Research on the principle of Coredump, Linux version x86 6.6 single inheritance

Last Update:2015-02-04 Source: Internet

Author: User

Tags mul

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

In C + +, the polymorphism of a class is embodied by the virtual function through inheritance. So what is the distribution of the member and virtual functions of a class in single inheritance?

Take a look at the example:

  1 #include <stdio.h> 2 class xuzhina_dump_c06_s4_base 3 {4 private:5 int m_a;  6 Public:7 xuzhina_dump_c06_s4_base () {m_a = 1;} 8 virtual Void Inc () 9 {m_a++; one}, virtual void print () 13 { printf ("m_a:%d\n", m_a); 15} 16};         Xuzhina_dump_c06_s4_base class xuzhina_dump_c06_s4_derived:public private:21 int m_b; 22 int m_c; Public:24 xuzhina_dump_c06_s4_derived () m_b = 0; m_c = 2*m_b; 2  8} virtual void Mul () {m_c *= m_b;          Print () + printf ("m_b:%d, m_c:%d\n", M_b, M_c), PNS (39) virtual void Dec ()             {M_c-= M_b; 46} 4243 Virtual void Inc (m_b++) M_c + = M_b;47} 48};     A. int main () {xuzhina_dump_c06_s4_base* p = new xuzhina_dump_c06_s4_derived; if (P! = NULL) 54 {p->inc (); P->print (); 0; 60}

Look at the assembly:

(GDB) disassemble maindump of assembler code for function main:0x080485b0 <+0>: Push%EBP 0X080485B1 <    +1&GT: mov%esp,%ebp 0x080485b3 <+3>: Push%ebx 0x080485b4 <+4>: and $0xfffffff0,%esp     0x080485b7 <+7>: Sub $0x20,%esp 0x080485ba <+10>: Movl $0x10, (%ESP) 0x080485c1 <+17>: Call 0x80484a0 <[email protected]> 0x080485c6 <+22>: mov%eax,%ebx 0x080485c8 <+24> : mov%ebx, (%ESP) 0X080485CB <+27>: Call 0x8048654 <_ZN27xuzhina_dump_c06_s4_derivedC2Ev> 0x080     485d0 <+32&gt: mov%ebx,0x1c (%ESP) 0x080485d4 <+36>: Cmpl $0x0,0x1c (%ESP) 0x080485d9 <+41>:    Je 0x8048600 <main+80> 0x080485db <+43>: mov 0x1c (%ESP),%eax 0x080485df <+47>: mov (%eax),%eax 0x080485e1 <+49>: mov (%EAX),%eax 0x080485e3 <+51>: mov 0x1c (%ESP),%edx 0x080 485e7 <+55>: MoV%edx, (%ESP) 0x080485ea <+58>: Call *%eax 0x080485ec <+60>: mov 0x1c (%ESP),%eax 0x080485f 0 <+64>: mov (%EAX),%eax 0x080485f2 <+66>: add $0x4,%eax 0x080485f5 <+69>: mov (%e AX),%eax 0x080485f7 <+71>: mov 0x1c (%ESP),%edx 0x080485fb <+75>: mov%edx, (%ESP) 0x080485fe <+78&gt: Call *%eax 0x08048600 <+80>: mov $0x0,%eax 0x08048605 <+85>: mov-0x4 (%EBP), %EBX 0x08048608 <+88>: Leave 0x08048609 <+89>: ret End of assembler dump.

From the previous section, to see the virtual function table and member variables of the memory layout, directly look at the assembly of the constructor is OK.

