// https://syzkaller.appspot.com/bug?id=b8afb3d95297388287141f3721edb7a94b0280c5
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>

uint64_t r[2] = {0xffffffffffffffff, 0xffffffffffffffff};

int main(void)
{
  syscall(__NR_mmap, 0x20000000, 0x1000000, 3, 0x32, -1, 0);
  long res = 0;
  memcpy((void*)0x20000180,
         "\x73\x74\x61\x74\x09\xc0\xc2\xfe\xbc\xf9\xdf\x2d\xea\xc8\xc1\x77\xff"
         "\x17\x12\x48\xe9\x11\x93\x51\x30\x49\xf8\x31\x55\x0d\x6f\x7d\xe6\x6c"
         "\xf6\x37\xbd\xbf\x13\x11\x92\x0c\x8a\x26\xed\xa4\xdc\xc3\x78\x3f\x9d"
         "\xb5\x11\x6b\x34\xd3\x1b\x05\x12\xa5\x60\x8a\xaf\xf0\x1e\x79\x52\x34"
         "\x0c\xd6\xfd\x00\x00\x00\x00",
         75);
  res = syscall(__NR_openat, 0xffffff9c, 0x20000180, 0x275a, 0);
  if (res != -1)
    r[0] = res;
  memcpy((void*)0x200005c0, "\xf7", 1);
  syscall(__NR_pwrite64, r[0], 0x200005c0, 1, 0);
  memcpy((void*)0x20000240, "memory.stat", 12);
  res = syscall(__NR_openat, 0xffffff9c, 0x20000240, 0x275a, 0);
  if (res != -1)
    r[1] = res;
  sprintf((char*)0x20000100, "0x%016llx", (long long)0);
  syscall(__NR_write, r[1], 0x20000100, 0x12);
  *(uint16_t*)0x20000080 = 0;
  *(uint16_t*)0x20000082 = 0;
  *(uint64_t*)0x20000088 = 0;
  *(uint64_t*)0x20000090 = 0x405c92ec;
  *(uint32_t*)0x20000098 = 0;
  *(uint32_t*)0x2000009c = 0;
  *(uint32_t*)0x200000a0 = 0;
  *(uint32_t*)0x200000a4 = 0;
  *(uint32_t*)0x200000a8 = 0;
  *(uint32_t*)0x200000ac = 0;
  syscall(__NR_ioctl, r[1], 0x40305828, 0x20000080);
  *(uint16_t*)0x20000140 = 0;
  *(uint16_t*)0x20000142 = 0;
  *(uint64_t*)0x20000148 = 0x56cd4216;
  *(uint64_t*)0x20000150 = 0x10001;
  *(uint32_t*)0x20000158 = 0;
  *(uint32_t*)0x2000015c = 0;
  *(uint32_t*)0x20000160 = 0;
  *(uint32_t*)0x20000164 = 0;
  *(uint32_t*)0x20000168 = 0;
  *(uint32_t*)0x2000016c = 0;
  syscall(__NR_ioctl, r[0], 0x40305828, 0x20000140);
  *(uint32_t*)0x20000300 = 0;
  *(uint32_t*)0x20000304 = r[1];
  *(uint64_t*)0x20000308 = 0;
  *(uint64_t*)0x20000310 = 0xfffa931c;
  *(uint64_t*)0x20000318 = 0;
  *(uint64_t*)0x20000320 = 0;
  syscall(__NR_ioctl, r[0], 0xc028660f, 0x20000300);
  return 0;
}