| blob | 7510711a329d437f8512fad348a0be6453f5ff51 |
1 /* Iteration over virtual memory areas.
2 Copyright (C) 2011-2025 Free Software Foundation, Inc.
3 Written by Bruno Haible <bruno@clisp.org>, 2011-2017.
5 This file is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 2 of the License,
8 or (at your option) any later version.
10 This file is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <https://www.gnu.org/licenses/>. */
18 #include <config.h>
20 /* On Solaris in 32-bit mode, when gnulib module 'largefile' is in use,
21 prevent a compilation error
22 "Cannot use procfs in the large file compilation environment"
23 while also preventing <sys/types.h> from not defining off_t.
24 On Android, when targeting Android 4.4 or older with a GCC toolchain,
25 prevent a compilation error
26 "error: call to 'mmap' declared with attribute error: mmap is not
27 available with _FILE_OFFSET_BITS=64 when using GCC until android-21.
28 Either raise your minSdkVersion, disable _FILE_OFFSET_BITS=64, or
29 switch to Clang."
30 The files that we access in this compilation unit are less than 2 GB
31 large. */
32 #if defined __sun && !defined _LP64 && _FILE_OFFSET_BITS == 64
33 # undef _FILE_OFFSET_BITS
34 # define _FILE_OFFSET_BITS 32
35 #endif
36 #ifdef __ANDROID__
37 # undef _FILE_OFFSET_BITS
38 #endif
40 /* Specification. */
48 #if defined __linux__ || defined __ANDROID__
50 #endif
52 #if defined __linux__ || defined __ANDROID__ || defined __FreeBSD_kernel__ || defined __FreeBSD__ || defined __DragonFly__ || defined __NetBSD__ || defined __minix /* || defined __CYGWIN__ */
53 # include <sys/types.h>
55 #endif
56 #if defined __minix
58 #endif
61 # include <sys/types.h>
66 #endif
68 # include <sys/types.h>
71 #endif
75 # include <sys/types.h>
78 #endif
82 # include <sys/types.h>
85 #endif
89 # include <sys/types.h>
91 /* Try to use the newer ("structured") /proc filesystem API, if supported. */
92 # define _STRUCTURED_PROC 1
94 #endif
98 #endif
101 # include <mach/mach.h>
102 #endif
105 # include <mach/mach.h>
106 #endif
109 # include <windows.h>
110 #endif
113 # include <OS.h>
114 #endif
117 # include <sys/types.h>
119 #endif
122 /* Support for reading text files in the /proc file system. */
124 #if defined __linux__ || defined __ANDROID__ || defined __FreeBSD_kernel__ || defined __FreeBSD__ || defined __DragonFly__ || defined __NetBSD__ || defined __minix /* || defined __CYGWIN__ */
126 /* Buffered read-only streams.
127 We cannot use <stdio.h> here, because fopen() calls malloc(), and a malloc()
128 call may call mmap() and thus pre-allocate available memory.
129 Also, we cannot use multiple read() calls, because if the buffer size is
130 smaller than the file's contents:
131 - On NetBSD, the second read() call would return 0, thus making the file
132 appear truncated.
133 - On DragonFly BSD, the first read() call would fail with errno = EFBIG.
