CEEDUMP ANALYSIS

COBOL/PL1/ASSEMBLER

Sudaman.T.M.
IBM Global Services
Bangalore

Last Updated: September 2003

Copyright 2003 – IBM Corporation.
All rights reserverd.
 CEEDUMP ANALYSIS

Table of Contents

Copyright 2003 - IBM Corporation. All rights reserved

i
 CEEDUMP ANALYSIS

Section 1: Introduction

1.1 Drive behind the paper

Hours of my time spent in searching for a pin in a paddy field drove me to learn this beautiful art
called dump analysis. It completely deserves to be called as an art as quite an inclination of mind
is an investment for the beautiful outcome that it provides.

With no formal introduction to perform a dump analysis, I started off to debug an application
that was failing. It took more than two man days to locate the domain where the problem might
exist.Ofcourse it was by a sheer luck that I reached the domain. Not always are you lucky, so I
started of learning to perform a dump analysis in a methodical way. I have documented my
learning in this paper. I sincerely hope and believe this paper saves time to every one who is
reading this paper.

1.2 Who should read this and What you will be after you read this

This paper targets the software engineers who deal with IBM Mainframes.

This paper talks about Dump Analysis. After you read this paper, you should be able to
understand the dump. To be precise, you will know as where you should look for information
that will make sense to you.

I have given a snippets of code that, if you copy in your system and execute it, will create an
abend and produce dump. Then following the steps that I have put in this paper you will be able
to learn dump analysis.

Note that, all the compiler options that I have specified is very important and that rules the dump
that you are going to encounter.

So after you read this……You will certainly be literate about dump analysis. Remember that,
practice makes a man perfect and hence just like every other art, this art also requires practice.

Copyright 2003 - IBM Corporation. All rights reserved

1
 CEEDUMP ANALYSIS

1.3 How is the paper structured

I have taken three examples. Since to reach a large set of audience, i have written snippets in
COBOL, ASSEMBLER AND PL1. Not that it matters when you go down to the level of dump
that is getting created.

The first example, has a COBOL program calling another COBOL program which in turn calls
an ASSEMBLER program. I have introduced division by error in the assembler code.

The second example has a PL1 standalone prorgram creating a dump. Then i have made the
same standalone program call another PL1 program which abends and this call is a static call.

Thus, I have addressed or tried to address all the major corners of a programmers scope.

1.4 Where do you read more on this

IBM BOOKMANAGER.

I personally feel, IBM Bookmanager is a ocean of knowledge and hip and hop you fall on any
topic you would want. My learning is also only from IBM BOOKMANAGER. Three cheers to
IBM for this.

Section 2: Introduction to FORMATTED DUMP

2.1 What is FORMATTED DUMP?

The act of copying raw data from one place to another with little or no formatting for
readability. Usually, dump refers to copying data from main memory to a display screen or a
printer. Dumps are useful for diagnosing bugs. After a program fails, you can study the dump
and analyze the contents of memory at the time of the failure. Dumps are usually output in a
difficult-to-read form (that is, binary, octal, or hexadecimal), so a dump will not help you unless
you know exactly what to look for.

The above definition is a cut, copy and paste from webopaedia.com. I leave the links as such for
just in case reasons. It is a classical definition for dump.

When the copying of raw data from main memory to to a display screen is formatted then we
call that dump as FORMATTED DUMP.

Copyright 2003 - IBM Corporation. All rights reserved

2
 CEEDUMP ANALYSIS

2.2 Various Information for you in a Formatted Dump

The Language Environment formatted dump can contain various information, including
information on:

Symbolic dump of variables, arguments, and registers

File control blocks
File buffers
Run-time control blocks
Storage used by the program

These are the information that you might need to know if you are interested in locating the
domain of your problem.

