audit: type=1326 audit(2000000899.570:83062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=3327 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45d4ba code=0x0 kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN NOPTI Modules linked in: CPU: 0 PID: 19739 Comm: kworker/u4:8 Not tainted 4.14.156-syzkaller #0 Workqueue: netns cleanup_net task: 0000000097cd253c task.stack: 000000000fad3d4b RIP: 0010:addrconf_rt_table+0x11f/0x290 net/ipv6/addrconf.c:2293 RSP: 0018:ffff8881cbe77748 EFLAGS: 00010206 RAX: dffffc0000000000 RBX: ffff8881948c4400 RCX: 1ffff11039e0b9d4 RDX: 000000000000004d RSI: 0000000000000005 RDI: 0000000000000268 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000004 R10: fffffbfff7106145 R11: ffffffffb8830a2b R12: 00000000000000fe R13: ffff8881a09fe400 R14: 00000000000001b8 R15: ffff888199e58000 FS: 0000000000000000(0000) GS:ffff8881d7400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000704 CR3: 00000001d9e26003 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: addrconf_get_prefix_route+0x30/0x2d0 net/ipv6/addrconf.c:2347 __ipv6_ifa_notify+0x6cb/0x940 net/ipv6/addrconf.c:5605 addrconf_ifdown+0xa18/0x13b0 net/ipv6/addrconf.c:3722 addrconf_notify+0x159/0x1b80 net/ipv6/addrconf.c:3526 notifier_call_chain+0x10c/0x1a0 kernel/notifier.c:93 call_netdevice_notifiers net/core/dev.c:1687 [inline] rollback_registered_many+0x6ac/0xab0 net/core/dev.c:7213 unregister_netdevice_many.part.0+0x16/0x1d0 net/core/dev.c:8267 unregister_netdevice_many+0x36/0x50 net/core/dev.c:8266 ip_tunnel_delete_net+0x273/0x340 net/ipv4/ip_tunnel.c:1079 ops_exit_list.isra.0+0xa8/0x150 net/core/net_namespace.c:142 cleanup_net+0x3ce/0x870 net/core/net_namespace.c:484 process_one_work+0x7f1/0x1580 kernel/workqueue.c:2134 worker_thread+0xdd/0xdf0 kernel/workqueue.c:2271 kthread+0x31f/0x430 kernel/kthread.c:232 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:404 Code: 71 b7 be 01 00 00 00 48 c7 c7 a0 52 4d b8 e8 e9 91 ae fe 48 8d bd 68 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 34 01 00 00 44 8b ad 68 02 RIP: addrconf_rt_table+0x11f/0x290 net/ipv6/addrconf.c:2293 RSP: ffff8881cbe77748 ---[ end trace e499056e63d132d6 ]---