分析 Glibc 堆内存

huangapple go评论79阅读模式
英文:

Analyze Glibc heap memory

问题

我研究一个使用GLIBC 2.25的嵌入式设备。

当我查看/proc/PID/maps时,在堆部分下面我看到一些匿名的部分,我理解这些部分是在进程使用new时创建的。

我使用dd来转储这些部分,有一个我想要理解的有趣值,那就是这个缓冲区是已分配还是空闲的,以及这个缓冲区的大小是多少。

请问我应该如何做到这一点?

英文:

I research an embedded device that use GLIBC 2.25.

When I look at /proc/PID/maps I see under the heap section some anonymous sections ,I understand that sections create when the process use new

I dump those sections with dd and there is there interesting value that I want to understand is that buffer allocated or free, and what is the size of this buffer.

How can I do that please?

答案1

得分: 1

你可以使用gdb(GNU Debugger)工具来检查运行中进程的内存。你可以通过其PID附加到进程,并使用x命令检查特定地址的内存。你还可以使用info proc mapping命令查看进程的内存映射,包括堆的大小。此外,你可以使用heap命令列出堆块,并使用malloc_info命令显示有关堆块的详细信息。

你还可以使用malloc_stats函数来显示有关堆使用情况的信息,如分配的字节数、空闲的字节数和正在使用的字节数。

你还可以使用pmap命令来显示进程的内存映射,包括堆的大小。此命令在某些系统上可用,但在其他系统上可能不存在。

值得注意的是,/proc/PID/maps文件也可以让你了解进程的堆部分。请记住,你需要具有访问要检查的进程的适当权限。

英文:

You can use the gdb (GNU Debugger) tool to inspect the memory of a running process. You can attach to the process using its PID and use the x command to examine memory at a specific address. You can also use the info proc mapping command to view the memory maps of the process, including the size of the heap. Additionally, you can use the heap command to list heap blocks and the malloc_info command to show detailed information about heap blocks.

You can also use the malloc_stats function to display information about the heap usage such as the number of bytes allocated, the number of bytes free and the number of bytes in use.

You can also use the pmap command to display the memory map of a process, including the heap size. This command is available on some systems and may not be present on others.

It's also worth noting that the /proc/PID/maps file can also give you an idea about the heap section of a process.

Please keep in mind that you need to have the right permission to access the process you want to inspect.

答案2

得分: 0

  1. 如果你怀疑存在内存泄漏或无效读/写操作,可以尝试使用类似valgrind的工具。
  2. 不要只看dd命令的输出,而是附加到运行中的进程并检查进程内存,这可以帮助你理解内存使用的上下文。
  3. 使用日志记录分配/释放/读取/写入的地址。这可以帮助你更好地了解内存使用情况。

根据你的任务复杂性,你可能需要使用上述所有选项。

英文:

Instead of analyzing the memory from proc, you may want to try following options, limited to your env.

  1. use tools like valgrind if you suspect any kind of leaks or invalid read/writes.
  2. rather than looking at output of dd, attach to running process and inspect memory within process, gives you context to make sense of memory usage.
  3. use logging to dump addresses of allocation/free/read/write. This allows you to build better understanding of memory usage.

You may have to use all of the above options depending upon the complexity of your task.

huangapple
  • 本文由 发表于 2023年1月9日 06:46:05
  • 转载请务必保留本文链接:https://go.coder-hub.com/75051828.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定