• Please review our updated Terms and Rules here

PDP-8 OS handlers

I finally got back to working on console serial disk a few days ago. I think I had been suffering from burnout after spending a week working on an old Straight 8 (not mine) and getting it sort of running.

One problem I had was with Unix termios and putting the console keyboard/display in raw mode. This now seems to be working (at least on Linux) and I even think I know what I am doing....

The bug I squashed last night was one of those things I probably knew 40 years ago. Here is the snippit of C code that I eventually found was failing.
C:
  if( pdp_ch&0370 == 020 ) do_server( pdp_ch&007 );
This is supposed to take the character received from the pdp8 and decide if it is the server wakeup code. The server wakeup code is 020 through 027 where the last octal digit is the callers instruction field. The do_server routine uses the field to know what field to look in to find the handler call argument list. This test was always false even when pdp_ch was set to a value of 021. Do you see what the problem is? Took me several hours of looking in the wrong place before I realized do_server was never being called. What is supposed to happen is the AND with 0370 will remove the field bits from the comparison. That is not what was happening. The C precedence rules cause the == to take place before the & so 0370 is never equal to 020 giving a result of 0 which when ANDed with anything is still 0. which means do_server was never being called.
C:
  if( (pdp_ch&0370) == 020 ) do_server( pdp_ch*007 );
Is the working business.

Now to find the next bug!
Doug,

That is why many programming standards do not allow bit wise operations in conditionals. I actually have that exact coding error on a test I give to all potential programmers that I interview:

What is wrong with this statement and why:

if ( A & B == C )
{
.
.
.
}


As a rule of thumb and part of several programming standards I have written parenthesis must surround all complex conditionals in a conditional statement.

Acceptable: if ( ( A == B ) && ( C == D ) )

Unacceptable: if ( a == b && B == C )

Even though the second one is syntactically and functionally correct. This is so ingrained into my programming habits that the '==' vs '&' precedence never becomes an issue.

I make the same dumb mistakes I've been making for 40 years myself, so I sympathize with you.

All we can do it to keep plodding along doing our best.
 
This one was worse than the last! Took me about 6 hours to find. Here is the buggy code in the handler:
Code:
/ GET A 12 BIT VALUE FROM THE SERVER
GET12,  .-.
        KSF             /WAIT FOR A CHARACTER
        JMP .-1
        KRB             /READ IN THE CHARACTER
        RTL             /SHIFT LEFT 4 BITS
        RTL
        DCA TEMP        /SAVE UPPER 8 BITS
        KSF             /WAIT FOR LOWER 4 BITS
        JMP .-1
        KRB             /READ IN THE LOWER 4 BITS
        TAD TEMP        /COMBINE
        JMP I GET12     /RETURN
The handler reads two bytes from the server and combines it to make a 12 bit value. The bug is that if the link just happens to be set then 010 gets added to the value. The fix is fairly painless in that the first RTL (line 6) gets changed to CLL RTL and eliminates the issue.

I am done messing with this today. There is a bunch of debugging code that needs to come out of the server once I am sure this is the whole issue. I am confident that there will be more but this was a pretty big step in that I can have the server read and write arbitrary memory before it answers the first request during boot. Could be useful for feeding in diagnostics.
 
I am officially really tired of toggling in:
Code:
0025 Load Addr
6031 Dep
5025 Dep
6036 Dep
7012 Dep
7010 Dep
3001 Dep
2032 Dep
5025 Dep
0025 Load Addr
Clear
Cont
So I wrote a version that sits in Field 3 out of the way. It copies that stuff to field 0 and them jumps to it.

I am a lot closer now although after fixing a couple of bugs in the handler I have only 1 free word. But I do have a free word! That is one more than the RX01 handler.

The point I am at, the server has correctly fetched the caller's argument list. I am about to decode that and do the read or write that has been requested. Here is what I am looking at:
Code:
dpi@raspberrypi:~/consd/server $ ./csd -D
SERVER: Debug mode enabled.  Command line:
./csd -D
 Opening system image system.dsk
SERVER: Opening system image system.dsk
SERVER: Reading the system image into memory.
SERVER: Calculating installed handler checksum.
SERVER: system.dsk appears to have an RK05 handler installed
Continuing anyway....
SERVER: Verifying the boot code on the boot block
Patching the boot code then testing it so it has to match.
SERVER: Examining the OS/8 entry point on the boot block
SERVER: Verifying the handler on the boot block
Patching the handler code then testing it so it has to match.
SERVER: sending 21 bytes of boot2 help code
SERVER: sending the boot block
SERVER: do_server called with field=1
SERVER: do_server waiting for called address
SERVER: do_server the passed handler entry point is 07611
SERVER: do_server waiting for the keyboard input character buffer.
SERVER: do_server the keyboard buffer character=000
SERVER: mem_read called F=0, A=7607, C=0001
SERVER: do_server arg list Field=1 address=07671
SERVER: do_server fetching the argument list
SERVER: mem_read called F=1, A=7671, C=0003
SERVER: do_server dumping the callers argument list
arg0=1000
arg1=0000
arg2=0007
The csd command starts the server. The -D is for debug. I am manually starting the boot with a shift F12. There is a command line option -B which will automatically start the boot process. The default system image is system.dsk. There is a command line option to override this.

At the moment I don't have an image with the handler on it so I patch the handler into the boot block if it detects that the system image is an RK05 image. I don't expect that there will be any problems doing this and if there aren't I can see extending this "feature" to allow you to boot any system image from any device.

Well back to it!
 
I put the rest of the pieces in place and decided to just try it. I figured there were a couple of possible outcomes. Most likely was that I still have something wrong and it won't work. Much less likely was that an OS/8 dot prompt would appear. The extremely unlikely situation was that I would uncover a glitch in the Matrix and existence as we know it would end. I suppose that might be happening all the time and we would never know it because they just restart from the last checkpoint.