2.3 Compiler Options and Formatted Dump

The compiler options affect the run time debugging of the program. There are lot of compiler
options and it might be a paper to submit if we consider all. So, I have taken three important
options that affect the structure and information in the dump. They are
LIST
MAP
TEST

LIST: This Produces a listing of the assembler expansion of your source code and global tables,
literal pools, information about working storage, and size of routine's working storage.
MAP: Produces lists of items in data division including a data division map, global tables, literal pools, a
nested program structure map, and attributes.

TEST: Produces object code that can run with a debugging tool, or adds information to the object
program to produce formatted dumps. SYM suboption includes statement numbers in the
Language Environment dump and produces a symbolic dump.

Copyright 2003 - IBM Corporation. All rights reserved

3
 CEEDUMP ANALYSIS

Section 3: Methodical Dump Analysis

3.1 Procedure to perform Dump Analysis

The following procedure is followed to analyze the dump output.

 Locate the error message for the current condition in the Condition Information section of the
dump.

 Note the sequence of calls in the call chain for the traceback.

 Examine the compile listing of the program to find the instruction causing the exception using the
statement number and offset given in the condition message.

The examples in the following sections will guide you through and show you as how to perform the
above three steps.

Copyright 2003 - IBM Corporation. All rights reserved

4
 CEEDUMP ANALYSIS

Section 4: Examples and Explanations

4.1 Example #1 PL1 standalone program

This example demonstrates the error of a stand alone PLI routine that tries to perform a division
operation with zero as the denominator.

The program was compiled with TEST (STMT, SYM) and run with the TERMTHDACT (TRACE) run-time
option.

DPPLI01: PROC OPTIONS(MAIN);

DCL (A,B,C) BIT(01) INIT('0'B);
B = 4;
C = 0;
A = B/C;
PUT SKIP LIST(A);
END DPPLI01;

To debug this application, use the following steps:

1. The message is CEE3209S The system detected a fixed-point divide exception.

2. Note the sequence of calls in the call chain. There is no much to discuss here as we are dealing with a
stand alone program and there is no calls from this program.

IBM0301S ONCODE=320 The ZERODIVIDE condition was raised.

From compile unit DPPLI01 at entry point DPPLI01 at statement 5 at compile unit offset
+00000104 at address 09500C5C.

CEE3DMP V2 R10.0: Condition processing resulted in the unhandled condition.

Information for enclave DPPLI01

Information for thread 8000000000000000

Traceback:
DSA Addr Program Unit PU Addr PU Offset Entry E Addr
000344A0 CEEHDSP 05DDF018 +000030BE CEEHDSP 05DDF018
00034390 DPPLI01 09500B58 +00000104 DPPLI01 09500B60
000341D0 IBMRPMIA 0001EDF8 +0000055A IBMRPMIA 0001EDF8
000340E0 CEEEV010 09518BC0 +0000030A CEEEV010 09518BC0
00034018 CEEBBEXT 00010310 +000001A6 CEEBBEXT 00010310

Copyright 2003 - IBM Corporation. All rights reserved

5
 CEEDUMP ANALYSIS

E Offset Statement Load Mod Service Status

+000030BE CEEPLPKA Call
+000000FC 5 DPPLI01 Exception
+0000055A IBMRLIB1 Call
+0000030A IBMREV10 Call
+000001A6 CEEBINIT Call

Condition Information for Active Routines

Condition Information for DPPLI01 (DSA address 00034390)
CIB Address: 00034B18
Current Condition:
CEE3209S The system detected a fixed-point divide exception (System Completion
Code=0C9).

Location:
Program Unit: DPPLI01 Entry: DPPLI01 Statement: 5 Offset: +00000104

3. Locate statement 5 in the PLI listing for the DPPLI01 program, shown in the above Figure. This is
where the problem is.

4. You can use the offset in the listing of the source code which will clearily indicate the place as where
the problem happened. This basically is not required while we deal with stand alone programs.

4.2 Example #2 PL1 calling PL1

This example demonstrates a PLI program making a static call to another PLI Ptogram. We can do a
similar dump analysis as we did before. Note that the load module of the statically called program is
embedded in the calling program load module and so we have a single entry point.

