syzbot

==================================================================
BUG: KASAN: null-ptr-deref in atomic_read include/asm-generic/atomic-instrumented.h:26 [inline]
BUG: KASAN: null-ptr-deref in atomic_fetch_add_unless include/linux/atomic-fallback.h:1086 [inline]
BUG: KASAN: null-ptr-deref in atomic_add_unless include/linux/atomic-fallback.h:1111 [inline]
BUG: KASAN: null-ptr-deref in atomic_inc_not_zero include/linux/atomic-fallback.h:1127 [inline]
BUG: KASAN: null-ptr-deref in dst_hold_safe include/net/dst.h:297 [inline]
BUG: KASAN: null-ptr-deref in ip6_hold_safe+0xad/0x380 net/ipv6/route.c:1046
Read of size 4 at addr 0000000000000059 by task syz-executor.0/9905

CPU: 0 PID: 9905 Comm: syz-executor.0 Not tainted 5.2.0-rc5 #54
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 __kasan_report.cold+0x5/0x40 mm/kasan/report.c:321
 kasan_report+0x12/0x20 mm/kasan/common.c:614
 check_memory_region_inline mm/kasan/generic.c:185 [inline]
 check_memory_region+0x123/0x190 mm/kasan/generic.c:191
 kasan_check_read+0x11/0x20 mm/kasan/common.c:94
 atomic_read include/asm-generic/atomic-instrumented.h:26 [inline]
 atomic_fetch_add_unless include/linux/atomic-fallback.h:1086 [inline]
 atomic_add_unless include/linux/atomic-fallback.h:1111 [inline]
 atomic_inc_not_zero include/linux/atomic-fallback.h:1127 [inline]
 dst_hold_safe include/net/dst.h:297 [inline]
 ip6_hold_safe+0xad/0x380 net/ipv6/route.c:1046
 rt6_get_pcpu_route net/ipv6/route.c:1273 [inline]
 ip6_pol_route+0x339/0x1050 net/ipv6/route.c:1952
 ip6_pol_route_output+0x54/0x70 net/ipv6/route.c:2128
 fib6_rule_lookup+0x133/0x5a0 net/ipv6/fib6_rules.c:113
 ip6_route_output_flags+0x2c4/0x350 net/ipv6/route.c:2157
 ip6_route_output include/net/ip6_route.h:89 [inline]
 ip6_dst_lookup_tail+0xd10/0x1b30 net/ipv6/ip6_output.c:962
 ip6_dst_lookup_flow+0xa8/0x220 net/ipv6/ip6_output.c:1090
 sctp_v6_get_dst+0x785/0x1ce0 net/sctp/ipv6.c:278
 sctp_transport_route+0x12d/0x360 net/sctp/transport.c:297
 sctp_assoc_add_peer+0x53e/0xfc0 net/sctp/associola.c:663
 sctp_process_param net/sctp/sm_make_chunk.c:2522 [inline]
 sctp_process_init+0x2458/0x2ad0 net/sctp/sm_make_chunk.c:2343
 sctp_sf_do_unexpected_init net/sctp/sm_statefuns.c:1541 [inline]
 sctp_sf_do_unexpected_init.isra.0+0x7cd/0x1350 net/sctp/sm_statefuns.c:1441
 sctp_sf_do_5_2_1_siminit+0x35/0x40 net/sctp/sm_statefuns.c:1670
 sctp_do_sm+0x121/0x5190 net/sctp/sm_sideeffect.c:1152
 sctp_assoc_bh_rcv+0x343/0x660 net/sctp/associola.c:1059
 sctp_inq_push+0x1e4/0x280 net/sctp/inqueue.c:80
 sctp_backlog_rcv+0x196/0xbe0 net/sctp/input.c:339
 sk_backlog_rcv include/net/sock.h:945 [inline]
 __release_sock+0x129/0x390 net/core/sock.c:2412
 release_sock+0x59/0x1c0 net/core/sock.c:2928
 sctp_wait_for_connect+0x316/0x540 net/sctp/socket.c:9039
 __sctp_connect+0xab2/0xcd0 net/sctp/socket.c:1226
 sctp_connect net/sctp/socket.c:4846 [inline]
 sctp_inet_connect+0x29c/0x340 net/sctp/socket.c:4862
 __sys_connect+0x264/0x330 net/socket.c:1834
 __do_sys_connect net/socket.c:1845 [inline]
 __se_sys_connect net/socket.c:1842 [inline]
 __x64_sys_connect+0x73/0xb0 net/socket.c:1842
 do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4592c9
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f11f13f8c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004592c9
RDX: 000000000000001c RSI: 0000000020000200 RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11f13f96d4
R13: 00000000004bf7b5 R14: 00000000004d0f38 R15: 00000000ffffffff
==================================================================