syzbot

random: crng init done
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 64 Comm: kworker/u4:1 Not tainted 4.9.140+ #3
Workqueue: netns cleanup_net
task: ffff8801d786af80 task.stack: ffff8801d79a8000
RIP: 0010:[<ffffffff826bd007>]  [<ffffffff826bd007>] addrconf_rt_table+0x127/0x290 net/ipv6/addrconf.c:2223
RSP: 0018:ffff8801d79af510  EFLAGS: 00010206
RAX: dffffc0000000000 RBX: 0000000000000200 RCX: 0000000000000004
RDX: 0000000000000056 RSI: 0000000000000004 RDI: 00000000000002b0
RBP: ffff8801d79af540 R08: ffff8801d786b830 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
R13: 00000000000000fe R14: ffff8801ce8a2200 R15: ffff8801ce9b2b90
FS:  0000000000000000(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000004a20fd CR3: 00000001ce4ce000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffffffff826bcee0 ffff8801ce8a2200 0000000000000000 ffff8801cef01e80
 ffff8801ce748900 ffff8801ce9b2b90 ffff8801d79af588 ffffffff826bd8f3
 00000000ce7487b8 ffff880100000080 ffff8801ce9b2a00 ffff8801ce9b2b90
Call Trace:
 [<ffffffff826bd8f3>] addrconf_get_prefix_route+0x33/0x270 net/ipv6/addrconf.c:2277
 [<ffffffff826be108>] __ipv6_ifa_notify+0x5d8/0x790 net/ipv6/addrconf.c:5496
 [<ffffffff826bfafe>] addrconf_ifdown+0xaae/0x1420 net/ipv6/addrconf.c:3689
 [<ffffffff826c72fe>] addrconf_notify+0x8ee/0x2140 net/ipv6/addrconf.c:3493
 [<ffffffff811478d4>] notifier_call_chain+0xb4/0x1d0 kernel/notifier.c:93
 [<ffffffff81147a5d>] __raw_notifier_call_chain kernel/notifier.c:394 [inline]
 [<ffffffff81147a5d>] raw_notifier_call_chain+0x2d/0x40 kernel/notifier.c:401
 [<ffffffff822f48f5>] call_netdevice_notifiers_info+0x55/0x70 net/core/dev.c:1647
 [<ffffffff82303395>] call_netdevice_notifiers net/core/dev.c:1663 [inline]
 [<ffffffff82303395>] rollback_registered_many+0x6e5/0xb50 net/core/dev.c:6860
 [<ffffffff8230d5a8>] unregister_netdevice_many+0x48/0x220 net/core/dev.c:7907
 [<ffffffff8230dabf>] default_device_exit_batch+0x33f/0x3f0 net/core/dev.c:8365
 [<ffffffff822e3c75>] ops_exit_list.isra.0+0x105/0x160 net/core/net_namespace.c:139
 [<ffffffff822e6982>] cleanup_net+0x3f2/0x8b0 net/core/net_namespace.c:473
 [<ffffffff81131001>] process_one_work+0x831/0x15f0 kernel/workqueue.c:2092
 [<ffffffff81131e96>] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226
 [<ffffffff81142c3d>] kthread+0x26d/0x300 kernel/kthread.c:211
 [<ffffffff8281789c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Code: 82 be 01 00 00 00 48 c7 c7 60 c3 0c 83 e8 92 fb b4 fe 49 8d bc 24 b0 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 34 01 00 00 45 8b bc 24 b0 
RIP  [<ffffffff826bd007>] addrconf_rt_table+0x127/0x290 net/ipv6/addrconf.c:2223
 RSP <ffff8801d79af510>
---[ end trace 3bbd07baf6f59b6c ]---