fatal error: s.freeindex > s.nelems goroutine 14 [running]: runtime.throw({0xaae647?, 0xc003511bc0?}) /usr/local/go/src/runtime/panic.go:1047 +0x5d fp=0xc003511b00 sp=0xc003511ad0 pc=0x4363bd runtime.(*mspan).nextFreeIndex(0x0?) /usr/local/go/src/runtime/mbitmap.go:145 +0x147 fp=0xc003511b38 sp=0xc003511b00 pc=0x414767 runtime.(*mcache).nextFree(0x7f9ac7c33108, 0xe) /usr/local/go/src/runtime/malloc.go:848 +0x4d fp=0xc003511b80 sp=0xc003511b38 pc=0x40d26d runtime.mallocgc(0x50, 0xa07720, 0x1) /usr/local/go/src/runtime/malloc.go:1042 +0x44d fp=0xc003511be8 sp=0xc003511b80 pc=0x40d88d runtime.newobject(0xc0140fe000?) /usr/local/go/src/runtime/malloc.go:1254 +0x27 fp=0xc003511c10 sp=0xc003511be8 pc=0x40de27 github.com/google/syzkaller/prog.cloneCall(0xc0165f7b30, 0xc003511d00?) /syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:29 +0x2e fp=0xc003511c60 sp=0xc003511c10 pc=0x5459ee github.com/google/syzkaller/prog.cloneCalls({0xc017507cc0, 0x7, 0x505e02?}, 0xc003511c6f?) /syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:23 +0x67 fp=0xc003511ca0 sp=0xc003511c60 pc=0x545947 github.com/google/syzkaller/prog.(*Prog).Clone(0xc017507d80) /syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:14 +0x96 fp=0xc003511db0 sp=0xc003511ca0 pc=0x545816 main.(*Proc).smashInput(0xc01ff9d080, 0xc0076918a0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:218 +0x129 fp=0xc003511e98 sp=0xc003511db0 pc=0x906629 main.(*Proc).loop(0xc01ff9d080) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf2 fp=0xc003511fc8 sp=0xc003511e98 pc=0x904d32 main.main.func2() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x26 fp=0xc003511fe0 sp=0xc003511fc8 pc=0x901026 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc003511fe8 sp=0xc003511fe0 pc=0x469661 created by main.main /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x1605 goroutine 1 [select]: runtime.gopark(0xc0233cfa60?, 0x2?, 0x40?, 0x6?, 0xc0233cfa1c?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0233cf850 sp=0xc0233cf830 pc=0x4390d6 runtime.selectgo(0xc0233cfa60, 0xc0233cfa18, 0xc013a45980?, 0x0, 0x0?, 0x1) /usr/local/go/src/runtime/select.go:327 +0x7be fp=0xc0233cf990 sp=0xc0233cf850 pc=0x4491de main.(*Fuzzer).pollLoop(0xc000220600) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:385 +0x105 fp=0xc0233cfa90 sp=0xc0233cf990 pc=0x901925 main.main() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:313 +0x178c fp=0xc0233cff80 sp=0xc0233cfa90 pc=0x900fac runtime.main() /usr/local/go/src/runtime/proc.go:250 +0x207 fp=0xc0233cffe0 sp=0xc0233cff80 pc=0x438ca7 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0233cffe8 sp=0xc0233cffe0 pc=0x469661 goroutine 2 [force gc (idle), 3 minutes]: runtime.gopark(0x9e95141653?, 0x0?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000054fb0 sp=0xc000054f90 pc=0x4390d6 runtime.goparkunlock(...) /usr/local/go/src/runtime/proc.go:387 runtime.forcegchelper() /usr/local/go/src/runtime/proc.go:305 +0xb0 fp=0xc000054fe0 sp=0xc000054fb0 pc=0x438f10 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000054fe8 sp=0xc000054fe0 pc=0x469661 created by runtime.init.6 /usr/local/go/src/runtime/proc.go:293 +0x25 goroutine 3 [GC sweep wait]: runtime.gopark(0x1ed0501?, 0x0?