以下面的task_struct为例:
crash> *task_struct -ox ffff893e3846e000
struct task_struct {
[ffff893e3846e000] struct thread_info thread_info;
[ffff893e3846e010] volatile long state;
[ffff893e3846e018] void *stack;
[ffff893e3846e020] atomic_t usage;
[ffff893e3846e024] unsigned int flags;
[ffff893e3846e028] unsigned int ptrace;
[ffff893e3846e030] struct llist_node wake_entry;
[ffff893e3846e038] int on_cpu;
[ffff893e3846e03c] unsigned int cpu;
[ffff893e3846e040] unsigned int wakee_flips;
[ffff893e3846e048] unsigned long wakee_flip_decay_ts;
[ffff893e3846e050] struct task_struct *last_wakee;
[ffff893e3846e058] int recent_used_cpu;
[ffff893e3846e05c] int wake_cpu;
[ffff893e3846e060] int on_rq;
[ffff893e3846e064] int prio;
[ffff893e3846e068] int static_prio;
[ffff893e3846e06c] int normal_prio;
...
}
假如知道了on_rq成员的地址ffff893e3846e060,然后我想获取comm和mm的值.
有两种做法,第一种是获取on_rq在task_struct内部的偏移量,然后相减得到task_struct的首地址,然后就可以获取任何一个成员的值。
下面介绍第二种:
crash> *task_struct.comm,mm -l task_struct.on_rq 0xffff893e3846e060
comm = "sh\000entry.sh\000]\000\000",
mm = 0xffff893cb80fd000,