2013/2/24 Ingo Weinhold <ingo_weinhold@xxxxxx>: > Pawel Dziepak <pdziepak@xxxxxxxxxxx> wrote: >>Worst case scenario is that a process would ran out of address space >>after creating a half of the threads it would have be able to create >>had ASLR be disabled. It is still a big number of threads. And the >>space wasted due to thread randomization could still be used by heap. > > The heap would actually be the bigger problem since it is resized in larger > chunks (4MB IIRC). Anyway the thread limit was just an example. My point was > that the address space layout we're using makes some sense. If you randomize > all area address allocations, it is easily possible to get into trouble way > before having used half of the address space. E.g. you only need to 512 > single page allocations to make 4 MB allocations impossible. Actually the heap is increased in 64 kB chunks and since it does not have to be contiguous when there is critically low amount of available virtual address space it can use gaps that were created due to randomization. In addition to that heap growing algorithm may be made to attempt increase the heap in smaller chunks when no 64 kB blocks are available and the requested amount of heap is small enough. Only big allocations may be problematic, but since positions of all areas while being random still are going to be inside some certain range it will be, on average, only several megabytes wasted. Paweł