getting instruction after exceptions
getting instruction after exceptions
how could i get the address of instruction that causes Single Step(#1) exception, i have read that the address should be put into the stack cs:ip, but what i find in the stack is the address to the next instruction, not to that which caused exception, when i'm dealing with Division by zero exception everything is ok, what could be wrong with Single Step exception?
-
Combuster
- Member
- Posts: 9301
- Joined: Wed Oct 18, 2006 3:45 am
- Libera.chat IRC: [com]buster
- Location: On the balcony, where I can actually keep 1½m distance
- Contact:
Exceptions come in two categories: traps and faults. Faults represent a condition that makes the processor unable to continue execution. Traps are the conditions that cause an exception as part of the execution. Both report the address of the next instruction to be executed. The difference is that to cause a trap, an instruction has been executed, so the reported address is the address of the instruction after the one causing the trap.
The debug exception you are talking about is also a trap. That is not a bug, it is a feature.
When you single step to a program you expect that each instruction is executed exactly once, and that you can execute exactly one instruction at a time. What the processor thus does is that at the end of each instruction, it checks wether it is single stepping and cause int #1 if necessary.
You can not compute the address of the previous instruction directly by looking at the machine code, that's not guaranteed to work. Consider this to be the previously executed instruction:
If you only know where this instruction ends you can not accurately determine what instruction it is - is it one byte (90, NOP), is it two bytes (CD 90 - int 0x91) or four (mov ax, 0x90CD) or even more?
However since you are single stepping, you can know the exact location - something must have just set the trap flag, or you have had a previous debugging exception.
I still fail to see why you would want the location of the previously executed instruction - you can only do things more often than they are supposed to take place - if e.g. I keep repeating MOV EAX, [EAX] I probably get a pagefault somewhere in the near future...
The debug exception you are talking about is also a trap. That is not a bug, it is a feature.
When you single step to a program you expect that each instruction is executed exactly once, and that you can execute exactly one instruction at a time. What the processor thus does is that at the end of each instruction, it checks wether it is single stepping and cause int #1 if necessary.
You can not compute the address of the previous instruction directly by looking at the machine code, that's not guaranteed to work. Consider this to be the previously executed instruction:
Code: Select all
MOV AX, 0x90CDHowever since you are single stepping, you can know the exact location - something must have just set the trap flag, or you have had a previous debugging exception.
I still fail to see why you would want the location of the previously executed instruction - you can only do things more often than they are supposed to take place - if e.g. I keep repeating MOV EAX, [EAX] I probably get a pagefault somewhere in the near future...
