// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  *(uint64_t*)0x20002580 = 0;
  *(uint32_t*)0x20002588 = 0;
  *(uint64_t*)0x20002590 = 0x20000140;
  *(uint64_t*)0x20000140 = 0x20000200;
  memcpy(
      (void*)0x20000200,
      "\x1d\x3e\x24\xd8\x92\xde\x46\x51\x0e\xf9\x4d\x0f\x94\x2f\x94\x16\xcf\x22"
      "\x25\x2e\x58\x27\x51\x4e\x35\xe8\x64\xf6\x32\x7f\x8b\xb0\x27\xbc\x2b\x31"
      "\xc1\xa0\x52\xe9\x50\x65\xfb\xb6\x67\xeb\x41\xd5\x25\x9f\x2e\x39\x1a\x2f"
      "\xfd\x5f\x15\x19\x6b\xbf\xab\xa0\x71\xa2\x9a\xd5\x76\xef\xe0\x54\x6f\xc4"
      "\x1b\xe1\xa6\xfe\x1e\xc3\x13\xd0\xc7\x66\x30\x27\x32\x53\x14\x80\x07\x49"
      "\x12\xc7\x1b\xa8\x3a\x67\x23\x52\xc1\x6b\x62\x78\xf7\x4a\x2b\x75\x59\xd5"
      "\xc0\xfb\xb6\x90\xce\xab\x56\xd5\xc2\x59\xb1\x61\xa5\xff\x25\xea\xc6\x7d"
      "\xf0\xfc\xdd\x5d\x5c\x03\x38\x08\x21\x97\xd5\x53\x58\x99\x3a\x31\x6e\x03"
      "\x36\x9b\xa1\xb3\x95\x9b\xfc\xbb\x03\x36\x07\x9e\x6c\xe2\x27\xc8\x08\x84"
      "\x8c\x1e\x6b\xbe\x81\xca\x67\xec\xa8\x35\x91\x17\x96\x7a\x2a\xa1\xc2\xaf"
      "\xe8\x54\xdd\xc5\x08\xe8\x48\xaf\x3b\x3b\x10\x71\xca\x87\xe1\x74\xaa\x82"
      "\x3a\xad\xc8\x3b\x45\xe3\x10\x76\x9c",
      207);
  *(uint64_t*)0x20000148 = 0xcf;
  *(uint64_t*)0x20002598 = 1;
  *(uint64_t*)0x200025a0 = 0;
  *(uint64_t*)0x200025a8 = 0;
  *(uint32_t*)0x200025b0 = 0;
  syscall(SYS_sendmsg, r[0], 0x20002580ul, 0x400ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}