Ok, since we are still here I think it is safe to assume I didn't break the Matrix. And I didn't magically get an OS/8 dot prompt. Which leaves the other case. It is halting (7402) at address 0110 in field 0 after making one handler call to read 8 records from disk sector 7 to memory location 0 in field 0. This is a 1k word transfer which makes sense since we are booting OS/8 and almost nothing is in memory. Does anyone know what the first sys handler call is supposed to be after boot? What is stored at sector 7 on a system device?

I thought maybe my RK05 image was not a working one although that seemed unlikely. I grabbed the one I have been using with simh and tried it. No difference.

I guess it is back to the grind of testing and retesting everything. The first thing is to make certain I am reading the system.dsk image correctly.
 
Isn't 07-12 (all numbers in OCTAL) the keyboard monitor with 13-15 being USR and 16 being the first device handler?

Is it worth dumping the first 'n' blocks of the disk image you are using to see what you have on there - so we all have the same frame of reference?

Dave
 
Today, "Nothng but blue pills."

Isn't 07-12 (all numbers in OCTAL) the keyboard monitor with 13-15 being USR and 16 being the first device handler?

Is it worth dumping the first 'n' blocks of the disk image you are using to see what you have on there - so we all have the same frame of reference?
The fact that the initial request is 4 blocks starting at 7 and 007, 010, 011, and 012 are the keyboard monitor seems like a good thing. I will verify that if possible. It has been a while since I looked at what is in the system area and where so I am trusting you on that.

Dump how? Something like this?

Code:
Block=007
0000: 0003 7200 1053 3033 4500 2331 2324 0515
0010: 4005 2222 0000 1051 7764 1723 7523 0000
0020: 0000 7771 7700 0200 1200 0211 7607 5372
0030: 6203 0321 1630 0402 0203 4562 1161 5400
0040: 1160 7610 5046 3445 5001 7777 6263 5450
0050: 5601 1664 6544 7605 4000 3700 2020 0070
0060: 0603 0600 0434 0067 6003 0244 0100 0336
0070: 0334 7001 6670 0212 0215 0403 0010 7700
0100: 0330 0306 0564 1754 0527 0300 1676 7404
0110: 7600 7402 7401 7403 1610 7400 0526 0200
0120: 0007 7757 7764 7762 0033 7761 7760 7756
0130: 7775 7745 1672 1000 7744 1113 0370 1001
0140: 0645 1532 2326 0651 1645 7410 0766 1600
0150: 0637 1655 0701 1163 7740 0012 1327 0363
0160: 0777 1166 7607 0256 0004 0077 7772 7746
0170: 7477 7766 7776 7522 0240 7540 0034 7000
0200: 5706 5204 6041 5202 6046 7200 1177 3201
0210: 5600 0000 3034 3035 3036 3037 1176 3044
0220: 7240 3045 3043 1413 1175 7450 5223 1174
0230: 7410 1413 3031 1031 1173 7450 5275 1172
0240: 7100 1171 7620 5252 1170 1031 7120 1167
0250: 7620 5302 1043 1166 7700 5231 1043 7110
0260: 1044 3040 1031 0165 7430 5271 7006 7006
0270: 7006 1440 3440 2043 5231 2045 5302 2044
0300: 1164 5222 1043 7640 2211 5611 4000 1034
0310: 4340 1035 4340 1036 4340 1037 7650 5706
0320: 1163 4352 1037 4340 5706 4340 2330 7410
0330: 0000 7200 1730 7440 5325 6041 5335 5433
0340: 0000 3031 1031 7012 7012 7012 4352 1031
0350: 4352 5740 0000 0165 7450 5752 1174 0165
0360: 1174 4423 5752 4330 7700 0000 5337 1400
0370: 1413 7450 5767 4562 0201 0400 0054 5001
Block=010
0000: 5705 0000 4561 4424 1160 3013 4425 7000
0010: 4556 7655 0436 5477 0545 5553 0512 7073
0020: 0511 5600 0455 5454 0600 6074 0573 7777
0030: 1151 7377 1367 0000 5635 1362 1155 4265
0040: 1154 3041 4425 5254 1035 7450 5253 1034
0050: 7004 7230 1035 1034 5553 3552 1030 4551
0060: 2046 1162 3305 7201 5320 0000 3302 4550
0070: 4425 5547 1034 3303 1035 3304 1364 3305
0100: 6212 4422 0001 0000 0000 1005 5546 1304
0110: 5665 1145 3552 1030 4551 3046 7201 4265
0120: 4332 4550 1050 6212 4422 0002 0034 7626
0130: 5544 5543 0000 3050 1305 3026 4425 5547
0140: 1037 7450 1142 3037 5732 1141 3033 1567
0150: 4551 6212 4727 1013 1140 3013 1137 3364
0160: 7201 4265 4332 5536 7001 4562 4600 6200
0170: 0035 5001 5764 4432 4562 1001 0000 0060
0200: 3040 3021 1413 7440 5535 1534 3566 1567
0210: 0133 7640 5532 1567 4551 1531 3530 6041
