Hi,
I have composed a document of KDB basic test cases.
I also attachment the source code of all tools required by these
test cases.
Please take a look.
Thank you.
*************************************
Sonic Zhang
Software Engineer
Intel China Software Lab
Tel: 021-52574545-1667
iNet: 8-752-1667
*************************************
kdbtesttools.tar.gz
Description: Binary data
****************************************************************************
* KDB basic test cases
*
* version 0.1
*
* Sonic Zhang ([EMAIL PROTECTED])
*
* 01/14/2002
*
****************************************************************************
-----------------------------------------------------------------------------
Case 001:
KDB comes up at kernel boot with "kdb=early"
Steps:
1. Add append="kdb=early" in the lilo.conf
2. Reboot the OS.
Expected Result:
Enter KDB when kernel starts up.
-----------------------------------------------------------------------------
Case 002:
Enable/disable KDB by "/proc/sys/kernel/kdb"
Steps:
1. echo "1|0" > /proc/sys/kernel/kdb'
2. Keydown "Pause" after echo the parameter.
Expected Result:
Enter KDB after echo "1", no response after echo "0".
-----------------------------------------------------------------------------
Case 003:
Operate in KDB via serial console port
Steps:
1. Add 'serial = 0,9600n8' in file /etc/lilo.conf
2. Add 'append="console=ttyS0,9600"' in file /etc/lilo.conf
3. Add 'S1:23:respawn:/sbin/getty -L ttyS1 9600 vt100' in file /etc/inittab
4. Connect the serial port to the other computer via a serial cable.
5. Run a terminate tool on the other computer and start the connection.
6. reboot the computer with KDB
7. Enter KDB by "Ctrl-A" on the console of the terminate tool.
8. Run some KDB commands.
Expected Result:
Enter KDB successfully via the serial port.
Can run KDB commands via the serial port.
Correct results will be displayed.
-----------------------------------------------------------------------------
Case 004:
KDB comes up through Keyboard.
Steps:
1. Activate KDB.
2. Keydown "Pause".
3. Run command "go" to return to console.
Expected Result:
Enter KDB, return to console after exiting KDB.
-----------------------------------------------------------------------------
Case 005:
KDB comes up before kernel panic.
Steps:
1. Compile test module crash.c.
2. Activate KDB.
3. Insert "crash.o" module into the kernel, which brings the OS into panic.
4. Run command "go" to return to kernel panic.
Expected Result:
Enter KDB, return to kernel panic after exiting KDB.
-----------------------------------------------------------------------------
Case 006:
KDB comes up before kernel dump.
Steps:
1. Turn on/off the Dump option (in the /etc/sysconfig/vmdump).
2. Compile test module "crash.c".
3. Activate KDB.
4. Insert "crash.o" module into the kernel, which will cause kernel dump.
5. Run command "go" to return to kernel dump.
Expected Result:
Enter KDB before kernel dump, then return to kernel dump after exiting KDB.
-----------------------------------------------------------------------------
Case 001:
Command display breakpoint (bl)
Steps: (Sample)
1. bp printk
2. bph sched
3. bl
Expected Result:
Show all breakpoints.
-----------------------------------------------------------------------------
Case 001:
Command enable breakpoint (be)
Steps: (Sample)
1. bp printk
2. bd 0
3. bl
4. be 0
5. bl
6. bd *
7. bl
8. be *
9. bl
Expected Result:
The specified breakpoint is activated.
-----------------------------------------------------------------------------
Case 001:
Command disable breakpoint (bd)
Steps: (Sample)
1. bp printk
2. be 0
3. bl
4. bd 0
5. bl
6. be *
7. bl
8. bd *
9. bl
Expected Result:
The specified breakpoint is deactivated.
-----------------------------------------------------------------------------
Case 001:
Command clear breakpoint (bc)
Steps: (Sample)
1. bp printk
2. bp sched
3. bl
4. bc 0
5. bl
6. bp printk
7. bl
8. bc *
9. bl
Expected Result:
Remove specified breakpoints.
-----------------------------------------------------------------------------
Case 001:
Command set or display breakpoint (bp)
Steps:
(Sample 1)
1. Enter KDB mode.
2. bp[h][a] printk[+0x20]
3. go
4. insmod testkdb.o
(Sample 2)
1. Enter KDB mode
2. bph[a] testkdbbph (datar|dataw|io) [4|2|1]
3. go
4. rmmod testkdb
Expected Result:
If instruction pointer equals the break point address or
this address is read or written, system traps into KDB.
-----------------------------------------------------------------------------
Case 001:
Command set or display global breakpoint (bpa)
Refer to command bp.
-----------------------------------------------------------------------------
Case 001:
Command set or display hardware breakpoint (bph)
Refer to command bp.
-----------------------------------------------------------------------------
Case 001:
Command set or display global hardware breakpoint (bpha)
Refer to command bp.