This example demonstrates the error of a stand alone PLI routine that tries to perform a division
operation with zero as the denominator.

Program #1 – calling program

DPPLI01: PROC OPTIONS(MAIN);

DCL (A,B,C) BIT(01) INIT('0'B);
DCL WS_PROG2 VARIABLE ENTRY ;
DCL DPPLI02 EXTERNAL ENTRY;
B = 4;
C = 0;
WS_PROG2 = DPPLI02;
PUT SKIP LIST(A,B,C);
CALL WS_PROG2 (B,C);

Copyright 2003 - IBM Corporation. All rights reserved

6
 CEEDUMP ANALYSIS

PUT SKIP LIST(A);

END DPPLI01;

Program #2 – called program

DPPLI02: PROC ( B,C ) OPTIONS (REENTRANT) REORDER ;

B = B/C;
PUT SKIP LIST('B ',B);
END DPPLI02;

When the above programs are executed, following is the dump produced.

1CEE3DMP V2 R10.0: Condition processing resulted in the unhandled condition

Information for enclave DPPLI01

Information for thread 8000000000000000

Traceback:
DSA Addr Program Unit PU Addr PU Offset Entry E Addr
000344A0 CEEHDSP 05DDF018 +000030BE CEEHDSP 05DDF018
00034390 DPPLI01 095007E8 +0000013C DPPLI01 095007F0
000341D0 IBMRPMIA 0001EDF8 +0000055A IBMRPMIA 0001EDF8
000340E0 CEEEV010 09518BC0 +0000030A CEEEV010 09518BC0
00034018 CEEBBEXT 00010310 +000001A6 CEEBBEXT 00010310

E Addr E Offset Statement Load Mod Service Status

05DDF018 +000030BE CEEPLPKA Call
095007F0 +00000134 9 DPPLI01 Exception
0001EDF8 +0000055A IBMRLIB1 Call
09518BC0 +0000030A IBMREV10 Call
00010310 +000001A6 CEEBINIT Call

Location:
Program Unit: DPPLI01 Entry: DPPLI01 Statement: 9 Offset: +0000013C

If you follow the same steps as in previous example, you can note that the statement 9 is the one
that creates the problem. Note that statement 9 is a call statement and hence we can deduce that
the problem is in the called program.

Rest of the analysis is the same as explained in the previous example.

Copyright 2003 - IBM Corporation. All rights reserved

7
 CEEDUMP ANALYSIS

4.3 Example #3 COBOL pgm1 calling COBOL pgm2 calling Assembler

The following example demonstrates the error of calling an assembler routine that tries to divide by zero.
Both programs were compiled with TEST (STMT, SYM) and run with the TERMTHDACT (TRACE) run-
time option.

[Main Program] – COBOLZ1

CBL TEST(STMT,SYM),DYN,XREF(FULL)
ID DIVISION.
PROGRAM-ID. COBOLZ1.
ENVIRONMENT DIVISION.

DATA DIVISION.
WORKING-STORAGE SECTION.
77 D-VAL PIC 9(4) USAGE COMP
VALUE 0.

PROCEDURE DIVISION.
CALL "COBOLZ2" USING D-VAL.
GOBACK.

[Subroutine] – COBOLZ2

CBL TEST(STMT,SYM),DYN,XREF(FULL)

ID DIVISION.
PROGRAM-ID. COBOLZ2.

ENVIRONMENT DIVISION.

DATA DIVISION.
WORKING-STORAGE SECTION.
77 DV-VAL PIC 9(4) USAGE COMP.

LINKAGE SECTION.
77 D-VAL PIC 9(4) USAGE COMP.

PROCEDURE DIVISION USING D-VAL.

MOVE D-VAL TO DV-VAL.
CALL "ASSEMZ3" USING DV-VAL.
GOBACK.

