Reputation: 118540
Searching a process' memory on Linux
How can I search the memory state of an process in Linux? Specifically I wish to identify certain regions of interest, and peek at them at regular intervals, possibly occasionally poking new values.
I suspect an answer may involve calls to ptrace(), and reading /proc/[pid]/mem, but need more to go on.
Upvotes: 4
Views: 3236
Answers (3)
Reputation: 118540
I've developed some code for the requested functionality.
The module memutil provides process memory region iteration, and python or C memory reading with assistance from the ptrace module, and readmem executable.
If there is any questions, or requests for standalone tools, just ask.
Upvotes: 2
Reputation: 64414
Perhaps using GDB would be an option? You should be able to do things like periodically reading memory using breakpoints.
Upvotes: 0
Reputation: 70204
I believe you can achieve what you want by parsing /proc/[pid]/maps -- I've used that to diagnose invalid pointers
Upvotes: 2
Related Questions
- Finding mapped memory from inside a process
- How to check memory used by a process in Linux?
- Finding memory location in running application
- Memory map of a process in Linux
- scan memory of calling process
- Memory details of a process
- Find page in memory for Process (linux-kernel)
- Information of process that has allocated a given Physical address?
- How would I search the memory of a process for a specific string?
- How to find out what parts of the physical memory contain data/instructions of what processes?