Introduction
The mmap function is a POSIX system call that maps files, devices, or anonymous memory regions directly into a process virtual address space. By bypassing traditional read and write system calls, it enables zero-copy I/O, shared memory interprocess communication, and efficient manipulation of large data sets. The kernel manages page fault handling, cache synchronization, and virtual memory translation automatically. While not part of the ISO C standard library, mmap is fundamental to Unix-like operating systems and forms the backbone of databases, memory allocators, JIT compilers, and high-performance networking stacks. Understanding its protection semantics, flag interactions, page alignment constraints, and security boundaries is essential for writing robust systems-level C code.
Header and Function Signature
The function is declared in the <sys/mman.h> header.
#include <sys/mman.h> void *mmap(void *addr, size_t length, int prot, int flags, int fd, off_t offset);
Parameters:
addr: Suggested starting address. PassNULLto let the kernel choose.length: Number of bytes to map. Rounded up to the nearest page boundary internally.prot: Memory protection flags defining allowed access types.flags: Mapping behavior modifiers controlling sharing, anonymity, and placement.fd: File descriptor to map. Ignored for anonymous mappings.offset: Byte offset within the file. Must be a multiple of the system page size.
The function returns a pointer to the mapped region on success or MAP_FAILED on error. The mapped region remains valid until explicitly unmapped or the process terminates.
Protection and Mapping Flags
Memory protection and mapping behavior are controlled through bitwise OR combinations of predefined constants.
| Constant | Purpose | Notes |
|---|---|---|
PROT_READ | Allow read access | Required for any data retrieval |
PROT_WRITE | Allow write access | May trigger copy-on-write with MAP_PRIVATE |
PROT_EXEC | Allow execution | Restricted by modern W^X security policies |
PROT_NONE | Block all access | Useful for guard pages and red zones |
| Constant | Purpose | Notes |
|---|---|---|
MAP_SHARED | Changes visible to other processes and underlying file | Enables IPC and file synchronization |
MAP_PRIVATE | Copy-on-write semantics | Changes remain private; file unchanged |
MAP_ANONYMOUS | Map zero-filled memory not backed by a file | fd must be -1, offset must be 0 |
MAP_FIXED | Force exact address placement | Dangers of unmapping existing mappings; rarely needed |
MAP_POPULATE | Pre-fault pages to reduce latency | Linux-specific; blocks during mapping |
Combining flags requires careful consideration. MAP_SHARED | MAP_ANONYMOUS creates shared memory between processes. MAP_PRIVATE with a file descriptor enables read-only file mapping or private scratch space. PROT_EXEC combined with PROT_WRITE is frequently blocked by kernel hardening unless explicitly relaxed through mprotect.
Return Value and Error Handling
The function returns MAP_FAILED on failure, not NULL. MAP_FAILED is typically defined as (void *)-1. Immediate validation is mandatory before dereferencing.
#include <sys/mman.h>
#include <stdio.h>
#include <errno.h>
void *mapping = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (mapping == MAP_FAILED) {
perror("mmap failed");
return 1;
}
Common error codes:
EACCES: File not readable/writable according toprotandfdaccess modeEINVAL: Invalid flags, non-page-alignedoffset, or incompatibleprot/flagscombinationENOMEM: Insufficient virtual address space or physical memory exhaustionEBADF: Invalid or closed file descriptorEOVERFLOW:offset + lengthexceeds file size or address space limits
The C standard library does not abstract these errors. Developers must interpret errno and implement fallback strategies or graceful degradation.
Mapping Types and Kernel Semantics
The kernel distinguishes three primary mapping categories based on backing storage and sharing behavior.
File-backed mappings link virtual pages directly to file data on disk. Reads trigger page faults that load file contents into the page cache. Writes modify the page cache and are flushed to disk asynchronously or via msync. Multiple processes mapping the same file with MAP_SHARED see each other changes immediately through cache coherence.
Anonymous mappings allocate zero-filled pages without file association. They serve as the foundation for malloc implementations, thread stacks, and temporary buffers. MAP_PRIVATE creates copy-on-write copies on first write. MAP_SHARED enables cross-process shared memory without file I/O overhead.
Copy-on-write semantics activate when MAP_PRIVATE mappings are written. The kernel duplicates the affected page, isolating modifications from the backing file or other processes. This enables safe temporary editing of large files or shared libraries without permanent modification.
All mappings operate at page granularity. The system page size is typically 4096 bytes on x86 and ARM, but varies by architecture. Use sysconf(_SC_PAGESIZE) for portable queries. Requests smaller than one page allocate a full page. Requests larger than page size allocate contiguous virtual pages, which may be physically fragmented.