[Assembler Routine] – ASSEMZ3

ASSEMZ3 CSECT
ASSEMZ3 AMODE 31
ASSEMZ3 RMODE ANY

Copyright 2003 - IBM Corporation. All rights reserved

8
 CEEDUMP ANALYSIS

STM 14,12,12(13) SAVE CALLERS REGS

LR 12,15 SET BASE REG
USING ASSEMZ3,12
LA 2,SAVE CROSS CHAIN SAVE AREAS
ST 13,4(2) "
ST 2,8(,13) "
ST 13,0(,2) "
LR 13,2 NEW SAVE AREA PTR TO R13
LA 5,2348 LOW ORDER PART OF QUOTIENT
SR 4,4 HI ORDER PART OF QUOTIENT
L 6,0(1) GET POINTER TO DIVISOR
LA 6,0(6) CLEAR HI BIT
D 4,0(6) DO DIVISION
L 13,4(13) CALLERS SAVE AREA PTR TO R13
RETURN (14,12), RC=0 RETURN TO CALLER
SAVE DC 9D'0'
END ASSEMZ3

To debug this application, use the following steps:

1. The message is CEE3209S The system detected a fixed-point divide exception.

2. Note the sequence of calls in the call chain. COBOLZ1 called IGZCFCC, which is a COBOL library
subroutine used for dynamic calls; IGZCFCC called COBOLZ2; COBOLZ2 then called IGZCFCC; and
IGZCFCC attempted to call an unlisted routine. The exception occurred at this point, resulting in a call to
CEEHDSP, a Language Environment condition handling routine.

The call to the unlisted routine occurred at statement 11 of COBOLZ2. The exception occurred at
offset +26 in the unknown routine.

──────────────────────────────────────────────────

CEE3DMP V1 R7.0: Condition processing resulted in the unhandled condition. 10/08/96 3:24:19
PM Page: 1

Information for enclave COBOLZ1

Information for thread 8000000000000000

Traceback:
DSA Addr Program Unit PU Addr PU Offset Entry E Addr E Offset Statement Load Mod Service Status
00027018 CEEHDSP 07E574B0 +000026B8 CEEHDSP 07E574B0 0000026 B8 CEEPLPKA Call
07E14368 07E14330 -07E1432B 07E14330 -07E1432B ASSEMZ3 Exception

00029498 IGZCFCC 0004B2F8 +00000294 IGZCFCC 0004B2F8 +00000294 IGZCFCC Call

000293E0 COBOLZ2 0004C7E0 +0000026E COBOLZ2 0004C7E0 +0000026E 11 COBOLZ2 Call
000290D8 IGZCFCC 0004B2F8 +00000294 IGZCFCC 0004B2F8 +00000294 IGZCFCC Call
00029018 COBOLZ1 00007840 +00000258 COBOLZ1 00007840 +00000258 8 GO Call

Condition Information for Active Routines

Condition Information for (DSA address 07E14368)
CIB Address: 00027468
Current Condition:
CEE3209S The system detected a fixed-point divide exception.

Copyright 2003 - IBM Corporation. All rights reserved

9
 CEEDUMP ANALYSIS

Location:
Program Unit: Entry: Statement: Offset: +07E59B68
Machine State:
ILC..... 0004 Interruption Code..... 0009
PSW..... 078D0000 87E1435A
GPR0..... 000297A0 GPR1..... 00029480 GPR2..... 07E14368 GPR3..... 0004E388
GPR4..... 00000000 GPR5..... 0000092C GPR6..... 0004E4B8 GPR7..... 00029480
GPR8..... 8004B590 GPR9..... 0004E250 GPR10.... 00049038 GPR11.... 8004B2F8
GPR12.... 87E14330 GPR13.... 07E14368 GPR14.... 8004B58E GPR15.... 87E14330
.
.
.
Local Variables:
6 77 DV-VAL 9999 COMP 00000
8 77 D-VAL 9999 COMP 00000
.
.
.
Local Variables:
6 77 D-VAL 9999 COMP 00000
.
.

────────────────────────────────────────────────────────────
Figure 2. Sections of Language Environment Dump for Program COBOLZ1

3. Locate statement 11 in the COBOL listing for the COBOLZ2 program, shown in Figure 3. This is a
call to the assembler routine ASSEMZ3.