134 - On all platforms, if some other thread is doing memory allocations or
135 deallocations between two read() calls, there is a high risk that the
136 result of these two read() calls don't fit together, and as a
137 consequence we will parse garbage and either omit some VMAs or return
138 VMAs with nonsensical addresses.
139 So use mmap(), and ignore the resulting VMA. */
141 # if defined __linux__ || defined __ANDROID__
142 /* On Linux, if the file does not entirely fit into the buffer, the read()
143 function stops before the line that would come out truncated. The
144 maximum size of such a line is 73 + PATH_MAX bytes. To be sure that we
145 have read everything, we must verify that at least that many bytes are
146 left when read() returned. */
147 # define MIN_LEFTOVER (73 + PATH_MAX)
148 # else
149 # define MIN_LEFTOVER 1
150 # endif
152 # ifdef TEST
153 /* During testing, we want to run into the hairy cases. */
154 # define STACK_ALLOCATED_BUFFER_SIZE 32
155 # else
156 # if MIN_LEFTOVER < 1024
157 # define STACK_ALLOCATED_BUFFER_SIZE 1024
158 # else
159 /* There is no point in using a stack-allocated buffer if it is too small anyway. */
160 # define STACK_ALLOCATED_BUFFER_SIZE 1
161 # endif
162 # endif
164 struct rofile
165 {
169 /* These fields deal with allocation of the buffer. */
176 };
178 /* Open a read-only file stream. */
179 static int
181 {
191 /* Try the static buffer first. */
199 {
200 /* Attempt to read the contents in a single system call. */
202 {
206 # if defined __DragonFly__
208 # endif
209 {
211 /* Empty file. */
214 {
215 /* The buffer was sufficiently large. */
217 # if defined __linux__ || defined __ANDROID__
218 /* On Linux, the read() call may stop even if the buffer was
219 large enough. We need the equivalent of full_read(). */
221 {
226 /* Some error. */
229 /* Allocate a larger buffer. */
232 {
233 /* Reached the end of file. */
236 }
238 }
239 # else
242 # endif
243 }
244 }
245 }
246 /* Allocate a larger buffer. */
248 {
253 }
254 else
255 {
258 /* Wraparound. */
262 }
266 {
269 }
274 retry:
275 /* Restart. */
277 {
282 }
283 }
284 fail1:
286 fail2:
290 }
292 /* Return the next byte from a read-only file stream without consuming it,
293 or -1 at EOF. */
294 static int
296 {
298 {
301 }
303 }
305 /* Return the next byte from a read-only file stream, or -1 at EOF. */
306 static int
308 {
313 }
315 /* Parse an unsigned hexadecimal number from a read-only file stream. */
316 static int
318 {
322 {
330 else
333 numdigits++;
334 }
339 }
341 /* Close a read-only file stream. */
342 static void
344 {
347 }
349 #endif
352 /* Support for reading the info from a text file in the /proc file system. */
354 #if defined __linux__ || defined __ANDROID__ || (defined __FreeBSD_kernel__ && !defined __FreeBSD__) /* || defined __CYGWIN__ */
355 /* GNU/kFreeBSD mounts /proc as linprocfs, which looks like a Linux /proc
356 file system. */
358 static int
360 {
363 /* Open the current process' maps file. It describes one VMA per line. */
365 {
370 {
375 /* Parse one line. First start and end. */
380 /* Then the flags. */
381 do
394 ;
397 {
398 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
399 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
406 }
407 else
408 {
411 }
412 }
415 }
418 }
420 #elif defined __FreeBSD__ || defined __DragonFly__ || defined __NetBSD__
422 static int
424 {
427 /* Open the current process' maps file. It describes one VMA per line. */
429 {
434 {
439 /* Parse one line. First start. */
446 /* Then end. */
451 # if defined __FreeBSD__ || defined __DragonFly__
452 /* Then the resident pages count. */
453 do
456 do
459 /* Then the private resident pages count. */
460 do
463 do
466 /* Then some kernel address. */
467 do
470 do
473 # endif
474 /* Then the flags. */
475 do
488 ;
491 {
492 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
493 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
500 }
501 else
502 {
505 }
506 }
509 }
512 }
514 #elif defined __minix
516 static int
518 {
523 /* Construct fname = sprintf (fnamebuf+i, "/proc/%u/map", getpid ()). */
526 {
528 do
531 }
535 /* Open the current process' maps file. It describes one VMA per line. */
537 {
542 {
547 /* Parse one line. First start and end. */
552 /* Then the flags. */
553 do
566 ;
569 {
570 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
571 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
578 }
579 else
580 {
583 }
584 }
587 }
590 }
592 #else
596 {
598 }
600 #endif
603 /* Support for reading the info from the BSD sysctl() system call. */
605 #if (defined __FreeBSD__ || defined __FreeBSD_kernel__) && defined KERN_PROC_VMMAP /* FreeBSD >= 7.1 */
607 static int
609 {
610 /* Documentation: https://www.freebsd.org/cgi/man.cgi?sysctl(3) */
625 /* Allow for small variations over time. In a multithreaded program
626 new VMAs can be allocated at any moment. */
628 /* Allocate memneed bytes of memory.
