C++反汇编揭秘1 – 一个简单C++程序反汇编解析 (Rev. 3) - [C/C++] 淩亂°似流年 2022-08-27 06:00 163阅读 0赞 [版权声明][Link 1]:转载时请以超链接形式标明文章原始出处和作者信息及 [本声明][Link 2] [http://joshuafan.blogbus.com/logs/10066721.html][http_joshuafan.blogbus.com_logs_10066721.html] [http://blog.csdn.net/ATField/archive/2006/11/14/1382694.aspx][http_blog.csdn.net_ATField_archive_2006_11_14_1382694.aspx] 如果想要了解C++ 内部的实现原理,没有什么比观察C++代码对应的汇编代码来的更直接了。本系列主要从汇编角度研究C++代码和汇编的对应关系,揭示C++ 内部的机制和原理。在第一篇文章中我将从一个简单的C++程序着手快速解释一下C++反汇编代码的基本的结构和内容,相当于一个简单的Preview。而在后续的文章中,我将根据不同的Topic,详细解释C++代码对应的反汇编代码。 一个简单的C++ 程序示例如下: <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 6.15in; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">class my_class</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">{ </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">public :</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> my_class()</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> { </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> m_member = 1;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> }</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> void method(int n)</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> { </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> m_member = n;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> }</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> ~my_class()</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> { </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> m_member = 0;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> }</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">private :</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> int m_member;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">};</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">int _tmain(int argc, _TCHAR* argv[])</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">{ </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> my_class a_class;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> a_class.method(10);</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> return 0;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">}</span> </div> </td> </tr> </tbody> </table> 可以直接Debug的时候看到Assembly代码,不过这样获得的代码注释比较少。比较理想的方法是利用VC编译器的一个选项/FAs来生成对应的汇编代码。/FAs还会在汇编代码中加入注释注明和C++代码的对应关系,十分有助于分析。在VS2005中可以这样打开/FAs: ![o_cpp_disasm_1_1.JPG][] Build代码,可以在输出目录下发现对应的.ASM文件。本文将逐句分析汇编代码和C++的对应关系。 首先是WinMain: <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 10in; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">_TEXT SEGMENT</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">_wmain PROC</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ebp <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存旧的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ebp, esp <span style="COLOR: #943634">; ebp</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存当前栈的位置</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push -1 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">建立</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">SEH(Structured Exception Handler)</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">链</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> <span style="COLOR: #943634">; -1</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">表示表头</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">没有</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">Prev</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push __ehhandler$_wmain <span style="COLOR: #943634">; SEH</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">异常处理程序的地址</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, DWORD PTR fs:0 <span style="COLOR: #943634">; fs:0</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">指向</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">TEB</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的内容,头</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">4</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">个字节是当前</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">SEH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">链的地址</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push eax <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存起来</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> sub esp, d8H <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">分配</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">d8H</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">字节的空间</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ebx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push esi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push edi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea edi, DWORD PTR [ebp-e4H] <span style="COLOR: #943634">; 确定局部变量的起始地址。e4H = d8H + 4 * 3</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,跳过之前建立SEH链所用的3个Push指令所占用的栈的空间,以及sub esp, d8h为局部变量分配的d8H字节空间</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ecx, 36H <span style="COLOR: #943634">; 36H*4H=d8H</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,也就是用</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">36H</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">个</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ccccccccH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">填满刚才分配的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">d8H</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">字节空间</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, ccccccccH</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> rep stosd</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, DWORD PTR ___security_cookie </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> xor eax, ebp </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push eax <span style="COLOR: #943634">; ebp ^ __security_cookie</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">压栈保存</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea eax, DWORD PTR [ebp-0cH] <span style="COLOR: #943634">; ebp-0cH</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">是之前</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">main的起始代码中在堆栈中建立的SEH结构的首地址</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR fs:0, eax <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">设置到</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">TEB</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">中作为当前</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">Active</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">SEH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">链表末尾</span> </div> </td> </tr> </tbody> </table> 到此为止栈的内容是这样的: 低地址 <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; BORDER-TOP: windowtext 1pt solid; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">Security cookie after XOR</span> </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> Edi </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> Esi </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> Ebx </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> Local stack: d8H </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> Old fs:0 </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> __ehhandler$_wmain </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> ffffffffH </div> </td> </tr> <tr style="HEIGHT: 12.6pt"> <td style="BORDER-RIGHT: windowtext 1pt solid; PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: windowtext 1pt solid; WIDTH: 193.1pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; BORDER-BOTTOM: windowtext 1pt solid; HEIGHT: 12.6pt; BACKGROUND-COLOR: transparent"> <div style="MARGIN: 0in 0in 0pt"> Old ebp </div> </td> </tr> </tbody> </table> 高地址 main接着后面调用my\_class的构造函数 <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 59.85pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 10in; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 59.85pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea ecx, DWORD PTR [ebp-14H]</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> call ??0my_class@@QAE@XZ <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">调用</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">my_class::my_class, ??my_class@@QAE@XZ</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">是经过</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">Name