diff --git a/kernel/bpf/stackmap.c b/kernel/bpf/stackmap.c
index 2365541c81dd..b8ff4ccae2d6 100644
--- a/kernel/bpf/stackmap.c
+++ b/kernel/bpf/stackmap.c
@@ -465,7 +465,6 @@ static long __bpf_get_stack(struct pt_regs *regs, struct task_struct *task,
if (trace_in) {
trace = trace_in;
- trace->nr = min_t(u32, trace->nr, max_depth);
} else if (kernel && task) {
trace = get_callchain_entry_for_task(task, max_depth);
} else {
@@ -479,7 +478,8 @@ static long __bpf_get_stack(struct pt_regs *regs, struct task_struct *task,
goto err_fault;
}
- trace_nr = trace->nr - skip;
+ trace_nr = min(trace->nr, max_depth);
+ trace_nr = trace_nr - skip;
copy_len = trace_nr * elem_size;
ips = trace->ip + skip;
--
2.43.0Hello,
syzbot tried to test the proposed patch but the build/boot failed:
SYZFAIL: failed to recv rpc
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
Warning: Permanently added '10.128.0.125' (ED25519) to the list of known hosts.
2026/01/04 20:08:05 parsed 1 programs
[ 79.730779][ T5830] cgroup: Unknown subsys name 'net'
[ 79.857873][ T5830] cgroup: Unknown subsys name 'cpuset'
[ 79.866524][ T5830] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 81.320295][ T5830] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 84.221144][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 84.415568][ T5850] chnl_net:caif_netlink_parms(): no params data found
[ 84.924026][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[ 84.939498][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[ 84.954819][ T5850] bridge_slave_0: entered allmulticast mode
[ 84.966272][ T5850] bridge_slave_0: entered promiscuous mode
[ 85.069500][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.083944][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[ 85.091552][ T5850] bridge_slave_1: entered allmulticast mode
[ 85.099656][ T5850] bridge_slave_1: entered promiscuous mode
[ 85.261717][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 85.274934][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 85.565286][ T5850] team0: Port device team_slave_0 added
[ 85.646765][ T5850] team0: Port device team_slave_1 added
[ 85.855034][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 85.862110][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 85.890810][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 85.937899][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 85.955505][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 85.983082][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 86.096947][ T3011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.119091][ T3011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.222916][ T5850] hsr_slave_0: entered promiscuous mode
[ 86.231976][ T5850] hsr_slave_1: entered promiscuous mode
[ 86.386654][ T3011] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.408435][ T3011] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.852590][ T10] cfg80211: failed to load regulatory.db
[ 86.916761][ T5915] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 86.926505][ T5915] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 86.934375][ T5915] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 86.942612][ T5915] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 86.950324][ T5915] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 87.486879][ T5850] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 87.547161][ T5850] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 87.628902][ T5850] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 87.675708][ T5850] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 88.020388][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[ 88.043725][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[ 88.072115][ T3011] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.079410][ T3011] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 88.110616][ T50] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.117968][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 88.378710][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 88.578669][ T5850] veth0_vlan: entered promiscuous mode
[ 88.590813][ T5850] veth1_vlan: entered promiscuous mode
[ 88.622078][ T5850] veth0_macvtap: entered promiscuous mode
[ 88.632051][ T5850] veth1_macvtap: entered promiscuous mode
[ 88.648977][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.663182][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 88.678972][ T50] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.690533][ T50] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.700858][ T50] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.710553][ T50] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/01/04 20:08:16 executed programs: 0
[ 88.865865][ T5915] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 88.876934][ T5915] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 88.885437][ T5915] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 88.893744][ T5915] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 88.901576][ T5915] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 88.995249][ T5151] Bluetooth: hci0: command tx timeout
[ 89.100161][ T5949] chnl_net:caif_netlink_parms(): no params data found
[ 89.177370][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.184801][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.191961][ T5949] bridge_slave_0: entered allmulticast mode
[ 89.199570][ T5949] bridge_slave_0: entered promiscuous mode
[ 89.207774][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.215047][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.222237][ T5949] bridge_slave_1: entered allmulticast mode
[ 89.229908][ T5949] bridge_slave_1: entered promiscuous mode
[ 89.259789][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 89.271299][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 89.302556][ T5949] team0: Port device team_slave_0 added
[ 89.310953][ T5949] team0: Port device team_slave_1 added
[ 89.338706][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 89.345761][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 89.372170][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 89.384318][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 89.391316][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 89.417983][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 89.468539][ T5949] hsr_slave_0: entered promiscuous mode
[ 89.475789][ T5949] hsr_slave_1: entered promiscuous mode
[ 89.481886][ T5949] debugfs: 'hsr0' already exists in 'hsr'
[ 89.488687][ T5949] Cannot create hsr debugfs directory
[ 89.630976][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 89.646717][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 89.657293][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 89.668667][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 89.739310][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[ 89.757774][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[ 89.770803][ T50] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.778040][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.792156][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.799296][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.960666][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 90.002819][ T5949] veth0_vlan: entered promiscuous mode
[ 90.014073][ T5949] veth1_vlan: entered promiscuous mode
[ 90.043369][ T5949] veth0_macvtap: entered promiscuous mode
[ 90.054407][ T5949] veth1_macvtap: entered promiscuous mode
[ 90.072472][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 90.088593][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 90.101621][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.111812][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.124276][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.137103][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.202203][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.210471][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.241519][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.250208][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 90.511972][ T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
syzkaller build log:
go env (err=<nil>)
AR='ar'
CC='gcc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='g++'
GCCGO='gccgo'
GO111MODULE='auto'
GOAMD64='v1'
GOARCH='amd64'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2271743110=/tmp/go-build -gno-record-gcc-switches'
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMOD='/syzkaller/jobs-2/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOMODCACHE='/syzkaller/jobs-2/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs-2/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/syzkaller/.config/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.24.4'
GOWORK=''
PKG_CONFIG='pkg-config'
git status (err=<nil>)
HEAD detached at 4e1406b4d
nothing to commit, working tree clean
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=4e1406b4defac0e2a9d9424c70706f79a7750cf3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251106-151142" ./sys/syz-sysgen | grep -q false || go install -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=4e1406b4defac0e2a9d9424c70706f79a7750cf3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251106-151142" ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=4e1406b4defac0e2a9d9424c70706f79a7750cf3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251106-151142" -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"4e1406b4defac0e2a9d9424c70706f79a7750cf3\"
/usr/bin/ld: /tmp/ccfgb6KF.o: in function `Connection::Connect(char const*, char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x104): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
./tools/check-syzos.sh 2>/dev/null
Tested on:
commit: a069190b bpf: Replace __opt annotation with __nullable..
git tree: bpf-next
kernel config: https://syzkaller.appspot.com/x/.config?x=9c5e9eccee9bc2fe
dashboard link: https://syzkaller.appspot.com/bug?extid=d1b7fa1092def3628bd7
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
patch: https://syzkaller.appspot.com/x/patch.diff?x=12414f92580000
© 2016 - 2026 Red Hat, Inc.