edx c

, and register use;It is a strong Convention that requires binary compatibility. If different call conventions are used by function callers and function bodies, program execution errors may occur and must be considered as part of the function declaration; Ii. Common function call conventions; Function call conventions in vc6; Call Convention stack clearing parameter passing_ Cdecl the caller passes the stack from right to left_ Stdcall function is passed through Stack from right to left_ Fastcal

Method 1 MoV eax, 0MoV EBX, 0MoV ECx, 0MoV edX, 0 Method 2 XOR eax, eaxXOR edX, EDXXOR ECx, ECxXOR edX, ECx Method 3 Hmm... yep, here the stall is partially balanced by the non-change of the source argument (a work/branch avoided by the CPU), so in this specific case, the difference is minimized. XOR eax, eaxXOR ECx, ECxMoV EBX, eaxMoV

Chinese character. It is not hard to understand that the sixteen bits are two bytes. Of course, if there are sixteen bits, there must be thirty-two bits, sixty-fourteen bits, and so on. The thirty-two bits are called dual characters, and the sixty-fourteen bits are called four characters. The CPU we use today is believed to be 32-bit, unless you use 286 or earlier. Naturally, the registers in the CPU are 32-bit. That is to say, a register can hold 32 0 or 1 (this does not include segment regist

return value of the Function Test code: Struct Tagtest { Int M_one; Int M_two; Int M_three; Int M_four; }; Tagtest rerstruct (){Tagtest testret;Testret. m_one =1;Testret. m_two =2;Testret. m_three =3;Testret. m_four =4;ReturnTestret;} Disassembly code: 30 : Tagtest Test ; 31 : Test = Rerstruct () ; 00401078 Lea Eax, [ebp-30h]; The ebp-30h address into the stack, the function of the struct value 00401_ B Push Eax 00401_c Call @ ILT + 0 (Rerstruct )( 0040100

Ecx,[ebp-8] 0040109F mov dword ptr [EBP-10H],ECX 16:swap (P1, p2); 004010A2 mov edx,dword ptr [ebp-10h]; parameter P2 value into the stack 004010A5 push edx 004010A6 mov eax,dword ptr [ebp-0ch]; parameter P1 value into the stack 004010A9 push EAX 004010AA call @ILT +15 (Swap) (00401014); calling swap function 004010AF add esp,8; Clean up parameters in the stack 17:} Read the above code

,ec MOVL%edx,ed MOVL%esi,es Ii. explanation of the content after the third colon The third colon is optimized for GCC, which tells GCC how to use registers and memory in this assembly code, so that GCC does not cause errors when optimizing processing. It can be a register name such as "EAX", "ebx", "ecx", which means that the assembly code explicitly operates on the register, such as ASM ("MOV%%eax,%0 ",:" =r "(foo)::" EAX ") so that GCC avoids us

04c70424 U ... E.. d$...$ 0010 0d000000 e8fcffff ffc9c355 89e583e4 ..... U .... 0020 f083ec20 c7442414 11000000 c7442418 .... d$ ... d$. 0030 01000000 8b150800 0000a100 00000001 ......... 0040 c28b4424 1801c28b 44241c01 d0890424. d$ .... d$.....$ 0050 e8fcffff ff8b4424 18c9c3 ... d$ ... Contents of section. Data: 0000 54000000 00000000 55000000 T .... U ... Contents of section. Rodata: 0000 68656c6c 6f20776f 726c6421 0025640a Hello world!. %d. 0010 00323232 323200.22222.

disconnect at 006100F8.★0060FE62 8B95 40F6FFFF mov edx, dword ptr ss: [ebp-9C0]0060FE68 81E2 FF000000 and edx, 0FF0060FE6E 85D2 test edx, edx0060FE70 0F84 AD000000 je 0060FF230060FE76 6A 00 push 00060FE78 8BB5 CCF5FFFF mov esi, dword ptr ss: [ebp-A34]0060FE7E C1E6 04 shl esi, 40060FE81 8B85 CCF5FFFF mov eax, dword ptr ss: [ebp-A34]0060FE87 25 07000080 and eax, 8

; Comparison0040132f |. 75 42 jnz short crackhea.00401373; wait until it is finished The cursor stops at the command at the 00401328 address. Now we press F7 to follow up: 004013d2/$56 push ESI; ESI into Stack004013d3 |. 33c0 XOR eax, eax; eax cleared004013d5 |. 8d35 c4334000 Lea ESI, dword ptr ds: [4033c4]; send the value in the registration code box to ESI004013db |. 33c9 XOR ECx, ECx; ECx cleared004013dd |. 33d2 XOR edX,

, world! \ N "# the string to be output Len =. -MSG # String Length. text # code snippet declaration. global _ start # specify the entry function _ start: # display a string movl $ Len, % edX # parameter 3: String Length movl $ MSG, % ECx # parameter 2: movl $1, % EBX # parameter 1: file descriptor (stdout) movl $4, % eax # system call number (sys_write) int $0x80 # Call kernel function # exit program movl $0, % EBX # parameter 1: Exit code movl $1, %