629 We cannot use alloca here, because not much stack space is guaranteed.
630 We also cannot use malloc here, because a malloc() call may call mmap()
631 and thus pre-allocate available memory.
632 So use mmap(), and ignore the resulting VMA. */
644 {
647 }
651 {
663 {
664 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
665 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
672 }
673 else
674 {
677 }
679 }
682 }
686 static int
688 {
689 /* Documentation: https://man.netbsd.org/man/sysctl+7 */
691 /* If we wanted to have the path of each entry, we would need
692 sizeof (struct kinfo_vmentry). But we need only the non-string
693 parts of each entry. */
709 /* Allow for small variations over time. In a multithreaded program
710 new VMAs can be allocated at any moment. */
712 /* But the system call rejects lengths > 1 MB. */
715 /* And the system call causes a kernel panic if the length is not a multiple
716 of entry_size. */
718 /* Allocate memneed bytes of memory.
719 We cannot use alloca here, because not much stack space is guaranteed.
720 We also cannot use malloc here, because a malloc() call may call mmap()
721 and thus pre-allocate available memory.
722 So use mmap(), and ignore the resulting VMA. */
735 {
736 /* sysctl failed, or the list of VMAs is possibly truncated. */
739 }
743 {
755 {
756 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
757 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
764 }
765 else
766 {
769 }
771 }
774 }
778 static int
780 {
781 /* Documentation: https://man.openbsd.org/sysctl.2 */
796 /* Allow for small variations over time. In a multithreaded program
797 new VMAs can be allocated at any moment. */
799 /* But the system call rejects lengths > 64 KB. */
802 /* And the system call rejects lengths that are not a multiple of
803 sizeof (struct kinfo_vmentry). */
805 /* Allocate memneed bytes of memory.
806 We cannot use alloca here, because not much stack space is guaranteed.
807 We also cannot use malloc here, because a malloc() call may call mmap()
808 and thus pre-allocate available memory.
809 So use mmap(), and ignore the resulting VMA. */
822 {
823 /* sysctl failed, or the list of VMAs is possibly truncated. */
826 }
830 {
842 {
843 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
844 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
851 }
852 else
853 {
857 }
859 }
862 }
864 #else
868 {
870 }
872 #endif
875 int
877 {
878 #if defined __linux__ || defined __ANDROID__ || defined __FreeBSD_kernel__ || defined __FreeBSD__ || defined __DragonFly__ || defined __NetBSD__ || defined __minix /* || defined __CYGWIN__ */
880 # if defined __FreeBSD__
881 /* On FreeBSD with procfs (but not GNU/kFreeBSD, which uses linprocfs), the
882 function vma_iterate_proc does not return the virtual memory areas that
883 were created by anonymous mmap. See
884 <https://svnweb.freebsd.org/base/head/sys/fs/procfs/procfs_map.c?view=markup>
885 So use vma_iterate_proc only as a fallback. */
891 # else
892 /* On the other platforms, try the /proc approach first, and the sysctl()
893 as a fallback. */
899 # endif
903 /* On AIX, there is a /proc/$pic/map file, that contains records of type
904 prmap_t, defined in <sys/procfs.h>. In older versions of AIX, it lists
905 only the virtual memory areas that are connected to a file, not the
906 anonymous ones. But at least since AIX 7.1, it is well usable. */
916 /* Construct fname = sprintf (fnamebuf+i, "/proc/%u/map", getpid ()). */
919 {
921 do
924 }
932 /* The contents of /proc/<pid>/map contains a number of prmap_t entries,
933 then an entirely null prmap_t entry, then a heap of NUL terminated
934 strings.