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000055780 sp=0xc000055760 pc=0x4390d6 runtime.goparkunlock(...) /usr/local/go/src/runtime/proc.go:387 runtime.bgsweep(0x0?) /usr/local/go/src/runtime/mgcsweep.go:319 +0xde fp=0xc0000557c8 sp=0xc000055780 pc=0x42421e runtime.gcenable.func1() /usr/local/go/src/runtime/mgc.go:178 +0x26 fp=0xc0000557e0 sp=0xc0000557c8 pc=0x4193e6 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000557e8 sp=0xc0000557e0 pc=0x469661 created by runtime.gcenable /usr/local/go/src/runtime/mgc.go:178 +0x6b goroutine 4 [GC scavenge wait]: runtime.gopark(0x82ca25384e?, 0x112a4e?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000055f70 sp=0xc000055f50 pc=0x4390d6 runtime.goparkunlock(...) /usr/local/go/src/runtime/proc.go:387 runtime.(*scavengerState).park(0x1ed0ba0) /usr/local/go/src/runtime/mgcscavenge.go:400 +0x53 fp=0xc000055fa0 sp=0xc000055f70 pc=0x422113 runtime.bgscavenge(0x0?) /usr/local/go/src/runtime/mgcscavenge.go:633 +0x65 fp=0xc000055fc8 sp=0xc000055fa0 pc=0x422705 runtime.gcenable.func2() /usr/local/go/src/runtime/mgc.go:179 +0x26 fp=0xc000055fe0 sp=0xc000055fc8 pc=0x419386 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000055fe8 sp=0xc000055fe0 pc=0x469661 created by runtime.gcenable /usr/local/go/src/runtime/mgc.go:179 +0xaa goroutine 17 [finalizer wait, 11 minutes]: runtime.gopark(0x0?, 0xbfd928?, 0x20?, 0x60?, 0x2000000020?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000054628 sp=0xc000054608 pc=0x4390d6 runtime.runfinq() /usr/local/go/src/runtime/mfinal.go:193 +0x107 fp=0xc0000547e0 sp=0xc000054628 pc=0x418427 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000547e8 sp=0xc0000547e0 pc=0x469661 created by runtime.createfing /usr/local/go/src/runtime/mfinal.go:163 +0x45 goroutine 18 [select]: runtime.gopark(0xc000050788?, 0x3?, 0x90?, 0x0?, 0xc000050772?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0000505f8 sp=0xc0000505d8 pc=0x4390d6 runtime.selectgo(0xc000050788, 0xc00005076c, 0xc0000efe80?, 0x0, 0x0?, 0x1) /usr/local/go/src/runtime/select.go:327 +0x7be fp=0xc000050738 sp=0xc0000505f8 pc=0x4491de go.opencensus.io/stats/view.(*worker).start(0xc0000efe80) /syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:292 +0xad fp=0xc0000507c8 sp=0xc000050738 pc=0x88d00d go.opencensus.io/stats/view.init.0.func1() /syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:34 +0x26 fp=0xc0000507e0 sp=0xc0000507c8 pc=0x88c246 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000507e8 sp=0xc0000507e0 pc=0x469661 created by go.opencensus.io/stats/view.init.0 /syzkaller/gopath/src/github.com/google/syzkaller/vendor/go.opencensus.io/stats/view/worker.go:34 +0x96 goroutine 19 [GC worker (idle)]: runtime.gopark(0x1f01820?, 0x2?, 0x71?, 0x79?, 0x0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000050f50 sp=0xc000050f30 pc=0x4390d6 runtime.gcBgMarkWorker() /usr/local/go/src/runtime/mgc.go:1275 +0xf1 fp=0xc000050fe0 sp=0xc000050f50 pc=0x41b151 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000050fe8 sp=0xc000050fe0 pc=0x469661 created by runtime.gcBgMarkStartWorkers /usr/local/go/src/runtime/mgc.go:1199 +0x25 goroutine 5 [GC worker (idle)]: runtime.gopark(0xab8989a661?, 0x2?, 0xcf?, 0x72?, 0x0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000056750 sp=0xc000056730 pc=0x4390d6 