I'm writing a WinDbg script to write some physical memory, running it in kernel debug mode, using the !ed command.
!ed is working fine when I run it manually with given values e.g. !ed 9182f084 8
I'd now like to run this in a script where the value to write comes from a pseudo-register. But the following does not work:
r $t0=8
!ed 9182f084 #$t0
I can't quite figure out what value it is writing in this case, but it is demonstrably not the integer value 8 that I am hoping for.
Thanks for any hints!
Doesn't work for me either. It looks like the !ed command is parsing the arguments incorrectly. You can specify something entirely invalid and it just silently ignores the command. For example, I don't even get an error with this:
kd> !ed 4318b20 XYZ
Aside from writing your own version of !ed, the only way I can think to get around it is to use an alias:
kd> r #$t0 = 8
kd> as /x ${/v:t0Val} #$t0
kd> !ed 4318b20 ${t0Val}
kd> !dd 4318b20 L1
# 4318b20 00000008
Pretty ridiculous way to specify "8", but it works if you're trying to put this into a script.
Related
When I run sudo bpftool prog show I get the following output
39: socket_filter name bpfprog1 tag e29cda32ba011d7f gpl
loaded_at 2019-09-08T14:21:57+0200 uid 1000
xlated 248B jited 169B memlock 4096B map_ids 30
but If I try to get the program jitted output with the following command
sudo bpftool prog dump jited tag e29cda32ba011d7f
I get an error message, as reported below:
Error: can't get prog info (3): Bad address
QUESTION: what am I doing wrong? XD
You most certainly use a bpftool version compiled from Linux 4.20 or older, and hit a bug that was fixed in version 5.0. Update bpftool, and dumping programs by tags should work again.
As a side note, I usually use program IDs or pinned path, as I find it more useful to retrieve the program I want. Depending on your use case, tags might make sense, especially if you often load the same programs without changes (so you would be sure to keep the same tags) and do not have them pinned.
I have an exe program I'm running on Windows 10 using PowerShell. When I run it, I get the following output.
> .\Program.exe
Unlocked level 7/10
When trying to redirect all output or just stdout to a file, the program stops giving output. For example
PS > .\Program.exe > .\out.txt
PS > cat .\out.txt
PS >
I did not write the program but what I know is that it was written in C++.
Is there any trick to get the output into a file? I tried running in python and writing output to a file, running in python without fetching the output and redirecting, running from another powershell, and lots of other combinations but they don't seem to be working. Also, when running from Git Bash, I get no output at all.
I was thinking about some checks on the descriptors but I'm not sure since I don't have the source code, only the asm code
It looks like Program.exe is actually generating an error, and not output, first commenter is trying to get you to see that, but not really explaining that part...
(NOTE: You aren't actually using any powershell besides an implied "Invoke-Expression")I think you might be dealing with STDERR vs. STDOUT, when I invoke reg.exe in that fashion from powershell I get no output to the text file. This is because the text I was seeing was an error message ( Contents of STDERR ) from reg.exe, not the output ( contents of STDOUT ) from the command. When I passed proper parameters to it ( reg query HKLM\Software\Microsoft > C:\Users\foo\Documents\foo.txt) it wrote the Contents of STDOUT to the text file instead of the screen.
Here is an article that explains it better than I just did:
https://support.microsoft.com/en-us/help/110930/redirecting-error-messages-from-command-prompt-stderr-stdout
I compiled some Matlab code on Centos 5.
I try to run it like this:
run_cnaseq006.sh /projects/rcorbettprj2/mutationSeq/MCR/v714/ "/home/rcorbett/slx_service_rc/etc/cnv_test_data/CNV_test/config.m"
------------------------------------------
Setting up environment variables
---
LD_LIBRARY_PATH is .:/projects/rcorbettprj2/mutationSeq/MCR/v714//runtime/glnxa64:/projects/rcorbettprj2/mutationSeq/MCR/v714//bin/glnxa64:/projects/rcorbettprj2/mutationSeq/MCR/v714//sys/os/glnxa64:/projects/rcorbettprj2/mutationSeq/MCR/v714//sys/java/jre/glnxa64/jre/lib/amd64/native_threads:/projects/rcorbettprj2/mutationSeq/MCR/v714//sys/java/jre/glnxa64/jre/lib/amd64/server:/projects/rcorbettprj2/mutationSeq/MCR/v714//sys/java/jre/glnxa64/jre/lib/amd64/client:/projects/rcorbettprj2/mutationSeq/MCR/v714//sys/java/jre/glnxa64/jre/lib/amd64
??? Error using ==> run at 65
/home/rcorbett/slx_service_rc/etc/cnv_test_data/CNV_test/config.m not found.
