HP OpenVMS systems documentation

When an illegal page fault occurs, the stack appears as pictured in Figure 2-8.

Figure 2-8 Stack Following an Illegal Page-Fault Error

The stack contents are as follows:

MMG$PAGEFAULT Stack Frame	Stack frame built at entry to MMG$PAGEFAULT, the page fault exception service routine. On Alpha, the frame includes the contents of the following registers at the time of the page fault: R3, R8, R11 to R15, R29 (frame pointer)
SCH$PAGEFAULT Saved Scratch Registers (Alpha only)	Contents of the following registers at the time of the page fault: R0, R1, R16 to R28
Exception Stack Frame	Exception stack frame ---see Figure 2-5, Figure 2-6 and Figure 2-7
Previous Stack Content	Contents of the stack prior to the illegal page-fault error

When you analyze a dump caused by a PGFIPLHI bugcheck, the SHOW STACK command identifies the exception stack frame using the symbols shown in Table 2-10 or Table 2-11. The SHOW CRASH or CLUE CRASH command displays the instruction that caused the page fault and the instructions around it.

2.8 Page Protections and Access Rights

Page protections and access rights are different on Alpha and I64 systems. They are visible in output from the following commands:

SHOW PAGE
SHOW PROCESS/PAGE
EXAMINE/PTE
EVALUATE/PTE

Due to system differences, there is a need to distinguish "Write+Read+Execute" from "Write+Read" and to distinguish "Read+Execute" from "Read".

On an Alpha system, W=W+R+E and R=R+E but on an IA64 system, additional w and r indicators are introduced for non-execute cases.

On Alpha, page protection is described by 8 bits--- one Read bit for each mode, and one Write Bit. Therefore in the "Read" column, there might be KESU (read access in all modes) or K--- (read access in Kernel mode only) or NONE (no read access). Similarly in the "Writ" column. Not all combinations of the 8 bits are possible (for example, Write access for a mode implies Read access at that mode and both Read and Write access for all inner modes).

On I64, page protection is described by 5 bits, a combination of the Access Rights and Privilege Level fields. SDA interprets these with a single character to describe access in each mode, as follows:

Table 2-12 I64 Access Codes for Page Protections

Code	Meaning
r	Read
w	Read, Write
R	Read, Execute
W	Read, Write, Execute
X	Execute
K	Promote to Kernel
E	Promote to Executive
S	Promote to Supervisor
-	No access

For example WRRR means Kernel mode has Read+Write+Execute access; all other modes have Read+Execute access.

2.9 Inducing a System Failure

If the operating system is not performing well and you want to create a dump you can examine, you must induce a system failure. Occasionally, a device driver or other user-written, kernel-mode code can cause the system to execute a loop of code at a high priority, interfering with normal system operation. This loop can occur even though you have set a breakpoint in the code if the loop is encountered before the breakpoint. To gain control of the system in such circumstances, you must cause the system to fail and then reboot it.

If the system has suspended all noticeable activity and is hung, see the examples of causing system failures in Section 2.9.2.

If you are generating a system failure in response to a system hang, be sure to record the PC and PS as well as the contents of the integer registers at the time of the system halt.

2.9.1 Meeting Crash Dump Requirements

The following requirements must be met before the operating system can write a complete crash dump:

• You must not halt the system until the console dump messages have been printed in their entirety and the memory contents have been written to the crash dump file. Be sure to allow sufficient time for these events to take place or make sure that all disk activity has stopped before using the console to halt the system.
• There must be a crash dump file in SYS$SPECIFIC:[SYSEXE]: named either SYSDUMP.DMP or PAGEFILE.SYS.
  This dump file must be either large enough to hold the entire contents of memory (as discussed in Section 2.2.1.1) or, if the DUMPSTYLE system parameter is set, large enough to accommodate a subset or compressed dump (also discussed in Section 2.2.1.1).
  If SYSDUMP.DMP is not present, the operating system attempts to write crash dumps to PAGEFILE.SYS. In this case, the SAVEDUMP system parameter must be 1 (the default is 0).
• Alternatively, the system must be set up for DOSD. See Section 2.2.1.5, and the HP OpenVMS System Manager's Manual, Volume 2: Tuning, Monitoring, and Complex Systems for details.
• The DUMPBUG system parameter must be 1 (the default is 1).

This section tells you how to enter the XDelta utility (XDELTA) to force a system failure.