runtime.gcBgMarkWorker() /usr/local/go/src/runtime/mgc.go:1275 +0xf1 fp=0xc0000567e0 sp=0xc000056750 pc=0x41b151 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000567e8 sp=0xc0000567e0 pc=0x469661 created by runtime.gcBgMarkStartWorkers /usr/local/go/src/runtime/mgc.go:1199 +0x25 goroutine 20 [chan receive, 11 minutes]: runtime.gopark(0xc000057688?, 0xc0000576e0?, 0x53?, 0xb0?, 0xc0000576e0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0000576b0 sp=0xc000057690 pc=0x4390d6 runtime.chanrecv(0xc00009e1e0, 0x0, 0x1) /usr/local/go/src/runtime/chan.go:583 +0x49d fp=0xc000057740 sp=0xc0000576b0 pc=0x406f5d runtime.chanrecv1(0xc00009e1e0?, 0xc0000577b0?) /usr/local/go/src/runtime/chan.go:442 +0x18 fp=0xc000057768 sp=0xc000057740 pc=0x406a98 github.com/google/syzkaller/pkg/osutil.HandleInterrupts.func1() /syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:78 +0x8a fp=0xc0000577e0 sp=0xc000057768 pc=0x52c92a runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000577e8 sp=0xc0000577e0 pc=0x469661 created by github.com/google/syzkaller/pkg/osutil.HandleInterrupts /syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:75 +0x56 goroutine 21 [chan receive, 11 minutes]: runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc000057ee8 sp=0xc000057ec8 pc=0x4390d6 runtime.chanrecv(0xc0000820c0, 0x0, 0x1) /usr/local/go/src/runtime/chan.go:583 +0x49d fp=0xc000057f78 sp=0xc000057ee8 pc=0x406f5d runtime.chanrecv1(0x0?, 0x0?) /usr/local/go/src/runtime/chan.go:442 +0x18 fp=0xc000057fa0 sp=0xc000057f78 pc=0x406a98 main.main.func1() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:182 +0x1f fp=0xc000057fe0 sp=0xc000057fa0 pc=0x90107f runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc000057fe8 sp=0xc000057fe0 pc=0x469661 created by main.main /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:180 +0x48f goroutine 6 [select, 11 minutes, locked to thread]: runtime.gopark(0xc0004e2fa8?, 0x2?, 0x52?, 0x94?, 0xc0004e2fa4?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0004e2e18 sp=0xc0004e2df8 pc=0x4390d6 runtime.selectgo(0xc0004e2fa8, 0xc0004e2fa0, 0x0?, 0x0, 0x0?, 0x1) /usr/local/go/src/runtime/select.go:327 +0x7be fp=0xc0004e2f58 sp=0xc0004e2e18 pc=0x4491de runtime.ensureSigM.func1() /usr/local/go/src/runtime/signal_unix.go:1000 +0x1af fp=0xc0004e2fe0 sp=0xc0004e2f58 pc=0x46136f runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0004e2fe8 sp=0xc0004e2fe0 pc=0x469661 created by runtime.ensureSigM /usr/local/go/src/runtime/signal_unix.go:983 +0xbd goroutine 7 [syscall, 11 minutes]: runtime.notetsleepg(0x0?, 0x0?) /usr/local/go/src/runtime/lock_futex.go:236 +0x34 fp=0xc0004e37a0 sp=0xc0004e3768 pc=0x40c534 os/signal.signal_recv() /usr/local/go/src/runtime/sigqueue.go:152 +0x2f fp=0xc0004e37c0 sp=0xc0004e37a0 pc=0x465c2f os/signal.loop() /usr/local/go/src/os/signal/signal_unix.go:23 +0x19 fp=0xc0004e37e0 sp=0xc0004e37c0 pc=0x52b459 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0004e37e8 sp=0xc0004e37e0 pc=0x469661 created by os/signal.Notify.func1.1 /usr/local/go/src/os/signal/signal.go:151 +0x2a goroutine 23 [IO wait]: runtime.gopark(0x1?, 0xb?, 0x0?, 0x0?, 0x3?