I came across a C header file on the Tektronix 4404 that describes a Controlled Task . It says it basically forks the process and every time the child calls a kernel function, pauses it and gives control to the parent. Its exactly what I need to write a strace type command.
But it is totally undocumented apart from the C include file which has some comments - and wrong function declarations
Was this a common pattern? How is it mean to work? Iāve written a litle test and I can run a child process that pauses when it gets a signal , but I have no idea how to enable pausing when calling a kernel function (a trap call on this system).
Any thoughts / ideas / heard of this sort of thing?
pdxjjb
April 22, 2024, 5:13pm
2
Someone else may chime in and correct me, but I was a proprietary Unix kernel programmer in those days and Iām not familiar with this terminology.
Many people (including a team I was on in the mid-80s) built such tracing āhacksā in their proprietary systems. Keep in mind that there wasnāt an internet (you were pretty fortunate if you had routine access to Usenet in the early 80s) and the concept of open source was in its infancy (Stallmanās original posting āWhy I must write Gnuā was made in 1983, I think). So a lot of things got invented over and over.
I donāt see any easy way to intercept system calls aside from (a) modifying the source code of the thin library layer that maps C calls into syscalls or (b) modifying the kernel at the syscall entrypoint, which is basically a hopefully-careful argument checker and a big jump table.
I hope someone will jump in and tell me Iām missing something obvious that will help you!
Interesting!
Yes, the very basic ādebug ā command documentation talks about the āControlled Taskā which makes me think it was added to support debugging. Annoyingly, the debugger and various other key commands are all written in m68k assembler ( + no symbols) so it make reverse engineering with Ghidra etc super painful.
This Unix gets into kernel space using trap#15. So before I found this header file, I had started an experiment of hooking trap#15 - and for anything that wasnāt my process ID, doing a passthru, and for the target process ID, doing some logging. Nasty in that I would have to get in the way of every process running in the system, and lots of room for toasting the system if you get things wrong!
This small set of routines would be ideal IF it actually does what it claims and allow stopping the child process when it does a OS call (aka trap#15).
There is a SIGTRACE on this machine but I have no idea how to use it. I tried sending SIGTRACE to the child process as well as adding a handler for SIGTRACEā¦
extern struct ctask *create_controlled_task();
extern step_controlled_task();
extern kill_controlled_task();
extern halt_controlled_task();
extern resume_controlled_task();
extern execute_controlled_task();
extern clear_controlled_task_signals();
extern get_controlled_task_registers();
extern update_controlled_task_registers();
extern get_controlled_task_memory();
extern update_controlled_task_memory();
pdxjjb
April 22, 2024, 6:49pm
4
OK, things are coming back to me slowly.
There was a system call added to Unix V6 (the first version widely distributed outside of Bell Labs). The syscall was named ptrace. It was the very first attempt to implement a debugging service in Unix. Your Tek kernel was probably built on V7 or some early pre-4.2 version of BSD, but itās highly likely that these most basic debugging command codes (meaning: arguments to the ptrace system call) were left unchanged because they were an exposed API (for building e.g. a debugger).
I also have a complete manual for Unix V6. Iām attaching images of the V6 manual page for ptrace. As always, YMMV.
2 Likes
Again, interesting. And yes, that absolutely has the flavour of these calls. This is the decompiled wrapper execute_controlled_task (), which is the same as the other wrappers calling a single function (ctask ()) with a āfunction codeā.
int _execute_controlled_task(ctask *task)
{
int iVar1;
if (task == (ctask *)0x0) {
_errno = EINVAL;
iVar1 = -1;
}
else if (task->task_control == -0xDEAD) {
iVar1 = _ctask((int)task->task_id,3);
task->task_state = iVar1;
iVar1 = task->task_state;
}
else {
_errno = EINVAL;
iVar1 = -1;
}
return iVar1;
}
The header file listed 6 codes with no explanation as to where they are used, but I see that these are the codes that are passed into ctask().
#define CTASK_HALT 0 /* Halt task at next execution */
#define CTASK_RESUME 1 /* Resume task (must be halted) */
#define CTASK_STEP 2 /* Single step task */
#define CTASK_EXECUTE 3 /* Execute task until termination or breakpoint */
#define CTASK_CREATE 4 /* Create controlled sub-task image */
#define CTASK_CLEAR 5 /* Clear any signals waiting for the task */
pdxjjb
April 23, 2024, 3:52pm
6
The old documentation I posted for ptrace() implies a complex dance between parent (ādebuggerā) and child (ābuggy programā) processes. The parent has to fork() and then, in the child process but before execāing the child program, parent code in the child process had to call ptrace(0, ignored, ignored, ignored).
Then the parent can exec() the child (I guess? Although I donāt understand how the parent can set a breakpoint before loosing the child to run the ābuggy programā; this seems important, and I donāt see how to do it).
Next the parent needs a loop that iteratively calls wait() and checks for the faux termination status 0o177 == 0x7F == 127, which means the child has only stopped because of a signal rather than actually terminating via exit(). At this point the parent can only read and write the childās text (code) and data space one word at a time. It can write an instruction that will cause an illegal instruction trap at any code address, which is the only mechanism provided for breakpointing. And then it can set the child running again.
This original ptrace() mechanism is incredibly crude and clumsy as you can see, which is why so many proprietary vendors looked at it and said āwe can do this so much better!ā.
Now, the disassembled C code you posted only takes any action if the child state is -0xDEAD. This suggests that it works similarly to ptrace(): the child has to stop before the parent can take any action. And by āstopā I donāt mean like ājob-controlā stopped; that process state did not exist until Bill Joy added it to Berkeley Unix in order to build the job control features into the shell he wrote (csh). So assuming no such feature in the kernel youāre running, the buggy program has to āstopā by encountering a signal after declaring itself to be a debugged process.
The reason Iām going through this in so much detail is that Iām trying to point out a likely consequence: that this code isnāt documented because it never got finished. The existence of this API implies some nontrivial changes to the kernel of the sort that are easy to defer when schedules get tight. I hope Iām wrong, but Iām suspiciousā¦
I share your concern over tight schedules etc. Been there, got the t-shirt
(fwiw I tried calling ctask() with larger function numbers and it does not like it)
However, my test program , forever.c that prints and sleeps forever, when started with the debugger shows up as this on the status (equiv to ps) listing:
Task-id Status Mode User Parent Dev Prio Size Time Command
0 sleep * system 0 xx sys 0K 0:18:02 System
1 sleep system 0 xx wait 48K 0:00:20 /etc/init
21 sleep system 1 tty00 wait 360K 0:00:04 +shell +s
22 sleep system 1 xx slp 28K 0:00:00 login
25 run system 18 tty00 35 56K 0:00:03 /etc/telnetd
16 sleep system 1 tty00 pipe 28K 0:00:00 /etc/ntimer
18 sleep system 1 tty00 pipe 120K 0:00:02 /etc/ftpd
56 sleep system 21 tty00 in 100K 0:00:02 debug forever
57 sleep system 25 tty00 pipe 64K 0:00:00 /etc/server +XD /
58 sleep system 25 tty00 wait 44K 0:00:00 tn_local
59 sleep system 56 tty00 trce 16K 0:00:00 forever
NB The Prio rity of ātrce ā for process āforeverā. So there is a way of prodding a process to be in this special mode, but I have no idea how to get it thereā¦
pdxjjb
April 23, 2024, 6:11pm
8
That suggests that at least some part of the required kernel code is present. Did you try issuing CTASK_RESUME to see what the child process does?
