Home > Developer > C++

"Linux kernel Analysis" MOOC course disassembly a simple C program, analysis Assembly code

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

A simple C program

Analyze a simple C program main.c such as:

Compile the assembly file with the command gcc–s–o main.s main.c-m32 . There are many virtual instructions in the assembly file that do not form machine instructions , in order to make the analysis simple we remove most of the:

Get as shown:

Introduction to the Stack

Apue that each C program has a separate address space, the typical layout in memory is as follows:

The operation of the stack is similar to that of our stack in the data structure, and the EBP,ESP (the specific name is related to the CPU architecture) are directly related to the operation of the stack.

The stack address is assigned from the high to the low direction.

    1. When starting a new stack, make Ebp,esp point to the next bit of the start address of the stack. Eg:ebp,esp Point to 0x10000
    2. PUSHL operation, Esp-4 (32-bit machine for example), at this time the value of ESP is 0XFFFC, the operand is put into the stack
    3. POPL operation, the operand is out of the stack, esp+4
Function call

Call command calls a subroutine, the CPU will be transferred to go to execute subroutine code, in order to be able to accurately return when the subroutine executes, need to push the address of the next instruction of the call instruction into the stack. Then create a new stack for the subroutine, the assembly instructions are as follows:

    1. PUSHL%EBP
    2. MOVL%esp,%EBP

The PUSHL%ebp instruction pushes the base address of the stack of the keynote program into the stack, and ESP,EBP all points to the next bit of the start of the new stack after the MOVL%esp,%ebp instruction is executed. When you want to restore the stack of the keynote function, the stack of the keynote function is restored as long as the following instruction is executed:

    1. MOVL%ebp,%esp
    2. POPL%EBP

These two sentences can be replaced by the leave directive, and of course it is possible to execute POPL%EBP directly.

When restoring the stack of the keynote function, at the top of the stack is the address of the instruction to be executed, the address of the instruction is returned to the instruction counter via the RET instruction, and the CPU will continue to run from the next instruction of call.

"Linux kernel Analysis" MOOC course disassembly a simple C program, analysis Assembly code

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
static code analysis c# static code analysis tools c# simple ping program in c linux c sentiment analysis linux finite element analysis java code analysis tools coverity code analysis
Related Article
The concept and difference of C/s architecture and B/S archit...
Curl_easy_perform problem in Libcurl in C + +
[]linux Socket network programming, file transfer, data trans...
Advantages and disadvantages of C + + copy constructors
C # HttpWebRequest Stunt get web page information based on UR...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More