C ++ (opening part) 01 from the perspective of Assembly

[Disclaimer: All Rights Reserved. You are welcome to reprint it. Do not use it for commercial purposes. Contact Email: feixiaoxing @ 163.com]

Many of my friends, including myself, are not very familiar with many features of the C ++ language. Especially when I was looking for a job a few years ago, I often forced myself to remember some complex questions and answers to cope with exams from work units. But often time has passed, and everything is back to the origin. The problems that have not been clarified are still not understood, and everything has not changed. After a few years, when I accumulate experience in the coding process, I try to use the AssemblyCodeAnd memory data to explain some phenomena, it is not complicated to understand some things. Some may be afraid of assembly language, but it is not necessary. As long as you have some knowledge of C language and stack, you already have the basics of assembly language. In the next several blogs, we will introduce how x86 assembly, data types, data operation logic, pointers, Data, classes, and heavy-load operators are carried out in assembly, let's talk about some personal opinions. Next, we will conduct some small tests and explain them in assembly language. You can do it together.

 

(1) Char name [] and char * Name

[CPP] View plaincopy

2. 1:
4. 2:VoidProcess ()
6. 3 :{
8. 00401020 push EBP
10. 00401021 mov EBP, ESP
12. 00401023 sub ESP, 4ch
14. 00401026 push EBX
16. 00401027 push ESI
18. 00401028 push EDI
20. 00401029 Lea EDI, [ebp-4Ch]
22. 0040102c mov ECx, 13 H
24. 00401031 mov eax, 0 cccccccch
26. 00401036 rep STOs dword ptr [EDI]
28. 4:CharName_tmp [] = {"Hello"};
30. 00401038 mov eax, [String"Hello"(0042201c)]
32. 0040103d mov dword ptr [ebp-8], eax
34. 00401040 mov CX, word PTR [String"Hello"+ 4 (00422020)]
36. 00401047 mov word PTR [ebp-4], CX
38. 5:Char* Name_glb ="Hello";
40. 0040104b mov dword ptr [ebp-0Ch], offset string"Hello"(0042201c)
42. 6 :}
44. 00401052 pop EDI
46. 00401053 pop ESI
48. 00401054 pop EBX
50. 00401055 mov ESP, EBP
52. 00401057 pop EBP
54. 00401058 RET

Through the above code, we can clearly see the difference between the two. The "hello" string is a global read-only variable with the spatial address 0x0042201c. Name_tmp is a char array within the number of functions. The four rows below the 4th line statement indicate that the global data "hello" is copied to name_tmp twice. The first time is DWORD and four bytes, the second time is word and two bytes. Therefore, name_tmp contains 6 bytes. In comparison, name_glb has nothing. It just points itself to a global variable, so it is just a pointer.

(2) Apple A () and Apple B

Assume that class apple is defined:

[CPP] View plaincopy

1. ClassApple
2. {
3. Public:
4. Apple (){}
5. ~ Apple (){}
6. };

So how did Apple A () and Apple B compile them separately?

[CPP] View plaincopy

2. 9:VoidProcess ()
4. 10 :{
6. 00401020 push EBP
8. 00401021 mov EBP, ESP
10. 00401023 sub ESP, 44 h
12. 00401026 push EBX
14. 00401027 push ESI
16. 00401028 push EDI
18. 00401029 Lea EDI, [ebp-44h]
20. 0040102c mov ECx, 11 h
22. 00401031 mov eax, 0 cccccccch
24. 00401036 rep STOs dword ptr [EDI]
26. 11: Apple ();
28. 12: Apple B;
30. 00401038 Lea ECx, [ebp-4]
32. 0040103b call @ ILT + 20 (Apple: Apple) (00401019)
34. 13 :}
36. 00401040 Lea ECx, [ebp-4]
38. 00401043 call @ ILT + 10 (Apple ::~ Apple) (0040100f)
40. 00401048 pop EDI
42. 00401049 pop ESI
44. 0040104a pop EBX
46. 0040104b add ESP, 44 h
48. 0040104e cmp ebp, ESP
50. 00401050 call _ chkesp (004010b0)
52. 00401055 mov ESP, EBP
54. 00401057 pop EBP
56. 00401058 RET

Why didn't apple a () Compile anything? The reason is simple, because the compiler regards apple a () as an extern function, and the return value is apple. The corresponding Apple B is the temporary variable actually defined in the function, because there are two apple functions-Apple constructor and Apple's destructor not far below.

(3) (Apple *) (0)-> Print ()

Here, class apple is defined as follows:

[CPP] View plaincopy

1. ClassApple
2. {
3. IntValue;
4. Public:
5. Apple (){}
6. ~ Apple (){}
7. VoidPrint (){Return;}
8. };

If 0 is set to Apple *, will the function print be accessed?

[CPP] View plaincopy

2. 10:VoidProcess ()
4. 11 :{
6. 00401030 push EBP
8. 00401031 mov EBP, ESP
10. 00401033 sub ESP, 40 h
12. 00401036 push EBX
14. 00401037 push ESI
16. 00401038 push EDI
18. 00401039 Lea EDI, [ebp-40h]
20. 0040103c mov ECx, 10 h
22. 00401041 mov eax, 0 cccccccch
24. 00401046 rep STOs dword ptr [EDI]
26. 12: (Apple *) (0)-> Print ();
28. 00401048 XOR ECx, ECx
30. 0040104a call @ ILT + 0 (Apple: print) (00401005)
32. 13 :}
34. 0040104f pop EDI
36. 00401050 pop ESI
38. 00401051 pop EBX
40. 00401052 add ESP, 40 h
42. 00401055 cmp ebp, ESP
44. 00401057 call _ chkesp (004010e0)
46. 0040105c mov ESP, EBP
48. 0040105e pop EBP
50. 0040105f RET

By running the function, we find that no exception is generated. Why? Because we found that ECx is passed to the print function as 0, that is, the familiar this pointer is 0. But we found that the print function does not use the this pointer internally, because we did not access this-> value at all, just a return statement. This shows that the pointer as a class NULL pointer is not terrible, but it is terrible to use null to access data in the memory.

