{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x25d}}]}, &(0x7f0000000600)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', r7, 0x4d, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000a80)={0x3, 0x8, 0x7, 0x1000}, 0x10, 0xffffffffffffffff, r6, 0x8, &(0x7f0000000ac0)=[r0, r0], &(0x7f0000000b00)=[{0x0, 0x2, 0x3, 0xa}, {0x5, 0x1, 0x10, 0x4}, {0x4, 0x1, 0x8}, {0x1, 0x4, 0x8, 0x8}, {0x2, 0x5, 0xb, 0xb}, {0x5, 0x4, 0x7, 0x7}, {0x1, 0x2, 0xe, 0x5}, {0x4, 0x4, 0x2, 0x5}], 0x10, 0x8f}, 0x90) unexpected fault address 0x0 fatal error: fault unexpected fault address 0xc000ef3f18 fatal error: fault [signal SIGSEGV: segmentation violation code=0x2 addr=0xc000ef3f18 pc=0xc000ef3f18] goroutine 18 [running]: runtime.nanotime(...) /usr/local/go/src/runtime/time_nofake.go:19 runtime.(*scavengerState).init.func2(0x6132dfd?) /usr/local/go/src/runtime/mgcscavenge.go:396 +0x53 fp=0xc00004ef70 sp=0xc00004ef28 pc=0x467d13 runtime.(*scavengerState).run(0x2407b00) /usr/local/go/src/runtime/mgcscavenge.go:602 +0x90 fp=0xc00004efa0 sp=0xc00004ef70 pc=0x425b70 runtime.bgscavenge(0x0?) /usr/local/go/src/runtime/mgcscavenge.go:656 +0x48 fp=0xc00004efc8 sp=0xc00004efa0 pc=0x425ce8 runtime.gcenable.func2() /usr/local/go/src/runtime/mgc.go:201 +0x25 fp=0xc00004efe0 sp=0xc00004efc8 pc=0x41cf45 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc00004efe8 sp=0xc00004efe0 pc=0x470621 created by runtime.gcenable in goroutine 1 /usr/local/go/src/runtime/mgc.go:201 +0xa5 goroutine 1 [chan receive]: runtime.gopark(0x180?, 0x0?, 0x1?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc001273838 sp=0xc001273818 pc=0x43d86e runtime.chanrecv(0xc0000906c0, 0xc000eef9e8, 0x1) /usr/local/go/src/runtime/chan.go:583 +0x3cd fp=0xc0012738b0 sp=0xc001273838 pc=0x4099ad runtime.chanrecv2(0xc0003d20f0?, 0x1?) /usr/local/go/src/runtime/chan.go:447 +0x12 fp=0xc0012738d8 sp=0xc0012738b0 pc=0x4095d2 main.(*FuzzerTool).exchangeDataWorker(0xc0003d20f0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:375 +0xa5 fp=0xc001273ab8 sp=0xc0012738d8 pc=0x9f79c5 main.main() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:274 +0x1489 fp=0xc001273f40 sp=0xc001273ab8 pc=0x9f6889 runtime.main() /usr/local/go/src/runtime/proc.go:267 +0x2bb fp=0xc001273fe0 sp=0xc001273f40 pc=0x43d3fb runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc001273fe8 sp=0xc001273fe0 pc=0x470621 goroutine 2 [force gc (idle), 2 minutes]: runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc000052fa8 sp=0xc000052f88 pc=0x43d86e runtime.goparkunlock(...) /usr/local/go/src/runtime/proc.go:404 runtime.forcegchelper() /usr/local/go/src/runtime/proc.go:322 +0xb3 fp=0xc000052fe0 sp=0xc000052fa8 pc=0x43d6d3 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc000052fe8 sp=0xc000052fe0 pc=0x470621 created by runtime.init.6 in goroutine 1 /usr/local/go/src/runtime/proc.go:310 +0x1a goroutine 17 [runnable]: runtime.gopark(0x2404c01?, 0x0?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc00004e778 sp=0xc00004e758 pc=0x43d86e runtime.goparkunlock(...) /usr/local/go/src/runtime/proc.go:404 runtime.bgsweep(0x0?) /usr/local/go/src/runtime/mgcsweep.go:321 +0xdf fp=0xc00004e7c8 sp=0xc00004e778 pc=0x427ebf runtime.gcenable.func1() /usr/local/go/src/runtime/mgc.go:200 +0x25 fp=0xc00004e7e0 sp=0xc00004e7c8 pc=0x41cfa5 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc00004e7e8 sp=0xc00004e7e0 pc=0x470621 created by runtime.gcenable in goroutine 1 /usr/local/go/src/runtime/mgc.go:200 +0x66 goroutine 3 [finalizer wait]: runtime.gopark(0x0?, 0xd53348?, 0x0?, 0x80?, 0x2000000020?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc000052628 sp=0xc000052608 pc=0x43d86e runtime.runfinq() /usr/local/go/src/runtime/mfinal.go:193 +0x107 fp=0xc0000527e0 sp=0xc000052628 pc=0x41c027 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0000527e8 sp=0xc0000527e0 pc=0x470621 created by runtime.createfing in goroutine 1 /usr/local/go/src/runtime/mfinal.go:163 +0x3d goroutine 4 [select]: runtime.gopark(0xc000053788?, 0x3?, 0xa0?, 0x89?, 0xc000053772?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc000053618 sp=0xc0000535f8 pc=0x43d86e runtime.selectgo(0xc000053788, 0xc00005376c, 0xc000153980?, 0x0, 0x0?, 0x1) /usr/local/go/src/runtime/select.go:327 +0x725 fp=0xc000053738 sp=0xc000053618 pc=0x44dce5 go.opencensus.io/stats/view.(*worker).start(0xc000153980) /syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:292 +0x9f fp=0xc0000537c8 sp=0xc000053738 pc=0x9b5fff go.opencensus.io/stats/view.init.0.func1() /syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:34 +0x25 fp=0xc0000537e0 sp=0xc0000537c8 pc=0x9b5325 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0000537e8 sp=0xc0000537e0 pc=0x470621 created by go.opencensus.io/stats/view.init.0 in goroutine 1 /syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:34 +0x8d goroutine 5 [GC worker (idle)]: runtime.gopark(0x236fbad06c?, 0x2?, 0xde?, 0xe3?, 0x0?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc000053f50 sp=0xc000053f30 pc=0x43d86e runtime.gcBgMarkWorker() /usr/local/go/src/runtime/mgc.go:1293 +0xe5 fp=0xc000053fe0 sp=0xc000053f50 pc=0x41eb25 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc000053fe8 sp=0xc000053fe0 pc=0x470621 created by runtime.gcBgMarkStartWorkers in goroutine 1 /usr/local/go/src/runtime/mgc.go:1217 +0x1c goroutine 19 [running]: goroutine running on other thread; stack unavailable created by runtime.gcBgMarkStartWorkers in goroutine 1 /usr/local/go/src/runtime/mgc.go:1217 +0x1c goroutine 6 [chan receive, 2 minutes]: runtime.gopark(0xc000054ee0?, 0x745ac5?, 0x1?, 0xaf?, 0xc000054f58?