Linux Programmer's Manual PROC(5)

NAME | DESCRIPTION | NOTES | SEE ALSO | COLOPHON

PROC(5)                   Linux Programmer's Manual                  PROC(5)

NAME top

       proc - process information pseudo-filesystem

The proc filesystem is a pseudo-filesystem which provides an
interface to kernel data structures. It is commonly mounted at
/proc. Most of it is read-only, but some files allow kernel
variables to be changed.

The following list describes many of the files and directories under
the /proc hierarchy.

/proc/[pid]
There is a numerical subdirectory for each running process;
the subdirectory is named by the process ID. Each such
subdirectory contains the following pseudo-files and
directories.

/proc/[pid]/attr
The files in this directory provide an API for security
modules. The contents of this directory are files that can be
read and written in order to set security-related attributes.
This directory was added to support SELinux, but the intention
was that the API be general enough to support other security
modules. For the purpose of explanation, examples of how
SELinux uses these files are provided below.

This directory is present only if the kernel was configured
with CONFIG_SECURITY.

/proc/[pid]/attr/current (since Linux 2.6.0)
The contents of this file represent the current security
attributes of the process.

In SELinux, this file is used to get the security context of a
process. Prior to Linux 2.6.11, this file could not be used
to set the security context (a write was always denied), since
SELinux limited process security transitions to execve(2) (see
the description of /proc/[pid]/attr/exec, below). Since Linux
2.6.11, SELinux lifted this restriction and began supporting
"set" operations via writes to this node if authorized by
policy, although use of this operation is only suitable for
applications that are trusted to maintain any desired
separation between the old and new security contexts. Prior
to Linux 2.6.28, SELinux did not allow threads within a multi-
threaded process to set their security context via this node
as it would yield an inconsistency among the security contexts
of the threads sharing the same memory space. Since Linux
2.6.28, SELinux lifted this restriction and began supporting
"set" operations for threads within a multithreaded process if
the new security context is bounded by the old security
context, where the bounded relation is defined in policy and
guarantees that the new security context has a subset of the
permissions of the old security context. Other security
modules may choose to support "set" operations via writes to
this node.

/proc/[pid]/attr/exec (since Linux 2.6.0)
This file represents the attributes to assign to the process
upon a subsequent execve(2).

In SELinux, this is needed to support role/domain transitions,
and execve(2) is the preferred point to make such transitions
because it offers better control over the initialization of
the process in the new security label and the inheritance of
state. In SELinux, this attribute is reset on execve(2) so
that the new program reverts to the default behavior for any
execve(2) calls that it may make. In SELinux, a process can
set only its own /proc/[pid]/attr/exec attribute.

/proc/[pid]/attr/fscreate (since Linux 2.6.0)
This file represents the attributes to assign to files created
by subsequent calls to open(2), mkdir(2), symlink(2), and
mknod(2)

SELinux employs this file to support creation of a file (using
the aforementioned system calls) in a secure state, so that
there is no risk of inappropriate access being obtained
between the time of creation and the time that attributes are
set. In SELinux, this attribute is reset on execve(2), so
that the new program reverts to the default behavior for any
file creation calls it may make, but the attribute will
persist across multiple file creation calls within a program
unless it is explicitly reset. In SELinux, a process can set
only its own /proc/[pid]/attr/fscreate attribute.

/proc/[pid]/attr/prev (since Linux 2.6.0)
This file contains the security context of the process before
the last execve(2); that is, the previous value of
/proc/[pid]/attr/current.

/proc/[pid]/attr/keycreate (since Linux 2.6.18)
If a process writes a security context into this file, all
subsequently created keys (add_key(2)) will be labeled with
this context. For further information, see the kernel source
file Documentation/keys.txt.

/proc/[pid]/attr/socketcreate (since Linux 2.6.18)
If a process writes a security context into this file, all
subsequently created sockets will be labeled with this
context.

/proc/[pid]/auxv (since 2.6.0-test7)
This contains the contents of the ELF interpreter information
passed to the process at exec time. The format is one
unsigned long ID plus one unsigned long value for each entry.
The last entry contains two zeros. See also getauxval(3).