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc00022d958 sp=0xc00022d938 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc00022d990 sp=0xc00022d958 pc=0x431a37 internal/poll.runtime_pollWait(0x7f9aa088cdd8, 0x72) /usr/local/go/src/runtime/netpoll.go:306 +0x89 fp=0xc00022d9b0 sp=0xc00022d990 pc=0x463a29 internal/poll.(*pollDesc).wait(0xc00042f000?, 0xc000524000?, 0x0) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x32 fp=0xc00022d9d8 sp=0xc00022d9b0 pc=0x4d6812 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc00042f000, {0xc000524000, 0x1000, 0x1000}) /usr/local/go/src/internal/poll/fd_unix.go:167 +0x299 fp=0xc00022da70 sp=0xc00022d9d8 pc=0x4d7bf9 net.(*netFD).Read(0xc00042f000, {0xc000524000?, 0x9514a0?, 0xc0139e8948?}) /usr/local/go/src/net/fd_posix.go:55 +0x29 fp=0xc00022dab8 sp=0xc00022da70 pc=0x65b649 net.(*conn).Read(0xc000c6ff38, {0xc000524000?, 0x198?, 0x4b147a?}) /usr/local/go/src/net/net.go:183 +0x45 fp=0xc00022db00 sp=0xc00022dab8 pc=0x66d185 net.(*TCPConn).Read(0xc00094e120?, {0xc000524000?, 0x9cc9e0?, 0xc0139e8930?}) :1 +0x29 fp=0xc00022db30 sp=0xc00022db00 pc=0x67d3e9 bufio.(*Reader).fill(0xc000077d40) /usr/local/go/src/bufio/bufio.go:106 +0xff fp=0xc00022db68 sp=0xc00022db30 pc=0x50b4df bufio.(*Reader).ReadByte(0xc000077d40) /usr/local/go/src/bufio/bufio.go:265 +0x2c fp=0xc00022db88 sp=0xc00022db68 pc=0x50bcac compress/flate.(*decompressor).moreBits(0xc000396000) /usr/local/go/src/compress/flate/inflate.go:696 +0x2d fp=0xc00022dbc0 sp=0xc00022db88 pc=0x51756d compress/flate.(*decompressor).nextBlock(0xc000396000) /usr/local/go/src/compress/flate/inflate.go:303 +0x2e fp=0xc00022dbd8 sp=0xc00022dbc0 pc=0x51592e compress/flate.(*decompressor).Read(0xc000396000, {0xc000572000, 0x1000, 0xc00022dc80?}) /usr/local/go/src/compress/flate/inflate.go:347 +0x7e fp=0xc00022dc10 sp=0xc00022dbd8 pc=0x515b9e github.com/google/syzkaller/pkg/rpctype.(*flateConn).Read(0xc00094e100?, {0xc000572000?, 0x9d6fe0?, 0xc0139e8900?}) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpctype/rpc.go:136 +0x26 fp=0xc00022dc40 sp=0xc00022dc10 pc=0x8fd5c6 bufio.(*Reader).Read(0xc000077da0, {0xc0004a80d0, 0x1, 0xc00022dd70?}) /usr/local/go/src/bufio/bufio.go:237 +0x1bb fp=0xc00022dc78 sp=0xc00022dc40 pc=0x50babb io.ReadAtLeast({0xcb7e40, 0xc000077da0}, {0xc0004a80d0, 0x1, 0x9}, 0x1) /usr/local/go/src/io/io.go:332 +0x9a fp=0xc00022dcc0 sp=0xc00022dc78 pc=0x4b147a io.ReadFull(...) /usr/local/go/src/io/io.go:351 encoding/gob.decodeUintReader({0xcb7e40?, 0xc000077da0?}, {0xc0004a80d0?, 0x9?, 0x9?}) /usr/local/go/src/encoding/gob/decode.go:116 +0x57 fp=0xc00022dd18 sp=0xc00022dcc0 pc=0x895b17 encoding/gob.(*Decoder).recvMessage(0xc00042f080) /usr/local/go/src/encoding/gob/decoder.go:82 +0x39 fp=0xc00022dd50 sp=0xc00022dd18 pc=0x89f6d9 encoding/gob.(*Decoder).decodeTypeSequence(0xc00042f080, 0x0) /usr/local/go/src/encoding/gob/decoder.go:148 +0x4f fp=0xc00022dd80 sp=0xc00022dd50 pc=0x89fa6f encoding/gob.(*Decoder).DecodeValue(0xc00042f080, {0x94a3e0?, 0xc0004809f0?, 0x7f9ac7c3ea48?}) /usr/local/go/src/encoding/gob/decoder.go:227 +0x18f fp=0xc00022de00 sp=0xc00022dd80 pc=0x89ff0f encoding/gob.(*Decoder).Decode(0xc00042f080, {0x94a3e0?, 0xc0004809f0?}) /usr/local/go/src/encoding/gob/decoder.go:204 +0x165 fp=0xc00022de58 sp=0xc00022de00 pc=0x89fd25 net/rpc.(*gobClientCodec).ReadResponseHeader(0x98dda0?, 0x941e20?) /usr/local/go/src/net/rpc/client.go:228 +0x27 fp=0xc00022de80 sp=0xc00022de58 pc=0x8b5827 net/rpc.