【转】函数调用时堆栈变化
生活随笔
收集整理的這篇文章主要介紹了
【转】函数调用时堆栈变化
小編覺得挺不錯的,現(xiàn)在分享給大家,幫大家做個參考.
【原文】http://blog.csdn.net/xupan_jsj/article/details/7459630
int?goo(int?a,?int?b)?? {?? ????return?a?+?b;?? }?? ?? void?foo()?? {?? ????int?a[]?=?{1,?2,?3};?? ????int?result?=?goo(a[1],?a[2]);?? ????printf("result:?%d",?result);?? }?? 00EB3890??push????????ebp???? 00EB3891??mov?????????ebp,esp???? 00EB3893??sub?????????esp,0E4h???? 00EB3899??push????????ebx???? 00EB389A??push????????esi???? 00EB389B??push????????edi???? 00EB389C??lea?????????edi,[ebp-0E4h]???? 00EB38A2??mov?????????ecx,39h???? 00EB38A7??mov?????????eax,0CCCCCCCCh???? 00EB38AC??rep?stos????dword?ptr?es:[edi]???? 00EB38AE??mov?????????eax,dword?ptr?[___security_cookie?(0EB7000h)]???? 00EB38B3??xor?????????eax,ebp???? 00EB38B5??mov?????????dword?ptr?[ebp-4],eax???? ????int?a[]?=?{1,?2,?3};?? 00EB38B8??mov?????????dword?ptr?[ebp-14h],1???? 00EB38BF??mov?????????dword?ptr?[ebp-10h],2???? 00EB38C6??mov?????????dword?ptr?[ebp-0Ch],3???? ????int?result?=?goo(a[1],?a[2]);?? 00EB38CD??mov?????????eax,dword?ptr?[ebp-0Ch]???? 00EB38D0??push????????eax???? 00EB38D1??mov?????????ecx,dword?ptr?[ebp-10h]???? 00EB38D4??push????????ecx???? 00EB38D5??call????????goo?(0EB11E5h)???? 00EB38DA??add?????????esp,8???? [cpp]?view plaincopyprint? 00EB3890??push????????ebp???? 00EB3891??mov?????????ebp,esp???? 00EB3893??sub?????????esp,0E4h???? 00EB3899??push????????ebx???? 00EB389A??push????????esi???? 00EB389B??push????????edi???? 00EB389C??lea?????????edi,[ebp-0E4h]???? 00EB38A2??mov?????????ecx,39h???? 00EB38A7??mov?????????eax,0CCCCCCCCh???? 00EB38AC??rep?stos????dword?ptr?es:[edi]???? 00EB38AE??mov?????????eax,dword?ptr?[___security_cookie?(0EB7000h)]???? 00EB38B3??xor?????????eax,ebp???? 00EB38B5??mov?????????dword?ptr?[ebp-4],eax???? ????int?a[]?=?{1,?2,?3};?? 00EB38B8??mov?????????dword?ptr?[ebp-14h],1???? 00EB38BF??mov?????????dword?ptr?[ebp-10h],2???? 00EB38C6??mov?????????dword?ptr?[ebp-0Ch],3???? ????int?result?=?goo(a[1],?a[2]);?? 00EB38CD??mov?????????eax,dword?ptr?[ebp-0Ch]???? 00EB38D0??push????????eax???? 00EB38D1??mov?????????ecx,dword?ptr?[ebp-10h]???? 00EB38D4??push????????ecx???? 00EB38D5??call????????goo?(0EB11E5h)???? 00EB38DA??add?????????esp,8???? 00EB1580??push????????ebp???? 00EB1581??mov?????????ebp,esp???? 00EB1583??sub?????????esp,0C0h???? 00EB1589??push????????ebx???? 00EB158A??push????????esi???? 00EB158B??push????????edi???? 00EB158C??lea?????????edi,[ebp-0C0h]???? 00EB1592??mov?????????ecx,30h???? 00EB1597??mov?????????eax,0CCCCCCCCh???? 00EB159C??rep?stos????dword?ptr?es:[edi]???? ????return?a?+?b;?? 00EB159E??mov?????????eax,dword?ptr?[a]???? 00EB15A1??add?????????eax,dword?ptr?[b]???? }?? 00EB15A4??pop?????????edi???? 00EB15A5??pop?????????esi???? 00EB15A6??pop?????????ebx???? 00EB15A7??mov?????????esp,ebp???? 00EB15A9??pop?????????ebp???? 00EB15AA??ret???? [cpp]?view plaincopyprint? 00EB1580??push????????ebp???? 00EB1581??mov?????????ebp,esp???? 00EB1583??sub?????????esp,0C0h???? 00EB1589??push????????ebx???? 00EB158A??push????????esi???? 00EB158B??push????????edi???? 00EB158C??lea?????????edi,[ebp-0C0h]???? 00EB1592??mov?????????ecx,30h???? 00EB1597??mov?????????eax,0CCCCCCCCh???? 00EB159C??rep?stos????dword?ptr?es:[edi]???? ????return?a?+?b;?? 00EB159E??mov?????????eax,dword?ptr?[a]???? 00EB15A1??add?????????eax,dword?ptr?[b]???? }?? 00EB15A4??pop?????????edi???? 00EB15A5??pop?????????esi???? 00EB15A6??pop?????????ebx???? 00EB15A7??mov?????????esp,ebp???? 00EB15A9??pop?????????ebp???? 00EB15AA??ret????
VS2010下編譯
?
?
foo函數(shù)部分匯編:
?
[cpp]?view plaincopyprint?
goo函數(shù)完整匯編:
?
?
?
[cpp]?view plaincopyprint?
?
?
foo函數(shù)push ebp, mov ebp, esp后
保存原ebp,設(shè)定新的ebp為當前esp位置
?
?
sub esp, 0E4h
給局部變量分配足夠大的棧空間
?
保存原先的一些寄存器值,每次push,esp繼續(xù)向下移
?
?
為局部變量a數(shù)組賦值
?
調(diào)用goo前Push兩個參數(shù),esp繼續(xù)下移
?
call goo函數(shù)時,cpu自動push下一條指令地址,esp繼續(xù)下移
在goo函數(shù)中,同樣保存foo函數(shù)中的ebp值,設(shè)定新的ebp,esp等
?
在執(zhí)行玩goo函數(shù)最后幾句指令時,edi, esi, ebx恢復,esp同時也編程goo中ebp的位置,ebp恢復至foo函數(shù)原來的位置(pop ebp)
下一條指令也裝入IP(ret指令),esp繼續(xù)向上一步
?
foo函數(shù)中的add esp, 8將esp值繼續(xù)往上(清除函數(shù)參數(shù))
清除函數(shù)參數(shù)的工作也可通過ret X在goo函數(shù)返回時設(shè)定(這樣的話不必在每次調(diào)用點上加上add esp, X指令縮短了編譯出來的文件大小,但在子函數(shù)中清除將不能做到printf等的可變參數(shù)個數(shù)功能,因為子函數(shù)不知道具體有多少要參數(shù)進入了,只有調(diào)用處才知道)
轉(zhuǎn)載于:https://www.cnblogs.com/zzmx/p/4166443.html
總結(jié)
以上是生活随笔為你收集整理的【转】函数调用时堆栈变化的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: struts2 常用标签的一般用法
- 下一篇: 创建SVN 本地服务器