0220: 5217 4432 1567 7710 5566 1162 3527 1133
0230: 3526 3525 1124 3523 1027 3522 5521 0000
0240: 6212 4422 0010 6211 3520 6201 1117 3022
0250: 5637 1516 3256 4426 0101 7400 0000 5001
0260: 1515 4514 1513 7004 4451 1512 3566 1511
0270: 3530 1512 3534 1511 3531 1513 4551 1027
0300: 3522 7410 5307 1030 3566 1110 3530 1515
0310: 7144 1107 3041 1441 3525 2041 1026 1117
0320: 7204 1441 0165 7640 5506 1525 7130 1441
0330: 1105 7510 5323 1110 7500 2504 1105 3345
0340: 1504 7040 1256 3347 4426 0000 6200 0000
0350: 5503 4502 3351 2046 3522 1345 7041 1441
0360: 7550 2515 7410 5522 3441 5307 4501 4500
0370: 4016 1724 4001 2601 1114 0102 1405 0000
Block=011
0000: 0300 0311 0316 0311 0324 6211 2477 5212
0010: 1117 3022 6201 1413 3414 2021 5213 6211
0020: 1263 3662 2220 2262 2261 5220 6201 1663
0030: 7004 7700 5241 3650 1567 0251 7650 5035
0040: 5046 1117 6034 1375 7650 6031 5433 5306
0050: 1731 0400 4207 0300 7000 0035 7402 6203
0060: 6042 7764 7626 7777 1637 3640 2237 2240
0070: 2241 5227 6203 5626 1000 1645 7666 6211
0100: 1251 3741 6201 3205 6046 5766 6032 5710
0110: 1273 1032 1413 1377 7100 1076 3042 7420
0120: 5330 4341 4341 4341 1021 1042 3021 5312
0130: 1040 0120 7106 7004 1361 3566 1021 5740
0140: 0616 7677 1021 7104 3021 1040 7004 3040
0150: 5741 1154 3014 1125 3041 6211 3414 2041
0160: 5356 6203 5475 6211 3441 5361 0404 1074
0170: 3034 4776 1073 4423 5766 7575 1262 7510
0200: 0404 1163 4423 3020 1160 3013 3017 6031
0210: 5207 1117 6034 3034 6032 4327 7553 1273
0220: 7563 1252 7401 1307 7555 1207 7557 1207
0230: 7545 1302 7566 1207 7600 1207 7561 1207
0240: 7575 1273 0000 4262 1034 3413 1013 1072
0250: 7710 5207 4561 1013 1071 7650 5201 3413
0260: 3413 5600 0000 1034 5344 1070 4423 3020
0270: 1034 4423 5662 1067 4423 1034 1066 4423
0300: 4561 5201 1065 3034 4262 2017 5253 1013
0310: 1071 7650 5300 0210 1313 4423 1324 4423
0320: 1013 3040 1313 4423 7240 1013 5205 0000
0330: 1727 2327 7450 5727 1034 7650 5341 2327
0340: 5330 1727 3040 5440 1354 7500 1353 1352
0350: 3034 5270 0340 7740 7440 4423 5352 4501
0360: 5557 0000 1064 4551 1063 3375 5372 1031
0370: 7650 5462 4562 0201 0400 0055 5001 5461
Block=012
0000: 4562 0201 0400 0037 5001 1060 3017 1461
0010: 3041 1041 4514 2017 1417 4776 1241 3241
0020: 2041 5213 1241 7106 7006 1050 6212 4422
0030: 0003 0034 0000 5367 1050 6212 4422 0004
0040: 0034 0001 5367 1060 3017 4432 1567 7004
0050: 7040 7720 4343 1231 3360 4354 1417 3357
0060: 7330 1417 3356 1357 7004 7730 5327 1356
0070: 0057 7640 5327 4343 7240 1356 7104 1357
0100: 7004 7730 5306 1356 1076 5326 1356 3041
0110: 1357 7041 1056 7130 3356 4354 7332 3357
0120: 1356 0055 7041 1041 7500 1054 3356 4354
0130: 2461 5256 4562 0610 0000 0013 5001 7240
0140: 6211 3477 5453 0000 2350 5743 4562 1010
0150: 7777 0033 5001 5743 0000 4426 4101 0600
0160: 0000 5367 1356 4776 1360 3360 5754 4500
0170: 2301 2605 4005 2222 1722 0000 1765 7110
0200: 4500 2417 1740 0605 2740 0122 0723 0000
0210: 0000 7040 0154 7650 5610 1053 3033 4500
0220: 0317 2205 4011 1501 0705 4005 2222 0000
0230: 0000 1567 7010 7200 1022 7730 5630 6212
0240: 4422 0011 1077 3022 5630 4501 4500 4016
0250: 1724 4006 1725 1604 0000 0000 3567 4550
0260: 6212 4422 0013 5655 0000 0743 0117 7650
0270: 5664 5215 4500 1617 4141 0000 1441 3526
0300: 1046 7650 4502 1722 3742 1722 7001 3344
0310: 1026 3527 1026 3364 1415 3416 2323 5314
0320: 5721 7524 0656 7724 2761 5334 1344 3762
0330: 6041 5330 5733 7757 1760 3343 2360 1760
0340: 3342 4764 7747 7771 0000 5354 1342 4365
0350: 1344 3344 2360 5324 6212 4763 0007 0000
0360: 7404 7400 7762 7700 0000 0000 7112 7012
0370: 7012 0377 7450 1377 7001 7110 5765 0037
The above dump was made just after system.dsk is read into the server memory. The HLT is at block 7 address 0111 and I said 0110 last night, Thinking I might have it off by an address I turned the machine on and looked at the core. 0110 is a 7600 followed by a 7402. So stuff is in the correct place. Certainly doesn't mean it is the right stuff. I am actually hoping that you tell me that all of that is gibberish and does not match what is on your image.

