Basic System Problem Analysis - August 2003

Case Study: SA663 continued

Illustrated above is a small portion of the code that would be displayed by the DCX

macro call.

From this we can see that the 2

level procedure made a call to the procedure

tm_unlink_gdpd. On return from that procedure a value a SP-#172 was loaded into R22.

Then R22 was used to load a value into R1. The value in R1 was compared to zero

(COMBIT is compare, immediate branch if true) and if the condition was met PC would

have moved to a point BEYOND where we would have called sm_quarantine_gufd. So

the next thing we would want to look at is that value since it is looks like we did not take

that branch.

Note: Technically it would be incorrect to say that the code did not take that branch. In

actual fact the branch may have been taken and another branch might have move PC back

to the instruction just following the branch at offset $140. If after looking at the value it

should have used you find that it should have taken the branch the next steps (and this is

where it gets time consuming) would be to walk through the instructions in an attempt to

replay the code. This becomes so time consuming that it really is not worth the

investment in time.