一个简单的C语言的汇编程序

          在Linux下用VIM编写一个简单的C程序：

      1 int g(int x)
      2 {
      3         return x + 3;
      4 }
      5 
      6 int f(int x)
      7 {
      8         return g(x);
      9 }
     10 
     11 int main(void)
     12 {
     13         return f(8) +1;
     14 
     15 }

在使用GCC进行编译，编译命令如下：

gcc -S -o lab1text32.s lab1text1.c  -m32

其中-m32表示32为系统下的格式，lab1text32.s源码如下：

	.file	"lab1text.c"
	.text
	.globl	g
	.type	g, @function
g:
.LFB0:
	.cfi_startproc
	pushl	%ebp
	.cfi_def_cfa_offset 8
	.cfi_offset 5, -8
	movl	%esp, %ebp
	.cfi_def_cfa_register 5
	movl	8(%ebp), %eax
	addl	$3, %eax
	popl	%ebp
	.cfi_restore 5
	.cfi_def_cfa 4, 4
	ret
	.cfi_endproc
.LFE0:
	.size	g, .-g
	.globl	f
	.type	f, @function
f:
.LFB1:
	.cfi_startproc
	pushl	%ebp
	.cfi_def_cfa_offset 8
	.cfi_offset 5, -8
	movl	%esp, %ebp
	.cfi_def_cfa_register 5
	subl	$4, %esp
	movl	8(%ebp), %eax
	movl	%eax, (%esp)
	call	g
	leave
	.cfi_restore 5
	.cfi_def_cfa 4, 4
	ret
	.cfi_endproc
.LFE1:
	.size	f, .-f
	.globl	main
	.type	main, @function
main:
.LFB2:
	.cfi_startproc
	pushl	%ebp
	.cfi_def_cfa_offset 8
	.cfi_offset 5, -8
	movl	%esp, %ebp
	.cfi_def_cfa_register 5
	subl	$4, %esp
	movl	$8, (%esp)
	call	f
	addl	$1, %eax
	leave
	.cfi_restore 5
	.cfi_def_cfa 4, 4
	ret
	.cfi_endproc
.LFE2:
	.size	main, .-main
	.ident	"GCC: (Ubuntu 4.8.2-19ubuntu1) 4.8.2"
	.section	.note.GNU-stack,"",@progbits

现在大家一般用的是64为系统，如不加-m32即命令如下：

gcc -S -o lab1text64.s lab1text1.c

得到的lab1text64.s如下：

	.file	"lab1text.c"
	.text
	.globl	g
	.type	g, @function
g:
.LFB0:
	.cfi_startproc
	pushq	%rbp
	.cfi_def_cfa_offset 16
	.cfi_offset 6, -16
	movq	%rsp, %rbp
	.cfi_def_cfa_register 6
	movl	%edi, -4(%rbp)
	movl	-4(%rbp), %eax
	addl	$3, %eax
	popq	%rbp
	.cfi_def_cfa 7, 8
	ret
	.cfi_endproc
.LFE0:
	.size	g, .-g
	.globl	f
	.type	f, @function
f:
.LFB1:
	.cfi_startproc
	pushq	%rbp
	.cfi_def_cfa_offset 16
	.cfi_offset 6, -16
	movq	%rsp, %rbp
	.cfi_def_cfa_register 6
	subq	$8, %rsp
	movl	%edi, -4(%rbp)
	movl	-4(%rbp), %eax
	movl	%eax, %edi
	call	g
	leave
	.cfi_def_cfa 7, 8
	ret
	.cfi_endproc
.LFE1:
	.size	f, .-f
	.globl	main
	.type	main, @function
main:
.LFB2:
	.cfi_startproc
	pushq	%rbp
	.cfi_def_cfa_offset 16
	.cfi_offset 6, -16
	movq	%rsp, %rbp
	.cfi_def_cfa_register 6
	movl	$8, %edi
	call	f
	addl	$1, %eax
	popq	%rbp
	.cfi_def_cfa 7, 8
	ret
	.cfi_endproc
.LFE2:
	.size	main, .-main
	.ident	"GCC: (Ubuntu 4.8.2-19ubuntu1) 4.8.2"
	.section	.note.GNU-stack,"",@progbits

仔细的话可以看出他们之间的区别，主要就是栈顶和栈底的表示的方法以及字长不一样。

在分析它的汇编代码时，把以点（.）开头的语句，因为以点开头的语句只是在链接阶段其作用，起到辅助信息的作用，实际中是不会被执行的。删除完之后就是纯的汇编语句源码如下：

ebp 和 esp ：表示栈低和栈顶
eax 用来存数
leave ：表示撤销栈
	movl %ebp %esp
	popl %ebp
ret ： %eip  //指向吓一条运行指令	

g:
	pushl	%ebp

	movl	%esp, %ebp
	
	movl	8(%ebp), %eax    
	addl	$3, %eax
	popl	%ebp
	
	ret
	

f:
	
	pushl	%ebp
	
	movl	%esp, %ebp
	
	subl	$4, %esp
	movl	8(%ebp), %eax
	movl	%eax, (%esp)
	call	g
	leave
	
	ret
	
main:

	pushl	%ebp
	
	movl	%esp, %ebp
	
	subl	$4, %esp
	movl	$8, (%esp)
	call	f
	addl	$1, %eax
	leave
	
	ret
	

使用objdump命令生成反汇编程序，首先使用命令：

gcc  -g  file -m32 

生成带调试信息的可执行文件，在使用命令：

objdump  -S  file 

得到的代码如下：

moocos-> objdump -S a.out 

a.out:     file format elf32-i386


Disassembly of section .init:

080482b4 <_init>:
 80482b4:	53                   	push   %ebx
 80482b5:	83 ec 08             	sub    $0x8,%esp
 80482b8:	e8 93 00 00 00       	call   8048350 <__x86.get_pc_thunk.bx>
 80482bd:	81 c3 43 1d 00 00    	add    $0x1d43,%ebx
 80482c3:	8b 83 fc ff ff ff    	mov    -0x4(%ebx),%eax
 80482c9:	85 c0                	test   %eax,%eax
 80482cb:	74 05                	je     80482d2 <_init+0x1e>
 80482cd:	e8 2e 00 00 00       	call   8048300 <__gmon_start__@plt>
 80482d2:	83 c4 08             	add    $0x8,%esp
 80482d5:	5b                   	pop    %ebx
 80482d6:	c3                   	ret    

Disassembly of section .plt:

080482e0 <printf@plt-0x10>:
 80482e0:	ff 35 04 a0 04 08    	pushl  0x804a004
 80482e6:	ff 25 08 a0 04 08    	jmp    *0x804a008
 80482ec:	00 00                	add    %al,(%eax)
	...

080482f0 <printf@plt>:
 80482f0:	ff 25 0c a0 04 08    	jmp    *0x804a00c
 80482f6:	68 00 00 00 00       	push   $0x0
 80482fb:	e9 e0 ff ff ff       	jmp    80482e0 <_init+0x2c>

08048300 <__gmon_start__@plt>:
 8048300:	ff 25 10 a0 04 08    	jmp    *0x804a010
 8048306:	68 08 00 00 00       	push   $0x8
 804830b:	e9 d0 ff ff ff       	jmp    80482e0 <_init+0x2c>

08048310 <__libc_start_main@plt>:
 8048310:	ff 25 14 a0 04 08    	jmp    *0x804a014
 8048316:	68 10 00 00 00       	push   $0x10
 804831b:	e9 c0 ff ff ff       	jmp    80482e0 <_init+0x2c>

Disassembly of section .text:

