DBX CheatSheet | Own compilation…

Tags

ASCII, cheatsheet, core, crashdump, dbx, dbx command, Debugging, Solaris

To get the next 10 locations from an address X..

(dbx) x 0xa848410 /10X
 0x0a848410: 0x00920f50 0x0aa5e2d0 0x0a0ad868 0x0000081b
 0x0a848420: 0x00000015 0x3a10bfeb 0x41424346 0x46463033

 

the caps X provides the word alignment .

---

 

Understanding the layout of examine (x) command..

The examine command, examines the memory locations with the interval of 0x10 i.e decimal 16.

It presents in a matrix format, with 4 columns. Each  column is 4 bytes wide so every row is in interval of 4 * 4 i.e 16 bytes which is 0x10 in Hex.

Consider a examine as follows..

(dbx) x 0x0c2c0088 /10X
0x0c2c0088:      0x13db0570 0x00000000 0x0e92e268 0x00000000
0x0c2c0098:      0x0a398158 0x13db7920 0x00e8b0d0 0x00000000
0x0c2c00a8:      0x00000000 0x00000000

 

In the first row,

 0x0e92e268 

is in the 3rd column in first row, which is starting at address

 

 0x0c2c0088 

Applying the above matrix math, one can understand that

 

 0x0e92e268 

is in address

 0xc2c0090 

which is at 8 bytes from the starting address of the row. So if we examine what is in the location

 0xc2c0090 

we get the output as…

(dbx) x 0xC2C0090
0x0c2c0090:      0x0e92e268

---

 

To read ASCII

(dbx) x 0x0a1f91e5 /s
 0x0a1f91e5: "This is a sample text"

---

 

To read the static symbols in corefile, even in release mode binaries / core..

All static symbols can be read by DBX even if it is in the release mode.

static MyClass* theClass;

 

(dbx) x theClass
0x00f06198:      0x0c2c0088

---

 

To map the structure / class members with a memory location in corefile..

The structure / class members can be easily mapped with the examine command as follows.

Consider the following structure…

struct MyContext{
    unsigned long*             links; unsigned long* links_prev;
    unsigned long               interpLevel;
    unsigned long               stackLimit;
    /* Runtime version control identifier and equality operators. */
    unsigned long               version;
    byte                              op_eq;
    byte                              op_ne;
    /* Data shared by threads in an address space. */
    void                             *runtime;

};

and in the core, let us try too map the offsets with the structure. Consider that

 0xa533248 

is pointing to a instance of MyContext structure.

 

(dbx) x 0xa533248 /10X
0x0a533248:      0x0a532f48 0x0a533548 0x00000002 0x00000000
0x0a533258:      0x00000000 0x12130000 0x00ad6808 0x00c05408

 

which can be understood as follow.

</pre>
0x0a532f48 = pointer to links.

0x0a533548 = pointer to links_prev.

0x00000002 = interpLevel.

0x00000000 = stacklimit.

0x00000000= version.

and so on…

---

will update this post, as and when I find some more information, worthy to be shared w.r.t DBX.