ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/cebix/mon/README
Revision: 1.4
Committed: 2000-09-25T12:44:30Z (24 years, 2 months ago) by cebix
Branch: MAIN
Changes since 1.3: +11 -10 lines
Log Message:
- replaced 680x0 and 80x86 disassemblers with the ones from GNU binutils
- 680x0 disassembler shows symbolic MacOS low memory globals

File Contents

# Content
1
2 mon, Version 3.0
3 A command-driven file monitor
4
5 Copyright (C) 1997-2000 Christian Bauer, Marc Hellwig
6 GNU binutils disassemblers (C) 1988, 89, 91, 93, 94, 95, 96, 97, 1998
7 Free Software Foundation, Inc.
8
9
10 License
11 -------
12
13 mon is available under the terms of the GNU General Public License. See the
14 file "COPYING" that is included in the distribution for details.
15
16
17 Overview
18 --------
19
20 "mon" is an interactive command-driven file manipulation tool that is inspired
21 by the "Amiga Monitor" by Timo Rossi <trossi@jyu.fi>. It has commands and
22 features similar to a machine code monitor/debugger, but it is not intended
23 to be used for debugging. It doesn't operate on physical or virtual RAM
24 locations of a process but rather on a fixed-size (but adjustable) buffer with
25 adresses starting at 0. Also, there are no commands to trace code, set
26 breakpoints etc. There are, however, built-in PowerPC, 680x0, 80x86, 6502 and
27 8080 disassemblers.
28
29
30 Installation
31 ------------
32
33 Please consult the file "INSTALL" for installation instructions.
34
35
36 Usage
37 -----
38
39 mon can be started from the Shell or from the Tracker (BeOS), but command line
40 history doesn't work when started from the Tracker). If you give no command
41 line arguments, mon enters interactive mode. Otherwise, all arguments are
42 interpreted and executed as mon commands. The default buffer size is 1MB.
43 The mon command prompt looks like this:
44
45 [00000000]->
46
47 The number in brackets is the value of "." (the "current address", see the
48 section on expressions). You can get a short command overview by entering
49 "h".
50
51 Commands that create a longer output can be interrupted with Ctrl-C.
52
53 To quit mon, enter the command "x".
54
55
56 Constants, variables and expressions
57 ------------------------------------
58
59 The default number base is hexadecimal. Decimal numbers must be prefixed with
60 "_". Hexadecimal numbers may also be prefixed with "$" for clarity. Numbers
61 can also be entered as ASCII characters enclosed in single quotes (e.g. 'BAPP'
62 is the same as $42415050). All numbers are 32-bit values (one word).
63
64 With the "set" command, variables can be defined that hold 32-bit integer
65 values. A variable is referred to by its name. Variable names may be arbitrary
66 combinations of digits and letters (they may also start with a digit) that
67 are not also valid hexadecimal numbers. Names are case-sensitive.
68
69 mon accepts expressions in all places where you have to specify a number. The
70 following operators are available and have the same meaning and precedence as
71 in the C programming language:
72
73 ~ complement
74 + unary plus
75 - unary minus
76 * multiplication
77 / integer division
78 % modulo
79 + addition
80 - subtraction
81 << shift left
82 >> shift right
83 & bitwise AND
84 ^ bitwise exclusive OR
85 | bitwise inclusive OR
86
87 Parentheses may be used to change the evaluation order of sub-expressions.
88
89 There are two special symbols that can be used in expressions:
90
91 . represents the "current address" (the value of "." is also displayed in
92 the command prompt). What exactly the current address is, depends on the
93 command last executed. The display commands set "." to the address after
94 the last address displayed, the "hunt" commands sets "." to the address
95 of the first found occurence of the search string, etc.
96 : is used by the "apply" ("y") command and holds the value of the byte/
97 half-word/word at the current address.
98
99 The "modify" (":"), "fill" ("f") and "hunt" ("h") commands require you to
100 specify a byte string. Byte strings consist of an arbitrary number of byte
101 values and ASCII strings separated by commas. Examples:
102
103 "string"
104 12,34,56,78,9a,bc,de,f0
105 "this",0a,"is a string",0a,"with","newlines",_10
106
107
108 The buffer
109 ----------
110
111 Those mon commands that operate on "memory" operate on a buffer allocated by
112 mon whose size is adjustable with the "@" command. The default buffer size is
113 1MB. The buffer is an array of bytes where each byte has a 32-bit integer
114 address. Addresses start at 0 and are taken modulo the buffer size (i.e. for
115 the default 1MB buffer, addresses 0 and 100000 refer to the same byte).
116
117 The buffer is the working area of mon where you load files into, manipulate
118 them, and write files back from. Arbitraty portions of the buffer may be used
119 as scratch space.
120
121
122 Commands
123 --------
124
125 The following commands are available in mon ('[]' marks a parameter than can be
126 left out):
127
128
129 x Quit mon
130
131 quits mon and returns to the shell.
132
133
134 h Show help text
135
136 displays a short overview of commands.
137
138
139 ?? Show list of commands
140
141 displays a short list of available commands.
142
143
144 ver Show version
145
146 shows the version number of mon.
147
148
149 ? expression Calculate expression
150
151 displays the value of the given expression in hex, decimal, and ASCII
152 characters. If the value is negative, it is displayed as a signed and unsigned
153 number.
154
155
156 @ [size] Reallocate buffer
157
158 changes the size of the buffer to the given number of bytes while preserving
159 the contents of the buffer. If the "size" argument is omitted, the current
160 buffer size is displayed.
161
162
163 i [start [end]] ASCII memory dump
164
165 displays the buffer contents from address "start" to address "end" as ASCII
166 characters. Entering "i" without arguments is equivalent to "i .". The value
167 of "." is set to the address after the last address displayed.
168
169
170 b [start [end]] Binary memory dump
171
172 displays the buffer contents from address "start" to address "end" in a binary
173 format. Entering "b" without arguments is equivalent to "b .". The value of
174 "." is set to the address after the last address displayed.
175
176
177 m [start [end]] Hex/ASCII memory dump
178
179 displays the buffer contents from address "start" to address "end" as hex
180 words and ASCII characters. Entering "m" without arguments is equivalent to
181 "m .". The value of "." is set to the address after the last address displayed.
182
183
184 d [start [end]] Disassemble PowerPC code
185
186 disassembles the buffer contents from address "start" to address "end".
187 Entering "d" without arguments is equivalent to "d .". The value of "." is
188 set to the address after the last address displayed.
189
190
191 d65 [start [end]] Disassemble 6502 code
192
193 disassembles the buffer contents from address "start" to address "end".
194 Entering "d65" without arguments is equivalent to "d65 .". The value of
195 "." is set to the address after the last address displayed.
196
197
198 d68 [start [end]] Disassemble 680x0 code
199
200 disassembles the buffer contents from address "start" to address "end".
201 Entering "d68" without arguments is equivalent to "d68 .". The value of
202 "." is set to the address after the last address displayed.
203
204
205 d80 [start [end]] Disassemble 8080 code
206
207 disassembles the buffer contents from address "start" to address "end".
208 Entering "d80" without arguments is equivalent to "d80 .". The value of
209 "." is set to the address after the last address displayed.
210
211
212 d86 [start [end]] Disassemble 80x86 code
213
214 disassembles the buffer contents from address "start" to address "end".
215 Entering "d86" without arguments is equivalent to "d86 .". The value of
216 "." is set to the address after the last address displayed.
217
218
219 : start string Modify memory
220
221 puts the specified byte string at the address "start" into the buffer. The
222 value of "." is set to the address after the last address modified.
223
224
225 f start end string Fill memory
226
227 fill the buffer in the range from "start" to (and including) "end" with the
228 given byte string.
229
230
231 y[b|h|w] start end expr Apply expression to memory
232
233 works like the "fill" ("f") command, but it doesn't fill with a byte string
234 but with the value of an expression that is re-evaluated for each buffer
235 location to be filled. The command comes in three flavors: "y"/"yb" works on
236 bytes (8-bit), "yh" on half-words (16-bit) and "yw" on words (32-bit). The
237 value of "." is the current address to be modified, the value of ":" holds
238 the contents of this address before modification.
239
240 Examples:
241 yw 0 fff :<<8 shifts all words in the address range 0..fff to the left
242 by 8 bits (you can use this to convert bitmap data from
243 ARGB to RGBA format, for example)
244 y 0 1234 ~: inverts all bytes in the address range 0..1234
245 yh 2 ff 20000/. creates a table of the fractional parts of the reciprocals
246 of 1..7f
247
248
249 t start end dest Transfer memory
250
251 transfers the buffer contents from "start" to (and including) "end" to "dest".
252 Source and destination may overlap.
253
254
255 c start end dest Compare memory
256
257 compares the buffer contents in the range from "start" to (and including)
258 "end" with the contents at "dest". The addresses of all different bytes and
259 the total number of differences (decimal) are printed.
260
261
262 h start end string Search for byte string
263
264 searches for the given byte string in the buffer starting at "start" up to
265 (and including) "end". The addresses and the total number of occurrences are
266 displayed. The value of "." is set to the address of the first occurrence.
267
268
269 \ "command" Execute shell command
270
271 executes the given shell command which must be enclosed in quotes.
272
273
274 ls [args] List directory contents
275
276 works as the shell command "ls".
277
278
279 rm [args] Remove file(s)
280
281 works as the shell command "rm".
282
283
284 cp [args] Copy file(s)
285
286 works as the shell command "cp".
287
288
289 mv [args] Move file(s)
290
291 works as the shell command "mv".
292
293
294 cd directory Change current directory
295
296 works as the shell command "cd". The name of the directory doesn't have to be
297 enclosed in quotes.
298
299
300 o ["file"] Redirect output
301
302 When a file name is specified, all following output is redirected to this
303 file. The file name must be enclosed in quotation marks even if it contains
304 no spaces. Entering "o" without parameters closes the file and directs the
305 output into the terminal window again.
306
307
308 [ start "file" Load data from file
309
310 loads the contents of the specified file into the buffer starting from address
311 "start". The file name must be enclosed in quotation marks even if it contains
312 no spaces. The value of "." is set to the address after the last address
313 affected by the load.
314
315
316 ] start size "file" Save data to file
317
318 writes "size" number of bytes of the buffer from "start" to the specified file.
319 The file name must be enclosed in quotation marks even if it contains no spaces.
320
321
322 set [var[=value]] Set/clear/show variables
323
324 If no arguments are given, all currently defined variables are displayed.
325 Otherwise, the value of "var" is set to the specified value. If "=value"
326 is omitted, the variable "var" is cleared.
327
328
329 cv Clear all variables
330
331 clears all currently defined variables.
332
333
334 rmon
335 ----
336
337 When mon is started as "rmon", it enters "real mode". That is, all memory
338 related functions no longer operate on the buffer but on "real" (virtual)
339 memory. Unless you are writing Mac emulators, this is probably of not much
340 use. :-)
341
342
343 Examples
344 --------
345
346 Here are some simple examples for what is possible with mon.
347
348 Join "file1" and "file2" to "file3":
349
350 [ 0 "file1"
351 [ . "file2"
352 ] 0 . "file3"
353
354 Remove the first 24 bytes (e.g. an unneeded header) of a file:
355
356 [ 0 "file"
357 ] 18 .-18 "file"
358
359 Load the mon executable and search for PowerPC "nop" commands:
360
361 [ 0 "mon"
362 h 0 . 60,00,00,00
363
364 Create a modified version of mon so that the prompt has " $" instead of "->":
365
366 [ 0 "mon"
367 set size=.
368 h 0 . "->"
369 : . " $"
370 ] 0 size "mon1"
371
372 Convert a binary file which contains 16-bit numbers in little-endian format
373 to big-endian format (or vice-versa):
374
375 [ 0 "file"
376 yh 0 .-1 :>>8|:<<8
377 ] 0 . "file"
378
379 Load a BeBox boot ROM image and start disassembling the system reset handler:
380
381 [ 0 "bootnub.image"
382 d 100
383
384
385 History
386 -------
387
388 Please consult the file "ChangeLog" for the release history.
389
390
391 Christian Bauer
392 <Christian.Bauer@uni-mainz.de>
393
394 Marc Hellwig
395 <Marc.Hellwig@uni-mainz.de>