2

When I explore the virtual memory address ranges used by the bash program by looking at /proc/bash_pid/maps, I found that some virtual address range is not readable, writable, or executable. For example, 

7f1337130000-7f133732f000 ---p 00017000 08:05 9179011                    /lib/x86_64-linux-gnu/libnsl-2.15.so

My question is:

If such virtual address is not readable, writable, or executable, why does the program need it?

Although it shows that that address area is linked to some shared library, it seems to me that these address areas are not useful for the program at all.

Below is the full output of the /proc/pid/maps

/proc/4139# cat maps 
00400000-004e0000 r-xp 00000000 08:05 9437188                            /bin/bash
006e0000-006e1000 r--p 000e0000 08:05 9437188                            /bin/bash
006e1000-006ea000 rw-p 000e1000 08:05 9437188                            /bin/bash
006ea000-006f0000 rw-p 00000000 00:00 0 
02239000-02640000 rw-p 00000000 00:00 0                                  [heap]
7f1336d00000-7f1336d0c000 r-xp 00000000 08:05 9175165                    /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f1336d0c000-7f1336f0b000 ---p 0000c000 08:05 9175165                    /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f1336f0b000-7f1336f0c000 r--p 0000b000 08:05 9175165                    /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f1336f0c000-7f1336f0d000 rw-p 0000c000 08:05 9175165                    /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f1336f0d000-7f1336f17000 r-xp 00000000 08:05 9178732                    /lib/x86_64-linux-gnu/libnss_nis-2.15.so
7f1336f17000-7f1337117000 ---p 0000a000 08:05 9178732                    /lib/x86_64-linux-gnu/libnss_nis-2.15.so
7f1337117000-7f1337118000 r--p 0000a000 08:05 9178732                    /lib/x86_64-linux-gnu/libnss_nis-2.15.so
7f1337118000-7f1337119000 rw-p 0000b000 08:05 9178732                    /lib/x86_64-linux-gnu/libnss_nis-2.15.so
7f1337119000-7f1337130000 r-xp 00000000 08:05 9179011                    /lib/x86_64-linux-gnu/libnsl-2.15.so
7f1337130000-7f133732f000 ---p 00017000 08:05 9179011                    /lib/x86_64-linux-gnu/libnsl-2.15.so
7f133732f000-7f1337330000 r--p 00016000 08:05 9179011                    /lib/x86_64-linux-gnu/libnsl-2.15.so
7f1337330000-7f1337331000 rw-p 00017000 08:05 9179011                    /lib/x86_64-linux-gnu/libnsl-2.15.so
7f1337331000-7f1337333000 rw-p 00000000 00:00 0 
7f1337333000-7f133733b000 r-xp 00000000 08:05 9175163                    /lib/x86_64-linux-gnu/libnss_compat-2.15.so
7f133733b000-7f133753a000 ---p 00008000 08:05 9175163                    /lib/x86_64-linux-gnu/libnss_compat-2.15.so
7f133753a000-7f133753b000 r--p 00007000 08:05 9175163                    /lib/x86_64-linux-gnu/libnss_compat-2.15.so
7f133753b000-7f133753c000 rw-p 00008000 08:05 9175163                    /lib/x86_64-linux-gnu/libnss_compat-2.15.so
7f133753c000-7f1337c1f000 r--p 00000000 08:05 2365762                    /usr/lib/locale/locale-archive
7f1337c1f000-7f1337dd4000 r-xp 00000000 08:05 9175161                    /lib/x86_64-linux-gnu/libc-2.15.so
7f1337dd4000-7f1337fd4000 ---p 001b5000 08:05 9175161                    /lib/x86_64-linux-gnu/libc-2.15.so
7f1337fd4000-7f1337fd8000 r--p 001b5000 08:05 9175161                    /lib/x86_64-linux-gnu/libc-2.15.so
7f1337fd8000-7f1337fda000 rw-p 001b9000 08:05 9175161                    /lib/x86_64-linux-gnu/libc-2.15.so
7f1337fda000-7f1337fdf000 rw-p 00000000 00:00 0 
7f1337fdf000-7f1337fe1000 r-xp 00000000 08:05 9179006                    /lib/x86_64-linux-gnu/libdl-2.15.so
7f1337fe1000-7f13381e1000 ---p 00002000 08:05 9179006                    /lib/x86_64-linux-gnu/libdl-2.15.so
7f13381e1000-7f13381e2000 r--p 00002000 08:05 9179006                    /lib/x86_64-linux-gnu/libdl-2.15.so
7f13381e2000-7f13381e3000 rw-p 00003000 08:05 9179006                    /lib/x86_64-linux-gnu/libdl-2.15.so
7f13381e3000-7f1338205000 r-xp 00000000 08:05 9178891                    /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f1338205000-7f1338405000 ---p 00022000 08:05 9178891                    /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f1338405000-7f1338409000 r--p 00022000 08:05 9178891                    /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f1338409000-7f133840a000 rw-p 00026000 08:05 9178891                    /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f133840a000-7f133842c000 r-xp 00000000 08:05 9179003                    /lib/x86_64-linux-gnu/ld-2.15.so
7f133860f000-7f1338612000 rw-p 00000000 00:00 0 
7f1338623000-7f133862a000 r--s 00000000 08:05 2628031                    /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7f133862a000-7f133862c000 rw-p 00000000 00:00 0 
7f133862c000-7f133862d000 r--p 00022000 08:05 9179003                    /lib/x86_64-linux-gnu/ld-2.15.so
7f133862d000-7f133862f000 rw-p 00023000 08:05 9179003                    /lib/x86_64-linux-gnu/ld-2.15.so
7fffdc8a0000-7fffdc8c1000 rw-p 00000000 00:00 0                          [stack]
7fffdc9c8000-7fffdc9ca000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
John Kugelman
  • 349,597
  • 67
  • 533
  • 578
Mike
  • 1,841
  • 2
  • 18
  • 34
  • 1
    Good, well-written question. If you don't mind, I trimmed some of the fat. – John Kugelman Mar 29 '16 at 02:24
  • Maybe the question is better asked on unix.stackexchange.com. – Barmar Mar 29 '16 at 02:38
  • 1
    From this link [/proc/$pid/maps shows pages with no rwx permissions on x86\_64 linux](http://stackoverflow.com/questions/16524895/proc-pid-maps-shows-pages-with-no-rwx-permissions-on-x86-64-linux): "The PROT_NONE mappings are created to do with keeping libraries efficiently sharable and to mark guard pages so buffer overflows can be cached. Just keep in mind that these mappings are only using part of the virtual address space but they are not actually consuming the systems memory." – paulsm4 Mar 29 '16 at 02:44
  • It makes some sense to use the virtual address PROT_NONE to protect from stack overhflow. However, it does not have be to so large, IMO. The PROT_NONE range is always 512 * 4KB. Why do we need to waste so large virtual space to protect from stack overflow? – Mike Mar 29 '16 at 17:05

0 Answers0