935 Documentation: https://www.ibm.com/docs/en/aix/7.1?topic=files-proc-file
936 We read the entire contents, but look only at the prmap_t entries and
937 ignore the tail part. */
940 {
941 /* Allocate memneed bytes of memory.
942 We cannot use alloca here, because not much stack space is guaranteed.
943 We also cannot use malloc here, because a malloc() call may call mmap()
944 and thus pre-allocate available memory.
945 So use mmap(), and ignore the resulting VMA if it occurs among the
946 resulting VMAs. (Normally it doesn't, because it was allocated after
947 the open() call.) */
951 ssize_t nbytes;
956 {
959 }
963 /* Read the contents of /proc/<pid>/map in a single system call.
964 This guarantees a consistent result (no duplicated or omitted
965 entries). */
966 retry:
967 do
971 {
975 }
977 {
978 /* Need more memory. */
981 {
984 }
985 }
986 else
987 {
989 {
990 /* Oops, we had a short read. Retry. */
992 {
996 }
998 }
1000 /* We now have the entire contents of /proc/<pid>/map in memory. */
1003 /* The entries are not sorted by address. Therefore
1004 1. Extract the relevant information into an array.
1005 2. Sort the array in ascending order.
1006 3. Invoke the callback. */
1008 {
1012 }
1013 vma_t;
1014 /* Since 2 * sizeof (vma_t) <= sizeof (prmap_t), we can reuse the
1015 same memory. */
1019 {
1022 {
1029 /* Discard empty VMAs and kernel VMAs. */
1031 {
1042 {
1043 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
1044 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
1046 {
1050 vp++;
1051 }
1053 {
1057 vp++;
1058 }
1059 }
1060 else
1061 {
1065 vp++;
1066 }
1067 }
1068 mp++;
1069 }
1070 }
1073 /* Sort the array in ascending order.
1074 Better not call qsort(), since it may call malloc().
1075 Insertion-sort is OK in this case, despite its worst-case running
1076 time of O(N²), since the number of VMAs will rarely be larger than
1077 1000. */
1078 {
1081 {
1082 /* Invariant: Here vmas[0..i-1] is sorted. */
1085 {
1089 }
1090 /* Invariant: Here vmas[0..i] is sorted. */
1091 }
1092 }
1094 /* Invoke the callback. */
1095 {
1098 {
1102 }
1103 }
1107 }
1108 }
1121 # if HAVE_MAP_ANONYMOUS
1122 # define zero_fd -1
1123 # define map_flags MAP_ANONYMOUS
1124 # else
1126 # define map_flags 0
1127 # endif
1136 /* Construct fname = sprintf (fnamebuf+i, "/proc/%u", getpid ()). */
1139 {
1141 do
1144 }
1156 /* Allocate memneed bytes of memory.
1157 We cannot use alloca here, because not much stack space is guaranteed.
1158 We also cannot use malloc here, because a malloc() call may call mmap()
1159 and thus pre-allocate available memory.
1160 So use mmap(), and ignore the resulting VMA. */
1162 # if !HAVE_MAP_ANONYMOUS
1166 # endif
1169 # if !HAVE_MAP_ANONYMOUS
1171 # endif
1182 {
1197 mp++;
1199 {
1200 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
1201 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
1208 }
1209 else
1210 {
1213 }
1214 }
1219 fail1:
1221 fail2:
1227 /* Note: Solaris <sys/procfs.h> defines a different type prmap_t with
1228 _STRUCTURED_PROC than without! Here's a table of sizeof(prmap_t):
1229 32-bit 64-bit
1230 _STRUCTURED_PROC = 0 32 56
1231 _STRUCTURED_PROC = 1 96 104
1232 Therefore, if the include files provide the newer API, prmap_t has
1233 the bigger size, and thus you MUST use the newer API. And if the
1234 include files provide the older API, prmap_t has the smaller size,
1235 and thus you MUST use the older API. */
1237 # if defined PIOCNMAP && defined PIOCMAP
1238 /* We must use the older /proc interface. */
1246 # if HAVE_MAP_ANONYMOUS
1247 # define zero_fd -1
1248 # define map_flags MAP_ANONYMOUS
1251 # define map_flags 0
1252 # endif
1261 /* Construct fname = sprintf (fnamebuf+i, "/proc/%u", getpid ()). */
1264 {
1266 do
1269 }
1281 /* Allocate memneed bytes of memory.
