526互联

crash —— 查看进程的mm_struct内容

发布时间 2023-09-24 18:50:17作者: 摩斯电码

方法1

  • 使用ps获取进程的task_struct地址,然后得到mm_struct地址
crash> ps | grep bash
   6666  96253   8  ffff88a07fd42000  IN   0.0   24268   3048  bash
   8288  59636  14  ffff88fdc4678000  IN   0.0   27500   1972  bash
   8581   8580  25  ffff88dda33a0000  IN   0.0   15788   2556  bash
   8597   8596  80  ffff88a08261a000  IN   0.0   15788   2552  bash
   8719   8718  77  ffff888e01d0e000  IN   0.0   17324   3096  bash
   8720   8717  77  ffff88abe8e8c000  IN   0.0   17324   3088  bash
  28340  28274  66  ffff8901a758a000  IN   0.0   26072   3880  bash
  59636  59629  40  ffff88c8d3548000  IN   0.0   27500   3364  bash
crash> task -R mm ffff88a07fd42000
PID: 6666   TASK: ffff88a07fd42000  CPU: 8   COMMAND: "bash"
  mm = 0xffff888b9dbad000,

crash> *mm_struct -x 0xffff888b9dbad000
struct mm_struct {
  {
    mmap = 0xffff893a29b79878,
    mm_rb = {
      rb_node = 0xffff88b7aa6cf240
    },
    vmacache_seqnum = 0x14,
    get_unmapped_area = 0xffffffff8102ac20 <arch_get_unmapped_area_topdown>,
    mmap_base = 0x7f1960ff9000,
    mmap_legacy_base = 0x2b8d491b2000,
    mmap_compat_base = 0xf7fd7000,
    mmap_compat_legacy_base = 0x5557c000,
    task_size = 0x7ffffffff000,
    highest_vm_end = 0x7ffd09bf3000,
    pgd = 0xffff88b733fb6000,
    mm_users = {
      counter = 0x1
    },
    mm_count = {
      counter = 0x1
    },
    pgtables_bytes = {
      counter = 0x17000
    },
    map_count = 0x3a,
...
  • 获取指定进程的mm_struct的值
crash> task -R mm 2085
PID: 2085   TASK: ffff88dcca1fa000  CPU: 61  COMMAND: "supervisor"
  mm = 0xffff88dea7232000,

crash> *mm_struct -x 0xffff88dea7232000
struct mm_struct {
  {
    mmap = 0xffff88dcc9122658,
    mm_rb = {
      rb_node = 0xffff88dcc9123240
    },
    vmacache_seqnum = 0x1,
    get_unmapped_area = 0xffffffff8102ac20 <arch_get_unmapped_area_topdown>,
    mmap_base = 0x7fa1cff0b000,
    mmap_legacy_base = 0x2b04da2a0000,
    mmap_compat_base = 0xf7f72000,
    mmap_compat_legacy_base = 0x555e1000,
    task_size = 0x7ffffffff000,
    highest_vm_end = 0x7ffe1cb05000,
    pgd = 0xffff88ddab4aa000,
...

方法2

直接使用vm命令,这个更加方便。

crash> vm -m 2085
PID: 2085   TASK: ffff88dcca1fa000  CPU: 61  COMMAND: "supervisor"
struct mm_struct {
  {
    mmap = 0xffff88dcc9122658,
    mm_rb = {
      rb_node = 0xffff88dcc9123240
    },
    vmacache_seqnum = 1,
    get_unmapped_area = 0xffffffff8102ac20 <arch_get_unmapped_area_topdown>,
    mmap_base = 140332955119616,
    mmap_legacy_base = 47299840049152,
    mmap_compat_base = 4160167936,
    mmap_compat_legacy_base = 1432227840,
    task_size = 140737488351232,
    highest_vm_end = 140729379737600,
    pgd = 0xffff88ddab4aa000,
    mm_users = {
      counter = 1
    },
    mm_count = {
      counter = 1
    },
    pgtables_bytes = {
      counter = 77824
    },
    map_count = 43,