(GDB) disassemble _zn27xuzhina_dump_c06_s4_derivedc2evdump of assembler code for function _zn27xuzhina_dump_c06_s4_ derivedc2ev:0x08048654 <+0&gt: Push%ebp 0x08048655 <+1>: mov%esp,%ebp 0x08048657 <+3&gt ;: Sub $0x18,%esp 0x0804865a <+6>: mov 0x8 (%EBP),%eax 0x0804865d <+9>: mov%eax, (%esp     ) 0x08048660 <+12>: Call 0x804860a <_ZN24xuzhina_dump_c06_s4_baseC2Ev> 0x08048665 <+17>: mov 0x8 (%EBP),%eax 0x08048668 <+20>: Movl $0x80487c8, (%eax) 0x0804866e <+26>: mov 0x8 (%EBP),%ea x 0x08048671 <+29>: Movl $0x0,0x8 (%eax) 0x08048678 <+36>: mov 0x8 (%EBP),%eax 0x0804867b <+    39&GT: mov 0x8 (%eax),%eax 0x0804867e <+42>: Lea (%eax,%eax,1),%edx 0x08048681 <+45>: mov 0x8 (%EBP),%eax 0x08048684 <+48>: mov%edx,0xc (%eax) 0x08048687 <+51>: Leave 0x08048688 < +52>: ret End of AssemBler dump.

As you can see, the constructor for class Xuzhina_dump_c06_s4_derived first calls the base class Xuzhina_dump_c06_s4_base constructor (that is, _zn24xuzhina_dump_c06_s4_basec2ev). Set the virtual function table, and then initialize your own variables. Here, there are two questions:

1. The member variables of the class xuzhina_dump_c06_s4_derived are starting from the position of the this+8, not from the location of the this+4. So what's in the this+4?

2. Virtual function table Pointer 0x80487c8 is the virtual function table of class xuzhina_dump_c06_s4_derived, or the virtual function table of base class Xuzhina_dump_c06_s4_base?

Before answering these two questions, take a look at the constructor of the base class Xuzhina_dump_c06_s4_base:

(GDB) disassemble _zn24xuzhina_dump_c06_s4_basec2evdump of assembler code for function _zn24xuzhina_dump_c06_s4_ Basec2ev:   0x0804860a <+0>:     push   %ebp   0x0804860b <+1>:     mov    %esp,%ebp   0x0804860d <+3>:     mov    0x8 (%EBP),%eax   0x08048610 <+6>:     movl   $0x80487e0, (%EAX)   0x08048616 <+12>:    mov    0x8 (%EBP),%eax   0x08048619 <+15>:    movl $0x1,0x4   ( %EAX)   0x08048620 <+22>:    pop    %ebp   0x08048621 <+23>:    ret    End of Assembler Dump.

From the constructor of the base class, the answers to the above two questions are as follows:

1. The place where the this+4 is stored is m_a, initialized to 1.

2. The address 0x80487e0 is the virtual function table of the base class. The address 0x80487c8 is the virtual function table of the subclass.

Take a look at the contents of these two virtual function table pointers.

Base class virtual function table pointer:

(GDB)  X/4wx 0x80487e00x80487e0 <_ztv24xuzhina_dump_c06_s4_base+8>:   0x08048622      0x08048636      0x75783732      0x6e69687a (GDB) Info symbol 0x08048622xuzhina_dump_c06_s4_base::inc () in section. Text (GDB) info symbol 0x08048636xuzhina_dump_c06_s4_base::p rint () in section. Text

Sub-class virtual function table pointer:

(gdb) x/8wx 0x80487c80x80487c8 <_ztv27xuzhina_dump_c06_s4_derived+8>:        0x080486e6      0x080486a4      0x0804868a      0x080486cc0x80487d8 <_ztv24xuzhina_dump_c06_s4_base>:     0x00000000      0x08048830      0x08048622      0x08048636 (gdb) Info symbol 0x080486e6xuzhina_dump_c06_s4_derived::inc () in section. Text (GDB) info Symbol 0x080486a4xuzhina_dump_c06_s4_derived::p rint () in section. Text (GDB) info symbol 0X0804868AXUZHINA_DUMP_C06_S4 _derived::mul () in sections. Text (GDB) info symbol 0x080486ccxuzhina_dump_c06_s4_derived::d EC () in section. Text

In other words, the object construction of subclass Xuzhina_dump_c06_s4_derived goes through the following steps

From above you can see the distribution law of the virtual function table of subclasses:

1. The virtual functions of the overloaded base class are arranged in the order in which the base class virtual functions are declared, regardless of the order of the subclass declarations.

2. Virtual functions that are unique to subclasses are arranged in the order in which the virtual functions are declared, appended to the overloaded virtual functions.

Research on the principle of Coredump, Linux version x86 6.6 single inheritance

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More