────────────────────────────────────────────────────────────

PP 5688-197 IBM COBOL for MVS and VM 1.2.0 COBOLZ2 Date 10/07/96 Time
12:34:44 Page 2
LineID PL SL ----+-*A-1-B--+----2----+----3----+----4----+----5----+----6----+----7-|--+----8 Map and
Cross Reference
/* COBOLZ2
000001 ID DIVISION.
000002 PROGRAM-ID. COBOLZ2.
000003 ENVIRONMENT DIVISION.
000004 DATA DIVISION.
000005 WORKING-STORAGE SECTION.
000006 77 DV-VAL PIC 9(4) USAGE COMP. BLW=0000+000 2C
000007 LINKAGE SECTION.
000008 77 D-VAL PIC 9(4) USAGE COMP. BLL=0002+000 2C
000009 PROCEDURE DIVISION USING D-VAL. 8
000010 MOVE D-VAL TO DV-VAL. 86
000011 CALL "ASSEMZ3" USING DV-VAL. EXT 6
000012 GOBACK.
.
.

Copyright 2003 - IBM Corporation. All rights reserved

10
 CEEDUMP ANALYSIS

────────────────────────────────────────────────────────────
Figure 3. COBOL Listing for COBOLZ2

4. Check offset +26 in the listing for the assembler routine ASSEMZ3, shown in Figure 4.

This shows an instruction to divide the contents of register 4 by the variable pointed to by register 6.
You can see the two instructions preceding the divide instruction load register 6 from the first word
pointed to by register 1 and prepare register 6 for the divide. Because of linkage conventions, you can
infer that register 1 contains a pointer to a parameter list that passed to ASSEMZ3. Register 6 points to
a 0 value because that was the value passed to ASSEMZ3 when it was called by a higher level routine.

Note: To translate assembler instructions, see System/370 Reference Summary.

────────────────────────────────────────────────────────────
EXTERNAL SYMBOL DICTIONARY PAGE 1
SYMBOL TYPE ID ADDR LENGTH LD ID FLAGS ASM H V 02 15.24 10/08/96
ASSEMZ3 SD 0001 000000 000080 06

PAGE 2
LOC OBJECT CODE ADDR1 ADDR2 STMT SOURCE STATEMENT
000000 1 ASSEMZ3 CSECT
2 ASSEMZ3 AMODE 31
3 ASSEMZ3 RMODE ANY
000000 90EC D00C0000C 4 STM 14,12,12(13) SAVE CALLERS
REGS
000004 18CF 5 LR 12,15 SET BASE REG
00000 6 USING ASSEMZ3,12
000006 4120 C038 00038 7 LA 2,SAVE CROSS CHAIN
SAVE AREAS
00000A 50D2 0004 00004 8 ST 13,4(2) "
00000E 5020 D008 00008 9 ST 2,8(,13) "
000012 50D0 2000 00000 10 ST 13,0(,2) "
000016 18D2 11 LR 13,2 NEW SAVE AREA
PTR TO R13
000018 4150 092C 0092C 12 LA 5,2348 LOW ORDER PART
OF QUOTIENT
00001C 1B44 13 SR 4,4 HI ORDER PART OF
QUOTIENT
00001E 5861 0000 00000 14 L 6,0(1) GET POINTER TO
DIVISOR
000022 4166 0000 00000 15 LA 6,0(6) CLEAR HI BIT
000026 5D46 0000 00000 16 D 4,0(6) DO DIVISION
<H>
00002A 58DD 0004 00004 17 L 13,4(13) CALLERS SAVE
AREA PTR TO R13
18 RETURN (14,12),RC=0 RETURN TO CALLER
00002E 98EC D00C 0000C 19+ LM 14,12,12(13) RESTORE THE
REGISTERS
01-RETUR
000032 41F0 0000 00000 20+ LA 15,0(0,0) LOAD RETURN
CODE
01-RETUR