Mangling</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">后的名字</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR [ebp-4], 0 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">进入</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">__try</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">块,在</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">Main</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">中有一个隐式的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">__try/__except</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">块</span> </div> </td> </tr> </tbody> </table> 接着调用my\_class::method: <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 63pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 567pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 63pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push 10 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">参数入栈</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea ecx, DWORD PTR [ebp-14H] <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">遵循</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">thiscall</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">调用协定,</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ecx</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">存放的是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">this</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">指针</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> call ?method@my_class@@QAEXH@Z <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">调用子程序</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">my_class:method(10)</span> </div> </td> </tr> </tbody> </table> 之后是析构: <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 63.9pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 567pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 63.9pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR [ebp-e0H], 0 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">用来放置返回值</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR [ebp-4], -1 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">标记</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">TRY</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的正常结束</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea ecx, DWORD PTR [ebp-14H] <span style="COLOR: #943634">; a_class</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的地址作为</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">this</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">存入</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ECX</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> call ??1my_class@@QAE@XZ <span style="COLOR: #943634">; my_class::~my_class</span></span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, DWORD PTR [ebp-e0H] <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">返回值按照约定放入</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">eax</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">中</span> </div> </td> </tr> </tbody> </table> Main函数退出代码如下: <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 63.9pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 567pt; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 63.9pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push edx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ecx, ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push eax</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea edx, DWORD PTR $LN7@wmain</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> call @_RTC_CheckStackVars@8 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">检查栈</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop eax</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop edx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ecx, DWORD PTR [ebp-0cH] <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">取出之前保存的旧的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">fs:0</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,并恢复</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR fs:0, ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop edi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop esi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ebx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> add esp, e4H <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">退掉分配的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">d8H + </span> <span style="FONT-SIZE: 10pt; COLOR: #943634">建立</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">SEH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">链所需的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">0cH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">字节</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> cmp ebp, esp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> call __RTC_CheckEsp <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">检查</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">esp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">值,这个时候</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">esp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">应该和</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">匹配,否则说明出现了栈不平衡的情况,这种情况下调用子程序报错</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov esp, ebp <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">恢复</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">到</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">esp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ebp <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">恢复原来的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">值</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> ret 0</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">_wmain ENDP</span> </div> </td> </tr> </tbody> </table> 专门用于SEH的子程序。\_\_unwindfunclet$\_wmain$0当异常发生的时候被调,负责进行栈展开,主要是调用析构函数。\_\_ehhandler$\_wmain则是在exception被抛出的时候调用。 <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 63.9pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 10in; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 63.9pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">Text$x SEGMENT</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">__unwindfunclet$_wmain$0: <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">当</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">SEH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">发生的时候会调用该函数,析购</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">a_class</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea ecx, DWORD PTR [ebp-14H] <span style="COLOR: #943634">; ecx = [ebp – 14H]</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,也就是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">a_class</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的地址</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> jmp ??1my_class@@QAE@XZ <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">调用</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">my_class::~my_class</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">__ehhandler$_wmain:</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov edx, DWORD PTR [esp+8] <span style="COLOR: #943634">; esp = </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">当前的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">fs:0, [esp + 8] = </span> <span style="FONT-SIZE: 10pt; COLOR: #943634">之前的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">SEH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">结构,也就是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">main</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">中建立的</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea eax, DWORD PTR [edx+0cH] <span style="COLOR: #943634">; edx + 0Ch = </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">当前的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,也就是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">main</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,此时不能直接使用</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">因为可能会从任意函数调过来,此时</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">是该函数的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,而不是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">main</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ecx, DWORD