汇编指令学习
1 栈和过程调用
```00000000 :
0: 55 push %ebp
1: 89 e5 mov %esp,%ebp
3: 83 ec 10 sub $0x10,%esp
6: 8b 45 08 mov 0x8(%ebp),%eax
9: 8b 00 mov (%eax),%eax
b: 89 45 fc mov %eax,-0x4(%ebp)
e: 8b 45 0c mov 0xc(%ebp),%eax
11: 8b 10 mov (%eax),%edx
13: 8b 45 08 mov 0x8(%ebp),%eax
16: 89 10 mov %edx,(%eax)
18: 8b 45 0c mov 0xc(%ebp),%eax
1b: 8b 55 fc mov -0x4(%ebp),%edx
1e: 89 10 mov %edx,(%eax)
20: c9 leave
21: c3 ret 详解:
```00000000: 0: 55 push %ebp1: 89 e5 mov %esp,%ebp3: 83 ec 10 sub $0x10,%esp //分配16字节空间(10进制6: 8b 45 08 mov 0x8(%ebp),%eax //M[0x8(%ebp)]的参数移到%eax9: 8b 00 mov (%eax),%eax //将%eax指向的内存地址移到寄存器%eaxb: 89 45 fc mov %eax,-0x4(%ebp) //将%eax的值赋给基址-0x4(%ebp)e: 8b 45 0c mov 0xc(%ebp),%eax //M[0xc(%ebp)]的参数移到%eax11: 8b 10 mov (%eax),%edx13: 8b 45 08 mov 0x8(%ebp),%eax16: 89 10 mov %edx,(%eax) //将%edx指向的值移到%eax指向的内存地址18: 8b 45 0c mov 0xc(%ebp),%eax //1b: 8b 55 fc mov -0x4(%ebp),%edx //1e: 89 10 mov %edx,(%eax) //将%edx指向的值移到%eax指向的内存地址20: c9 leave21: c3 ret
C语言代码参考
int swap(int *x,int*y){
//**********Begin**********
int t;
t=*x;
*x=*y;
*y=t;
//**********End**********
} 2 条件/选择结构分析
2.1 if else条件选择结构
08049172 :
8049172: 8d 4c 24 04 lea 0x4(%esp),%ecx
8049176: 83 e4 f0 and $0xfffffff0,%esp
8049179: ff 71 fc pushl -0x4(%ecx)
804917c: 55 push %ebp
804917d: 89 e5 mov %esp,%ebp
804917f: 51 push %ecx
8049180: 83 ec 14 sub $0x14,%esp
8049183: 83 ec 04 sub $0x4,%esp
8049186: 8d 45 f0 lea -0x10(%ebp),%eax
8049189: 50 push %eax
804918a: 8d 45 f4 lea -0xc(%ebp),%eax
804918d: 50 push %eax
804918e: 68 08 a0 04 08 push $0x804a008
8049193: e8 b8 fe ff ff call 8049050 <__isoc99_scanf@plt>
8049198: 83 c4 10 add $0x10,%esp
804919b: 8b 55 f4 mov -0xc(%ebp),%edx
804919e: 8b 45 f0 mov -0x10(%ebp),%eax
80491a1: 39 c2 cmp %eax,%edx
80491a3: 7e 18 jle 80491bd
80491a5: 8b 55 f0 mov -0x10(%ebp),%edx
80491a8: 8b 45 f4 mov -0xc(%ebp),%eax
80491ab: 83 ec 04 sub $0x4,%esp
80491ae: 52 push %edx
80491af: 50 push %eax
80491b0: 68 0d a0 04 08 push $0x804a00d
80491b5: e8 76 fe ff ff call 8049030
80491ba: 83 c4 10 add $0x10,%esp
80491bd: 8b 55 f4 mov -0xc(%ebp),%edx
80491c0: 8b 45 f0 mov -0x10(%ebp),%eax
80491c3: 39 c2 cmp %eax,%edx
80491c5: 75 1a jne 80491e1
80491c7: 8b 55 f0 mov -0x10(%ebp),%edx
80491ca: 8b 45 f4 mov -0xc(%ebp),%eax
80491cd: 83 ec 04 sub $0x4,%esp
80491d0: 52 push %edx
80491d1: 50 push %eax
80491d2: 68 15 a0 04 08 push $0x804a015
80491d7: e8 54 fe ff ff call 8049030
80491dc: 83 c4 10 add $0x10,%esp
80491df: eb 18 jmp 80491f9
80491e1: 8b 55 f0 mov -0x10(%ebp),%edx
80491e4: 8b 45 f4 mov -0xc(%ebp),%eax
80491e7: 83 ec 04 sub $0x4,%esp
80491ea: 52 push %edx
80491eb: 50 push %eax
