t*)0x20008130 = 0;
  *(uint64_t*)0x20008138 = 0;
  *(uint64_t*)0x20008140 = 0;
  *(uint64_t*)0x20008148 = 0;
  *(uint64_t*)0x20008150 = 0;
  *(uint64_t*)0x20008158 = 0;
  *(uint64_t*)0x20008160 = 0;
  *(uint64_t*)0x20008168 = 0;
  *(uint64_t*)0x20008170 = 0;
  *(uint64_t*)0x20008178 = 0;
  *(uint64_t*)0x20008180 = 0;
  *(uint64_t*)0x20008188 = 0;
  *(uint64_t*)0x20008190 = 0;
  *(uint64_t*)0x20008198 = 0;
  *(uint64_t*)0x200081a0 = 0;
  *(uint64_t*)0x200081a8 = 0;
  *(uint64_t*)0x200081b0 = 0;
  *(uint64_t*)0x200081b8 = 0;
  *(uint64_t*)0x200081c0 = 0;
  *(uint64_t*)0x200081c8 = 0;
  *(uint64_t*)0x200081d0 = 0;
  *(uint64_t*)0x200081d8 = 0;
  *(uint64_t*)0x200081e0 = 0;
  *(uint64_t*)0x200081e8 = 0;
  *(uint64_t*)0x200081f0 = 0;
  *(uint64_t*)0x200081f8 = 0;
  *(uint64_t*)0x20008200 = 0;
  *(uint64_t*)0x20008208 = 0;
  *(uint64_t*)0x20008210 = 0;
  *(uint64_t*)0x20008218 = 0;
  *(uint64_t*)0x20008220 = 0;
  *(uint64_t*)0x20008228 = 0;
  *(uint64_t*)0x20008230 = 0;
  *(uint64_t*)0x20008238 = 0;
  *(uint64_t*)0x20008240 = 0;
  *(uint64_t*)0x20008248 = 0;
  *(uint64_t*)0x20008250 = 0;
  *(uint64_t*)0x20008258 = 0;
  *(uint64_t*)0x20008260 = 0;
  *(uint64_t*)0x20008268 = 0;
  *(uint64_t*)0x20008270 = 0;
  *(uint64_t*)0x20008278 = 0;
  *(uint64_t*)0x20008280 = 0;
  *(uint64_t*)0x20008288 = 0;
  *(uint64_t*)0x20008290 = 0;
  *(uint64_t*)0x20008298 = 0;
  *(uint64_t*)0x200082a0 = 0;
  *(uint64_t*)0x200082a8 = 0;
  *(uint64_t*)0x200082b0 = 0;
  *(uint64_t*)0x200082b8 = 0;
  *(uint64_t*)0x200082c0 = 0;
  *(uint64_t*)0x200082c8 = 0;
  *(uint64_t*)0x200082d0 = 0;
  *(uint64_t*)0x200082d8 = 0;
  *(uint64_t*)0x200082e0 = 0;
  *(uint64_t*)0x200082e8 = 0;
  *(uint64_t*)0x200082f0 = 0;
  *(uint64_t*)0x200082f8 = 0;
  *(uint64_t*)0x20008300 = 0;
  *(uint64_t*)0x20008308 = 0;
  *(uint64_t*)0x20008310 = 0;
  *(uint64_t*)0x20008318 = 0;
  *(uint64_t*)0x20008320 = 0;
  *(uint64_t*)0x20008328 = 0;
  *(uint64_t*)0x20008330 = 0;
  *(uint64_t*)0x20008338 = 0;
  *(uint64_t*)0x20008340 = 0;
  *(uint64_t*)0x20008348 = 0;
  *(uint64_t*)0x20008350 = 0;
  *(uint64_t*)0x20008358 = 0;
  *(uint64_t*)0x20008360 = 0;
  *(uint64_t*)0x20008368 = 0;
  *(uint64_t*)0x20008370 = 0;
  *(uint64_t*)0x20008378 = 0;
  *(uint64_t*)0x20008380 = 0;
  *(uint64_t*)0x20008388 = 0;
  *(uint64_t*)0x20008390 = 0;
  *(uint64_t*)0x20008398 = 0;
  *(uint64_t*)0x200083a0 = 0;
  *(uint64_t*)0x200083a8 = 0;
  *(uint64_t*)0x200083b0 = 0;
  *(uint64_t*)0x200083b8 = 0;
  *(uint64_t*)0x200083c0 = 0;
  *(uint64_t*)0x200083c8 = 0;
  *(uint64_t*)0x200083d0 = 0;
  *(uint64_t*)0x200083d8 = 0;
  *(uint64_t*)0x200083e0 = 0;
  *(uint64_t*)0x200083e8 = 0;
  *(uint64_t*)0x200083f0 = 0;
