// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000380 = 0x20000280;
  memcpy(
      (void*)0x20000280,
      "\xb1\xfd\xfe\x60\x75\x54\xca\x6c\xfe\x6f\xef\x82\xcd\x3a\xd9\xed\x75\x71"
      "\x33\x68\x3b\x52\x40\x91\xbd\x37\x8c\x6e\xcf\xd2\x03\xc0\x2a\xb5\x37\x6b"
      "\x5a\x88\x0c\xd1\xc9\x1e\xe6\x59\xb3\xca\x07\x38\xe2\x0f\xd5\xe1\xa5\xc6"
      "\x20\xf0\x20\xc0\x7d\xce\xbd\x6f\x9e\x69\x91\x77\x42\x06\xac\x8f\x2a\x22"
      "\xb4\xa4\x36\xf2\x3d\x0b\x15\xa0\x12\x28\x4c\xda\x88\x68\xb3\x80\xac\x78"
      "\x16\xd0\x2f\x19\x9e\xaf\xe4\x16\xbd\x7f\x61\xa8\x47\x7b\x42\xf4\xb6\xa4"
      "\xeb\x49\x71\x67\xe4\x28\x41\x14\x87\x6e\x82\x57\xcf\x0a\xea\x29\x73\x18"
      "\x76\xc4\x2f\x64\xe0\x53\x48\x58\x45\x61\x47\xb0\xe3\x2f\x59\xca\x34\x71"
      "\xd2\x91\x1b\x34\xd0\x50\x45\x9a\xe6\x1f\xf7\xeb\xc6\x49\x48\x94\x12\xd7"
      "\x4f\xe3\x52\x88\x22\x10\xb5\xe1\x0e\x29\xa3\xc6\x6d\x54\xf2\x84\xea\xce"
      "\xc7\xec\xe7\xc6\xd1\x53\x81\xa4\xb8\x52\xcc\x86\x8f\x65\xf5\x93\x45\xe1"
      "\xb4\xb6\xae\x4c\xa3\x24\x75\x05",
      206);
  *(uint64_t*)0x20000388 = 0xce;
  syscall(SYS_writev, -1, 0x20000380ul, 1ul);
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}