/proc/[pid]/cgroup (since Linux 2.6.24)
This file describes control groups to which the process/task
belongs. For each cgroup hierarchy there is one entry
containing colon-separated fields of the form:

5:cpuacct,cpu,cpuset:/daemons

The colon-separated fields are, from left to right:

1. hierarchy ID number

2. set of subsystems bound to the hierarchy

3. control group in the hierarchy to which the process
belongs

This file is present only if the CONFIG_CGROUPS kernel
configuration option is enabled.

/proc/[pid]/clear_refs (since Linux 2.6.22)

This is a write-only file, writable only by owner of the
process.

The following values may be written to the file:

1 (since Linux 2.6.22)
Reset the PG_Referenced and ACCESSED/YOUNG bits for all
the pages associated with the process. (Before kernel
2.6.32, writing any nonzero value to this file had this
effect.)

2 (since Linux 2.6.32)
Reset the PG_Referenced and ACCESSED/YOUNG bits for all
anonymous pages associated with the process.

3 (since Linux 2.6.32)
Reset the PG_Referenced and ACCESSED/YOUNG bits for all
file-mapped pages associated with the process.

Clearing the PG_Referenced and ACCESSED/YOUNG bits provides a
method to measure approximately how much memory a process is
using. One first inspects the values in the "Referenced"
fields for the VMAs shown in /proc/[pid]/smaps to get an idea
of the memory footprint of the process. One then clears the
PG_Referenced and ACCESSED/YOUNG bits and, after some measured
time interval, once again inspects the values in the
"Referenced" fields to get an idea of the change in memory
footprint of the process during the measured interval. If one
is interested only in inspecting the selected mapping types,
then the value 2 or 3 can be used instead of 1.

A further value can be written to affect a different bit:

4 (since Linux 3.11)
Clear the soft-dirty bit for all the pages associated
with the process. This is used (in conjunction with
/proc/[pid]/pagemap) by the check-point restore system
to discover which pages of a process have been dirtied
since the file /proc/[pid]/clear_refs was written to.

Writing any value to /proc/[pid]/clear_refs other than those
listed above has no effect.

The /proc/[pid]/clear_refs file is present only if the
CONFIG_PROC_PAGE_MONITOR kernel configuration option is
enabled.

/proc/[pid]/cmdline
This read-only file holds the complete command line for the
process, unless the process is a zombie. In the latter case,
there is nothing in this file: that is, a read on this file
will return 0 characters. The command-line arguments appear
in this file as a set of strings separated by null bytes
(''), with a further null byte after the last string.

/proc/[pid]/comm (since Linux 2.6.33)
This file exposes the process's comm value—that is, the
command name associated with the process. Different threads
in the same process may have different comm values, accessible
via /proc/[pid]/task/[tid]/comm. A thread may modify its comm
value, or that of any of other thread in the same thread group
(see the discussion of CLONE_THREAD in clone(2)), by writing
to the file /proc/self/task/[tid]/comm. Strings longer than
TASK_COMM_LEN (16) characters are silently truncated.

This file provides a superset of the prctl(2) PR_SET_NAME and
PR_GET_NAME operations, and is employed by
pthread_setname_np(3) when used to rename threads other than
the caller.

/proc/[pid]/coredump_filter (since Linux 2.6.23)
See core(5).

/proc/[pid]/cpuset (since Linux 2.6.12)
See cpuset(7).

/proc/[pid]/cwd
This is a symbolic link to the current working directory of
the process. To find out the current working directory of
process 20, for instance, you can do this:

$ cd /proc/20/cwd; /bin/pwd

Note that the pwd command is often a shell built-in, and might
not work properly. In bash(1), you may use pwd -P.

In a multithreaded process, the contents of this symbolic link
are not available if the main thread has already terminated
(typically by calling pthread_exit(3)).

/proc/[pid]/environ
This file contains the environment for the process. The
entries are separated by null bytes (''), and there may be a
null byte at the end. Thus, to print out the environment of
process 1, you would do:

$ strings /proc/1/environ

/proc/[pid]/exe
Under Linux 2.2 and later, this file is a symbolic link
containing the actual pathname of the executed command. This
symbolic link can be dereferenced normally; attempting to open
it will open the executable. You can even type
/proc/[pid]/exe to run another copy of the same executable as
is being run by process [pid]. In a multithreaded process,
the contents of this symbolic link are not available if the
main thread has already terminated (typically by calling
pthread_exit(3)).

Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to
the binary which was executed, and appears as a symbolic link.
A readlink(2) call on this file under Linux 2.0 returns a
string in the format:

[device]:inode

For example, [0301]:1502 would be inode 1502 on device major
03 (IDE, MFM, etc. drives) minor 01 (first partition on the
first drive).

find(1) with the -inum option can be used to locate the file.

/proc/[pid]/fd/
This is a subdirectory containing one entry for each file
which the process has open, named by its file descriptor, and
which is a symbolic link to the actual file. Thus, 0 is
standard input, 1 standard output, 2 standard error, and so
on.

For file descriptors for pipes and sockets, the entries will
be symbolic links whose content is the file type with the
inode. A readlink(2) call on this file returns a string in
the format:

type:[inode]

For example, socket:[2248868] will be a socket and its inode
is 2248868. For sockets, that inode can be used to find more
information in one of the files under /proc/net/.

For file descriptors that have no corresponding inode (e.g.,
file descriptors produced by epoll_create(2), eventfd(2),
inotify_init(2), signalfd(2), and timerfd(2)), the entry will
be a symbolic link with contents of the form

anon_inode:<file-type>

In some cases, the file-type is surrounded by square brackets.

For example, an epoll file descriptor will have a symbolic
link whose content is the string anon_inode:[eventpoll].

In a multithreaded process, the contents of this directory are
not available if the main thread has already terminated
(typically by calling pthread_exit(3)).

Programs that will take a filename as a command-line argument,
but will not take input from standard input if no argument is
supplied, or that write to a file named as a command-line
argument, but will not send their output to standard output if
no argument is supplied, can nevertheless be made to use
standard input or standard out using /proc/[pid]/fd. For
example, assuming that -i is the flag designating an input
file and -o is the flag designating an output file:

$ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...

and you have a working filter.

/proc/self/fd/N is approximately the same as /dev/fd/N in some
UNIX and UNIX-like systems. Most Linux MAKEDEV scripts
symbolically link /dev/fd to /proc/self/fd, in fact.

Most systems provide symbolic links /dev/stdin, /dev/stdout,
and /dev/stderr, which respectively link to the files 0, 1,
and 2 in /proc/self/fd. Thus the example command above could
be written as:

$ foobar -i /dev/stdin -o /dev/stdout ...

/proc/[pid]/fdinfo/ (since Linux 2.6.22)
This is a subdirectory containing one entry for each file
which the process has open, named by its file descriptor. The
files in this directory are readable only by the owner of the
process. The contents of each file can be read to obtain
information about the corresponding file descriptor. The
content depends on the type of file referred to by the
corresponding descriptor.

For regular files and directories, we see something like:

$ cat /proc/12015/fdinfo/4
pos: 1000
flags: 01002002
mnt_id: 21

The pos field is a decimal number showing the current file
offset. The flags field is an octal number that displays the
file access mode and file status flags (see open(2)). The
mnt_id field, present since Linux 3.15, is the ID of the mount
point containing this file. See the description of
/proc/[pid]/mountinfo.

For eventfd file descriptors (see eventfd(2)), we see the
following fields:

pos: 0
flags: 02
mnt_id: 10
eventfd-count: 40

eventfd-count is the current value of the eventfd counter, in
hexadecimal.

For epoll file descriptors (see epoll(7)), we see the
following fields:

pos: 0
flags: 02
mnt_id: 10
tfd: 9 events: 19 data: 74253d2500000009
tfd: 7 events: 19 data: 74253d2500000007

Each of the lines beginning tfd describes one of the file
descriptors being monitored via the epoll file descriptor (see
epoll_ctl(2) for some details). The tfd field is the number
of the file descriptor. The events field is a hexadecimal
mask of the events being monitored for this file descriptor.
The data field is the data value associated with this file
descriptor.

For signalfd file descriptors (see signalfd(2)), we see the
following fields:

pos: 0
flags: 02
mnt_id: 10
sigmask: 0000000000000006

sigmask is the hexadecimal mask of signals that are accepted
via this signalfd file descriptor. (In this example, bits 2
and 3 are set, corresponding to the signals SIGINT and
SIGQUIT; see signal(7).)

