I have a coredump file which is more then 4Gb. I want to find all the occurrence of an 64 bit integer. Will be helpful if you can share info on this.
Will opening coredump as a text file and searching will help ?
Thanks
sure you can, just use "find" command of gdb
http://sourceware.org/gdb/onlinedocs/gdb/Searching-Memory.html
Related
I've been studying content on the regex topic, but am having trouble understanding how to make it work! I need to build a regex to locate a particular string, potentially in multiple places throughout numerous log files. If I were keying the search expression into a text editor, it would look like this...
*Failed to Install*
Following is a typical example of a line containing the string I would like to search for (exit code # will vary)
!!! Failed to install, with exit code 1603
I would really appreciate any help on how to build the regex for this. I suspect I might need the end of line character too?
I plan on using it in a variation of the script that was provided by https://stackoverflow.com/users/3142139/m-hassan in the following thread
Use PowerShell to Quickly Search Files for Regex and Output to CSV
I'm a newbie to powershell scripts, but I'd rather spend the time to figure this out, than pour over hundreds of log files!
Thanks,
Jim
You're in luck - You only require very simple regex for this. Assuming you want to capture the error code, this will work fine:
^.*Failed to install.*(exit code \d+)$
Try it online!
If you don't care about the error code, and just want to know if it failed or not, you can honestly get away with something as simple as:
^.*Failed to install.*$
Hope this helps.
I'm beginning to feel awkwardly stupid, but I have a problem with outputting binary data to a file.
I have a file, let's say, 1000 bytes long. What I would like to do, in C++, is simply opening the file, replace ONE byte in a given position (let's say, the i-th byte), and close it.
File before operation:
AAAAAA
File after operation:
AAABAA
What is the easiest way to do so? I tried to open it with a ofstream.open, with the following modes:
ios::binary|ios::out
ios::binary|ios::app
ios::binary|ios::ate
All of these affected the actual size of the file after the operation. What should I do? I'm beginning to feel desperate.
Thank you very much and merry christmas to everybody!
Matteo
Besides binary mode, you need to open it in out and in modes. This corresponds to the fopen mode "r+b" which opens a file for reading and writing, and doesn't truncate the file if it exist (in fact, it must exist or you will fail to open the file).
References:
std::basic_filebuf::open
std::fopen
I am using Windows XP and wrote a simple bat file that goes out and downloads XML from a website then it renames the xml files so they all have a .zip extension but for some reason it won't rename the files. Here is the line of code that doesn't work using BRC32, it seems to have trouble doing a REGEXP in windows.
.\software\BRC32 /DIR: /REGEXP:.*%22(.*)%22:\1.zip /EXECUTE
File Name: download#down_stds=all&down_typ=results&cond=%22Aicardi Syndrome%22
Desired result: download#down_stds=all&down_typ=results&cond=%22Aicardi Syndrome%.zip
I am using the BRC32.exe utility that also uses the pcre.dll version 3.9 to do the REGEXP in the bat file, but for some reason I just get an error that says the file could not be renamed. Does anyone have any insight into this problem>?
Changing '%' to '%%' in the script fixed my problem
Since you don't say what BRC32' syntax is, I'd make a guess at the /REGEXP:.*%22(.*)%22:\1.zip part.
If the parser doesn't object to %22(,*)% it's likely to be resolved to [nothing].
If you really want to poke % as a parameter-character, then try doubling the %s since % escapes %.
But also, 22 look ssuspiciously like a " to me. Possibly you could replace the %22 with " - but without knowing exactly what the parameter means, it's hard to advise.
But ."(.*)"\1.zip looks very strange too...
yep. adding another % sign fixed it. damn I feel so stupid
I need to be able to only extract the filename (info.txt) from a line like:
07/01/2010 07:25p 953 info.txt
I've tried using this: /d+\s+\d+\s+\d+\s+(?.?)/, but it doesn't seem to work ...
How about
/\S+$/
I.e. the longest possible string of non-whitespace at the end of the line.
(Hard to know for sure without more info about the possible inputs.)
As #J V pointed out, filenames with spaces in them (like his username) will not be parsed properly by the above regexp. We don't know from the question whether that's possible.
But I have a suspicion that we're looking at the output of Windows DIR command, or something very similar. In that case, the most reliable approach might be just to hack off the first 39 characters and keep the rest:
/^.{39}(.+)$/
Then $1 will contain the filename.
Better option:
But if you are using Windows DIR (as per your new comment), and you can control the DIR command, try
DIR /b
which removes the unneeded cruft (assuming you don't need the date, size etc.) and gives you one filename per line.
OK, you're using a Unix dir (per newer comment). The CentOS dir I have outputs one file per line, nothing else, when you give it no command line options. Chances are very good that whichever dir you're using can be persuaded to output filenames like that... then you wouldn't have to worry about using a regex that may or may not be correct for every possible input. Try man dir or dir --help to find out what command-line options to use.
\d\d:\d\d\w\s+\d+\s+(.*?)$
$1 will be the file name
The problem with your original regex is that it forgets the special characters :, /, and (?.?) means nothing...
Assuming that the files have extension as .txt you can try.
(?<=(\s)*)\w*.txt
Why not just use the following regex:
\w+\.\w+
I have a process which gives me continuously output in Screen. I want to search CamelCase words by the following Perl's regex in the output such that I can monitor actively the outputs.
/\b([a-z]*[A-Z][a-z]*){2,}\b/
I tested in GNU/Screen and checked the source code. Both suggest that this is not possible. The search feature appears to support basic string matching only.
What I suggest is that you use the tee command to send your program's output to a file in addition to printing it. You can use Perl or grep on the file after that.
$ your_program | tee your_program_output
$ grep pattern your_program_output
Yes, capture the output and search that. gnu/screen isn't the right tool for capturing data and plenty of things can go wrong with this. But obviously you can still run it inside a screen session.
if you have already run the program inside screen without tee and prefer not to run it again, assuming your scrollback buffer is large enough, you can copy the entire scrollback buffer to a file and then search with your favorite method.