Before you can use XDelta, it must be loaded at system startup. To load XDelta during system bootstrap, you must set bit 1 in the boot flags. See the HP OpenVMS Version 8.2 Upgrade and Installation Manual for information about booting with the XDelta utility.

On Alpha, put the system in console mode by pressing Ctrl/P or the Halt push button. Enter the following commands at the console prompt to enter XDelta:

>>> DEPOSIT SIRR E >>> CONTINUE

On I64, enter XDELTA by pressing Ctrl/P at the console.

Once you have entered XDelta, use any valid XDelta commands to examine register or memory locations, step through code, or force a system failure (by entering ;C under XDelta). See the HP OpenVMS Delta/XDelta Debugger Manual for more information about using XDelta.

On Alpha, if you did not load XDelta, you can force a system crash by entering console commands that make the system incur an exception at high IPL. At the console prompt, enter commands to set the program counter (PC) to an invalid address and the PS to kernel mode at IPL 31 before continuing. This results in a forced INVEXCEPTN-type bugcheck. Some HP Alpha computers employ the console command CRASH (which will force a system failure) while other systems require that you manually enter the commands.

Enter the following commands at the console prompt to force a system failure:

>>> DEPOSIT PC FFFFFFFFFFFFFF00 >>> DEPOSIT PS 1F00 >>> CONTINUE

For more information, refer to the hardware manuals that accompanied your Alpha computer.

On I64, pressing Ctrl/P when XDelta is not loaded causes the OpenVMS system to output the following:

Crash (y/n):

A response of Y forces a system crash; entering any other character lets the system continue processing.

This chapter describes the format, usage, and qualifiers of the System Dump Analyzer (SDA) utility.

The System Dump Analyzer (SDA) utility helps determine the causes of system failures. This utility is also useful for examining the running system.

3.1 ANALYZE Qualifiers

The following qualifiers described in this section determine whether the object of an SDA session is a crash dump or a running system. They also help create the environment of an SDA session.

/CRASH_DUMP
/OVERRIDE
/RELEASE
/SHADOW_MEMBER
/SSLOG
/SYMBOL
/SYSTEM

Format

ANALYZE {/CRASH_DUMP
[/OVERRIDE]
[/RELEASE]
[/SHADOW_MEMBER [= device-name]]
filespec|/SYSTEM |/SSLOG}
[/SYMBOL = system-symbols-table]

Parameters

device-name

The device containing or to contain the system dump.

filespec

Name of the file that contains the dump you want to analyze. At least one field of the filespec is required, and it can be any field. The default filespec is the highest version of SYSDUMP.DMP in your default directory. The filespec is required for ANALYZE/CRASH_DUMP, but cannot be specified for ANALYZE/SYSTEM.

system-symbol-table

The system symbol table used by SDA.

Description

By default, the System Dump Analyzer is automatically invoked when you reboot the system after a system failure.

To analyze a system dump interactively, invoke SDA by issuing the following command:

$ ANALYZE/CRASH_DUMP filespec

If you do not specify filespec, SDA prompts you for it.

To analyze a crash dump, your process must have the privileges necessary for reading the dump file. This usually requires system privilege (SYSPRV), but your system manager can, if necessary, allow less privileged processes to read the dump files. Your process needs change-mode-to-kernel (CMKRNL) privilege to release page file dump blocks, whether you use the /RELEASE qualifier or the SDA COPY command.

Invoke SDA to analyze a running system by issuing the following command:

$ANALYZE/SYSTEM

To examine a running system, your process must have change-mode-to-kernel (CMKRNL) privilege. Your process must also have the map-by-PFN privilege (PFNMAP) to access memory by physical address on a running system. You cannot specify filespec when using the /SYSTEM qualifier.

To send all output from SDA to a file, use the SDA command SET OUTPUT, specifying the name of the output file. The file produced is 132 columns wide and is formatted for output to a printer. To later redirect the output to your terminal, use the following command:

SDA> SET OUTPUT SYS$OUTPUT

To send a copy of all the commands you type and a copy of all the output those commands produce to a file, use the SDA command SET LOG, specifying the name of the log file. The file produced is 132 columns wide and is formatted for output to a printer.

To exit from SDA, use the EXIT command. Note that the EXIT command also causes SDA to exit from display mode. Thus, if SDA is in display mode, you must use the EXIT command twice: once to exit from display mode, and a second time to exit from SDA. See Section 2.6.2 for a description of display mode.

