t_assembly.c
#include <stdio.h>
int f()
{
char sa[] = "a";
char sz[] = "z";
char hi[] = "hi";
int i = 6;
int j = 10;
unsigned k = 10;
int ii = -6;
int jj = -10;
int n = -110;
printf("hi");
return 0;
}
int main()
{
int im = 6;
int jm = 10;
unsigned k = 10;
while (1 == 1)
{
f();
}
return 0;
}
gcc -g t_assembly.c
./a.out
perf record -a
perf report --pid=104168
Samples: 569K of event 'cpu-clock', 4000 Hz, Event count (approx.): 142343250000
Percent│ ◆
│ /root/.debug/.build-id/e9/861963f99551d49974e36550e73ccc2c63480f/elf: 文件格式 elf64-x86-64 ▒
│ ▒
│ ▒
│ Disassembly of section .text: ▒
│ ▒
│ 000000000040052d <f>: ▒
│ f(): ▒
│ #include <stdio.h> ▒
│ int f() ▒
│ { ▒
8.56 │ push %rbp ▒
2.84 │ mov %rsp,%rbp ▒
0.80 │ sub $0x40,%rsp ▒
│ char sa[] = "a"; ▒
6.13 │ movw $0x61,-0x20(%rbp) ▒
│ char sz[] = "z"; ▒
18.07 │ movw $0x7a,-0x30(%rbp) ▒
│ char hi[] = "hi"; ▒
6.39 │ movw $0x6968,-0x40(%rbp) ▒
5.19 │ movb $0x0,-0x3e(%rbp) ▒
│ int i = 6; ▒
3.98 │ movl $0x6,-0x4(%rbp) ▒
│ int j = 10; ▒
5.28 │ movl $0xa,-0x8(%rbp) ▒
│ unsigned k = 10; ▒
5.59 │ movl $0xa,-0xc(%rbp) ▒
│ int ii = -6; ▒
2.84 │ movl $0xfffffffa,-0x10(%rbp) ▒
│ int jj = -10; ▒
4.41 │ movl $0xfffffff6,-0x14(%rbp) ▒
│ int n = -110; ▒
4.44 │ movl $0xffffff92,-0x18(%rbp) ▒
│ printf("hi"); ▒
3.20 │ mov $0x400650,%edi ▒
0.23 │ mov $0x0,%eax ▒
1.26 │ → callq printf@plt ▒
│ return 0; ▒
10.59 │ mov $0x0,%eax ▒
│ } ▒
0.72 │ leaveq ▒
9.48 │ ← retq ▒
问题:解释 0x400650信息
Samples: 569K of event 'cpu-clock', 4000 Hz, Event count (approx.): 142343250000
main /home/hdp/workbench/perfUcan/a.out [Percent: local period]
Percent│ ◆
│ /root/.debug/.build-id/e9/861963f99551d49974e36550e73ccc2c63480f/elf: 文件格式 elf64-x86-64 ▒
│ ▒
│ ▒
│ Disassembly of section .text: ▒
│ ▒
│ 000000000040058b <main>: ▒
│ main(): ▒
│ int n = -110; ▒
│ printf("hi"); ▒
│ return 0; ▒
│ } ▒
│ int main() ▒
│ { ▒
│ push %rbp ▒
│ mov %rsp,%rbp ▒
│ sub $0x10,%rsp ▒
│ int im = 6; ▒
│ movl $0x6,-0x4(%rbp) ▒
│ int jm = 10; ▒
│ movl $0xa,-0x8(%rbp) ▒
│ unsigned k = 10; ▒
│ movl $0xa,-0xc(%rbp) ▒
│ while (1 == 1) ▒
│ { ▒
│ f(); ▒
53.47 │1d: mov $0x0,%eax ▒
1.34 │ → callq f ▒
│ } ▒
45.19 │ ↑ jmp 1d ▒
▒
▒
readelf -all a.out
[hdp@cmd perfUcan]$ readelf -all a.out
ELF 头:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
类别: ELF64
数据: 2 补码,小端序 (little endian)
版本: 1 (current)
OS/ABI: UNIX - System V
ABI 版本: 0
类型: EXEC (可执行文件)
系统架构: Advanced Micro Devices X86-64
版本: 0x1
入口点地址: 0x400440
程序头起点: 64 (bytes into file)
Start of section headers: 7472 (bytes into file)
标志: 0x0
本头的大小: 64 (字节)
程序头大小: 56 (字节)
Number of program headers: 9
节头大小: 64 (字节)
节头数量: 35
字符串表索引节头: 34
节头:
[号] 名称 类型 地址 偏移量
大小 全体大小 旗标 链接 信息 对齐
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .interp PROGBITS 0000000000400238 00000238
000000000000001c 0000000000000000 A 0 0 1
[ 2] .note.ABI-tag NOTE 0000000000400254 00000254
0000000000000020 0000000000000000 A 0 0 4
[ 3] .note.gnu.build-i NOTE 0000000000400274 00000274
0000000000000024 0000000000000000 A 0 0 4
