When learning Linux Operating Systems, I know the following things:
So, what's under 0x400000, is it reserved?
As Maxim says, it's simply unmapped. The pages in that region are marked as "not present" in the CPU's page tables, so that accessing them causes a page fault; and the kernel knows they are not backed by any physical memory, file, or swap space, so that such a page fault will be handled by delivering a segmentation fault signal (SIGSEGV) to the process, normally killing it.
It is desirable for at least the lowest page of a program's virtual address space to be unmapped, so that accesses to address 0 (null pointer dereference) will cause a segmentation fault instead of allowing a buggy program to continue running. Leaving a larger region unmapped is also nice so that, for instance, if the program tries to access p[i]
where p
is a null pointer and i
is somewhat greater than 4096, the program will again get a segfault. In 32-bit mode, the value 0x400000
is convenient because this is 4 MB and corresponds to one entry in the page directory. See https://wiki.osdev.org/Paging for an introduction to x86 paging.