================================================================== BUG: KASAN: wild-memory-access in instrument_atomic_read include/linux/instrumented.h:68 [inline] BUG: KASAN: wild-memory-access in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline] BUG: KASAN: wild-memory-access in __lock_acquire+0xc8b/0x2040 kernel/locking/lockdep.c:5112 Read of size 8 at addr 1fffffff89c93498 by task kworker/u8:13/8558 CPU: 0 UID: 0 PID: 8558 Comm: kworker/u8:13 Not tainted 6.11.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Workqueue: bat_events batadv_nc_worker Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 print_report+0xe8/0x550 mm/kasan/report.c:491 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 instrument_atomic_read include/linux/instrumented.h:68 [inline] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline] __lock_acquire+0xc8b/0x2040 kernel/locking/lockdep.c:5112 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5759 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:568 raw_spin_rq_lock kernel/sched/sched.h:1415 [inline] rq_lock kernel/sched/sched.h:1714 [inline] __schedule+0x357/0x4a60 kernel/sched/core.c:6436 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707 RIP: 0010:should_resched arch/x86/include/asm/preempt.h:103 [inline] RIP: 0010:__local_bh_enable_ip+0x170/0x200 kernel/softirq.c:389 Code: 8c e8 04 6d 62 0a 65 66 8b 05 f4 7a ac 7e 66 85 c0 75 5d bf 01 00 00 00 e8 ed a4 0b 00 e8 e8 94 43 00 fb 65 8b 05 b8 7a ac 7e <85> c0 75 05 e8 e7 59 a9 ff 48 c7 44 24 20 0e 36 e0 45 49 c7 04 1c RSP: 0018:ffffc900030dfa00 EFLAGS: 00000286 RAX: 0000000080000000 RBX: 1ffff9200061bf44 RCX: ffffffff81703fea RDX: dffffc0000000000 RSI: ffffffff8c0ad540 RDI: ffffffff8c608f00 RBP: ffffc900030dfab0 R08: ffffffff941e491f R09: 1ffffffff283c923 R10: dffffc0000000000 R11: fffffbfff283c924 R12: dffffc0000000000 R13: 1ffff9200061bf48 R14: ffffc900030dfa40 R15: 0000000000000201 spin_unlock_bh include/linux/spinlock.h:396 [inline] batadv_nc_purge_paths+0x312/0x3b0 net/batman-adv/network-coding.c:471 batadv_nc_worker+0x365/0x610 net/batman-adv/network-coding.c:722 process_one_work kernel/workqueue.c:3231 [inline] process_scheduled_works+0xa2e/0x1830 kernel/workqueue.c:3312 worker_thread+0x870/0xd30 kernel/workqueue.c:3393 kthread+0x2f2/0x390 kernel/kthread.c:389 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 ================================================================== ---------------- Code disassembly (best guess), 1 bytes skipped: 0: e8 04 6d 62 0a call 0xa626d09 5: 65 66 8b 05 f4 7a ac mov %gs:0x7eac7af4(%rip),%ax # 0x7eac7b01 c: 7e d: 66 85 c0 test %ax,%ax 10: 75 5d jne 0x6f 12: bf 01 00 00 00 mov $0x1,%edi 17: e8 ed a4 0b 00 call 0xba509 1c: e8 e8 94 43 00 call 0x439509 21: fb sti 22: 65 8b 05 b8 7a ac 7e mov %gs:0x7eac7ab8(%rip),%eax # 0x7eac7ae1 * 29: 85 c0 test %eax,%eax <-- trapping instruction 2b: 75 05 jne 0x32 2d: e8 e7 59 a9 ff call 0xffa95a19 32: 48 c7 44 24 20 0e 36 movq $0x45e0360e,0x20(%rsp) 39: e0 45 3b: 49 rex.WB 3c: c7 .byte 0xc7 3d: 04 1c add $0x1c,%al