Looks like there's another problem.  If you read /proc/self/maps with
>4k chunks, the reads are always truncated to < 4k.  However, at those
points, it misses an entry.  If you read in smaller chunks, the results
look good.

For example (tm.c is attached):
$ ./tm &
$ dd bs=80 < /proc/$!/maps > 1
$ dd bs=100k < /proc/$!/maps > 2
$ diff -u 1 2
@@ -96,7 +96,6 @@
 b7b43000-b7b44000 ---p b7b43000 00:00 0
 b7b44000-b7b45000 r-xp b7b44000 00:00 0
 b7b45000-b7b46000 ---p b7b45000 00:00 0
-b7b46000-b7b47000 r-xp b7b46000 00:00 0
 b7b47000-b7b48000 ---p b7b47000 00:00 0
 b7b48000-b7b49000 r-xp b7b48000 00:00 0
 b7b49000-b7b4a000 ---p b7b49000 00:00 0
@@ -196,7 +195,6 @@
 b7ba7000-b7ba8000 ---p b7ba7000 00:00 0
 b7ba8000-b7ba9000 r-xp b7ba8000 00:00 0
 b7ba9000-b7baa000 ---p b7ba9000 00:00 0
-b7baa000-b7bab000 r-xp b7baa000 00:00 0
 b7bab000-b7bac000 ---p b7bab000 00:00 0
 b7bac000-b7bad000 r-xp b7bac000 00:00 0
 b7bad000-b7bae000 ---p b7bad000 00:00 0
[...]

Strace shows that the mapping at 0xb7b46000 is skipped because it
straddles the read boundary:
[...]
b7b3f000-b7b40000 ---p b7b3f000 00:00 0 \n
b7b40000-b7b41000 r-xp b7b40000 00:00 0 \n
b7b41000-b7b42000 ---p b7b41000 00:00 0 \n
b7b42000-b7b43000 r-xp b7b42000 00:00 0 \n
b7b43000-b7b44000 ---p b7b43000 00:00 0 \n
b7b44000-b7b45000 r-xp b7b44000 00:00 0 \n
b7b45000-b7b46000 ---p b7b45000 00:00 0 \n", 102400) = 4092
         ^^^^^^^^
read(0, "b7b47000-b7b48000 ---p b7b47000 00:00 0 \n
         ^^^^^^^^
b7b48000-b7b49000 r-xp b7b48000 00:00 0 \n
b7b49000-b7b4a000 ---p b7b49000 00:00 0 \n
b7b4a000-b7b4b000 r-xp b7b4a000 00:00 0 \n
[...]

	J