1282 We cannot use alloca here, because not much stack space is guaranteed.
1283 We also cannot use malloc here, because a malloc() call may call mmap()
1284 and thus pre-allocate available memory.
1285 So use mmap(), and ignore the resulting VMA. */
1287 # if !HAVE_MAP_ANONYMOUS
1291 # endif
1294 # if !HAVE_MAP_ANONYMOUS
1296 # endif
1307 {
1322 mp++;
1324 {
1325 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
1326 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
1333 }
1334 else
1335 {
1338 }
1339 }
1344 fail1:
1346 fail2:
1350 # else
1351 /* We must use the newer /proc interface.
1352 Documentation:
1353 https://docs.oracle.com/cd/E23824_01/html/821-1473/proc-4.html
1354 The contents of /proc/<pid>/map consists of records of type
1355 prmap_t. These are different in 32-bit and 64-bit processes,
1356 but here we are fortunately accessing only the current process. */
1364 # if HAVE_MAP_ANONYMOUS
1365 # define zero_fd -1
1366 # define map_flags MAP_ANONYMOUS
1369 # define map_flags 0
1370 # endif
1380 /* Construct fname = sprintf (fnamebuf+i, "/proc/%u/map", getpid ()). */
1383 {
1385 do
1388 }
1396 {
1401 }
1404 /* Allocate memneed bytes of memory.
1405 We cannot use alloca here, because not much stack space is guaranteed.
1406 We also cannot use malloc here, because a malloc() call may call mmap()
1407 and thus pre-allocate available memory.
1408 So use mmap(), and ignore the resulting VMA. */
1410 # if !HAVE_MAP_ANONYMOUS
1414 # endif
1417 # if !HAVE_MAP_ANONYMOUS
1419 # endif
1426 /* Read up to memneed bytes from fd into maps. */
1427 {
1432 do
1433 {
1436 {
1440 }
1442 /* EOF */
1447 }
1452 }
1455 {
1469 {
1470 /* Consider [start,end-1] \ [auxmap_start,auxmap_end-1]
1471 = [start,auxmap_start-1] u [auxmap_end,end-1]. */
1478 }
1479 else
1480 {
1483 }
1484 }
1489 fail1:
1491 fail2:
1495 # endif
1503 {
1510 {
1523 }
1524 }
1529 vm_address_t address;
1530 vm_size_t size;
1533 {
1535 mach_port_t object_name;
1537 /* In Mac OS X 10.5, the types vm_address_t, vm_offset_t, vm_size_t have
1538 32 bits in 32-bit processes and 64 bits in 64-bit processes. Whereas
1539 mach_vm_address_t and mach_vm_size_t are always 64 bits large.
1540 Mac OS X 10.5 has three vm_region like methods:
1541 - vm_region. It has arguments that depend on whether the current
1542 process is 32-bit or 64-bit. When linking dynamically, this
1543 function exists only in 32-bit processes. Therefore we use it only
1544 in 32-bit processes.
1545 - vm_region_64. It has arguments that depend on whether the current
1546 process is 32-bit or 64-bit. It interprets a flavor
1547 VM_REGION_BASIC_INFO as VM_REGION_BASIC_INFO_64, which is
1548 dangerous since 'struct vm_region_basic_info_64' is larger than
1549 'struct vm_region_basic_info'; therefore let's write
1550 VM_REGION_BASIC_INFO_64 explicitly.
1551 - mach_vm_region. It has arguments that are 64-bit always. This
1552 function is useful when you want to access the VM of a process
1553 other than the current process.