80491ec: 68 1d a0 04 08 push $0x804a01d
80491f1: e8 3a fe ff ff call 8049030
80491f6: 83 c4 10 add $0x10,%esp
80491f9: b8 00 00 00 00 mov $0x0,%eax
80491fe: 8b 4d fc mov -0x4(%ebp),%ecx
8049201: c9 leave
8049202: 8d 61 fc lea -0x4(%ecx),%esp
8049205: c3 ret 详解:
08049172: 8049172: 8d 4c 24 04 lea 0x4(%esp),%ecx8049176: 83 e4 f0 and $0xfffffff0,%esp //16字节对齐8049179: ff 71 fc pushl -0x4(%ecx)804917c: 55 push %ebp804917d: 89 e5 mov %esp,%ebp804917f: 51 push %ecx //把%ecx压入栈8049180: 83 ec 14 sub $0x14,%esp8049183: 83 ec 04 sub $0x4,%esp8049186: 8d 45 f0 lea -0x10(%ebp),%eax //8049189: 50 push %eax804918a: 8d 45 f4 lea -0xc(%ebp),%eax804918d: 50 push %eax804918e: 68 08 a0 04 08 push $0x804a0088049193: e8 b8 fe ff ff call 8049050 <__isoc99_scanf@plt> //调用scanf8049198: 83 c4 10 add $0x10,%esp //回收栈上的空间804919b: 8b 55 f4 mov -0xc(%ebp),%edx // 内存的值赋给%edx804919e: 8b 45 f0 mov -0x10(%ebp),%eax // 内存的值赋给%eax80491a1: 39 c2 cmp %eax,%edx //比较eax与edx80491a3: 7e 18 jle 80491bd80491a5: 8b 55 f0 mov -0x10(%ebp),%edx80491a8: 8b 45 f4 mov -0xc(%ebp),%eax80491ab: 83 ec 04 sub $0x4,%esp80491ae: 52 push %edx80491af: 50 push %eax80491b0: 68 0d a0 04 08 push $0x804a00d80491b5: e8 76 fe ff ff call 804903080491ba: 83 c4 10 add $0x10,%esp80491bd: 8b 55 f4 mov -0xc(%ebp),%edx80491c0: 8b 45 f0 mov -0x10(%ebp),%eax80491c3: 39 c2 cmp %eax,%edx80491c5: 75 1a jne 80491e180491c7: 8b 55 f0 mov -0x10(%ebp),%edx80491ca: 8b 45 f4 mov -0xc(%ebp),%eax80491cd: 83 ec 04 sub $0x4,%esp80491d0: 52 push %edx80491d1: 50 push %eax80491d2: 68 15 a0 04 08 push $0x804a01580491d7: e8 54 fe ff ff call 804903080491dc: 83 c4 10 add $0x10,%esp80491df: eb 18 jmp 80491f980491e1: 8b 55 f0 mov -0x10(%ebp),%edx80491e4: 8b 45 f4 mov -0xc(%ebp),%eax80491e7: 83 ec 04 sub $0x4,%esp80491ea: 52 push %edx80491eb: 50 push %eax80491ec: 68 1d a0 04 08 push $0x804a01d80491f1: e8 3a fe ff ff call 804903080491f6: 83 c4 10 add $0x10,%esp80491f9: b8 00 00 00 00 mov $0x0,%eax80491fe: 8b 4d fc mov -0x4(%ebp),%ecx8049201: c9 leave8049202: 8d 61 fc lea -0x4(%ecx),%esp8049205: c3 ret
C语言代码参考
#include
int main()
{
int a, b;
scanf("%d%d", &a, &b);
printf("评测结果:成功\n评测脚本:C\n返回结果:");//此行不在汇编代码中
//**********Begin**********
if(a>b)
//**********End************
printf("%d > %d", a, b);
//**********Begin**********
if(a==b)
//**********End************
printf("%d = %d", a, b);
//**********Begin**********
if(a
2.2 switch选择结构
08049182 :
8049182: 8d 4c 24 04 lea 0x4(%esp),%ecx
8049186: 83 e4 f0 and $0xfffffff0,%esp
8049189: ff 71 fc pushl -0x4(%ecx)
804918c: 55 push %ebp
804918d: 89 e5 mov %esp,%ebp
804918f: 51 push %ecx
8049190: 83 ec 14 sub $0x14,%esp
8049193: 83 ec 08 sub $0x8,%esp
8049196: 8d 45 f4 lea -0xc(%ebp),%eax
8049199: 50 push %eax
804919a: 68 08 a0 04 08 push $0x804a008
804919f: e8 bc fe ff ff call 8049060 <__isoc99_scanf@plt>
80491a4: 83 c4 10 add $0x10,%esp
80491a7: 83 ec 0c sub $0xc,%esp
80491aa: 68 0c a0 04 08 push $0x804a00c
80491af: e8 7c fe ff ff call 8049030
80491b4: 83 c4 10 add $0x10,%esp
80491b7: 8b 45 f4 mov -0xc(%ebp),%eax
80491ba: 83 f8 06 cmp $0x6,%eax
80491bd: 77 73 ja 8049232
80491bf: 8b 04 85 54 a0 04 08 mov 0x804a054(,%eax,4),%eax
80491c6: ff e0 jmp *%eax
80491c8: 83 ec 0c sub $0xc,%esp
80491cb: 68 43 a0 04 08 push $0x804a043
80491d0: e8 6b fe ff ff call 8049040
80491d5: 83 c4 10 add $0x10,%esp
80491d8: eb 69 jmp 8049243
80491da: 83 ec 0c sub $0xc,%esp
80491dd: 68 45 a0 04 08 push $0x804a045
80491e2: e8 59 fe ff ff call 8049040
80491e7: 83 c4 10 add $0x10,%esp
80491ea: eb 57 jmp 8049243
80491ec: 83 ec 0c sub $0xc,%esp
80491ef: 68 47 a0 04 08 push $0x804a047
80491f4: e8 47 fe ff ff call 8049040
80491f9: 83 c4 10 add $0x10,%esp
80491fc: eb 45 jmp 8049243
80491fe: 83 ec 0c sub $0xc,%esp
8049201: 68 49 a0 04 08 push $0x804a049
8049206: e8 35 fe ff ff call 8049040
804920b: 83 c4 10 add $0x10,%esp
804920e: eb 33 jmp 8049243
8049210: 83 ec 0c sub $0xc,%esp
8049213: 68 4b a0 04 08 push $0x804a04b
8049218: e8 23 fe ff ff call 8049040
804921d: 83 c4 10 add $0x10,%esp
8049220: 83 ec 0c sub $0xc,%esp
8049223: 68 4d a0 04 08 push $0x804a04d
8049228: e8 13 fe ff ff call 8049040
804922d: 83 c4 10 add $0x10,%esp
8049230: eb 11 jmp 8049243
8049232: 83 ec 0c sub $0xc,%esp
8049235: 68 4f a0 04 08 push $0x804a04f
804923a: e8 01 fe ff ff call 8049040
804923f: 83 c4 10 add $0x10,%esp
8049242: 90 nop
8049243: b8 00 00 00 00 mov $0x0,%eax
8049248: 8b 4d fc mov -0x4(%ebp),%ecx
804924b: c9 leave
804924c: 8d 61 fc lea -0x4(%ecx),%esp
804924f: c3 ret 详解:只看switch部分
80491b7: 8b 45 f4 mov -0xc(%ebp),%eax //把-0xc(%ebp)赋给%eax80491ba: 83 f8 06 cmp $0x6,%eax80491bd: 77 73 ja 804923280491bf: 8b 04 85 54 a0 04 08 mov 0x804a054(,%eax,4),%eax80491c6: ff e0 jmp *%eax //间接跳转 跳到eax对应的值内80491c8: 83 ec 0c sub $0xc,%esp80491cb: 68 43 a0 04 08 push $0x804a04380491d0: e8 6b fe ff ff call 804904080491d5: 83 c4 10 add $0x10,%esp80491d8: eb 69 jmp 804924380491da: 83 ec 0c sub $0xc,%esp80491dd: 68 45 a0 04 08 push $0x804a04580491e2: e8 59 fe ff ff call 804904080491e7: 83 c4 10 add $0x10,%esp80491ea: eb 57 jmp 804924380491ec: 83 ec 0c sub $0xc,%esp80491ef: 68 47 a0 04 08 push $0x804a04780491f4: e8 47 fe ff ff call 804904080491f9: 83 c4 10 add $0x10,%esp80491fc: eb 45 jmp 804924380491fe: 83 ec 0c sub $0xc,%esp8049201: 68 49 a0 04 08 push $0x804a0498049206: e8 35 fe ff ff call 8049040804920b: 83 c4 10 add $0x10,%esp804920e: eb 33 jmp 80492438049210: 83 ec 0c sub $0xc,%esp8049213: 68 4b a0 04 08 push $0x804a04b8049218: e8 23 fe ff ff call 8049040804921d: 83 c4 10 add $0x10,%esp8049220: 83 ec 0c sub $0xc,%esp8049223: 68 4d a0 04 08 push $0x804a04d8049228: e8 13 fe ff ff call 8049040804922d: 83 c4 10 add $0x10,%esp8049230: eb 11 jmp 80492438049232: 83 ec 0c sub $0xc,%esp8049235: 68 4f a0 04 08 push $0x804a04f804923a: e8 01 fe ff ff call 8049040804923f: 83 c4 10 add $0x10,%esp8049242: 90 nop8049243: b8 00 00 00 00 mov $0x0,%eax8049248: 8b 4d fc mov -0x4(%ebp),%ecx804924b: c9 leave804924c: 8d 61 fc lea -0x4(%ecx),%esp804924f: c3 ret
C语言代码参考
#include
int main()
{
int a;
scanf("%d", &a);
printf("评测结果:成功\n评测脚本:C\n返回结果:");
switch (a)
{
case 1:
printf("1\n");
break;
//**********Begin********
case 2:
printf("2\n");
break;
case 3:
printf("3\n");
break;
case 4:
printf("4\n");
break;
case 5:
printf("5\n");
printf("6\n");
break;
case 6:
printf("6\n");
break;
default: printf("else"); break;
//**********End**********
}
return 0;
} 3 循环结构分析
3.1 for 循环结构
08049172 :
8049172: 8d 4c 24 04 lea 0x4(%esp),%ecx
8049176: 83 e4 f0 and $0xfffffff0,%esp
8049179: ff 71 fc pushl -0x4(%ecx)
804917c: 55 push %ebp
804917d: 89 e5 mov %esp,%ebp
804917f: 51 push %ecx
8049180: 83 ec 14 sub $0x14,%esp
8049183: c7 45 f4 00 00 00 00 movl $0x0,-0xc(%ebp)
804918a: 83 ec 08 sub $0x8,%esp
804918d: 8d 45 f0 lea -0x10(%ebp),%eax
8049190: 50 push %eax
8049191: 68 08 a0 04 08 push $0x804a008
8049196: e8 b5 fe ff ff call 8049050 <__isoc99_scanf@plt>
804919b: 83 c4 10 add $0x10,%esp
804919e: eb 0c jmp 80491ac
80491a0: 8b 55 f0 mov -0x10(%ebp),%edx
80491a3: 8b 45 f0 mov -0x10(%ebp),%eax
80491a6: 0f af c2 imul %edx,%eax
80491a9: 01 45 f4 add %eax,-0xc(%ebp)
80491ac: 8b 45 f0 mov -0x10(%ebp),%eax
80491af: 8d 50 ff lea -0x1(%eax),%edx
80491b2: 89 55 f0 mov %edx,-0x10(%ebp)
80491b5: 85 c0 test %eax,%eax
80491b7: 75 e7 jne 80491a0
80491b9: 83 ec 08 sub $0x8,%esp
80491bc: ff 75 f4 pushl -0xc(%ebp)
80491bf: 68 08 a0 04 08 push $0x804a008
80491c4: e8 67 fe ff ff call 8049030
80491c9: 83 c4 10 add $0x10,%esp
80491cc: b8 00 00 00 00 mov $0x0,%eax
80491d1: 8b 4d fc mov -0x4(%ebp),%ecx
80491d4: c9 leave
80491d5: 8d 61 fc lea -0x4(%ecx),%esp
80491d8: c3 ret 详解:只看for循环结构
