Understanding Linux /proc/pid/maps or /proc/self/maps

by

Each row in /proc/$PID/maps describes a region of contiguous virtual memory in a process or thread. Each row has the following fields:

address           perms offset  dev   inode   pathname
08048000-08056000 r-xp 00000000 03:0c 64593   /usr/sbin/gpm
  • address – This is the starting and ending address of the region in the process’s address space
  • permissions – This describes how pages in the region can be accessed. There are four different permissions: read, write, execute, and shared. If read/write/execute are disabled, a - will appear instead of the r/w/x. If a region is not shared, it is private, so a p will appear instead of an s. If the process attempts to access memory in a way that is not permitted, a segmentation fault is generated. Permissions can be changed using the mprotect system call.
  • offset – If the region was mapped from a file (using mmap), this is the offset in the file where the mapping begins. If the memory was not mapped from a file, it’s just 0.
  • device – If the region was mapped from a file, this is the major and minor device number (in hex) where the file lives.
  • inode – If the region was mapped from a file, this is the file number.
  • pathname – If the region was mapped from a file, this is the name of the file. This field is blank for anonymous mapped regions. There are also special regions with names like [heap], [stack], or [vdso]. [vdso] stands for virtual dynamic shared object. It’s used by system calls to switch to kernel mode. Here’s a good article about it: “What is linux-gate.so.1?”

You might notice a lot of anonymous regions. These are usually created by mmap but are not attached to any file. They are used for a lot of miscellaneous things like shared memory or buffers not allocated on the heap. For instance, I think the pthread library uses anonymous mapped regions as stacks for new threads.

More Related Contents:

  1. Direct Memory Access in Linux
  2. Why do we need a bootloader in an embedded device?
  3. How to keep environment variables when using sudo
  4. How do I send a file as an email attachment using Linux command line?
  5. ld cannot find an existing library
  6. Forcing bash to expand variables in a string loaded from a file
  7. Script parameters in Bash
  8. How can I run a Perl script as a system daemon in linux?
  9. My shell script stops after exec
  10. Using the “alternate screen” in a bash script
  11. Linux flock, how to “just” lock a file?
  12. How to find all serial devices (ttyS, ttyUSB, ..) on Linux without opening them?
  13. Run several jobs parallelly and Efficiently
  14. How to print a character in Linux x86 NASM?
  15. Pipe output to bash function
  16. List files recursively in Linux CLI with path relative to the current directory
  17. rdtsc accuracy across CPU cores
  18. Prevent Gnome Terminal From Exiting After Execution [duplicate]
  19. How do I SET the GOPATH environment variable on Ubuntu? What file must I edit?
  20. Monitor Directory for Changes
  21. Trying to understand gcc’s complicated stack-alignment at the top of main that copies the return address
  22. How to kill zombie process
  23. How can I trim white space from a variable in awk?
  24. ARM inline asm: exit system call with value read from memory
  25. Remove a symlink to a directory
  26. Linux vi arrow keys broken in insert mode
  27. Pytorch says that CUDA is not available (on Ubuntu)
  28. Check for IP validity
  29. Emulate ZPL printer
  30. How pthread_mutex_lock is implemented

Leave a Comment