CAC 2020-04-11

tryit30

In any case, the simplistic concept is that:  "tryit30 384" should fault
for you; it does, for me.  Program attached.  Please let me know if
there is anything that needs to be cleared up.

Running it sets the expected errors… First look…

TRACE: 0: 00310:031441 4 500003767100 (LPRP7 PR5|3) 000003 767(0) 1 0 0 00
APPENDING: doPtrReg: PR[5] SNR=00234 RNR=4 WORDNO=004756 BITNO=00
APPENDING: doPtrReg: n=5 offset=00003 TPR.CA=004756 TPR.TBR=0 TPR.TSR=00234 TPR.TRR=4
CPU APPENDING: do_append_cycle(H:FAP): (00234:004761) finalAddress=57770761
CPU FINAL: Read (Actual) Read:  iefpFinalAddress=57770761  readData=600600600600

SO the LPRPn operand was 600600600600; that's no good.  

get_value_list_:
     procedure (p_ps_ptr) options (support);

          psp = p_ps_ptr;

000067  aa  6 00032 3735 20   epp7      pr6|26,*
000070  aa  7 00002 3715 20   epp5      pr7|2,*             p_ps_ptr
000071  aa  5 00000 3715 20   epp5      pr5|0,*             p_ps_ptr
000072  aa  6 00544 6515 00   spri5     pr6|356             psp

TRACE: 0: 00310:031423 4 600032373520 (EPP7 PR6|32,N*) 000032 373(1) 1 0 1 00
TRACE: 0: 00310:031424 4 700002371520 (EPP5 PR7|2,N*) 000002 371(1) 1 0 1 00
TRACE: 0: 00310:031425 4 500000371520 (EPP5 PR5|0,N*) 000000 371(1) 1 0 1 00
TRACE: 0: 00310:031426 4 600544651500 (SPRI5 PR6|544) 000544 651(1) 1 0 0 00

          if ps.prep ^= 0
          then call plio2_get_util_$get_prep_ (psp);

000073  aa  5 00035 2361 00   ldq       pr5|29              ps.prep
000074  aa   000007 6000 04   tze       7,ic                000103
000075  aa  6 00544 3521 00   epp2      pr6|356             psp
000076  aa  6 00716 2521 00   spri2     pr6|462
000077  aa  6 00714 6211 00   eax1      pr6|460
000100  aa   004000 4310 07   fld       2048,dl
000101  la  4 00044 3521 20   epp2      pr4|36,*            plio2_get_util_$get_prep_
000102  aa  0 00623 7001 00   tsx0      pr0|403             call_ext_out

TRACE: 0: 00310:031427 4 500035236100 (LDQ PR5|35) 000035 236(0) 1 0 0 00
TRACE: 0: 00310:031430 4 000007600004 (TZE 000007,IC) 000007 600(0) 0 0 0 04

          iocbp = ps.fsbp -> fsb.iocb_p;

000103  aa  6 00544 3735 20   epp7      pr6|356,*           psp
000104  aa  7 00042 3715 20   epp5      pr7|34,*            ps.fsbp
000105  aa  5 00003 7671 00   lprp7     pr5|3               fsb.iocb_p
000106  aa  6 00516 6535 00   spri7     pr6|334             iocbp

TRACE: 0: 00310:031437 4 600544373520 (EPP7 PR6|544,N*) 000544 373(1) 1 0 1 00
TRACE: 0: 00310:031440 4 700042371520 (EPP5 PR7|42,N*) 000042 371(1) 1 0 1 00
TRACE: 0: 00310:031441 4 500003767100 (LPRP7 PR5|3) 000003 767(0) 1 0 0 00

So first call to get_value_list_, prep is 0, and a bad parameter value is passed in.

