|PROCMAP(1)||General Commands Manual||PROCMAP(1)|
procmaputility lists the virtual memory mappings underlying the given process. The start address of each entry is always given and, depending on the options given, other information such as the end address, the underlying file's device and inode numbers, and various protection information will be displayed, along with the path to the file, if such data is available.
procmaprequires the ability to open /dev/kmem which may be restricted based upon the value of the kern.allowkmem sysctl(8). By default,
procmapdisplays information for its parent process, so that when run from a shell prompt, the shell's memory information is displayed. If other PIDs are given as arguments on the command line, information for those processes will be printed also. If the special PID of 0 is given, then information for the kernel's memory map is printed. The options are as follows:
-voption, the device number, inode number, name, vnode addresses, or other identifying information from the vm_map_entry fields will be printed.
-voption, identifiers for all entries are printed.
-voption is also given, device number, inode number, and filename or other identifying information is printed.
procmapto print information about itself.
procmapto print information about the given process. If
-ppid occurs last on the command line, the
-m, more information is printed, possibly including device and inode numbers, file path names, or other identifying information. If specified more than once, a ‘*’ will be printed in between two entries that are not adjacent, making the visual identification of spaces in the process's map easier to see.
-poptions override each other, so the last one to appear on the command line takes effect. If you do wish to see information about
procmapand another process as the same time, simply omit the
-pand place the extra PID at the end of the command line.
procmaputility exits 0 on success, and >0 if an error occurs.
procmapbeing run at a sh(1) prompt shows the starting address of the map entry, the size of the map entry, the current protection level of the map entry, and either the name of the file backing the entry or some other descriptive text.
$ procmap 08048000 420K read/exec /bin/sh 080B1000 8K read/write /bin/sh 080B3000 28K read/write [ anon ] 080BA000 16K read/write/exec [ heap ] ...
$ procmap -d MAP 0xcf7cac84: [0x0->0xbfbfe000] #ent=8, sz=34041856, ref=1, version=20, flags=0x21 pmap=0xcf44cee0(resident=<unknown>) - 0xcfa3a358: 0x8048000->0x80b1000: obj=0xcf45a8e8/0x0, amap=0x0/0 submap=F, cow=T, nc=T, prot(max)=5/7, inh=1, wc=0, adv=0 ...
VM_MAP_PAGEABLE 0x01 ro: entries are pageable VM_MAP_INTRSAFE 0x02 ro: interrupt safe map VM_MAP_WIREFUTURE 0x04 rw: wire future mappings VM_MAP_BUSY 0x08 rw: map is busy VM_MAP_WANTLOCK 0x10 rw: want to write-lock
PROT_READ 0x01 read allowed PROT_WRITE 0x02 write allowed PROT_EXEC 0x04 execute allowed
$ procmap -m 0x8048000 0x80b1000 r-x rwx COW NC 1 0 0 0x80b1000 0x80b3000 rw- rwx COW NC 1 0 0 0x80b3000 0x80ba000 rw- rwx COW NNC 1 0 0 0x80ba000 0x80be000 rwx rwx COW NNC 1 0 0 ... $ procmap -l 08048000-080b1000 r-xp 00000000 00:00 70173 /bin/sh 080b1000-080b3000 rw-p 00068000 00:00 70173 /bin/sh 080b3000-080ba000 rw-p 00000000 00:00 0 080ba000-080be000 rwxp 00000000 00:00 0 ...
$ procmap -a Start End Size Offset rwxpc RWX I/W/A ... 08048000-080b0fff 420k 00000000 r-xp+ (rwx) 1/0/0 ... ...
procmaputility first appeared in OpenBSD 3.5. It was derived from the NetBSD utility known as “pmap”.
procmaputility and documentation was written by Andrew Brown <firstname.lastname@example.org>.
procmapis reading from the correct kernel in order to retrieve the proper symbol information. Since processes can change state while
procmapis running, some of the information printed may be inaccurate. This is especially important to consider when examining the kernel's map, since merely executing
procmapwill cause some of the information to change. The pathnames to files backing certain vnodes (such as the text and data sections of programs and shared libraries) are extracted from the kernel's namei cache which is considerably volatile. If a path is not found there in its entirety, as much information as was available will be printed. In most cases, simply running ls(1) with the expected path to the file will cause the information to be reentered into the cache. The Solaris version (“pmap”) has some interesting command line flags that would be nice to emulate here. In particular, the
-roption that lists a process's reserved addresses, and the
-xoption that prints resident/shared/private mapping details for each entry. Some of the output modes can be or are wider than the standard 80 columns of a terminal. Some sort of formatting might be nice.
|September 25, 2016||OpenBSD-6.1|