================================================================== BUG: KASAN: wild-memory-access in instrument_atomic_read include/linux/instrumented.h:68 [inline] BUG: KASAN: wild-memory-access in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline] BUG: KASAN: wild-memory-access in __lock_acquire+0xc94/0x2100 kernel/locking/lockdep.c:5198 Read of size 8 at addr 1fffffff8b706080 by task kworker/u8:13/3565 CPU: 0 UID: 0 PID: 3565 Comm: kworker/u8:13 Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Workqueue: bat_events batadv_nc_worker Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_report+0xe3/0x5b0 mm/kasan/report.c:524 kasan_report+0x143/0x180 mm/kasan/report.c:634 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 instrument_atomic_read include/linux/instrumented.h:68 [inline] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline] __lock_acquire+0xc94/0x2100 kernel/locking/lockdep.c:5198 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5851 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:606 raw_spin_rq_lock kernel/sched/sched.h:1521 [inline] rq_lock kernel/sched/sched.h:1852 [inline] __schedule+0x357/0x4c90 kernel/sched/core.c:6688 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7087 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707 RIP: 0010:trace_lock_acquire include/trace/events/lock.h:24 [inline] RIP: 0010:lock_acquire+0xdc/0x550 kernel/locking/lockdep.c:5822 Code: 08 0f 83 f4 02 00 00 89 c3 48 89 d8 48 c1 e8 06 48 8d 3c c5 70 fb 3c 90 be 08 00 00 00 e8 8c 4e 8c 00 48 0f a3 1d 24 28 a0 0e <73> 16 e8 7d 6b 0a 00 84 c0 75 0d 80 3d a3 37 8a 0e 00 0f 84 f9 02 RSP: 0018:ffffc9000cfb7940 EFLAGS: 00000257 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff819cd344 RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff903cfb70 RBP: ffffc9000cfb7aa0 R08: ffffffff903cfb77 R09: 1ffffffff2079f6e R10: dffffc0000000000 R11: fffffbfff2079f6f R12: 1ffff920019f6f30 R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000 rcu_lock_acquire include/linux/rcupdate.h:337 [inline] rcu_read_lock include/linux/rcupdate.h:849 [inline] batadv_nc_purge_orig_hash net/batman-adv/network-coding.c:408 [inline] batadv_nc_worker+0xec/0x610 net/batman-adv/network-coding.c:719 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0xac0/0x18e0 kernel/workqueue.c:3319 worker_thread+0x870/0xd30 kernel/workqueue.c:3400 kthread+0x7ab/0x920 kernel/kthread.c:464 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 ================================================================== ---------------- Code disassembly (best guess): 0: 08 0f or %cl,(%rdi) 2: 83 f4 02 xor $0x2,%esp 5: 00 00 add %al,(%rax) 7: 89 c3 mov %eax,%ebx 9: 48 89 d8 mov %rbx,%rax c: 48 c1 e8 06 shr $0x6,%rax 10: 48 8d 3c c5 70 fb 3c lea -0x6fc30490(,%rax,8),%rdi 17: 90 18: be 08 00 00 00 mov $0x8,%esi 1d: e8 8c 4e 8c 00 call 0x8c4eae 22: 48 0f a3 1d 24 28 a0 bt %rbx,0xea02824(%rip) # 0xea0284e 29: 0e * 2a: 73 16 jae 0x42 <-- trapping instruction 2c: e8 7d 6b 0a 00 call 0xa6bae 31: 84 c0 test %al,%al 33: 75 0d jne 0x42 35: 80 3d a3 37 8a 0e 00 cmpb $0x0,0xe8a37a3(%rip) # 0xe8a37df 3c: 0f .byte 0xf 3d: 84 f9 test %bh,%cl 3f: 02 .byte 0x2