Called by 234|4560    tryit30$ux_inet_ptoh|627  (line 225)

                                                            STATEMENT 1 ON LINE 225
          get string (translate (dottedaddr, ",", ".")) list (fields);

000575  aa  6 00032 3735 20   epp7      pr6|26,*
000576  aa  7 00002 3715 20   epp5      pr7|2,*
000577  aa  5 77777 2361 00   ldq       pr5|-1              dottedaddr
000600  aa  6 00145 7561 00   stq       pr6|101
000601  aa  5 77777 2361 00   ldq       pr5|-1              dottedaddr
000602  aa  0 00551 7001 00   tsx0      pr0|361             alloc_char_temp
000603  aa  5 77777 2351 00   lda       pr5|-1              dottedaddr
000604  aa  040 140 160 540   mvt       (pr,rl),(pr,rl),fill(040)
000605  aa  5 00000 00 0005   desc9a    pr5|0,al            dottedaddr
000606  aa  2 00000 00 0006   desc9a    pr2|0,ql
000607  aa   000145 0000 04   arg       101,ic              000751 = 000001002003
000610  aa  6 00254 2521 00   spri2     pr6|172
000611  aa  6 00204 2521 00   spri2     pr6|132
000612  aa  6 00176 3535 00   epp3      pr6|126
000613  aa  6 00136 2535 00   spri3     pr6|94
000614  aa  6 00254 2535 00   spri3     pr6|172
000615  aa  6 00256 2521 00   spri2     pr6|174
000616  aa   777203 2350 04   lda       -381,ic             000021 = 214000000020
000617  aa   000016 3520 04   epp2      14,ic               000635 = 001014700100
000620  aa  0 01066 7001 00   tsx0      pr0|566             strem_prep
000621  aa   000001 2360 07   ldq       1,dl
000622  aa  6 00250 7561 00   stq       pr6|168000623  aa   000000 0110 03   nop       0,du
000624  aa   777174 2360 04   ldq       -388,ic             000020 = 404000000017
000625  aa  6 00250 7271 00   lxl7      pr6|168
000626  aa  6 00100 3521 17   epp2      pr6|64,7            fields
000627  aa  0 01243 7001 00   tsx0      pr0|675             get_list_eis
000630  aa  6 00250 2361 00   ldq       pr6|168
000631  aa  6 00250 0541 00   aos       pr6|168
000632  aa   000004 1160 07   cmpq      4,dl
000633  aa   777771 6040 04   tmi       -7,ic               000624
000634  aa  0 01057 7001 00   tsx0      pr0|559             get_terminate

TRACE: 0: 00306:000575 4 600032373520 (EPP7 PR6|32,N*) 000032 373(1) 1 0 1 00TRACE: 0: 00306:000576 4 700002371520 (EPP5 PR7|2,N*) 000002 371(1) 1 0 1 00
TRACE: 0: 00306:000577 4 577777236100 (LDQ PR5|77777) 777777 236(0) 1 0 0 00
TRACE: 0: 00306:000600 4 600145756100 (STQ PR6|145) 000145 756(0) 1 0 0 00
TRACE: 0: 00306:000601 4 577777236100 (LDQ PR5|77777) 777777 236(0) 1 0 0 00
TRACE: 0: 00306:000602 4 000551700100 (TSX0 PR0|551) 000551 700(0) 1 0 0 00
TRACE: 0: 00306:000603 4 577777235100 (LDA PR5|77777) 777777 235(0) 1 0 0 00
TRACE: 0: 00306:000604 4 040140160540 (MVT PR0|40140,F1) 040140 160(1) 0 0 0 00

TRACEEXT: mvt srcCN:0 dstCN:0 srcSZ:9 dstSZ:9 T:0 fill:040/040 N1:9 N2:9

Reads the translation tableTRACEEXT: EISReadIdx 2 addr 000751 n 0
FINAL: Read8 (Actual) Read:  iefpFinalAddress=60772751  readData=000001002003
...
TRACEEXT: EISReadIdx 0 addr 000002 n 0
CORE: core_read  60772002 061062067056 (APU_DATA_READ)    127.
CORE: core_read  60772003 060056060056 (APU_DATA_READ)    0.0.
CORE: core_read  60772004 061040040040 (APU_DATA_READ)    1

TRACEEXT: EISWriteIdx addr 005042 n 0

CORE: core_write 57771042 061062067054 (APU_DATA_STORE) 127,
CORE: core_write 57771043 060054060054 (APU_DATA_STORE)  0.0.
CORE: core_write 57771044 061600600600 (APU_DATA_STORE) 1

MVT 127.0.0.1 —> 127,0,0,1

Written to 234:5042

The LPRP read from 00234:004761…

Someone in plio2 did an MLR… A call to lio2_open_; it wrote the 600600600600 to the buffer.