Performance Characteristics and Page Fault Behavior
Memory mapping trades upfront system call overhead for deferred page allocation. Accessing unmapped pages triggers demand paging, causing minor or major page faults.
Minor page faults occur when the required page exists in the page cache but lacks a virtual mapping. Resolution involves page table updates only. Execution resumes rapidly.
Major page faults occur when the page must be read from disk or swap. Execution blocks until I/O completes. Cold mappings of large files exhibit high major fault rates during initial access.
Sequential access patterns benefit from read-ahead algorithms. Random access triggers isolated page faults that may degrade throughput compared to tuned read calls. Small files often perform worse with mmap due to page table setup overhead and cache pollution.
Virtual memory fragmentation limits long-lived mappings. Exhausting contiguous virtual address space triggers ENOMEM even with available physical memory. 64-bit systems mitigate this through larger address spaces, but embedded or 32-bit environments require careful lifecycle management.
Security Constraints and Privilege Boundaries
Memory mapping introduces significant security considerations. The kernel enforces strict isolation and execution policies to prevent privilege escalation and code injection.
W^X (Write XOR Execute) policy prevents simultaneous PROT_WRITE and PROT_EXEC on the same region. Modern Linux kernels with CONFIG_STRICT_KERNEL_RWX and BSD systems with W^X enforcement block JIT compilation patterns unless explicitly relaxed. Developers must map with PROT_READ | PROT_WRITE, write code, then call mprotect to switch to PROT_READ | PROT_EXEC.
Truncated file mappings trigger SIGBUS when accessing pages beyond the current file end. Unhandled signals terminate the process. Applications must either pre-extend files with ftruncate or install signal handlers to manage boundary conditions gracefully.
Memory-mapped I/O regions for hardware devices require strict privilege controls. User-space access is typically blocked unless granted through mmap on /dev/mem or character devices with appropriate permissions. Misconfigured device mappings enable arbitrary physical memory access and system compromise.
Sandboxing frameworks like seccomp and pledge restrict mmap usage in untrusted processes. Allowing arbitrary mmap calls bypasses memory isolation guarantees. Production services should map only required regions with minimal protection flags and drop privileges before execution.
Common Use Cases and Implementation Patterns
High-performance file processing leverages mmap to eliminate read/write copy overhead. Database engines map index files and record stores directly, using pointer arithmetic for navigation.
int fd = open("data.db", O_RDONLY);
struct stat st;
fstat(fd, &st);
void *db = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
if (db == MAP_FAILED) { /* handle error */ }
/* Direct pointer access to records */
uint32_t *header = (uint32_t *)db;
munmap(db, st.st_size);
close(fd);
Shared memory IPC replaces pipe and socket overhead for latency-sensitive applications. MAP_SHARED | MAP_ANONYMOUS creates memory visible to parent and child processes after fork.
void *shm = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1, 0);
if (shm == MAP_FAILED) { /* handle error */ }
pid_t pid = fork();
if (pid == 0) {
((int *)shm)[0] = 42;
_exit(0);
}
wait(NULL);
printf("Child wrote: %d\n", ((int *)shm)[0]);
munmap(shm, 4096);
JIT compilers and dynamic code generators use mmap to allocate executable memory. Modern workflows separate allocation, writing, and permission switching to comply with kernel security policies.
void *exec_mem = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); memcpy(exec_mem, bytecode, size); mprotect(exec_mem, size, PROT_READ | PROT_EXEC); ((void (*)(void))exec_mem)();
Edge Cases and Platform Variations
Address space limits vary significantly across architectures. 32-bit systems cap at 3 to 4 gigabytes per process. Large file mappings exhaust virtual memory quickly. MAP_FIXED should be avoided unless implementing custom allocators or embedders with strict layout requirements.
macOS and BSD use MAP_ANON instead of MAP_ANONYMOUS. The GNU C library defines both for compatibility. Portable code checks feature macros or uses conditional compilation.
offset must be page-aligned. Passing unaligned offsets triggers EINVAL. Developers must calculate aligned offsets manually:
off_t page_size = sysconf(_SC_PAGESIZE); off_t aligned_offset = (offset / page_size) * page_size; size_t adjusted_length = length + (offset - aligned_offset); void *mapping = mmap(NULL, adjusted_length, PROT_READ, MAP_PRIVATE, fd, aligned_offset); void *data_start = (char *)mapping + (offset - aligned_offset);
Linux provides mremap for resizing mappings without copying. This extension is not POSIX-compliant and unavailable on BSD or macOS. Cross-platform code must implement manual remapping with mmap, memcpy, and munmap.
msync guarantees durability but introduces blocking I/O. MS_SYNC flushes immediately. MS_ASYNC schedules background writeback. MS_INVALIDATE discards cache and reloads from file. Omitting msync on MAP_SHARED mappings risks data loss on system crash.
