1. In sim_instr, if an Unauthorized Memory Access trap occurs, the code was enforcing the 940 Reference Manual's admonition that:
"The instruction in the trap location must be a MARK PLACE AND BRANCH (BRM) instruction."
Normally there is a BRM TRAPM in location 041, but when exploring a memory trap, the TSS monitor code at CEX (SMEM) temporarily puts a BRU CEX2+1 in location 041.
Clearly the hardware allows BRU in the trap transfer vector, because the system uses that feature. Change simulator to allow BRM or BRU in Unauthorized Memory Access Trap vector word in location 041.
2. Page 17 of the 940 reference manual specifies special actions when the target address of a BRU, BRX, BRM or BRR instruction cannot be accessed because it's not in the memory map. The simulator was not doing this, causing TRAPM to operate with the address of the BR? instruction instead of its target address. The result was to allocate a page of zeros, which then trapped when the branch completed and transferred to a HLT instruction.
By modifying the code in sds_cpu.c to provide the correct trap address, monitor code TRAPM does not allocate a page, and instead allows any user-defined trap to fire off. This fixes the problem with DDT, which relies on this trap to then map in the DDT SBREK page to 34000 and then complete the transfer to it for command processing.
4bd2eb72de