-----------------------------------------------------------------------------
Case 001:
Command stack back trace (bt)
Steps: (Sample)
1. Compile test module "testkdb.c".
2. Insert test module "testkdb.o" into the kernel.
3. Enter the KDB and set a breakpoint at function f3().
kdb> id f3
0xd085b060 f3mov 0xd085b21c,%eax
0xd085b065 f3+0x5push %ebp
0xd085b066 f3+0x6test %eax,%eax
0xd085b068 f3+0x8mov %esp,%ebp
0xd085b06a f3+0xajle
0xd085b07c f3+0x1c
0xd085b06c f3+0xcdec %eax
0xd085b06d f3+0xdmov %eax,0xd085b21c
0xd085b072 f3+0x12call 0xd085b060 f3
0xd085b077 f3+0x17jmp 0xd085b07f f3+0x1f
0xd085b079 f3+0x19lea 0x0(%esi),%esi
0xd085b07c f3+0x1cnop
0xd085b07d f3+0x1dnop
0xd085b07e f3+0x1enop
0xd085b07f f3+0x1fxor %eax,%eax
0xd085b081 f3+0x21pop %ebp
0xd085b082 f3+0x22ret
kdb> bp 0xd085b07e
Instruction(i) BP #1 at 0xd085b07e ([testkdb]f3+0x1e) is enabled globally adjust 1
kdb> go
4. Remove the module from the kernel. That will result in a breakpoint.
5. Now we can test the bt command.
Entering KDB (current=0xc6b14000, pid 1342) due to Breakpoint @ 0xd085b07d
kdb> bt %esp
Expected Result:
Display call stack detail information.
-----------------------------------------------------------------------------
Case 001:
Command stack backtrace for process (btp)
Steps: (Sample)
kdb> ps
Task Addr Pid Parent [*] cpu State Thread Command
0xc14fe000 00000001 00000000 0 000 stop 0xc14fe260 init
0xc14f0000 00000002 00000001 0 000 stop 0xc14f0260 keventd
0xc14ec000 00000003 00000001 0 000 stop 0xc14ec260 kapm-idled
...
kdb> btp 1
Expected Result:
Display call stack detail information of a specified process.
-----------------------------------------------------------------------------
Case 001:
Command stack backtrace for all processes (bta)
Steps: (Sample)
kdb> ps
Task Addr Pid Parent [*] cpu State Thread Command
0xc14fe000 00000001 00000000 0 000 stop 0xc14fe260 init
0xc14f0000 00000002 00000001 0 000 stop 0xc14f0260 keventd
0xc14ec000 00000003 00000001 0 000 stop 0xc14ec260 kapm-idled
...
kdb> bta
Expected Result:
Display call stack detail information of all processes.
-----------------------------------------------------------------------------
Case 001:
Command display and switch CPUs (cpu)
Steps: (Sample)
1. Enter KDB
2. cpu
3. cpu 1
4. go
5. Enter KDB again
6. cpu
7. cpu 0
8. go
9. Enter KDB again
10. cpu
11. cpu 123 (123 is a invalid CPU ID)
12. cpu
Expected Result:
List all available CPUs with no parameters or switch to the specified CPU.
If the given CPU id is invalid, show error information.
-----------------------------------------------------------------------------
Case 001:
Command display system message (dmesg)
Steps: (Sample)
1. dmesg
2. dmesg 5
Expected Result:
Display last set of system message from the kernel buffer.
If lines is specified, only dump the last lines.
-----------------------------------------------------------------------------
Case 001:
Command define system message (defcmd)
Steps: (Sample)
1. defcmd diag "" "Standard diagnostics"
2. set LINES 200
3. cpu
4. ps
5. dmesg
6. endefcmd
7. diag
Expected Result:
Defines a new command as a set of other commands.
All input until endefcmd is saved and executed as a new command.
-----------------------------------------------------------------------------
Case 001:
Command print exception frame (ef)
Steps: (Sample)
1. Here we choose the divide_zero exception as an example.
2. After enter the KDB, add breakpoint at do_divide_error.
kdb> bp do_divide_error
kdb> go
3. Run the program "dividezero", which traps into a divide_zero exception.
4. The system enters KDB again and stop at the breakpoint.
5. we dump the stack, the first dword is the return address, the second
one is the exception frame address.
kdb> rd
eax = 0xffffffff ebx = 0xce044000 ecx = 0x0000002b edx = 0x00000018
esi = 0x00000000 edi = 0xc0109890 esp = 0xce045fb8 eip = 0xc0109890
...
kdb> md %esp
0xce045fb8 c01092a8 ce045fc4 00000000 401519e4 ��..��?_.?....?..@
0xce045fd8 bffffa38 00000001 bfff002b 0000002b 8��??....+. ?+...?
