>On 17 March 2003 23:43, Horst von Brand wrote:
>> Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua> said:
>> > On 15 March 2003 20:34, Horst von Brand wrote:
>> > > Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua> said:
>>
>> [...]
>>
>> > > > Why not? Disassemble from, say, EIP-16 and check whether you
>> > > > have an instruction starting exactly at EIP. If no, repeat from
>> > > > EIP-15, -14... You are guaranteed to succeed at EIP-0 ;)
>> > >
>> > > But your previous success (if any) doesn't mean anything, and
>> > > might even screw up the decoding after EIP
>> >
>> > How come? If I started to decode at EIP-n and got a sequence of
>> > instructions at EIP-n, EIP-n+k1, EIP-n+k2, EIP-n+k3..., EIP,
>> > instructions prior to EIP can be wrong. Instruction at EIP
>> > and all subsequent ones ought to be right.
>>
>> Iff you exactly hit EIP that way (sure, should check). But wrong
>> previous instructions _will_ confuse people or start them on all kind
>> of wild goose chases. Too much work for a dubious gain.
>
>You are right. But that is better than showing no prior instructions
>at all. And most of the time (can I say 90% ?) prior instructions
>will be ok.
You can also show the instruction sequences that make sense and let
the human figure out the correct sequence when there are multiples.
john
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/