Invokes SDA to analyze the specified dump file.

Format

/CRASH_DUMP filespec

Parameter

filespec

Name of the crash dump file to be analyzed. The default file specification is:

SYS$DISK:[default-dir]SYSDUMP.DMP

SYS$DISK and [default-dir] represent the disk and directory specified in your last SET DEFAULT command. If you do not specify filespec, SDA prompts you for it.

Description

See Chapter 2, Section 2.3 for additional information on crash dump analysis. You cannot specify the /SYSTEM qualifier when you include the /CRASH_DUMP qualifier in the ANALYZE command.

Examples

$ ANALYZE/CRASH_DUMP SYS$SYSTEM:SYSDUMP.DMP
$ ANALYZE/CRASH SYS$SYSTEM
      

These commands invoke SDA to analyze the crash dump stored in SYS$SYSTEM:SYSDUMP.DMP.

$ ANALYZE/CRASH SYS$SYSTEM:PAGEFILE.SYS
      

This command invokes SDA to analyze a crash dump stored in the system page file.

When used with the /CRASH_DUMP qualifier, invokes SDA to analyze only the structure of the specified dump file when a corruption or other problem prevents normal invocation of SDA with the ANALYZE/CRASH_DUMP command.

Format

/CRASH_DUMP/OVERRIDE filespec

Parameter

filespec

Name of the crash dump file to be analyzed. The default file specification is:

SYS$DISK:[default-dir]SYSDUMP.DMP

SYS$DISK and [default-dir] represent the disk and directory specified in your last SET DEFAULT command. If you do not specify filespec, SDA prompts you for it.

Description

See Chapter 2, Section 2.3 for additional information on crash dump analysis. Note that when SDA is invoked with /OVERRIDE, not all the commands in Chapter 2, Section 2.3 can be used. Commands that can be used are as follows:

• Output control commands such as SET OUTPUT and SET LOG
• Dump file related commands such as SHOW DUMP and CLUE ERRLOG

Commands that cannot be used are as follows:

• Commands that access memory addresses within the dump file such as EXAMINE and SHOW SUMMARY

Also, the /RELEASE qualifier cannot be used when you include the /OVERRIDE qualifier in the ANALYZE/CRASH_DUMP command

When /OVERRIDE is used, the SDA command prompt is SDA>>.

Example

$ ANALYZE/CRASH_DUMP/OVERRIDE SYS$SYSTEM:SYSDUMP.DMP
$ ANALYZE/CRASH/OVERRIDE SYS$SYSTEM
      

These commands invoke SDA to analyze the crash dump stored in SYS$SYSTEM:SYSDUMP.DMP.

Invokes SDA to release those blocks in the specified system page file occupied by a crash dump.

Requires CMKRNL (change-mode-to-kernel) privilege.

Format

/CRASH_DUMP/RELEASE filespec

Parameter

filespec

Name of the system page file (SYS$SYSTEM:PAGEFILE.SYS). Because the default file specification is SYS$DISK:[default-dir]SYSDUMP.DMP, you must identify the page file explicitly. SYS$DISK and [default-dir] represent the disk and directory specified in your last DCL command SET DEFAULT. If you do not specify filespec, SDA prompts you for it.

Description

Use the /RELEASE qualifier to release from the system page file those blocks occupied by a crash dump. When invoked with the /RELEASE qualifier, SDA immediately deletes the dump from the page file and allows no opportunity to analyze its contents.

When you specify the /RELEASE qualifier in the ANALYZE command, do the following:

1. Use the /CRASH_DUMP qualifier.
2. Include the name of the system page file (SYS$SYSTEM:PAGEFILE.SYS) as the filespec.

If you do not specify the system page file or the specified page file does not contain a dump, SDA generates the following messages:

%SDA-E-BLKSNRLSD, no dump blocks in page file to release, or not page file %SDA-E-NOTPAGFIL, specified file is not the page file

You cannot specify the /OVERRIDE or /SHADOW_MEMBER qualifier when you include the /RELEASE qualifier in the ANALYZE/CRASH_DUMP command.

Example

$ ANALYZE/CRASH_DUMP/RELEASE SYS$SYSTEM:PAGEFILE.SYS
$ ANALYZE/CRASH/RELEASE PAGEFILE.SYS
      

These commands invoke SDA to release to the page file those blocks in SYS$SYSTEM:PAGEFILE.SYS occupied by a crash dump.