We need a whiteboard!
tek4404/ctrace.c at main Ā· Elektraglide/tek4404 Ā· GitHub For my little experiment.
A while back I reverse engineered the file format of executables and relocatable files. So I wrote a little thing that prints out ABSOLUTE symbols in the kernel boot file (which Iām presuming are āsettingsā / constants) and DATA symbols which I presume tells me where to seek into /dev/pmem to get stuff. Its interesting reading but not sure where to start.
For sure some intriguing names! Took me a while to realise all those Winā¦ symbols are talking about Winchester harddisks
ABS 0x00004e4f $$syscall
ABS 0x00000021 ABORTS
ABS 0x00000000 ADDRESS_MASKING
ABS 0x00000019 ADDRS
ABS 0x0000000c AEVEC
ABS 0x0000000a ALARMS
ABS 0x00000060 AUVEC
ABS 0x00000009 BD0max
ABS 0x00000008 BEVEC
ABS 0x00000060 BE_DIB
ABS 0x0000005c BE_DOB
ABS 0x00000056 BE_FA
ABS 0x00000064 BE_IIB
ABS 0x0000007c BE_IREG
ABS 0x00000054 BE_SSW
ABS 0x00000009 BE_SSW_BY
ABS 0x0000000c BE_SSW_DF
ABS 0x00000007 BE_SSW_FC
ABS 0x0000000a BE_SSW_HB
ABS 0x0000000a BE_SSW_IF
ABS 0x0000000b BE_SSW_RM
ABS 0x0000000f BE_SSW_RR
ABS 0x00000008 BE_SSW_RW
ABS 0x00000001 BFALOC
ABS 0x00000000 BFALOC_b
ABS 0x00000004 BFERR
ABS 0x00000002 BFERR_b
ABS 0x00000002 BFIOF
ABS 0x00000001 BFIOF_b
ABS 0x00000040 BFLAT
ABS 0x00000006 BFLAT_b
ABS 0x00000020 BFNOW
ABS 0x00000005 BFNOW_b
ABS 0x00000008 BFREQ
ABS 0x00000003 BFREQ_b
ABS 0x00000010 BFRWF
ABS 0x00000004 BFRWF_b
ABS 0x00000080 BFSPC
ABS 0x00000007 BFSPC_b
ABS 0x00000001 BFSWAP
ABS 0x00000000 BFSWAP_b
ABS 0x00000001 BFSWPI_b
ABS 0x00000007 BFVISIT_b
ABS 0x0000000a BH020_b
ABS 0x00000005 BHDDL_b
ABS 0x0000000b BHDMP_b
ABS 0x00000080 BHDOV
ABS 0x00000007 BHDOV_b
ABS 0x00000006 BHDQL_b
ABS 0x00000040 BHDSIZ
ABS 0x00000000 BHDSS_b
ABS 0x00000004 BHDST_b
ABS 0x0000000e BHERR_b
ABS 0x0000000c BHFLT_b
ABS 0x00000009 BHFPS_b
ABS 0x00000005 BHNZR_b
ABS 0x00000008 BHRT_b
ABS 0x0000000a BHSID_b
ABS 0x00000007 BHTS_L
ABS 0x00000006 BHTS_M
ABS 0x00000005 BHTS_S
ABS 0x0000000f BHVTA_b
ABS 0x00000001 BLKDEV
ABS 0x00000020 BLKSIZ
ABS 0x00000005 BLKSIZ_b
ABS 0x00000005 BLK_FILL
ABS 0x0000001d BNDS
ABS 0x00000004 BNHEAD
ABS 0xffffffb5 BPTPR
ABS 0x00000020 BSECH
ABS 0x00000005 BSECH_b
ABS 0x00000008 BSPCH
ABS 0x00000008 BUFPPAG
ABS 0x00000032 BUFPR
ABS 0x00000009 B_4800
ABS 0x0000000b B_9600
ABS 0x007df000 BitBltFixedPage
ABS 0x00000020 CBSIZE
ABS 0x00000064 CDBLKS
ABS 0x00000032 CFDN
ABS 0x0000000e CHARS_PER_SLOT
ABS 0x0000000a CHKS
ABS 0x00000000 CHK_A3
ABS 0x00000000 CHK_MA
ABS 0x00000000 CHK_MT
ABS 0x00000000 CHK_SL
ABS 0x00000000 CHK_SP
ABS 0x00000000 CHK_ST
ABS 0x0000000c CHRDEV
ABS 0x00000018 CKVEC
ABS 0x0000000a CLOCKS_PER_SECOND
ABS 0x007b8100 CLOCK_ALARM_RESET
ABS 0x007b8002 CLOCK_CMD
ABS 0x007b8000 CLOCK_DATA
ABS 0x00000064 CLOCK_FREQ
ABS 0x0000000a CLSSIZ
ABS 0x00000018 CNCLC
ABS 0x00000080 CNTRL
ABS 0x00000007 CNTRL_b
ABS 0x00000000 CONTIGUOUS_FILES
ABS 0x00000000 CONTIGUOUS_FILE_OPTION
ABS 0x00000034 CPPVEC
ABS 0x00000007 CPU_BUS_ADDRESS
ABS 0x0000000a CR
ABS 0x00000010 CRMOD
ABS 0x00000004 CRMOD_b
ABS 0x00000001 CTS
ABS 0x00000003 CT_int
ABS 0x00000001 DATA_IN_XFER
ABS 0x00000000 DATA_OUT_X
ABS 0x0000000a DCT_SIZ
ABS 0x0000001a DEADS
ABS 0x0000000c DELCR
ABS 0x00000020 DELFF
ABS 0x00000003 DELNL
ABS 0x00000010 DELTB
ABS 0x00000020 DELVT
ABS 0x00000014 DEVSIZ
ABS 0x0000000e DIRSIZ
ABS 0x00000017 DIVS
ABS 0x00000003 DSKADS
ABS 0x00000040 DTR
ABS 0x007b4000 DUART
ABS 0x00000008 DUART_ACR
ABS 0x00000004 DUART_CRA
ABS 0x00000014 DUART_CRB
ABS 0x00000002 DUART_CSRA
ABS 0x00000012 DUART_CSRB
ABS 0x0000000e DUART_CTL
ABS 0x0000000c DUART_CTU
ABS 0x0000000a DUART_IMR
ABS 0x00000008 DUART_IPCR
ABS 0x0000001a DUART_IPR
ABS 0x0000000a DUART_ISR
ABS 0x00000018 DUART_IVR
ABS 0x00000000 DUART_MRA
ABS 0x00000010 DUART_MRB
ABS 0x0000001a DUART_OPCR
ABS 0x00000006 DUART_RHRA
ABS 0x00000016 DUART_RHRB
ABS 0x00000002 DUART_SRA
ABS 0x00000012 DUART_SRB
ABS 0x00000006 DUART_THRA
ABS 0x00000016 DUART_THRB
ABS 0x0000001e DUART_resetOPR
ABS 0x0000001c DUART_setOPR
ABS 0x0000001c DUART_startCount
ABS 0x0000001e DUART_stopCount
ABS 0x00000024 DUMPS
ABS 0x0000001c DVTSIZ
ABS 0x00000013 EARGC
ABS 0x00000007 EBADF
ABS 0x0000000c EBARG
ABS 0x00000016 EBBIG
ABS 0x0000001a EBDCL
ABS 0x00000012 EBDEV
