The following diagram depicts the layout of a typical process address space in Linux systems, which is composed of a set of virtual memory segments:

Each segment is physically mapped to one or more linear memory blocks (made out of one or more pages), and appropriate address translation records are placed in a process page table. Before we get into the complete details of how the kernel manages memory maps and constructs page tables, let's understand in brief each segment of the address space:

• Stack is the topmost segment, which expands downward. It contains stack frames that hold local variables and function parameters; a new frame is created on top of the stack upon entry into a called function, and is destroyed when the current function returns. Depending on the level of nesting of the function calls, there is always a need for the stack segment to dynamically expand to accommodate new frames. Such expansion is handled by the virtual memory manager through page faults: when the process attempts to touch an unmapped address at the top of the stack, the system triggers a page fault, which is handled by the kernel to check whether it is appropriate to grow the stack. If the current stack utilization is within RLIMIT_STACK, then it is considered appropriate and the stack is expanded. However, if the current utilization is maximum with no further scope to expand, then a segmentation fault signal is delivered to the process.
• Mmap is a segment below the stack; this segment is primarily used for mapping file data from page cache into process address space. This segment is also used for mapping shared objects or dynamic libraries. User-mode processes can initiate new mappings through the mmap() API. The Linux kernel also supports anonymous memory mapping through this segment, which serves as an alternative mechanism for dynamic memory allocations to store process data.
• Heap segment provides address space for dynamic memory allocation that allows a process to store runtime data. The kernel provides the brk() family of APIs, through which user-mode processes can expand or shrink the heap at runtime. However, most programming-language-specific standard libraries implement heap management algorithms for efficient utilization of heap memory. For instance, GNU glibc implements heap management that offers the malloc() family of functions for allocations.

The lower segments of the address space--BSS, Data, and Text--are related to the binary image of the process:

• The BSS stores uninitialized static variables, whose values are not initialized in the program code. The BSS is set up through anonymous memory mapping.
• The data segment contains global and static variables initialized in program source code. This segment is enumerated by mapping part of the program binary image that contains initialized data; this mapping is created of type private memory mapping, which ensures that changes to data variables' memory are not reflected on the disk file.
• The text segment is also enumerated by mapping the program binary file from memory; this mapping is of type RDONLY, resulting in a segmentation fault to be triggered on an attempt to write into this segment.

The kernel supports the address space randomization facility, which if enabled during build allows the VM subsystem to randomize start locations for stack, mmap, and heap segments for each new process. This provides processes with much-needed security from malicious programs that are capable of injecting faults. Hacker programs are generally hard-coded with fixed start addresses of memory segments of a valid process; with address space randomization, such malicious attacks would fail. However, text segments enumerated from the binary file of the application program are mapped to a fixed address as per the definition of the underlying architecture; this is configured into the linker script, which is applied while constructing the program binary file.