debug(CMD) 19 June 1992 debug(CMD) Name debug - test and debug executable files Syntax debug[[drive:][path]filename [testfile-parameters]] Parameters [drive:][path]filename Specifies the location and name of the executable file you want to test. testfile-parameters Specifies any command-line information required by the executable file you want to test. debug commands The following is a list of debug commands: ? Displays a list of the debug commands. a Assembles 8086/8087/8088 mnemonics. c Compares two portions of memory. d Displays the contents of a portion of memory. e Enters data into memory starting at a specified address. f Fills a range of memory with specified values. g Runs the executable file that is in memory. h Performs hexadecimal arithmetic. i Displays one byte value from a specified port. l Loads the contents of a file or disk sectors into memory. m Copies the contents of a block of memory. n Specifies a file for an l or w command, or specifies the parame- ters for the file you are testing. o Sends one byte value to an output port. p Executes a loop, a repeated string instruction, a software inter- rupt, or a subroutine. q Stops the debug session. r Displays or alters the contents of one or more registers. s Searches a portion of memory for a specified pattern of one or more byte values. t Executes one instruction and then displays the contents of all registers, the status of all flags, and the decoded form of the instruction that debug will execute next. u Disassembles bytes and displays the corresponding source state- ments. w Writes the file being tested to a disk. xa Allocates expanded memory. xd Deallocates expanded memory. xm Maps expanded memory pages. xs Displays the status of expanded memory. For descriptions of these commands, see the following pages. Separating command parameters All debug commands accept parameters, except the q command. You can separate parameters with commas or spaces, but these separators are required only between two hexadecimal values. Therefore, the following commands are equivalent: dcs:100 110 d cs:100 110 d,cs:100,110 Specifying valid address entries An address parameter in a debug command specifies a location in memory. address is a two-part designation containing either an alphabetic segment register or a 4-digit segment address, plus an offset value. You can omit the segment register or segment address. The default segment for the a, g, l, t, u, and w commands is CS. The default segment for all other commands is DS. All numeric values are in hexadecimal format. The following are valid addresses: CS:0100 04BA:0100 The colon between the segment name and the offset value is required. Specifying valid range entries A range parameter in a debug command specifies a range of memory. You can choose from two formats for range: a starting address and an ending address, or a starting address and the length (denoted by l) of the range. For example, both of the following syntaxes specify a 16-byte range beginning at CS:100: cs:100 10f cs:100 l 10 Assembling a [address] This command creates executable machine code from assembly-language statements. All numeric values are in hexadecimal format, and you must type them as 1 to 4 characters. You specify a prefix mnemonic in front of the operation code (opcode) to which it refers. address Specifies the location where you type assembly-language mnemon- ics. You use hexadecimal values for address and type each value without the trailing ``h'' character. If you do not specify an address, a starts assembling where it last stopped. Using mnemonics The segment-override mnemonics are cs:, ds:, es:, and ss:. The mnemonic for the far return is retf. String-manipulation mnemonics must explic- itly state the string size. For example, use movsw to move word strings (16 bits), and use movsb to move byte strings (8 bits). Assembling jumps and calls The assembler automatically assembles a short, near, or far jump or call, depending on byte displacement, to the destination address. You can override such a jump or call by using a near or far prefix, as the fol- lowing example shows: -a0100:0500 0100:0500 jmp 502 ; a 2-byte short jump 0100:0502 jmp near 505 ; a 3-byte near jump 0100:0505 jmp far 50a ; a 5-byte far jump You can abbreviate the near prefix to ne. Distinguishing word and byte memory locations When an operand can refer to either a word memory location or a byte mem- ory location, you must specify the data type with the prefix word ptr or the prefix byte ptr. Acceptable abbreviations are wo and by, respec- tively. The following example shows the two formats: dec wo [si] neg byte ptr [128] Specifying operands debug uses the common convention that an operand enclosed in brackets ([]) refers to a memory location. This is because debug cannot otherwise differentiate between an immediate operand and an operand that is a mem- ory location. The following example shows the two formats: mov ax,21 ; load AX with 21h mov ax,[21] ; load AX with the ; contents of ; memory location 21h Using pseudoinstructions Two popular pseudoinstructions are available with the a command: the db opcode, which assembles byte values directly into memory, and the dw opcode, which assembles word values directly into memory. Following are examples of both pseudoinstructions: db 1,2,3,4,"THIS IS AN EXAMPLE" db 'THIS IS A QUOTATION MARK: "' db "THIS IS A QUOTATION MARK: '" dw 1000,2000,3000,"BACH" The a command supports all forms of register-indirect commands, as the following example shows: add bx,34[bp+2].