On Thu, Aug 08, 2024 at 09:12:59PM +0800, Kefeng Wang wrote: > > OK,revert patch is sent, but I am also curious about it. > > https://lore.kernel.org/all/20240808130909.1027860-1-wangkefeng.wang@xxxxxxxxxx/ I am also curious. It seems like the "real" fix would be in mmap - my understanding is that it should not intersect with heap, even when heap is empty (start_brk == brk). It looks like start_brk is fixed in place when the ELF is loaded in fs/binfmt_elf.c:load_elf_binary (line 1288). if ((current->flags & PF_RANDOMIZE) && (snapshot_randomize_va_space > 1)) { /* * For architectures with ELF randomization, when executing * a loader directly (i.e. no interpreter listed in ELF * headers), move the brk area out of the mmap region * (since it grows up, and may collide early with the stack * growing down), and into the unused ELF_ET_DYN_BASE region. */ if (IS_ENABLED(CONFIG_ARCH_HAS_ELF_RANDOMIZE) && elf_ex->e_type == ET_DYN && !interpreter) { mm->brk = mm->start_brk = ELF_ET_DYN_BASE; } else { /* Otherwise leave a gap between .bss and brk. */ mm->brk = mm->start_brk = mm->brk + PAGE_SIZE; } mm->brk = mm->start_brk = arch_randomize_brk(mm); #ifdef compat_brk_randomized current->brk_randomized = 1; #endif }