ABS 0x00000010 EBSY
ABS 0x00000002 ECHO
ABS 0x00000001 ECHO_b
ABS 0x00000005 EDFUL
ABS 0x00000022 EDIRTY
ABS 0x00000003 EDTOF
ABS 0x00000002 EFAULT
ABS 0x0000000b EFLX
ABS 0x0000001b EINTR
ABS 0x00000001 EIO
ABS 0x00000014 EISDR
ABS 0x0000001f ELOCK
ABS 0x00000009 EMSDR
ABS 0x00000004 EMT1S
ABS 0x0000000e EMT2S
ABS 0x00000028 EMVEC
ABS 0x0000000f ENBLK
ABS 0x00000018 ENCHD
ABS 0x00000004 ENDR
ABS 0x00000011 ENMNT
ABS 0x00000008 ENOFL
ABS 0x00000024 ENOFPUDATA
ABS 0x00000025 ENOINPUT
ABS 0x00000026 ENOSPACE
ABS 0x00000015 ENOTB
ABS 0x0000001c ENTSK
ABS 0x0000001d ENTTY
ABS 0x00000004 EOTCH
ABS 0x0000001e EPIPE
ABS 0x0000000a EPRM
ABS 0x00000007 ESCOFF_b
ABS 0x0000000a ESEEK
ABS 0x00000017 ESTOF
ABS 0x00000006 ETMFL
ABS 0x00000019 ETMTS
ABS 0x00000020 ETXOF
ABS 0x00000021 EVFORK
ABS 0x00000023 EWRTPROT
ABS 0x00000007 EXCL_OPEN_b
ABS 0x0000000e EXDEV
ABS 0x0000001c EXECS
ABS 0x00000008 EXECSIZE
ABS 0x00000020 FACOE
ABS 0x00000005 FACOE_b
ABS 0x00000008 FACOR
ABS 0x00000003 FACOR_b
ABS 0x00000010 FACOW
ABS 0x00000004 FACOW_b
ABS 0x00000004 FACUE
ABS 0x00000002 FACUE_b
ABS 0x00000001 FACUR
ABS 0x00000000 FACUR_b
ABS 0x00000002 FACUW
ABS 0x00000001 FACUW_b
ABS 0x00000001 FBUSY
ABS 0x00000000 FBUSY_b
ABS 0x00000080 FCONT
ABS 0x00000007 FCONT_b
ABS 0x00000001 FDEMAND
ABS 0x00000000 FDEMAND_b
ABS 0x0000003f FDNHASH
ABS 0x00000064 FDNPR
ABS 0x0000005e FDNSIZ
ABS 0x00000001 FFULL
ABS 0x00000080 FINUSE
ABS 0x00000007 FINUSE_b
ABS 0x00000001 FLOCK
ABS 0x00000000 FLOCK_b
ABS 0x00000001 FLP_BUS_ADDRESS
ABS 0x00000000 FLPmajor
ABS 0x00000000 FLPminor
ABS 0x00000006 FLUSHO_PENDING_b
ABS 0x00000008 FMNT
ABS 0x00000003 FMNT_b
ABS 0x00000002 FMOD
ABS 0x00000001 FMOD_b
ABS 0x000000c0 FPCP
ABS 0x0000002c FPDIVIDES
ABS 0x00000040 FPIPE
ABS 0x00000006 FPIPE_b
ABS 0x00000002 FPRDF
ABS 0x00000001 FPRDF_b
ABS 0x00000004 FPWRF
ABS 0x00000002 FPWRF_b
ABS 0x00000002 FSBLK
ABS 0x00000001 FSBLK_b
ABS 0x00000004 FSCHR
ABS 0x00000002 FSCHR_b
ABS 0x00000008 FSDIR
ABS 0x00000003 FSDIR_b
ABS 0x00000020 FSNET
ABS 0x00000005 FSNET_b
ABS 0x00000006 FSPTY
ABS 0x0000000c FSTSIZ
ABS 0x00000040 FTASK
ABS 0x00000006 FTASK_b
ABS 0x00000004 FTEXT
ABS 0x00000002 FTEXT_b
ABS 0x00000004 FVISIT_b
ABS 0x00000000 FWADATA
ABS 0x00000000 FWATEXT
ABS 0x00000000 FWAUSTK
ABS 0x00000020 FWLCK
ABS 0x00000005 FWLCK_b
ABS 0x00000040 FXSET
ABS 0x00000006 FXSET_b
ABS 0x00000000 GETSTATS
ABS 0xffffffce HALTPR
ABS 0x00000001 HANGS
ABS 0x00000022 HDRSIZ
ABS 0x00000002 HOLD
ABS 0x0000001b HOLDC
ABS 0xffffffd3 HOLDPR
ABS 0x00000001 HOLD_b
ABS 0x00000010 IIVEC
ABS 0x00000016 ILLINS
ABS 0x0000002b INEXACTS
ABS 0x00000023 INPUTS
ABS 0x00000003 INTRC
ABS 0x00000002 INTS
ABS 0x0000001a INTSIZ
ABS 0x00000200 ISTACK
ABS 0x00000000 IS_68000
ABS 0x00000001 IS_68010
ABS 0x00000000 IS_68020
ABS 0x00000004 IXONXOF_b
ABS 0x00000080 I_DUMP
ABS 0x00000001 I_INIT
ABS 0x00000004 I_NCAT
ABS 0x00000008 I_NIGN
ABS 0x00000002 I_NRST
ABS 0x00000007 InputPortCh_int
ABS 0x007b0000 KB_Loopback
ABS 0x00000005 KILLS
ABS 0x00000008 LCASE
ABS 0x00000003 LCASE_b
ABS 0x00000780 LINE_SIZE
ABS 0x0000000e LKTSIZ
ABS 0x007db000 LWADATA
ABS 0x007db000 LWATEXT
ABS 0x0000000a MAPSIZ
ABS 0x000000c0 MAXBUF
ABS 0x00000010 MAXCOPY
ABS 0x0000001e MAXDATSZ
ABS 0x00000000 MAXDCT
ABS 0x0000003c MAXJOB
ABS 0x00000040 MAXMAP
ABS 0x00100000 MAXMEM
ABS 0x00001000 MAXPIP
ABS 0x0000001e MAXSTKSZ
ABS 0x00000004 MAXTXTSZ
ABS 0x007db000 MAXUMEM
ABS 0x00000040 MAX_CHUNKS
ABS 0x00000040 MAX_DIR_SIZE
ABS 0x00000008 MAX_MDEP_S
ABS 0x00000020 MAX_MSG_EXCHANGES
ABS 0x00000008 MAX_READ_AHEAD_BLOCKS
ABS 0x0000000f MAX_SYS_FUNCTION
ABS 0x80000000 MC_DIRTY
ABS 0x0000001f MC_DIRTY_b
ABS 0x000fffff MC_PAGE
ABS 0x00100000 MC_READMON
ABS 0x00000014 MC_READMON_b
ABS 0x10000000 MC_SHARED
ABS 0x0000001c MC_SHARED_b
ABS 0x20000000 MC_SWAP
ABS 0x0000001d MC_SWAP_b
ABS 0x40000000 MC_WRITE
ABS 0x00200000 MC_WRITEMON
ABS 0x00000015 MC_WRITEMO
ABS 0x0000001e MC_WRITE_b
ABS 0x00000028 MEMPR
ABS 0x00000000 MESSAGES
ABS 0x00000100 MMAP
ABS 0xffffffdd MSGIPR
ABS 0xffffffdc MSGOPR
ABS 0x0000000a MSTSIZ
ABS 0x00000064 MS_PER_TICK
ABS 0x00000000 MTBASE
ABS 0x0000000a MTSIZE
ABS 0x007b0000 MouseDiag
ABS 0x007b6000 Mouseregs
ABS 0x00000030 NANS
ABS 0x00000040 NBLKS
ABS 0x00000050 NFDNPR
ABS 0x0000000a NL