/proc/[pid]/io (since kernel 2.6.20)
This file contains I/O statistics for the process, for
example:

# cat /proc/3828/io
rchar: 323934931
wchar: 323929600
syscr: 632687
syscw: 632675
read_bytes: 0
write_bytes: 323932160
cancelled_write_bytes: 0

The fields are as follows:

rchar: characters read
The number of bytes which this task has caused to be
read from storage. This is simply the sum of bytes
which this process passed to read(2) and similar system
calls. It includes things such as terminal I/O and is
unaffected by whether or not actual physical disk I/O
was required (the read might have been satisfied from
pagecache).

wchar: characters written
The number of bytes which this task has caused, or
shall cause to be written to disk. Similar caveats
apply here as with rchar.

syscr: read syscalls
Attempt to count the number of read I/O operations—that
is, system calls such as read(2) and pread(2).

syscw: write syscalls
Attempt to count the number of write I/O operations—
that is, system calls such as write(2) and pwrite(2).

read_bytes: bytes read
Attempt to count the number of bytes which this process
really did cause to be fetched from the storage layer.
This is accurate for block-backed filesystems.

write_bytes: bytes written
Attempt to count the number of bytes which this process
caused to be sent to the storage layer.

cancelled_write_bytes:
The big inaccuracy here is truncate. If a process
writes 1MB to a file and then deletes the file, it will
in fact perform no writeout. But it will have been
accounted as having caused 1MB of write. In other
words: this field represents the number of bytes which
this process caused to not happen, by truncating
pagecache. A task can cause "negative" I/O too. If
this task truncates some dirty pagecache, some I/O
which another task has been accounted for (in its
write_bytes) will not be happening.

Note: In the current implementation, things are a bit racy on
32-bit systems: if process A reads process B's /proc/[pid]/io
while process B is updating one of these 64-bit counters,
process A could see an intermediate result.

/proc/[pid]/gid_map (since Linux 3.5)
See user_namespaces(7).

/proc/[pid]/limits (since Linux 2.6.24)
This file displays the soft limit, hard limit, and units of
measurement for each of the process's resource limits (see
getrlimit(2)). Up to and including Linux 2.6.35, this file is
protected to allow reading only by the real UID of the
process. Since Linux 2.6.36, this file is readable by all
users on the system.

/proc/[pid]/map_files/ (since kernel 3.3)
This subdirectory contains entries corresponding to memory-
mapped files (see mmap(2)). Entries are named by memory
region start and end address pair (expressed as hexadecimal
numbers), and are symbolic links to the mapped files
themselves. Here is an example, with the output wrapped and
reformatted to fit on an 80-column display:

# ls -l /proc/self/map_files/
lr--------. 1 root root 64 Apr 16 21:31
3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
...

Although these entries are present for memory regions that
were mapped with the MAP_FILE flag, the way anonymous shared
memory (regions created with the MAP_ANON | MAP_SHARED flags)
is implemented in Linux means that such regions also appear on
this directory. Here is an example where the target file is
the deleted /dev/zero one:

lrw-------. 1 root root 64 Apr 16 21:33
7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)

This directory appears only if the CONFIG_CHECKPOINT_RESTORE
kernel configuration option is enabled. Privilege
(CAP_SYS_ADMIN) is required to view the contents of this
directory.

/proc/[pid]/maps
A file containing the currently mapped memory regions and
their access permissions. See mmap(2) for some further
information about memory mappings.

The format of the file is:

address perms offset dev inode pathname
00400000-00452000 r-xp 00000000 08:02 173521 /usr/bin/dbus-daemon
00651000-00652000 r--p 00051000 08:02 173521 /usr/bin/dbus-daemon
00652000-00655000 rw-p 00052000 08:02 173521 /usr/bin/dbus-daemon
00e03000-00e24000 rw-p 00000000 00:00 0 [heap]
00e24000-011f7000 rw-p 00000000 00:00 0 [heap]
...
35b1800000-35b1820000 r-xp 00000000 08:02 135522 /usr/lib64/ld-2.15.so
35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522 /usr/lib64/ld-2.15.so
35b1a20000-35b1a21000 rw-p 00020000 08:02 135522 /usr/lib64/ld-2.15.so
35b1a21000-35b1a22000 rw-p 00000000 00:00 0
35b1c00000-35b1dac000 r-xp 00000000 08:02 135870 /usr/lib64/libc-2.15.so
35b1dac000-35b1fac000 ---p 001ac000 08:02 135870 /usr/lib64/libc-2.15.so
35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870 /usr/lib64/libc-2.15.so
35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870 /usr/lib64/libc-2.15.so
...
f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0 [stack:986]
...
7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0 [stack]
7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0 [vdso]

The address field is the address space in the process that the
mapping occupies. The perms field is a set of permissions:

r = read
w = write
x = execute
s = shared
p = private (copy on write)

The offset field is the offset into the file/whatever; dev is
the device (major:minor); inode is the inode on that device.
0 indicates that no inode is associated with the memory
region, as would be the case with BSS (uninitialized data).