Best Practices for Production Systems
- Always validate return value against
MAP_FAILED, notNULL - Use
sysconf(_SC_PAGESIZE)for alignment calculations instead of hardcoded values - Prefer
MAP_PRIVATEunless explicit cross-process sharing or file persistence is required - Install
SIGBUShandlers or validate file size before mapping to prevent termination on truncation - Separate
PROT_WRITEandPROT_EXECphases usingmprotectfor JIT or dynamic code - Call
msyncwithMS_SYNCfor critical durability guarantees before process exit - Monitor page fault rates and RSS usage to detect thrashing or virtual memory exhaustion
- Unmap regions explicitly with
munmapand verify return value to catch resource leaks - Avoid
MAP_FIXEDin production code unless implementing low-level runtime systems - Restrict
mmapaccess in sandboxed environments through seccomp filters or capability bounding sets
Conclusion
The mmap function provides direct virtual memory mapping for files, devices, and anonymous regions. It enables zero-copy I/O, shared memory communication, and efficient large data handling through demand paging and page cache integration. Proper usage requires strict validation against MAP_FAILED, page-aligned offset calculation, protection flag discipline, and explicit lifecycle management with munmap and msync. Security constraints like W^X enforcement and SIGBUS handling must be addressed to prevent termination or privilege escalation. Performance characteristics depend heavily on access patterns, page fault behavior, and virtual address space availability. When applied with rigorous error handling, alignment awareness, and security hardening, mmap delivers deterministic, high-throughput memory access that powers modern databases, runtime environments, and systems-level C applications.
C Preprocessor, Macros & Compilation Directives (Complete Guide)
https://macronepal.com/aws/mastering-c-variadic-macros-for-flexible-debugging/
Explains variadic macros in C, allowing functions/macros to accept a variable number of arguments for flexible logging and debugging.
https://macronepal.com/aws/mastering-the-stdc-macro-in-c/
Explains the __STDC__ macro, which indicates compliance with the C standard and helps ensure portability across compilers.
https://macronepal.com/aws/c-time-macro-mechanics-and-usage/
Explains the __TIME__ macro, which provides the compilation time of a program and is often used for logging and debugging.
https://macronepal.com/aws/understanding-the-c-date-macro/
Explains the __DATE__ macro, which inserts the compilation date into programs for tracking builds.
https://macronepal.com/aws/c-file-type/
Explains the __FILE__ macro, which represents the current file name during compilation and is useful for debugging.
https://macronepal.com/aws/mastering-c-line-macro-for-debugging-and-diagnostics/
Explains the __LINE__ macro, which provides the current line number in source code, helping in error tracing and diagnostics.
https://macronepal.com/aws/mastering-predefined-macros-in-c/
Explains all predefined macros in C, including their usage in debugging, portability, and compile-time information.
https://macronepal.com/aws/c-error-directive-mechanics-and-usage/
Explains the #error directive in C, used to generate compile-time errors intentionally for validation and debugging.
https://macronepal.com/aws/understanding-the-c-pragma-directive/
Explains the #pragma directive, which provides compiler-specific instructions for optimization and behavior control.
https://macronepal.com/aws/c-include-directive/
Explains the #include directive in C, used to include header files and enable code reuse and modular programming.
HTML Online Compiler
https://macronepal.com/free-html-online-code-compiler/
Python Online Compiler
https://macronepal.com/free-online-python-code-compiler/
Java Online Compiler
https://macronepal.com/free-online-java-code-compiler/
C Online Compiler
https://macronepal.com/free-online-c-code-compiler/
C Online Compiler (Version 2)
https://macronepal.com/free-online-c-code-compiler-2/
Node.js Online Compiler
https://macronepal.com/free-online-node-js-code-compiler/
JavaScript Online Compiler
https://macronepal.com/free-online-javascript-code-compiler/
Groovy Online Compiler
https://macronepal.com/free-online-groovy-code-compiler/
J Shell Online Compiler
https://macronepal.com/free-online-j-shell-code-compiler/
Haskell Online Compiler
https://macronepal.com/free-online-haskell-code-compiler/
Tcl Online Compiler
https://macronepal.com/free-online-tcl-code-compiler/
Lua Online Compiler
https://macronepal.com/free-online-lua-code-compiler/