// https://syzkaller.appspot.com/bug?id=e5fab178337c3199b5bbe6b90f07144d5156b8aa
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, /*addr=*/0x1ffffffff000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0x1000000ul,
          /*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  syscall(__NR_mmap, /*addr=*/0x200001000000ul, /*len=*/0x1000ul, /*prot=*/0ul,
          /*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
          /*fd=*/(intptr_t)-1, /*offset=*/0ul);
  const char* reason;
  (void)reason;
  intptr_t res = 0;
  if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
  }
  //  openat$fuse arguments: [
  //    fd: const = 0xffffffffffffff9c (8 bytes)
  //    file: ptr[in, buffer] {
  //      buffer: {2f 64 65 76 2f 66 75 73 65 00} (length 0xa)
  //    }
  //    flags: const = 0x42 (4 bytes)
  //    mode: const = 0x0 (2 bytes)
  //  ]
  //  returns fd_fuse
  memcpy((void*)0x200000000000, "/dev/fuse\000", 10);
  res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul,
                /*file=*/0x200000000000ul, /*flags=*/0x42, /*mode=*/0);
  if (res != -1)
    r[0] = res;
  //  fcntl$getflags arguments: [
  //    fd: fd (resource)
  //    cmd: fcntl_getflags = 0xa (8 bytes)
  //  ]
  syscall(__NR_fcntl, /*fd=*/r[0], /*cmd=*/0xaul, 0);
  //  ioctl$TCSETS2 arguments: [
  //    fd: fd_tty (resource)
  //    cmd: const = 0x5452 (4 bytes)
  //    arg: ptr[in, termios2] {
  //      termios2 {
  //        c_iflag: int32 = 0x407 (4 bytes)
  //        c_oflag: int32 = 0x9 (4 bytes)
  //        c_cflag: int32 = 0x5 (4 bytes)
  //        c_lflag: int32 = 0x3 (4 bytes)
  //        c_line: int8 = 0x3 (1 bytes)
  //        c_cc: buffer: {1a 03 04 00 00 00 6b 75 73 34 f4 34 7a 53 00 00 00 20
  //        00} (length 0x13) c_ispeed: int32 = 0x83c (4 bytes) c_ospeed: int32
  //        = 0x6 (4 bytes)
  //      }
  //    }
  //  ]
  *(uint32_t*)0x200000000040 = 0x407;
  *(uint32_t*)0x200000000044 = 9;
  *(uint32_t*)0x200000000048 = 5;
  *(uint32_t*)0x20000000004c = 3;
  *(uint8_t*)0x200000000050 = 3;
  memcpy((void*)0x200000000051,
         "\x1a\x03\x04\x00\x00\x00\x6b\x75\x73\x34\xf4\x34\x7a\x53\x00\x00\x00"
         "\x20\x00",
         19);
  *(uint32_t*)0x200000000064 = 0x83c;
  *(uint32_t*)0x200000000068 = 6;
  syscall(__NR_ioctl, /*fd=*/r[0], /*cmd=*/0x5452, /*arg=*/0x200000000040ul);
  //  ioctl$TCSETS2 arguments: [
  //    fd: fd_tty (resource)
  //    cmd: const = 0x5452 (4 bytes)
  //    arg: ptr[in, termios2] {
  //      termios2 {
  //        c_iflag: int32 = 0x407 (4 bytes)
  //        c_oflag: int32 = 0x9 (4 bytes)
  //        c_cflag: int32 = 0x5 (4 bytes)
  //        c_lflag: int32 = 0x3 (4 bytes)
  //        c_line: int8 = 0x3 (1 bytes)
  //        c_cc: buffer: {1a 03 04 00 00 00 6b 75 73 34 f4 34 7a 53 00 00 00 20
  //        00} (length 0x13) c_ispeed: int32 = 0x83c (4 bytes) c_ospeed: int32
  //        = 0x6 (4 bytes)
  //      }
  //    }
  //  ]
  *(uint32_t*)0x200000000040 = 0x407;
  *(uint32_t*)0x200000000044 = 9;
  *(uint32_t*)0x200000000048 = 5;
  *(uint32_t*)0x20000000004c = 3;
  *(uint8_t*)0x200000000050 = 3;
  memcpy((void*)0x200000000051,
         "\x1a\x03\x04\x00\x00\x00\x6b\x75\x73\x34\xf4\x34\x7a\x53\x00\x00\x00"
         "\x20\x00",
         19);
  *(uint32_t*)0x200000000064 = 0x83c;
  *(uint32_t*)0x200000000068 = 6;
  syscall(__NR_ioctl, /*fd=*/r[0], /*cmd=*/0x5452, /*arg=*/0x200000000040ul);
  return 0;
}