// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy(
      (void*)0x20000200,
      "\xa4\x22\xe6\x5f\x54\xa2\xf2\xfb\x04\xed\xa6\x88\x61\xd3\xf6\x2f\x88\x17"
      "\xf5\xb5\xef\x04\x0a\xb2\x63\xfd\x58\xcd\x6b\x17\xda\xe2\xb8\xc8\xbb\xff"
      "\xe2\x0c\xac\x3a\xbf\x3a\x82\xac\x9a\x10\xdf\x2e\x34\x9f\x56\xac\x3b\x8c"
      "\xfe\xd6\x4c\x32\x79\xad\xf3\x4a\x11\x9d\xdb\xc1\x22\x79\xd8\x7a\xe5\xcc"
      "\x67\xd2\x71\x80\x30\x91\x80\x61\x7b\xf8\x00\xed\xe9\xaf\x60\xb3\xc3\xbc"
      "\x76\x27\x93\xf8\x36\x39\xa7\xf8\x83\x3a\xaf\x51\x1f\xb6\x7d\xef\x30\x5c"
      "\x0e\x71\xb5\xea\xef\xd6\x42\x95\x90\x2d\x26\x9e\xe6\xc5\x68\xf9\x5a\x55"
      "\xad\x98\xbb\x27\xbb\x13\x80\x8a\xbf\x4f\x5f\x57\xc8\xa1\x59\x44\xfa\xa1"
      "\x9e\x93\x16\xf1\x78\x87\x7a\x9a\xfb\xa5\x3c\xd9\xb2\x6b\xea\xde\x3c\xc9"
      "\x84\x30\x82\x93\xe5\x1b\x5a\x81\x93\x41\xd2\x2f\x5f\x1e\xa3\x72\x57\x9f"
      "\x22\xb1\x49\xf3\x47\x0b\x26\x08\xcf\x0a\x67\x36\x41\x0e\x09\x63\x5b\x59"
      "\x7f\xef\xf8\x5a\x3d\xe5\xe0\x47\xa7\xa6\x0b\x05\x71\xd5\x48\xe5\x7d\x6c"
      "\x84\xc8\x42\x1d\xa8\xc7\xf5\x14\x03\xff\x48\xfc\xc2\xc4\xf3\x07\xe6\x87"
      "\x08\x08\xb8\xd9\xd0\x81\x9c\x92\xf4\x24\x19\x47\x1e\xcc\x2c\x6e\xa4",
      251);
  syscall(SYS_write, -1, 0x20000200ul, 0xfbul);
  memcpy((void*)0x20000100, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000100ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}