The pathname field will usually be the file that is backing
the mapping. For ELF files, you can easily coordinate with
the offset field by looking at the Offset field in the ELF
program headers (readelf -l).

There are additional helpful pseudo-paths:

[stack]
The initial process's (also known as the main
thread's) stack.

[stack:<tid>] (since Linux 3.4)
A thread's stack (where the <tid> is a thread ID).
It corresponds to the /proc/[pid]/task/[tid]/
path.

[vdso] The virtual dynamically linked shared object.

[heap] The process's heap.

If the pathname field is blank, this is an anonymous mapping
as obtained via the mmap(2) function. There is no easy way to
coordinate this back to a process's source, short of running
it through gdb(1), strace(1), or similar.

Under Linux 2.0, there is no field giving pathname.

/proc/[pid]/mem
This file can be used to access the pages of a process's
memory through open(2), read(2), and lseek(2).

/proc/[pid]/mountinfo (since Linux 2.6.26)
This file contains information about mount points. It
contains lines of the form:

36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
(1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11)

The numbers in parentheses are labels for the descriptions
below:

(1) mount ID: unique identifier of the mount (may be reused
after umount(2)).

(2) parent ID: ID of parent mount (or of self for the top of
the mount tree).

(3) major:minor: value of st_dev for files on filesystem (see
stat(2)).

(4) root: root of the mount within the filesystem.

(5) mount point: mount point relative to the process's root.

(6) mount options: per-mount options.

(7) optional fields: zero or more fields of the form
"tag[:value]".

(8) separator: marks the end of the optional fields.

(9) filesystem type: name of filesystem in the form
"type[.subtype]".

(10) mount source: filesystem-specific information or "none".

(11) super options: per-superblock options.

Parsers should ignore all unrecognized optional fields.
Currently the possible optional fields are:

shared:X mount is shared in peer group X

master:X mount is slave to peer group X

propagate_from:X mount is slave and receives propagation
from peer group X (*)

unbindable mount is unbindable

(*) X is the closest dominant peer group under the process's
root. If X is the immediate master of the mount, or if there
is no dominant peer group under the same root, then only the
"master:X" field is present and not the "propagate_from:X"
field.

For more information on mount propagation see:
Documentation/filesystems/sharedsubtree.txt in the Linux
kernel source tree.

/proc/[pid]/mounts (since Linux 2.4.19)
This is a list of all the filesystems currently mounted in the
process's mount namespace. The format of this file is
documented in fstab(5). Since kernel version 2.6.15, this
file is pollable: after opening the file for reading, a change
in this file (i.e., a filesystem mount or unmount) causes
select(2) to mark the file descriptor as readable, and poll(2)
and epoll_wait(2) mark the file as having an error condition.
See namespaces(7) for more information.

/proc/[pid]/mountstats (since Linux 2.6.17)
This file exports information (statistics, configuration
information) about the mount points in the process's mount
namespace. Lines in this file have the form:

device /dev/sda7 mounted on /home with fstype ext3 [statistics]
( 1 ) ( 2 ) (3 ) (4)

The fields in each line are:

(1) The name of the mounted device (or "nodevice" if there is
no corresponding device).

(2) The mount point within the filesystem tree.

(3) The filesystem type.

(4) Optional statistics and configuration information.
Currently (as at Linux 2.6.26), only NFS filesystems
export information via this field.

This file is readable only by the owner of the process.

See namespaces(7) for more information.

/proc/[pid]/ns/ (since Linux 3.0)
This is a subdirectory containing one entry for each namespace
that supports being manipulated by setns(2). For more
information, see namespaces(7).

/proc/[pid]/numa_maps (since Linux 2.6.14)
See numa(7).

/proc/[pid]/oom_adj (since Linux 2.6.11)
This file can be used to adjust the score used to select which
process should be killed in an out-of-memory (OOM) situation.
The kernel uses this value for a bit-shift operation of the
process's oom_score value: valid values are in the range -16
to +15, plus the special value -17, which disables OOM-killing
altogether for this process. A positive score increases the
likelihood of this process being killed by the OOM-killer; a
negative score decreases the likelihood.

