Why I can see the several same segments in the /proc/pid/maps output?

1.8k views Asked by At

Test is on the 32 bit Linux

The code is as below:

int foo(int a, int b)
{
    int c = a + b;
    return c;
}

int main()
{
    int e = 0;
    int d = foo(1, 2);
    printf("%d\n", d);
    scanf("%d", &e);

    return 0;
}

and when I use cat /proc/pid/maps to see the memory layout, it seems that I can see three text segment for my code and the library.

ubuntu% cat /proc/2191/maps
08048000-08049000 r-xp 00000000 08:01 1467306    /home/shuai/work/asm/test1
08049000-0804a000 r--p 00000000 08:01 1467306    /home/shuai/work/asm/test1
0804a000-0804b000 rw-p 00001000 08:01 1467306    /home/shuai/work/asm/test1
09137000-09158000 rw-p 00000000 00:00 0          [heap]
b75c6000-b75c7000 rw-p 00000000 00:00 0
b75c7000-b776b000 r-xp 00000000 08:01 3149924    /lib/i386-linux-gnu/libc-2.15.so
b776b000-b776d000 r--p 001a4000 08:01 3149924    /lib/i386-linux-gnu/libc-2.15.so
b776d000-b776e000 rw-p 001a6000 08:01 3149924    /lib/i386-linux-gnu/libc-2.15.so
b776e000-b7771000 rw-p 00000000 00:00 0
b7780000-b7784000 rw-p 00000000 00:00 0
b7784000-b7785000 r-xp 00000000 00:00 0          [vdso]
b7785000-b77a5000 r-xp 00000000 08:01 3149914    /lib/i386-linux-gnu/ld-2.15.so
b77a5000-b77a6000 r--p 0001f000 08:01 3149914    /lib/i386-linux-gnu/ld-2.15.so
b77a6000-b77a7000 rw-p 00020000 08:01 3149914    /lib/i386-linux-gnu/ld-2.15.so
bfd47000-bfd68000 rw-p 00000000 00:00 0          [stack]

Could any one give me some guide about this issue? Thank you a lot!

2

There are 2 answers

0
Netch On BEST ANSWER

Please mind the values in columns 3 (starting offset) and 2 (permissions). Really you have the same part mapped twice, in lines 1 and 2 for your binary file, but, in line 3, it's different. It's permitted to map the same file separately multiple times; different systems could skip merging this into one VM map entry, so it could reflect mapping history but not the current state jist.

If you see at library mappings you could easily find the law that any library is mapped separately:

  • With permission to read and execute: the main code which shouldn't be changed.
  • With permission to read: constant data area without code allowed.
  • With permission to read and write: it combines non-constant data area and relocation tables of shared objects.

Having the same starting 4K binary file area mapped twice could be explained with RTLD logic which differs from an arbitrary library logic due to bootstrapping needs. I don't treat it so important, more so it could easily differ on platform specifics.

0
nobody On

Note that the three sections for each file have different permissions: read-only, read-write, and read-execute. This is for security: the code section (read-execute) can't be written to through exploits, and the segment that can be written can't be executed.