Several basic assembly instructions in detail common registers
Register Device |
16 Guests |
32 Guests |
64 Guests |
Cumulative register |
Ax |
EAX |
RAX |
Base Address Register |
Bx |
EBX |
RBX |
Count Register |
CX |
Ecx |
RCX |
Data registers |
Dx |
EDX |
Rdx |
Stack base pointer |
Bp |
Ebp |
RBP |
Variable address register |
SI |
Esi |
RSI |
Stack top pointer |
Sp |
Esp |
RSP |
Instruction Register |
Ip |
Eip |
Rip |
Assembly Instructions MOV
MOVB (8-bit), MOVW (16-bit), MOVL (32-bit), MOVQ (64-bit)
Register addressing:
movl%eax,%edx
EAX-EdX
Immediate number addressing:
movl $0x123,%edx
Digital Register
Direct addressing:
movl 0x123,%edx
Direct access to memory address data, edx = * (int32_t *) 0x123;
Indirect addressing:
MOVL (%EBX),%edx
%EBX is a memory address, (%EBX) refers to the data in that address, edx = * (int32_t*) ebx;
Variable address addressing:
MOVL 4 (%EBX),%edx
edx = * (int32_t*) (ebx+4);
The Push & pull stack data structure introduces the role:
- Program Call Framework
- Passing parameters
- Save return address
- Provide local variables
- ......
Structure:
Related registers: ESP, EBP
Related actions: Pop, push
//建立被调用者函数的堆栈框架pushl %ebpmovl %esp, %ebp//拆除框架movl %ebp, %esppopl %ebpret
Push: Press Stack
Pop: Out of the stack
Call&retcall
Ret
Equivalent:
popl %eip//栈 -> eip
Enter&leaveenter
push %ebp movl %esp, %ebp //将堆栈置空(栈上重堆)
Leave
movl %ebp, %esp popl %ebp //将堆栈置空(撤销堆栈)
Example: Analyzing a piece of assembly code
pushl $8 ① movl %esp, %ebp ② subl $4, %esp ③ movl $8, (%esp) ④
Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.
Several basic assembly instructions