re: Disassembly of 00000

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Feb 4, 2013 at 9:25 PM, Sofiane Akermoun <akersof@xxxxxxxxx> wrote:
>
> almost every bytes could be a legal instruction. A disassembler need
> to know where to start to disassemble the code.
> When you pass a binary to a disassembler, it knows that it has to
> start at the begining of the code. (a disassembler find the code
> section by checking some informtion in the header of the binary).
> The condition is to start to disassemble at the begining of the code
> else you can not find the offset and length for each instruction.


And this would also be true if the CPU itself was given those code to
execute with the PC (program Counter) pointed at that address :)

This is one of the "issues" I have with the ia32/x86_64 with their
variable length instructions and CISC model. Compare this with the
SPARC RISC  where the 32bit (up to v8) instructions are all aligned on
32bit word boundaries (ie. the PC increments in 4s, else you have an
alignment error/exception raised), and each instruction is  32bit
words, no exception :)


>
> <snip-variable-length-explanation>


>
> >   What is the condition that decide one byte is or not a legal instruction's start ?


Whether that sequence of bytes are a supported instruction on the
given CPU it is meant to execute on, as a SSE instruction might not be
valid on a old AMD with only 3Dnow available.

So in all cases, you'll need to also know the CPU as well as the
specific mode, ie. real,  extended, long etc. that it was targeted for
as a instruction in long mode for example won't be valid in real mode.

>
> >   Are there some occasions that disassembler need scan more than one byte to detect
> >
> >   its logic ?


 This have been answered, in the previous example. The other answer
here is RTFM the CPU manuals you are disassembling for ;)
--
To unsubscribe from this list: send the line "unsubscribe linux-assembly" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Kernel Newbies]     [Security]     [Linux C Programming]     [Linux for Hams]     [DCCP]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux