看下面的代码: (ebp-0x8 - > int) (ebp-0x4 - > int *)
=> 0x80483f3 <main+6>: mov DWORD PTR [ebp-0x8],0x0 0x80483fa <main+13>: mov DWORD PTR [ebp-0x4],0x0 0x8048401 <main+20>: mov DWORD PTR [ebp-0x8],0xa 0x8048408 <main+27>: lea eax,[ebp-0x8] 0x804840b <main+30>: mov DWORD PTR [ebp-0x4],eax 0x804840e <main+33>: mov eax,0x0 0x8048413 <main+38>: leave 0x8048414 <main+39>: retLEA命令真的需要吗? 我知道以下表达式是错误的并且无效,无论左边是否有错误的地址,但是没有类似的方法可以像这样做吗?
=> 0x80483f3 <main+6>: mov DWORD PTR [ebp-0x8],0x0 0x80483fa <main+13>: mov DWORD PTR [ebp-0x4],0x0 0x8048401 <main+20>: mov DWORD PTR [ebp-0x8],0xa 0x804840b <main+30>: mov DWORD PTR [ebp-0x4],ebp-0x8 0x804840e <main+33>: mov eax,0x0 0x8048413 <main+38>: leave 0x8048414 <main+39>: ret我认为这不可能,但我想确定。
最后一个问题,表达式ebp-0x8理论上会返回“ ebp寄存器的内容减去0x8 ” 。 因此表达式[ebp-0x8]将返回地址“ ebp寄存器的内容减去0x8 ”的内存内容 。 现在我想知道如果LEA命令只获取内存中某些字节的内容,LEA命令如何获取内存地址。
对不起,如果有一些愚蠢的问题,但[]有时会非常混乱。
looking at the following code: (ebp-0x8 -> int) (ebp-0x4 -> int*)
=> 0x80483f3 <main+6>: mov DWORD PTR [ebp-0x8],0x0 0x80483fa <main+13>: mov DWORD PTR [ebp-0x4],0x0 0x8048401 <main+20>: mov DWORD PTR [ebp-0x8],0xa 0x8048408 <main+27>: lea eax,[ebp-0x8] 0x804840b <main+30>: mov DWORD PTR [ebp-0x4],eax 0x804840e <main+33>: mov eax,0x0 0x8048413 <main+38>: leave 0x8048414 <main+39>: retIs the LEA command at really needed? I know the following expression is wrong and not valid, regardless the wrong addresses on the left, but is there no similarly way to make it like this?
=> 0x80483f3 <main+6>: mov DWORD PTR [ebp-0x8],0x0 0x80483fa <main+13>: mov DWORD PTR [ebp-0x4],0x0 0x8048401 <main+20>: mov DWORD PTR [ebp-0x8],0xa 0x804840b <main+30>: mov DWORD PTR [ebp-0x4],ebp-0x8 0x804840e <main+33>: mov eax,0x0 0x8048413 <main+38>: leave 0x8048414 <main+39>: retI think its not possible but I wanted to get sure.
And last question, the expression ebp-0x8 would theoretically return the "content of the ebp register minus 0x8". So the expression [ebp-0x8] would return the content of the memory at the address "content of the ebp register minus 0x8". Now I am wondering how the LEA command can get the memory address if its only get the content of some bytes in the memory.
Sorry if there are some dumb questions but the [ ] can sometimes be very confusing.
最满意答案
为了使您的第二个代码段有效,您需要将减法作为单独的指令。 换句话说,而不是
DWORD PTR [ebp-0x4],ebp-0x8你需要的
mov eax,ebp sub eax,0x8 mov DWORD PTR [ebp-0x4],ax使用lea的优点是它结合了算术运算和mov指令。 所以而不是两个指令
mov eax,ebp sub eax,0x8你可以使用单一指令
lea eax,[ebp-0x8]lea指令意味着“加载有效地址”。 第二个操作数指定地址,计算该地址所需的任何计算都由处理器中的地址生成逻辑完成。
另一方面, sub指令使用处理器的通用算术逻辑单元(ALU)。
总之, lea指令通过使用处理器的地址生成逻辑将两个指令组合成一个,以执行否则需要在ALU中完成的数学计算。
In order to make your second code snippet work, you would need to do the subtraction as a separate instruction. In other words, instead of
DWORD PTR [ebp-0x4],ebp-0x8you would need
mov eax,ebp sub eax,0x8 mov DWORD PTR [ebp-0x4],axThe advantage of using lea is that it combines an arithmetic operation with a mov instruction. So instead of two instructions
mov eax,ebp sub eax,0x8you can use the single instruction
lea eax,[ebp-0x8]The lea instruction means "load the effective address". The second operand specifies the address, and any calculations necessary to compute that address are done by the address generation logic in the processor.
The sub instruction, on the other hand, uses the general purpose arithmetic logic unit (ALU) of the processor.
In summary, the lea instruction combines two instructions into one by using the address generation logic of the processor to perform a mathematical calculation that would otherwise need to be done in the ALU.
更多推荐
发布评论