Using nm to query symbol values

Option 2 is a shot in the dark, but it doesn't take long, so let's try it anyway.

The nm command provides us with the decimal values of the symbols. We will ask nm if the address of ipcaccess +18 was stored in a symbol anywhere .

Comments are being added for educational purposes.

 Hiya...  adb -k unix.0 vmcore.0  physmem 3e15  ipcaccess+18/X   (Just making sure this is the right place)  ipcaccess+0x18:   0  .=X   (Get the address of ipcaccess+18)  fc69d458  .=D   (We need the address in decimal for nm)  -60173224  (As expected, adb gives us a negative value)   $q  Hiya...  bc   (Use bc to translate it instead)   ib=16   (Set input base to base 16, hexidecimal)  fc69d458  syntax error on line 2, teletype  (Oops! bc hates uppercase)   FC69D458   quit  Hiya...  nm unix.0  grep 4234794072   (No exact matches found)  Hiya... 

It was worth a try. However, if we had found a match, what would we have done with it? We would have to establish what the symbol does for a living, whether 0xfc69d458 is a valid value for it, and how it is used by other routines.

If, for example, it was something nice and straightforward, such as the address of a certain counter, we would then have to find out who set up the address and why. That would have presented us with yet another difficult or impossible puzzle to unravel, especially without access to the source code.