[si-1] pop [bp+di] push [si] All opcode synonyms are also supported, as the following example shows: loopz 100 loope 100 ja 200 jnbe 200 For 8087 opcodes, you must specify the wait or fwait prefix, as the fol- lowing example shows: fwait fadd st,st(3) ; this line assembles ; an fwait prefix Comparing c range address range Specifies the starting and ending addresses, or the starting address and length, of the first area of memory you want to com- pare. address Specifies the starting address of the second area of memory you want to compare. If the range and address memory areas are identical, debug displays noth- ing and returns directly to the debug prompt. If there are differences, debug displays them in the following format: ERROR: @DEF1 APPEARS WITHOUT A @TERM1 address1 byte1 byte2 address2 See the following example for an illustration of this format. The following commands have the same effect: c100,10f 300 c100l10 300 Each command compares the block of memory from 100h through 10Fh with the block of memory from 300h through 30Fh. debug responds to either of the previous commands with a display similar to the following (assuming DS = 197F): 197F:0100 4D E4 197F:0300 197F:0101 67 99 197F:0301 197F:0102 A3 27 197F:0302 197F:0103 35 F3 197F:0303 197F:0104 97 BD 197F:0304 197F:0105 04 35 197F:0305 197F:0107 76 71 197F:0307 197F:0108 E6 11 197F:0308 197F:0109 19 2C 197F:0309 197F:010A 80 0A 197F:030A 197F:010B 36 7F 197F:030B 197F:010C BE 22 197F:030C 197F:010D 83 93 197F:030D 197F:010E 49 77 197F:030E 197F:010F 4F 8A 197F:030F Notice that the addresses 197F:0106 and 197F:0306 are missing from the list. This means that the values in those addresses are identical. Dumping d[range] range Specifies the starting and ending addresses, or the starting address and length, of the memory area whose contents you want to display. If you do not specify range, debug displays the con- tents of 128 bytes, starting at the end of the address range specified in the previous d command. When you use the d command, debug displays memory contents in two por- tions: a hexadecimal portion (each byte value is shown in hexadecimal format) and an ASCII portion (each byte value is shown as an ASCII char- acter). Each nonprinting character is denoted by a period (.) in the ASCII portion of the display. Each display line shows the contents of 16 bytes, with a hyphen between the eighth and ninth bytes. Each display line begins on a 16-byte boundary. Suppose you type the following command: dcs:100 10f debug displays the the contents of the range in the following format: 04BA:0100 54 4F 4D 00 53 41 57 59-45 52 00 00 00 00 00 00 TOM.SAWYER...... If you type the d command without parameters, debug formats the display as described in the previous example. Each line of the display begins with an address that is 16 bytes greater than the address on the previous line (or 8 bytes if you have a 40-column screen). For each subsequent d command you type without parameters, debug displays the bytes immediately following those last displayed. If you type the following command, debug displays the contents of 20h bytes, starting at CS:100: dcs:100 l 20 If you type the following command, debug displays the contents of all bytes in the range of lines from 100h through 115h in the CS segment: dcs:100 115 Entering e address [list] You can type data in either hexadecimal or ASCII format. Any data previ- ously stored at the specified address is lost. address Specifies the first memory location where you want to enter data. list Specifies the data you want to enter into successive bytes of memory. Using the address parameter If you specify a value for address without specifying a value for the optional list parameter, debug displays the address and its contents, repeats the address on the next line, and waits for your input. At this point, you can perform one of the following actions: + Replace the byte value. To do this, you type a new value after the current value. If the value you type is not a valid hexadecimal value or if it contains more than two digits, debug does not echo the invalid or extra character. + Advance to the next byte. To do this, you press the Space key. To change the value in that byte, type a new value after the current value. If you move beyond an 8-byte boundary when you press the Space key, debug starts a new display line and displays the new address at the beginning of the line. + Return to the preceding byte. To do this, you press the - (hyphen) key. You can press the - key repeatedly to move back more than 1 byte. When you press -, debug starts a new line and displays the current address and byte value. + Stop the e command. To do this, you press the Enter key. You can press Enter at any byte position. Using the list parameter If you specify values for the list parameter, the e command sequentially replaces the existing byte values with the values from the list. If an error occurs, no byte values are changed. List values can be either hexadecimal byte values or strings. You separate values by using a space, a comma, or a tab character. You must enclose strings within single or double quotation marks. Suppose you type the following command: ecs:100 debug displays the contents of the first byte in the following format: 04BA:0100 EB._ To change this value to 41, type 41 at the cursor, as follows: 04BA:0100 EB.41 You can type consecutive byte values with one e command. Instead of pressing Enter after typing the new value, press the Space key. debug displays the next value. In this example, if you press the Space key three times, debug displays the following values: 04BA:0100 EB.41 10. 