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc000054ec8 sp=0xc000054ea8 pc=0x43d86e runtime.chanrecv(0xc000090180, 0x0, 0x1) /usr/local/go/src/runtime/chan.go:583 +0x3cd fp=0xc000054f40 sp=0xc000054ec8 pc=0x4099ad runtime.chanrecv1(0xc000090180?, 0xc000054fb0?) /usr/local/go/src/runtime/chan.go:442 +0x12 fp=0xc000054f68 sp=0xc000054f40 pc=0x4095b2 github.com/google/syzkaller/pkg/osutil.HandleInterrupts.func1() /syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:78 +0x85 fp=0xc000054fe0 sp=0xc000054f68 pc=0x7471c5 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc000054fe8 sp=0xc000054fe0 pc=0x470621 created by github.com/google/syzkaller/pkg/osutil.HandleInterrupts in goroutine 1 /syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:75 +0x4f goroutine 7 [chan receive, 2 minutes]: runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc000055700 sp=0xc0000556e0 pc=0x43d86e runtime.chanrecv(0xc00007a180, 0x0, 0x1) /usr/local/go/src/runtime/chan.go:583 +0x3cd fp=0xc000055778 sp=0xc000055700 pc=0x4099ad runtime.chanrecv1(0x0?, 0x0?) /usr/local/go/src/runtime/chan.go:442 +0x12 fp=0xc0000557a0 sp=0xc000055778 pc=0x4095b2 main.main.func1() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:158 +0x19 fp=0xc0000557e0 sp=0xc0000557a0 pc=0x9f6999 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0000557e8 sp=0xc0000557e0 pc=0x470621 created by main.main in goroutine 1 /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:156 +0x525 goroutine 8 [IO wait, 2 minutes]: runtime.gopark(0xc0005f2c10?, 0x4103c5?, 0x18?, 0x2c?, 0x4e157d?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc0005f2ba8 sp=0xc0005f2b88 pc=0x43d86e runtime.netpollblock(0x7fc9fd3cfb48?, 0x407de6?, 0x0?) /usr/local/go/src/runtime/netpoll.go:564 +0xf7 fp=0xc0005f2be0 sp=0xc0005f2ba8 pc=0x4362d7 internal/poll.runtime_pollWait(0x7fc9fd3bbd88, 0x72) /usr/local/go/src/runtime/netpoll.go:343 +0x85 fp=0xc0005f2c00 sp=0xc0005f2be0 pc=0x46ade5 internal/poll.(*pollDesc).wait(0xc0005fa000?, 0xc0005f2ce8?, 0x0) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x27 fp=0xc0005f2c28 sp=0xc0005f2c00 pc=0x4da1e7 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Accept(0xc0005fa000) /usr/local/go/src/internal/poll/fd_unix.go:611 +0x2ac fp=0xc0005f2cd0 sp=0xc0005f2c28 pc=0x4df6cc net.(*netFD).accept(0xc0005fa000) /usr/local/go/src/net/fd_unix.go:172 +0x29 fp=0xc0005f2d88 sp=0xc0005f2cd0 pc=0x5b91a9 net.(*TCPListener).accept(0xc00045c000) /usr/local/go/src/net/tcpsock_posix.go:152 +0x1e fp=0xc0005f2db0 sp=0xc0005f2d88 pc=0x5d08de net.(*TCPListener).Accept(0xc00045c000) /usr/local/go/src/net/tcpsock.go:315 +0x30 fp=0xc0005f2de0 sp=0xc0005f2db0 pc=0x5cfa90 net/http.(*onceCloseListener).Accept(0xe454d0?) :1 +0x24 fp=0xc0005f2df8 sp=0xc0005f2de0 pc=0x6efae4 net/http.(*Server).Serve(0xc0003d2000, {0xe44770, 0xc00045c000}) /usr/local/go/src/net/http/server.go:3056 +0x364 fp=0xc0005f2f28 sp=0xc0005f2df8 pc=0x6cd784 net/http.