/dev/mem
while crash dumps can be examined via the core file generated by
savecore(8).
The interface behaves identically in both cases.
Memory can be read and written, kernel symbol addresses can be
looked up efficiently, and information about user processes can
be gathered.
kvm_open()
is first called to obtain a descriptor for all subsequent calls.
),
kvm_close(
),
kvm_read(
),
kvm_write(
),
and
kvm_nlist(
))
has been incorporated into the
BSD
interface.
Indeed, many kvm applications (i.e., debuggers and statistical monitors)
use only this subset of the interface.
The process interface was not kept. This is not a portability issue since any code that manipulates processes is inherently machine dependent.
Finally, the Sun kvm error reporting semantics are poorly defined. The library can be configured either to print errors to stderr automatically, or to print no error messages at all. In the latter case, the nature of the error cannot be determined. To overcome this, the BSD interface includes a routine, kvm_geterr(3), to return (not print out) the error message corresponding to the most recent error condition on the given descriptor.
/dev/mem