I am thinking I can tell the handler to give me back what it just wrote into the 8 memory and thus do a readback verify check.
 
Got to finish a document review first - but I will look at this when I finish (or have had enough for the night)!

That dump is ideal...

Dave
 
Verified that 007 through 012 is the keyboard monitor. Decided that there might be text embedded in there so I changed the dump to also show the 6 bit codes.
Code:
Block=007
0000: 0003 7200 1053 3033 4500 2331 2324 0515   C :  H+ X[ %  SY ST EM
0010: 4005 2222 0000 1051 7764 1723 7523 0000   E RR    H) ?4 OS =S
0020: 0000 7771 7700 0200 1200 0211 7607 5372     ?9 ?  B  J  BI >G +:
0030: 6203 0321 1630 0402 0203 4562 1161 5400  2C CQ NX DB BC %2 I1 ,
0040: 1160 7610 5046 3445 5001 7777 6263 5450  I0 >H (& \% (A ?? 23 ,(
0050: 5601 1664 6544 7605 4000 3700 2020 0070  .A N4 5$ >E    _  PP  8
0060: 0603 0600 0434 0067 6003 0244 0100 0336  FC F  D\  7 0C B$ A  C^
0070: 0334 7001 6670 0212 0215 0403 0010 7700  C\ 8A 68 BJ BM DC  H ?
0100: 0330 0306 0564 1754 0527 0300 1676 7404  CX CF E4 O, EW C  N> <D
0110: 7600 7402 7401 7403 1610 7400 0526 0200  >  <B <A <C NH <  EV B
0120: 0007 7757 7764 7762 0033 7761 7760 7756   G ?/ ?4 ?2  [ ?1 ?0 ?.
0130: 7775 7745 1672 1000 7744 1113 0370 1001  ?= ?% N: H  ?$ IK C8 HA
0140: 0645 1532 2326 0651 1645 7410 0766 1600  F% MZ SV F) N% <H G6 N
0150: 0637 1655 0701 1163 7740 0012 1327 0363  F_ N- GA I3 ?   J KW C3
0160: 0777 1166 7607 0256 0004 0077 7772 7746  G? I6 >G B.  D  ? ?: ?&
0170: 7477 7766 7776 7522 0240 7540 0034 7000  <? ?6 ?> =R B  =   \ 8
0200: 5706 5204 6041 5202 6046 7200 1177 3201  /F *D 0! *B 0& :  I? ZA
0210: 5600 0000 3034 3035 3036 3037 1176 3044  .     X\ X] X^ X_ I> X$
0220: 7240 3045 3043 1413 1175 7450 5223 1174  :  X% X# LK I= <( *S I<
0230: 7410 1413 3031 1031 1173 7450 5275 1172  <H LK XY HY I; <( *= I:
0240: 7100 1171 7620 5252 1170 1031 7120 1167  9  I9 >P ** I8 HY 9P I7
0250: 7620 5302 1043 1166 7700 5231 1043 7110  >P +B H# I6 ?  *Y H# 9H
0260: 1044 3040 1031 0165 7430 5271 7006 7006  H$ X  HY A5 <X *9 8F 8F
0270: 7006 1440 3440 2043 5231 2045 5302 2044  8F L  \  P# *Y P% +B P$
0300: 1164 5222 1043 7640 2211 5611 4000 1034  I4 *R H# >  RI .I    H\
0310: 4340 1035 4340 1036 4340 1037 7650 5706  #  H] #  H^ #  H_ >( /F
0320: 1163 4352 1037 4340 5706 4340 2330 7410  I3 #* H_ #  /F #  SX <H
0330: 0000 7200 1730 7440 5325 6041 5335 5433     :  OX <  +U 0! +] ,[
0340: 0000 3031 1031 7012 7012 7012 4352 1031     XY HY 8J 8J 8J #* HY
0350: 4352 5740 0000 0165 7450 5752 1174 0165  #* /     A5 <( /* I< A5
0360: 1174 4423 5752 4330 7700 0000 5337 1400  I< $S /* #X ?     +_ L
0370: 1413 7450 5767 4562 0201 0400 0054 5001  LK <( /7 %2 BA D   , (A
Block=010
0000: 5705 0000 4561 4424 1160 3013 4425 7000  /E    %1 $T I0 XK $U 8
0010: 4556 7655 0436 5477 0545 5553 0512 7073  %. >- D^ ,? E% -+ EJ 8;
0020: 0511 5600 0455 5454 0600 6074 0573 7777  EI .  D- ,, F  0< E; ??
0030: 1151 7377 1367 0000 5635 1362 1155 4265  I) ;? K7    .] K2 I- "5
0040: 1154 3041 4425 5254 1035 7450 5253 1034  I, X! $U *, H] <( *+ H\
0050: 7004 7230 1035 1034 5553 3552 1030 4551  8D :X H] H\ -+ ]* HX %)
0060: 2046 1162 3305 7201 5320 0000 3302 4550  P& I2 [E :A +P    [B %(
0070: 4425 5547 1034 3303 1035 3304 1364 3305  $U -' H\ [C H] [D K4 [E
0100: 6212 4422 0001 0000 0000 1005 5546 1304  2J $R  A       HE -& KD
0110: 5665 1145 3552 1030 4551 3046 7201 4265  .5 I% ]* HX %) X& :A "5
0120: 4332 4550 1050 6212 4422 0002 0034 7626  #Z %( H( 2J $R  B  \ >V
0130: 5544 5543 0000 3050 1305 3026 4425 5547  -$ -#    X( KE XV $U -'
0140: 1037 7450 1142 3037 5732 1141 3033 1567  H_ <( I" X_ /Z I! X[ M7
0150: 4551 6212 4727 1013 1140 3013 1137 3364  %) 2J 'W HK I  XK I_ [4
0160: 7201 4265 4332 5536 7001 4562 4600 6200  :A "5 #Z -^ 8A %2 &  2
0170: 0035 5001 5764 4432 4562 1001 0000 0060   ] (A /4 $Z %2 HA     0
0200: 3040 3021 1413 7440 5535 1534 3566 1567  X  XQ LK <  -] M\ ]6 M7
0210: 0133 7640 5532 1567 4551 1531 3530 6041  A[ >  -Z M7 %) MY ]X 0!
0220: 5217 4432 1567 7710 5566 1162 3527 1133  *O $Z M7 ?H -6 I2 ]W I[
0230: 3526 3525 1124 3523 1027 3522 5521 0000  ]V ]U IT ]S HW ]R -Q
0240: 6212 4422 0010 6211 3520 6201 1117 3022  2J $R  H 2I ]P 2A IO XR
0250: 5637 1516 3256 4426 0101 7400 0000 5001  ._ MN Z. $V AA <     (A
0260: 1515 4514 1513 7004 4451 1512 3566 1511  MM %L MK 8D $) MJ ]6 MI
0270: 3530 1512 3534 1511 3531 1513 4551 1027  ]X MJ ]\ MI ]Y MK %) HW
0300: 3522 7410 5307 1030 3566 1110 3530 1515  ]R <H +G HX ]6 IH ]X MM
0310: 7144 1107 3041 1441 3525 2041 1026 1117  9$ IG X! L! ]U P! HV IO
0320: 7204 1441 0165 7640 5506 1525 7130 1441  :D L! A5 >  -F MU 9X L!
0330: 1105 7510 5323 1110 7500 2504 1105 3345  IE =H +S IH =  UD IE [%
0340: 1504 7040 1256 3347 4426 0000 6200 0000  MD 8  J. [' $V    2