00. BC._ To change the hexadecimal value BC to 42, type 42 at the cursor, as fol- lows: 04BA:0100 EB.41 10. 00. BC.42 Now suppose that you decide the value 10 should be 6F. To correct this value, press the - (hyphen) key twice to return to address 0101 (value 10). debug displays the following: 04BA:0100 EB.41 10. 00. BC.42- 04BA:0102 00.- 04BA:0101 10._ Type 6f at the cursor to change the value, as follows: 04BA:0101 10.6f Press Enter to stop the e command and return to the debug prompt. The following is an example of a string entry: eds:100 "This is the text example" This string will fill 24 bytes, starting at DS:100. Filling f range list You can specify data in either hexadecimal or ASCII format. Any data you previously stored at the specified address is lost. range Specifies the starting and ending addresses, or the starting address and length, of the memory area you want to fill. list Specifies the data you want to enter. list can consist of hexa- decimal numbers or a string enclosed in quotation marks. Using the range parameter If range contains more bytes than the number of values in list, debug assigns the values in list repeatedly until all bytes in range are filled. If any of the memory in range is bad or does not exist, debug displays an error message and stops the f command. Using the list parameter If list contains more values than the number of bytes in range, debug ignores the extra values in list. Suppose you type the following command: f04ba:100l100 42 45 52 54 41 In response, debug fills memory locations 04BA:100 through 04BA:1FF with the values specified. debug repeats the five values until all the 100h bytes are filled. Going g [=address] [breakpoints] =address Specifies the address in the program currently in memory at which you want execution to begin. If you do not specify address, MS-DOS begins program execution at the current address in the CS:IP registers. breakpoints Specifies 1 to 10 temporary breakpoints that you can set as part of the g command. Using the address parameter You must precede the address parameter with an equal sign (=) to distin- guish the starting address (address) from the breakpoint addresses (breakpoints). Specifying breakpoints The program stops at the first breakpoint it encounters, regardless of where you typed that breakpoint in the breakpoints list. debug replaces the original instruction at each breakpoint with an interrupt code. When the program reaches a breakpoint, debug restores all breakpoint addresses to their original instructions and displays the contents of all registers, the status of all flags, and the decoded form of the last instruction executed. debug displays the same information as it would display if you used the debug r (register) command and specified the breakpoint address. If you do not stop the program at one of the breakpoints, debug does not replace the interrupt codes with the original instructions. Limitations on setting breakpoints You can set breakpoints only at addresses containing the first byte of an 8086 operation code (opcode). If you set more than 10 breakpoints, debug displays the following message: bp Error Requirements for the user stack pointer The user stack pointer must be valid and must have 6 bytes available for the g command. This command uses an iret instruction to jump to the pro- gram being tested. debug sets the user stack pointer and pushes the user flags, the code segment register, and the instruction pointer onto the user stack. (If the user stack is not valid or is too small, the operat- ing system might fail.) debug places an interrupt code (0CCh) at the specified breakpoint address(es). Restarting a program Do not attempt to restart a program after MS-DOS displays the following message: Program terminated normally To run the program properly, you must reload it by using the debug n (name) and l (load) commands. Suppose you type the following command: gcs:7550 MS-DOS runs the program currently in memory up to the breakpoint address 7550 in the CS segment. debug then displays the contents of the regis- ters and the status of the flags and stops the g command. The following command sets two breakpoints: gcs:7550, cs:8000 If you type the g command again after debug encounters a breakpoint, exe- cution begins at the instruction after the breakpoint, rather than at the usual starting address. Hexing h value1 value2 value1 Represents any hexadecimal number in the range 0 through FFFFh. value2 Represents a second hexadecimal number in the range 0 through FFFFh. debug first adds the two parameters you specify and then subtracts the second parameter from the first. The results of these calculations are displayed on one line - first the sum, then the difference. Suppose you type the following command: h19f 10a debug performs the calculations and displays the following result: 02A9 0095 Inputing i port port Specifies the input port by address. The address can be a 16-bit value. Suppose you type the following command: i2f8 