On Mon, 4 Feb 2008, Ingo Molnar wrote: > hm, so it seems that it isnt even the randomization that causes the > problem - but somehow the randomization code itself is broken, right? > Would you be interested in figuring out how to unbreak this? [if not, > could you send me the binary?]
I still don't seem to fully understand what is happening here -- aparently this is triggerable only with old programs linked against libc.so.5, and I am not able to trigger it with my trivial program when I link it against old libc.so.5, which just basically does brk() and checks whether /proc/<pid>/maps are OK. Seems to me that (at least certain versions) of libc.so.5 (wrongly) assume that end of the bss is the start of the heap, but I will try to investigate it more. Ingo, the code in commit c1d171a0029 is IMHO funcionalli identical to your exec-shield in fedora kernels, so even libc.so.5-linked binaries on any Fedora distro should trigger this bug ... (or you can use the binary that Pavel supplied). Haven't tried this yet. Thanks, -- Jiri Kosina -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
