Can someone please point me to some documentation on the virtual memory maps used for Linux and Windows. By that I mean what virtual addresses, code, writable static data, the stack and the heap (along with other kernel bits) will normally be placed in, in a typical process?
+2
A:
Since the advent of ASLR, it's mostly on random virtual addresses.
ninjalj
2010-08-26 22:01:43
Is this the actual blocks sections are organized or how specifically relocatable functions are organized in the code block itself?
doron
2010-08-26 22:16:44
It's memory mappings, which roughly correspond to code, data and stack segments.
ninjalj
2010-08-26 22:22:38
+1
A:
The Wikipedia entry on Address Space Layout Randomisation (ALSR) describes how random allocation of address space protects against various attacks, and how the importance differs between data and code.
It describes both the Linux's default weak level of randomisation, and a patch you can use to strengthen it.
It also describes which versions of Windows offer it, and how it only applies to some code & executables.
Oddthinking
2010-08-27 08:01:04
It is quite low on detail. I am keen on diagrams with addresses if possible.
doron
2010-08-27 16:03:56
If you are looking for a memory map like the old-days of, for example, a Commodore 64 (such as this one http://sta.c64.org/cbm64mem.html), I think you are going to be out of luck. I don't think it works like that any more.
Oddthinking
2010-08-27 19:10:16
+1
A:
Probably the best way to get the process memory map on Linux is to look at the /proc//maps file. One can clearly see that for each executable or shared object there are separate sections for executable, const static data, and writable static data. Each one of these sections exists in its own memory page which allows Linux to share sections between executables and even implement features like copy-on-write.
In addition to this there is a section dedicated to the stack and one dedicated to the heap. There also may be some anonymous sections as well.
doron
2010-09-02 22:24:05