[ 4] .gnu.hash GNU_HASH 0000000000400298 00000298
000000000000001c 0000000000000000 A 5 0 8
[ 5] .dynsym DYNSYM 00000000004002b8 000002b8
0000000000000060 0000000000000018 A 6 1 8
[ 6] .dynstr STRTAB 0000000000400318 00000318
000000000000003f 0000000000000000 A 0 0 1
[ 7] .gnu.version VERSYM 0000000000400358 00000358
0000000000000008 0000000000000002 A 5 0 2
[ 8] .gnu.version_r VERNEED 0000000000400360 00000360
0000000000000020 0000000000000000 A 6 1 8
[ 9] .rela.dyn RELA 0000000000400380 00000380
0000000000000018 0000000000000018 A 5 0 8
[10] .rela.plt RELA 0000000000400398 00000398
0000000000000048 0000000000000018 AI 5 23 8
[11] .init PROGBITS 00000000004003e0 000003e0
000000000000001a 0000000000000000 AX 0 0 4
[12] .plt PROGBITS 0000000000400400 00000400
0000000000000040 0000000000000010 AX 0 0 16
[13] .text PROGBITS 0000000000400440 00000440
00000000000001f2 0000000000000000 AX 0 0 16
[14] .fini PROGBITS 0000000000400634 00000634
0000000000000009 0000000000000000 AX 0 0 4
[15] .rodata PROGBITS 0000000000400640 00000640
0000000000000013 0000000000000000 A 0 0 8
[16] .eh_frame_hdr PROGBITS 0000000000400654 00000654
000000000000003c 0000000000000000 A 0 0 4
[17] .eh_frame PROGBITS 0000000000400690 00000690
0000000000000114 0000000000000000 A 0 0 8
[18] .init_array INIT_ARRAY 0000000000600e10 00000e10
0000000000000008 0000000000000008 WA 0 0 8
[19] .fini_array FINI_ARRAY 0000000000600e18 00000e18
0000000000000008 0000000000000008 WA 0 0 8
[20] .jcr PROGBITS 0000000000600e20 00000e20
0000000000000008 0000000000000000 WA 0 0 8
[21] .dynamic DYNAMIC 0000000000600e28 00000e28
00000000000001d0 0000000000000010 WA 6 0 8
[22] .got PROGBITS 0000000000600ff8 00000ff8
0000000000000008 0000000000000008 WA 0 0 8
[23] .got.plt PROGBITS 0000000000601000 00001000
0000000000000030 0000000000000008 WA 0 0 8
[24] .data PROGBITS 0000000000601030 00001030
0000000000000004 0000000000000000 WA 0 0 1
[25] .bss NOBITS 0000000000601034 00001034
0000000000000004 0000000000000000 WA 0 0 1
[26] .comment PROGBITS 0000000000000000 00001034
000000000000002d 0000000000000001 MS 0 0 1
[27] .debug_aranges PROGBITS 0000000000000000 00001061
0000000000000030 0000000000000000 0 0 1
[28] .debug_info PROGBITS 0000000000000000 00001091
000000000000016a 0000000000000000 0 0 1
[29] .debug_abbrev PROGBITS 0000000000000000 000011fb
000000000000007d 0000000000000000 0 0 1
[30] .debug_line PROGBITS 0000000000000000 00001278
0000000000000058 0000000000000000 0 0 1
[31] .debug_str PROGBITS 0000000000000000 000012d0
00000000000000c6 0000000000000001 MS 0 0 1
[32] .symtab SYMTAB 0000000000000000 00001398
0000000000000678 0000000000000018 33 51 8
[33] .strtab STRTAB 0000000000000000 00001a10
00000000000001d3 0000000000000000 0 0 1
[34] .shstrtab STRTAB 0000000000000000 00001be3
0000000000000148 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
l (large), p (processor specific)
There are no section groups in this file.