(4) int M = 1; int n = m ++ + m; what is n?

[CPP] View plaincopy

2. 10:VoidProcess ()
4. 11 :{
6. 0040d4d0 push EBP
8. 0040d4d1 mov EBP, ESP
10. 0040d4d3 sub ESP, 48 h
12. 0040d4d6 push EBX
14. 0040d4d7 push ESI
16. 0040d4d8 push EDI
18. 0040d4d9 Lea EDI, [ebp-48h]
20. 0040d4dc mov ECx, 12 h
22. 0040d4e1 mov eax, 0 cccccccch
24. 0040d4e6 rep STOs dword ptr [EDI]
26. 12:IntM = 1;
28. 0040d4e8 mov dword ptr [ebp-4], 1
30. 13:IntN = m ++ + m;
32. 0040d4ef mov eax, dword ptr [ebp-4]
34. 0040d4f2 add eax, 1
36. 0040d4f5 mov dword ptr [ebp-4], eax
38. 0040d4f8 mov ECx, dword ptr [ebp-4]
40. 0040d4fb add ECx, dword ptr [ebp-4]
42. 0040d4fe mov dword ptr [ebp-8], ECx
44. 0040d501 mov edX, dword ptr [ebp-4]
46. 0040d504 add edX, 1
48. 0040d507 mov dword ptr [ebp-4], EDX
50. 14 :}
52. 0040d50a pop EDI
54. 0040d50b pop ESI
56. 0040d50c pop EBX
58. 0040d50d mov ESP, EBP
60. 0040d50f pop EBP

Through the assembly code, we can see that [ebp-4] is the address of m in the stack, [ebp-8] is the address of N in the stack. There are a total of nine statements under int n = m ++ + M. We can analyze: the first three sentences indicate that M increases by 1, and the fourth sentence indicates ECx = m, that is, ECx = 2. The fifth sentence is the sum of ECx and M. The translation is ECx = ECx + M. In this case, ECx = 4. The sixth sentence indicates n = ECx. From the seventh to ninth sentences, M increases by 1. Why is there such a situation? In fact, the truth is very simple, mainly because our expressions are calculated from the right to the left. If you see this, you will understand that the first is ++ m, then n = m + M, and then M ++.

(5) What is the difference between * P ++ and (* P) ++?

[CPP] View plaincopy

2. 10:VoidProcess ()
4. 11 :{
6. 0040d4d0 push EBP
8. 0040d4d1 mov EBP, ESP
10. 0040d4d3 sub ESP, 48 h
12. 0040d4d6 push EBX
14. 0040d4d7 push ESI
16. 0040d4d8 push EDI
18. 0040d4d9 Lea EDI, [ebp-48h]
20. 0040d4dc mov ECx, 12 h
22. 0040d4e1 mov eax, 0 cccccccch
24. 0040d4e6 rep STOs dword ptr [EDI]
26. 12:CharData ='A';
28. 0040d4e8 mov byte PTR [ebp-4], 61 H
30. 13:Char* P = & data;
32. 0040d4ec Lea eax, [ebp-4]
34. 0040d4ef mov dword ptr [ebp-8], eax
36. 14: * P ++;
38. 0040d4f2 mov ECx, dword ptr [ebp-8]
40. 0040d4f5 add ECx, 1
42. 0040d4f8 mov dword ptr [ebp-8], ECx
44. 15: (* P) ++;
46. 0040d4fb mov edX, dword ptr [ebp-8]
48. 0040d4fe mov Al, byte PTR [edX]
50. 0040d500 add Al, 1
52. 0040d502 mov ECx, dword ptr [ebp-8]
54. 0040d505 mov byte PTR [ECx], Al
56. 16 :}
58. 0040d507 pop EDI
60. 0040d508 pop ESI
62. 0040d509 pop EBX
64. 0040d50a mov ESP, EBP
66. 0040d50c pop EBP
68. 0040d50d RET

First, create the local variable data. Then copy the data pointer to P. The Assembly Code clearly shows that * P ++ is equivalent to P ++; (* P) ++ first copies the pointer to EDX, then obtain the char data pointed to by the edX address and copy it to Al. Al increases by 1. At the same time, P address is copied to ECx, and Al is copied to the address pointed to by the ECX address, which is that simple.

 

There are many other similar problems. You may wish to give it a try:

(1) How is the following Union arranged in memory? When GCC and VC are compiled, is the allocated memory size the same?

[CPP] View plaincopy

1. Typedef Union
2. {
3. CharM: 3;
4. CharN: 7;
5. IntData;
6. } Value;

(2) are the following addresses consistent?

[CPP] View plaincopy

1. CharValue1 [] = {"Hello"};
2. CharValue2 [] = {"Hello"};
3. Char* Pvalue1 = "hello ";
4. Char* Pvalue2 ="Hello";
5. Are the value1 and value2 addresses consistent? What about pvalue1 and pvalue2?

(3) Why is the following statement incorrect? Why is the memory leaked? How to modify it?

[CPP] View plaincopy

2. ClassApple
4. {
6. Char* Pname;
8. Public:
10. Apple () {pname = (Char*) Malloc (10 );}
12. ~ Apple (){If(Null! = Pname) Free (pname );}
14. };
18. VoidProcess ()
20. {
22. Apple A, B;
24. A = B;
26. }

(Full text)