(*Client).input(0xc000077e60) /usr/local/go/src/net/rpc/client.go:109 +0xb4 fp=0xc00022dfc8 sp=0xc00022de80 pc=0x8b4ab4 net/rpc.NewClientWithCodec.func1() /usr/local/go/src/net/rpc/client.go:206 +0x26 fp=0xc00022dfe0 sp=0xc00022dfc8 pc=0x8b56e6 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc00022dfe8 sp=0xc00022dfe0 pc=0x469661 created by net/rpc.NewClientWithCodec /usr/local/go/src/net/rpc/client.go:206 +0xc5 goroutine 11 [IO wait]: runtime.gopark(0xc0157386e8?, 0xb?, 0x0?, 0x0?, 0x16?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc003ee96d0 sp=0xc003ee96b0 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc003ee9708 sp=0xc003ee96d0 pc=0x431a37 internal/poll.runtime_pollWait(0x7f9aa088c568, 0x72) /usr/local/go/src/runtime/netpoll.go:306 +0x89 fp=0xc003ee9728 sp=0xc003ee9708 pc=0x463a29 internal/poll.(*pollDesc).wait(0xc0005ea0c0?, 0xc015bbc350?, 0x1) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x32 fp=0xc003ee9750 sp=0xc003ee9728 pc=0x4d6812 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc0005ea0c0, {0xc015bbc350, 0xc, 0xc}) /usr/local/go/src/internal/poll/fd_unix.go:167 +0x299 fp=0xc003ee97e8 sp=0xc003ee9750 pc=0x4d7bf9 os.(*File).read(...) /usr/local/go/src/os/file_posix.go:31 os.(*File).Read(0xc000c6fa10, {0xc015bbc350?, 0xc003ee9878?, 0x40de27?}) /usr/local/go/src/os/file.go:118 +0x5e fp=0xc003ee9840 sp=0xc003ee97e8 pc=0x4e305e io.ReadAtLeast({0xcba7a0, 0xc000c6fa10}, {0xc015bbc350, 0xc, 0xc}, 0xc) /usr/local/go/src/io/io.go:332 +0x9a fp=0xc003ee9888 sp=0xc003ee9840 pc=0x4b147a io.ReadFull(...) /usr/local/go/src/io/io.go:351 github.com/google/syzkaller/pkg/ipc.(*command).exec(0xc0210fd570, 0x7f9a9d7a3000?, {0x0, 0x0, 0x0}) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:786 +0x559 fp=0xc003ee9a30 sp=0xc003ee9888 pc=0x8fc219 github.com/google/syzkaller/pkg/ipc.(*Env).Exec(0xc01b65eea0, 0xc0140fe000?, 0xc015999680) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:286 +0x24e fp=0xc003ee9b10 sp=0xc003ee9a30 pc=0x8f824e main.(*Proc).executeRaw(0xc01990c9c0, 0xc015999680?, 0xc003ee9c60?, 0x5) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:328 +0x1bc fp=0xc003ee9c28 sp=0xc003ee9b10 pc=0x90739c main.(*Proc).execute(0xc01990c9c0, 0x1e?, 0xc01990c600?, 0xc000554b70?, 0xc0175f4000?) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:255 +0x49 fp=0xc003ee9d68 sp=0xc003ee9c28 pc=0x906b09 main.(*Proc).executeAndCollide(0xc01990c9c0, 0xa8d617?, 0x12?, 0xc003ee9e08?, 0x1?) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:284 +0x27 fp=0xc003ee9db0 sp=0xc003ee9d68 pc=0x907007 main.(*Proc).smashInput(0xc01990c9c0, 0xc0174bef70) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:221 +0x1d4 fp=0xc003ee9e98 sp=0xc003ee9db0 pc=0x9066d4 main.(*Proc).loop(0xc01990c9c0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf2 fp=0xc003ee9fc8 sp=0xc003ee9e98 pc=0x904d32 main.main.func2() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x26 fp=0xc003ee9fe0 sp=0xc003ee9fc8 pc=0x901026 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc003ee9fe8 sp=0xc003ee9fe0 pc=0x469661 created by main.main /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x1605 goroutine 10 [IO wait]: runtime.gopark(0xc01422a198?, 0xb?, 0x0?, 0x0?, 0xc?