程序头:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000400040 0x0000000000400040
0x00000000000001f8 0x00000000000001f8 R E 8
INTERP 0x0000000000000238 0x0000000000400238 0x0000000000400238
0x000000000000001c 0x000000000000001c R 1
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
LOAD 0x0000000000000000 0x0000000000400000 0x0000000000400000
0x00000000000007a4 0x00000000000007a4 R E 200000
LOAD 0x0000000000000e10 0x0000000000600e10 0x0000000000600e10
0x0000000000000224 0x0000000000000228 RW 200000
DYNAMIC 0x0000000000000e28 0x0000000000600e28 0x0000000000600e28
0x00000000000001d0 0x00000000000001d0 RW 8
NOTE 0x0000000000000254 0x0000000000400254 0x0000000000400254
0x0000000000000044 0x0000000000000044 R 4
GNU_EH_FRAME 0x0000000000000654 0x0000000000400654 0x0000000000400654
0x000000000000003c 0x000000000000003c R 4
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 10
GNU_RELRO 0x0000000000000e10 0x0000000000600e10 0x0000000000600e10
0x00000000000001f0 0x00000000000001f0 R 1
Section to Segment mapping:
段节...
00
01 .interp
02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame
03 .init_array .fini_array .jcr .dynamic .got .got.plt .data .bss
04 .dynamic
05 .note.ABI-tag .note.gnu.build-id
06 .eh_frame_hdr
07
08 .init_array .fini_array .jcr .dynamic .got
Dynamic section at offset 0xe28 contains 24 entries:
标记 类型 名称/值
0x0000000000000001 (NEEDED) 共享库:[libc.so.6]
0x000000000000000c (INIT) 0x4003e0
0x000000000000000d (FINI) 0x400634
0x0000000000000019 (INIT_ARRAY) 0x600e10
0x000000000000001b (INIT_ARRAYSZ) 8 (bytes)
0x000000000000001a (FINI_ARRAY) 0x600e18
0x000000000000001c (FINI_ARRAYSZ) 8 (bytes)
0x000000006ffffef5 (GNU_HASH) 0x400298
0x0000000000000005 (STRTAB) 0x400318
0x0000000000000006 (SYMTAB) 0x4002b8
0x000000000000000a (STRSZ) 63 (bytes)
0x000000000000000b (SYMENT) 24 (bytes)
0x0000000000000015 (DEBUG) 0x0
0x0000000000000003 (PLTGOT) 0x601000
0x0000000000000002 (PLTRELSZ) 72 (bytes)
0x0000000000000014 (PLTREL) RELA
0x0000000000000017 (JMPREL) 0x400398
0x0000000000000007 (RELA) 0x400380
0x0000000000000008 (RELASZ) 24 (bytes)
0x0000000000000009 (RELAENT) 24 (bytes)
0x000000006ffffffe (VERNEED) 0x400360
0x000000006fffffff (VERNEEDNUM) 1
0x000000006ffffff0 (VERSYM) 0x400358
0x0000000000000000 (NULL) 0x0
重定位节 '.rela.dyn' 位于偏移量 0x380 含有 1 个条目:
偏移量 信息 类型 符号值 符号名称 + 加数
000000600ff8 000300000006 R_X86_64_GLOB_DAT 0000000000000000 __gmon_start__ + 0
重定位节 '.rela.plt' 位于偏移量 0x398 含有 3 个条目:
偏移量 信息 类型 符号值 符号名称 + 加数
000000601018 000100000007 R_X86_64_JUMP_SLO 0000000000000000 printf@GLIBC_2.2.5 + 0
000000601020 000200000007 R_X86_64_JUMP_SLO 0000000000000000 __libc_start_main@GLIBC_2.2.5 + 0
000000601028 000300000007 R_X86_64_JUMP_SLO 0000000000000000 __gmon_start__ + 0
The decoding of unwind sections for machine type Advanced Micro Devices X86-64 is not currently supported.