  *(uint64_t*)0x200083f8 = 0;
  *(uint64_t*)0x20008400 = 0;
  *(uint64_t*)0x20008408 = 0;
  *(uint64_t*)0x20008410 = 0;
  *(uint64_t*)0x20008418 = 0;
  *(uint64_t*)0x20008420 = 0;
  *(uint64_t*)0x20008428 = 0;
  *(uint64_t*)0x20008430 = 0;
  *(uint64_t*)0x20008438 = 0;
  *(uint64_t*)0x20008440 = 0;
  *(uint64_t*)0x20008448 = 0;
  *(uint64_t*)0x20008450 = 0;
  *(uint64_t*)0x20008458 = 0;
  *(uint64_t*)0x20008460 = 0;
  *(uint64_t*)0x20008468 = 0;
  *(uint64_t*)0x20008470 = 0;
  *(uint64_t*)0x20008478 = 0;
  *(uint64_t*)0x20008480 = 0;
  *(uint64_t*)0x20008488 = 0;
  *(uint64_t*)0x20008490 = 0;
  *(uint64_t*)0x20008498 = 0;
  *(uint64_t*)0x200084a0 = 0;
  *(uint64_t*)0x200084a8 = 0;
  *(uint64_t*)0x200084b0 = 0;
  *(uint64_t*)0x200084b8 = 0;
  *(uint64_t*)0x200084c0 = 0;
  *(uint64_t*)0x200084c8 = 0;
  *(uint64_t*)0x200084d0 = 0;
  *(uint64_t*)0x200084d8 = 0;
  *(uint64_t*)0x200084e0 = 0;
  *(uint64_t*)0x200084e8 = 0;
  *(uint64_t*)0x200084f0 = 0;
  *(uint64_t*)0x200084f8 = 0;
  *(uint64_t*)0x20008500 = 0;
  *(uint64_t*)0x20008508 = 0;
  *(uint64_t*)0x20008510 = 0;
  *(uint64_t*)0x20008518 = 0;
  *(uint64_t*)0x20008520 = 0;
  *(uint64_t*)0x20008528 = 0;
  *(uint64_t*)0x20008530 = 0;
  *(uint64_t*)0x20008538 = 0;
  *(uint64_t*)0x20008540 = 0;
  *(uint64_t*)0x20008548 = 0;
  *(uint64_t*)0x20008550 = 0;
  *(uint64_t*)0x20008558 = 0;
  *(uint64_t*)0x20008560 = 0;
  *(uint64_t*)0x20008568 = 0;
  *(uint64_t*)0x20008570 = 0;
  *(uint64_t*)0x20008578 = 0;
  *(uint64_t*)0x20008580 = 0;
  *(uint64_t*)0x20008588 = 0;
  *(uint64_t*)0x20008590 = 0;
  *(uint64_t*)0x20008598 = 0;
  *(uint64_t*)0x200085a0 = 0;
  *(uint64_t*)0x200085a8 = 0;
  *(uint64_t*)0x200085b0 = 0;
  *(uint64_t*)0x200085b8 = 0;
  *(uint64_t*)0x200085c0 = 0;
  *(uint64_t*)0x200085c8 = 0;
  *(uint64_t*)0x200085d0 = 0;
  *(uint64_t*)0x200085d8 = 0;
  *(uint64_t*)0x200085e0 = 0;
  *(uint64_t*)0x200085e8 = 0;
  *(uint64_t*)0x200085f0 = 0;
  *(uint64_t*)0x200085f8 = 0;
  *(uint64_t*)0x20008600 = 0;
  *(uint64_t*)0x20008608 = 0;
  *(uint64_t*)0x20008610 = 0;
  *(uint64_t*)0x20008618 = 0;
  *(uint64_t*)0x20008620 = 0;
  *(uint64_t*)0x20008628 = 0;
  *(uint64_t*)0x20008630 = 0;
  *(uint64_t*)0x20008638 = 0;
  *(uint64_t*)0x20008640 = 0;
  *(uint64_t*)0x20008648 = 0;
  *(uint64_t*)0x20008650 = 0;
  *(uint64_t*)0x20008658 = 0;
  *(uint64_t*)0x20008660 = 0;
  *(uint64_t*)0x20008668 = 0;
  *(uint64_t*)0x20008670 = 0;
  *(uint64_t*)0x20008678 = 0;
  *(uint64_t*)0x20008680 = 0;
  *(uint64_t*)0x20008688 = 0;
  *(uint64_t*)0x20008690 = 0;
  *(uint64_t*)0x20008698 = 0;
  *(uint64_t*)0x200086a0 = 0;
  *(uint64_t*)0x200086a8 = 0;
  *(uint64_t*)0x200086b0 = 0;