Suppose also that the byte value at the port is 42h. debug reads the byte and then displays the value, as follows: 42 Loading To load the contents of the number of bytes specified in the BX:CX regis- ters from a disk file, use the following syntax: l [address] To bypass the MS-DOS file system and directly load specific sectors, use the following syntax: l address drive start number address Specifies the memory location where you want to load the file or the sector contents. If you do not specify address, debug uses the current address in the CS register. drive Specifies the drive that contains the disk from which specific sectors are to be read. This value is numeric: 0 = A, 1 = B, 2 = C, and so on. You use the drive, start, and number parameters only if you want to load the contents of specific sectors rather than load the file specified on the debug command line or in the most recent debug n (name) command. start Specifies the hexadecimal number of the first sector whose con- tents you want to load. number Specifies the hexadecimal number of consecutive sectors whose contents you want to load. Using the l command without parameters When you use the l command without parameters, the file you specified on the debug command line is loaded into memory, beginning at address CS:100. debug also sets the BX and CX registers to the number of bytes loaded. If you did not specify a file on the debug command line, the file loaded is the one you most recently specified by using the n com- mand. Using the l command with the address parameter If you use the l command with the address parameter, debug begins loading the file or the contents of the specified sectors at the memory location address. Using the l command with all parameters If you use the l command with all parameters, debug loads the contents of specific disk sectors instead of loading a file. Loading the contents of specific sectors Each sector in the range you specify is read from drive. debug begins loading with start and continues until the contents of the number of sec- tors specified in number have been loaded. Loading an .EXE file debug ignores the address parameter for .EXE files. If you specify an .EXE file, debug relocates the file to the loading address specified in the header of the .EXE file. The header itself is stripped off the .EXE file before the file is loaded into memory, so the size of an .EXE file on disk differs from its size in memory. If you want to examine a com- plete .EXE file, rename the file with a different extension. Opening a hex file A hex file is a file that uses the Intel hexadecimal format, as described in The MS-DOS Encyclopedia. debug assumes that files with the .HEX extension are hexadecimal-format files. You can type the l command with no parameters to load a hex file beginning at the address specified in the hex file. If the l command you type includes the address parameter, debug adds the specified address to the address found in the hex file to determine the starting address. Suppose you start debug and type the following command: nfile.com You can now type the l command to load FILE.COM. debug loads the file and displays the debug prompt. Suppose that you want to load the contents of 109 (6Dh) sectors from drive C, beginning with logical sector 15 (0Fh), into memory beginning at address 04BA:0100. To do this, type the following command: l04ba:100 2 0f 6d Moving m range address range Specifies the starting and ending addresses, or the starting address and the length, of the memory area whose contents you want to copy. address Specifies the starting address of the location to which you want to copy the contents of range. Effects of the copy operation on existing data If the addresses in the block being copied do not have new data written to them, the original data remains intact. However, if the destination block already contains data (as it might in an overlapping copy opera- tion), that data is overwritten. (Overlapping copy operations are those in which part of the destination block overlaps part of the source block.) Performing overlapping copy operations The m command performs overlapping copy operations without losing data at the destination addresses. The contents of addresses that will be overwritten are copied first. Thus, if data is to be copied from higher addresses to lower addresses, the copy operation begins at the source block's lowest address and progresses toward the highest address. Con- versely, if data is to be copied from lower addresses to higher addresses, the copy operation begins at the source block's highest address and progresses toward the lowest address. Suppose you type the following command: mcs:100 110 cs:500 debug first copies the contents of address CS:110 to CS:510, then copies the contents of CS:10F to CS:50F, and so on until it has copied the con- tents of CS:100 to CS:500. To view the results, you can use the debug d (dump) command, specifying the destination address you used with the m command. Naming [drive:][pathfilename] To specify parameters for the executable file you are testing, use the following syntax: n file-parameters To clear the current specifications, use the following syntax: n Parameters [drive:][path]filename Specifies the location and name of the executable file you want to test. file-parameters Specifies parameters and switches for the executable file you are