// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000400 = 0x20000200;
  memcpy((void*)0x20000200,
         "\xdc\x22\xa6\xc6\xe4\x7a\x13\x27\x91\x46\x62\xa2\x74\xde\xeb\x89\xf9"
         "\xdc\xd0\x19\x24\x73\x39\x79\xa6\x22\x21\xd2\x35\x06\xa5\xcb\x1f\x4a"
         "\x0e\xa2\x23\xf1\x68\x3a\x42\x59\xb2\x5d\xa1\x84\xc3\x58\x12\x3e\x15"
         "\x58\xe2\x84\x21\x50\x61\x4b\x7b\x88\xfd\x4b\x4e\xf8\x42\x0c\xd7\x11"
         "\x20\x06\x0f\x78\xb8\x26\xbf\x2d\x07\x7e\x29\x9a\xa6\x5e\x20\x20\x87"
         "\x8f\x9a\xa2\x74\x89\x44\x5f\x10\x89\xe6\x69\x3c\xd9\x5f\x5c\x86\x42"
         "\x67\x55\x5b\x76\x30\x57\x21\xab\x51\xb4\x8e\x39\x46\xc2\x46\xd3\x02"
         "\xbe\x39\x71\x69\xb9\xc4\x00\x18\x03\xd0\x3a\x71\x56\x69\xc4\x2e\x32"
         "\x62\x1d\xc2\x90\x3d\xaf\xad\x8a\x38\xd3\xdd\xeb\xef\x33\x09\xc2\x93"
         "\x52\x08\x11\x54\x71\x31\x65\xd2\x57\x5f\x6b\x8a\xd5\x43\xeb\xb7\x70"
         "\x76\x69\xaa\x97\xe5\x27\x33\x51\xd8\xc4\xb9\x6d\x68\x49\xa5\xce\x94"
         "\x53\x19\x97\x3a\x1d\xea\x1a\x31\x21\x8a\x7b\xc2\x69\xe3\xc8\x18\xba"
         "\x03\xc2\x32\x85\x19\xd7\xac\x34\x56\x04\xf8\xe5\xe4\x7f\x21\xf8\xaa"
         "\x66\x7f\xa3\xf5\x39\x65\xb4\xe6\xd8\xd0\x40\x3b\xc9\xcc\x1f",
         236);
  *(uint64_t*)0x20000408 = 0xec;
  *(uint64_t*)0x20000410 = 0;
  *(uint64_t*)0x20000418 = 0;
  *(uint64_t*)0x20000420 = 0;
  *(uint64_t*)0x20000428 = 0;
  *(uint64_t*)0x20000430 = 0;
  *(uint64_t*)0x20000438 = 0;
  syscall(SYS_writev, -1, 0x20000400ul, 4ul);
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}