What's under 0x400000 in virtual memory?

When learning Linux Operating Systems, I know the following things:

1. Real mode will use addresss under 0x10000
2. Protected mode use 4G for 32bit, and the user space can use 2/3 G
3. The virtual memory for a program will start from 0x40000 to higher

So, what's under 0x400000, is it reserved?

As Maxim says, it's simply unmapped. The pages in that region are marked as "not present" in the CPU's page tables, so that accessing them causes a page fault; and the kernel knows they are not backed by any physical memory, file, or swap space, so that such a page fault will be handled by delivering a segmentation fault signal (SIGSEGV) to the process, normally killing it.

It is desirable for at least the lowest page of a program's virtual address space to be unmapped, so that accesses to address 0 (null pointer dereference) will cause a segmentation fault instead of allowing a buggy program to continue running. Leaving a larger region unmapped is also nice so that, for instance, if the program tries to access p[i] where p is a null pointer and i is somewhat greater than 4096, the program will again get a segfault. In 32-bit mode, the value 0x400000 is convenient because this is 4 MB and corresponds to one entry in the page directory. See https://wiki.osdev.org/Paging for an introduction to x86 paging.