W = 0, const int h = 0) 000007: _ w (W ), 000008 _ H (h) 000009 { 000010} 000011 virtual void onresize () 000012 { 000013 _ w + = 10; 000014 _ H + = 10; 000015 cout 000016} 000017 }; 000018 000019 class specialwindow: public window 000020 { 000021 public: 000022 virtual void onresize () 000023 { 000024 static_cast 000025 // window: onresize (); 000026 cout 000027} 000028 }; 000029 000030 int _ tmain (INT argc, _ tchar * argv []) 000031 { 000032 specialwindow SW; 000033 Sw. onresize (); 000034 r

The switch and if-else statements are both conditions in the C language. In terms of syntax, the two functions are the same. If the switch can be completed, the switch can also be completed, however, their application scenarios are slightly different. If is mostly used in a single branch, switch is mainly used in the case of multiple branches. Let's take a look at the C program and the Assembly Code Compiled with GCC. /* $ Begin switch-C */Int switch_eg (int x){Int result = X; Switch (x ){ Case

analysis can be seen, the correct serial is stitched out.Show Code: 0042fa52 |. E8 D96EFDFF Call Acid_bur.004069300042fa57 |. 83F8 CMP eax,0x4; Compares whether the length of a string is greater than or equal to 40042FA5A | 7D 1D jge Short acid_bur.0042fa790042fa5c |. 6A Push 0x00042fa5e |. B9 74fb4200 mov ecx,acid_bur.0042fb74; ASCII, "Ry again!" 0042fa63 |. BA 80fb4200 mov edx,acid_bur.0042fb80; ASCII, "Orry, the serial is Incorect!" 0

the number of the string has changed, and so on the CW and so on the letter has not changed from the above analysis can be seen, the correct serial should be spliced out, in addition to the middle of the number of strings, the other content is hard coding good.show Code: 0042fa52 |. E8 D96EFDFF Call Acid_bur.004069300042fa57 |. 83F8 CMP eax,0x4; Compares whether the length of a string is greater than or equal to 40042FA5A | 7D 1D jge Short acid_bur.0042fa790042fa5c |. 6A Push 0x00042fa5e

command to get.Before calling the CPUID, the function code is stored in the EAX. After calling the CPUID, Eax,ebx,ecx,edx stores the various characteristic information of the CPU. This information is what we commonly call CPU serial numbers.mov eax, 0//Get manufacturer InfoCpuidmov eax, 1//Get the serial number of the CPUCpuidThe following three functions are available for reference:[C-sharp]View Plaincopy function Newcpuid: string; Const CP

$0x7,0x1c (%ESP)Ten 0x40136e movl $0x9,0x20 (%ESP) One0x401376 MOVL $0xb, 0x24 (%ESP) A 0x40137e movl $0x2,0x28 (%ESP) - 0x401386 movl $0x4,0x2c (%ESP) - 0x40138e movl $0x6,0x30 (%ESP) the 0x401396 movl $0x8,0x34 (%ESP) - 0x40139e movl $0xa,0x38 (%ESP) - 0x4013a6 movl $0xc,0x3c (%ESP) -0x4013aeLea0x10 (%ESP),%eax +0x4013b2mov%eax,0x44 (%ESP) - 0x4013b6 movl $0x1,0x40 (%ESP) + 0x4013be movl $0x0,0x48 (%ESP) A 0x4013c6 movl $0x0,0x4c (%ESP) at0x4013cejmp0x4013f9 185> -0x4013d0mov0x4c (%ESP),%eax

Linux-0.11 Memory Management module is the source of the more difficult to understand the part, now the author's personal understanding publishedFirst hair Linux-0.11 kernel memory management get_free_page () function analysisHave time to write other functions or files:)/* *author:davidlin *date:2014-11-11pm *email: [email protected] or [email protected] *world:the City of SZ , in China *ver:000.000.001 *history:editor time do 1) Linpeng 2014-11-11 Created this file! 2) */Here is the source code

; transfer to Tmpbuffer jmp wtin WTOUT:STOSB; Tmpbuffer end; ----------------------------------- ; Handling null Parameters "" (In fact, "->255"); -----------------------------------Lea ESI, Tmpbuffer Lea EDI, Cmdbuffer xor edx, edx, clear 0, using RNSST as a flag register: LODSB cmp al, 0 je rnsend; ESI points to null, which is done. if al! = 34; The character is not quoted. if

, nt must be added for each line, for example: Asm (pushl % eaxnt Movl $0, % eaxnt Popl % eax ); In fact, gcc needs to print the content of asm (...) to the Assembly file when processing the assembly, so it is necessary to control the format. For example: Asm (movl % eax, % ebx ); Asm (xorl % ebx, % edx ); Asm (movl $0, _ booga ); In the above example, we changed the values of edx and ebx in the Assembly, b

)|: 004614A7 8A9C35E9FDFFFF mov bl, byte ptr [ebp + esi-00000217]: 004614AE 80FB2F cmp bl, 2F: 004614B1 7615 jbe 004614C8: 004614B3 80FB3A cmp bl, 3A: 004614B6 7310 jnb 004614C8.: 004614B8 889D0CF6FFFF mov byte ptr [ebp + FFFFF60C], bl: 004614BE C6850DF6FFFF00 mov byte ptr [ebp + FFFFF60D], 00: 004614C5 83C602 add esi, 00000002 * Referenced by a (U) nconditional or (C) onditional Jump at Addresses:|: 004614B1 (C),: 004614B6 (C)|: 004614C8 8D850CF6FFFF lea eax, dword ptr [ebp + FFFFF60C]: 004614C