Symbol table '.dynsym' contains 4 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND
1: 0000000000000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.2.5 (2)
2: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.2.5 (2)
3: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__
Symbol table '.symtab' contains 69 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND
1: 0000000000400238 0 SECTION LOCAL DEFAULT 1
2: 0000000000400254 0 SECTION LOCAL DEFAULT 2
3: 0000000000400274 0 SECTION LOCAL DEFAULT 3
4: 0000000000400298 0 SECTION LOCAL DEFAULT 4
5: 00000000004002b8 0 SECTION LOCAL DEFAULT 5
6: 0000000000400318 0 SECTION LOCAL DEFAULT 6
7: 0000000000400358 0 SECTION LOCAL DEFAULT 7
8: 0000000000400360 0 SECTION LOCAL DEFAULT 8
9: 0000000000400380 0 SECTION LOCAL DEFAULT 9
10: 0000000000400398 0 SECTION LOCAL DEFAULT 10
11: 00000000004003e0 0 SECTION LOCAL DEFAULT 11
12: 0000000000400400 0 SECTION LOCAL DEFAULT 12
13: 0000000000400440 0 SECTION LOCAL DEFAULT 13
14: 0000000000400634 0 SECTION LOCAL DEFAULT 14
15: 0000000000400640 0 SECTION LOCAL DEFAULT 15
16: 0000000000400654 0 SECTION LOCAL DEFAULT 16
17: 0000000000400690 0 SECTION LOCAL DEFAULT 17
18: 0000000000600e10 0 SECTION LOCAL DEFAULT 18
19: 0000000000600e18 0 SECTION LOCAL DEFAULT 19
20: 0000000000600e20 0 SECTION LOCAL DEFAULT 20
21: 0000000000600e28 0 SECTION LOCAL DEFAULT 21
22: 0000000000600ff8 0 SECTION LOCAL DEFAULT 22
23: 0000000000601000 0 SECTION LOCAL DEFAULT 23
24: 0000000000601030 0 SECTION LOCAL DEFAULT 24
25: 0000000000601034 0 SECTION LOCAL DEFAULT 25
26: 0000000000000000 0 SECTION LOCAL DEFAULT 26
27: 0000000000000000 0 SECTION LOCAL DEFAULT 27
28: 0000000000000000 0 SECTION LOCAL DEFAULT 28
29: 0000000000000000 0 SECTION LOCAL DEFAULT 29
30: 0000000000000000 0 SECTION LOCAL DEFAULT 30
31: 0000000000000000 0 SECTION LOCAL DEFAULT 31
32: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c
33: 0000000000600e20 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__
34: 0000000000400470 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones
35: 00000000004004a0 0 FUNC LOCAL DEFAULT 13 register_tm_clones
36: 00000000004004e0 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux
37: 0000000000601034 1 OBJECT LOCAL DEFAULT 25 completed.6355
38: 0000000000600e18 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fin
39: 0000000000400500 0 FUNC LOCAL DEFAULT 13 frame_dummy
40: 0000000000600e10 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_
41: 0000000000000000 0 FILE LOCAL DEFAULT ABS t_assembly.c
42: 0000000000000000 0 FILE LOCAL DEFAULT ABS crtstuff.c
43: 00000000004007a0 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__
44: 0000000000600e20 0 OBJECT LOCAL DEFAULT 20 __JCR_END__
45: 0000000000000000 0 FILE LOCAL DEFAULT ABS
46: 0000000000600e18 0 NOTYPE LOCAL DEFAULT 18 __init_array_end
47: 0000000000600e28 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC
48: 0000000000600e10 0 NOTYPE LOCAL DEFAULT 18 __init_array_start
49: 0000000000400654 0 NOTYPE LOCAL DEFAULT 16 __GNU_EH_FRAME_HDR
50: 0000000000601000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_
51: 0000000000400630 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini
52: 0000000000601030 0 NOTYPE WEAK DEFAULT 24 data_start
