__do_kmalloc_node mm/slab.c:3681 [inline]
 __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3696
 __kmalloc_reserve.isra.40+0x3a/0xe0 net/core/skbuff.c:137
 __alloc_skb+0x14d/0x780 net/core/skbuff.c:205
BUG: unable to handle kernel NULL pointer dereference
 alloc_skb include/linux/skbuff.h:987 [inline]
 __ip6_append_data.isra.47+0x2865/0x3970 net/ipv6/ip6_output.c:1426
 at 0000000000000000
PGD 1caf26067 
P4D 1caf26067 
PUD 1aa784067 
PMD 0 
Oops: 0010 [#1] SMP KASAN
CPU: 0 PID: 7762 Comm: syz-executor3 Not tainted 4.17.0+ #84
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:          (null)
 ip6_append_data+0x1bd/0x2e0 net/ipv6/ip6_output.c:1589
Code: Bad RIP value.
RSP: 0018:ffff8801902e76d8 EFLAGS: 00010246
 rawv6_sendmsg+0x1193/0x45b0 net/ipv6/raw.c:928
RAX: 0000000000000000 RBX: ffff8801ceefe500 RCX: ffffc90003ca3000
RDX: ffff8801902e7ab0 RSI: ffff8801ceefe500 RDI: ffff8801aaf3a540
RBP: ffff8801902e7700 R08: ffff8801b465e180 R09: ffffed003b5c46d6
R10: 0000000000000003 R11: 0000000000000000 R12: ffff8801c1fdccc0
R13: ffff8801aaf3a540 R14: ffff8801902e7ab0 R15: 0000000000000718
FS:  00007fdcc3438700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 00000001b14a0000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 inet_sendmsg+0x19f/0x690 net/ipv4/af_inet.c:798
 sock_poll+0x1d1/0x710 net/socket.c:1168
 vfs_poll+0x77/0x2a0 fs/select.c:40
 do_pollfd fs/select.c:848 [inline]
 do_poll fs/select.c:896 [inline]
 do_sys_poll+0x6fd/0x1100 fs/select.c:990
 sock_sendmsg_nosec net/socket.c:645 [inline]
 sock_sendmsg+0xd5/0x120 net/socket.c:655
 ___sys_sendmsg+0x805/0x940 net/socket.c:2161
 __sys_sendmsg+0x115/0x270 net/socket.c:2199
 __do_sys_sendmsg net/socket.c:2208 [inline]
 __se_sys_sendmsg net/socket.c:2206 [inline]
 __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2206
 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:290
 __do_sys_poll fs/select.c:1048 [inline]
 __se_sys_poll fs/select.c:1036 [inline]
 __x64_sys_poll+0x189/0x510 fs/select.c:1036
 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x455b29
Code: 
1d 
ba 
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
fb 
RIP: 0033:0x455b29
ff 
Code: 
c3 
1d 
66 
ba 
2e 
fb 
0f 
ff 
1f 
c3 
84 00 
66 
00 
2e 
00 
0f 
00 
1f 
00 
84 
66 
00 
90 
00 
48 
00 
89 f8 
00 
48 
00 
89 
66 
f7 
90 
48 
48 
89 
89 
d6 
f8 
48 
48 
89 
89 
ca 
f7 
4d 
48 
89 
89 
c2 
d6 
4d 
48 
89 
89 
c8 
ca 
4c 
4d 
8b 
89 
4c 
c2 
24 
4d 
08 
89 
0f 
c8 
05 
4c 
<48> 
8b 
3d 
4c 
01 
24 
f0 
08 
ff 
0f 
ff 
05 
0f 
<48> 
83 
3d 
eb 
01 
b9 
f0 
fb 
ff 
ff 
ff 
c3 
0f 
66 
83 
2e 
eb 
0f 
b9 
1f 
fb 
84 
ff 
00 
c3 
00 
66 
00 
2e 
00 
0f 
1f 
RSP: 002b:00007f20ae79ec68 EFLAGS: 00000246
84 
 ORIG_RAX: 000000000000002e
00 
RAX: ffffffffffffffda RBX: 00007f20ae79f6d4 RCX: 0000000000455b29
00 
RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000013
00 
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
00 
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
R13: 00000000004c0b1a R14: 00000000004d04d8 R15: 0000000000000019
RSP: 002b:00007fdcc3437c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
RAX: ffffffffffffffda RBX: 00007fdcc34386d4 RCX: 0000000000455b29
IPVS: ftp: loaded support on port[0] = 21
RDX: 0000000000010000 RSI: 0000000000000003 RDI: 0000000020000000
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004c05f4 R14: 00000000004cfae8 R15: 0000000000000000
Modules linked in:
Dumping ftrace buffer:
   (ftrace buffer empty)
CR2: 0000000000000000
---[ end trace b5a7fbc338665122 ]---
RIP: 0010:          (null)
IPVS: ftp: loaded support on port[0] = 21
Code: Bad RIP value.
RSP: 0018:ffff8801902e76d8 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff8801ceefe500 RCX: ffffc90003ca3000
RDX: ffff8801902e7ab0 RSI: ffff8801ceefe500 RDI: ffff8801aaf3a540
RBP: ffff8801902e7700 R08: ffff8801b465e180 R09: ffffed003b5c46d6
R10: 0000000000000003 R11: 0000000000000000 R12: ffff8801c1fdccc0
R13: ffff8801aaf3a540 R14: ffff8801902e7ab0 R15: 0000000000000718
FS:  00007fdcc3438700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffd6 CR3: 00000001b14a0000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400