Compilation 2----C language functions 2

The program jumps after the call is mentioned above. After the blogger set a wrong breakpoint, the result was a whole week, really want to cry without tears.

This is the correct breakpoint setting, tat. This is the statement after call.

01281427 C4 Add esp,8

The value of ESP is reduced by 4 after you execute call. View the value of ESP in the memory form.

It is the return address of the function that is stored by the small-end machine and only the top of the stack.

012813c0. Ebp

012813C1 8B EC mov ebp,esp

The function body begins with two instructions to stack the EBP and assign the ESP to EBP.

The role of Intel's several general purpose registers is summarized as follows:

Eax-accumulator for operands and results data

? Ebx-pointer to data in the DS segment

? Ecx-counter for string and loop operations

? EDX-I/O pointer

? Esi-pointer to data on the segment pointed to by the DS register; Source pointer for string operations

? Edi-pointer to data (or destination) in the segment pointed to by the ES register; Destination pointer for

String operations

? Esp-stack pointer (in the SS segment)

? Ebp-pointer to data on the stack (in the SS segment)

Because the value of the ESP is always changing, and the value of the function parameter and the return value are computed based on the offset of the stack address, it is required to address the value of the EBP staging esp.

After these two operations, the structure of the stack is as follows:

We then see how the function obtains the value of the formal parameter. As mentioned earlier, the values of the parameters before the function execution have been stacked. Observe the following instructions:

mov Eax,dword ptr [ebp+8]

Add Eax,dword ptr [ebp+0ch]

There is no operation on EBP prior to these two instructions, so the address of the parameter is ebp+8 and Ebp+c, respectively.

The above two instructions add the values at two addresses and pass them to EAX (as EAX)

So how does the function return the value sum? Observe the next instruction-

mov DWORD ptr [Ebp-8],eax

The value of the EAX is passed to the EBP-8 address. Stack structure.

View the values of EBP-8, exactly 1 and 2, and 3

Why the existence of EBP-8 rather than EBP-4, the original book is to prevent overflow attacks, I am a note of course not unknown feel li. This mark will be the first to learn the relevant content and add it later.

Once the function has been executed, of course it needs to be returned. The process of RET instruction is described in detail above. Observe the operation of the function body part on the stack.

Push EBX

Push ESI

Push EDI

Then there is the corresponding pop, so the last ESP points to exactly the same esp. After the pop EBP, esp happens to refer to the return address. The RET instruction returns and the function is executed.

Finishing work after execution:

Notice the command under the call command:

Add esp,8

One of the RET functions is Pops the Top-of-stack value (the return instruction pointer) into the EIP register.

soRETlater,esp+4at the1and theesp+8at the2still exists, and the function has been called. Will beesp+8that marks1and the2It is useless to implement stack recycling.

The following action is followed to get the return value, and RET Special usage, Release optimization will be discussed in the next section.

?

?

?

?

Compilation 2----C language functions 2