I searched out of some explanations pertaining to this issue. It seems like a recommendation to avoid potential buffer overflows. We are recommended to use the top 16M for library mappings. However, it comes with another question. Why do we use the top 16M address space which seems to be the most possible area to get null pointer dereference. If we place library text and data segment there, is it possible for our pointer dereference to coincidentally get some data without any warning instead of a formal kernel oops in default settings? citation from stackoverflow " By default, on linux/x86, you won't see low addresses below 0x08000000 used for much; although the kernel may use it if requested in a mmap call, or if it runs out of room for mmaps. Additionally, there have been proposals to use addresses in the 0x00000000 - 0x01000000 range for library mappings, to make buffer overflows more difficult (by embedding a NUL byte to terminate strings)." ---------- Forwarded message ---------- From: Jiaqiang Xu <xjqhust03@xxxxxxxxx> Date: Fri, Sep 30, 2011 at 4:22 PM Subject: a question about the virtual address space memory layout To: kerneltech@xxxxxxxxxxxxx I just noticed that in my local i386 machine with kernel version 2.6.22 the ld and libc.so files are memory mapped between heap and stack area. However in some other lab machines, file&anonymous memory mapping regions are mapped before 0x08048000(in the top 128M region normally reserved for catching null pointer dereference). I am wondering the reason why they did this. jq