How can you efficiently check the VM mapping for an address?

Question

I am writing a tracing tool which needs to deal with the output of a a JIT, so the stack can look pretty bizarre at times. I'd like to try to apply some heuristics to addresses to determine if they are code, data or garbage. (If I'm wrong some of the time, it's no big deal; however if the process crashes, not so much.)

I can cat /proc/«pid»/maps to get a list of the VM mappings for a process in Linux. Is it possible to access this information (or any subset) from inside the process without parsing that file? It'd be ideal to examine the rwx bits for an address. Essentially, I want a “read” version of mprotect(2).

If I can't do this, how about determining if an access to a certain address will cause a segmentation fault? (There is already a SIGSEGV handler installed in this case and I can't easily overwrite it, or I'd just do that.)

Answer 1

Looking through all the memory-related functions I discovered I can use munlock() to determine if the page is valid.

bool is_address_valid(ADDRINT addr) {
  static int pagesize = getpagesize();

  const void *foo = (const void *)(addr / pagesize * pagesize);

  if (munlock(foo, 1) == -1) {
    fprintf(stderr, "munlock(%p=>%p, 1) failed: %s\n", addr, foo,
            strerror(errno));
    return false;
  }
  return true;
}

Pretty disgusting, but it does prevent my code from crashing.