804919e: c7 45 f4 00 00 00 00 movl $0x0,-0xc(%ebp) //把立即数0赋给地址80491a5: eb 0a jmp 80491b180491a7: 8b 45 f4 mov -0xc(%ebp),%eax //i值传递80491aa: 01 45 f0 add %eax,-0x10(%ebp)// i+sum80491ad: 83 45 f4 01 addl $0x1,-0xc(%ebp)//i++80491b1: 8b 45 ec mov -0x14(%ebp),%eax //n值传递80491b4: 39 45 f4 cmp %eax,-0xc(%ebp) //比较i与n80491b7: 7c ee jl 80491a780491b9: 83 ec 08 sub $0x8,%esp80491bc: ff 75 f0 pushl -0x10(%ebp)80491bf: 68 08 a0 04 08 push $0x804a00880491c4: e8 67 fe ff ff call 804903080491c9: 83 c4 10 add $0x10,%esp80491cc: b8 00 00 00 00 mov $0x0,%eax80491d1: 8b 4d fc mov -0x4(%ebp),%ecx80491d4: c9 leave80491d5: 8d 61 fc lea -0x4(%ecx),%esp80491d8: c3 ret
C语言代码参考
#include
int main()
{
int n, i, sum = 0;
scanf("%d", &n);
printf("评测结果:成功\n评测脚本:C\n返回结果:");//此行不在汇编代码中
//**********Begin**********
for(i=1;i 3.2 while 循环结构
08049172 :
8049172: 8d 4c 24 04 lea 0x4(%esp),%ecx
8049176: 83 e4 f0 and $0xfffffff0,%esp
8049179: ff 71 fc pushl -0x4(%ecx)
804917c: 55 push %ebp
804917d: 89 e5 mov %esp,%ebp
804917f: 51 push %ecx
8049180: 83 ec 14 sub $0x14,%esp
8049183: c7 45 f4 00 00 00 00 movl $0x0,-0xc(%ebp)
804918a: 83 ec 08 sub $0x8,%esp
804918d: 8d 45 f0 lea -0x10(%ebp),%eax
8049190: 50 push %eax
8049191: 68 08 a0 04 08 push $0x804a008
8049196: e8 b5 fe ff ff call 8049050 <__isoc99_scanf@plt>
804919b: 83 c4 10 add $0x10,%esp
804919e: eb 0c jmp 80491ac
80491a0: 8b 55 f0 mov -0x10(%ebp),%edx
80491a3: 8b 45 f0 mov -0x10(%ebp),%eax
80491a6: 0f af c2 imul %edx,%eax
80491a9: 01 45 f4 add %eax,-0xc(%ebp)
80491ac: 8b 45 f0 mov -0x10(%ebp),%eax
80491af: 8d 50 ff lea -0x1(%eax),%edx
80491b2: 89 55 f0 mov %edx,-0x10(%ebp)
80491b5: 85 c0 test %eax,%eax
80491b7: 75 e7 jne 80491a0
80491b9: 83 ec 08 sub $0x8,%esp
80491bc: ff 75 f4 pushl -0xc(%ebp)
80491bf: 68 08 a0 04 08 push $0x804a008
80491c4: e8 67 fe ff ff call 8049030
80491c9: 83 c4 10 add $0x10,%esp
80491cc: b8 00 00 00 00 mov $0x0,%eax
80491d1: 8b 4d fc mov -0x4(%ebp),%ecx
80491d4: c9 leave
80491d5: 8d 61 fc lea -0x4(%ecx),%esp
80491d8: c3 ret 详解:只看while循环结构
804919e: eb 0c jmp 80491ac80491a0: 8b 55 f0 mov -0x10(%ebp),%edx80491a3: 8b 45 f0 mov -0x10(%ebp),%eax80491a6: 0f af c2 imul %edx,%eax80491a9: 01 45 f4 add %eax,-0xc(%ebp) //sum=sum+n*n80491ac: 8b 45 f0 mov -0x10(%ebp),%eax80491af: 8d 50 ff lea -0x1(%eax),%edx //减去一80491b2: 89 55 f0 mov %edx,-0x10(%ebp)80491b5: 85 c0 test %eax,%eax80491b7: 75 e7 jne 80491a080491b9: 83 ec 08 sub $0x8,%esp80491bc: ff 75 f4 pushl -0xc(%ebp)80491bf: 68 08 a0 04 08 push $0x804a00880491c4: e8 67 fe ff ff call 804903080491c9: 83 c4 10 add $0x10,%esp80491cc: b8 00 00 00 00 mov $0x0,%eax80491d1: 8b 4d fc mov -0x4(%ebp),%ecx80491d4: c9 leave80491d5: 8d 61 fc lea -0x4(%ecx),%esp80491d8: c3 ret
C语言代码参考
#include
int main()
{
int n, sum = 0;
scanf("%d", &n);
printf("评测结果:成功\n评测脚本:C\n返回结果:");//此行不在汇编代码中
//**********Begin********
while(n>0)
{
n--;
sum=sum+n*n;
}
//**********End**********
printf("%d", sum);
return 0;
}