0350: 5503 4502 3351 2046 3522 1345 7041 1441  -C %B [) P& ]R K% 8! L!
0360: 7550 2515 7410 5522 3441 5307 4501 4500  =( UM <H -R \! +G %A %
0370: 4016 1724 4001 2601 1114 0102 1405 0000   N OT  A VA IL AB LE
Block=011
0000: 0300 0311 0316 0311 0324 6211 2477 5212  C  CI CN CI CT 2I T? *J
0010: 1117 3022 6201 1413 3414 2021 5213 6211  IO XR 2A LK \L PQ *K 2I
0020: 1263 3662 2220 2262 2261 5220 6201 1663  J3 ^2 RP R2 R1 *P 2A N3
0030: 7004 7700 5241 3650 1567 0251 7650 5035  8D ?  *! ^( M7 B) >( (]
0040: 5046 1117 6034 1375 7650 6031 5433 5306  (& IO 0\ K= >( 0Y ,[ +F
0050: 1731 0400 4207 0300 7000 0035 7402 6203  OY D  "G C  8   ] <B 2C
0060: 6042 7764 7626 7777 1637 3640 2237 2240  0" ?4 >V ?? N_ ^  R_ R
0070: 2241 5227 6203 5626 1000 1645 7666 6211  R! *W 2C .V H  N% >6 2I
0100: 1251 3741 6201 3205 6046 5766 6032 5710  J) _! 2A ZE 0& /6 0Z /H
0110: 1273 1032 1413 1377 7100 1076 3042 7420  J; HZ LK K? 9  H> X" <P
0120: 5330 4341 4341 4341 1021 1042 3021 5312  +X #! #! #! HQ H" XQ +J
0130: 1040 0120 7106 7004 1361 3566 1021 5740  H  AP 9F 8D K1 ]6 HQ /
0140: 0616 7677 1021 7104 3021 1040 7004 3040  FN >? HQ 9D XQ H  8D X
0150: 5741 1154 3014 1125 3041 6211 3414 2041  /! I, XL IU X! 2I \L P!
0160: 5356 6203 5475 6211 3441 5361 0404 1074  +. 2C ,= 2I \! +1 DD H<
0170: 3034 4776 1073 4423 5766 7575 1262 7510  X\ '> H; $S /6 == J2 =H
0200: 0404 1163 4423 3020 1160 3013 3017 6031  DD I3 $S XP I0 XK XO 0Y
0210: 5207 1117 6034 3034 6032 4327 7553 1273  *G IO 0\ X\ 0Z #W =+ J;
0220: 7563 1252 7401 1307 7555 1207 7557 1207  =3 J* <A KG =- JG =/ JG
0230: 7545 1302 7566 1207 7600 1207 7561 1207  =% KB =6 JG >  JG =1 JG
0240: 7575 1273 0000 4262 1034 3413 1013 1072  == J;    "2 H\ \K HK H:
0250: 7710 5207 4561 1013 1071 7650 5201 3413  ?H *G %1 HK H9 >( *A \K
0260: 3413 5600 0000 1034 5344 1070 4423 3020  \K .     H\ +$ H8 $S XP
0270: 1034 4423 5662 1067 4423 1034 1066 4423  H\ $S .2 H7 $S H\ H6 $S
0300: 4561 5201 1065 3034 4262 2017 5253 1013  %1 *A H5 X\ "2 PO *+ HK
0310: 1071 7650 5300 0210 1313 4423 1324 4423  H9 >( +  BH KK $S KT $S
0320: 1013 3040 1313 4423 7240 1013 5205 0000  HK X  KK $S :  HK *E
0330: 1727 2327 7450 5727 1034 7650 5341 2327  OW SW <( /W H\ >( +! SW
0340: 5330 1727 3040 5440 1354 7500 1353 1352  +X OW X  ,  K, =  K+ K*
0350: 3034 5270 0340 7740 7440 4423 5352 4501  X\ *8 C  ?  <  $S +* %A
0360: 5557 0000 1064 4551 1063 3375 5372 1031  -/    H4 %) H3 [= +: HY
0370: 7650 5462 4562 0201 0400 0055 5001 5461  >( ,2 %2 BA D   - (A ,1
Block=012
0000: 4562 0201 0400 0037 5001 1060 3017 1461  %2 BA D   _ (A H0 XO L1
0010: 3041 1041 4514 2017 1417 4776 1241 3241  X! H! %L PO LO '> J! Z!
0020: 2041 5213 1241 7106 7006 1050 6212 4422  P! *K J! 9F 8F H( 2J $R
0030: 0003 0034 0000 5367 1050 6212 4422 0004   C  \    +7 H( 2J $R  D
0040: 0034 0001 5367 1060 3017 4432 1567 7004   \  A +7 H0 XO $Z M7 8D
0050: 7040 7720 4343 1231 3360 4354 1417 3357  8  ?P ## JY [0 #, LO [/
0060: 7330 1417 3356 1357 7004 7730 5327 1356  ;X LO [. K/ 8D ?X +W K.
0070: 0057 7640 5327 4343 7240 1356 7104 1357   / >  +W ## :  K. 9D K/
0100: 7004 7730 5306 1356 1076 5326 1356 3041  8D ?X +F K. H> +V K. X!
0110: 1357 7041 1056 7130 3356 4354 7332 3357  K/ 8! H. 9X [. #, ;Z [/
0120: 1356 0055 7041 1041 7500 1054 3356 4354  K.  - 8! H! =  H, [. #,
0130: 2461 5256 4562 0610 0000 0013 5001 7240  T1 *. %2 FH     K (A :
0140: 6211 3477 5453 0000 2350 5743 4562 1010  2I \? ,+    S( /# %2 HH
0150: 7777 0033 5001 5743 0000 4426 4101 0600  ??  [ (A /#    $V !A F
0160: 0000 5367 1356 4776 1360 3360 5754 4500     +7 K. '> K0 [0 /, %
0170: 2301 2605 4005 2222 1722 0000 1765 7110  SA VE  E RR OR    O5 9H
0200: 4500 2417 1740 0605 2740 0122 0723 0000  %  TO O  FE W  AR GS
0210: 0000 7040 0154 7650 5610 1053 3033 4500     8  A, >( .H H+ X[ %
0220: 0317 2205 4011 1501 0705 4005 2222 0000  CO RE  I MA GE  E RR
0230: 0000 1567 7010 7200 1022 7730 5630 6212     M7 8H :  HR ?X .X 2J
0240: 4422 0011 1077 3022 5630 4501 4500 4016  $R  I H? XR .X %A %   N
0250: 1724 4006 1725 1604 0000 0000 3567 4550  OT  F OU ND       ]7 %(
0260: 6212 4422 0013 5655 0000 0743 0117 7650  2J $R  K .-    G# AO >(
0270: 5664 5215 4500 1617 4141 0000 1441 3526  .4 *M %  NO !!    L! ]V
0300: 1046 7650 4502 1722 3742 1722 7001 3344  H& >( %B OR _" OR 8A [$
0310: 1026 3527 1026 3364 1415 3416 2323 5314  HV ]W HV [4 LM \N SS +L
0320: 5721 7524 0656 7724 2761 5334 1344 3762  /Q =T F. ?T W1 +\ K$ _2
0330: 6041 5330 5733 7757 1760 3343 2360 1760  0! +X /[ ?/ O0 [# S0 O0
0340: 3342 4764 7747 7771 0000 5354 1342 4365  [" '4 ?' ?9    +, K" #5
0350: 1344 3344 2360 5324 6212 4763 0007 0000  K$ [$ S0 +T 2J '3  G
0360: 7404 7400 7762 7700 0000 0000 7112 7012  <D <  ?2 ?        9J 8J
0370: 7012 0377 7450 1377 7001 7110 5765 0037  8J C? <( K? 8A 9H /5  _
And you can see quite a lot of readable text in there.

