Handed out: Monday, September 27, 2004
Due: Wednesday, September 29, 2004
Read: chapters 9, 10 and 12 (until sys1.c) of Lions'
commentary and the relevant source code.
Hand-In Procedure
You are to turn in this homework during lecture. Please write up your answers to the exercises below and hand them in to a 6.828 staff member by the end of the lecture.
Introduction
In this homework you will continue simulating the Unix v6 kernel on the PDP-11 (processor handbook). In particular, we will look at how the processor state changes when a user process makes a system call and traps into the kernel.
Tracing a PDP-11 Trap
Boot up the unmodified unix kernel in the PDP-11 simulator and skip to just before the first time a user process makes a system call. The following commands show you how to do this:
athena% cd ~/6.828/v6rk athena% pdp11 PDP-11 simulator V2.3d sim> at rk0 v6root sim> de break 0 sim> boot rk0 Breakpoint, PC=000000 (MOV #137000,SP) R0=000000 R1=177404 R2=000000 R3=000000 R4=000000 R5=062153 KSP=002000 USP=000000 PSW=000344 (CM=0,PM=0,IPL=7,tnZvc) sim> cont @unix Breakpoint, PC=000000 (BR 40) R0=137000 R1=177404 R2=071000 R3=136064 R4=135030 R5=135770 KSP=136776 USP=000000 PSW=000344 (CM=0,PM=0,IPL=7,tnZvc) sim> cont Breakpoint, PC=000000 (TRAP 13) R0=000000 R1=141766 R2=001175 R3=000000 R4=000200 R5=135770 KSP=142000 USP=000000 PSW=170000 (CM=3,PM=3,IPL=0,tnzvc) sim>ex -v -m 0-24 |
The breakpoint activation at 'BR 40' above is from m40.s as we saw in lecture; the activation at 'TRAP 13' occurs when the first user process makes an 'exec' kernel call. The last command above in the simulator will show you the instruction stream that is about to be executed by the user process (these are the contents of 'icode' located at lines 1516-1529 of Lions).
Notice that the PSW states that both the current and previous mode were USER and that the current IPL is at the lowest possible level. This TRAP instruction is the first instruction of the first user process. We will cover in detail how the process is exactly created, set up and what happens before this TRAP is reached. For now, however, we are only interested in examining how this TRAP affects the PDP-11 processor.
Now execute the TRAP instruction:
sim> step 2 Step expired, PC: PC=000312 (TST 117462) R0=000000 R1=141766 R2=001175 R3=000000 R4=000200 R5=135770 KSP=141774 USP=000000 PSW=030340 (CM=0,PM=3,IPL=7,tnzvc) |
The next instruction now, the TST, is on line 0757, the second instruction of the trap assembly language routine.
| Exercise 1. Where in memory did the new values for the PC and PSW after the TRAP come from and why? (Note: PSW=030346 immediately after the trap and before the 'MOV') |
| Exercise 2. Was the user stack modified by the TRAP? Was the kernel stack modified? |
|
Challenge! Why do we use 's 2' above instead of using a
simple step? When you use 's' why is the next instruction
displayed not the next instruction executed (i.e. the MOV at
line 756)?
This seems to be a problem with the simulator. |
| Exercise 3. Explain the contents of memory in the kernel stack displayed by 'ex -v 141770' and 'ex -v 141774-141776'. Which of these values was stored by the PDP-11 hardware directly as a result of the TRAP instruction? Which of these values was stored by one or more MOVs? |
| Exercise 4. How is the C-language procedure trap invoked? Where is the stack set up for entry into this procedure? (Hint: look at line 0762) |
| Exercise 5. Map the value of each of the four words in memory 141770-141776 to a parameter of the trap C-language procedure in trap.c (line 2693) that will eventually be invoked as a result of this system call. |
(Note: In answering the above questions, you may want to decode instructions like 'JSR R5, 16006' into the (somewhat) more meaningful 'JSR R5, _newproc'. While the pdp11 simulator will not do this for you, you can determine the memory location of a kernel symbol using the simulated unix debugger with 'v6 db unix' as described in homework 6. For example, typing '_newproc=' at the debugger prompt outputs 16006. Use the (unmodified!) 'unix' image in ~/6.828/v6/usr/sys/conf -- be sure to roll back your modifications to 'main.c' from homework 6.)
This completes the homework.