testing. The two uses of the n command You can use the n command in two ways. First, you can use it to specify a file to be used by a later l or w command. If you start debug without naming a file to be debugged, you must use the command nfilename before you can use the l command to load the file. The filename is correctly formatted for a file control block at CS:5C. Second, you can use the n command to specify command-line parameters and switches for the file being debugged. Memory areas The following four areas of memory can be affected by the n command: _________________________________________________________________________ Memory location Contents _________________________________________________________________________ CS:5C File control block (FCB) for file 1 CS:6C File control block (FCB) for file 2 CS:80 Length of n command line (in characters) CS:81 Beginning of n command-line characters The first filename you specify for the n command is placed in a file con- trol block (FCB) at CS5C:. If you specify a second filename, this name is placed in an FCB at CS:6C. The number of characters typed on the n command line (exclusive of the first character, n) is stored at location CS:80. The actual characters on the n command line (again, exclusive of the letter n) are stored beginning at CS:81. Note that these characters can be any switches and delimiters that would be legal in a command typed at the MS-DOS prompt. Suppose you have started debug and loaded the program PROG.COM for debug- ging. You subsequently decide to specify two parameters for PROG.COM and run the program. Following is the sequence of commands for this example: debug prog.com nparam1 param2 g In this case, the debug g (go) command runs the program as if you had typed the following command at the MS-DOS prompt: prog param1 param2 Testing and debugging therefore reflect a typical run-time environment for PROG.COM. FILE1.EXE as the file for the subsequent l command which loads FILE1.EXE into memory. The second n command specifies the parame- ters to be used by FILE1.EXE. Finally, the g command runs FILE1.EXE as if you had typed file1 file2.dat file3.dat at the MS-DOS prompt. nfile1.exe l nfile2.dat file3.dat g Note that you do not use the l command after the second form of the n command. Also note that if you now use the w command, MS-DOS saves FILE1.EXE, the file being debugged, with the name FILE2.DAT. To avoid this result, you should always use the first form of the n command immediately before either an l or a w command. Outputting o port byte-value port Specifies the output port by address. The port address can be a 16-bit value. byte-value Specifies the byte value you want to direct to port. To send the byte value 4Fh to the output port at address 2F8h, type the following command: o2f8 4f Proceeding p [=address] [number] Parameters =address Specifies the location of the first instruction to execute. If you do not specify an address, the default address is the current address specified in the CS:IP registers. number Specifies the number of instructions to execute before returning control to debug. The default value is 1. Transferring control to the program being tested When the p command transfers control from debug to the program being tested, that program runs without interruption until the loop, repeated string instruction, software interrupt, or subroutine at the specified address is completed, or until the specified number of machine instruc- tions have been executed. Control then returns to debug. Limitations on the address parameter If the address parameter does not specify a segment, debug uses the CS register of the program being tested. If you omit address, the program is executed beginning at the address specified by its CS:IP registers. You must precede the address parameter with an equal sign (=) to distin- guish it from the number parameter. If the instruction at the specified address is not a loop, a repeated string instruction, a software inter- rupt, or a subroutine, the p command works the same way as the debug t (trace) command. Messages displayed with the p command After p executes an instruction, debug displays the contents of the program's registers, the status of its flags, and the decoded form of the next instruction to be executed. _________________________________________________________________________ CAUTION You cannot use the p command to trace through read-only memory (ROM). _________________________________________________________________________ Suppose that the program you are testing contains a call instruction at address CS:143F. To run the subroutine that is the destination of call and then return control to debug, type the following command: p=143f debug displays the results in the following format: AX=0000 BX=0000 CX=0000 DX=0000 SP=FFEE BP=0000 SI=0000 DI=0000 DS=2246 ES=2246 SS=2246 CS=2246 IP=1443 NV UP EI PL NZ AC PO NC 2246:1442 7505 JNZ 144A Quitting After you type q, control returns to MS-DOS. q This command takes no parameters. To stop the debugging session, type the following command: q MS-DOS displays the MS-DOS prompt. Registering r [register-name] To display the contents of all registers and flags in the register storage area, use the following syntax: r register-name Specifies the name of the register whose contents you want to display. Using the r command If you specify a register