TRACE: 0: 00306:000610 4 600254252100 (SPRI2 PR6|254) 000254 252(0) 1 0 0 00
TRACE: 0: 00306:000610 4 600254252100 (SPRI2 PR6|254) 000254 252(0) 1 0 0 00
TRACE: 0: 00306:000611 4 600204252100 (SPRI2 PR6|204) 000204 252(0) 1 0 0 00
TRACE: 0: 00306:000612 4 600176353500 (EPP3 PR6|176) 000176 353(1) 1 0 0 00
TRACE: 0: 00306:000613 4 600136253500 (SPRI3 PR6|136) 000136 253(1) 1 0 0 00
TRACE: 0: 00306:000614 4 600254253500 (SPRI3 PR6|254) 000254 253(1) 1 0 0 00
TRACE: 0: 00306:000615 4 600256252100 (SPRI2 PR6|256) 000256 252(0) 1 0 0 00
TRACE: 0: 00306:000616 4 777203235004 (LDA 777203,IC) 777203 235(0) 0 0 0 04
TRACE: 0: 00306:000617 4 000016352004 (EPP2 000016,IC) 000016 352(0) 0 0 0 04
TRACE: 0: 00306:000620 4 001066700100 (TSX0 PR0|1066) 001066 700(0) 1 0 0 00

TRACE: 0: 00306:000621 4 000001236007 (LDQ 000001,DL) 000001 236(0) 0 0 0 07
Q=000000000001

TRACE: 0: 00306:000622 4 600250756100 (STQ PR6|250) 000250 756(0) 1 0 0 00
APPENDING: do_append_cycle(H:FAP): (00234:005030) finalAddress=57771030
FINAL: Write(Actual) Write: iefpFinalAddress=57771030 writeData=000000000001

TRACE: 0: 00306:000623 4 000000011003 (NOP 000000,DU) 000000 011(0) 0 0 0 03

TRACE: 0: 00306:000624 4 777174236004 (LDQ 777174,IC) 777174 236(0) 0 0 0 04
Q=404000000017

TRACE: 0: 00306:000625 4 600250727100 (LXL7 PR6|250) 000250 727(0) 1 0 0 00
X[7]=000001

TRACE: 0: 00306:000626 4 600100352117 (EPP2 PR6|100,7) 000100 352(0) 1 0 0 17
PR2/bp: SNR=00234 RNR=4 WORDNO=004661 BITNO:00 ARCHAR:0 ARBITNO:00 

TRACE: 0: 00306:000627 4 001243700100 (TSX0 PR0|1243) 001243 700(0) 1 0 0 00

pl1_operators_.list

                                  5502  "         operators for get list
                                  5503  "         entered with pointer to datum in bp, offset in x7, descriptor in q
                                  5504  "
    010336                        5505  get_list_eis:
    010336  aa   000003 6260 00   5506            eax6      3                   set procedure to call
    010337  0a   010376 7100 00   5507            tra       plio_eis            join common section

At the LPRP call:
PR2/bp: SNR=00310 RNR=4 WORDNO=031404 BITNO:00 ARCHAR:0 ARBITNO:00
310:31441

That's weird; the data in in 234, the stack. MAybe that is the fields descriptor (the target operand).