The default value for this file is 0; a new process inherits
its parent's oom_adj setting. A process must be privileged
(CAP_SYS_RESOURCE) to update this file.

Since Linux 2.6.36, use of this file is deprecated in favor of
/proc/[pid]/oom_score_adj.

/proc/[pid]/oom_score (since Linux 2.6.11)
This file displays the current score that the kernel gives to
this process for the purpose of selecting a process for the
OOM-killer. A higher score means that the process is more
likely to be selected by the OOM-killer. The basis for this
score is the amount of memory used by the process, with
increases (+) or decreases (-) for factors including:

* whether the process creates a lot of children using fork(2)
(+);

* whether the process has been running a long time, or has
used a lot of CPU time (-);

* whether the process has a low nice value (i.e., > 0) (+);

* whether the process is privileged (-); and

* whether the process is making direct hardware access (-).

The oom_score also reflects the adjustment specified by the
oom_score_adj or oom_adj setting for the process.

/proc/[pid]/oom_score_adj (since Linux 2.6.36)
This file can be used to adjust the badness heuristic used to
select which process gets killed in out-of-memory conditions.

The badness heuristic assigns a value to each candidate task
ranging from 0 (never kill) to 1000 (always kill) to determine
which process is targeted. The units are roughly a proportion
along that range of allowed memory the process may allocate
from, based on an estimation of its current memory and swap
use. For example, if a task is using all allowed memory, its
badness score will be 1000. If it is using half of its
allowed memory, its score will be 500.

There is an additional factor included in the badness score:
root processes are given 3% extra memory over other tasks.

The amount of "allowed" memory depends on the context in which
the OOM-killer was called. If it is due to the memory
assigned to the allocating task's cpuset being exhausted, the
allowed memory represents the set of mems assigned to that
cpuset (see cpuset(7)). If it is due to a mempolicy's node(s)
being exhausted, the allowed memory represents the set of
mempolicy nodes. If it is due to a memory limit (or swap
limit) being reached, the allowed memory is that configured
limit. Finally, if it is due to the entire system being out
of memory, the allowed memory represents all allocatable
resources.

The value of oom_score_adj is added to the badness score
before it is used to determine which task to kill. Acceptable
values range from -1000 (OOM_SCORE_ADJ_MIN) to +1000
(OOM_SCORE_ADJ_MAX). This allows user space to control the
preference for OOM-killing, ranging from always preferring a
certain task or completely disabling it from OOM killing. The
lowest possible value, -1000, is equivalent to disabling OOM-
killing entirely for that task, since it will always report a
badness score of 0.

Consequently, it is very simple for user space to define the
amount of memory to consider for each task. Setting a
oom_score_adj value of +500, for example, is roughly
equivalent to allowing the remainder of tasks sharing the same
system, cpuset, mempolicy, or memory controller resources to
use at least 50% more memory. A value of -500, on the other
hand, would be roughly equivalent to discounting 50% of the
task's allowed memory from being considered as scoring against
the task.

For backward compatibility with previous kernels,
/proc/[pid]/oom_adj can still be used to tune the badness
score. Its value is scaled linearly with oom_score_adj.

Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj
will change the other with its scaled value.

/proc/[pid]/pagemap (since Linux 2.6.25)
This file shows the mapping of each of the process's virtual
pages into physical page frames or swap area. It contains one
64-bit value for each virtual page, with the bits set as
follows:

63 If set, the page is present in RAM.

62 If set, the page is in swap space

61 (since Linux 3.5)
The page is a file-mapped page or a shared
anonymous page.

60-56 (since Linux 3.11)
Zero

55 (Since Linux 3.11)
PTE is soft-dirty (see the kernel source file
Documentation/vm/soft-dirty.txt).

54-0 If the page is present in RAM (bit 63), then these
bits provide the page frame number, which can be
used to index /proc/kpageflags and
/proc/kpagecount. If the page is present in swap
(bit 62), then bits 4-0 give the swap type, and
bits 54-5 encode the swap offset.

Before Linux 3.11, bits 60-55 were used to encode the base-2
log of the page size.

To employ /proc/[pid]/pagemap efficiently, use
/proc/[pid]/maps to determine which areas of memory are
actually mapped and seek to skip over unmapped regions.

