Re: don't let mmap allocate down to zero

[Rik van Riel]

On Thu, 27 Jan 2005, William Lee Irwin III wrote:

> The only claim above is the effect of clobbering virtual page 0 and
> referring to this phenomenon by the macro. I was rather careful not to
> claim a specific lower boundary to the address space.

OK, here is a patch that does compile against the current
2.6 kernel.  It it obvious we need a cutoff somewhere, so
I've chosen one that's sure to spark up a conversation
and I'll let others decide what that cutoff value is ;)))

===== mm/mmap.c 1.161 vs edited =====
--- 1.161/mm/mmap.c	Wed Jan 12 11:26:28 2005
+++ edited/mm/mmap.c	Thu Jan 27 14:19:21 2005
@@ -1259,6 +1259,13 @@
 			return addr;

 		/*
+		 * Make sure we don't allocate all the way down to
+		 * zero, which would break NULL pointer detection.
+		 */
+		if (addr < mm->brk)
+			goto fail;
+
+		/*
 		 * new region fits between prev_vma->vm_end and
 		 * vma->vm_start, use it:
 		 *//*
 * Test case to determine whether the kernel can end up mapping a
 * non-zero non-MAP_FIXED mmap area at address zero, which would
 * be bad.
 */

#include <stdio.h> 
#include <sys/time.h> 
#include <sys/mman.h> 
#include <sys/resource.h> 
#include <unistd.h> 
#include <fcntl.h> 
  
  
int main(int argc, char **argv) 
{ 
    int i; 
    void *p; 
    for(i = 0; ;i++) { 
	
        p = mmap(0, 4096, PROT_READ | PROT_WRITE, 
                   MAP_PRIVATE | MAP_ANON, -1, 0);
        if (p == MAP_FAILED) { 
            break; 
        } 
        if (p == 0) { 
            printf("ACK! Got NIL after %d mappings\n", i); 
 //	    perror("probably unhelpful: ");
            exit(1); 
        } 
	if ((i % 1000) == 0) printf("%d maps\n", i); 
    } 
    return 0; 
}