ABS 0xffffffff NODEV
ABS 0xffffffff NO_DATA_XFER
ABS 0x00000000 NO_MMU
ABS 0x00000010 NUM_SCRATCH_SLOTS
ABS 0x00000004 NUM_SLOTS
ABS 0x00722000 NVGetAddr
ABS 0x00723000 NVPutAddr
ABS 0x00721000 NVRamAddr
ABS 0x00000007 OFBUSY_b
ABS 0x00000004 OFPIPE
ABS 0x00000002 OFPIPE_b
ABS 0x00000010 OFPTYM
ABS 0x00000004 OFPTYM_b
ABS 0x00000020 OFPTYS
ABS 0x00000005 OFPTYS_b
ABS 0x00000001 OFREAD
ABS 0x00000000 OFREAD_b
ABS 0x00000002 OFWRIT
ABS 0x00000001 OFWRIT_b
ABS 0x0000002e OPERANDS
ABS 0x000000b3 OQHI
ABS 0x00000028 OQLO
ABS 0x0000002f OVERFLOWS
ABS 0x00000001 PAGE_MONITORING
ABS 0x00000fff PAGMSK
ABS 0x0000000c PAGSFT
ABS 0x00001000 PAGSIZ
ABS 0x00000015 PARS
ABS 0x00000003 PCIntOff
ABS 0x00000080 PCRInt
ABS 0x00000007 PCRInt_b
ABS 0x00000002 PCReset
ABS 0x00000001 PCReset_b
ABS 0x00000001 PCStrobe
ABS 0x00000000 PCStrobe_b
ABS 0x00000001 PERSONALITY_SCHEDULING
ABS 0x0000000a PERSONALITY_SIZE
ABS 0xfffffffb PIPEPR
ABS 0x00000100 PRCSIZ
ABS 0x00000018 PRIVS
ABS 0x000000f8 PROTOCOL
ABS 0x00000010 PSAck
ABS 0x00000004 PSAck_b
ABS 0x00000008 PSBusy
ABS 0x00000003 PSBusy_b
ABS 0x00000004 PSFault
ABS 0x00000002 PSFault_b
ABS 0x00000080 PSInt
ABS 0x00000007 PSInt_b
ABS 0x00000040 PSPD0
ABS 0x00000006 PSPD0_b
ABS 0x00000002 PSPE
ABS 0x00000001 PSPE_b
ABS 0x00000001 PSSelect
ABS 0x00000000 PSSelect_b
ABS 0x00000020 PSStrobeFB
ABS 0x00000005 PSStrobeFB_b
ABS 0x00000001 PTYS
ABS 0x00000020 PVVEC
ABS 0x007b2001 PrintCtrl
ABS 0x007b2003 PrintData
ABS 0x007b2001 PrintStat
ABS 0x00000000 QUIETS
ABS 0x0000001c QUITC
ABS 0x00000003 QUITS
ABS 0x00000001 RAM_DISK_OPTION
ABS 0x00000080 RASTER_SIZE
ABS 0x00000001 RAW
ABS 0x00000000 RAW_b
ABS 0x00000000 REALTIME
ABS 0x00000002 REAL_TIME_OPTION
ABS 0x00000054 REGSIZ
ABS 0x00000000 REPORT
ABS 0x00000064 RESTM
ABS 0x00000000 ROM
ABS 0x00000000 RSVEC
ABS 0x00000002 RTS
ABS 0x00000001 RUMP
ABS 0xffffffe2 RUMPPR
ABS 0x00000001 RUNINTS
ABS 0x00000000 RxRDY
ABS 0x00000001 RxRDYA_int
ABS 0x00000005 RxRDYB_int
ABS 0x00000020 SABSIZ
ABS 0x00000000 SAVE_PARAMS
ABS 0x00000040 SCHR
ABS 0x00000006 SCHR_b
ABS 0x007e0000 SCREEN_LA
ABS 0x00000080 SCSI_BUS_RESET
ABS 0x007de000 SHARE1_LA
ABS 0x007dd000 SHARE2_LA
ABS 0x0000003f SIGCNT
ABS 0x00000004 SIGNAL_INPUT_READY
ABS 0x000001ea SIRSIZ
ABS 0xffffffb0 SLEPPR
ABS 0x00000004 SLOT_SHIFT
ABS 0x00000010 SLOT_SIZE
ABS 0x00000200 SMAPSZ
ABS 0x00000020 SPACE
ABS 0x00000022 SPLRS
ABS 0x00000001 SSIZE
ABS 0xffffffba STEPPR
ABS 0x00000078 SWAPPR
ABS 0x00000007 SWAPS
ABS 0x00000005 S_BIT
ABS 0x00000009 TABCH
ABS 0x00000003 TAPE_SCSI_ADDRESS
ABS 0x00000000 TAPEmajor
ABS 0x00000008 TAPEminor
ABS 0x00000020 TARGX
ABS 0x00000005 TARGX_b
ABS 0x00000005 TBUILTIN_b
ABS 0x00000001 TCORE
ABS 0x00000000 TCORE_b
ABS 0x00000004 TCREAT
ABS 0x0000000b TERMS
ABS 0x00000040 THALT
ABS 0x00000006 THALT_b
ABS 0x00000003 THOLD_b
ABS 0x0000000a TICKS_PER_CLOCK
ABS 0x00000009 TIMES
ABS 0x00000001 TIMOUT
ABS 0x00000000 TIMOUT_b
ABS 0x00000002 TLOCK
ABS 0x00000001 TLOCK_b
ABS 0x00000007 TLOGIN_b
ABS 0x0000001a TMATSIZ
ABS 0x00000012 TMSSIZ
ABS 0x007ba000 TOD_Clock
ABS 0x007dc000 TOD_LA
ABS 0x00000004 TOPEN
ABS 0x00000002 TOPEN_b
ABS 0x00000000 TPNOTI_b
ABS 0x00000080 TPVEC
ABS 0xffffffbf TRACEPR
ABS 0x00000008 TRACS
ABS 0x00000003 TRANS_b
ABS 0x0000000f TRAP1S
ABS 0x00000010 TRAP2S
ABS 0x00000011 TRAP3S
ABS 0x00000012 TRAP4S
ABS 0x00000013 TRAP5S
ABS 0x00000014 TRAP6S
ABS 0x0000000c TRAPVS
ABS 0x00000006 TREALTIME_b
ABS 0x00000001 TRUN
ABS 0x00000024 TRVEC
ABS 0x0000004e TSKSIZ
ABS 0x00000002 TSLEEP
ABS 0x00000001 TSLOCK_b
ABS 0x00000020 TSTEAL
ABS 0x00000005 TSTEAL_b
ABS 0x00000080 TSTEP
ABS 0x00000007 TSTEP_b
ABS 0x00000002 TSWAPX_b
ABS 0x00000004 TSYSTM
ABS 0x00000002 TSYSTM_b
ABS 0x00000012 TTCSIZ
ABS 0x00000005 TTERM
ABS 0x00000006 TTRACE
ABS 0x00000008 TTRACP
ABS 0x00000003 TTRACP_b
ABS 0xfffffff6 TTYIPR
ABS 0xffffffec TTYOPR
ABS 0x0000002a TTYSIZ
ABS 0x00000010 TVFORK
ABS 0x00000004 TVFORK_b
ABS 0x0000001c TVVEC
ABS 0x00000003 TWAIT
ABS 0x00000010 TXSSIZ
ABS 0x0000000f T_BIT
ABS 0x007b8000 TimerResInt
ABS 0x00000003 TxEMT
ABS 0x00000002 TxRDY
ABS 0x00000004 TxRDYB_int
ABS 0x00000024 UA0
ABS 0x00000040 UA7
ABS 0x0000001f UB_FPU_EXCEPTION_SAVED_b
ABS 0x0000004d UCC
ABS 0x00000004 UD0
ABS 0x00000048 UIPAR
ABS 0x00000044 UIPRC
