• Linus Torvalds's avatar
    mm: propagate error from stack expansion even for guard page · 78eaa11a
    Linus Torvalds authored
    commit fee7e49d upstream.
    
    Jay Foad reports that the address sanitizer test (asan) sometimes gets
    confused by a stack pointer that ends up being outside the stack vma
    that is reported by /proc/maps.
    
    This happens due to an interaction between RLIMIT_STACK and the guard
    page: when we do the guard page check, we ignore the potential error
    from the stack expansion, which effectively results in a missing guard
    page, since the expected stack expansion won't have been done.
    
    And since /proc/maps explicitly ignores the guard page (commit
    d7824370: "mm: fix up some user-visible effects of the stack guard
    page"), the stack pointer ends up being outside the reported stack area.
    
    This is the minimal patch: it just propagates the error.  It also
    effectively makes the guard page part of the stack limit, which in turn
    measn that the actual real stack is one page less than the stack limit.
    
    Let's see if anybody notices.  We could teach acct_stack_growth() to
    allow an extra page for a grow-up/grow-down stack in the rlimit test,
    but I don't want to add more complexity if it isn't needed.
    Reported-and-tested-by: default avatarJay Foad <jay.foad@gmail.com>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
    78eaa11a
memory.c 110 KB