PTR [edx-e0H] <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">之前存下去的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">__security_cookie ^ ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> xor ecx, eax <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">再次和</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">相异或</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> call @__security_check_cookie@4 <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">此时</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ecx</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">应该等于</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">__security_cookie</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,否则说明栈的内容被恶意改动(或者编程错误)</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, OFFSET __ehfuncinfo$_wmain</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> jmp ___CxxFrameHandler3</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">text$x ENDS</span> </div> </td> </tr> </tbody> </table> My\_class::my\_class构造函数如下。构造函数本质上就是一个全局函数,名字是经过打乱的(Name Mangling),这样可以和同一Class和其他Class的同名方法区别开来。不同编译器有不同规则,因此不必过于深究。 <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 63.9pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 10in; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 63.9pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">_TEXT SEGMENT</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">??0my_class@@QAE@XZ PROC</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ebp <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存旧的</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ebp, esp <span style="COLOR: #943634">; ebp</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存当前栈的位置</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> sub esp, ccH <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">给栈分配</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ccH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">个字节</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ebx <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存常用寄存器</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push esi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push edi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea edi, DWORD PTR [ebp-ccH] <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">从分配的位置开始</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ecx, 33H <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">写</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">33H</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">个</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ccccccccH</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, ccccccccH <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">也就是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">33H*4H=ccH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,正好是分配的大小</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> rep stosd <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">从而把整个栈上当前分配的空间用</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ccH</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">填满</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR [ebp-8], ecx <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">按照约定,一般用</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ECX</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">保存</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">this</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">指针</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">把</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">this</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">存入到</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp-8</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,并不是很必要,因为这是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">Debug</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">版本</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">; 10 : { </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">; 11 : m_member = 1;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, DWORD PTR [ebp-8] <span style="COLOR: #943634">; eax</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">中存放</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">this</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR [eax], 1 <span style="COLOR: #943634">; this</span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的头四个</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">byte</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">是</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">m_member</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">的内容</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">; 12 : }</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, DWORD PTR [ebp-8] <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">多余的一句话,可以优化掉</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop edi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop esi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ebx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov esp, ebp <span style="COLOR: #943634">; </span></span> <span style="FONT-SIZE: 10pt; COLOR: #943634">恢复</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">esp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">,因此就算是中间栈运算出错,最后也不会导致灾难性的结果,只要</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">ebp</span> <span style="FONT-SIZE: 10pt; COLOR: #943634">还是正确的</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> ret 0</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">??0my_class@@QAE@XZ ENDP</span> </div> </td> </tr> </tbody> </table> My\_class::method的实现如下: <table style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BACKGROUND: #d9d9d9; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none; BORDER-COLLAPSE: collapse"> <tbody> <tr style="HEIGHT: 63.9pt"> <td style="PADDING-RIGHT: 5.4pt; PADDING-LEFT: 5.4pt; BORDER-LEFT-COLOR: #e0dfe3; BORDER-BOTTOM-COLOR: #e0dfe3; PADDING-BOTTOM: 0in; WIDTH: 10in; BORDER-TOP-COLOR: #e0dfe3; PADDING-TOP: 0in; HEIGHT: 63.9pt; BACKGROUND-COLOR: transparent; BORDER-RIGHT-COLOR: #e0dfe3"> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">_TEXT SEGMENT</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">?method@my_class@@QAEXH@Z PROC <span style="COLOR: #943634">; my_class::method</span></span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">; 15 : { </span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ebp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ebp, esp</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> sub esp, ccH</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ebx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push esi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push edi</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> push ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> lea edi, DWORD PTR [ebp-ccH]</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov ecx, 33H</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, ccccccccH</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> rep stosd</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> pop ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov DWORD PTR [ebp-8], ecx</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt">; 16 : m_member = n;</span> </div> <div style="MARGIN: 0in 0in 0pt"> <span style="FONT-SIZE: 10pt"> mov eax, DWORD PTR [ebp-8] <span style="COLOR: #943634">; eax</span></span> </div> </td> </tr> </tbody> </table> [Link 1]: http://creativecommons.org/licenses/by/3.0/deed.zh [Link 2]: http://bangzhuzhongxin.blogbus.com/logs/11205960.html [http_joshuafan.blogbus.com_logs_10066721.html]: http://joshuafan.blogbus.com/logs/10066721.html [http_blog.csdn.net_ATField_archive_2006_11_14_1382694.aspx]: http://blog.csdn.net/ATField/archive/2006/11/14/1382694.aspx [o_cpp_disasm_1_1.JPG]: /images/20220824/3a501b4bc04e468a8a060565614b8b81.png
还没有评论,来说两句吧...