// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  memcpy((void*)0x20000280,
         "\xdd\xd8\xd7\x31\x71\x9b\x2c\xe9\x2b\x6d\xbc\x08\x93\x6e\xca\x63\xa8"
         "\x31\x55\xd6\xae\x79\xee\x15\x3a\xbe\xb4\xea\x61\xa1\x3e\x08\x3c\xfd"
         "\xbf\xfa\x0c\xe5\x23\x3f\xd9\xd7\xf1\x54\x71\x8a\x73\x52\x41\xe5\x8e"
         "\xe6\xbc\xa9\x6b\x81\xec\x49\xde\xd7\xe5\x37\x9c\x05\xe1\x9f\x7d\x12"
         "\xa8\x11\xd1\x12\xa7\x2d\x88\xc3\x00\x9e\x2a\x59\xb0\xe1\xc0\xb0\xb5"
         "\xa6\xbe\x01\x3d\xb0\xf7\xea\x21\x14\x0d\x2a\x02\xe0\xa8\x9c\x1b\x78"
         "\xde\x1d\xc1\x70\xc7\x88\x79\x98\x1d\xb0\xa0\x92\x32\x64\x84\xce\xc2"
         "\x0e\x38\xe3\x0f\x29\xe6\xa4\x5b\xa5\x4e\xfa\xf9\x04\x49\xd9\x2c\x43"
         "\x30\x91\xc5\x3a\xeb\xe1\x93\xdd\x63\xac\xd4",
         147);
  syscall(SYS_write, -1, 0x20000280ul, 0x93ul);
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}