Specifies which member of a shadow set contains the system dump to be analyzed, or allows the user to determine what system dumps have been written to the members of the shadow set.

Format

/CRASH_DUMP/SHADOW_MEMBER [=device-name]

Description

If the system disk is a shadow set, a system dump will only be written to one member of the shadow set (usually the master member at the time the dump is written). By default, if the filespec translates to a file on a shadow set, SDA will read the dump only from the master member. If at analysis time, the master member is different from where the dump was written, the /SHADOW_MEMBER qualifier allows the user to choose the member from which the dump is to be read.

If the correct member is not known, the /SHADOW_MEMBER qualifier may be specified without a device name. SDA will display a one-line summary of the most recent dump written to each member and then prompt the user to determine which member to use. The prompt is:

Shadow set action?

The possible responses are:

Command	Effect
EXIT	Aborts the SDA session without analyzing a dump
HELP	Displays simple help text. See Example 3 below.
USE <device_name>	Initiates analysis of the system dump located on the specified shadow set member.

The one-line summary for each member consists of the following fields:

Member device name
Bugcheck name
Date and time of system crash
Node name
VMS Version
Flags---none, one or more of: Bad_Checksum, ErrorLog_Dump, Not_Saved, Old_Dump

If there is no usable dump on a member, SDA output will an explanatory warning message followed by a line giving the member device name and the message "No system or error log dump found."

Note that SDA cannot distinguish a dump on a shadowed system disk from a dump copied to a shadowed data disk. SDA will therefore always read the dump from a single member of a host-based shadow set. (In an OpenVMS Cluster system with multiple shadowed system disks, one system's system disk will be a data disk on other systems.) This does not affect dumps being read directly from a DOSD disk, since DOSD disks cannot be members of a host-based shadow set.

Note The /SHADOW_MEMBER qualifier is not useful if the system dump has been written to the primary page file on a shadowed system disk. You cannot specify /RELEASE with /SHADOW_MEMBER.

Examples

$ ANALYZE/CRASH_DUMP DSA777:[SYS0.SYSEXE]SYSDUMP.DMP
%SDA-I-USEMASTER, accessing dump file via _$31$DKB200:, master member of shadow set _DSA777:
OpenVMS (TM) Alpha system dump analyzer
...analyzing a compressed selective memory dump...
Dump taken on 12-DEC-2001 08:23:07.80
SSRVEXCEPT, Unexpected system service exception
SDA>
      

This command initiates dump analysis using the master member of the shadow set DSA777 (the default action).

$ ANALYZE/CRASH_DUMP/SHADOW_MEMBER=DKB0 DSA777:[SYS0.SYSEXE]SYSDUMP.DMP
OpenVMS (TM) Alpha system dump analyzer 
...analyzing a compressed selective memory dump... 
 
Dump taken on 12-DEC-2001 08:23:07.80 
SSRVEXCEPT, Unexpected system service exception 
 
SDA>
      

This command initiates dump analysis using member device $31$DKB0 of the shadow set DSA777.

$ ANALYZE/CRASH_DUMP/SHADOW_MEMBER DSA8888:[SYS1.SYSEXE]SYSDUMP.DMP
_$70$DKA303:     INVEXCEPTN           16-NOV-2001 00:00:25.74 MRVP2    X96S-FT1 
_$70$DKA202:     INCONSTATE           18-NOV-2001 02:08:45.05 MRVP2    X96S-FT1 
 
Shadow set action? HELP 
 
Shadow set actions: 
 
     EXIT                            exit SDA 
     HELP                            this display 
     USE <shadow_set_member>         proceed using specified shadow set member 
 
Shadow set action? USE _$70$DKA303: 
 
OpenVMS (TM) Alpha system dump analyzer 
...analyzing a compressed selective memory dump... 
 
%SDA-W-NOTSAVED, global pages not saved in the dump file 
Dump taken on 16-NOV-2001 00:00:25.74 
INVEXCEPTN, Exception while above ASTDEL 
 
SDA> EXIT
 
 
      

This command displays the dumps to be found on the members of shadow set DSA8888:[SYS1.SYSEXE]SYSDUMP.DMP and then begins analysis of the dump written to device _$70$DKA303.