https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67999
--- Comment #13 from Daniel Micay <danielmicay at gmail dot com> --- They'd still be able to make a mmap system call via syscall(...) to avoid the check, so it seems like it's mostly an ABI compatibility issue. Of course, they'd have to be very careful to avoid all of the caveats of a mapping that large too. It could be dealt with as it usually is by making new symbols with the checks to avoid changing anything for old binaries. And yeah, the vanilla kernel ASLR is incredibly weak. It only uses up to 1MiB of virtual memory (8-bit ASLR) rather than 256MiB (16-bit) like PaX.