ABS 0x0000004a UIPSR
ABS 0x0000001f UM_KEEP_b
ABS 0x0000002d UNDERFLOWS
ABS 0x00000020 UNFILS
ABS 0x0000002a UNORDEREDS
ABS 0x0000004e UPC
ABS 0x00000000 URPTR
ABS 0xffffffa6 USERPR
ABS 0x00000052 USFT
ABS 0x0000004c USR
ABS 0x0000001e USR1S
ABS 0x0000001f USR2S
ABS 0x00000020 USR3S
ABS 0x007db000 USTACK
ABS 0x0000089a USTSIZ
ABS 0x00000100 USVEC
ABS 0x00007fff Uni_DN
ABS 0x00007fff Uni_SN
ABS 0x00000001 VENDOR_SYSCALLS
ABS 0x00782000 VIDEO_Addr
ABS 0x00784000 VIDEO_Cont
ABS 0x00782000 VIDEO_Pan
ABS 0x00600000 VIDEO_Ram
ABS 0x00620000 VIDEO_Ram_
ABS 0x00000080 VIDEO_bytesPerLine
ABS 0x0000ffe9 VIDEO_default_pan
ABS 0x0000000f VIDEO_deflt_Pan_Bit_Pos
ABS 0x00000010 VIDEO_inverted
ABS 0x00000004 VIDEO_inverted_bit
ABS 0x00000010 VIDEO_inverted_mask
ABS 0x000003ff VIDEO_maxDisplayX
ABS 0x000003ff VIDEO_maxDisplayY
ABS 0x00000180 VIDEO_maxViewportX
ABS 0x00000220 VIDEO_maxViewportY
ABS 0x00000000 VIDEO_not_inverted
ABS 0x0000000f VIDEO_panx
ABS 0x00000005 VIDEO_screenOn_bit
ABS 0x00000020 VIDEO_screenOn_mask
ABS 0x00000000 VIDEO_screen_off
ABS 0x00000040 VIDEO_screen_on
ABS 0x00000020 VIDEO_serial_off
ABS 0x00000080 VIDEO_vadinc
ABS 0x000001e0 VIDEO_viewportHeight
ABS 0x00000280 VIDEO_viewportWidth
ABS 0x00000006 VIDEO_vint_bit
ABS 0x00000040 VIDEO_vint_mask
ABS 0x00000000 VM_RECORDING
ABS 0x00000006 VerticalInterruptsPerTick
ABS 0x00000011 VerticalInterval
ABS 0xffffffd8 WAITPR
ABS 0x00000000 WIN_BUS_ADDRESS
ABS 0x00000000 WIN_BUS_ADDRESS_0
ABS 0x00000002 WIN_BUS_ADDRESS_1
ABS 0x00000004 WIN_BUS_ADDRESS_2
ABS 0x00000005 WIN_BUS_ADDRESS_3
ABS 0x00000000 WINmajor
ABS 0x00000004 WINminor
ABS 0x00000006 WPIPES
ABS 0x0000001b WRITS
ABS 0x00000005 XANY_b
ABS 0x00000000 XMIT_ON_b
ABS 0x00000013 XOFFC
ABS 0x00000002 XOFF_SEND_b
ABS 0x00000001 XOFF_SENT_b
ABS 0x00000011 XONC
ABS 0x00000006 XONXOF_b
ABS 0x00000003 XON_SEND_b
ABS 0x00000004 XTABS
ABS 0x00000002 XTABS_b
ABS 0x00000014 ZDVEC
ABS 0x00000014 acblks
ABS 0x00000006 acend
ABS 0x00000013 acmem
ABS 0x00000018 acname
ABS 0x00000016 acspar
ABS 0x00000010 acstat
ABS 0x00000002 acstrt
ABS 0x0000000a acsyst
ABS 0x00000012 actty
ABS 0x00000000 acuid
ABS 0x0000000a acusrt
ABS 0x00000018 bfadr
ABS 0x00000012 bfblch
ABS 0x00000014 bfblck
ABS 0x00000004 bfdbl
ABS 0x00000000 bfdfl
ABS 0x00000010 bfdvn
ABS 0x0000000c bffbl
ABS 0x00000008 bfffl
ABS 0x0000001c bfflag
ABS 0x0000001d bfflg2
ABS 0x00000021 bfspr
ABS 0x00000020 bfstat
ABS 0x0000001e bftid
ABS 0x00000016 bfxadr
ABS 0x0000001a bfxfc
ABS 0x00000031 bhamsk
ABS 0x0000000a bhbss
ABS 0x00000026 bhcom
ABS 0x00000006 bhdat
ABS 0x00000001 bhdes
ABS 0x0000001a bhdsa
ABS 0x0000002a bhflg
ABS 0x00000000 bhhdr
ABS 0x0000003d bhmach
ABS 0x0000002c bhmnpg
ABS 0x0000002e bhmxpg
ABS 0x00000028 bhnam
ABS 0x0000000e bhrls
ABS 0x00000032 bhspr
ABS 0x0000003e bhsrn
ABS 0x0000001e bhstk
ABS 0x00000022 bhsym
ABS 0x00000016 bhtsa
ABS 0x00000030 bhtsiz
ABS 0x00000002 bhtxt
ABS 0x00000038 bhtype
ABS 0x0000003a bhvers
ABS 0x00000012 bhxfr
ABS 0x00000018 blkclk
ABS 0x00000004 blkcls
ABS 0x00000014 blkfdn
ABS 0x00000008 blkio
ABS 0x0000001a blkmdm
ABS 0x00000000 blkopn
ABS 0x00000010 blktmo
ABS 0x0000000c blktpt
ABS 0x00000004 cbchrs
ABS 0x00000000 cbstrt
ABS 0x00000008 clcnt
ABS 0x00000000 clfst
ABS 0x00000004 cllst
ABS 0x00000010 delta_CTS
ABS 0x00000004 devcls
ABS 0x00000000 devopn
ABS 0x00000008 devrd
ABS 0x00000010 devspc
ABS 0x0000000c devwr
ABS 0x00000002 disableReceiver
ABS 0x00000008 disableTransmitter
ABS 0x00000018 dtbusy
ABS 0x00000004 dtdbl
ABS 0x00000000 dtdfl
ABS 0x0000000c dtqbl
ABS 0x00000008 dtqfl
ABS 0x00000019 dtrtry
ABS 0x00000014 dtsbl
ABS 0x00000010 dtsfl
ABS 0x0000001a dtspr
ABS 0x00000001 enableReceiver
ABS 0x00000004 enableTransmitter
ABS 0x00000068 enetVectorAdrs
ABS 0x00720002 enet_RegAdrs
ABS 0x00720000 enet_RegData
ABS 0x0000001e facces
ABS 0x00000004 fbakl
ABS 0x00000014 fdevic
ABS 0x0000001f fdirlc
ABS 0x00000010 fdnid
ABS 0x00000040 fdnsize
ABS 0x0000004d ffdats
ABS 0x00000026 ffmap
ABS 0x00000000 ffwdl
ABS 0x0000000c fhshbl
ABS 0x00000008 fhshfl
ABS 0x0000001d fmode
ABS 0x0000004d fmtime
ABS 0x00000016 fnumbr
ABS 0x00000020 fouid
ABS 0x0000001a frefct
ABS 0x00000022 fsize
ABS 0x00000018 fstat
ABS 0x0000001c fstatx
ABS 0x00000014 indev
ABS 0x00000010 inhand