X[7]=001320

Q=000000000000

Experiment 1. Trace the tryit30 segment for 383 and 384; compare

                                                            STATEMENT 1 ON LINE 155
                    fillbyte = binary (argp->based_arg);

...
000235  aa  0 01257 7001 00   tsx0      pr0|687             any_to_any_truncate_
000236  aa  6 00160 2371 00   ldaq      pr6|112
000237  aa  6 00127 7561 00   stq       pr6|87              fillbyte

For 383 AQ  is 107 577
For 384 AQ is 197 600

In fill stack

      246     dcl   charvalue char (1) init (byte (bytevalue));

246
000702  aa  6 00032 3735 20   epp7      pr6|26,*
000703  aa  7 00004 2361 20   ldq       pr7|4,*             bytevalue

bytevalue is 577/600

000704  aa   000077 7370 00   lls       63

57700000000 / 600000000000

000705  aa  6 00100 7551 00   sta       pr6|64              charvalue

          fillstring = copy (charvalue, maxlength (fillstring));

fillstring set to 577577577577 /  600600600600

Hmm. That's the value that LPRP saw.

That explains the fault for > 383.

There is a difference in the MLR cache read data toward the end; it may just be uninitialized stack cruft.

383:
DBG(1500725322107)> CPU CORE: core_read  72463354 000405400043 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463355 072257000000 (APU_DATA_READ)

384:

DBG(1769484598228)> CPU CORE: core_read  72463354 000401400043 (APU_DATA_READ)
DBG(1769484598228)> CPU CORE: core_read  72463355 000002000000 (APU_DATA_READ)

Still later, a cache read of already initialized data?

383:

DBG(1500725322107)> CPU CORE: core_read  72463760 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463761 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463762 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463763 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463764 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463765 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463766 577577577577 (APU_DATA_READ)
DBG(1500725322107)> CPU CORE: core_read  72463767 577577577577 (APU_DATA_READ)

384:

DBG(1769484598228)> CPU CORE: core_read  72463760 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463761 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463762 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463763 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463764 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463765 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463766 600600600600 (APU_DATA_READ)^M
DBG(1769484598228)> CPU CORE: core_read  72463767 600600600600 (APU_DATA_READ)^M

Many more such changes diring the MLR

      179               dcl   pushdown (divide (fillbyte, 512, 17) + 128) char (1);

000363  aa  5 00002 2361 20   ldq       pr5|2,*             fillbyte

Q is 577/600

000364  aa   001000 5060 07   div       512,dl

A is 577/600

000604  aa  040 140 160 540   mvt       (pr,rl),(pr,rl),fill(040)
000605  aa  5 00000 00 0005   desc9a    pr5|0,al            dottedaddr
000606  aa  2 00000 00 0006   desc9a    pr2|0,ql

                                                            STATEMENT 1 ON LINE 225
          get string (translate (dottedaddr, ",", ".")) list (fields);

DBG(1769484598644)> CPU TRACE: 0: 00401:000604 4 040140160540 (MVT PR0|40140,F1) 040140 160(1) 0 0 0 00^M

383:

DBG(1500725322523)> CPU CORE: core_read  72463760 577577577577 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463761 000000000011 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463762 577577577577 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463763 577577577577 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463764 577577577577 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463765 577577577577 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463766 577577577577 (APU_DATA_READ)
DBG(1500725322523)> CPU CORE: core_read  72463767 577577577577 (APU_DATA_READ)

384:

DBG(1769484598644)> CPU CORE: core_read  72463760 600600600600 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463761 000000000011 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463762 600600600600 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463763 600600600600 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463764 600600600600 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463765 600600600600 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463766 600600600600 (APU_DATA_READ)
DBG(1769484598644)> CPU CORE: core_read  72463767 600600600600 (APU_DATA_READ)

383:

DBG(1500725322523)> CPU TRACEEXT: EISWriteCache: writeCache (PR) 061577577577@234:011762

384:

DBG(1769484598644)> CPU TRACEEXT: EISWriteCache: writeCache (PR) 061600600600@234:011762

Repeat, overwriting data...

Looking at the comparative traces of the plio_ segment, the operand to the LPRP is 057057057057; the operand is undefined, regardless of the fill value.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License