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc006f1b6d0 sp=0xc006f1b6b0 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc006f1b708 sp=0xc006f1b6d0 pc=0x431a37 internal/poll.runtime_pollWait(0x7f9aa088cb08, 0x72) /usr/local/go/src/runtime/netpoll.go:306 +0x89 fp=0xc006f1b728 sp=0xc006f1b708 pc=0x463a29 internal/poll.(*pollDesc).wait(0xc015257f20?, 0xc01467a0e0?, 0x1) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x32 fp=0xc006f1b750 sp=0xc006f1b728 pc=0x4d6812 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc015257f20, {0xc01467a0e0, 0xc, 0xc}) /usr/local/go/src/internal/poll/fd_unix.go:167 +0x299 fp=0xc006f1b7e8 sp=0xc006f1b750 pc=0x4d7bf9 os.(*File).read(...) /usr/local/go/src/os/file_posix.go:31 os.(*File).Read(0xc000c6f960, {0xc01467a0e0?, 0xc006f1b878?, 0x40de27?}) /usr/local/go/src/os/file.go:118 +0x5e fp=0xc006f1b840 sp=0xc006f1b7e8 pc=0x4e305e io.ReadAtLeast({0xcba7a0, 0xc000c6f960}, {0xc01467a0e0, 0xc, 0xc}, 0xc) /usr/local/go/src/io/io.go:332 +0x9a fp=0xc006f1b888 sp=0xc006f1b840 pc=0x4b147a io.ReadFull(...) /usr/local/go/src/io/io.go:351 github.com/google/syzkaller/pkg/ipc.(*command).exec(0xc0210fd500, 0x7f9a9eba3000?, {0x0, 0x0, 0x0}) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:786 +0x559 fp=0xc006f1ba30 sp=0xc006f1b888 pc=0x8fc219 github.com/google/syzkaller/pkg/ipc.(*Env).Exec(0xc01b65ee10, 0xc006f1bb38?, 0xc013ebd140) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:286 +0x24e fp=0xc006f1bb10 sp=0xc006f1ba30 pc=0x8f824e main.(*Proc).executeRaw(0xc01990c700, 0xc0200bec80?, 0xc006f1bc60?, 0x5) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:328 +0x1bc fp=0xc006f1bc28 sp=0xc006f1bb10 pc=0x90739c main.(*Proc).execute(0xc01990c700, 0x1e?, 0xc01990c600?, 0xc000554b70?, 0xc0175f4000?) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:255 +0x49 fp=0xc006f1bd68 sp=0xc006f1bc28 pc=0x906b09 main.(*Proc).executeAndCollide(0xc01990c700, 0xa8d617?, 0x12?, 0xc006f1be08?, 0x1?) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:284 +0x27 fp=0xc006f1bdb0 sp=0xc006f1bd68 pc=0x907007 main.(*Proc).smashInput(0xc01990c700, 0xc01ee81fb0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:221 +0x1d4 fp=0xc006f1be98 sp=0xc006f1bdb0 pc=0x9066d4 main.(*Proc).loop(0xc01990c700) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf2 fp=0xc006f1bfc8 sp=0xc006f1be98 pc=0x904d32 main.main.func2() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x26 fp=0xc006f1bfe0 sp=0xc006f1bfc8 pc=0x901026 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc006f1bfe8 sp=0xc006f1bfe0 pc=0x469661 created by main.main /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x1605 goroutine 24 [IO wait, 9 minutes]: runtime.gopark(0x0?, 0xb?, 0x0?, 0x0?, 0xa?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0000515e8 sp=0xc0000515c8 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc000051620 sp=0xc0000515e8 pc=0x431a37 internal/poll.runtime_pollWait(0x7f9aa088cce8, 0x72) /usr/local/go/src/runtime/netpoll.go:306 +0x89 fp=0xc000051640 sp=0xc000051620 pc=0x463a29 internal/poll.(*pollDesc).wait(0xc0145bf140?, 0xc028cda000?, 0x1) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x32 fp=0xc000051668 sp=0xc000051640 pc=0x4d6812 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc0145bf140, {0xc028cda000, 0x20000, 0x20000}) /usr/local/go/src/internal/poll/fd_unix.go:167 +0x299 fp=0xc000051700 sp=0xc000051668 pc=0x4d7bf9 os.