I could identify the text, ds and bss segments in /proc/$PID/maps file (by guessing or with the help of access-specifiers of a particular segment). But heap and stack segments are given sequently. Is there a way to identify which segment belongs to stack and which belongs to heap?
我可以在/proc/$PID/maps文件中识别文本、ds和bss段(通过猜测或借助特定段的访问指定器)。但是堆和堆栈段是连续的。是否有一种方法可以识别哪个段属于堆栈,哪个属于堆?
----- How to identify the demarkation between heap and stack in this example ---------- 0a8a0000-0ab2e000 rw-p 0a8a0000 00:00 0 [heap]
< b648e000-b648f000 ---p b648e000 00:00 0
< b648f000-b6496000 rw-p b648f000 00:00 0
< b6496000-b6497000 ---p b6496000 00:00 0
< b6497000-b649e000 rw-p b6497000 00:00 0
< b649e000-b649f000 ---p b649e000 00:00 0
< b649f000-b64a6000 rw-p b649f000 00:00 0
< b64a6000-b64a7000 ---p b64a6000 00:00 0
< b64a7000-b64ae000 rw-p b64a7000 00:00 0
< b64ae000-b64af000 ---p b64ae000 00:00 0
< b64af000-b657a000 rw-p b64af000 00:00 0
< b657a000-b657b000 ---p b657a000 00:00 0
< b657b000-b65a5000 rw-p b657b000 00:00 0
< b65a5000-b65a6000 ---p b65a5000 00:00 0
< b65a6000-b67ca000 rw-p b65a6000 00:00 0
< b67ca000-b67cb000 ---p b67ca000 00:00 0
< b67cb000-b69ff000 rw-p b67cb000 00:00 0
< b69ff000-b6a00000 ---p b69ff000 00:00 0
< b6a00000-b6bff000 rw-p b6a00000 00:00 0
< b6bff000-b6c00000 ---p b6bff000 00:00 0
< b6c00000-b6dff000 rw-p b6c00000 00:00 0
< b6dff000-b6e00000 ---p b6dff000 00:00 0
< b6e00000-b6fff000 rw-p b6e00000 00:00 0
< b6fff000-b7000000 ---p b6fff000 00:00 0
< b7000000-b70fd000 rw-p b7000000 00:00 0
< b70fd000-b70fe000 ---p b70fd000 00:00 0
< b70fe000-b72fd000 rw-p b70fe000 00:00 0
< b72fd000-b72fe000 ---p b72fd000 00:00 0
< b72fe000-b7548000 rw-p b72fe000 00:00 0
< b7548000-b7549000 ---p b7548000 00:00 0
< b7549000-b7f37000 rw-p b7549000 00:00 0
< b7f4b000-b7f4c000 ---p b7f4b000 00:00 0
< b7f4c000-b7f51000 rw-p b7f4c000 00:00 0
< bfbae000-bfbc3000 rw-p bffea000 00:00 0 [stack]
- - - - - -如何识别堆和栈之间的分界在这个例子- - - - - - - - - - - 0 a8a0000-0ab2e000 rw-p a8a0000 00:00 0(堆)< b648e000-b648f000,- p b648e000 00:00 0 < b648f000-b6496000 rw-p b648f000 0 0 < b6496000-b6497000,- p b6496000 00:00 0 < b6497000-b649e000 rw-p b6497000 0 0 0 < < b649e000-b649f000 - - p b649e000 00:00 b649f000-b64a6000 rw-p b649f000 0 0 0 < < b64a6000-b64a7000 - - p b64a6000 00:00 b64a7000-b64ae000 rw-p b64a7000 0 0 < b64ae000-b64af000 - - pb64ae000 0 0 < b64af000-b657a000 rw-p b64af000 0 0 < b657a000-b657b000,- p b657a000 00:00 0 < b657b000-b65a5000 rw-p b657b000 0 0 0 < < b65a5000-b65a6000 - - p b65a5000 00:00 b65a6000-b67ca000 rw-p b65a6000 0 0 0 < < b67ca000-b67cb000 - - p b67ca000 00:00 b67cb000-b69ff000 rw-p b67cb000 0 0 0 < < b69ff000-b6a00000 - - p b69ff000 00:00 b6a00000-b6bff000 rw-p b6a00000 0 0 0 < < b6bff000-b6c00000 - - p b6bff000 00:00 b6c00000-b6dff000 rw-p b6c00000 0 0 < b6dff000-b6e00000——- p b6dff000 00:00 0 < b6e00000-b6fff000 rw-p b6e00000 0 0 < b6fff000-b7000000,- p b6fff000 00:00 0 < b7000000-b70fd000 rw-p b7000000 0 0 0 < < b70fd000-b70fe000 - - p b70fd000 00:00 b70fe000-b72fd000 rw-p b70fe000 0 0 < b72fd000-b72fe000,- p b72fd000 00:00 0 < b72fe000-b7548000 rw-p b72fe000 0 0 < b7548000-b7549000,- p b7548000 00:00 0 < b7549000-b7f37000 rw-p b7549000 0 0 < b7f4b000-b7f4c000,- p b7f4b000 00:00 0 < b7f4c000-b7f51000 rw-p b7f4c000 0 0
1 个解决方案
#1
4
The /proc/PID/maps file containing the currently mapped memory regions and their access permissions.