Time to do something else for a bit and think about this. I suppose my 8/e test machine could be broken. Naw, that would be too easy!
 
Still not working and I don't know why. But I do know I fixed one bug where I was overflowing the buffer that sends characters to the PDP-8 console serial port. It looks like the Unix buffer is 4k.

The HLT at 0111 being executed is not an instruction, it is a page zero literal pointing at CCB+2 and should never get executed. The big question is how it got there? I spent far too much time looking at OS8.PA figuring this out.

I wrote some code for the server that essentially performs an address test on field 2. It writes the address at the address, then reads it back and halts. The PDP-8 is sitting in the handler code waiting for another server command. At 9600 baud this takes about 17 seconds. I can then examine addresses in field 2 and make sure stuff is where it is supposed to be. After fixing the buffering issue this is now working as expected. Here is the code for that. It executes as soon as the handler passes it control:
Code:
/* since we are having no luck lets test pdp_mem_write
** by doing an address test with it.  Fill a buffer with
** 0000 through 7777 and write it to field 2
*/
  fprintf( stderr, "address test write\r\n" );
  for( i=0000; i<=07777; i++) tstbuff[i]=i;
  pdp_mem_write( 2, 0000, 4096, tstbuff );
  fprintf( stderr, "address test readback\r\n" );
  for( i=0000; i<=07777; i++) tstbuff[i]= -1;
  pdp_mem_read( 2, 0000, 4096, tstbuff );
  for( i=0000; i<=07777; i++) if( tstbuff[i]!=i )
    fprintf(stderr, "SERVER: TSTWRT i=%04o got=%04o\r\n", i, tstbuff[i]);
  fprintf( stderr, "address test complete\r\n" );
  tty_reset();
  pdp_reset();
  exit(1);
The steps it performs are:
  1. Initialize the buffer with the pattern. In this case the memory locations address.
  2. Tell the handler to do a block write of memory field 2 starting at address 0 of 4096 words from the tstbuffer.
  3. Set the test buffer to some illegal value to make sure that it no longer matches.
  4. Tell the handler to do a block read of memory field 2 starting at address 0 of 4096 words to the tstbuffer.
  5. Compare the received data to the expected data.
And that all works just fine and take about 17 seconds. It was this code hanging that let me find the buffer overflow issue mentioned earlier.

I spoke with Vince this afternoon and he gave me some ideas to pursue. I will continue with more of that tomorrow.
 
Sorry I haven't got back to you. I tested positive for Covid on Sunday - so I am locked up in the spare bedroom now with only a phone and works laptop for company.

Anyhow, I was wondering exactly the same as to why the HALT was occurring at a place where it shouldn't be executing. The KBD handler, USR etc. are all supposed to be loaded up 'high' in fields 0 and 1 (7600...).

Does it make sense to publish your current '8' bootstrap and server code so that you can have a fresh pair of eyes look at them - or at least make suggestions regarding how to track down the bugs.

Dave
 
Sorry I haven't got back to you. I tested positive for Covid on Sunday - so I am locked up in the spare bedroom now with only a phone and works laptop for company.

Anyhow, I was wondering exactly the same as to why the HALT was occurring at a place where it shouldn't be executing. The KBD handler, USR etc. are all supposed to be loaded up 'high' in fields 0 and 1 (7600...).

Does it make sense to publish your current '8' bootstrap and server code so that you can have a fresh pair of eyes look at them - or at least make suggestions regarding how to track down the bugs.
I hope you are one of those people for whom Covid turns out to be not that big of a deal.

As I mentioned, the place where the 8/e is halting is at address 0111. After looking at OS8.lst generated from OS8.PA I found that this is not a HLT instruction (although it plays one on TV), it is the result of TAD I [CCB+2 and that page zero literal should never get executed.

I am sure I will figure out how it is going wrong eventually but if you want to something to look at while you suffer I would be delighted to let you look at it. It is not ready for GitHub but since I roll up a tarball every morning I can rename the suffix .zip instead of .tgz if the forum software doesn't like it.

