As you no doubt recall, you will usually provide two input files to adb : the object file, which contains the code and the symbol table or namelist ; and the core file, which contains the actual contents of memory. Since you may need to look at both of these, there are two separate display commands, one for each file. The general format for using either of these is the same. address, count command formatting_information You must provide some starting location, the address, when displaying anything. The count specifies how many times the display should be done. It's not always used; if you don't specify anything, adb runs the command only once. The command is a single character that tells adb where to find the data at the particular address you specified. The formatting information specifies how much you want to display and how it should be displayed. Now, let's look at each of these in more detail. Addressingadb will allow some different types of addresses that tell it where to go to begin the command. In general, you may have:
Binary operatorsYou can perform arithmetic as you might expect when using symbol names and numeric addresses. adb offers several binary arithmetic operators that you can use when making expressions that will translate to an address or other numeric value. They include:
Aside from + and -, these operators are not commonly seen as part of expressions used to represent address values; however, they are all legal. You are more likely to encounter them inside macros. What you normally will use is a constant address, or a symbol name, with perhaps an offset forward or back. Unary operatorsThere are five unary operators. They are:
Of these operators, two appear consistently in macros. These are * , which indicates a pointer, and # . Let's talk about each of these in detail. PointersTwo unary operators act as pointers. Of these, the * is used the most often. Let's see an example of how it works. The kernel variable panicstr contains a pointer to the string that was printed when the system panic'ed. To look at the string, you can perform two commands. Hiya... adb -k vmunix.3 vmcore.3 physmem 3f98 panicstr/X panicstr: 0xf015f7a8 0xf015f7a8/s 0xf015f7a8: zero Or, you can use the asterisk to indicate that this is a pointer. *panicstr/s 0xf015f7a8: zero This command uses, not the value in panicstr , but what it points to, as the address of the string we want to display. We will be using the * unary operator quite often throughout system crash dump analysis. Logical negationAnother unary operator worth discussing in detail is the # sign, also known as a hash symbol, tic-tac-toe, or a pound sign, depending on the country you live in. The # acts just like the exclamation point, ! , in C programs. If the number it precedes is zero, then the result is one. If the number is non-zero , then the result is zero. This is known as logical negation. The result is either true, 1, or false, 0, and it's the opposite of the expression that follows . We will put the # unary operator to good use when we move to the topic of macros later on. CountsThe repeat count, which adb assumes is 1 if you don't say otherwise , is the number of times adb will execute the display command. Normally, this is some small number, although any expression can be used here. The clever adb user will note that if the count turns out to be zero, adb will not perform the command at all. We will see how this can used to our advantage later on when we discuss adb macros. CommandsThere are two one-character data display commands, one for each possible file on the adb command line. They are:
Let's cover each of these in detail. The ? display commandThe ? command is most often used for displaying instructions, but sometimes you may want to look at data. The data in the executable object file is the value that a variable is set to when the program (or the kernel) initially is loaded into memory. An example C program code statement, such as: int pencils = 100; means that the variable pencils has an initial value of 100 when the program starts. This means you can look for pencils in the object file and expect to see 100 as the original value. On the other hand, a statement like: char messages[4096]; just tells the compiler that you will want 4096 bytes worth of memory reserved for later use and to call that area of memory messages . This is known as "bss" ( b lock s tarted by s ymbol) space and just results in a notation in the object file that you will need an extra 4 kilobytes when you start up the program. Looking for messages with the ? command will probably result in an error message such as "data address not found." The / display commandThe / command gives you the actual value of the variable when the machine or the program stopped , as stored in the core file. Note that you may find a name or a variable in both files. This is not unusual. It just means that the variable had an initial value that may have changed during execution, so the start value shows up in one place and the current value in another. In some BSD-based kernels , executable code will appear only in the vmunix. X file, which must be examined with the ? command. However, the loadable drivers will appear in the vmcore. X file, since they are put into kernel data space while the system is running. With Solaris 2 SVR4-based kernels, most of the code is dynamically loaded, so normally you use the / command when looking at both code and data. FormatsReviewing the general adb command syntax, we see that the formatting information comes next. address, count command formatting_information As you might expect, there are a lot of format commands. Some of these deal with displaying different sizes of data in various formats, whereas others deal with methods of formatting the output. Let's first talk about the format commands used to display data. Format display commands are all single-letter commands. With the data display commands, generally a lowercase letter indicates a "short" or simple value, and uppercase is used for "long" or more sophisticated displays. Let's go some of through them.
Each of these format display commands will print one value. You can put several of these format commands together in any combination. You can also use a counter with any of them, which tells adb to repeat that particular format a certain number of times. Thus, if you put XXX in the format, it will print three long values in hex. 3X will do exactly the same thing. Formatting the outputadb also offers a few format display commands that are not used to print out data but are used to make the display more readable and useful. For example, you can print headings, move to a new line, or skip over data you're not interested in printing. The format display commands, shown below, are primarily used in macros.
These commands are used most often inside macro files, but you can certainly type them yourself. Play around with these in your own commands if you'd like, and see what they do to your output. |