包含当前映射内存区域及其访问权限的/proc/PID/maps文件。
The format is:
格式是:
address perms offset dev inode pathname
08048000-08049000 r-xp 00000000 03:00 8312 /opt/test
08049000-0804a000 rw-p 00001000 03:00 8312 /opt/test
0804a000-0806b000 rw-p 00000000 00:00 0 [heap]
a7cb1000-a7cb2000 ---p 00000000 00:00 0
a7cb2000-a7eb2000 rw-p 00000000 00:00 0
a7eb2000-a7eb3000 ---p 00000000 00:00 0
a7eb3000-a7ed5000 rw-p 00000000 00:00 0 [stack:1001]
a7ed5000-a8008000 r-xp 00000000 03:00 4222 /lib/libc.so.6
a8008000-a800a000 r--p 00133000 03:00 4222 /lib/libc.so.6
a800a000-a800b000 rw-p 00135000 03:00 4222 /lib/libc.so.6
a800b000-a800e000 rw-p 00000000 00:00 0
a800e000-a8022000 r-xp 00000000 03:00 14462 /lib/libpthread.so.0
a8022000-a8023000 r--p 00013000 03:00 14462 /lib/libpthread.so.0
a8023000-a8024000 rw-p 00014000 03:00 14462 /lib/libpthread.so.0
a8024000-a8027000 rw-p 00000000 00:00 0
a8027000-a8043000 r-xp 00000000 03:00 8317 /lib/ld-linux.so.2
a8043000-a8044000 r--p 0001b000 03:00 8317 /lib/ld-linux.so.2
a8044000-a8045000 rw-p 0001c000 03:00 8317 /lib/ld-linux.so.2
aff35000-aff4a000 rw-p 00000000 00:00 0 [stack]
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
where "address" is the address space in the process that it occupies, "perms" is a set of permissions:
其中“地址”是它所占用的进程中的地址空间,“perms”是一组权限:
r = read
w = write
x = execute
s = shared
p = private (copy on write)
"offset" is the offset into the mapping, "dev" is the device (major:minor), and "inode" is the inode on that device. 0 indicates that no inode is associated with the memory region, as the case would be with BSS (uninitialized data). The "pathname" shows the name associated file for this mapping. If the mapping is not associated with a file:
“偏移”是映射的偏移量,“dev”是设备(major:minor),“inode”是该设备上的inode。表示没有inode与内存区域相关联,因为case将使用BSS(未初始化的数据)。“路径名”显示此映射的名称关联文件。如果映射与文件无关:
[heap] = the heap of the program
[stack] = the stack of the main process
[stack:1001] = the stack of the thread with tid 1001
[vdso] = the "virtual dynamic shared object",
the kernel system call handler
or if empty, the mapping is anonymous. (Source https://www.kernel.org/doc/Documentation/filesystems/proc.txt)
或者如果是空的,映射是匿名的。(https://www.kernel.org/doc/Documentation/filesystems/proc.txt)来源
#1
4
The /proc/PID/maps file containing the currently mapped memory regions and their access permissions.
包含当前映射内存区域及其访问权限的/proc/PID/maps文件。
The format is:
格式是:
address perms offset dev inode pathname
08048000-08049000 r-xp 00000000 03:00 8312 /opt/test
08049000-0804a000 rw-p 00001000 03:00 8312 /opt/test
0804a000-0806b000 rw-p 00000000 00:00 0 [heap]
a7cb1000-a7cb2000 ---p 00000000 00:00 0
a7cb2000-a7eb2000 rw-p 00000000 00:00 0
a7eb2000-a7eb3000 ---p 00000000 00:00 0
a7eb3000-a7ed5000 rw-p 00000000 00:00 0 [stack:1001]
a7ed5000-a8008000 r-xp 00000000 03:00 4222 /lib/libc.so.6
a8008000-a800a000 r--p 00133000 03:00 4222 /lib/libc.so.6
a800a000-a800b000 rw-p 00135000 03:00 4222 /lib/libc.so.6
a800b000-a800e000 rw-p 00000000 00:00 0
a800e000-a8022000 r-xp 00000000 03:00 14462 /lib/libpthread.so.0
a8022000-a8023000 r--p 00013000 03:00 14462 /lib/libpthread.so.0
a8023000-a8024000 rw-p 00014000 03:00 14462 /lib/libpthread.so.0
a8024000-a8027000 rw-p 00000000 00:00 0
a8027000-a8043000 r-xp 00000000 03:00 8317 /lib/ld-linux.so.2
a8043000-a8044000 r--p 0001b000 03:00 8317 /lib/ld-linux.so.2
a8044000-a8045000 rw-p 0001c000 03:00 8317 /lib/ld-linux.so.2
aff35000-aff4a000 rw-p 00000000 00:00 0 [stack]
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
where "address" is the address space in the process that it occupies, "perms" is a set of permissions:
其中“地址”是它所占用的进程中的地址空间,“perms”是一组权限:
r = read
w = write
x = execute
s = shared
p = private (copy on write)
"offset" is the offset into the mapping, "dev" is the device (major:minor), and "inode" is the inode on that device. 0 indicates that no inode is associated with the memory region, as the case would be with BSS (uninitialized data). The "pathname" shows the name associated file for this mapping. If the mapping is not associated with a file:
“偏移”是映射的偏移量,“dev”是设备(major:minor),“inode”是该设备上的inode。表示没有inode与内存区域相关联,因为case将使用BSS(未初始化的数据)。“路径名”显示此映射的名称关联文件。如果映射与文件无关:
[heap] = the heap of the program
[stack] = the stack of the main process
[stack:1001] = the stack of the thread with tid 1001
[vdso] = the "virtual dynamic shared object",
the kernel system call handler
or if empty, the mapping is anonymous. (Source https://www.kernel.org/doc/Documentation/filesystems/proc.txt)
或者如果是空的,映射是匿名的。(https://www.kernel.org/doc/Documentation/filesystems/proc.txt)来源