[  464.421319] syz-executor.3 (7896) used greatest stack depth: 24160 bytes left
[  464.788945] device bridge_slave_1 left promiscuous mode
[  464.794459] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.802528] device bridge_slave_0 left promiscuous mode
[  464.808650] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.818044] device veth1_macvtap left promiscuous mode
[  464.823333] device veth0_macvtap left promiscuous mode
[  464.829909] device veth1_vlan left promiscuous mode
[  464.834929] device veth0_vlan left promiscuous mode
[  464.994784] bond0 (unregistering): Releasing backup interface bond_slave_1
[  465.011683] bond0 (unregistering): Releasing backup interface bond_slave_0
[  465.061902] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.10.39' (ECDSA) to the list of known hosts.
[  467.668760] device bridge_slave_1 left promiscuous mode
[  467.674344] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.682300] device bridge_slave_0 left promiscuous mode
[  467.688142] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.698464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  467.705307] batman_adv: batadv0: Removing interface: batadv_slave_0
[  467.713840] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  467.720999] batman_adv: batadv0: Removing interface: batadv_slave_1
[  467.728200] ==================================================================
[  467.729401] device bridge_slave_1 left promiscuous mode
[  467.729563] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.748485] BUG: KASAN: null-ptr-deref on address           (null)
[  467.754785] Read of size 24 by task kworker/u4:12/11519
[  467.760134] CPU: 0 PID: 11519 Comm: kworker/u4:12 Not tainted 4.7.0-rc1-syzkaller #0
[  467.767986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  467.777345] Workqueue: bat_events batadv_send_outstanding_bat_ogm_packet
[  467.784280]  0000000000000000 ffff8800abf6f9e8 ffffffff82ddc472 0000000000000018
[  467.792651]  ffff8800abf6fa78 ffff8800ac3c6100 ffff8800ad015080 0000000000000024
[  467.800803]  ffff8800abf6fa68 ffffffff81706281 ffff8800ac3c6910 ffff8800ac3c6100
[  467.809001] Call Trace:
[  467.811564]  [<ffffffff82ddc472>] dump_stack+0x136/0x1d4
[  467.816986]  [<ffffffff81706281>] kasan_report_error+0x431/0x520
[  467.823188]  [<ffffffff817066a4>] kasan_report+0x34/0x40
[  467.828607]  [<ffffffff8170573e>] ? kasan_kmalloc+0x5e/0x70
[  467.834307]  [<ffffffff864c4448>] ? batadv_tvlv_container_ogm_append+0x158/0x470
[  467.842082]  [<ffffffff817055ad>] check_memory_region+0x13d/0x1a0
[  467.848285]  [<ffffffff817058e3>] memcpy+0x23/0x50
[  467.853224]  [<ffffffff864c4448>] batadv_tvlv_container_ogm_append+0x158/0x470
[  467.860556]  [<ffffffff8649790a>] batadv_iv_ogm_schedule+0x9ea/0xc70
[  467.867036]  [<ffffffff86496f57>] ? batadv_iv_ogm_schedule+0x37/0xc70
[  467.873608]  [<ffffffff813f6c8e>] ? trace_hardirqs_on_caller+0x49e/0x5c0
[  467.880429]  [<ffffffff864e3a66>] ? batadv_send_outstanding_bat_ogm_packet+0x126/0x410
[  467.888657]  [<ffffffff813f6dbd>] ? trace_hardirqs_on+0xd/0x10
[  467.894617]  [<ffffffff81309747>] ? __local_bh_enable_ip+0xd7/0x180
[  467.901021]  [<ffffffff864e3c31>] batadv_send_outstanding_bat_ogm_packet+0x2f1/0x410
[  467.909002]  [<ffffffff8134700c>] process_one_work+0x67c/0x14f0
[  467.915039]  [<ffffffff81346f62>] ? process_one_work+0x5d2/0x14f0
[  467.921246]  [<ffffffff81346990>] ? cancel_delayed_work_sync+0x10/0x10
[  467.928227]  [<ffffffff81347f5a>] worker_thread+0xda/0xf10
[  467.933959]  [<ffffffff865c7a75>] ? __schedule+0x8f5/0x1ea0
[  467.939660]  [<ffffffff865d63c2>] ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  467.946846]  [<ffffffff81347e80>] ? process_one_work+0x14f0/0x14f0
[  467.953235]  [<ffffffff81358a99>] kthread+0x209/0x2d0
[  467.958919]  [<ffffffff81358890>] ? kthread_create_on_node+0x390/0x390
[  467.965586]  [<ffffffff865d720f>] ret_from_fork+0x1f/0x40
