Understanding Linux /proc/pid/maps or /proc/self/maps
I am trying to understand my embedded Linux application's memory use. The /proc/pid/maps
utility/file seems to be a good resource for seeing the details. Unfortunately I don't understand all the columns and entries.
What does the anonymous inode 0 entries mean? These seem to be some of the larger memory segments.
Each row in /proc/$PID/maps
describes a region of contiguous virtual memory in a process or thread. Each row has the following fields:
address perms offset dev inode pathname
08048000-08056000 r-xp 00000000 03:0c 64593 /usr/sbin/gpm
- address - This is the starting and ending address of the region in the process's address space
-
permissions - This describes how pages in the region can be accessed. There are four different permissions: read, write, execute, and shared. If read/write/execute are disabled, a
-
will appear instead of ther
/w
/x
. If a region is not shared, it is private, so ap
will appear instead of ans
. If the process attempts to access memory in a way that is not permitted, a segmentation fault is generated. Permissions can be changed using themprotect
system call. -
offset - If the region was mapped from a file (using
mmap
), this is the offset in the file where the mapping begins. If the memory was not mapped from a file, it's just 0. - device - If the region was mapped from a file, this is the major and minor device number (in hex) where the file lives.
- inode - If the region was mapped from a file, this is the file number.
-
pathname - If the region was mapped from a file, this is the name of the file. This field is blank for anonymous mapped regions. There are also special regions with names like
[heap]
,[stack]
, or[vdso]
.[vdso]
stands for virtual dynamic shared object. It's used by system calls to switch to kernel mode. Here's a good article about it: "What is linux-gate.so.1?"
You might notice a lot of anonymous regions. These are usually created by mmap
but are not attached to any file. They are used for a lot of miscellaneous things like shared memory or buffers not allocated on the heap. For instance, I think the pthread library uses anonymous mapped regions as stacks for new threads.
Please check: http://man7.org/linux/man-pages/man5/proc.5.html
address perms offset dev inode pathname
00400000-00452000 r-xp 00000000 08:02 173521 /usr/bin/dbus-daemon
The address field is the address space in the process that the mapping occupies.
The perms field is a set of permissions:
r = read
w = write
x = execute
s = shared
p = private (copy on write)
The offset field is the offset into the file/whatever;
dev is the device (major:minor);
inode is the inode on that device.0 indicates that no inode is associated with the memoryregion, as would be the case with BSS (uninitialized data).
The pathname field will usually be the file that is backing the mapping. For ELF files, you can easily coordinate with the offset field by looking at the Offset field in the ELF program headers (readelf -l).
Under Linux 2.0, there is no field giving pathname.