Go to the previous, next section.

The Debugger

This chapter documents the debugging facilities.

These debugging tools were developed initially to aid in development of the kernel and it's modules, but can be applied to virtual machines. The tools available basically only allow the display of memory, code and various processor structures.

The commands defined by the debug module are:

1. x - Print the contents of a kernel logical address.

2. poke - Set the value of a double-word at a kernel logical address.

3. dis - Disassemble a region of memory, with options for 16-bit code and regions within the user-space.

4. dgdt - Show the contents of a selector entry.

5. dtss - Show the contents of a TSS.

6. dr - Set the value of the i386 debugging registers.

7. d - Dump, in hexadecimal and ASCII format, a region of memory.

8. strsrch - Search a region of memory for a specified ASCII string.

• x
• poke
• dis
• dgdt
• dtss
• dr
• d
• strsrch

x

x addr ...

Displays the value at kernel logical address ADDR. The display is in the following formats:

1. unsigned long word, hexadecimal

2. unsigned short word, hexadecimal

3. unsigned character byte, hexadecimal

4. unsigned character byte, ASCII character

If more than one address is specified, the contents of each address will be displayed. No checks are done on the addresses to verify their validity.

poke

poke addr value

Sets the double-word at address ADDR to the value VALUE. No checks are performed on the address or the value to verify their validity.

dis

dis [-user] [-16] [-pid pid] [start] [length]

Disassembles the specified block of memory, or continues disassembly after the previous block of memory.

Available options are as follows:

-user

Specifies that the address is in the user area of memory, not the kernel area.

-16

Specifies that the memory region should be disassembled as 16-bit (real-mode) code, rather than 32-bit (protected-mode) code.

-pid pid

Uses the memory region of the process specified by the process ID in pid.

No checks are performed to check that the memory region is valid.

dgdt

dgdt entry

Displays the contents of the specified selector, where entry >= 0. The information is presented in a textual manner, and to ensure consistency of the data, interrupts are temporarily disables while the selector is being accessed.

No checks are performed to validate the specified value.

dtss

dtss addr

Displays the data at the kernel logical address specified in addr in the format of a Task State Segment (TSS).

No checks are performed to validate the specified address.

dr

dr n addr w|rw|x 1|2|4

Sets the i386 debug register n to the linear address specified by addr, with the flags given.

Available flags:

w

Sets the debug mode to "write" accesses.

rw

Sets the debug mode to "read or write" accesses.

x

Sets the debug mode to "execution" accesses.

The numeric flags specify the size of the access in bytes.

d

d [-u] [-p pid] [start] [length]

Dumps, in a tabular format, a memory region in both hexadecimal and ASCII format. If no address is specified, display continues after the last displayed block. Similarly, if no length is specified, the last specified length is used (defaulting to 128 bytes, which gives 8 lines of display).

Options:

-u

Specifies that the address is in the user area.

-p pid

Uses the memory region of the process specified by the process ID in pid.

Checks are performed to ensure that the entire region of memory that would be displayed are mapped into memory, reporting failure if they are not.

strsrch

strsrch [-c] [-u] [-p pid] [start] [count] [string]

Searches a memory region for all occurrences of an ASCII string. If no address is specified, display continues after the last displayed block. Similarly, if no length is specified, the last specified length is used. Also, if no string is specified, the last string is used.

Options:

-c

When specified, a check will be made for every string-compare that it is entirely mapped, rather than for the entire region of memory. This enables a scan of larger, perhaps fragmented areas of memory. If not specified, a message reporting failure is issued indicating that the memory region is not entirely mapped.

-u

Specifies that the address is in the user area.

-p pid

Uses the memory region of the process specified by the process ID in pid.

Go to the previous, next section.