binder: send failed reply for transaction 36 to 24791:24792
binder: undelivered TRANSACTION_COMPLETE
binder: undelivered TRANSACTION_ERROR: 29189
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 24821 Comm: syz-executor1 Not tainted 5.0.0-rc1+ #23
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:fib6_drop_pcpu_from net/ipv6/ip6_fib.c:924 [inline]
RIP: 0010:fib6_purge_rt+0x5c9/0x7f0 net/ipv6/ip6_fib.c:960
Code: 0f b6 3d d9 6b 86 03 31 ff 44 89 fe e8 50 62 b0 fa 45 84 ff 0f 84 e3 00 00 00 e8 02 61 b0 fa 49 8d 7e 70 48 89 f8 48 c1 e8 03 <80> 3c 18 00 0f 85 b8 01 00 00 48 8d 45 98 4d 8b 7e 70 48 89 c2 48
RSP: 0018:ffff88805d4a5e78 EFLAGS: 00010203
RAX: 000000000000ac32 RBX: dffffc0000000000 RCX: ffffc90012068000
RDX: 0000000000040000 RSI: ffffffff86d1965e RDI: 0000000000056194
RBP: ffff88805d4a5f78 R08: ffff888091a7a380 R09: ffffed100a6c5f7e
R10: ffffed100a6c5f7d R11: ffff88805362fbef R12: 0000000000000001
R13: ffff88805362fbc0 R14: 0000000000056124 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880ae700000(0063) knlGS:00000000f5fe4b40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00000000097991b4 CR3: 0000000096f85000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 fib6_del_route net/ipv6/ip6_fib.c:1813 [inline]
 fib6_del+0xbdb/0x12e0 net/ipv6/ip6_fib.c:1844
 fib6_clean_node+0x453/0x660 net/ipv6/ip6_fib.c:2006
 fib6_walk_continue+0x4b3/0x8e0 net/ipv6/ip6_fib.c:1928
 fib6_walk+0x9d/0x100 net/ipv6/ip6_fib.c:1976
 fib6_clean_tree+0x22a/0x340 net/ipv6/ip6_fib.c:2055
 __fib6_clean_all+0x216/0x430 net/ipv6/ip6_fib.c:2071
 fib6_clean_all+0x2b/0x40 net/ipv6/ip6_fib.c:2082
 rt6_sync_down_dev+0x17e/0x1b0 net/ipv6/route.c:4041
 rt6_disable_ip+0x80/0x730 net/ipv6/route.c:4046
 addrconf_ifdown+0x13e/0x15e0 net/ipv6/addrconf.c:3669
 addrconf_notify+0x629/0x25f0 net/ipv6/addrconf.c:3594
 notifier_call_chain+0x179/0x380 kernel/notifier.c:93
 __raw_notifier_call_chain kernel/notifier.c:394 [inline]
 raw_notifier_call_chain+0x2e/0x40 kernel/notifier.c:401
 call_netdevice_notifiers_info+0x3f/0x90 net/core/dev.c:1739
 call_netdevice_notifiers_extack net/core/dev.c:1751 [inline]
 call_netdevice_notifiers net/core/dev.c:1765 [inline]
 __dev_notify_flags+0x293/0x470 net/core/dev.c:7607
 dev_change_flags+0x10d/0x170 net/core/dev.c:7643
 do_setlink+0x17f5/0x3e10 net/core/rtnetlink.c:2492
 rtnl_group_changelink net/core/rtnetlink.c:2967 [inline]
 __rtnl_newlink+0xf5d/0x1a70 net/core/rtnetlink.c:3120
 rtnl_newlink+0x69/0xa0 net/core/rtnetlink.c:3240
 rtnetlink_rcv_msg+0x481/0xc30 net/core/rtnetlink.c:5130
 netlink_rcv_skb+0x17d/0x410 net/netlink/af_netlink.c:2477
 rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5148
 netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline]
 netlink_unicast+0x574/0x770 net/netlink/af_netlink.c:1336
 netlink_sendmsg+0xa05/0xf90 net/netlink/af_netlink.c:1917
 sock_sendmsg_nosec net/socket.c:621 [inline]
 sock_sendmsg+0xdd/0x130 net/socket.c:631
 ___sys_sendmsg+0x7ec/0x910 net/socket.c:2116
 __sys_sendmsg+0x112/0x270 net/socket.c:2154
 __compat_sys_sendmsg net/compat.c:757 [inline]
 __do_compat_sys_sendmsg net/compat.c:764 [inline]
 __se_compat_sys_sendmsg net/compat.c:761 [inline]
 __ia32_compat_sys_sendmsg+0x7a/0xb0 net/compat.c:761
 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline]
 do_fast_syscall_32+0x333/0xf98 arch/x86/entry/common.c:397
 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fe8869
Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000f5fe40cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000002001bfc8
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
---[ end trace 96a6694275dcbb6d ]---
RIP: 0010:fib6_drop_pcpu_from net/ipv6/ip6_fib.c:924 [inline]
RIP: 0010:fib6_purge_rt+0x5c9/0x7f0 net/ipv6/ip6_fib.c:960
Code: 0f b6 3d d9 6b 86 03 31 ff 44 89 fe e8 50 62 b0 fa 45 84 ff 0f 84 e3 00 00 00 e8 02 61 b0 fa 49 8d 7e 70 48 89 f8 48 c1 e8 03 <80> 3c 18 00 0f 85 b8 01 00 00 48 8d 45 98 4d 8b 7e 70 48 89 c2 48
RSP: 0018:ffff88805d4a5e78 EFLAGS: 00010203
RAX: 000000000000ac32 RBX: dffffc0000000000 RCX: ffffc90012068000
RDX: 0000000000040000 RSI: ffffffff86d1965e RDI: 0000000000056194
RBP: ffff88805d4a5f78 R08: ffff888091a7a380 R09: ffffed100a6c5f7e
R10: ffffed100a6c5f7d R11: ffff88805362fbef R12: 0000000000000001
R13: ffff88805362fbc0 R14: 0000000000056124 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880ae700000(0063) knlGS:00000000f5fe4b40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00000000097991b4 CR3: 0000000096f85000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400