On Wed, Jun 18, 2025 at 12:37:29PM +0100, Lorenzo Stoakes wrote:
On Wed, Jun 18, 2025 at 04:58:56PM +0530, Dev Jain wrote:
MAP_CHUNK_SIZE was chosen randomly. Good to see it translates into something logical : )
To correct myself for being an idiot before, 256 x 4 KB is 1 MB not 1 GB sorry :)
So I guess I am correct, if we can find two VMAs (except at the edge of the high addr boundary) with a gap of greater than MAP_CHUNK_SIZE then there is a bug in mmap().
No haha, not at all!! Firstly fixed addressed override a lot of this, secondly the 256 page gap (which is configurable btw) is only applicable for mappings below a stack (in stack grow down arch).
This assumption is totally incorrect, sorry. I'd suggest making assertions about this is really not all that useful, as things vary by arch and kernel configuration.
You can play with this program to see what happens in reality.
On my system the mappings of first two VMAs are immediately adjacent, then the other is >1MB below:
#include <stdio.h> #include <stdlib.h> #include <sys/mman.h>
int main() { char *ptr;
ptr = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); if (ptr == MAP_FAILED) { perror("mmap 1"); return EXIT_FAILURE; } printf("ptr1 = %p\n", ptr);
ptr = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE | MAP_GROWSDOWN, -1, 0); if (ptr == MAP_FAILED) { perror("mmap 2"); return EXIT_FAILURE; } printf("ptr2 = %p\n", ptr);
ptr = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0); if (ptr == MAP_FAILED) { perror("mmap 3"); return EXIT_FAILURE; } printf("ptr3 = %p\n", ptr);
return EXIT_SUCCESS; }
The definitive answers are in the get unmapped area logic.
But again not very useful to test imo beyond hand-wavey basics (and you have to check that against all arches to be sure your hand waving is always true :)