(*File).read(...) /usr/local/go/src/os/file_posix.go:31 os.(*File).Read(0xc000c6f948, {0xc028cda000?, 0x8ffa?, 0xac00?}) /usr/local/go/src/os/file.go:118 +0x5e fp=0xc000051758 sp=0xc000051700 pc=0x4e305e github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc0210fd500) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:629 +0x8a fp=0xc0000517c8 sp=0xc000051758 pc=0x8fb30a github.com/google/syzkaller/pkg/ipc.makeCommand.func7() /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:644 +0x2a fp=0xc0000517e0 sp=0xc0000517c8 pc=0x8fb24a runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0000517e8 sp=0xc0000517e0 pc=0x469661 created by github.com/google/syzkaller/pkg/ipc.makeCommand /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:623 +0xa7b goroutine 25 [IO wait, 9 minutes]: runtime.gopark(0x0?, 0xb?, 0x0?, 0x0?, 0x11?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0004e4de8 sp=0xc0004e4dc8 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc0004e4e20 sp=0xc0004e4de8 pc=0x431a37 internal/poll.runtime_pollWait(0x7f9aa088c748, 0x72) /usr/local/go/src/runtime/netpoll.go:306 +0x89 fp=0xc0004e4e40 sp=0xc0004e4e20 pc=0x463a29 internal/poll.(*pollDesc).wait(0xc0005ea000?, 0xc028cfa000?, 0x1) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x32 fp=0xc0004e4e68 sp=0xc0004e4e40 pc=0x4d6812 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc0005ea000, {0xc028cfa000, 0x20000, 0x20000}) /usr/local/go/src/internal/poll/fd_unix.go:167 +0x299 fp=0xc0004e4f00 sp=0xc0004e4e68 pc=0x4d7bf9 os.(*File).read(...) /usr/local/go/src/os/file_posix.go:31 os.(*File).Read(0xc000c6f9b8, {0xc028cfa000?, 0x0?, 0x0?}) /usr/local/go/src/os/file.go:118 +0x5e fp=0xc0004e4f58 sp=0xc0004e4f00 pc=0x4e305e github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc0210fd570) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:629 +0x8a fp=0xc0004e4fc8 sp=0xc0004e4f58 pc=0x8fb30a github.com/google/syzkaller/pkg/ipc.makeCommand.func7() /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:644 +0x2a fp=0xc0004e4fe0 sp=0xc0004e4fc8 pc=0x8fb24a runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0004e4fe8 sp=0xc0004e4fe0 pc=0x469661 created by github.com/google/syzkaller/pkg/ipc.makeCommand /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:623 +0xa7b goroutine 12 [syscall, 9 minutes]: syscall.Syscall6(0xc01990c600?, 0x0?, 0x0?, 0x0?, 0x46563d?, 0xc0004e5e88?, 0x90387f?) /usr/local/go/src/syscall/syscall_linux.go:91 +0x36 fp=0xc0004e5de0 sp=0xc0004e5d58 pc=0x4bd2b6 os.(*Process).blockUntilWaitable(0xc020cce000) /usr/local/go/src/os/wait_waitid.go:32 +0x87 fp=0xc0004e5eb8 sp=0xc0004e5de0 pc=0x4e9567 os.(*Process).wait(0xc020cce000) /usr/local/go/src/os/exec_unix.go:22 +0x28 fp=0xc0004e5f18 sp=0xc0004e5eb8 pc=0x4e28a8 os.(*Process).Wait(...) /usr/local/go/src/os/exec.go:132 os/exec.