1554 In 64-bit processes, we could use vm_region_64 or mach_vm_region.
1555 I choose vm_region_64 because it uses the same types as vm_region,
1556 resulting in less conditional code. */
1557 # if defined __aarch64__ || defined __ppc64__ || defined __x86_64__
1564 # else
1571 # endif
1585 }
1590 /* The Hurd has a /proc/self/maps that looks like the Linux one, but it
1591 lacks the VMAs created through anonymous mmap. Therefore use the Mach
1592 API.
1593 Documentation:
1594 https://www.gnu.org/software/hurd/gnumach-doc/Memory-Attributes.html */
1597 vm_address_t address;
1598 vm_size_t size;
1601 {
1602 vm_prot_t protection;
1603 vm_prot_t max_protection;
1604 vm_inherit_t inheritance;
1605 boolean_t shared;
1606 memory_object_name_t object_name;
1607 vm_offset_t offset;
1624 }
1627 #elif defined _WIN32 || defined __CYGWIN__
1628 /* Windows platform. Use the native Windows API. */
1630 MEMORY_BASIC_INFORMATION info;
1634 {
1636 /* Ignore areas where info.State has the value MEM_RESERVE or,
1637 equivalently, info.Protect has the undocumented value 0.
1638 This is needed, so that on Cygwin, areas used by malloc() are
1639 distinguished from areas reserved for future malloc(). */
1641 {
1648 {
1670 }
1674 }
1676 }
1679 #elif defined __BEOS__ || defined __HAIKU__
1680 /* Use the BeOS specific API. */
1682 area_info info;
1683 ssize_t cookie;
1687 {
1701 }
1706 # if defined __OpenBSD__
1707 /* Try sysctl() first. It is more efficient than the mquery() loop below
1708 and also provides the flags. */
1709 {
1713 }
1714 # endif
1716 {
1722 /* Avoid calling mquery with a NULL first argument, because this argument
1723 value has a specific meaning. We know the NULL page is unmapped. */
1727 {
1728 /* Test whether the page at address is mapped. */
1732 {
1733 /* The page at address is mapped.
1734 This is the start of an interval. */
1738 /* Find the end of the interval. */
1744 /* It's too complicated to find out about the flags.
1745 Just pass 0. */
1751 }
1752 /* Here we know that the page at address is unmapped. */
1753 {
1758 /* Query larger and larger blocks, to get through the unmapped address
1759 range with few mquery() calls. */
1761 {
1765 {
1768 }
1771 {
1772 /* Not all the interval [address .. address + query_size - 1]
1773 is unmapped. */
1776 }
1777 /* The interval [address .. address + query_size - 1] is
1778 unmapped. */
1780 }
1781 /* Reduce the query size again, to determine the precise size of the
1782 unmapped interval that starts at address. */
1784 {
1787 {
1790 {
1791 /* The interval [address .. address + query_size - 1] is
1792 unmapped. */
1795 }
1796 else
1798 }
1799 }
1800 /* Here again query_size = pagesize, and
1801 either address + pagesize - 1 < pagesize, or
1802 mquery ((void *) address, pagesize, 0, MAP_FIXED, -1, 0) fails.
1803 So, the unmapped area ends at address. */
1804 }
1807 }
1809 }
1811 #else
1813 /* Not implemented. */
1816 #endif
1817 }
1820 #ifdef TEST
1822 #include <stdio.h>
1824 /* Output the VMAs of the current process in a format similar to the Linux
1825 /proc/$pid/maps file. */
1827 static int
1830 {
1837 }
1839 int
1841 {
1844 /* Let the user interactively look at the /proc file system. */
1848 }
1850 /*
1851 * Local Variables:
1852 * compile-command: "gcc -ggdb -DTEST -Wall -I.. vma-iter.c"
1853 * End:
1854 */