==================================================================
BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user include/linux/instrumented.h:118 [inline]
BUG: KASAN: slab-out-of-bounds in _copy_to_user lib/usercopy.c:32 [inline]
BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x5c/0xc0 lib/usercopy.c:26
Read of size 42 at addr ffff88803bff5200 by task syz-executor.4/3722

CPU: 0 PID: 3722 Comm: syz-executor.4 Not tainted 5.10.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x9a/0xcc lib/dump_stack.c:120
 print_address_description.constprop.0.cold+0xae/0x4c8 mm/kasan/report.c:385
 __kasan_report mm/kasan/report.c:545 [inline]
 kasan_report.cold+0x1f/0x37 mm/kasan/report.c:562
 check_memory_region_inline mm/kasan/generic.c:186 [inline]
 check_memory_region+0x13d/0x180 mm/kasan/generic.c:192
 instrument_copy_to_user include/linux/instrumented.h:118 [inline]
 _copy_to_user lib/usercopy.c:32 [inline]
 _copy_to_user+0x5c/0xc0 lib/usercopy.c:26
 copy_to_user include/linux/uaccess.h:200 [inline]
 __htab_map_lookup_and_delete_batch+0xb6b/0x1490 kernel/bpf/hashtab.c:1587
 bpf_map_do_batch+0x34d/0x450 kernel/bpf/syscall.c:4003
 __do_sys_bpf+0x1e7e/0x3e00 kernel/bpf/syscall.c:4455
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465f69
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f44115e6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
RAX: ffffffffffffffda RBX: 000000000056c0b0 RCX: 0000000000465f69
RDX: 0000000000000038 RSI: 0000000020000080 RDI: 0000000000000019
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0b0
R13: 00007ffd76889daf R14: 00007f44115e6300 R15: 0000000000022000

Allocated by task 3722:
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:48
 kasan_set_track mm/kasan/common.c:56 [inline]
 __kasan_kmalloc.constprop.0+0xc2/0xd0 mm/kasan/common.c:461
 kvmalloc include/linux/mm.h:773 [inline]
 __htab_map_lookup_and_delete_batch+0x410/0x1490 kernel/bpf/hashtab.c:1466
 bpf_map_do_batch+0x34d/0x450 kernel/bpf/syscall.c:4003
 __do_sys_bpf+0x1e7e/0x3e00 kernel/bpf/syscall.c:4455
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

The buggy address belongs to the object at ffff88803bff5200
 which belongs to the cache kmalloc-64 of size 64
The buggy address is located 0 bytes inside of
 64-byte region [ffff88803bff5200, ffff88803bff5240)
The buggy address belongs to the page:
page:000000000053e980 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88803bff5680 pfn:0x3bff5
flags: 0xfff00000000200(slab)
raw: 00fff00000000200 ffffea0000f17848 ffffea000071b848 ffff8880104418c0
raw: ffff88803bff5680 000000000020001f 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff88803bff5100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
 ffff88803bff5180: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
>ffff88803bff5200: 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc fc
                               ^
 ffff88803bff5280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
 ffff88803bff5300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
==================================================================