However, I can easily see that the file does exist:
ll /home/rcorbett/slx_service_rc/etc/cnv_test_data/CNV_test/config.m
-rw-r--r-- 1 rcorbett users 3 Aug 13 09:10 /home/rcorbett/slx_service_rc/etc/cnv_test_data/CNV_test/config.m
I tried different quotes, and no quotes, but I can't figure out why it won't execute the file. The Code works fine as uncompiled matlab code, so something funny is happening after compilation that affects the ability to identify the file.
EDIT: run_cnaseq006.sh is the auto generated shell script for running my compiled code. It is about 40 lines, so doesn't copy well into here. However, I can say it is just a wrapper to make sure all the libraries are loaded when I run my compiled code. All the compiled code I have get pretty much the exact shell script wrapper.
I was pointed to this link:
http://blogs.mathworks.com/loren/2008/08/11/path-management-in-deployed-applications/
The "run" command uses path management functions like "cd". According to the above article such activities are unsupported in compiled applications, and can create unpredictable results.
I resigned to using an alternate approach to define my runtime variables by reading the file with getline and using "eval" to load my variables into memory.
I have a Perl program written by someone else. When I run it, it silently exits without writing anything to the logfile. Is there a way I can run this Perl program step by step, line by line by the interpreter and thus get to see where it terminates?
Yes, there is the Perl debugger which you can invoke with perl -d.
Documentation can be found in perldoc perldebug and perldoc perldebtut.
Probably the most useful commands would be:
s - step into current line.
n - step over current line.
r - step out of current function.
p <expr> - print the expression.
b <line|subnm> - sets a breakpoint
T - produce a stack trace.
c [<line|subnm>] - continue running with optional one-time breakpoint.
h - help (for other commands).
Hachi has the answer. Use the Perl debugger by running perl with the -d flag. For information on how to use the debugger past starting it, see the Perl Debugging Tutorial.
There is a Perl module called "ptkdb" which is a standalone Perl interactive debugger. It works using the Tcl/Tk GUI, so you'll need that, too.
Depending on your OS you'll need to add some required modules.
Invoke it using
perl -d:ptkdb <your script>
If running some Unix/Linux system, you also need an X server.
There are two ways. The first is the one which Hachi and llioin already gave which is using the command-line switch "-d".
Or use an IDE. I am tried and used Komodo IDE which works like charm.
While working with Valgrind tool, i need to log the details produced by valgrind tool. How can I accomplish that? I tried something like,
valgrind a.out | test
and
valgrind a.out > test
It gave just the program's output and not the valgrind memory error,leak information. Even i am getting like this if the program requires no user interaction (i.e. giving input). If the program need user input even that thing itself won't work.
How can I do this?
valgrind --log-file="filename"
By default, Valgrind writes its output to stderr. So you need to do something like:
valgrind a.out > log.txt 2>&1
Alternatively, you can tell Valgrind to write somewhere else; see http://valgrind.org/docs/manual/manual-core.html#manual-core.comment (but I've never tried this).
You can also set the options --log-fd if you just want to read your logs with a less.
For example :
valgrind --log-fd=1 ls | less
In addition to the other answers (particularly by Lekakis), some string replacements can also be used in the option --log-file= as elaborated in the Valgrind's user manual.
Four replacements were available at the time of writing:
%p: Prints the current process ID
valgrind --log-file="myFile-%p.dat" <application-name>
%n: Prints file sequence number unique for the current process
valgrind --log-file="myFile-%p-%n.dat" <application-name>
%q{ENV}: Prints contents of the environment variable ENV
valgrind --log-file="myFile-%q{HOME}.dat" <application-name>
%%: Prints %
valgrind --log-file="myFile-%%.dat" <application-name>