(*Cmd).Wait(0xc01ad45600) /usr/local/go/src/os/exec/exec.go:890 +0x45 fp=0xc0004e5f80 sp=0xc0004e5f18 pc=0x527085 github.com/google/syzkaller/pkg/ipc.makeCommand.func3(0xc0210fd500) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:652 +0x32 fp=0xc0004e5fc8 sp=0xc0004e5f80 pc=0x8fb192 github.com/google/syzkaller/pkg/ipc.makeCommand.func8() /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:657 +0x2a fp=0xc0004e5fe0 sp=0xc0004e5fc8 pc=0x8fb12a runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0004e5fe8 sp=0xc0004e5fe0 pc=0x469661 created by github.com/google/syzkaller/pkg/ipc.makeCommand /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:651 +0xc7c goroutine 15 [IO wait]: runtime.gopark(0xc014675c78?, 0xb?, 0x0?, 0x0?, 0x28?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc0233cb810 sp=0xc0233cb7f0 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc0233cb848 sp=0xc0233cb810 pc=0x431a37 internal/poll.runtime_pollWait(0x7f9a9f2096d0, 0x72) /usr/local/go/src/runtime/netpoll.go:306 +0x89 fp=0xc0233cb868 sp=0xc0233cb848 pc=0x463a29 internal/poll.(*pollDesc).wait(0xc0005eade0?, 0xc015bbc270?, 0x1) /usr/local/go/src/internal/poll/fd_poll_runtime.go:84 +0x32 fp=0xc0233cb890 sp=0xc0233cb868 pc=0x4d6812 internal/poll.(*pollDesc).waitRead(...) /usr/local/go/src/internal/poll/fd_poll_runtime.go:89 internal/poll.(*FD).Read(0xc0005eade0, {0xc015bbc270, 0xc, 0xc}) /usr/local/go/src/internal/poll/fd_unix.go:167 +0x299 fp=0xc0233cb928 sp=0xc0233cb890 pc=0x4d7bf9 os.(*File).read(...) /usr/local/go/src/os/file_posix.go:31 os.(*File).Read(0xc000646ec8, {0xc015bbc270?, 0xc0233cb9b8?, 0x40de27?}) /usr/local/go/src/os/file.go:118 +0x5e fp=0xc0233cb980 sp=0xc0233cb928 pc=0x4e305e io.ReadAtLeast({0xcba7a0, 0xc000646ec8}, {0xc015bbc270, 0xc, 0xc}, 0xc) /usr/local/go/src/io/io.go:332 +0x9a fp=0xc0233cb9c8 sp=0xc0233cb980 pc=0x4b147a io.ReadFull(...) /usr/local/go/src/io/io.go:351 github.com/google/syzkaller/pkg/ipc.(*command).exec(0xc0210fd8f0, 0x7f9a9afa3000?, {0x0, 0x0, 0x0}) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:786 +0x559 fp=0xc0233cbb70 sp=0xc0233cb9c8 pc=0x8fc219 github.com/google/syzkaller/pkg/ipc.(*Env).Exec(0xc01b65f050, 0x3?, 0xc015a4d780) /syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:286 +0x24e fp=0xc0233cbc50 sp=0xc0233cbb70 pc=0x8f824e main.(*Proc).executeRaw(0xc01ff9d2c0, 0x1e?, 0xc01990c600?, 0x8) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:328 +0x1bc fp=0xc0233cbd68 sp=0xc0233cbc50 pc=0x90739c main.(*Proc).executeAndCollide(0xc01ff9d2c0, 0xa8d617?, 0x12?, 0xc0233cbe08?, 0x1?) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:292 +0x72 fp=0xc0233cbdb0 sp=0xc0233cbd68 pc=0x907052 main.(*Proc).smashInput(0xc01ff9d2c0, 0xc02110eab0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:221 +0x1d4 fp=0xc0233cbe98 sp=0xc0233cbdb0 pc=0x9066d4 main.(*Proc).loop(0xc01ff9d2c0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf2 fp=0xc0233cbfc8 sp=0xc0233cbe98 pc=0x904d32 main.main.func2() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x26 fp=0xc0233cbfe0 sp=0xc0233cbfc8 pc=0x901026 runtime.goexit() /usr/local/go/src/runtime/asm_amd64.s:1598 +0x1 fp=0xc0233cbfe8 sp=0xc0233cbfe0 pc=0x469661 created by main.main /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x1605 goroutine 26 [IO wait]: runtime.gopark(0xc015ce74f8?, 0xb?, 0x0?, 0x0?, 0x20?) /usr/local/go/src/runtime/proc.go:381 +0xd6 fp=0xc006f1f6d0 sp=0xc006f1f6b0 pc=0x4390d6 runtime.netpollblock(0x4bb345?, 0x40482f?, 0x0?) /usr/local/go/src/runtime/netpoll.go:527 +0xf7 fp=0xc006f1f708 sp=0xc006f1f6d0 pc=0x431a37