  *(uint64_t*)0x200086b8 = 0;
  *(uint64_t*)0x200086c0 = 0;
  *(uint64_t*)0x200086c8 = 0;
  *(uint64_t*)0x200086d0 = 0;
  *(uint64_t*)0x200086d8 = 0;
  *(uint64_t*)0x200086e0 = 0;
  *(uint64_t*)0x200086e8 = 0;
  *(uint64_t*)0x200086f0 = 0;
  *(uint64_t*)0x200086f8 = 0;
  *(uint64_t*)0x20008700 = 0;
  *(uint64_t*)0x20008708 = 0;
  *(uint64_t*)0x20008710 = 0;
  *(uint64_t*)0x20008718 = 0;
  *(uint64_t*)0x20008720 = 0;
  *(uint64_t*)0x20008728 = 0;
  *(uint64_t*)0x20008730 = 0;
  *(uint64_t*)0x20008738 = 0;
  *(uint64_t*)0x20008740 = 0;
  *(uint64_t*)0x20008748 = 0;
  *(uint64_t*)0x20008750 = 0;
  *(uint64_t*)0x20008758 = 0;
  *(uint64_t*)0x20008760 = 0;
  *(uint64_t*)0x20008768 = 0;
  *(uint64_t*)0x20008770 = 0;
  *(uint64_t*)0x20008778 = 0;
  *(uint64_t*)0x20008780 = 0;
  *(uint64_t*)0x20008788 = 0;
  *(uint64_t*)0x20008790 = 0;
  *(uint64_t*)0x20008798 = 0;
  *(uint64_t*)0x200087a0 = 0;
  *(uint64_t*)0x200087a8 = 0;
  *(uint64_t*)0x200087b0 = 0;
  *(uint64_t*)0x200087b8 = 0;
  *(uint64_t*)0x200087c0 = 0;
  *(uint64_t*)0x200087c8 = 0;
  *(uint64_t*)0x200087d0 = 0;
  *(uint64_t*)0x200087d8 = 0;
  *(uint64_t*)0x200087e0 = 0;
  *(uint64_t*)0x200087e8 = 0;
  *(uint64_t*)0x200087f0 = 0;
  *(uint64_t*)0x200087f8 = 0;
  *(uint64_t*)0x20008800 = 0;
  *(uint64_t*)0x20008808 = 0;
  *(uint64_t*)0x20008810 = 0;
  *(uint64_t*)0x20008818 = 0;
  *(uint64_t*)0x20008820 = 0;
  *(uint64_t*)0x20008828 = 0;
  *(uint64_t*)0x20008830 = 0;
  *(uint64_t*)0x20008838 = 0;
  *(uint64_t*)0x20008840 = 0;
  *(uint64_t*)0x20008848 = 0;
  *(uint64_t*)0x20008850 = 0;
  *(uint64_t*)0x20008858 = 0;
  *(uint64_t*)0x20008860 = 0;
  *(uint64_t*)0x20008868 = 0;
  *(uint64_t*)0x20008870 = 0;
  *(uint64_t*)0x20008878 = 0;
  *(uint64_t*)0x20008880 = 0;
  *(uint64_t*)0x20008888 = 0;
  *(uint64_t*)0x20008890 = 0;
  *(uint64_t*)0x20008898 = 0;
  *(uint64_t*)0x200088a0 = 0;
  *(uint64_t*)0x200088a8 = 0;
  *(uint64_t*)0x200088b0 = 0;
  *(uint64_t*)0x200088b8 = 0;
  *(uint64_t*)0x200088c0 = 0;
  *(uint64_t*)0x200088c8 = 0;
  *(uint64_t*)0x200088d0 = 0;
  *(uint64_t*)0x200088d8 = 0;
  *(uint64_t*)0x200088e0 = 0;
  *(uint64_t*)0x200088e8 = 0;
  *(uint64_t*)0x200088f0 = 0;
  *(uint64_t*)0x200088f8 = 0;
  *(uint64_t*)0x20008900 = 0;
  *(uint64_t*)0x20008908 = 0;
  *(uint64_t*)0x20008910 = 0;
  *(uint64_t*)0x20008918 = 0;
  *(uint64_t*)0x20008920 = 0;
  *(uint64_t*)0x20008928 = 0;
  *(uint64_t*)0x20008930 = 0;
  *(uint64_t*)0x20008938 = 0;
  *(uint64_t*)0x20008940 = 0;
  *(uint64_t*)0x20008948 = 0;
  *(uint64_t*)0x20008950 = 0;
  syscall(__NR_write, r[0], 0x20007f00, 0xa58);
}
int main(void)
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  loop();
  return 0;
}