// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x20000140, "./bus\000", 6);
  syscall(SYS_mknod, 0x20000140ul, 0x2000ul,
          0x4486337); /* major = 99, minor = 280631 */
  memcpy((void*)0x20000040,
         "\xdd\x36\xdc\x71\xaf\xd2\x84\x3d\x3d\x14\xcc\x87\xc2\xbb", 14);
  syscall(SYS_pwrite, -1, 0x20000040ul, 0xeul, 0ul);
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy(
      (void*)0x20000280,
      "\x14\x3d\x46\x80\xca\x60\x66\x99\x08\xdc\x4e\xe3\x00\xb9\xba\x19\x5d\x62"
      "\xe1\x8b\x4d\xad\x97\xd4\x45\x28\x82\x59\x4c\x9a\x86\x5b\xcd\xed\xce\xc8"
      "\x48\x9c\x85\x3e\x60\xdc\x59\x6c\xa8\xd9\xd3\x3d\xb6\xf3\xcc\x34\xd8\xc3"
      "\x7e\xfc\xba\x70\x80\xe2\xbd\xd3\x53\x6a\x78\x34\x5b\xe5\x7d\xcf\x25\x15"
      "\xad\x41\xb7\x48\x8f\xad\xfc\xd4\xff\x36\x06\xbc\xe0\x65\x74\x5a\xc5\xfc"
      "\x39\x7c\x09\x9a\x97\x8b\x00\x4a\x1f\x21\xed\x26\x5d\x35\xd0\x2d\xa5\xee"
      "\xd3\xba\xee\xcd\xad\xf1\x92\xfa\xff\x23\xd0\x38\xb0\xfe\x5f\xf8\xce\xbc"
      "\xb5\xe9\xf4\xb6\x2b\x1e\xa3\xdf\x75\xda\xa1\x07\x5f\x15\x47\x32\x9f\x51"
      "\x00\xe7\xe8\x6f\xfc\x80\xf5\x45\xac\xb6\xb6\x12\x8e\x76\x7f\xec\x18\x5b"
      "\x24\x0c\xf2\x90\x8b\x37\x64\x76\xb1\x6a\xc7\x93\x38\xe9\x89\xc2\xae\x50"
      "\x3d\x12\x69\x99\xa0\xdd\xed\x01\xdd\xa9\x97\x72\x72\x2a\x31\xb8\xde\x0e"
      "\xa7\x03\xe6\x6b\xbe\x94\x99\x73\xc7\x83\xc9\x02\xcb\x72\xbb\xe8\x8e\x65"
      "\xe8\xaa\xa6\x20\xa0\x06\x45\xdb\x29\x50\x31\x06\x44\x46\x22\x5b\xf3\x82"
      "\xa1\x62\x98\x1b\x06\x06\xfa\x79\x7b\xf0\xa2\x14\xeb\xba",
      248);
  syscall(SYS_pwrite, -1, 0x20000280ul, 0xf8ul, 0x20ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  *(uint32_t*)0x20000040 = 2;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}