0xce045fe8 ffffffff 0804844e 00000023 00010292 N...#.......
...
kdb> ef 0xce045fc4
eax = 0x00000001 ebx = 0x401519e4 ecx = 0xbffffa30 edx = 0x00000000
esi = 0x40016b64 edi = 0xbffffaac esp = 0xbffffa2c eip = 0x0804844e
ebp = 0xbffffa38 xss = 0x0000002b xcs = 0x00000023 eflags = 0x00010292
xds = 0xbfff002b xes = 0x0000002b origeax = 0xffffffff ®s = 0xce045fc4
Expected Result:
Print exception frame on the screen, after trap into an exceptioin.
-----------------------------------------------------------------------------
Case 001:
Command show environment (env)
Steps: (Sample)
1. env
Expected Result:
Show environment parameters on the screen.
-----------------------------------------------------------------------------
Case 001:
Command restart execution (go)
Steps: (Sample)
1. bp printk
2. go
Expected Result:
Restart execution.
-----------------------------------------------------------------------------
Case 001:
Command help (help/?)
Steps: (Sample)
1. help
2. ?
Expected Result:
Display help message.
-----------------------------------------------------------------------------
Case 001:
Command disassemble instructions (id)
Steps: (Sample)
id printk
Expected Result:
Disassemble instructions from specified address.
-----------------------------------------------------------------------------
Case 001:
Command follow linked lists (ll)
Steps: (Sample)
In the "testkdb.o" module, we define a simple link list type myownlisttype
and use it to test the ll command.
1. Insert test module "testkdb.o" into the kernel.
2. Enter KDB.
3. ll myownlist 516 md
Number 516 is the offset of pointer pnext in struct myownlisttype.
Expected Result:
Display all items in a linked list in memory.
-----------------------------------------------------------------------------
Case 001:
Command list loaded modules (lsmod)
Steps: (Sample)
lsmod
Expected Result:
Display information of all loaded modules.
-----------------------------------------------------------------------------
Case 001:
Command display memory contents (md)
Steps: (Sample)
Insmod test module "testkdb.o" into the kernel.
Entering KDB.
kdb> sections
testkdb .text 0xd085b060 0xd085b1a4 0x6
.rodata 0xd085b1a4 0xd085b208 0x2
.data0xd085b208 0xd085b220 0x3
.bss 0xd085b320 0xd085bb48 0x3
.this 0xd085b000 0xd085b060 0x3
.kstrtab 0xd085b220 0xd085b301 0x3
......
kdb> md[2c5] .rodata [4]
kdb> md[2c5] 0xd085b1a4
kdb> md[2c5] .rodata+8
kdb> md[2c5] %eax
kdb> set DATAHEAD=0xd085b1a4
kdb> md[2c5] %DATAHEAD
kdb> md[2c5]
Expected Result:
Display content of memory from specified address.
-----------------------------------------------------------------------------
Case 001:
Command display memory contents with width and count (mdWcN)
Refer to command md
-----------------------------------------------------------------------------
Case 001:
Command display raw memory contents (mdr)
Insmod test module "testkdb.o" into the kernel.
Entering KDB.
Steps: (Sample)
kdb> sections
testkdb .text 0xd085b060 0xd085b1a4 0x6
.rodata 0xd085b1a4 0xd085b208 0x2
.data0xd085b208 0xd085b220 0x3
.bss 0xd085b320 0xd085bb48 0x3
.this 0xd085b000 0xd085b060 0x3
.kstrtab 0xd085b220 0xd085b301 0x3
......
kdb> mdr .rodata 4
54686973
Expected Result:
Display the raw contents of memory from specified address
for specified number of bytes.
-----------------------------------------------------------------------------
Case 001:
Command display memory contents symbolically (mds)
Refer to command md
Steps: (Sample)
Insmod test module "testkdb.o" into the kernel.
Entering KDB.
kdb> mds testkdbmsg
0xd0879218 d08791da [testkdb].rodata+0x36
testkdb .rodata 0xd08791a4
0xd08791a4 0xd0879208
0xd087921c 00000000
....
0xd0879220 74736574 test
0xd0879224 0062646b kdb.
Expected Result:
Display the contents of memory. One word per line and relate each word
with a symbol in the symbol table.
-----------------------------------------------------------------------------
Case 001:
Command modify memory contents, words (mm)
Steps: (Sample)
Insmod test module "testkdb.o" into the kernel.
Entering KDB.
kdb> md testkdbmsg
0xd0879218 d08791da 00000000 74736574 0062646b ��..D....testkdb.
0xd0879228 6e695f5f 646f6d73 7365745f 62646b74 __insmod_testkdb
...
kdb> md 0xd08791da
0xd08791d8 68740065 69207369 68742073 736d2065 e.this is the ms
0xd08791e8 21212167 0a732500 00732500 73696854 g!!!.%s..%s.This
0xd08791f8 20736920 20656874 6e617262 000a6863 is the branch..
