我可以识别 /proc/$PID/maps 文件中的 text、ds 和 bss 段(通过猜测或在特定段的访问说明符的帮助下)。但是堆和堆栈段是依次给出的。有没有办法确定哪个段属于堆栈,哪个属于堆?
----- 本例中如何识别堆和栈的分界 ---------- 0a8a0000-0ab2e000 rw-p 0a8a0000 00:00 0 [heap]
< b648e000-b648f000 ---p b648e000 00:00 0
<b648f000-b6496000 RW-p 00:00 b648f000 0
<b6496000-b6497000 --- p b6496000 00:00 0
<b6497000-b649e000 RW-p 00:00 b6497000 0
<b649e000-b649f000 --- p b649e000 00:00 0
< b649f000-b64a6000 rw-p b649f000 00:00 0
< b64a6000-b64a7000 ---p b64a6000 00:00 0
< b64a7000-00600000000-
p60000000000000000000000000004 00:00 0
< b64af000-b657a000 rw-p b64af000 00:00 0
< b657a000-b657b000 ---p b657a000 00:00 0
< b657b000-b065a0p-065000-b065a000
< b65a5000-b65a6000 ---p b65a5000 00:00 0
< b65a6000-b67ca000 rw-p b65a6000 00:00 0
< b67ca000-b67cb000-b67cb000-b67cb000 ---p 0060c 07b 0000 c ---0600c
07b 007 07b 007 07 00c 07 0707
< b69ff000-b6a00000 ---p b69ff000 00:00 0
< b6a00000-b6bff000 rw-p b6a00000 00:00 0
< b6bff000- b6c00000-b6c00000- b600000-b6c00000 ---p 000000c
b00000000000000000000000000000000000000000000000000c000000000000c0000000000000000c00000000000000000c00000000c
< b6dff000-b6e00000 ---p b6dff000 00:00 0
< b6e00000-b6fff000 rw-p b6e00000 00:00 0
< b6fff000-b7000000-b6fff000-b7000000 ---p
000000d-000000d-0000000-p 000000d-0000000d-0000000d-0000000d-000000d-070000
< b70fd000-b70fe000 ---p b70fd000 00:00 0
< b70fe000-b72fd000 rw-p b70fe000 00:00 0
< b72fd000-b72fe000 ---p b700d
<b72fe000-b7548000 RW-P 00:00 b72fe000 0
<b7548000-b7549000 --- p b7548000 00:00 0
<b7549000-b7f37000 RW-P 00:00 b7549000 0
<b7f4b000-b7f4c000 --- p b7f4b000 00:00 0
< b7f4c000-b7f51000 rw-p b7f4c000 00:00 0
< bfbae000-bfbc3000 rw-p bffea000 00:00 0 [堆栈]
/proc/PID/maps 文件包含当前映射的内存区域及其访问权限。
格式为:
address perms offset dev inode pathname
08048000-08049000 r-xp 00000000 03:00 8312 /opt/test
08049000-0804a000 rw-p 00001000 03:00 8312 /opt/test
0804a000-0806b000 rw-p 00000000 00:00 0 [heap]
a7cb1000-a7cb2000 ---p 00000000 00:00 0
a7cb2000-a7eb2000 rw-p 00000000 00:00 0
a7eb2000-a7eb3000 ---p 00000000 00:00 0
a7eb3000-a7ed5000 rw-p 00000000 00:00 0 [stack:1001]
a7ed5000-a8008000 r-xp 00000000 03:00 4222 /lib/libc.so.6
a8008000-a800a000 r--p 00133000 03:00 4222 /lib/libc.so.6
a800a000-a800b000 rw-p 00135000 03:00 4222 /lib/libc.so.6
a800b000-a800e000 rw-p 00000000 00:00 0
a800e000-a8022000 r-xp 00000000 03:00 14462 /lib/libpthread.so.0
a8022000-a8023000 r--p 00013000 03:00 14462 /lib/libpthread.so.0
a8023000-a8024000 rw-p 00014000 03:00 14462 /lib/libpthread.so.0
a8024000-a8027000 rw-p 00000000 00:00 0
a8027000-a8043000 r-xp 00000000 03:00 8317 /lib/ld-linux.so.2
a8043000-a8044000 r--p 0001b000 03:00 8317 /lib/ld-linux.so.2
a8044000-a8045000 rw-p 0001c000 03:00 8317 /lib/ld-linux.so.2
aff35000-aff4a000 rw-p 00000000 00:00 0 [stack]
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
其中“address”是它占用的进程中的地址空间,“perms”是一组权限:
r = read
w = write
x = execute
s = shared
p = private (copy on write)
“offset”是映射的偏移量,“dev”是设备(主要:次要),“inode”是该设备上的inode。0 表示没有 inode 与内存区域相关联,就像 BSS(未初始化数据)的情况一样。“路径名”显示此映射的名称关联文件。如果映射未与文件关联:
[heap] = the heap of the program
[stack] = the stack of the main process
[stack:1001] = the stack of the thread with tid 1001
[vdso] = the "virtual dynamic shared object",
the kernel system call handler
或者如果为空,则映射是匿名的。(来源https://www.kernel.org/doc/Documentation/filesystems/proc.txt)
| 归档时间: |
|
| 查看次数: |
10442 次 |
| 最近记录: |