Basic System Problem Analysis - August 2003
51
Procedure Calling Convention: SP & PSP
SP is a real register, R30 by convention. PSP is not. It is the value of SP with the size of
the current frame subtracted.
Let’s say you run a program and set a break point at FREAD. At the point before the
stack frame is built you could count on the argument registers 26..23 being correct and
that SP-negative addresses would give you any additional parameters that might be there.
Once the stack frame is built those SP-negative addresses become PSP-negative
addresses.
And, as the procedure executes and calls other procedures you are less able to assume
anything about where parameter values might be if they were not initially spilled to the
stack. The only way to be sure is to read the instructions the procedure executed.
Here’s a trick for helping to find how registers get moved around.
Let’s say you have the following stack trace in a dump:
PC=a.0019fe78 system_abort
* 0) SP=418562e0 RP=a.00a51bc8 sm_quarantine_gufd+$1fc
1) SP=418562e0 RP=a.00ee5a5c
tm_close_common.tm_unlink_plfd_and_gdpd+$184
2) SP=418558e0 RP=a.00ee75cc tm_close_common+$1a98
3) SP=41855860 RP=a.0158a8e4 tm_ord_fix_buf_disc+$1e4
4) SP=418548a0 RP=a.01164370 fclose_nm+$5d4
5) SP=418547e0 RP=a.01163d68 ?fclose_nm+$8
export stub: a.013d22a8 FCLOSE+$b8
6) SP=41854560 RP=a.013d21bc ?FCLOSE+$8
export stub: 298.00279b68 cr_fclose+$1c
7) SP=418544a0 RP=298.00272350 COB_CLOSE+$17c
8) SP=41854468 RP=298.0026e804 ?COB_CLOSE+$8
export stub: 97c.0000e1d4
9) SP=418543f0 RP=97c.00000000
(end of NM stack)
You level down to look for the file number at FCLOSE (lev 6). You notice that PSP-$24
is zero, no file number there and R26 doesn’t look good either.
$23b ($70) nmdat > env filter 'r26,'
$23c ($70) nmdat r26,> dc pc-b8,bc/4
013d2288 FCLOSE+$98 d35a1ff0 EXTRS r26,31,16,r26
$23d ($70) nmdat r26,> env filter ',r26'
$23e ($70) nmdat ,r26> dc pc-b8,bc/4
013d2288 FCLOSE+$98 d35a1ff0 EXTRS r26,31,16,r26