name, MS-DOS displays the 16-bit value of that register in hexadecimal notation and displays a colon as the prompt. If you want to change the value contained in the register, type a new value and press Enter; otherwise, just press Enter to return to the debug prompt. Valid register names The following are valid values for register-name: ax, bx, cx, dx, sp, bp, si, di, ds, es, ss, cs, ip, pc, and f. Both ip and pc refer to the instruction pointer. If you specify a register name other than one from the preceding list, MS-DOS displays the following message: br error Using the f character instead of a register name If you type the f character instead of a register name, debug displays the current setting of each flag as a two-letter code and then displays the debug prompt. To change the setting of a flag, type the appropriate two-letter code from the following table: _________________________________________________________________________ Flag name Set Clear _________________________________________________________________________ Overflow ov nv Direction dn (decrement) up (increment) Interrupt ei (enabled) di (disabled) Sign ng (negative) pl (positive) Zero zr nz Auxiliary Carry ac na Parity pe (even) po (odd) Carry cy nc You can type new flag values in any order. You need not leave spaces between these values. To stop the r command, press Enter. Any flags for which you did not specify new values remain unchanged. Messages displayed with the r command If you specify more than one value for a flag, debug displays the follow- ing message: df error If you specify a flag code not listed in the preceding table, debug dis- plays the following message: bf error In both cases, debug ignores all settings specified after the invalid entry. Default settings for debug When you start debug, the segment registers are set to the bottom of free memory, the instruction pointer is set to 0100h, all flags are cleared, and the remaining registers are set to zero, except for sp, which is set to FFEEh. Examples To view the contents of all registers, the status of all flags, and the decoded form of the instruction at the current location, type the follow- ing command: r If the current location is CS:11A, the display will look similar to the following: AX=0E00 BX=00FF CX=0007 DX=01FF SP=039D BP=0000 SI=005C DI=0000 DS=04BA ES=04BA SS=04BA CS=O4BA IP=011A NV UP DI NG NZ AC PE NC 04BA:011A CD21 INT 21 To view only the status of the flags, type the following command: rf debug displays the information in the following format: NV UP DI NG NZ AC PE NC - _ Now you can type one or more valid flag values, in any order, with or without spaces, as in the following command: nv up di ng nz ac pe nc - pleicy debug stops the r command and displays the debug prompt. To see the changes, type either the r or rf command. debug then displays the fol- lowing: NV UP EI PL NZ AC PE CY - _ Press Enter to return to the debug prompt. Searching s range list range Specifies the beginning and ending addresses of the range you want to search. list Specifies the pattern of one or more byte values or a string you want to search for. Separate each byte value from the next with a space or a comma. Enclose string values in quotation marks. If the list parameter contains more than one byte value, debug displays only the first address where the byte value occurs. If list contains only one byte value, debug displays all addresses where the value occurs in the specified range. Suppose you want to find all addresses in the range CS:100 through CS:110 that contain the value 41. To do this, type the following command: scs:100 110 41 debug displays the results in the following format: 04BA:0104 04BA:010D - The following command searches for the string ``Ph'' in the range CS:100 through CS:1A0: scs:100 1a0 "Ph" Tracing t [=address] [number] =address Specifies the address at which debug is to start tracing instruc- tions. If you omit the address parameter, tracing begins at the address specified by your program's CS:IP registers. number Specifies the number of instructions to be traced. This value must be a hexadecimal number. The default value is 1. Tracing instructions in read-only memory The t command uses the hardware trace mode of the 8086 or 8088 micropro- cessor. Therefore, you can also trace instructions stored in read-only memory (ROM). Using the address parameter You must precede the address parameter with an equal sign (=) to distin- guish it from the number parameter. To execute one instruction (pointed to by CS:IP), and then display the contents of the registers, the status of the flags, and the decoded form of the instruction, type the following command: t If the position of the instruction in the program were 04BA:011A, debug might display the following information: AX=0E00 BX=00FF CX=0007 DX=01FF SP=039D BP=0000 SI=005C DI=0000 DS=04BA ES=04BA SS=04BA CS=O4BA IP=011A NV UP DI NG NZ AC PE NC 04BA:011A CD21 INT 21 Unassembling u [range] To disassemble 20h bytes (the default number), beginning at the first address after the address displayed by the previous u command, use the following syntax: u range Specifies the starting and ending addresses, or the starting address and length, of the code you want to disassemble. To disassemble 16 (10h) bytes, beginning at address 04BA:0100, type the following command: u04ba:100l10 debug displays the results in the following