// https://syzkaller.appspot.com/bug?id=c7ac769bd7ee15549b8a2be188bcee07d98a5357
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

#define __syscall syscall

uint64_t r[1] = {0xffffffffffffffff};

int main(void)
{
  syscall(SYS_mmap, 0x20000000ul, 0x1000000ul, 3ul, 0x1012ul, -1, 0ul);
  intptr_t res = 0;
  memcpy((void*)0x200001c0, "./bus\000", 6);
  syscall(SYS_mknod, 0x200001c0ul, 0x2000ul,
          0x4086334); /* major = 99, minor = 264244 */
  *(uint32_t*)0x200000c0 = 6;
  *(uint64_t*)0x200000c8 = 0x20000080;
  *(uint16_t*)0x20000080 = 0;
  *(uint8_t*)0x20000082 = 0;
  *(uint8_t*)0x20000083 = 0;
  *(uint32_t*)0x20000084 = 0;
  *(uint16_t*)0x20000088 = 0;
  *(uint8_t*)0x2000008a = 0;
  *(uint8_t*)0x2000008b = 0;
  *(uint32_t*)0x2000008c = 0;
  *(uint16_t*)0x20000090 = 0;
  *(uint8_t*)0x20000092 = 0;
  *(uint8_t*)0x20000093 = 0;
  *(uint32_t*)0x20000094 = 0;
  *(uint16_t*)0x20000098 = 0;
  *(uint8_t*)0x2000009a = 0;
  *(uint8_t*)0x2000009b = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint16_t*)0x200000a0 = 0;
  *(uint8_t*)0x200000a2 = 0;
  *(uint8_t*)0x200000a3 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint16_t*)0x200000a8 = 0x210;
  *(uint8_t*)0x200000aa = 0;
  *(uint8_t*)0x200000ab = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(SYS_ioctl, -1, 0x80104277ul, 0x200000c0ul);
  memcpy((void*)0x20000000, "./bus\000", 6);
  res = syscall(SYS_open, 0x20000000ul, 0ul, 0ul);
  if (res != -1)
    r[0] = res;
  *(uint64_t*)0x20000180 = 0;
  *(uint32_t*)0x20000188 = 0;
  *(uint64_t*)0x20000190 = 0;
  *(uint64_t*)0x20000198 = 0;
  *(uint64_t*)0x200001a0 = 0;
  *(uint64_t*)0x200001a8 = 0x210;
  *(uint32_t*)0x200001b0 = 0;
  syscall(SYS_sendmsg, -1, 0x20000180ul, 0ul);
  *(uint64_t*)0x20000700 = 0;
  *(uint32_t*)0x20000708 = 0;
  *(uint64_t*)0x20000710 = 0x20000640;
  *(uint64_t*)0x20000640 = 0x20000200;
  memcpy(
      (void*)0x20000200,
      "\x6b\x4b\x24\x02\x0e\x07\xa5\xa1\x87\xfe\x9b\x81\x01\x78\x98\x8b\x55\x6f"
      "\x35\xd8\xa4\x9c\x7c\x29\xca\xf5\xa0\x7f\x23\x62\x88\xde\xe0\xaf\xd2\x26"
      "\xb8\xeb\xcd\x2a\x75\x8c\xac\x67\x4e\x7b\x9d\x65\xb9\x2e\xe6\xa3\x4a\x24"
      "\x5d\xd7\x2d\x0b\xa2\x60\x09\x82\x0e\xe0\x10\x64\xeb\xdf\x08\xdb\x1c\x1d"
      "\x8f\xdc\xf7\xf3\xa4\x84\x52\xb4\x18\x4a\x38\x84\x8a\xf5\x63\xc9\xab\x96"
      "\x82\x02\x3f\x73\xec\x65\x1f\x32\xc6\xdf\xa7\x23\x69\xc6\xff\x27\x5a\x2f"
      "\x4f\x1e\x5a\xc9\x84\xd4\x83\x14\x31\x8e\xe2\x89\x53\xec\x23\xe1\x6d\x12"
      "\xa4\x62\x83\xc8\x2a\xff\x26\xf1\x42\xb3\x2f\x37\xbb\xaa\x79\x3a\x8d\xe7"
      "\x94\xf7\x47\x23\xc4\x45\xaf\x6a\x61\x77\x9f\x19\x4d\xdc\xd5\xbd\x4d\xc4"
      "\xaa\x0f\x5b\xf4\xe7\x8f\x5a\xd9\x39\x53\x40\xbe\xf7\xe8\x18\x0c\xb2\x6c"
      "\x89\x43\x8b\x2f\x0f\xf3\xe9\xa0\xd8\x03\x5c\x61\x75\x4e\xe9\xd1",
      196);
  *(uint64_t*)0x20000648 = 0xc4;
  *(uint64_t*)0x20000650 = 0;
  *(uint64_t*)0x20000658 = 0;
  *(uint64_t*)0x20000660 = 0;
  *(uint64_t*)0x20000668 = 0;
  *(uint64_t*)0x20000670 = 0;
  *(uint64_t*)0x20000678 = 0;
  *(uint64_t*)0x20000680 = 0;
  *(uint64_t*)0x20000688 = 0;
  *(uint64_t*)0x20000690 = 0;
  *(uint64_t*)0x20000698 = 0;
  *(uint64_t*)0x20000718 = 6;
  *(uint64_t*)0x20000720 = 0x20000b80;
  *(uint32_t*)0x20000b80 = -1;
  *(uint32_t*)0x20000b84 = r[0];
  *(uint32_t*)0x20000b88 = -1;
  *(uint32_t*)0x20000b8c = -1;
  *(uint64_t*)0x20000728 = 0x20;
  *(uint32_t*)0x20000730 = 0xc;
  syscall(SYS_sendmsg, r[0], 0x20000700ul, 0x404ul);
  memcpy((void*)0x20000040, "\x34\xcf\x36\x2b\x3c\xe9\xc9\x3d\x7f", 9);
  syscall(SYS_write, -1, 0x20000040ul, 9ul);
  *(uint32_t*)0x20000040 = 1;
  syscall(SYS_ioctl, r[0], 0x82907003ul, 0x20000040ul);
  return 0;
}