08048320 <_start>:
 8048320:	31 ed                	xor    %ebp,%ebp
 8048322:	5e                   	pop    %esi
 8048323:	89 e1                	mov    %esp,%ecx
 8048325:	83 e4 f0             	and    $0xfffffff0,%esp
 8048328:	50                   	push   %eax
 8048329:	54                   	push   %esp
 804832a:	52                   	push   %edx
 804832b:	68 20 85 04 08       	push   $0x8048520
 8048330:	68 b0 84 04 08       	push   $0x80484b0
 8048335:	51                   	push   %ecx
 8048336:	56                   	push   %esi
 8048337:	68 46 84 04 08       	push   $0x8048446
 804833c:	e8 cf ff ff ff       	call   8048310 <__libc_start_main@plt>
 8048341:	f4                   	hlt    
 8048342:	66 90                	xchg   %ax,%ax
 8048344:	66 90                	xchg   %ax,%ax
 8048346:	66 90                	xchg   %ax,%ax
 8048348:	66 90                	xchg   %ax,%ax
 804834a:	66 90                	xchg   %ax,%ax
 804834c:	66 90                	xchg   %ax,%ax
 804834e:	66 90                	xchg   %ax,%ax

08048350 <__x86.get_pc_thunk.bx>:
 8048350:	8b 1c 24             	mov    (%esp),%ebx
 8048353:	c3                   	ret    
 8048354:	66 90                	xchg   %ax,%ax
 8048356:	66 90                	xchg   %ax,%ax
 8048358:	66 90                	xchg   %ax,%ax
 804835a:	66 90                	xchg   %ax,%ax
 804835c:	66 90                	xchg   %ax,%ax
 804835e:	66 90                	xchg   %ax,%ax

08048360 <deregister_tm_clones>:
 8048360:	b8 23 a0 04 08       	mov    $0x804a023,%eax
 8048365:	2d 20 a0 04 08       	sub    $0x804a020,%eax
 804836a:	83 f8 06             	cmp    $0x6,%eax
 804836d:	77 01                	ja     8048370 <deregister_tm_clones+0x10>
 804836f:	c3                   	ret    
 8048370:	b8 00 00 00 00       	mov    $0x0,%eax
 8048375:	85 c0                	test   %eax,%eax
 8048377:	74 f6                	je     804836f <deregister_tm_clones+0xf>
 8048379:	55                   	push   %ebp
 804837a:	89 e5                	mov    %esp,%ebp
 804837c:	83 ec 18             	sub    $0x18,%esp
 804837f:	c7 04 24 20 a0 04 08 	movl   $0x804a020,(%esp)
 8048386:	ff d0                	call   *%eax
 8048388:	c9                   	leave  
 8048389:	c3                   	ret    
 804838a:	8d b6 00 00 00 00    	lea    0x0(%esi),%esi

08048390 <register_tm_clones>:
 8048390:	b8 20 a0 04 08       	mov    $0x804a020,%eax
 8048395:	2d 20 a0 04 08       	sub    $0x804a020,%eax
 804839a:	c1 f8 02             	sar    $0x2,%eax
 804839d:	89 c2                	mov    %eax,%edx
 804839f:	c1 ea 1f             	shr    $0x1f,%edx
 80483a2:	01 d0                	add    %edx,%eax
 80483a4:	d1 f8                	sar    %eax
 80483a6:	75 01                	jne    80483a9 <register_tm_clones+0x19>
 80483a8:	c3                   	ret    
 80483a9:	ba 00 00 00 00       	mov    $0x0,%edx
 80483ae:	85 d2                	test   %edx,%edx
 80483b0:	74 f6                	je     80483a8 <register_tm_clones+0x18>
 80483b2:	55                   	push   %ebp
 80483b3:	89 e5                	mov    %esp,%ebp
 80483b5:	83 ec 18             	sub    $0x18,%esp
 80483b8:	89 44 24 04          	mov    %eax,0x4(%esp)
 80483bc:	c7 04 24 20 a0 04 08 	movl   $0x804a020,(%esp)
 80483c3:	ff d2                	call   *%edx
 80483c5:	c9                   	leave  
 80483c6:	c3                   	ret    
 80483c7:	89 f6                	mov    %esi,%esi
 80483c9:	8d bc 27 00 00 00 00 	lea    0x0(%edi,%eiz,1),%edi