ABS 0x00000018 inmask
ABS 0x00000004 inpoll
ABS 0x0000000c inrbrg
ABS 0x00000017 inspcl
ABS 0x00000000 instat
ABS 0x00000008 intbrg
ABS 0x00000016 intype
ABS 0x00000004 lkadr
ABS 0x00000008 lkcnt
ABS 0x00000000 lkofp
ABS 0x0000000c lktid
ABS 0x00000000 logadr
ABS 0x00000002 mat_address
ABS 0x00000014 mat_alloc
ABS 0x00000006 mat_link
ABS 0x00000018 mat_max
ABS 0x00000016 mat_min
ABS 0x0000000a mat_mmap
ABS 0x00000012 mat_size
ABS 0x0000000e mat_smap
ABS 0x00000000 mat_task
ABS 0x00000000 mdevic
ABS 0x00800000 memhi
ABS 0x00000006 mnodep
ABS 0x00000008 mpcnt
ABS 0x00000002 msir
ABS 0x00000000 ofmode
ABS 0x00000004 ofnodp
ABS 0x0000000a ofpos2
ABS 0x00000008 ofpost
ABS 0x00000002 ofrfct
ABS 0x00000001 ofstate
ABS 0x00000002 p_cpu_inc
ABS 0x00000008 p_decay
ABS 0x00000000 p_max_cpu
ABS 0x00000006 p_max_quan
ABS 0x00000004 p_quantum
ABS 0x00000032 personality
ABS 0x00000004 phyadr
ABS 0x00000007 rcvBREAK
ABS 0x00000006 rcvFE
ABS 0x00000004 rcvOE
ABS 0x00000005 rcvPE
ABS 0x00000040 resetErrors
ABS 0x00000010 resetMRptr
ABS 0x00000020 resetRecei
ABS 0x00000030 resetTransmitter
ABS 0x00000041 s64k
ABS 0x00000059 scfdn
ABS 0x00000008 scrtim
ABS 0x00000054 sctgbg
ABS 0x00000038 sctgsz
ABS 0x0000003a sdenf
ABS 0x00000018 sfdnc
ABS 0x0000004f sfirst_fdn
ABS 0x0000001a sfname
ABS 0x00000036 sfnumb
ABS 0x000000be sfree
ABS 0x00000015 sfreec
ABS 0x00000000 simulate_timer
ABS 0x00000004 sintid
ABS 0x00000003 slkfdn
ABS 0x00000002 slkfr
ABS 0x00000001 slowClock
ABS 0x00000057 smount
ABS 0x00000058 snfdn
ABS 0x000000bd snfree
ABS 0x00000004 sp_free_li
ABS 0x00000000 sp_free_sp
ABS 0x00000008 sp_pointers
ABS 0x00000028 spname
ABS 0x0000003b ssidf
ABS 0x00000012 ssizfr
ABS 0x0000004d sspare
ABS 0x0000003c sswpbg
ABS 0x0000003f sswpsz
ABS 0x00000010 sszfdn
ABS 0x00000060 startBreak
ABS 0x00000070 stopBreak
ABS 0x00000000 supdt
ABS 0x0000000c sutime
ABS 0x00000051 svolsiz
ABS 0x00000042 swinc
ABS 0x00000001 swprot
ABS 0x0000000c taddr
ABS 0x00000018 tbaud
ABS 0x00000019 tbaud2
ABS 0x00000016 tbksp
ABS 0x0000000e tccona
ABS 0x0000000f tcconb
ABS 0x00000011 tccond
ABS 0x00000010 tccpu
ABS 0x00000000 tcdeva
ABS 0x0000000c tcdevn
ABS 0x00000017 tcncl
ABS 0x00000015 tcolm
ABS 0x00000008 tcrbrg
ABS 0x00000004 tctbrg
ABS 0x00000014 tdel
ABS 0x00000013 tdelay
ABS 0x00000010 tdevic
ABS 0x00000012 tflags
ABS 0x00000021 tintvec
ABS 0x00000000 tmlink
ABS 0x00000004 tmparm
ABS 0x00000008 tmrout
ABS 0x0000000e tmstamp
ABS 0x0000000c tmtime
ABS 0x0000001e towner
ABS 0x00000000 tqin
ABS 0x00000008 tqout
ABS 0x00000004 tqproc
ABS 0x00000023 tregs
ABS 0x0000004b tsact
ABS 0x0000004c tsage
ABS 0x0000001e tsalrm
ABS 0x00000020 tscpu
ABS 0x00000026 tsdatp
ABS 0x00000012 tsevnt
ABS 0x00000000 tslink
ABS 0x00000047 tsmode
ABS 0x00000048 tsmode2
ABS 0x0000004a tsprb
ABS 0x00000049 tsprir
ABS 0x0000003e tssigmsk
ABS 0x0000002e tssignal
ABS 0x00000036 tssigsoft
ABS 0x00000022 tssize
ABS 0x00000004 tsslnk
ABS 0x00000046 tsstat
ABS 0x00000028 tsstkp
ABS 0x0000001a tsswap
ABS 0x0000001a tstate
ABS 0x0000001b tstate2
ABS 0x0000001c tstate3
ABS 0x00000020 tstatus0
ABS 0x00000016 tstext
ABS 0x0000000a tstid
ABS 0x0000000c tstidp
ABS 0x0000000e tstty
ABS 0x00000024 tstxtp
ABS 0x00000008 tsuid
ABS 0x0000002a tsutop
ABS 0x0000000e txcnt
ABS 0x00000000 txfpt
ABS 0x00000008 txfwa
ABS 0x00000022 txmitstate
ABS 0x00000004 txptr
ABS 0x0000000c txsiz
ABS 0x000002fa ubin_flags
ABS 0x00000882 ubits
ABS 0x000007b6 ublkmap
ABS 0x000007ba ublkmap_block_count
ABS 0x000007bc ublkmap_block_list
ABS 0x000007b6 ublkmap_first_block
ABS 0x0000032c ucname
ABS 0x000005ae ucontext
ABS 0x00000890 ucpu
ABS 0x00000320 ucrdir
ABS 0x000004ec udatfwa
ABS 0x0000000a udchunk
ABS 0x0000088a udfc
ABS 0x000005a0 udl_fdn
ABS 0x00000516 udname
ABS 0x0000050c udname_size
ABS 0x0000050e udname_slot
ABS 0x00000594 udperm
ABS 0x00000013 uerror
ABS 0x0000059c uexnam
ABS 0x00000597 ufault_ok
ABS 0x00000324 ufdel
ABS 0x00000514 ufdn
ABS 0x00000802 ufile_cont
ABS 0x00000330 ufiles
ABS 0x000005a8 uhltpri
ABS 0x000003c4 uicnt
ABS 0x000007dc uio_header
ABS 0x000007fe uio_page
ABS 0x000005a4 uiocnt
ABS 0x00000595 uiosp
ABS 0x00000508 uiotlmt
ABS 0x000003c8 uipos
ABS 0x000003c0 uistrt
ABS 0x00000328 ulstdr
ABS 0x000004fe umapreg
ABS 0x00000596 umaprw
