Home > Industries > Computer
Shin Xiaoning Original works reproduced please specify the source
"Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000
Experiment:
C Code:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/5A/61/wKioL1T8V1CxnVmrAADs1Jxm3X0686.jpg "style=" float: none; "title=" b69c77b6-2afe-4355-8def-1978fd66fe2d.jpg "alt=" Wkiol1t8v1cxnvmraads1jxm3x0686.jpg "/>
Compile command:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/5A/65/wKiom1T8VmOCxTscAABYXJAWEn0319.jpg "title=" 4367ed69-a7f6-48e6-8ac7-7eb9c03c3f09.jpg "alt=" Wkiom1t8vmocxtscaabyxjawen0319.jpg "/>
Assembly Code:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/5A/61/wKioL1T8V1HBloEiAAKoslH1NIo055.jpg "style=" float: none; "title=" e5306ad5-5320-4629-9345-51d751aa053f.jpg "alt=" Wkiol1t8v1hbloeiaakoslh1nio055.jpg "/>
Basic knowledge
Register
registers are part of the central processing Unit. Registers are high-speed storage parts with limited storage capacity that can be used to hold instructions, data and addresses.
EIP: Stores the current instruction register, and the EIP will point to the next instruction after each execution of an instruction. Span style= "line-height:0px;" >
EBP: is the "base pointer" (base POINTER), which is most often used as a "frame pointer" (frame POINTER) for high-level language function calls. At the time of the crack, you can often see a standard function start code: < /span>
ESP: used specifically as a stack pointer, is visually referred to as the top pointer, the top of the stack is a small area of the address, the more data pressed into the stack, the ESP will become smaller. On 32-bit platforms, esp decreases by 4 bytes at a time.
EAX: Is the "accumulator" (accumulator), which is the default register for many of the addition multiplication instructions.
Addressing mode
Register addressing MOVL%EAX,%EBX assigns the value of EAX to EBX
Immediately address Movl $0x1234,%eax put 0x1234 This immediate number, assigned to EAX.
Direct addressing MOVL 0X12345,%EAX assigns the data stored 0x12345 this memory address to EAX.
Indirect addressing MOVL (%EAX), a memory address stored on%EBX eax, the value of this memory address, is assigned to EBX.
Addressing MOVL 8 (%EAX), the value stored on the%ebx eax, plus the offset 8, the location of the memory address to which this memory address is stored, the value assigned to EBX
Start with the main function:
First sentence: PUSHL%EBP
PUSHL%EBP (indicates that the contents of the EAX register overwhelm the top of the stack):
Equivalent to:
Subl $4,%esp (stacks top of stack)
Movl%ebp, (%ESP)
The second sentence: Movl%esp,%EBP
Makes EBP point to the location that ESP points to.
The third sentence: Subl $4,%esp
The top of the stack is offset by 4 bytes.
Clause Four: MOVL, (%ESP)
Put an immediate 99 on top of the stack.
Call F is called function f ()
The call command can be decomposed into
PUSHL EIP
MOVL F EIP
f function
PUSHL%EBP (Store EBP location, press stack, esp plus one)
MOVL%esp%EBP (esp points to EBP)
...
MOVL%eax (%ESP)
Point the ESP storage memory address to the EAX register
Call G Executive function g
G function
The RET function returns a function that returns the instruction within the execution Gax.
Summary: assembly language is the basis of computer languages, want to deeply understand the Linux kernel or learn some other languages, the compilation is the foundation, small Partners refueling!!!
How does a computer work?
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