080483d0 <__do_global_dtors_aux>:
 80483d0:	80 3d 20 a0 04 08 00 	cmpb   $0x0,0x804a020
 80483d7:	75 13                	jne    80483ec <__do_global_dtors_aux+0x1c>
 80483d9:	55                   	push   %ebp
 80483da:	89 e5                	mov    %esp,%ebp
 80483dc:	83 ec 08             	sub    $0x8,%esp
 80483df:	e8 7c ff ff ff       	call   8048360 <deregister_tm_clones>
 80483e4:	c6 05 20 a0 04 08 01 	movb   $0x1,0x804a020
 80483eb:	c9                   	leave  
 80483ec:	f3 c3                	repz ret 
 80483ee:	66 90                	xchg   %ax,%ax

080483f0 <frame_dummy>:
 80483f0:	a1 10 9f 04 08       	mov    0x8049f10,%eax
 80483f5:	85 c0                	test   %eax,%eax
 80483f7:	74 1f                	je     8048418 <frame_dummy+0x28>
 80483f9:	b8 00 00 00 00       	mov    $0x0,%eax
 80483fe:	85 c0                	test   %eax,%eax
 8048400:	74 16                	je     8048418 <frame_dummy+0x28>
 8048402:	55                   	push   %ebp
 8048403:	89 e5                	mov    %esp,%ebp
 8048405:	83 ec 18             	sub    $0x18,%esp
 8048408:	c7 04 24 10 9f 04 08 	movl   $0x8049f10,(%esp)
 804840f:	ff d0                	call   *%eax
 8048411:	c9                   	leave  
 8048412:	e9 79 ff ff ff       	jmp    8048390 <register_tm_clones>
 8048417:	90                   	nop
 8048418:	e9 73 ff ff ff       	jmp    8048390 <register_tm_clones>

0804841d <exchange>:
 804841d:	55                   	push   %ebp
 804841e:	89 e5                	mov    %esp,%ebp
 8048420:	83 ec 10             	sub    $0x10,%esp
 8048423:	c7 45 fc 00 00 00 00 	movl   $0x0,-0x4(%ebp)
 804842a:	8b 45 08             	mov    0x8(%ebp),%eax
 804842d:	8b 00                	mov    (%eax),%eax
 804842f:	89 45 fc             	mov    %eax,-0x4(%ebp)
 8048432:	8b 45 0c             	mov    0xc(%ebp),%eax
 8048435:	8b 10                	mov    (%eax),%edx
 8048437:	8b 45 08             	mov    0x8(%ebp),%eax
 804843a:	89 10                	mov    %edx,(%eax)
 804843c:	8b 45 0c             	mov    0xc(%ebp),%eax
 804843f:	8b 55 fc             	mov    -0x4(%ebp),%edx
 8048442:	89 10                	mov    %edx,(%eax)
 8048444:	c9                   	leave  
 8048445:	c3                   	ret    

08048446 <main>:
 8048446:	55                   	push   %ebp
 8048447:	89 e5                	mov    %esp,%ebp
 8048449:	83 e4 f0             	and    $0xfffffff0,%esp
 804844c:	83 ec 20             	sub    $0x20,%esp
 804844f:	c7 44 24 18 22 00 00 	movl   $0x22,0x18(%esp)
 8048456:	00 
 8048457:	c7 44 24 1c 38 00 00 	movl   $0x38,0x1c(%esp)
 804845e:	00 
 804845f:	8b 54 24 1c          	mov    0x1c(%esp),%edx
 8048463:	8b 44 24 18          	mov    0x18(%esp),%eax
 8048467:	89 54 24 08          	mov    %edx,0x8(%esp)
 804846b:	89 44 24 04          	mov    %eax,0x4(%esp)
 804846f:	c7 04 24 40 85 04 08 	movl   $0x8048540,(%esp)
 8048476:	e8 75 fe ff ff       	call   80482f0 <printf@plt>
 804847b:	8d 44 24 1c          	lea    0x1c(%esp),%eax
 804847f:	89 44 24 04          	mov    %eax,0x4(%esp)
 8048483:	8d 44 24 18          	lea    0x18(%esp),%eax
 8048487:	89 04 24             	mov    %eax,(%esp)
 804848a:	e8 8e ff ff ff       	call   804841d <exchange>
 804848f:	8b 54 24 1c          	mov    0x1c(%esp),%edx
 8048493:	8b 44 24 18          	mov    0x18(%esp),%eax
 8048497:	89 54 24 08          	mov    %edx,0x8(%esp)
 804849b:	89 44 24 04          	mov    %eax,0x4(%esp)
 804849f:	c7 04 24 4e 85 04 08 	movl   $0x804854e,(%esp)
 80484a6:	e8 45 fe ff ff       	call   80482f0 <printf@plt>
 80484ab:	c9                   	leave  
 80484ac:	c3                   	ret    
 80484ad:	66 90                	xchg   %ax,%ax
 80484af:	90                   	nop

