To understand what Mulao is, the stack frame is the first to understand what Mulao is a stack?that Mulao Mulao is the stack? In the data structure there is a structure called a stack, which is defined as: the operation of inserting and deleting at the end of the table only we allow the insertion and deletion of one end to be called the top of the stack (esp) and the other end as the bottom of the stack (ebp), so the stack is called a LIFO linear table (LIFO). And we know The allocation of space in memory is increased from high address to low address ;Well said this Mulao multi-stack that Mulao Mulao is the stack frame it? In fact, the stack frame is actually used to record the function call process information , is the compiler used to implement the function call process of a data structure. Is my understanding of the stack frame distribution, the following are tested under the vc++6.0 version: Let's take a look at the code for the main function stack frame:
#include <iostream>using namespace Std;int print () {cout<< "I Love You" <<endl;exit (1);} int Add (int a,int b) {int z=0;* (int *) &z+2) = (int) print (); Z=a+b;return Z;} int main () {int a=10;int b=20;int ret=add (A, b); Cout<<ret<<endl;return 0;}
what is the result of this code Mulao? are you feeling surprised? This is a way for the program to confess ... I don't know if my sister can read it.by observing that this code has two cout statements, why does Mulao output a statement with the character I love? Add a * (int *) &z+2) = (int) print () Does this statement have any effect on the logic of the code? The answer is yes.to solve these problems, we need to analyze the code of two numbers in the assembly is how Mulao storage is the function stack frame call process, let us first open disassembly to uncover the main function stack frame of the mystery ...just entering the disassembly, the following assembly statements appear? The results of these statements after implementation are in memory: After our observation, several statements, after the LEA, found its function is to loop 13h to the EBP initialization, do not believe you to open the memory (alt+6) to observe that the EBP does loop 13h times are initialized to random values. here is the stack statement for all the functions:1. The process of allocating space for A/b to press stack 2. Execute the stack process of the Add function and record the address of the next instruction of the call instruction 3. Go inside the Add function and execute the stack frame of the Add function at this point the stack process of the function is over, which is my personal understanding of the function stack frame: after the call is complete, the stack frame is released, following the release command in the Assembly statement: During the release of the function stack frame, we only release the stack frame of the Add function as an example, releasing the stack frame procedure for the main function like this:1). Pop (out of stack) off EDI,ESI,EBX, at which point the ESP points to the original ESP7 location2). Move ESP to the location of EBP, when ESP points to the EBP position of the main function (this is equivalent to the stack frame where the Add function has been ejected)3). Pop EBP is the one that pops the EBP into EBP, at which point we find that the pop is the main function of EBP, so this time EBP points to the main function of EBP, which is EBP2, which also tells us why Mulao to record the main function of the EBP 4). ESP points to the location of the next instruction of the call instructionSee here we should be able to understand why the code at the beginning of the Mulao article will output the contents of the print () function instead of outputting the contents of the main () function ...The address of the next instruction that records the call instruction is to be able to return from the Add () function to the main () function, if we modify this address so that the Add () function does not return to the main () function to execute another function print () function, of course, will not output main () function, because when the address of the next instruction of the call instruction is modified, the Add () function cannot return to the main () function and how Mulao can output the contents of the main () function. The statement *(int *) &z+2) is to remove the address of the call next instruction, by finding that Z and this address is only eight bytes, if the address of Z is taken out plus 2 is the address of the next instruction of this call instruction, It is dereferenced so that the address points to the print () function and cannot go back to the main () function. Here the function of the stack frame on the end of the analysis, if there is any mulao understanding of the incomplete or need to improve the place want readers letter mail [email protected], Thanks
Talking about the stack frame of main function