(*Server).ListenAndServe(0xc0003d2000) /usr/local/go/src/net/http/server.go:2985 +0x71 fp=0xc0005f2f58 sp=0xc0005f2f28 pc=0x6cd3f1 net/http.ListenAndServe(...) /usr/local/go/src/net/http/server.go:3239 main.setupPprofHandler.func1() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:466 +0x9d fp=0xc0005f2fe0 sp=0xc0005f2f58 pc=0x9f8bfd runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0005f2fe8 sp=0xc0005f2fe0 pc=0x470621 created by main.setupPprofHandler in goroutine 1 /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:465 +0x37 goroutine 20 [select, 2 minutes, locked to thread]: runtime.gopark(0xc0005dafa8?, 0x2?, 0x9?, 0xdb?, 0xc0005dafa4?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc0005dae38 sp=0xc0005dae18 pc=0x43d86e runtime.selectgo(0xc0005dafa8, 0xc0005dafa0, 0x0?, 0x0, 0x1?, 0x1) /usr/local/go/src/runtime/select.go:327 +0x725 fp=0xc0005daf58 sp=0xc0005dae38 pc=0x44dce5 runtime.ensureSigM.func1() /usr/local/go/src/runtime/signal_unix.go:1014 +0x19f fp=0xc0005dafe0 sp=0xc0005daf58 pc=0x4674bf runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0005dafe8 sp=0xc0005dafe0 pc=0x470621 created by runtime.ensureSigM in goroutine 6 /usr/local/go/src/runtime/signal_unix.go:997 +0xc8 goroutine 21 [syscall, 2 minutes]: runtime.notetsleepg(0x1cbe820?, 0x1?) /usr/local/go/src/runtime/lock_futex.go:236 +0x29 fp=0xc0005db7a0 sp=0xc0005db768 pc=0x40ee69 os/signal.signal_recv() /usr/local/go/src/runtime/sigqueue.go:152 +0x29 fp=0xc0005db7c0 sp=0xc0005db7a0 pc=0x46cde9 os/signal.loop() /usr/local/go/src/os/signal/signal_unix.go:23 +0x13 fp=0xc0005db7e0 sp=0xc0005db7c0 pc=0x745df3 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0005db7e8 sp=0xc0005db7e0 pc=0x470621 created by os/signal.Notify.func1.1 in goroutine 6 /usr/local/go/src/os/signal/signal.go:151 +0x1f goroutine 10 [IO wait]: runtime.gopark(0x46a3b3?, 0xb?, 0x0?, 0x0?, 0x7?) /usr/local/go/src/runtime/proc.go:398 +0xce fp=0xc0007bf958 sp=0xc0007bf938 pc=0x43d86e runtime.netpollblock(0x4bfa18?, 0x407de6?, 0x0?) /usr/local/go/src/runtime/netpoll.go:564 +0xf7 fp=0xc0007bf990 sp=0xc0007bf958 pc=0x4362d7 internal/poll.runtime_pollWait(0x7fc9fd3bbe80, 0x72) /usr/local/go/src/runtime/netpoll.go:343 +0x85 fp=0xc0007bf9b0 sp=0xc0007bf990 pc=0x46ade5 internal/poll.(*pollDesc).wait(0xc000447d80?, 0xc00052e000?, 0x0) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x27 fp=0xc0007bf9d8 sp=0xc0007bf9b0 pc=0x4da1e7 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc000447d80, {0xc00052e000, 0x1000, 0x1000}) /usr/local/go/src/internal/poll/fd_unix.go:164 +0x27a fp=0xc0007bfa70 sp=0xc0007bf9d8 pc=0x4db4da net.(*netFD).Read(0xc000447d80, {0xc00052e000?, 0xc00045c140?, 0xa510c0?}) /usr/local/go/src/net/fd_posix.go:55 +0x25 fp=0xc0007bfab8 sp=0xc0007bfa70 pc=0x5b7185 net.(*conn).Read(0xc000bd5808, {0xc00052e000?, 0xc0007bfb58?, 0x4b58d0?}) /usr/local/go/src/net/net.go:179 +0x45 fp=0xc0007bfb00 sp=0xc0007bfab8 pc=0x5c80a5 net.(*TCPConn).Read(0x407728?, {0xc00052e000?, 0x407cad?, 0x4078dd?}) :1 +0x25 fp=0xc0007bfb30 sp=0xc0007bfb00 pc=0x5d9005 bufio.