Let me know what you want. In the meantime here is the source listing of os8bt.pa which is the combination of the hand toggled in code and the code that gets converted to help format. This has been stable since the end of April when I re-wrote it to make it look more like a regular boot instead of trying to make something wonderful.
Code:
      / CONSOLE SERIAL DISK OS/8 HELP BOOT                                Page 1


    1              / CONSOLE SERIAL DISK OS/8 HELP BOOT
    2              /
    3              /VER 0.1  20220428 HAD AN IDEA TO SIMPLIFY AND MAKE IT LOOK MORE LIKE THE
    4              /         REGULAR BOOT2 PROGRAMS EMBEDDED IN THE BOOT BLOCK.
    5              /
    6              / (C) COPYRIGHT 2022 BY DOUG INGRAHAM.  NO RIGHTS RESERVED.  FEEL FREE TO USE
    7              / THIS CODE FOR ANYTHING YOU WANT.
    8              /
    9              / BOOT2 IS UNUSUAL BECAUSE IT IS LIMITED BY THE CONSTRAINTS OF THE HELP
   10              / LOADER.  THESE CONSTRAINTS ARE:
   11              /
   12              / *  MEMORY REFERENCE INSTRUCTIONS CAN ONLY DIRECTLY ADDRESS MEMORY FROM
   13              /    000 THROUGH 037.  NO INDIRECT OR CURRENT PAGE REFERENCES!
   14              / *  IOT'S CAN ONLY ADDRESS DEVICE CODES 0 THROUGH 3.
   15              / *  FOR THE OPERATE INSTRUCTIONS YOU CAN ONLY GENERATE GROUP 1 AND NOT
   16              /    ALL ENCODINGS CAN BE USED.  CML, RAR, RAL, RTR, RTL, AND IAC ARE
   17              /    ALLOWED.  YOU CAN'T SPECIFY CLA, CLL, OR CMA OPERATIONS.
   18              /
   19              / FORTUNATELY THIS STILL LEAVES A LOT OF POSSIBILITIES BUT YOU ARE
   20              / BASICALLY LIMITED TO THE BOTTOM 32 WORDS OF MEMORY AND NO INDIRECTION
   21              / WHICH ALSO MEANS NO SUBROUTINES BECAUSE THE RETURN REQUIRES
   22              / INDIRECTION.
   23              /
   24              / THE BOOT2 PROGRAM STARTS WHEN THE LOAD OVERWRITES THE FIRST INSTRUCTION
   25              / OF THE BOOT1 PROGRAM.  THIS WILL BE A JMP PATCH.  BOOT2 WILL READ THE
   26              / BOOT BLOCK INTO MEMORY STARTING AT ADDRESS 0.  IT WILL READ 256 WORDS
   27              / AND THEN MOVE THE TWO MEMORY RESIDENT SECTIONS INTO THEIR CORRECT
   28              / PLACES.  FINALLY IT WILL PERFORM A JMP TO 7605 WHICH STARTS OS/8.
   29
   30              / THE BOOT 2 PROGRAM:
   31
   32              / THE BOOT2 PROGRAM REQUIRES INDIRECTION IN 1 PLACE.  THIS IS THE
   33              / INDIRECT DEPOSIT THAT STORES THE RECEIVED WORD IN MEMORY.  THE BIT THAT
   34              / CONTROLS INDIRECTION IS THE 0400 BIT SO ALL WE HAVE TO DO IS CREATE
   35              / THAT AND ADD IT TO A REGULAR DEPOSIT.  THE CLL RTR;RTR WILL DO THIS
   36              / NICELY SO WE DO THAT FIRST TO PATCH THE DEPOSIT.
   37              /
   38
   39
   40
   41              / WHAT IS EXPECTED OF THE SERVER:
   42
   43              / THE BOOT1 CODE WILL BE TOGGLED IN AND STARTED.  THE SERVER WILL BE TOLD
   44              / TO PERFORM A BOOT WITH SHIFT F12.  THE SERVER WILL SEND THE BOOT2
   45              / HELPER CODE AND THEN IT WILL SEND THE BOOT BLOCK.  THE EXTENDED VERSION
   46              / OF BOOT2 THAT IS FOUND IN THE BOOT RECORD WILL TAKE OVER WHEN ALL 256
   47              / WORDS HAVE BEEN REVEIVED.
   48
   49              / HERE ARE THE BOOT2 HELP CODES:
   50              / ADR HLP  INST ASSEMBLY



      / CONSOLE SERIAL DISK OS/8 HELP BOOT                                Page 2


   51
   52
   53
   54
   55
   56              / THE BOOT2 LOADER:
   57
   58              / A WORD ABOUT THE .-. CONSTRUCT.
   59
   60              / I SAW THIS IN SOME CODE I WAS READING A VERY LONG TIME AGO AND DECIDED
   61              / TO USE IT LIKE THEY WERE.  AS A PLACEHOLDER FOR SELF MODIFYING CODE OR
   62              / THE RETURN ADDRESS LOCATION OF A SUBROUTINE.  IT STANDS OUT FROM THE
   63              / TEXT AROUND IT SO IT CATCHES YOUR EYE AND YOU KNOW SOMETHING
   64              / INTERESTING IS HAPPENING HERE.  THE CALCULATION IS CURRENT ADDRESS
   65              / MINUS CURRENT ADDRESS WHICH IS ZERO.
   66
   67              / THE WORD COUNT MUST BE INITIALLY -0400 (07400) BUT THIS IS ONE OF THOSE
   68              / VALUES THE HELP LOADER CANNOT GENERATE.  HELP SENDS A ZERO BUT THE BOOT
   69              / BLOCK WILL HAVE THE CORRECT VALUE SO IT IS ALL GOOD.
   70
   71        0000  *0000
   72 00000  0000  BTWC,   .-.             /WORD COUNT TO TRANSFER (SET TO 7400 BY BOOT RECORD)
   73 00001  0000  BTCA,   0               /CURRENT ADDRESS TO STORE WORD.  SET TO 1 BY BOOT RECORD
   74 00002  0000  BTTMP,  .-.             /THIS IS AN INITIAL DONT CARE VALUE.
   75
   76 00003  7032  PATCH,  CML RTR         /BUILD A 0400 INDIRECTION BIT
   77 00004  7012          RTR
   78 00005  1021          TAD PTCHME      /AND APPLY TO THE DCA
   79 00006  3021          DCA PTCHME
   80
   81 00007  6031  BOOT2,  KSF             /GET A CHARACTER FROM SERIAL DISK SERVER
   82 00010  5007          JMP .-1
   83 00011  6036          KRB
   84 00012  7006          RTL             /LEFT SHIFT 4 BITS TO BUILD UPPER HALF
   85 00013  7006          RTL
   86 00014  3002          DCA BTTMP       /SAVE FOR COMBINE
   87 00015  6031          KSF             /GET LOWER 6 BITS
   88 00016  5015          JMP .-1
   89 00017  6036          KRB
   90 00020  1002          TAD BTTMP
   91 00021  3001  PTCHME, DCA BTCA        /STORE THE WORD IN MEMORY (MODIFIED TO A DCA I BTCA)
   92 00022  2001          ISZ BTCA        /POINT AT NEXT ADDRESS
   93 00023  2000          ISZ BTWC        /SKIP IF DONE
   94 00024  5007          JMP BOOT2       /GO DO THE NEXT WORD
   95
   96              / AN EXTENDED VERSION OF THE LOADER FOR THE BOOT RECORD STARTS HERE.  SEE
   97              / THE HANDLER FOR THE BOOT RECORD VERSION
   98
   99 00025  5003          JMP PATCH       /THIS OVERWRITES THE KSF AT BOOT1 TAKING CONTROL
  100                      NOPUNCH