...
kdb> mm 0xd08791da 0x53494854
0xd08791da = 0x53494854
kdb> mm 0xd08791da+4 0x20534920
0xd08791de = 0x20534920
kdb> mm 0xd08791da+8 0x20454854
0xd08791e2 = 0x20454854
kdb> mmW 0xd08791da+12 0x534D
0xd08791e6 = 0x534d
kdb> mmW 0xd08791da+14 0x2147
0xd08791e8 = 0x2147
When removing the module, you will see the output msg
"THIS IS THE MSG!!!" instead of "this is the msg!!!"
Expected Result:
The content of the specified memory is replaced with a new value.
-----------------------------------------------------------------------------
Case 001:
Command modify memory contents of a given width (mmW)
Refer the command mm
-----------------------------------------------------------------------------
Case 001:
Command display process status (ps)
Steps: (Sample)
ps
Expected Result:
Display all processes.
-----------------------------------------------------------------------------
Case 001:
Command reboot the machine (reboot)
Steps: (Sample)
reboot
Expected Result:
Computer restarts.
-----------------------------------------------------------------------------
Case 001:
Command display register contents (rd)
Steps: (Sample)
1. rd (entry point)
eax = 0xffffffff ebx = 0xce044000 ecx = 0x0000002b edx = 0x00000018
esi = 0x00000000 edi = 0xc0109890 esp = 0xce045fb8 eip = 0xc0109890
2. rd c (entry point)
3. rd d (entry point)
4. rd u (last time the current task enter the kernel)
Expected Result:
Show all register contents on screen.
-----------------------------------------------------------------------------
Case 001:
Command modify register contents (rm)
Steps: (Sample)
1. rm %eax 0
2. rd
3. rm %esi 0x23459123
4. rd
5. rm %dr0 0x23459123
6. rd d
7. rm %%eax 20
8. rd u
9. rd
Expected Result:
The content of the specified register is replaced with a new value.
-----------------------------------------------------------------------------
Case 001:
Command remove module (rmmod)
Steps: (Sample)
1. Insert test module "testkdb.o" into the kernel.
2. Enter KDB.
3. rmmod testkdb
4. go
5. lsmod
Expected Result:
A module is unloaded.
-----------------------------------------------------------------------------
Case 001:
Command list sections (sections)
Steps: (Sample)
sections
Expected Result:
List information for all known sections.
The output is one line per module, starting with the module name.
-----------------------------------------------------------------------------
Case 001:
Command add/change environment variable (set)
Steps: (Sample)
1. set LINES=20
2. env
Expected Result:
New value is set into a environment parameter.
-----------------------------------------------------------------------------
Case 001:
Command invoke SysReq command (sr)
Steps: (Sample)
1. echo "1" > /proc/sys/kernel/sysrq
2. sr p
SysRq: Show Regs
EIP: 0010:[<c0107266>] CPU: 0 EFLAGS: 00000246
EAX: 00000000 EBX: c0107240 ECX: ceb40000 EDX: 00000032
ESI: c0304000 EDI: c0304000 EBP: c0305fd4 DS: 0018 ES: 0018
CR0: 8005003b CR2: 080d4a0c CR3: 0eb7b000 CR4: 000006d0
Call Trace: [<c01072f2>] [<c0105000>] [<c0100191>]
Expected Result:
Execute the specified command correctly.
-----------------------------------------------------------------------------
Case 001:
Command single step CPU (ss)
Steps: (Sample)
1. Enter KDB
2. bp printk
3. go
4. Insert test module "testkdb.o" into the kernel.
5. Execute ss command for 10 times.
Expected Result:
Execute a single instruction and enter KDB again.
-----------------------------------------------------------------------------
Case 001:
Command single step CPU until branch (ssb)
Steps: (Sample)
1. Enter KDB
2. bp printk
3. go
4. Insert test module "testkdb.o" into the kernel.
5. Execute ssb command for 10 times.
Expected Result:
Execute instructions from current instruction pointer to the first branch
instruction and enter KDB again.
-----------------------------------------------------------------------------
Case 001:
Catch invalid address/reference commands correctly.
Steops:
For example, test the ef command with a non-suitable.
kdb> md 00x00000000
kdb: Bad user address
0x0kdb> ef 0
eax = Unable to handle kernel NULL pointer dereference at virtual address 0000002c
printing
eip:c020d99c
pgd entry ceb7b000: 0000000000000000
pmd entry ceb7b000: 0000000000000000...
pmd not present!
kdb: Debugger re-entered on cpu 0, new reason = 5
Attempting to abort command and recover
Expected Result:
If a KDB command breaks and KDB has enough of a recovery environment,
KDB should abort the command and drop back into KDB environment.
-----------------------------------------------------------------------------
