Senior language disassembler function calling process Jim Chan10 / 25/2001 View: Font: Song Zhimi: Conventional Size: Small Five Character Set: Chinese_GB2312━━━━━━━━━━━━━━━━━━━━━ ━━━━━━━━━━━
Summary: This article describes the assembler process of function calls in advanced languages after compiling in the high-level language.
Text: After the high-level language is compiled into a compiler, the assembler process called in the advanced language is as follows:
1. Put the function parameters, the first parameter is on the top, the last parameter is in the bottom of the stack.
2. Execute the CALL instruction to call the function and enter the function code space. a. Execute the CALL instruction, put the address of the CALL instruction into the address. b. After entering the function code space, turn the base pointer EBP and let the base pointer EBP point to the top of the current stack stack and use it to access the function input parameters in the stack and other data in the stack. c. The stack pointer ESP reduces a value, such as 44h, moving up one distance, leaves a space to the function as the temporary storage area. {// After preparing above, the function is officially executed, as shown below. D. In the stack in other pointers or registers to use these registers in a function. E. Execute the code. F. Execute Return () Returns the execution result, and store the value to return to Eax. G. The pointer out of step 2.D. } h. Pass the value of the EBP to the stack pointer ESP, so that the ESP is restored to the value before 2.C. At this point, the value of EBP is on the top of the set. i. At the base pointer EBP out of the stack, restore the value of EBP before 2.B. j. Execute the address of the RET instruction, "call function" outlet, the function returns to the next line of the CALL instruction.
3. The function returns to the CALL instruction, add a value to the stack pointer to restore the stack pointer to the previous value before step 1. This value is the total length of the first step entry parameter above.
Note: 1. The stack pointer ESP points to the lowest position of the new stack data in the top of the stack. 2. The offset pointer in the mov command points to the lowest position of the data being "MOV". The following instructions are transmitted to the contents of the EBP 8 to EBP 11 bytes into the EAX register. 00402048 MOV Eax, DWORD PTR [EBP 8]
An example is as follows:
The function call in the advanced language code is as follows:
117: Br = T1 (P);
The assembly code is as follows:
00401fb8 MOV ECX, DWORD PTR [EBP-8]] Put the parameters into the ECX register 00401FBB PUSH ECX; Parameter Add ILT 10 (T1) (0040100F); function call, next to the address 00401FC1 in the stack 00401FC1 add ESP , 4; function returns, stack pointer plus 4, restore the value of 00401FC4 MOV DWORD PTR [EBP-10H], EAX; take out the function return value in the advanced language from Eax, put in the BR variable
The T1 function is as follows:
125: BOOL T1 (Void * P) 126: {00402030 Push EBP; EBP Fact No. 00402031 MOV EBP, ESP; EBP points to the stack of stacks at this time 00402033 SUB ESP, 44H; ESP reduces a value, empty one-segment storage area 00402036 PUSH EBX; in the stack of the values of the three registers to use it in the function 00402037 Push ESI; 00402038 Push EDI; 00402039 Lea EDI, [EBP-44H]; 0040203C MOV ECX, 11H; 00402041 MOV Eax, 0ccccccccccCH; 00402046 Rep STOS DWORD PTR [EDI]; 127: INT * Q = (int *) P; 00402048 MOV Eax, DWORD PTR [EBP 8]; EBP 8 pointing to the lowest address of the function input parameter; if it is EBP 4 The point to the lowest bit of the function return address 00401FC1, the value is C10040204B MOV DWORD PTR [EBP-4], EAX; 128: Return 0; 0040204E XOR EAX, EAX; return value is placed in the EAX register 129:} 00402050 POP EDI; Three registers out of the stack 00402051 POP ESI; 00402052 POP EBX ; 00402053 MOV ESP, EBP; ESP recovery 00402055 POP EBP; EBP out of the stack, its value is also restored to 00402056 RET; return to the code address stored at this point: 00401FC1; so, if unfortunately modified returned address, the program There will be unexpected above assembly code compiled by VC 6.0.
The stack is behind the stack in the EBP:
Low high ↓ ↓ memory address stack ┆ ┆0012F600 ┆ ┆0012F600 ─ ┆0012F600 ─ ──── ┤ ← EDI = 0012F600 │ │ │ │ │ │ ┆ 44h space ┆ ┆ │ │ │ 0012F640 ─ ┄┄┄┄─┤ │ │0012F644 ├ ────── ┤ ← EBP is assigned to the unit, at which time EBP = 0012F644 │AC F6 12 00 │EBP assignment value before ESP 0012F648 ├───── ─ ┤ │C1 1F 40 00 │ Return address 0012F64C ├────── ┤ ← EBP 8 │A0 F6 12 00 │ Function Real Part P's value 0012F650 ├───────────────── ─ ┤ │ │ ├─ ──── ─ ┤ ┆ ┆ Note: The memory storage space stack is from high to low alignment, and the address labeled on the left is the lowest address of the stored unit in its right. Such as 0012F644 points to the AC byte of 0012F6AC, AC is on the top of the stack. The contents of the memory in the figure are written from low to high, "AC F6 12 00" = 0x0012F6AC