080484b0 <__libc_csu_init>:
 80484b0:	55                   	push   %ebp
 80484b1:	57                   	push   %edi
 80484b2:	31 ff                	xor    %edi,%edi
 80484b4:	56                   	push   %esi
 80484b5:	53                   	push   %ebx
 80484b6:	e8 95 fe ff ff       	call   8048350 <__x86.get_pc_thunk.bx>
 80484bb:	81 c3 45 1b 00 00    	add    $0x1b45,%ebx
 80484c1:	83 ec 1c             	sub    $0x1c,%esp
 80484c4:	8b 6c 24 30          	mov    0x30(%esp),%ebp
 80484c8:	8d b3 0c ff ff ff    	lea    -0xf4(%ebx),%esi
 80484ce:	e8 e1 fd ff ff       	call   80482b4 <_init>
 80484d3:	8d 83 08 ff ff ff    	lea    -0xf8(%ebx),%eax
 80484d9:	29 c6                	sub    %eax,%esi
 80484db:	c1 fe 02             	sar    $0x2,%esi
 80484de:	85 f6                	test   %esi,%esi
 80484e0:	74 27                	je     8048509 <__libc_csu_init+0x59>
 80484e2:	8d b6 00 00 00 00    	lea    0x0(%esi),%esi
 80484e8:	8b 44 24 38          	mov    0x38(%esp),%eax
 80484ec:	89 2c 24             	mov    %ebp,(%esp)
 80484ef:	89 44 24 08          	mov    %eax,0x8(%esp)
 80484f3:	8b 44 24 34          	mov    0x34(%esp),%eax
 80484f7:	89 44 24 04          	mov    %eax,0x4(%esp)
 80484fb:	ff 94 bb 08 ff ff ff 	call   *-0xf8(%ebx,%edi,4)
 8048502:	83 c7 01             	add    $0x1,%edi
 8048505:	39 f7                	cmp    %esi,%edi
 8048507:	75 df                	jne    80484e8 <__libc_csu_init+0x38>
 8048509:	83 c4 1c             	add    $0x1c,%esp
 804850c:	5b                   	pop    %ebx
 804850d:	5e                   	pop    %esi
 804850e:	5f                   	pop    %edi
 804850f:	5d                   	pop    %ebp
 8048510:	c3                   	ret    
 8048511:	eb 0d                	jmp    8048520 <__libc_csu_fini>
 8048513:	90                   	nop
 8048514:	90                   	nop
 8048515:	90                   	nop
 8048516:	90                   	nop
 8048517:	90                   	nop
 8048518:	90                   	nop
 8048519:	90                   	nop
 804851a:	90                   	nop
 804851b:	90                   	nop
 804851c:	90                   	nop
 804851d:	90                   	nop
 804851e:	90                   	nop
 804851f:	90                   	nop

08048520 <__libc_csu_fini>:
 8048520:	f3 c3                	repz ret 

Disassembly of section .fini:

08048524 <_fini>:
 8048524:	53                   	push   %ebx
 8048525:	83 ec 08             	sub    $0x8,%esp
 8048528:	e8 23 fe ff ff       	call   8048350 <__x86.get_pc_thunk.bx>
 804852d:	81 c3 d3 1a 00 00    	add    $0x1ad3,%ebx
 8048533:	83 c4 08             	add    $0x8,%esp
 8048536:	5b                   	pop    %ebx
 8048537:	c3                   	ret