On Wed, 5 Jul 2023 at 00:27, John Hubbard <jhubbard@xxxxxxxxxx> wrote: > > So it boils down to this: crashpad is reading from a valid starting > address, inside the vma for the ld-linux-x86-64.so.2 file, but it reads > a full 4KB page's worth, which takes it past the end of that vma. > > And although the expand_stack() logic is there as part of the > __access_remote_vm() path, that logic ignores the size of the read! So > it slips past without trying to expand the stack. > > Note that while next vma is indeed the stack, it is 919 GB away--a very > large gap. Ok, that's just the warning being a bit too simplistic. For the case of a accessing past the end of the previous vma, old kernels wouldn't have expanded the stack either, because not only do we have a stack size ulimit, but even if you set that to infinity we leave a guard gap between the previous mapping and the stack and don't allow them to grow together. I made the warning be about "any access below the stack" rather than try to limit it, so your warning is basically a situation where no actual semantic change has happened, and it's just that the warning was overly broad. I'll tighten it up, and switch the WARN_ON_ONCE() to just do a "dump_stack()" so that it won't cause problems with the syzbot tests either. Linus