// https://syzkaller.appspot.com/bug?id=eaa717e7d3d92242c55b772126faac8e64731f49
// autogenerated by syzkaller (http://github.com/google/syzkaller)

#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <string.h>
#include <sys/syscall.h>
#include <unistd.h>

uint64_t r[2] = {0xffffffffffffffff, 0xffffffff};
void loop()
{
  long res = 0;
  memcpy((void*)0x20000140, "/dev/infiniband/rdma_cm", 24);
  res = syscall(__NR_openat, 0xffffffffffffff9c, 0x20000140, 2, 0);
  if (res != -1)
    r[0] = res;
  *(uint32_t*)0x200014c0 = 0;
  *(uint16_t*)0x200014c4 = 0x18;
  *(uint16_t*)0x200014c6 = 0xfa00;
  *(uint64_t*)0x200014c8 = 2;
  *(uint64_t*)0x200014d0 = 0x20001480;
  *(uint16_t*)0x200014d8 = 0x13f;
  *(uint8_t*)0x200014da = 0;
  *(uint8_t*)0x200014db = 0;
  *(uint8_t*)0x200014dc = 0;
  *(uint8_t*)0x200014dd = 0;
  *(uint8_t*)0x200014de = 0;
  *(uint8_t*)0x200014df = 0;
  res = syscall(__NR_write, r[0], 0x200014c0, 0x20);
  if (res != -1)
    r[1] = *(uint32_t*)0x20001480;
  *(uint32_t*)0x20001500 = 0xe;
  *(uint16_t*)0x20001504 = 0x18;
  *(uint16_t*)0x20001506 = 0xfa00;
  *(uint64_t*)0x20001508 = 0x20000040;
  *(uint32_t*)0x20000040 = 2;
  *(uint32_t*)0x20000044 = 0;
  *(uint32_t*)0x20000048 = 7;
  *(uint32_t*)0x2000004c = 0;
  *(uint32_t*)0x20000050 = 2;
  *(uint32_t*)0x20000054 = 0x7f;
  *(uint32_t*)0x20000058 = 0;
  *(uint32_t*)0x2000005c = 0x81;
  *(uint32_t*)0x20000060 = 0x505;
  *(uint32_t*)0x20000064 = 4;
  *(uint32_t*)0x20000068 = 5;
  *(uint32_t*)0x2000006c = 3;
  *(uint32_t*)0x20000070 = 0x50;
  *(uint32_t*)0x20000074 = 0x7ff;
  *(uint32_t*)0x20000078 = 0x2d9f;
  *(uint32_t*)0x2000007c = 0x690;
  *(uint32_t*)0x20000080 = 0xb07;
  *(uint32_t*)0x20000084 = 0xfffffffc;
  *(uint32_t*)0x20000088 = 0x2b;
  *(uint32_t*)0x2000008c = 0;
  *(uint32_t*)0x20000090 = 1;
  *(uint32_t*)0x20000094 = 0;
  *(uint32_t*)0x20000098 = 0x1f;
  *(uint32_t*)0x2000009c = 0x800;
  *(uint32_t*)0x200000a0 = 0x3f;
  *(uint32_t*)0x200000a4 = 8;
  *(uint32_t*)0x200000a8 = 0x1ff;
  *(uint32_t*)0x200000ac = 9;
  *(uint32_t*)0x200000b0 = 0;
  *(uint32_t*)0x200000b4 = 0xd1;
  *(uint32_t*)0x200000b8 = 0x81;
  *(uint32_t*)0x200000bc = 4;
  *(uint32_t*)0x200000c0 = 0xe0b7;
  *(uint32_t*)0x200000c4 = 2;
  *(uint32_t*)0x200000c8 = 5;
  *(uint32_t*)0x200000cc = 5;
  *(uint32_t*)0x200000d0 = 1;
  *(uint32_t*)0x200000d4 = 0;
  *(uint32_t*)0x200000d8 = 5;
  *(uint32_t*)0x200000dc = 1;
  *(uint32_t*)0x200000e0 = 6;
  *(uint32_t*)0x200000e4 = 9;
  *(uint32_t*)0x200000e8 = 1;
  *(uint32_t*)0x200000ec = 0x52;
  *(uint32_t*)0x200000f0 = 0x3f;
  *(uint32_t*)0x200000f4 = 0xcc4;
  *(uint32_t*)0x200000f8 = 5;
  *(uint32_t*)0x200000fc = 0x7ff;
  *(uint32_t*)0x20000100 = 0x2f4f;
  *(uint32_t*)0x20000104 = 0x8001;
  *(uint32_t*)0x20000108 = 9;
  *(uint32_t*)0x2000010c = 0x7ff;
  *(uint32_t*)0x20000110 = 0x6ab8021d;
  *(uint32_t*)0x20000114 = 0;
  *(uint32_t*)0x20001510 = r[1];
  *(uint32_t*)0x20001514 = 1;
  *(uint32_t*)0x20001518 = 1;
  *(uint32_t*)0x2000151c = 0xd8;
  syscall(__NR_write, r[0], 0x20001500, 0x20);
}

int main()
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  loop();
  return 0;
}