format: 04BA:0100 206472 AND [SI+72],AH 04BA:0103 69 DB 69 04BA:0104 7665 JBE 016B 04BA:0106 207370 AND [BP+DI+70],DH 04BA:0109 65 DB 65 04BA:010A 63 DB 63 04BA:010B 69 DB 69 04BA:010C 66 DB 66 04BA:010D 69 DB 69 04BA:010E 63 DB 63 04BA:010F 61 DB 61 To display only the information for the specific addresses 04BA:0100 through 04BA:0108, type the following command: u04ba:0100 0108 debug displays the following: 04BA:0100 206472 AND [SI+72],AH 04BA:0103 69 DB 69 04BA:0104 7665 JBE 016B 04BA:0106 207370 AND [BP+DI+70],DH Writing To write the contents of the number of bytes specified in the BX:CX registers to a disk file, use the following syntax: w [address] To bypass the MS-DOS file system and directly write specific sectors, use the following syntax: w address drive start number _________________________________________________________________________ CAUTION Writing specific sectors is extremely risky because it bypasses the MS-DOS file handler. The disk's file structure can easily be damaged if the wrong values are typed. _________________________________________________________________________ You must have specified the name of the disk file when you started debug or in the most recent debug n (name) command. Both of these methods properly format a filename for a file control block at address CS:5C. address Specifies the beginning memory address of the file, or portion of the file, you want to write to a disk file. If you do not specify address, debug starts from CS:100. drive Specifies the drive that contains the destination disk. This value is numeric: 0 = A, 1 = B, 2 = C, and so on. start Specifies the hexadecimal number of the first sector to which you want to write. number Specifies the number of sectors to which you want to write. Resetting BX:CX before using the w command without parameters If you have used a debug g (go), t (trace), p (proceed), or r (register) command, you must reset the BX:CX registers before using the w command without parameters. Writing a modified file to a disk If you modify the file but do not change the name, length, or starting address, debug can still correctly write the file to the original disk location. Limitation on the w command You cannot write an .EXE or .HEX file with this command. Suppose you want to write the contents of memory, beginning at the address CS:100, to the disk in drive B. You want the data to begin in the disk's logical sector number 37h and continue for 2Bh sectors. To do this, type the following command: wcs:100 1 37 2b When the write operation is complete, debug displays the debug prompt again. Allocating expanded memory xa [count] To use expanded memory, you must have installed an expanded-memory device driver that conforms to version 4.0 of the Lotus/Intel/Microsoft Expanded Memory Specification (LIM EMS). count Specifies the number of 16-kilobyte pages of expanded memory to allocate. If the specified number of pages is available, debug displays a message indicating the hexadecimal number of the handle created; otherwise, debug displays an error message. To allocate 8 pages of expanded memory, type the following command: xa8 If the command is successful, debug displays a message similar to the following: Handle created=0003 Deallocating expanded memory xd [handle] To use expanded memory, you must have installed an expanded-memory device driver that conforms to version 4.0 of the Lotus/Intel/Microsoft Expanded Memory Specification (LIM EMS). handle Specifies the handle you want to deallocate. To deallocate handle 0003, type the following command: xd 0003 If the command is successful, debug displays the following message: Handle 0003 deallocated Mapping expanded memory pages xm [lpage] [ppage] [handle] To use expanded memory, you must have installed an expanded-memory device driver that conforms to version 4.0 of the Lotus/Intel/Microsoft Expanded Memory Specification (LIM EMS). lpage Specifies the number of the logical page of expanded memory that you want to map to physical page ppage. ppage Specifies the number of the physical page to which lpage is to be mapped. handle Specifies the handle. To map logical page 5 of handle 0003 to physical page 2, type the follow- ing command: xm 5 2 0003 If the command is successful, debug displays the following message: Logical page 05 mapped to physical page 02 Displaying expanded-memory status xs To use expanded memory, you must have installed an expanded-memory device driver that conforms to version 4.0 of the Lotus/Intel/Microsoft Expanded Memory Specification (LIM EMS). This command takes no parameters. The information that debug displays has the following format: Handle xx has xx pages allocated Physical page xx = Frame segment xx xx of a total xx EMS pages have been allocated xx of a total xx EMS handles have been allocated To display expanded-memory information, type the following command: xs debug displays information similar to the following: Handle 0000 has 0000 pages allocated Handle 0001 has 0002 pages allocated Physical page 00 = Frame segment C000 Physical page 01 = Frame segment C400 Physical page 02 = Frame segment C800 Physical page 03 = Frame segment CC00 2 of a total 80 EMS pages have been allocated 2 of a total FF EMS handles have been allocated Notes If you use the debug command without a location and filename, you then type all debug commands in response to the debug prompt, a hyphen (-).