unexpected fault address 0x0
fatal error: fault
[signal SIGSEGV: segmentation violation code=0x80 addr=0x0 pc=0x431a40]

goroutine 24 [running]:
runtime.throw({0xa4eb45?, 0xc000044000?})
	/usr/local/go/src/runtime/panic.go:1047 +0x5d fp=0xc0310def98 sp=0xc0310def68 pc=0x4363bd
runtime.sigpanic()
	/usr/local/go/src/runtime/signal_unix.go:851 +0x28a fp=0xc0310deff8 sp=0xc0310def98 pc=0x44cf4a
runtime: g 24: unexpected return pc for runtime.netpollblock called from 0x7f61b23b7920
stack: frame={sp:0xc0310deff8, fp:0xc0310df030} stack=[0xc0310dc000,0xc0310e0000)
0x000000c0310deef8:  0x0000000000000001  0x0000000000000001 
0x000000c0310def08:  0x000000c0310def85  0x0000000000000003 
0x000000c0310def18:  0x00000000004675ce <runtime.systemstack+0x000000000000002e>  0x000000000043670c <runtime.fatalthrow+0x000000000000006c> 
0x000000c0310def28:  0x000000c0310def38  0x000000c001b44340 
0x000000c0310def38:  0x0000000000436740 <runtime.fatalthrow.func1+0x0000000000000000>  0x000000c001b44340 
0x000000c0310def48:  0x00000000004363bd <runtime.throw+0x000000000000005d>  0x000000c0310def68 
0x000000c0310def58:  0x000000c0310def88  0x00000000004363bd <runtime.throw+0x000000000000005d> 
0x000000c0310def68:  0x000000c0310def70  0x00000000004363e0 <runtime.throw.func1+0x0000000000000000> 
0x000000c0310def78:  0x0000000000a4eb45  0x0000000000000005 
0x000000c0310def88:  0x000000c0310defe8  0x000000000044cf4a <runtime.sigpanic+0x000000000000028a> 
0x000000c0310def98:  0x0000000000a4eb45  0x000000c000044000 
0x000000c0310defa8:  0x0000000000000000  0x000000c0310defc8 
0x000000c0310defb8:  0x000000c0310df028  0x00000000004bd25c <syscall.Syscall+0x000000000000005c> 
0x000000c0310defc8:  0x000000c001b44340  0x00000000004390d6 <runtime.gopark+0x00000000000000d6> 
0x000000c0310defd8:  0x000000c0310df048  0x00000000004bd25c <syscall.Syscall+0x000000000000005c> 
0x000000c0310defe8:  0x000000c0310df020  0x0000000000431a40 <runtime.netpollblock+0x0000000000000100> 
0x000000c0310deff8: <0x000000c02b3d3818  0xbfffaecf8b9a258a 
0x000000c0310df008:  0x9036567fff5873f0  0xbfffaecf0000000b 
0x000000c0310df018:  0x9036567fff5873f0  0x000000000000000b 
0x000000c0310df028: !0x00007f61b23b7920 >0x00000000310df040 
0x000000c0310df038:  0x00007f61b23b7920  0x00000000310df040 
0x000000c0310df048:  0x000000000040482f <runtime.ifaceeq+0x000000000000004f>  0x00000000310df068 
0x000000c0310df058:  0x000000000040482f <runtime.ifaceeq+0x000000000000004f>  0x00007f61310df068 
0x000000c0310df068:  0x0000000000000072  0x00007f612b1dd710 
0x000000c0310df078:  0x0000000000000072  0x000000002b1dd710 
0x000000c0310df088:  0x000000c01d261560  0x000000002b1dd710 
0x000000c0310df098:  0x000000c01d261560  0x000000002b1dd710 
0x000000c0310df0a8:  0x010000c01d261680  0x0000000000000000 
0x000000c0310df0b8:  0x010000c01d261680  0x0000000000000000 
0x000000c0310df0c8:  0x000000000000000c  0x000000001d261578 
0x000000c0310df0d8:  0x000000000000000c  0x000000001d261578 
0x000000c0310df0e8:  0x0000000000000000  0x0000000000000000 
0x000000c0310df0f8:  0x0000000000000000  0x000000c000000000 
0x000000c0310df108:  0x000000c0310df0e8  0x000000c0310df158 
0x000000c0310df118:  0x000000c0310df0e8  0x000000c0310df158 
0x000000c0310df128:  0x000000c02b1dd710 
runtime/internal/atomic.(*Uintptr).Swap(...)
	/usr/local/go/src/runtime/internal/atomic/types.go:409
runtime.netpollblock(0x310df040?, 0xb23b7920?, 0x61?)
	/usr/local/go/src/runtime/netpoll.go:530 +0x100 fp=0xc0310df030 sp=0xc0310deff8 pc=0x431a40
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x1605