Copyright 2003 - IBM Corporation. All rights reserved

11
 CEEDUMP ANALYSIS

0000036 07FE 21+ BR 14 RETURN

01-RETUR
000038 0000000000000000 22 SAVE DC 9D'0'
000000 23 END ASSEMZ3

────────────────────────────────────────────────────────────
Figure 4. Listing for ASSEMZ3

5. Check local variables for COBOLZ2 in the Local Variables section of the dump shown in Figure 5.
From the dump and listings, you know that COBOLZ2 called ASSEMZ3 and passed a parameter in the
variable DV-VAL. The two variables DV-VAL and D-VAL have 0 values.

────────────────────────────────────────────────────────────
.
.
.
Local Variables:
6 77 DV-VAL 9999 COMP 00000
8 77 D-VAL 9999 COMP 00000
.
.
.

────────────────────────────────────────────────────────────
Figure 5. Variables Section of Language Environment Dump for COBOLZ2

6. In the COBOLZ2 subroutine, the variable D-VAL is moved to DV-VAL, the parameter passed to the
assembler routine. D-VAL appears in the Linkage section of the COBOLZ2 listing, shown in Figure 6,
indicating that the value passed from COBOLZ1 to COBOLZ2.

────────────────────────────────────────────────────────────

PP 5688-197 IBM COBOL for MVS and VM 1.2.0 COBOLZ2 Date 10/07/96 Time
12:34:44 Page 2
LineID PL SL ----+-*A-1-B--+----2----+----3----+----4----+----5----+----6----+----7-|--+----8 Map and
Cross Reference
/* COBOLZ2
000001 ID DIVISION.
000002 PROGRAM-ID. COBOLZ2.
000003 ENVIRONMENT DIVISION.
000004 DATA DIVISION.
000005 WORKING-STORAGE SECTION.
000006 77 DV-VAL PIC 9(4) USAGE COMP. BLW=0000+000 2C
000007 LINKAGE SECTION.
000008 77 D-VAL PIC 9(4) USAGE COMP. BLL=0002+000 2C
000009 PROCEDURE DIVISION USING D-VAL. 8
000010 MOVE D-VAL TO DV-VAL. 86
000011 CALL "ASSEMZ3" USING DV-VAL. EXT 6
000012 GOBACK.

Copyright 2003 - IBM Corporation. All rights reserved

12
 CEEDUMP ANALYSIS

────────────────────────────────────────────────────────────
Figure 6. Listing for COBOLZ2

7. In the Local Variables section of the dump for program COBOLZ1, shown in Figure 7, D-VAL has a 0
value. This indicates that the error causing a fixed-point divide exception in ASSEMZ3 was actually
caused by the value of D-VAL in COBOLZ1.

────────────────────────────────────────────────────────────
.
.
.
Local Variables:
6 77 D-VAL 9999 COMP 00000
.
.
────────────────────────────────────────────────────────────
Figure 7. Variables Section of Language Environment Dump for COBOLZ1

Copyright 2003 - IBM Corporation. All rights reserved

13
 CEEDUMP ANALYSIS

Section 5: Conclusion

5.1 The Show Must Go On

Certain snippets and some examples and there doesn’t end our Dump Analysis. Believe me, Our
machines have a lot to tell us and dump is the language that they speak to us. Undertanding their
language is the only way we can communicate with them and hence, Dump Analysis becomes a
major part in one’s technical career.

Every single dealing with dump will be a new experience. And I am sure we take problems as
experiances and go on.

As a finishing note, I would like to tell that, please execute the snippets in your machines and
obtain the dump and read this document so that you do not get confused with my formatted cut
copy paste from the display screen to the document.

I feel very happy to point out the books where you can find the related information. These are
the books that I learnt and used to gather information for this paper. All the best.

Language Environment Debug And Msgs

Language Environment Run Time Messages
ESA/390 principles of operation (Assembly language reference)

Copyright 2003 - IBM Corporation. All rights reserved

14