ABS 0x00000308 umark0
ABS 0x0000030c umark1
ABS 0x00000310 umark2
ABS 0x000002f6 umdep_chunks
ABS 0x000002a2 umdep_segs
ABS 0x00000014 umem
ABS 0x00000012 umemc
ABS 0x0000050a umemlmt
ABS 0x000005a6 umxmem
ABS 0x000004e4 unxtbl
ABS 0x00000894 upersonality
ABS 0x000004d8 uprfbf
ABS 0x000004d4 uprfpc
ABS 0x000004e0 uprfsc
ABS 0x000004dc uprfsz
ABS 0x000002f9 uproc_id
ABS 0x0000088e uquantum
ABS 0x0000000e uregs
ABS 0x000007b2 urumpq
ABS 0x000003b0 usarg0
ABS 0x000003b4 usarg1
ABS 0x000003b8 usarg2
ABS 0x000003bc usarg3
ABS 0x00000898 uschizo
ABS 0x0000000c uschunk
ABS 0x000007ae uscratch_p
ABS 0x0000088c usfc
ABS 0x000003d4 usigs
ABS 0x000004fa usized
ABS 0x000004fc usizes
ABS 0x000004f8 usizet
ABS 0x00000886 ustack_bot
ABS 0x00000598 ustart
ABS 0x000004f0 ustkfwa
ABS 0x000004f4 ustklim
ABS 0x00000892 usys_ratio
ABS 0x00000314 utask
ABS 0x000004e2 utask_ord
ABS 0x00000008 utchunk
ABS 0x00000304 utext_blink
ABS 0x00000300 utext_flink
ABS 0x00000506 utimlmt
ABS 0x00000004 utims
ABS 0x000003d0 utimsc
ABS 0x00000000 utimu
ABS 0x000003cc utimuc
ABS 0x000002fc utmat
ABS 0x000004e8 utxtfwa
ABS 0x0000031c uuid
ABS 0x0000031e uuida
ABS 0x00000318 uvfork
ABS 0x000005aa uworkspace
ABS 0x00000510 uwrk_size
ABS 0x00000512 uwrk_slot
ABS 0x00000554 uwrkbf
DAT 0x0000257c ANSI_CMTB
DAT 0x000005f8 BD0close
DAT 0x0000061c BD0io
DAT 0x000005d4 BD0open
DAT 0x0000043c BOOTED
DAT 0x00001bd0 BootedFileNameLength
DAT 0x00000417 CLKENB
DAT 0x0000041c CONFIG
DAT 0x00000474 CPU_personality
DAT 0x0000256c CRMStateTa
DAT 0x00003db0 ColumnTable
DAT 0x000026ec ControlCharacterTable
DAT 0x00001bcc CurrentEmulatedHardware
DAT 0x00000e9c CurrentRAWtask
DAT 0x00001bc8 CurrentRealHardware
DAT 0x00000488 DISK_personality
DAT 0x00000416 DO_READ_AH
DAT 0x00002774 DeviceStatusReport5Msg
DAT 0x00000ea1 DisplayIntRequest
DAT 0x00000ea2 DisplayIntSignal
DAT 0x00001be4 DisplayState
DAT 0x00003e50 EDATA
DAT 0x00002d5d FontUnderScoreChar
DAT 0x0000390e FunctionKeyDefsTable
DAT 0x00000418 HRDENB
DAT 0x0000388e JoyDiskResetDefs
DAT 0x00003a8e JoyDiskSetDefs
DAT 0x00003834 KbdCapsLockTable
DAT 0x000037da KbdControlShiftTable
DAT 0x00003780 KbdControlTable
DAT 0x000036cc KbdLowerCaseTable
DAT 0x00003726 KbdShiftTa
DAT 0x00003b0e KeyAppDefsTable
DAT 0x00001ba0 MAX_MAPS
DAT 0x00001b9e MAX_TASK_S
DAT 0x000010e4 MW_DCT
DAT 0x00003d10 ModeArguementTable
DAT 0x00003d30 ModeJumpTa
DAT 0x00000492 PIPE_personality
DAT 0x0000041b PRINT_SYSCALLS
DAT 0x00001b59 PTY_BS
DAT 0x00001b5a PTY_CAN
DAT 0x00002554 ParserStateTable
DAT 0x000027cc PegFontTbl
DAT 0x0000041a RAW_STATUS
DAT 0x00001bc2 RebootFlag
DAT 0x00003d70 RowTable
DAT 0x00003cce SpecialKeyDefsTable
DAT 0x00001bc3 StoppedFlag
DAT 0x00001b58 System_stack_is_mapped
DAT 0x000004b8 System_tasks
DAT 0x000004c0 TTY_dispatch_table
DAT 0x0000047e TTY_personality
DAT 0x0000277c TabDefaultInitTable
DAT 0x00000400 UniFLEX
DAT 0x000006a4 VARBLS
DAT 0x00000419 WRITE_DISA
DAT 0x0000276c WhatAreYou
DAT 0x00003e50 _edata
DAT 0x0000071e _u
DAT 0x00000838 access_bmt
DAT 0x00000828 actfil
DAT 0x00000808 alloc_CP
DAT 0x0000049c auto_vec
DAT 0x0000080e blackhole
DAT 0x000005b4 blktab
DAT 0x000006d4 buffer_compares
DAT 0x000006d0 buffer_lookups
DAT 0x000007dc buflst
DAT 0x000007fe cbufct
DAT 0x00000770 cbuffr
DAT 0x0000073c cfreel
DAT 0x00000ac8 chkMAflg
DAT 0x00000812 chproc
DAT 0x000004c4 chrtab
DAT 0x000006ec chunk_searches
DAT 0x00002394 comm_cmd_tbl
DAT 0x0000240a comm_drvr_D
DAT 0x00000714 config
DAT 0x00000ea3 console_key_int_req
DAT 0x00000440 contab
DAT 0x00000e98 context_D
DAT 0x00000702 corcnt
DAT 0x00000816 demnd_lock
DAT 0x00002216 displaySVC_D
DAT 0x0000081b dstflg
DAT 0x00000640 dt0
DAT 0x00000ea8 duart_IMR
DAT 0x00000822 exectbl
DAT 0x0000065c fchbuf
DAT 0x000006dc fdn_compares
DAT 0x000006d8 fdn_lookups
DAT 0x00000784 fdnbsy
DAT 0x0000078c fdnfre
DAT 0x00000774 fdntab
DAT 0x0000221c floatSVC_D
DAT 0x00000640 flp_dt
DAT 0x00000e5c flp_init
DAT 0x00000e3c flpdrv
DAT 0x000007ae flpswp
DAT 0x00000e80 flpydrvr_D
DAT 0x00000834 frembmt
DAT 0x00000798 fstsir
DAT 0x0000070c fwamem
DAT 0x000006f8 gentid
DAT 0x00000ad8 getputu_D
DAT 0x0000076c hdrtab
DAT 0x00000e88 idle_D
DAT 0x00000820 inargx
DAT 0x00000e8c intfield_D
DAT 0x00000a88 intflg
DAT 0x00000718 ipldev
DAT 0x00000819 jobpri
