from: http://www.linuxdevices.com/articles/AT3761062961.html
by Hariprasad Nellitheertha (Nov. 7, 2003)
KDB commands
KDB
is a very powerful tool that allows several operations such as memory
and register modification, applying breakpoints, and stack tracing.
Based on these, the KDB commands can be classified into several
categories. Here are details on the most commonly used commands in each
of these categories.
Memory display and modification
The most often-used commands in this category are md, mdr, mm, and mmW.
The md command takes an address/symbol and a line count and displays memory starting at the address for line-count number of lines. If line-count is not specified, the defaults as specified by the environment variables are used. If an address is not specified, md
continues from the last address that was printed. The address is
printed at the beginning, and the character conversion is printed at
the end.
The mdr command takes an address/symbol and a byte count and displays the raw contents of memory starting at the specified address for byte-count number of bytes. It is essentially the same as md, but it does not display the starting address and the character conversion at the end. The mdr command is of very little use.
The mm
command modifies memory contents. It takes an address/symbol and new
contents as parameters and replaces the contents at the address with new-contents.
The mmW command changes W bytes starting at the address. Note that mm changes a machine word.
Examples
To display 15 lines of memory starting at 0xc000000:
[0]kdb> md 0xc000000 15 To change the contents of memory location 0xc000000 to 0x10:
[0]kdb> mm 0xc000000 0x10
Register display and modification
The commands in this category are rd, rm, and ef.
The rd command (without any arguments) displays the contents of the processor registers. It optionally takes three arguments. If the c argument is passed, rd displays the processor's control registers; with the d argument, it displays the debug registers; and with the u argument, the register set of the current task, the last time they entered the kernel, are displayed.
The rm command modifies the contents of a register. It takes a register name and new-contents as arguments and modifies the register with new-contents. The register names depend on the specific architecture. Currently, the control registers cannot be modified.
The ef command takes an address as an argument and displays an exception frame at the specified address.
Examples
To display the general register set:
[0]kdb> rd To set the contents of register ebx to 0x25:
[0]kdb> rm %ebx 0x25
Breakpoints
The commonly used breakpoint commands are bp, bc, bd, be, and bl.
The bp
command takes an address/symbol as an argument and applies a breakpoint
at the address. Execution is stopped and control is given to KDB when
this breakpoint is hit. There are a couple of variations of this
command that could be useful. The bpa command applies the breakpoint on all processors in an SMP system. The bph command forces the use of a hardware register on systems that support it. The bpha command is similar to the bpa command except that it forces the use of a hardware register.
The bd
command disables a particular breakpoint. It takes in a breakpoint
number as an argument. This command does not remove the breakpoint from
the breakpoint table but just disables it. The breakpoint numbers start
from 0 and are allocated to breakpoints in the order of availability.
The be command enables a breakpoint. The argument to this command is also the breakpoint number.
The bl command lists the current set of breakpoints. It includes both the enabled and the disabled breakpoints.
The bc
command removes a breakpoint from the breakpoint table. It takes either
a specific breakpoint number as an argument or it takes *, in which case it will remove all breakpoints.
Examples
To set up a breakpoint at the function sys_write():
[0]kdb> bp sys_write To list all the breakpoints in the breakpoint table:
[0]kdb> bl To clear breakpoint number 1:
[0]kdb> bc 1
Stack tracing
The main stack-tracing commands are bt, btp, btc, and bta.
The bt
command attempts to provide information on the stack for the current
thread. It optionally takes a stack frame address as an argument. If no
address is provided, it takes the current registers to traceback the
stack. Otherwise, it assumes the provided address as a valid stack
frame start address and attempts to traceback. If the CONFIG_FRAME_POINTER
option was set during kernel compilation, the frame pointer register is
used to maintain stacks and, hence, the stack traceback can be
performed correctly. The bt command may not produce correct results in the event of CONFIG_FRAME_POINTER not being set.
The btp command takes a process ID as an argument and does a stack traceback for that particular process.
The btc command does a stack traceback for the running process on each live CPU. Starting from the first live CPU, it does a bt, switches to the next live CPU, and so on.
The bta
command does a traceback for all processes in a particular state.
Without any argument, it does a traceback for all processes.
