First, study notes
EAX accumulator EBX Base Address register ECX count register edx data register EBP stack base pointer esi--variable address register edi-- ESP stack top pointer EIP instruction pointer register CS code segment Register DS data Segment Register ES additional segment register SS stack Segment Register FS additional segment Register GS additional segment register B8 bit w16 bit l32 bit q64 bit MOVL%eax,%edxedx=eax Register addressing MOVL $0x123,%edxedx=0x123 Immediate addressing MOVL 0x123,%edxedx=* (int32_t*) 0x123 Direct addressing MOVL (%EBX),%edxedx=* (int32_t*) ebx Indirect addressing MOVL 4 (%EBX),%edxedx=* (int32_t*) (ebx+4) The address stack is growing downward, a stack, | | High address | | | | | | Low address subl $4,%EAXPUSHL%eax movl%eax, (%ESP) movl (%ESP),%eaxpopl%eax addl $4,%esp pushl% EIP pseudo-directive call 0x12345 pop $0x12345,%eip pseudo-instruction
Second, the Operation experiment:
The experiment code is as follows:
1 int g (int x) 2 { 3 return x + 3; 4} 5 6 int f (int x) 7 { 8 return g (x); 9} ten int main (void) { return F (8) + 1; 14}
The assembler program is as follows
The above-mentioned compilation process can be described. But there is a thought, Under Linux, the. C program is preprocessed all the way up to the assembly operation described above, and I would like to use the same code for the same program, using the VS2015 compiled on the Windows platform to reproduce the assembly code on the Linux as described above, but I tried it unsuccessfully.
2017-2018-1 20179219 "Linux kernel Fundamentals and analysis" work for the second week