// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  *(uint64_t*)0x20000200 = 0;
  *(uint32_t*)0x20000208 = 0;
  *(uint64_t*)0x20000210 = 0x200008c0;
  *(uint64_t*)0x200008c0 = 0x20000280;
  memcpy((void*)0x20000280,
         "\xbc\x1d\x82\x4d\x65\xb4\x31\xad\xa4\x61\x12\x85\x1d\x55\xe1\xf9\x43"
         "\xe7\x61\x8d\xc1\x32\x74\x66\xf3\x51\x28\x17\x16\xb4\xca\x43\xc3\x2d"
         "\xc4\x87\x8a\xbb\x0d\x6c\x18\xcd\x5b\x00\xb3\xba\x03\xee\xac\xcb\x4c"
         "\x70\xaf\x8d\x05\x9d\x45\x8a\xfd\xc3\x66\xda\xc2\x37\x45\x9f\x7a\x67"
         "\x37\x75\xfb\x77\xea\xbe\x70\x3b\xdd\x8f\xf8\xca\x4a\x48\x50\x56\x85"
         "\x62\x15\xaa\x61\xb7\xc7\x4c\xac\x35\xdd\xb9\x8a\x6c\x05\xe9\x5e\x7e"
         "\x5b\x91\x88\x71\xcc\xd4",
         108);
  *(uint64_t*)0x200008c8 = 0x6c;
  *(uint64_t*)0x200008d0 = 0;
  *(uint64_t*)0x200008d8 = 0;
  *(uint64_t*)0x200008e0 = 0;
  *(uint64_t*)0x200008e8 = 0;
  *(uint64_t*)0x200008f0 = 0;
  *(uint64_t*)0x200008f8 = 0;
  *(uint64_t*)0x20000900 = 0;
  *(uint64_t*)0x20000908 = 0;
  *(uint64_t*)0x20000910 = 0;
  *(uint64_t*)0x20000918 = 0;
  *(uint64_t*)0x20000920 = 0;
  *(uint64_t*)0x20000928 = 0;
  *(uint64_t*)0x20000930 = 0;
  *(uint64_t*)0x20000938 = 0;
  *(uint64_t*)0x20000940 = 0;
  *(uint64_t*)0x20000948 = 0;
  *(uint64_t*)0x20000218 = 9;
  *(uint64_t*)0x20000220 = 0;
  *(uint64_t*)0x20000228 = 0x12b8;
  *(uint32_t*)0x20000230 = 0;
  syscall(SYS_sendmsg, r[0], 0x20000200ul, 0x400ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}