goroutine 1 [select]:
runtime.gopark(0xc000237a60?, 0x2?, 0x40?, 0x6?, 0xc000237a1c?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000237850 sp=0xc000237830 pc=0x4390d6
runtime.selectgo(0xc000237a60, 0xc000237a18, 0xc02af76d50?, 0x0, 0x0?, 0x1)
	/usr/local/go/src/runtime/select.go:327 +0x7be fp=0xc000237990 sp=0xc000237850 pc=0x4491de
main.(*Fuzzer).pollLoop(0xc000228600)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:385 +0x105 fp=0xc000237a90 sp=0xc000237990 pc=0x901925
main.main()
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:313 +0x178c fp=0xc000237f80 sp=0xc000237a90 pc=0x900fac
runtime.main()
	/usr/local/go/src/runtime/proc.go:250 +0x207 fp=0xc000237fe0 sp=0xc000237f80 pc=0x438ca7
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000237fe8 sp=0xc000237fe0 pc=0x469661

goroutine 2 [force gc (idle), 11 minutes]:
runtime.gopark(0x4c49a9eca2?, 0x0?, 0x0?, 0x0?, 0x0?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000056fb0 sp=0xc000056f90 pc=0x4390d6
runtime.goparkunlock(...)
	/usr/local/go/src/runtime/proc.go:387
runtime.forcegchelper()
	/usr/local/go/src/runtime/proc.go:305 +0xb0 fp=0xc000056fe0 sp=0xc000056fb0 pc=0x438f10
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000056fe8 sp=0xc000056fe0 pc=0x469661
created by runtime.init.6
	/usr/local/go/src/runtime/proc.go:293 +0x25

goroutine 3 [GC sweep wait]:
runtime.gopark(0x1?, 0x0?, 0x0?, 0x0?, 0x0?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000057780 sp=0xc000057760 pc=0x4390d6
runtime.goparkunlock(...)
	/usr/local/go/src/runtime/proc.go:387
runtime.bgsweep(0x0?)
	/usr/local/go/src/runtime/mgcsweep.go:319 +0xde fp=0xc0000577c8 sp=0xc000057780 pc=0x42421e
runtime.gcenable.func1()
	/usr/local/go/src/runtime/mgc.go:178 +0x26 fp=0xc0000577e0 sp=0xc0000577c8 pc=0x4193e6
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000577e8 sp=0xc0000577e0 pc=0x469661
created by runtime.gcenable
	/usr/local/go/src/runtime/mgc.go:178 +0x6b

goroutine 4 [GC scavenge wait]:
runtime.gopark(0xc665042815?, 0x401588?, 0x0?, 0x0?, 0x0?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000057f70 sp=0xc000057f50 pc=0x4390d6
runtime.goparkunlock(...)
	/usr/local/go/src/runtime/proc.go:387
runtime.(*scavengerState).park(0x1ed0de0)
	/usr/local/go/src/runtime/mgcscavenge.go:400 +0x53 fp=0xc000057fa0 sp=0xc000057f70 pc=0x422113
runtime.bgscavenge(0x0?)
	/usr/local/go/src/runtime/mgcscavenge.go:633 +0x65 fp=0xc000057fc8 sp=0xc000057fa0 pc=0x422705
runtime.gcenable.func2()
	/usr/local/go/src/runtime/mgc.go:179 +0x26 fp=0xc000057fe0 sp=0xc000057fc8 pc=0x419386
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000057fe8 sp=0xc000057fe0 pc=0x469661
created by runtime.gcenable
	/usr/local/go/src/runtime/mgc.go:179 +0xaa

goroutine 17 [finalizer wait, 5 minutes]:
runtime.gopark(0x0?, 0xbfd948?, 0x40?, 0x40?, 0x2000000020?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000056628 sp=0xc000056608 pc=0x4390d6
runtime.runfinq()
	/usr/local/go/src/runtime/mfinal.go:193 +0x107 fp=0xc0000567e0 sp=0xc000056628 pc=0x418427
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000567e8 sp=0xc0000567e0 pc=0x469661
created by runtime.createfing
	/usr/local/go/src/runtime/mfinal.go:163 +0x45

goroutine 18 [select]:
runtime.gopark(0xc000052788?, 0x3?, 0x9?, 0x18?, 0xc000052772?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0000525f8 sp=0xc0000525d8 pc=0x4390d6
runtime.selectgo(0xc000052788, 0xc00005276c, 0xc0000f5e80?, 0x0, 0x0?, 0x1)
	/usr/local/go/src/runtime/select.go:327 +0x7be fp=0xc000052738 sp=0xc0000525f8 pc=0x4491de
go.opencensus.io/stats/view.(*worker).start(0xc0000f5e80)
	/syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:292 +0xad fp=0xc0000527c8 sp=0xc000052738 pc=0x88d00d
go.opencensus.io/stats/view.init.0.func1()
	/syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:34 +0x26 fp=0xc0000527e0 sp=0xc0000527c8 pc=0x88c246
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000527e8 sp=0xc0000527e0 pc=0x469661
created by go.opencensus.io/stats/view.init.0
	/syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:34 +0x96

goroutine 19 [GC worker (idle)]:
runtime.gopark(0xbfdb38?, 0xc00003c020?, 0x1a?, 0x14?, 0x0?)
	/usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000052f50 sp=0xc000052f30 pc=0x4390d6
runtime.gcBgMarkWorker()