ALSA record on listener causes memory overflow (kernel panic) #2
Description
Upon the command arecord -D hw:CARD=avb,DEV=0 -r 48000 -f S32_LE -c 2 -V stereo > /dev/null
the following output appears in the kernel log (alongside with console warnings):
[598473.363336] avb_capture_open
[598473.363956] avb_capture_hw_params buffer_size:131072 frame_size:8
[598473.364163] avb_capture_trigger: Start @ 4444510636
[598473.370213] avb_listen missing frames from 0 to 0
[598473.375112] avb_listen idx: 0 nrsz: 0, nrf: 0
[598473.375115] avb_listen (1) seq: 0, idx: 0, sz: 8707, ts: 4289858376, rf: 1088
[598473.375118] detected buffer overflow in memcpy
[598473.379684] ------------[ cut here ]------------
[598473.379698] Kernel BUG at fortify_panic+0x1c/0x20 [verbose debug info unavailable]
[598473.387342] Internal error: Oops - BUG: 0 [#1] SMP
[598473.392206] Modules linked in: snd_avb(O) rpmsg_char virtio_rpmsg_bus cdns_csi2rx v4l2_fwnode ti_k3_r5_remoteproc at24 snd_usb_audio snd_hwdep snd_usbmidi_lib
snd_rawmidi snd_seq_device snd_pcm_oss ti_am335x_adc snd_mixer_oss vxd_dec irq_pruss_intc snd_pcm pvrsrvkm(O) vxe_enc ti_k3_dsp_remoteproc sa2ul authenc snd_timer
videobuf2_dma_sg snd j721e_csi2rx videobuf2_dma_contig v4l2_mem2mem pci_endpoint_test extcon_usbc_tusb322 qrtr ns soundcore rti_wdt optee_rng binfmt_misc cfg80211
uio_pdrv_genirq uio dm_mod pru_rproc icss_iep ti_j721e_cpsw_virt_mac rpmsg_kdrv crct10dif_ce ti_am335x_tscadc pruss cdns_dphy [last unloaded: snd_avb]
[598473.447855] CPU: 0 PID: 13973 Comm: kworker/0:0 Tainted: G O 5.10.168-ti-arm64-r110 #1bullseye
[598473.457831] Hardware name: BeagleBoard.org BeagleBone AI-64 (DT)
[598473.463917] Workqueue: AVBWQ avb_wq_fn [snd_avb]
[598473.468608] pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--)
[598473.474683] pc : fortify_panic+0x1c/0x20
[598473.478679] lr : fortify_panic+0x1c/0x20
[598473.482673] sp : ffff80001239bce0
[598473.486060] x29: ffff80001239bce0 x28: 0000000000002203
[598473.491446] x27: 0000000000002203 x26: 0000000000000440
[598473.496829] x25: 0000000000000440 x24: 0000000000000800
[598473.502213] x23: ffff800009453948 x22: ffff800009455948
[598473.507596] x21: ffff800009456564 x20: 0000000000000000
[598473.512979] x19: ffff000831dc5b80 x18: 0000000000000000
[598473.518362] x17: 0000000000000000 x16: 0000000000000000
[598473.523746] x15: 0000000000000030 x14: ffffffffffffffff
[598473.529129] x13: 000000000002aee7 x12: ffff80001239b9c0
[598473.534512] x11: ffff800011a46a30 x10: ffff800011a363f0
[598473.539895] x9 : ffff800011a3c488 x8 : ffff800011a10488
[598473.545278] x7 : ffff800011a3c488 x6 : 0000000000000001
[598473.550661] x5 : 0000000000000000 x4 : ffff00087f93e9c8
[598473.556044] x3 : 0000000000000000 x2 : 0000000000000000
[598473.561427] x1 : ffff000810f00000 x0 : 0000000000000022
[598473.566810] Call trace:
[598473.569335] fortify_panic+0x1c/0x20
[598473.572985] avb_wq_fn+0x648/0x650 [snd_avb]
[598473.577331] process_one_work+0x1c8/0x4c0
[598473.581414] worker_thread+0x17c/0x53c
[598473.585237] kthread+0x124/0x12c
[598473.588540] ret_from_fork+0x10/0x3c
[598473.592191] Code: aa0003e1 911f2040 910003fd 97ffe058 (d4210000)
[598473.598355] ---[ end trace 025bc43ee3d1dc95 ]---
[598473.603586] ------------[ cut here ]------------