This is no complete manual to MacsBug. This is taken from a file I wrote a while back and is meant to be an extension of the file called "Hex and Such". --==< The Basics >==-- You install MacsBug simply by throwing it into the System Folder, and by restarting your machine. You activate it by pressing the ÒcommandÓ and Òpower-keyÓ (the one towards the top of your keyboard marked with the head of an arrow pointing to the left) buttons. This should have ÒdroppedÓ you into MacsBug. You will notice that you are in MacsBug because your desktop is replaced with a with a bunch of numbers on a white background. Well, going from the top left side, under ÒSPÓ is the current position of the stack pointer, underneath the position of the SP are the values contained in the SP. Under those numbers is the name of the application that is currently the foremost one. Under that is the status of the Status Register, followed by the info held in the 8 data registers, and the 8 address registers (or the 32 registers if it is a PPC program). To the right of the registers is a horizontal line going across the screen. Under that are about 4 lines of text. The topmost line describes where in the applicationÕs code the processor was halted. Under that line are 3 other lines with assembly commands. These are the three commands in line to be executed. To the right of them (in the right bottom corner) are the hexadecimal values of the assembly commands. Above this section (in the middle) is a large empty space. This gets filled up with the results of the commands you give to MacsBug. Your commands get written under the three assembly commands. What happens when you drop into MacsBug is that your processor stops executing commands, and you can for example go through a code step by step, command by command, following through exactly what the program does. So how do you do that? Type ÒtÓ followed by a return. This causes the processor to execute the next assembly command in line. The assembly command that was executed appears now in the middle blank section of your screen, and a new assembly command appears under the two old ones. --==< Basic MacsBug Commands >==-- - t : traces over the next command in line. If it is used on a JSR command it jumps over the the subroutine. (It executes the whole subroutine, without allowing you to see what happened) - s : does the same thing as ÒtÓ except it Òsteps intoÓ a subroutine. For example if you are not interested in what happens in an subroutine you should type ÒtÓ. This causes the processor to continue until it reaches a RTS command, and only then give the control back to you. If you on the other hand want to see what happens in that subroutine, you should type ÒsÓ to step into it and follow through the code from there. - es : this forces the current application to quit (not always). - rs : restarts your computer (sometimes it doesn't work and you have to do it the old fashioned way: apple-control-powerkey) - rb : reboots your computer (boots up the different external devices at startup). This is slower then the ÒrbÓ command - dm [address] : displays what is in the memory at a given address. For example, the command Òdm a6Ó shows you what is held in the address pointed to by address register 6. If you type Òdm abcdÓ it shows you what is held in the memory at location ÒabcdÓ (in hex that is). - db [address] : displays byte from address - dw [address] : displays word from address - dl [address] : displays long from address - il : dissembles the codes. Used if you, for example, want to see what happens after a branch code. - atb [a-trap name] : MacsBug activates every time that a-trap is being called. - atc : clears a-traps - f address expr ÔstringÕ : this is the find command. ÒaddressÓ refers to the starting point of the search; ÒexprÓ is how many bytes it should search; Ò Õstring' Ó is what youÕre looking for! Observe the semi quotation mark before the string! You need to use that! You can find out more about commands for MacsBug by typing ÒhelpÓ