53: 0000000000601034 0 NOTYPE GLOBAL DEFAULT 24 _edata
54: 0000000000400634 0 FUNC GLOBAL DEFAULT 14 _fini
55: 000000000040052d 94 FUNC GLOBAL DEFAULT 13 f
56: 0000000000000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.2.5
57: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_
58: 0000000000601030 0 NOTYPE GLOBAL DEFAULT 24 __data_start
59: 0000000000000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__
60: 0000000000400648 0 OBJECT GLOBAL HIDDEN 15 __dso_handle
61: 0000000000400640 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used
62: 00000000004005c0 101 FUNC GLOBAL DEFAULT 13 __libc_csu_init
63: 0000000000601038 0 NOTYPE GLOBAL DEFAULT 25 _end
64: 0000000000400440 0 FUNC GLOBAL DEFAULT 13 _start
65: 0000000000601034 0 NOTYPE GLOBAL DEFAULT 25 __bss_start
66: 000000000040058b 41 FUNC GLOBAL DEFAULT 13 main
67: 0000000000601038 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__
68: 00000000004003e0 0 FUNC GLOBAL DEFAULT 11 _init
Version symbols section '.gnu.version' contains 4 entries:
地址:0000000000400358 Offset: 0x000358 Link: 5 (.dynsym)
000: 0 (*本地*) 2 (GLIBC_2.2.5) 2 (GLIBC_2.2.5) 0 (*本地*)
Version needs section '.gnu.version_r' contains 1 entries:
地址:0x0000000000400360 Offset: 0x000360 Link: 6 (.dynstr)
000000: 版本: 1 文件:libc.so.6 计数:1
0x0010:名称:GLIBC_2.2.5 标志:无 版本:2
Displaying notes found at file offset 0x00000254 with length 0x00000020:
所有者 Data size Description
GNU 0x00000010 NT_GNU_ABI_TAG (ABI version tag)
OS: Linux, ABI: 2.6.32
Displaying notes found at file offset 0x00000274 with length 0x00000024:
所有者 Data size Description
GNU 0x00000014 NT_GNU_BUILD_ID (unique build ID bitstring)
Build ID: e9861963f99551d49974e36550e73ccc2c63480f
[hdp@cmd perfUcan]$
f、main的地址都已经匹配到
gdb attach 104168 查堆栈信息 x查内存地址信息
(gdb) backtrace #0 0x00007f32fee0b9b0 in __write_nocancel () from /lib64/libc.so.6 #1 0x00007f32fed96213 in _IO_new_file_write () from /lib64/libc.so.6 #2 0x00007f32fed97a2e in __GI__IO_do_write () from /lib64/libc.so.6 #3 0x00007f32fed96970 in __GI__IO_file_xsputn () from /lib64/libc.so.6 #4 0x00007f32fed646b7 in vfprintf () from /lib64/libc.so.6 #5 0x00007f32fed6f459 in printf () from /lib64/libc.so.6 #6 0x0000000000400584 in f () at t_assembly.c:13 #7 0x00000000004005b2 in main () at t_assembly.c:23 (gdb) x/3uh 0x400650 0x400650: 26984 0 6913 (gdb) x/3ub 0x400650 0x400650: 104 105 0 (gdb) x/16ub 0x400650 0x400650: 104 105 0 0 1 27 3 59 0x400658: 56 0 0 0 6 0 0 0 (gdb) x/16xb 0x400650 0x400650: 0x68 0x69 0x00 0x00 0x01 0x1b 0x03 0x3b 0x400658: 0x38 0x00 0x00 0x00 0x06 0x00 0x00 0x00
二进制 十进制 十六进制 缩写 Unicode
表示法 脱出字符
表示法 名称/意义
0000 0000 0 00 NUL ␀ ^@ 空字符(Null)
0000 0001 1 01 SOH ␁ ^A 标题开始
0000 0010 2 02 STX ␂ ^B 本文开始
0000 0011 3 03 ETX ␃ ^C 本文结束
001 1011 27 1B ESC ␛ ^[ 退出键
0011 1011 59 3B ;
二进制 十进制 十六进制 图形
0110 0000 96 60 `
0110 0001 97 61 a
0110 0010 98 62 b
0110 0011 99 63 c
0110 0100 100 64 d
0110 0101 101 65 e
0110 0110 102 66 f
0110 0111 103 67 g
0110 1000 104 68 h
0110 1001 105 69 i
0110 1010 106 6A j
将h i 赋值给edi
https://zhuanlan.zhihu.com/p/55896356
函数的第一行涉及rbp和rsp;这些是专用寄存器。
rbp是指向当前栈桢底部的基指针,rsp是指向当前栈桢顶部的堆栈指针。
(译者注:在很多翻译过来的书上,有些地方将Stack翻译为栈桢,有的地方叫堆栈,
只要知道这里的堆栈是指Stack,Heap没关系就好)
rbp = memory address of the base of the prev stack frame
rsp = memory address of the top of the stack
