Re: Parsing Structures postmortem from memory dump

From: Dan Noé
Date: Tue May 06 2008 - 18:37:58 EST

Next message: Rafael J. Wysocki: "Re: drivers/mfd/htc-pasic3.c:22:31: error: asm/arch/pxa-regs.h: No such file or directory"
Previous message: Rafael J. Wysocki: "Re: BIOS bug, APIC version if 0 for CPU#0"
In reply to: Adrian Sud: "Parsing Structures postmortem from memory dump"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adrian Sud wrote:

I've looked at /include/linux/sched.h and tried to understand the task_struct structure, but it appears to be variable-length, determined at compile time, and I can't tell exactly how these are stored throughout memory--In a list? a tree?

The task_struct structures are stored on one or more lists. Note the list_head types within the structure - each of this is a list that the structure is (potentially) a member of.

This is a good explanation of how the kernel's lists work:

http://kernelnewbies.org/FAQ/LinkedLists

I don't know if a generalized printer/parser exists for the kernel linked list, but this might be a good way to start exploring your project. There are macros to traverse the lists easily, so it shouldn't be too difficult.

Hope that helps.

Cheers,
Dan

--
/--------------- - - - - - -
| Dan Noé
| http://isomerica.net/~dpn/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael J. Wysocki: "Re: drivers/mfd/htc-pasic3.c:22:31: error: asm/arch/pxa-regs.h: No such file or directory"
Previous message: Rafael J. Wysocki: "Re: BIOS bug, APIC version if 0 for CPU#0"
In reply to: Adrian Sud: "Parsing Structures postmortem from memory dump"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]