      / CONSOLE SERIAL DISK OS/8 HELP BOOT                                Page 3


  101        0025          *.-1            /THE JMP BOOT2 ABOVE WILL OVERWRITE THE KSF BELOW
  102 00025  6031  BOOT1,  KSF             /SKIP IF SERVER HAS SENT US A CHARACTER
  103 00026  5025          JMP .-1         /WAIT FOR A CHARACTER
  104 00027  6036          KRB             /READ THE CHARACTER
  105 00030  7012          RTR             /MOVE BITS INTO POSITION
  106 00031  7010          RAR
  107 00032  3001          DCA Z 1         /STORE THE INSTRUCTION.  MODIFIED BY THE FOLLOWING ISZ
  108 00033  2032          ISZ .-1         /BUMP THE STORE ADDRESS
  109 00034  5025          JMP BOOT1       /GO DO NEXT ONE
  110              /END OF HAND TOGGLED CODE
  111
  112                      ENPUNCH
  113                      $

      No detected errors
      No links generated



      / CONSOLE SERIAL DISK OS/8 HELP BOOT                                Page 4
                                                                 Cross Reference

    1 A    102  BOOT1       109
    2 A     81  BOOT2        94
    3 A     73  BTCA         91     92
    4 A     74  BTTMP        86     90
    5 A     72  BTWC         93
    6 A     76  PATCH        99
    7 A     91  PTCHME       78     79
I am still thinking about making it "Wonderful" at some future time but that will be for version 2.

I just corrected a comment and noticed that I have never put in the help code table. There is always more to do.
 
Thanks Doug. I will give that an 'eyeball' presently.

So far minimal symptoms. We have had all of our vaccinations, so they should help.

The biggest problem at the moment is the record temperatures in the UK...

Dave
 
The biggest problem at the moment is the record temperatures in the UK...
The high here yesterday was 105F (40.5C). I think we had you beat. But we get temps like this every few years and AC is common because of that. I hid in the basement and worked on handlers. My AC was not keeping up but the basement remained tolerable. Todays high is going to be 87F (30.5C) so quite a bit better.

Stay hydrated, stay out of the sun and get well!
 
Well, I found the bug!

The handler understands three different commands from the server.
  1. Read a block of PDP-8 memory.
  2. Write a block of PDP-8 memory.
  3. Perform a far jmp with the AC set to some value.
For each of these there are three arguments, where the third is also the command. For read and write the first argument is the starting address of the operation. In the case of the Far JMP this is the destination address. For read and write the second argument is the word count for the transfer where 0000 transfers 4096 words. For the Far JMP this is the value that gets loaded into the AC. And the third argument is the command. For the Far JMP this is the CDF CIF instruction that is supposed to get executed. The CDF CIF instruction is 062X3 where the X is replaced by the field. I forgot the leading 0 when I coded it. A 6213 decimal is a 014105 octal which ended up on PDP-8 as a 4105 which is a JMS to address 105 on page zero. And this explains how it got to 0111 where the 7402 (HLT) instruction was executed.

And now it will boot an unmodified RK05 image via the console serial port. The only thing I have tried so far is a DIR SYS: which does work! On the image I am using DSK: is the second RK05 image and I am not currently mapping that so the server tells me and then exits. I have a diag pack image, I should probably boot that up and run some more diagnostics.

It seems terribly slow at 9600 baud so I am going to switch to 19200 which is the fastest I can do on an M8655. I hope this board is one of the ones that can do it. I have one in the 8/a configured to run regular serial disk at 19200 so I have that one to fall back on.

There is still a lot to do, but the hard stuff is out of the way!
 
It seems terribly slow at 9600 baud so I am going to switch to 19200 which is the fastest I can do on an M8655.
Is anyone else interested in those Omnibus USB serial I/O boards? I'm aware of two designs.
They're supposed to be able to run at least 115,200 (or maybe 230,400) baud. That should give at least RX/floppy performance.
Most search hits for the Atmel ATF1508AS chip seem to indicate 'no-stock', but TodayComponents claims to have them available for ~$10.
If anyone is ordering a run of either of these boards, I'd definitely be interested in purchasing two (maybe three depending on the price).
 
Is anyone else interested in those Omnibus USB serial I/O boards? I'm aware of two designs.
I receieved today prototype PCBs of my take on thiis. I've got a few AT1508 supposedly on the way, arriving end of week. I should be able to try something sometime next week.

The board also has the 32K memory and boot loader on it. Last I checked, I can find chips for the memory section, but not the boot loader. Stock changes dai8ly these days, so based on what you sais I should check again on the CPLD availability.

Vince
 
Back
Top