Bug#797530: 32bit pie memory layout leaves only ~100MB between heap and stack

Mon, 31 Aug 2015 04:45:40 -0700 

Source: linux
Version: 3.16.7-ckt11-1
Severity: important

I'm still seeing a memory layout for pie executables on 32 bit that
only leaves a bit over 100MB between heap and stack:

$ uname -a
Linux feynman 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1 (2015-05-24) x86_64 
GNU/Linux

$ ./pie
f756b000-f756c000 rw-p 00000000 00:00 0
f756c000-f76d7000 r-xp 00000000 fe:00 11214                              
/lib/i386-linux-gnu/libc-2.19.so
f76d7000-f76d9000 r--p 0016b000 fe:00 11214                              
/lib/i386-linux-gnu/libc-2.19.so
f76d9000-f76da000 rw-p 0016d000 fe:00 11214                              
/lib/i386-linux-gnu/libc-2.19.so
f76da000-f76dd000 rw-p 00000000 00:00 0
f76e6000-f76e8000 rw-p 00000000 00:00 0
f76e8000-f76e9000 r-xp 00000000 00:00 0                                  [vdso]
f76e9000-f76eb000 r--p 00000000 00:00 0                                  [vvar]
f76eb000-f770a000 r-xp 00000000 fe:00 11211                              
/lib/i386-linux-gnu/ld-2.19.so
f770a000-f770b000 r--p 0001f000 fe:00 11211                              
/lib/i386-linux-gnu/ld-2.19.so
f770b000-f770c000 rw-p 00020000 fe:00 11211                              
/lib/i386-linux-gnu/ld-2.19.so
f770c000-f770d000 r-xp 00000000 fe:02 392551                             
/cb/cb/pie
f770d000-f770e000 rw-p 00000000 fe:02 392551                             
/cb/cb/pie
f9119000-f913a000 rw-p 00000000 00:00 0                                  [heap]
ffcc4000-ffce5000 rw-p 00000000 00:00 0                                  [stack]

>>> 0xffcc4000-0xf913a000
112762880

$ cat pie.c
#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
       #include <sys/types.h>
       #include <unistd.h>

int main (void)
{
  char *cmd;
  asprintf (&cmd, "cat /proc/%u/maps", getpid());
  return system(cmd);
}

$ gcc -m32 -pie -fpie pie.c -o pie

I thought this was fixed via this commit, but apparently it's not:

linux (3.16.7-ckt11-1) jessie; urgency=medium
    - fs/binfmt_elf.c: fix bug in loading of PIE binaries

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86

This patch is in 3.16.7-ckt11-1, but apparently it doesn't fix this
issue.


FTR, 4.1 looks fine:

56594000-56595000 r-xp 00000000 fe:02 14443300                           
/home/cbe/tmp/pie
56595000-56596000 rw-p 00000000 fe:02 14443300                           
/home/cbe/tmp/pie
58166000-58187000 rw-p 00000000 00:00 0                                  [heap]
f756a000-f756b000 rw-p 00000000 00:00 0 
f756b000-f76d7000 r-xp 00000000 fe:02 20846504                           
/lib/i386-linux-gnu/libc-2.19.so
f76d7000-f76d9000 r--p 0016c000 fe:02 20846504                           
/lib/i386-linux-gnu/libc-2.19.so
f76d9000-f76da000 rw-p 0016e000 fe:02 20846504                           
/lib/i386-linux-gnu/libc-2.19.so
f76da000-f76dd000 rw-p 00000000 00:00 0 
f76e6000-f76e8000 rw-p 00000000 00:00 0 
f76e8000-f76ea000 r--p 00000000 00:00 0                                  [vvar]
f76ea000-f76eb000 r-xp 00000000 00:00 0                                  [vdso]
f76eb000-f770a000 r-xp 00000000 fe:02 20844426                           
/lib/i386-linux-gnu/ld-2.19.so
f770a000-f770b000 r--p 0001f000 fe:02 20844426                           
/lib/i386-linux-gnu/ld-2.19.so
f770b000-f770c000 rw-p 00020000 fe:02 20844426                           
/lib/i386-linux-gnu/ld-2.19.so
ff976000-ff997000 rw-p 00000000 00:00 0                                  [stack]

Linux benz 4.1.0-1-amd64 #1 SMP Debian 4.1.3-1 (2015-08-03) x86_64 GNU/Linux

Christoph
-- 
c...@df7cb.de | http://www.df7cb.de/

Attachment: signature.asc
Description: Digital signature

Reply via email to