DAT 0x00000750 last_map_stolen
DAT 0x0000081a lbolt
DAT 0x00000800 lcbuf
DAT 0x0000079c lkbeg
DAT 0x000007a0 lkend
DAT 0x00001be0 machinit_D
DAT 0x00000e90 map_D
DAT 0x0000074c map_table
DAT 0x00001ba6 mdep_table
DAT 0x00001b82 mem_limits
DAT 0x0000084c mem_stolen
DAT 0x00000754 memfst
DAT 0x000015ac memgrow
DAT 0x00000758 memlst
DAT 0x00000814 memmsk
DAT 0x00000821 memory_waiters
DAT 0x00000848 mempages
DAT 0x00000844 memqueue
DAT 0x00000710 memsize
DAT 0x000006b0 mp_page
DAT 0x00000768 mtable
DAT 0x00000794 nodev_hash
DAT 0x00001b80 numtty
DAT 0x00000778 ofiles
DAT 0x00000e94 page_fault_D
DAT 0x000006f0 page_faults
DAT 0x000006e4 pages_copied
DAT 0x000006c0 pages_in
DAT 0x000006c4 pages_out
DAT 0x000006c8 pages_stolen
DAT 0x00000e36 phys_D
DAT 0x000006e8 physical_translations
DAT 0x00000736 pipdev
DAT 0x0000182c prcbuf
DAT 0x0000238e printer_D
DAT 0x00000817 rdytci
DAT 0x00000818 rdytgo
DAT 0x00000a7e real_time_list
DAT 0x0000081c restim
DAT 0x00000815 romspr
DAT 0x00000858 root_is_di
DAT 0x00000734 rtdev
DAT 0x0000072e rtdir
DAT 0x00000722 runlst
DAT 0x00000a7c running_real_time
DAT 0x00000826 sabbsy
DAT 0x00001b38 sabufr
DAT 0x00001b2c saofbf
DAT 0x0000044a sbas
DAT 0x00000806 sboff
DAT 0x000006fa sbttim
DAT 0x00000454 schl
DAT 0x00001b5c scon
DAT 0x00001b6a sconbr
DAT 0x00000eaa screenOutput_buffer_count
DAT 0x00000ea6 screenOutput_buffer_inIndex
DAT 0x00000ea7 screenOutput_buffer_outIndex
DAT 0x00000ea5 screenOutput_transmit_enabled
DAT 0x00000ea4 screenOutput_transmit_int_req
DAT 0x000010de screen_in_D
DAT 0x00001484 scsi_drvr_D
DAT 0x00000464 sdlt
DAT 0x000006e0 segments_copied
DAT 0x00000456 sfdn
DAT 0x00000446 sfil
DAT 0x00001488 sgnmsg
DAT 0x00000704 shared_page0
DAT 0x00000708 shared_page1
DAT 0x00000aac sigdump
DAT 0x00000452 siob
DAT 0x0000045e slok
DAT 0x00000726 slplst
DAT 0x0000045a smnt
DAT 0x0000046c smsg_exchanges
DAT 0x0000046e smsg_messa
DAT 0x00000470 smsg_text_size
DAT 0x00000462 smxj
DAT 0x00000466 smxm
DAT 0x00002228 soundDurat
DAT 0x0000237e sound_D
DAT 0x00000442 sppd
DAT 0x00000440 srtd
DAT 0x00000468 sswap
DAT 0x00000444 sswd
DAT 0x000006b4 stablk
DAT 0x000006bc stadsk
DAT 0x000006b8 stafre
DAT 0x000006c4 stancpy
DAT 0x000006c8 stascpy
DAT 0x000006c0 staswp
DAT 0x0000045c stim
DAT 0x000006f4 stimh
DAT 0x000006f6 stiml
DAT 0x00000460 stlm
DAT 0x00000448 stmz
DAT 0x0000044e strm
DAT 0x000015a6 strtup_D
DAT 0x00000450 stsk
DAT 0x000006a0 stub_close
DAT 0x000006a0 stub_open
DAT 0x000006a0 stub_read
DAT 0x000006a0 stub_special
DAT 0x000006a0 stub_write
DAT 0x00000465 stup
DAT 0x00000458 stxt
DAT 0x000007b6 swap_compl
DAT 0x00000830 swap_lock_table
DAT 0x00000850 swap_reclaimed
DAT 0x00000854 swap_stats
DAT 0x00000738 swapdv
DAT 0x000006ac swpbeg
DAT 0x000007ba swpbuf
DAT 0x000007a4 swpend
DAT 0x00000aee swpint
DAT 0x000007a8 swpisz
DAT 0x0000073a swploc
DAT 0x0000192c swpmap
DAT 0x00000860 swppag
DAT 0x000007aa swpptr
DAT 0x0000082c swpsbmt
DAT 0x000006fe swpsiz
DAT 0x00001b58 sysend
DAT 0x0000075c syspnt
DAT 0x000015ac systab
DAT 0x000006cc system_calls
DAT 0x00000859 system_shutting_down
DAT 0x00000802 systmp
DAT 0x0000071a sysub
DAT 0x0000071e sysvar
DAT 0x0000067e tape_bh
DAT 0x0000254f tape_drvr_D
DAT 0x00000640 tape_dt
DAT 0x00000e84 task_end_D
DAT 0x00001ba2 task_sizes
DAT 0x00000813 teluch
DAT 0x0000085a tgtbuf
DAT 0x00000a82 timeout_st
DAT 0x00002384 timer_D
DAT 0x00000764 timtab
DAT 0x00000840 tmat
DAT 0x00000744 tmavl
DAT 0x00000740 tmhead
DAT 0x00000748 tmlst
DAT 0x0000081f tmtuct
DAT 0x0000081e tmtupf
DAT 0x000006a8 tskend
DAT 0x000006a4 tsktab
DAT 0x00000780 ttqtab
DAT 0x00000eac tty_consol
DAT 0x00001b5c ttycon
DAT 0x0000077c ttytab
DAT 0x00000760 txttab
DAT 0x00000732 tzone
DAT 0x0000154e unimd
DAT 0x00001550 unimem
DAT 0x0000154c unisrn
DAT 0x0000154a univen
DAT 0x00001548 univer
DAT 0x0000081d updlck
DAT 0x0000083c usedmem
DAT 0x0000071e usrtop
DAT 0x00000a86 varend
DAT 0x00000ad4 vendor_syscall_limit
DAT 0x00000acc vendor_syscalls
DAT 0x0000156c version_D
DAT 0x00001ffa vertint_D
DAT 0x000010f4 win_Disk0
DAT 0x00001104 win_Disk1
DAT 0x00001114 win_Disk2
DAT 0x00001124 win_Disk3
DAT 0x00000640 win_dt
DAT 0x000010f4 win_info
DAT 0x0000118c win_totalRetry
DAT 0x0000134b windrvr_D
DAT 0x0000080a zeropage
