I have sent https://lore.kernel.org/bpf/20231113235008.127238-1-andreimatei1@xxxxxxxxx/T/#u as a fix. Hao, thanks again for the report. For my edification, how did you get the KASAN bug report with your repro / which tree exactly were you running against and with what config? I've run your repro program in the VM created by vmtest.sh, with an added CONFIG_KASAN=y in the config, and I did not get the bug report in dmesg; I got nothing. However, if I change the variable offset bounds to be around 200 bytes instead of 12, then I do get a kernel panic because of a page fault.