指针寄存器
SP(stack pointer)
BP(base pointer)
堆栈的内存地址越来越低,即向地址小的地方增长。
基指针或帧指针。它指向当前运行的函数的栈桢中的一个固定位置,并为访问函数参数和本地变量提供一个稳定的参考点(基)
{
MOV 指令将源操作数复制到目的操作数。作为数据传送(data transfer)指令,它几乎用在所有程序中。在它的基本格式中,第一个操作数是目的操作数,第二个操作数是源操作数:
MOV destination,source
其中,目的操作数的内容会发生改变,而源操作数不会改变。这种数据从右到左的移动与 C++ 或 Java 中的赋值语句相似:
dest = source;
在几乎所有的汇编语言指令中,左边的操作数是目标操作数,而右边的操作数是源操作数。只要按照如下原则,MOV 指令使用操作数是非常灵活的。
两个操作数必须是同样的大小。
两个操作数不能同时为内存操作数。
指令指针寄存器(IP、EIP 或 RIP)不能作为目标操作数。
}
https://www.oschina.net/translate/the-art-of-picking-intel-registers?lang=chs&p=1
EAX - 累加器寄存器
EBX - 基础寄存器
ECX - 计数器寄存器
EDX - 数据寄存器
ESI - 源指针
EDI - 目的地指针
EBP - 基本指针
ESP - 堆栈指针
EAX - Accumulator Register
EBX - Base Register
ECX - Counter Register
EDX - Data Register
ESI - Source Index
EDI - Destination Index
EBP - Base Pointer
ESP - Stack Pointer
在CPU中,有八个通用寄存器
ax (add,代表相加,累加的意思)累加寄存器
bx (base,代表基地址,存放地址的寄存器) 基址寄存器
cx (count,个数,代表统计的意思)计数寄存器
dx (data,数据) 数据寄存器
SI (source) 源寄存器,存放源地址的内容的寄存器
DI (Dest) 目标寄存器,从源寄存器中memcpy到目标寄存器中
BP (base Point) 堆栈,理解为栈底指针,每次在栈中移动数据,出栈进栈,都会更新.记录的是当前的栈底
SP () 堆栈栈顶指针.
16位汇编第一讲简介
https://www.cnblogs.com/iBinary/p/7446164.html
32位汇编第一讲x86和8086的区别,以及OllyDbg调试器的使用
https://www.cnblogs.com/iBinary/p/7508144.html
一丶32位(x86也称为80386)与8086(16位)汇编的区别
1.寄存器的改变
AX 变为 EAX 可以这样想,16位通用寄存器前边都加个E开头
例如:
EAX EBX ECX EDX ESI EDI ESP EBP ;八个寄存器
EIP EFLAGES ;特殊寄存器
CS ES SS DS GS FS ;其中GS FS是新增加的寄存器,这些段寄存器,并不是4个字节(32位的)还是以前16位的
注意在32位下没有分段的概念的,因为寻址能力是 0- FFFFFFFF ,在当时的inter认为当初的4G已经很厉害了,那是后最好的内存才1G,放到现在看
我们感觉4G不够用了,但也是近几年才开始用的8G
有分区的概念,比如我们16位汇编中,给代码分段的时候,顺便分了一下区,分区是为了更好的管理代码的编写
https://sourceware.org/gdb/current/onlinedocs/gdb/Memory.html
u10进制 x16
(gdb) x/16ub 0x400650
0x400650: 104 105 0 0 1 27 3 59
0x400658: 56 0 0 0 6 0 0 0
(gdb) x/16xb 0x400650
0x400650: 0x68 0x69 0x00 0x00 0x01 0x1b 0x03 0x3b
0x400658: 0x38 0x00 0x00 0x00 0x06 0x00 0x00 0x00
环境信息
[hdp@cmd ~]$ cat /proc/version Linux version 3.10.0-1062.4.1.el7.x86_64 (mockbuild@kbuilder.bsys.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC) ) #1 SMP Fri Oct 18 17:15:30 UTC 2019 [hdp@cmd ~]$ cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 79 model name : Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz stepping : 1 microcode : 0xffffffff cpu MHz : 2095.146 cache size : 20480 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 1 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 20 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ibrs ibpb stibp fsgsbase bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt spec_ctrl intel_stibp arch_capabilities bogomips : 4190.29 clflush size : 64 cache_alignment : 64 address sizes : 44 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 79 model name : Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz stepping : 1 microcode : 0xffffffff cpu MHz : 2095.146 cache size : 20480 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 1 apicid : 1 initial apicid : 1 fpu : yes fpu_exception : yes cpuid level : 20 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ibrs ibpb stibp fsgsbase bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt spec_ctrl intel_stibp arch_capabilities bogomips : 4190.29 clflush size : 64 cache_alignment : 64 address sizes : 44 bits physical, 48 bits virtual power management: [hdp@cmd ~]$