syzbot

kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 0 PID: 20835 Comm: syz-executor2 Not tainted 4.16.0-rc5+ #355
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:ip6_xmit+0xc16/0x2260 net/ipv6/ip6_output.c:264
RSP: 0018:ffff8801cdcdf438 EFLAGS: 00010a06
RAX: dffffc0000000000 RBX: ffff8801bf210680 RCX: ffffffff84ef5ccd
RDX: 19bdb8acbf882a4e RSI: ffffc90004776000 RDI: cdedc565fc415272
RBP: ffff8801cdcdf6a8 R08: 1ffff10037e42001 R09: ffff8801cdcdf5f8
R10: ffff8801cdcdf438 R11: ffffed0039b9bec6 R12: cdedc565fc414fa2
R13: ffffed0039b9bebf R14: 0000000000000040 R15: ffff8801c1132fe4
FS:  00007f71f55e5700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000205fafd2 CR3: 00000001b0fdb003 CR4: 00000000001606f0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
 inet6_csk_xmit+0x2fc/0x580 net/ipv6/inet6_connection_sock.c:139
 l2tp_xmit_core net/l2tp/l2tp_core.c:1053 [inline]
 l2tp_xmit_skb+0x105f/0x1410 net/l2tp/l2tp_core.c:1148
 pppol2tp_sendmsg+0x470/0x670 net/l2tp/l2tp_ppp.c:341
 sock_sendmsg_nosec net/socket.c:630 [inline]
 sock_sendmsg+0xca/0x110 net/socket.c:640
 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2046
 __sys_sendmsg+0xe5/0x210 net/socket.c:2080
 SYSC_sendmsg net/socket.c:2091 [inline]
 SyS_sendmsg+0x2d/0x50 net/socket.c:2087
 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x453e69
RSP: 002b:00007f71f55e4c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f71f55e56d4 RCX: 0000000000453e69
RDX: 000000000000c045 RSI: 0000000020002540 RDI: 0000000000000014
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000000004bd R14: 00000000006f7258 R15: 0000000000000000
Code: 4d 8b a4 24 18 01 00 00 4d 85 e4 74 67 e8 d3 ba 81 fc 49 8d bc 24 d0 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 5b 13 00 00 48 8b 95 e0 fd ff ff 48 b8 00 00 
RIP: ip6_xmit+0xc16/0x2260 net/ipv6/ip6_output.c:264 RSP: ffff8801cdcdf438
---[ end trace c695c6fc430ee173 ]---
Kernel panic - not syncing: Fatal exception in interrupt
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..