本文详细解析了一个C++示例程序,重点分析了su_1函数的实现方式及其寄存器的使用过程。通过具体的汇编代码展示了参数传递、局部变量操作及函数返回值的处理细节。
--- d:\test\test\main.cpp ------------------------------------------------------
1:
2: #include <stdio.h>
3:
4:
5: int &su_1(int & a_, int b_)
6: { // 下面这一段时准备工作,忽略
00411390 55 push ebp
00411391 8B EC mov ebp,esp
00411393 81 EC C0 00 00 00 sub esp,0C0h
00411399 53 push ebx
0041139A 56 push esi
0041139B 57 push edi
0041139C 8D BD 40 FF FF FF lea edi,[ebp-0C0h]
004113A2 B9 30 00 00 00 mov ecx,30h
004113A7 B8 CC CC CC CC mov eax,0CCCCCCCCh
004113AC F3 AB rep stos dword ptr es:[edi]
7:
8: a_=a_+b_;
004113AE 8B 45 08 mov eax,dword ptr [a_] % 变量a_的地址放入eax
004113B1 8B 08 mov ecx,dword ptr [eax] % 将eax地址指向的值放入ecx
004113B3 03 4D 0C add ecx,dword ptr [b_] % 将b_指向的变量值加到ecx去
004113B6 8B 55 08 mov edx,dword ptr [a_] % 将遍历a_的地址放入edx
004113B9 89 0A mov dword ptr [edx],ecx % 将ecx中相加的结果存入edx地址指向的变量
9: return a_;
004113BB 8B 45 08 mov eax,dword ptr [a_] % 函数返回:将a_地址输入到eax寄存器中
10: }
004113BE 5F pop edi % 函数结束后的工作
004113BF 5E pop esi
004113C0 5B pop ebx
004113C1 8B E5 mov esp,ebp
004113C3 5D pop ebp
004113C4 C3 ret main函数:
--- d:\test\test\main.cpp ------------------------------------------------------
24:
25: int main()
26: { % 函数开始的准备工作
00411460 55 push ebp
00411461 8B EC mov ebp,esp
00411463 81 EC E4 00 00 00 sub esp,0E4h
00411469 53 push ebx
0041146A 56 push esi
0041146B 57 push edi
0041146C 8D BD 1C FF FF FF lea edi,[ebp-0E4h]
00411472 B9 39 00 00 00 mov ecx,39h
00411477 B8 CC CC CC CC mov eax,0CCCCCCCCh
0041147C F3 AB rep stos dword ptr es:[edi]
27: //TYPE a={100,200};
28: //TYPE b={300,400};
29:
30: //TYPE c;
31: //c=su_3(a,b);
32: int a=1;
0041147E C7 45 F8 01 00 00 00 mov dword ptr [a],1 % 变量初始化
33: int b=2;
00411485 C7 45 EC 02 00 00 00 mov dword ptr [b],2 % 变量初始化
34: int c=su_1(a,b);
0041148C 8B 45 EC mov eax,dword ptr [b] % b的值进入eax寄存器,然后push
0041148F 50 push eax
00411490 8D 4D F8 lea ecx,[a] % a的地址进入ecx寄存器,然后push
00411493 51 push ecx
00411494 E8 AC FC FF FF call su_1 (411145h) % 调用函数
00411499 83 C4 08 add esp,8 % 栈平衡
0041149C 8B 10 mov edx,dword ptr [eax] % eax地址指向的内容拷贝到edx
0041149E 89 55 E0 mov dword ptr [c],edx % edx的内容拷贝到变量c
35: return 0;
004114A1 33 C0 xor eax,eax % main函数的返回值为0
36: }
004114A3 52 push edx
004114A4 8B CD mov ecx,ebp
004114A6 50 push eax
004114A7 8D 15 C8 14 41 00 lea edx,[ (4114C8h)]
004114AD E8 CB FB FF FF call @ILT+120(@_RTC_CheckStackVars@8) (41107Dh)
004114B2 58 pop eax
004114B3 5A pop edx
004114B4 5F pop edi
004114B5 5E pop esi
004114B6 5B pop ebx
004114B7 81 C4 E4 00 00 00 add esp,0E4h
004114BD 3B EC cmp ebp,esp
004114BF E8 6D FC FF FF call @ILT+300(__RTC_CheckEsp) (411131h)
004114C4 8B E5 mov esp,ebp
004114C6 5D pop ebp
004114C7 C3 ret
004114C8 01 db 01h
004114C9 00 db 00h
004114CA 00 db 00h
004114CB 00 db 00h
004114CC D0 db d0h
004114CD 14 db 14h
004114CE 41 db 41h
004114CF 00 db 00h
004114D0 F8 db f8h
004114D1 ?? db ffh
004114D2 ?? db ffh
004114D3 FF db ffh
004114D4 04 db 04h
004114D5 00 db 00h
004114D6 00 db 00h
004114D7 00 db 00h
004114D8 DC db dch
004114D9 14 db 14h
004114DA 41 db 41h
004114DB 00 db 00h
004114DC 61 db 61h
004114DD 00 db 00h 
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
