[...]
> > > Why not? Disassemble from, say, EIP-16 and check whether you
> > > have an instruction starting exactly at EIP. If no, repeat from
> > > EIP-15, -14... You are guaranteed to succeed at EIP-0 ;)
> > But your previous success (if any) doesn't mean anything, and might
> > even screw up the decoding after EIP
> How come? If I started to decode at EIP-n and got a sequence of
> instructions at EIP-n, EIP-n+k1, EIP-n+k2, EIP-n+k3..., EIP,
> instructions prior to EIP can be wrong. Instruction at EIP
> and all subsequent ones ought to be right.
Iff you exactly hit EIP that way (sure, should check). But wrong previous
instructions _will_ confuse people or start them on all kind of wild goose
chases. Too much work for a dubious gain.
-- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/