Hardware Reference
In-Depth Information
of memory starting at 1662:0100 (i.e. segment address = 1662 , offset = 0100 ).
The hexadecimal value of the first byte in the 16-byte block is B3 whilst the
second is 05 , and so on. The hexadecimal value of the last byte in the 16-byte
block (address 1662:010F ) is also 05 .
An ASCII representation of the data is shown in the right-hand column of the
screen dump. Byte values that do not correspond to printable ASCII characters
are shown simply as a full-stop. Hence B4 and 05 (which are both non-printable
characters) are shown by full-stops whilst 21 appears as !, and 41 as A .
In the context of executable code, the hexadecimal/ASCII dump shown earlier
is not particularly useful and a more meaningful representation can be achieved
by using the Unassemble ( U ) command. Entering the command U100 at the
Debug hyphen prompt produces the display shown in Figure 3.10. The exe-
cutable code starts at address 1662:0100 and ends at address 1662:011B .In
total there are 28 (decimal) bytes of code.
The first instruction occupies 2 bytes of memory (addresses 1662:0100 and
1662:0101 ). The instruction comprises a move of 8 bits of immediate data ( 05 )
into the AH register. The last program instruction is at address 1662:011A and
is a software interrupt relating to address 21 in the interrupt vector table.
At this point it is worth mentioning that the Unassemble command can some-
times produce some rather odd displays. This is simply because the command
is unable to distinguish valid program code from data; Unassemble will quite
happily attempt to disassemble something which is not actually a program!
Having disassembled the program code resident in memory we can check it
against the original source code file. Normally, however, this will not be neces-
sary unless the object code file has become changed or corrupted in some way.
The next stage is that of tracing program execution. The Debug Trace ( T )
command could be employed for this function; however, it is better to make use
of the Proceed ( P ) command to avoid tracing execution of the DOS interrupt
routines in order to keep the amount of traced code manageable.
The Proceed command expects its first parameter to be the address of the first
instruction to be executed. This must then be followed by a second parameter
Figure 3.10 Using Debug's Unassemble ( U ) command to disassemble the
program code
Search WWH ::




Custom Search