On Mon, Dec 4, 2023 at 10:43 AM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote: > > On Mon, 2023-12-04 at 10:19 -0800, Andrii Nakryiko wrote: > [...] > > > @@ -6828,7 +6831,10 @@ static int check_stack_access_within_bounds( > > > return err; > > > } > > > > > > - return grow_stack_state(env, state, round_up(-min_off, BPF_REG_SIZE)); > > > + /* Note that there is no stack access with offset zero, so the needed stack > > > + * size is -min_off, not -min_off+1. > > > + */ > > > + return grow_stack_state(env, state, -min_off /* size */); > > > > hmm.. there is still a grow_stack_state() call in > > check_stack_write_fixed_off(), right? Which is not necessary because > > we do check_stack_access_within_bounds() before that one. Can you drop > > it as part of patch #2? > > I'm not sure I understand what you mean. Patch #2 (v3) drops > grow_stack_state() from check_stack_write_fixed_off() > so all seems good? I swear I checked for that, both by re-reading the patch and by searching in the browser. And check_stack_write_fixed_off() was nowhere to be found. Now triple checking that I see that it's Gmail's smartness that collapsed that portion of the patch (but not the others!) into a subtle triple dot region, which made all that invisible and non-searchable, sigh... Sorry for the noise, all good then.