The /proc/[pid]/pagemap file is present only if the
CONFIG_PROC_PAGE_MONITOR kernel configuration option is
enabled.

/proc/[pid]/personality (since Linux 2.6.28)
This read-only file exposes the process's execution domain, as
set by personality(2). The value is displayed in hexadecimal
notation.

/proc/[pid]/root
UNIX and Linux support the idea of a per-process root of the
filesystem, set by the chroot(2) system call. This file is a
symbolic link that points to the process's root directory, and
behaves in the same way as exe, and fd/*.

In a multithreaded process, the contents of this symbolic link
are not available if the main thread has already terminated
(typically by calling pthread_exit(3)).

/proc/[pid]/seccomp (from Linux 2.6.12 to 2.6.22)
Read/set the seccomp mode for the process. If this file
contains the value zero, seccomp mode is not enabled. Writing
the value 1 to this file (irreversibly) places the process in
seccomp mode: the only permitted system calls are read(2),
write(2), _exit(2), and sigreturn(2). This file went away in
Linux 2.6.23, when it was replaced by a prctl(2)-based
mechanism.

/proc/[pid]/setgroups (since Linux 3.19)
See user_namespaces(7).

/proc/[pid]/smaps (since Linux 2.6.14)
This file shows memory consumption for each of the process's
mappings. (The pmap(1) command displays similar information,
in a form that may be easier for parsing.) For each mapping
there is a series of lines such as the following:

00400000-0048a000 r-xp 00000000 fd:03 960637 /bin/bash
Size: 552 kB
Rss: 460 kB
Pss: 100 kB
Shared_Clean: 452 kB
Shared_Dirty: 0 kB
Private_Clean: 8 kB
Private_Dirty: 0 kB
Referenced: 460 kB
Anonymous: 0 kB
AnonHugePages: 0 kB
Swap: 0 kB
KernelPageSize: 4 kB
MMUPageSize: 4 kB
Locked: 0 kB

The first of these lines shows the same information as is
displayed for the mapping in /proc/[pid]/maps. The remaining
lines show the size of the mapping, the amount of the mapping
that is currently resident in RAM ("Rss"), the process'
proportional share of this mapping ("Pss"), the number of
clean and dirty shared pages in the mapping, and the number of
clean and dirty private pages in the mapping. "Referenced"
indicates the amount of memory currently marked as referenced
or accessed. "Anonymous" shows the amount of memory that does
not belong to any file. "Swap" shows how much would-be-
anonymous memory is also used, but out on swap.

The "KernelPageSize" entry is the page size used by the kernel
to back a VMA. This matches the size used by the MMU in the
majority of cases. However, one counter-example occurs on
PPC64 kernels whereby a kernel using 64K as a base page size
may still use 4K pages for the MMU on older processors. To
distinguish, this patch reports "MMUPageSize" as the page size
used by the MMU.

The "Locked" indicates whether the mapping is locked in memory
or not.

"VmFlags" field represents the kernel flags associated with
the particular virtual memory area in two letter encoded
manner. The codes are the following:

rd - readable
wr - writable
ex - executable
sh - shared
mr - may read
mw - may write
me - may execute
ms - may share
gd - stack segment grows down
pf - pure PFN range
dw - disabled write to the mapped file
lo - pages are locked in memory
io - memory mapped I/O area
sr - sequential read advise provided
rr - random read advise provided
dc - do not copy area on fork
de - do not expand area on remapping
ac - area is accountable
nr - swap space is not reserved for the area
ht - area uses huge tlb pages
nl - non-linear mapping
ar - architecture specific flag
dd - do not include area into core dump
sd - soft-dirty flag
mm - mixed map area
hg - huge page advise flag
nh - no-huge page advise flag
mg - mergeable advise flag

The /proc/[pid]/smaps file is present only if the

原文链接：https://blog.csdn.net/Aaronzzq/article/details/45288785

站方申明：本站部分内容来自社区用户分享，若涉及侵权，请联系站方删除。

发表于 2020-03-01 20:58:03
阅读 ( 1596 )
分类：Linux

Linux Programmer's Manual PROC(5)

NAME top

DESCRIPTION top

你可能感兴趣的文章

精选的优质文章

0 条评论

官方社群

GO教程

推荐文章

猜你喜欢

随便看看