(*Reader).fill(0xc00010b080) /usr/local/go/src/bufio/bufio.go:113 +0x103 fp=0xc0007bfb68 sp=0xc0007bfb30 pc=0x656c23 bufio.(*Reader).ReadByte(0xc00010b080) /usr/local/go/src/bufio/bufio.go:272 +0x27 fp=0xc0007bfb88 sp=0xc0007bfb68 pc=0x657347 compress/flate.(*decompressor).moreBits(0xc00074c000) /usr/local/go/src/compress/flate/inflate.go:697 +0x27 fp=0xc0007bfbc0 sp=0xc0007bfb88 pc=0x66e727 compress/flate.(*decompressor).nextBlock(0xc00074c000) /usr/local/go/src/compress/flate/inflate.go:304 +0x28 fp=0xc0007bfbd8 sp=0xc0007bfbc0 pc=0x66cbc8 compress/flate.(*decompressor).Read(0xc00074c000, {0xc000542000, 0x1000, 0xc0007bfc78?}) /usr/local/go/src/compress/flate/inflate.go:348 +0x5b fp=0xc0007bfc08 sp=0xc0007bfbd8 pc=0x66cdfb github.com/google/syzkaller/pkg/rpctype.(*flateConn).Read(0xc00045c140?, {0xc000542000?, 0xafb5e0?, 0xc0009800f0?}) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpctype/rpc.go:137 +0x22 fp=0xc0007bfc38 sp=0xc0007bfc08 pc=0x9f3282 bufio.(*Reader).Read(0xc00010b0e0, {0xc0004d8ed0, 0x1, 0xc0007bfd68?}) /usr/local/go/src/bufio/bufio.go:244 +0x197 fp=0xc0007bfc70 sp=0xc0007bfc38 pc=0x657157 io.ReadAtLeast({0xe3db00, 0xc00010b0e0}, {0xc0004d8ed0, 0x1, 0x9}, 0x1) /usr/local/go/src/io/io.go:335 +0x90 fp=0xc0007bfcb8 sp=0xc0007bfc70 pc=0x4b58d0 io.ReadFull(...) /usr/local/go/src/io/io.go:354 encoding/gob.decodeUintReader({0xe3db00, 0xc00010b0e0}, {0xc0004d8ed0, 0x9, 0x9}) /usr/local/go/src/encoding/gob/decode.go:116 +0x51 fp=0xc0007bfd10 sp=0xc0007bfcb8 pc=0x990e11 encoding/gob.(*Decoder).recvMessage(0xc000447e00) /usr/local/go/src/encoding/gob/decoder.go:82 +0x33 fp=0xc0007bfd48 sp=0xc0007bfd10 pc=0x99a3f3 encoding/gob.(*Decoder).decodeTypeSequence(0xc000447e00, 0x0) /usr/local/go/src/encoding/gob/decoder.go:148 +0x47 fp=0xc0007bfd78 sp=0xc0007bfd48 pc=0x99a767 encoding/gob.(*Decoder).DecodeValue(0xc000447e00, {0xa44280?, 0xc00007daa0?, 0x16?}) /usr/local/go/src/encoding/gob/decoder.go:227 +0x16e fp=0xc0007bfdf8 sp=0xc0007bfd78 pc=0x99abae encoding/gob.(*Decoder).Decode(0xc000447e00, {0xa44280?, 0xc00007daa0?}) /usr/local/go/src/encoding/gob/decoder.go:204 +0x125 fp=0xc0007bfe50 sp=0xc0007bfdf8 pc=0x99a9e5 net/rpc.(*gobClientCodec).ReadResponseHeader(0xa9de20?, 0xa40700?) /usr/local/go/src/net/rpc/client.go:228 +0x25 fp=0xc0007bfe78 sp=0xc0007bfe50 pc=0x9af525 net/rpc.(*Client).input(0xc00010b1a0) /usr/local/go/src/net/rpc/client.go:109 +0x9f fp=0xc0007bffc8 sp=0xc0007bfe78 pc=0x9ae77f net/rpc.NewClientWithCodec.func1() /usr/local/go/src/net/rpc/client.go:206 +0x25 fp=0xc0007bffe0 sp=0xc0007bffc8 pc=0x9af405 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1650 +0x1 fp=0xc0007bffe8 sp=0xc0007bffe0 pc=0x470621 created by net/rpc.NewClientWithCodec in goroutine 1 /usr/local/go/src/net/rpc/client.go:206 +0xb6 goroutine 14 [IO wait]: runtime.gopark(0xc0014908c8?, 0xb?, 0x0?, 0x0?, 0x19?) /usr/local/go/src/runtime/proc.goConnection to 10.128.0.62 closed by remote host.