Bug 204157 - brk syscall returns random address
Summary: brk syscall returns random address
Status: NEW
Alias: None
Product: Memory Management
Classification: Unclassified
Component: Page Allocator (show other bugs)
Hardware: x86-64 Linux
: P1 normal
Assignee: Andrew Morton
Depends on:
Reported: 2019-07-13 08:53 UTC by Sergei Trusov
Modified: 2019-07-13 08:54 UTC (History)
0 users

See Also:
Kernel Version: 5.2.0
Tree: Mainline
Regression: Yes


Description Sergei Trusov 2019-07-13 08:53:56 UTC

For long time we have flat assembler (fasm [1]) that is allocating memory with the help of the flowing snippet of code:

    ; in:
    ;  r14d = requested size
    ; out:
    ;  eax - allocated block, equal to previous value of [malloc_lbrk]
    ;  ecx = allocated size
    ;  edi = what was in r12d
    ;  esi = what was in r13d
    ;  on error jumps to out_of_memory (does not return)
    ; preserves: rbx
    ; note: for internal use only
        cmp     dword [malloc_lbrk],0
        jne     malloc_lbrk_valid
        mov     eax,12                  ; sys_brk
        xor     edi,edi
        mov     ecx,eax
        cmp     rcx,rax
        jne     out_of_memory

The ELF file itself is not relocatable.
With kernel versions <= v5.1.x this brk syscall returns address within 4Gb range, so eax equals to rax.

With v5.2 (tested on Fedora Rawhide, Linux 5.2.0-1.fc31.x86_64) this syscall returns something like 0x555556a2d000 or 0x5555557b7000.

Please let us know, is it intended kernel behaviour or some kind of regression?

[1] https://flatassembler.net/

Note You need to log in before you can comment on or make changes to this bug.