[  467.971125]  [<ffffffff81358890>] ? kthread_create_on_node+0x390/0x390
[  467.979000] ==================================================================
[  467.986521] Disabling lock debugging due to kernel taint
[  467.992532] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  468.001087] IP: [<ffffffff82e0da86>] memcpy_erms+0x6/0x10
[  468.006757] PGD 0 
[  468.009258] Oops: 0000 [#1] PREEMPT SMP KASAN
[  468.013742] Modules linked in:
[  468.017233] CPU: 0 PID: 11519 Comm: kworker/u4:12 Tainted: G    B           4.7.0-rc1-syzkaller #0
[  468.026525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  468.036759] Workqueue: bat_events batadv_send_outstanding_bat_ogm_packet
[  468.045988] task: ffff8800ac3c6100 ti: ffff8800abf68000 task.ti: ffff8800abf68000
[  468.053974] RIP: 0010:[<ffffffff82e0da86>]  [<ffffffff82e0da86>] memcpy_erms+0x6/0x10
[  468.062070] RSP: 0018:ffff8800abf6fac8  EFLAGS: 00010246
[  468.068070] RAX: ffff8800ac140cf0 RBX: 0000000000000018 RCX: 0000000000000018
[  468.075499] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffff8800ac140cf0
[  468.083223] RBP: ffff8800abf6fae8 R08: ffffed00158281a1 R09: ffffed00158281a1
[  468.090608] R10: 0000000000000003 R11: ffffed00158281a0 R12: ffff8800ac140cf0
[  468.098217] R13: 0000000000000000 R14: ffff8800ad015080 R15: 0000000000000024
[  468.107507] FS:  0000000000000000(0000) GS:ffff88013bc00000(0000) knlGS:0000000000000000
[  468.117708] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  468.124208] CR2: 0000000000000000 CR3: 00000000b7712000 CR4: 00000000001406f0
[  468.133364] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  468.143128] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  468.151086] Stack:
[  468.153210]  ffffffff81705905 0000000000000018 ffff8800b1638a00 ffff8800ad015078
[  468.161493]  ffff8800abf6fb48 ffffffff864c4448 ffff8800b16391e0 0000000000000000
[  468.170092]  ffff8800ac140cf0 ffff88000000003c ffff8800b16391f0 ffff8800b1638a00
[  468.179044] Call Trace:
[  468.181764]  [<ffffffff81705905>] ? memcpy+0x45/0x50
[  468.187282]  [<ffffffff864c4448>] batadv_tvlv_container_ogm_append+0x158/0x470
[  468.194820]  [<ffffffff8649790a>] batadv_iv_ogm_schedule+0x9ea/0xc70
[  468.201391]  [<ffffffff86496f57>] ? batadv_iv_ogm_schedule+0x37/0xc70
[  468.208988]  [<ffffffff813f6c8e>] ? trace_hardirqs_on_caller+0x49e/0x5c0
[  468.215816]  [<ffffffff864e3a66>] ? batadv_send_outstanding_bat_ogm_packet+0x126/0x410
[  468.223874]  [<ffffffff813f6dbd>] ? trace_hardirqs_on+0xd/0x10
[  468.231407]  [<ffffffff81309747>] ? __local_bh_enable_ip+0xd7/0x180
[  468.237789]  [<ffffffff864e3c31>] batadv_send_outstanding_bat_ogm_packet+0x2f1/0x410
[  468.247129]  [<ffffffff8134700c>] process_one_work+0x67c/0x14f0
[  468.253199]  [<ffffffff81346f62>] ? process_one_work+0x5d2/0x14f0
[  468.259424]  [<ffffffff81346990>] ? cancel_delayed_work_sync+0x10/0x10
[  468.266092]  [<ffffffff81347f5a>] worker_thread+0xda/0xf10
[  468.271700]  [<ffffffff865c7a75>] ? __schedule+0x8f5/0x1ea0
[  468.278002]  [<ffffffff865d63c2>] ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  468.285097]  [<ffffffff81347e80>] ? process_one_work+0x14f0/0x14f0
[  468.291399]  [<ffffffff81358a99>] kthread+0x209/0x2d0
[  468.296584]  [<ffffffff81358890>] ? kthread_create_on_node+0x390/0x390
[  468.303251]  [<ffffffff865d720f>] ret_from_fork+0x1f/0x40
[  468.308872]  [<ffffffff81358890>] ? kthread_create_on_node+0x390/0x390
[  468.315521] Code: ff ff ff 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 <f3> a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 
[  468.344884] RIP  [<ffffffff82e0da86>] memcpy_erms+0x6/0x10
[  468.351070]  RSP <ffff8800abf6fac8>
[  468.354688] CR2: 0000000000000000
[  468.358154] ---[ end trace a0ce0cc2e213e5eb ]---
[  468.363407] Kernel panic - not syncing: Fatal exception in interrupt
[  468.371730] Kernel Offset: disabled