Virtual Memory Areas (VMAs)

view memory maps:

$ cat /proc/<PID>/maps

the results correspond partiallty to area's linux/mm_types.h::vm_area_struct:

-------------------------------------------------------------
start~end   perm    offset      major:minor     inode   image
-------------------------------------------------------------
start~end:  start/end of the memory area
perm:       bit mask for area R/W/X permission; p for private and s for shared
offset:     offset into mapped file.
inode:      inode number of mapped file. (0 for anoymous mappings)
image:      file name of the mapped file. (empty for anoymous mappings)

view IO memory maps:

$ cat /proc/iomem

process memory map:

Each process has its mm_struct that contains its list of VMAs, pagetabkes, sync primitives, etc..

manually dumping memory w. GDB

identify memory region start and end from maps
connect gdb to running process with pid
```
$ sudo gdb --pid <PID>
```

dump memory in gdb

$ dump memory <PATH-TO-DUMP-FILE> <START_ADDR> <END_ADDR>

the dump can be viewed with e.g. hexdump

get_user_pages

sysprog cheatsheets

Virtual Memory Areas (VMAs)