The r-xp
region at 0x400000 is your text (code) section. It's readable, and executable, but not writable.
The rw-p
region at 0x600000 is your data section. It's readable and writable, but not executable.
readelf -S a.out
will show you the sections in your executable, and where they are going to be loaded into memory (first through a section-to-segment mapping.)
Your experiment about malloc
ing 4 bytes is insufficient, because that's not how memory management works. When you call malloc
, your libc implementation is going to carve out a small piece out of the large pool that it is maintaining. (This is just your process doing this - the OS is not immediately involved.) When you have depleted that pool, it will use the brk
(or mmap
) system call to ask the kernel to give it more memory.
If you malloc
a much larger amount of memory, you will probably see the heap grow. Also, you can run strace
on your executable, and see when it actually makes the brk
or memmap
system calls.