Understanding Linux Process Memory Layout: From task_struct to vm_area_struct

Linux represents each process with a task_struct (process descriptor) that contains an mm_struct (memory descriptor). The mm_struct tracks all virtual memory segments of the process, including code, data, BSS, heap, memory‑mapped area, and stack.

Each contiguous virtual memory region is described by a vm_area_struct . This structure records the start and end addresses, access flags, and the backing file (if any). If no file backs the region, it is considered anonymous.

The article shows the memory layout of a /bin/gonzo process: the binary maps to the code and data segments, the BSS segment holds uninitialized globals, the heap and stack are anonymous, and the memory‑mapped area can contain shared libraries or file mappings.

All vm_area_struct instances are stored in the mm_struct as a singly‑linked list and a red‑black tree, enabling fast lookup of a specific region. The tree root resides in the mm_rb field.

Virtual addresses are translated to physical addresses via page tables. The mm_struct also holds a pointer to the page‑global directory ( pgd). Each virtual page corresponds to a page‑table entry (PTE). When a page is not yet backed by physical memory, the PTE’s Present flag is cleared.

Linux uses a lazy allocation strategy: when a process requests memory (e.g., via brk() to grow the heap), the new pages are initially unmapped. Only when the CPU accesses an unmapped page does a page‑fault occur, prompting the kernel to allocate a physical page from the buddy system, map it, and set the PTE’s Present bit.

Example scenario:

The heap starts with 8 KB of physical memory already mapped.

Calling brk() expands the heap; the new pages are not yet mapped.

Accessing an unmapped address triggers a page‑fault.

The kernel allocates a physical page, maps it, and updates the PTE.

Key takeaways:

Each memory segment of a Linux process is represented by a vm_area_struct covering a continuous virtual address range.

Memory requests first extend or create a vm_area_struct without immediate physical allocation; physical pages are provided only on first access, after a page‑fault.