Optionally, various arguments can be passed to this command. The
processes in a particular state will be processed depending on the
argument. The options and the corresponding states are as follows:
by Hariprasad Nellitheertha (Nov. 7, 2003)
KDB commands
KDB
is a very powerful tool that allows several operations such as memory
and register modification, applying breakpoints, and stack tracing.
Based on these, the KDB commands can be classified into several
categories. Here are details on the most commonly used commands in each
of these categories.
Memory display and modification
The most often-used commands in this category are md, mdr, mm, and mmW.
The md command takes an address/symbol and a line count and displays memory starting at the address for line-count number of lines. If line-count is not specified, the defaults as specified by the environment variables are used. If an address is not specified, md
continues from the last address that was printed. The address is
printed at the beginning, and the character conversion is printed at
the end.
The mdr command takes an address/symbol and a byte count and displays the raw contents of memory starting at the specified address for byte-count number of bytes. It is essentially the same as md, but it does not display the starting address and the character conversion at the end. The mdr command is of very little use.
The mm
command modifies memory contents. It takes an address/symbol and new
contents as parameters and replaces the contents at the address with new-contents.
The mmW command changes W bytes starting at the address. Note that mm changes a machine word.
Examples
To display 15 lines of memory starting at 0xc000000:
[0]kdb> md 0xc000000 15 To change the contents of memory location 0xc000000 to 0x10:
[0]kdb> mm 0xc000000 0x10
Register display and modification
The commands in this category are rd, rm, and ef.
The rd command (without any arguments) displays the contents of the processor registers. It optionally takes three arguments. If the c argument is passed, rd displays the processor's control registers; with the d argument, it displays the debug registers; and with the u argument, the register set of the current task, the last time they entered the kernel, are displayed.
The rm command modifies the contents of a register. It takes a register name and new-contents as arguments and modifies the register with new-contents. The register names depend on the specific architecture. Currently, the control registers cannot be modified.
The ef command takes an address as an argument and displays an exception frame at the specified address.
Examples
To display the general register set:
[0]kdb> rd To set the contents of register ebx to 0x25:
[0]kdb> rm %ebx 0x25
Breakpoints
The commonly used breakpoint commands are bp, bc, bd, be, and bl.
The bp
command takes an address/symbol as an argument and applies a breakpoint
at the address. Execution is stopped and control is given to KDB when
this breakpoint is hit. There are a couple of variations of this
command that could be useful. The bpa command applies the breakpoint on all processors in an SMP system. The bph command forces the use of a hardware register on systems that support it. The bpha command is similar to the bpa command except that it forces the use of a hardware register.
The bd
command disables a particular breakpoint. It takes in a breakpoint
number as an argument. This command does not remove the breakpoint from
the breakpoint table but just disables it. The breakpoint numbers start
from 0 and are allocated to breakpoints in the order of availability.
The be command enables a breakpoint. The argument to this command is also the breakpoint number.
The bl command lists the current set of breakpoints. It includes both the enabled and the disabled breakpoints.
The bc
command removes a breakpoint from the breakpoint table. It takes either
a specific breakpoint number as an argument or it takes *, in which case it will remove all breakpoints.
Examples
To set up a breakpoint at the function sys_write():
[0]kdb> bp sys_write To list all the breakpoints in the breakpoint table:
[0]kdb> bl To clear breakpoint number 1:
[0]kdb> bc 1
Stack tracing
The main stack-tracing commands are bt, btp, btc, and bta.
The bt
command attempts to provide information on the stack for the current
thread. It optionally takes a stack frame address as an argument. If no
address is provided, it takes the current registers to traceback the
stack. Otherwise, it assumes the provided address as a valid stack
frame start address and attempts to traceback. If the CONFIG_FRAME_POINTER
option was set during kernel compilation, the frame pointer register is
used to maintain stacks and, hence, the stack traceback can be
performed correctly. The bt command may not produce correct results in the event of CONFIG_FRAME_POINTER not being set.
The btp command takes a process ID as an argument and does a stack traceback for that particular process.
The btc command does a stack traceback for the running process on each live CPU. Starting from the first live CPU, it does a bt, switches to the next live CPU, and so on.
The bta
command does a traceback for all processes in a particular state.
Without any argument, it does a traceback for all processes.
Optionally, various arguments can be passed to this command. The
processes in a particular state will be processed depending on the
argument. The options and the corresponding states are as follows:
|