In assembly languages, what do eax, EBX, ECx, EDX, ESI, EDI, EBP, and ESP mean? [

Source: Internet
Author: User
Tags integer division

 

Organize from the Internet

Eax, EBX, ECx, EDX, ESI, EDI, EBP, ESP, etc. are the names of General registers on the CPU in x86 assembly language, and are 32-bit registers. These registers can be viewed as variables in C language.

For example: Add eax,-2; // it can be considered to be a value such as-2 added to the variable eax.

These 32-bit registers have multiple purposes, but each of them has "expertise" and has its own special features.

Eax is the accumulator, which is the default register of many addition multiplication commands.

EBX is a base register that stores the base address in memory addressing.

ECX is the counter and the internal counter of the repeated (REP) prefix command and loop command.

EdX is always used to place the remainder produced by integer division.

ESI/EDI are called "source/destination Index" (source/destination index), because in many string operation commands, DS: ESI refers to the source string, While ES: EDI points to the target string.

EBP is a base pointer, which is most often used as a frame pointer for calling high-level language functions ). when cracking, you can often see the starting code of a standard function:
  
Push EBP; Save the current EBP
MoV EBP, esp; EBP is set as the current stack pointer
Sub ESP, xxx; reserve XXX bytes for function temporary variables.
...
  
In this way, EBP forms a framework of this function. The above EBP is the original EBP, return address, and parameters respectively. under EBP is a temporary variable. moV ESP, EBP/pop EBP/RET when the function returns.

ESP is specially used as a stack pointer. It is visually called a stack top pointer. The top of the stack is a region with a small address. The more data pushed into the stack, the smaller the ESP. On a 32-bit platform, ESP is reduced by 4 bytes each time.

Part 2 registers:

 

In addition to eflags and EIP, the status and control register group also has four 32-bit control registers, Cr0, CR1, CR2, and C3.

These registers store the overall state of the machine that is not related to the task.

Cr0 contains 6 pre-defined labels. 0-bit Protection allows PE (protedted enable), which is used to start protection mode. If PE position 1, protection mode starts, if PE = 0, it runs in real mode. The first bit is the monitoring coprocessor MP (moniter coprocessor), which together with the 3rd bit determines whether the operation code wait generates an error signal "the coprocessor cannot be used" When Ts = 1. A 3rd-bit task is a task switch. After a task is converted, it is set to 1 automatically. With Ts = 1, the coprocessor cannot be used. The 2nd-bit CRC value is the emulate coprocessor (EM). If em = 1, the coprocessor cannot be used. If em = 0, the coprocessor is allowed. The 4th-bit is the extended type of the microprocessor (processor extension type), which stores information about the extended type of the processor. If ET = 0, it indicates that the system uses the 287 coprocessor, if ET = 1, the system uses the 387 floating point coprocessor. The 31st bits of Cr0 are paging enable, which indicates whether the paging part on the chip can work.

CR1 is an undefined control register for future processors.

Cr2 is a page fault linear address register that stores all 32-bit linear addresses for the last page fault.

The base address register of the page Directory. It stores the physical address of the page Directory table. The page Directory table is always placed on the memory boundary in 4 K Bytes. Therefore, its 12-bit low address is always 0, does not work, even if the content is written, it will not be ignored.

These registers are closely related to the paging mechanism. Therefore, these registers are involved in process management and virtual memory management, remember the contents of the three registers Cr0, CR2, and C3.

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.