【汇编】用栈传参的案例及分析

coleak

已于 2023-03-13 16:57:16 修改

阅读量373

点赞数 2

分类专栏： # 汇编文章标签：汇编算法数据结构

于 2023-03-12 20:00:16 首次发布

本文链接：https://blog.csdn.net/qq_63701832/article/details/129479250

版权

汇编专栏收录该内容

3 篇文章 0 订阅

订阅专栏

案例分析

案例一代码

bubbleSort proc
;bubbleSort(int *arr,int len) call C style
;input:
;push len
;push offset arr
	 push ebp
	 mov ebp,esp
	 pushad

	 mov edx,[ebp+8]
	 mov ecx,[ebp+12]
 	 mov  esi,0;i=esi
	 sub  ecx,1;ecx=n-1
again_1: cmp  esi,ecx 
	 jge  final_1
	 mov  edi,0;j=edi
	 mov  ebx,ecx
	 sub  ebx,esi
again_2: cmp  edi,ebx;ebx=n-1-i 
	 jge  final_2
	 mov  eax,[edx+4*edi]
	 cmp  eax,[edx+4*edi+4]
	 jle  next
	 push [edx+4*edi+4]
	 pop  [edx+4*edi]
	 mov  [edx+4*edi+4],eax
next:	 inc  edi
	jmp   again_2
final_2:	 
	 inc esi
	 jmp again_1
final_1: 
	popad
	pop ebp

	ret 8
bubbleSort endp

output proc
;output(int *arr ,int len)
;input:
;edx=arr
;ecx=len
	pushad
	mov esi,0
again:	cmp esi,ecx
	jge final
	mov eax,[edx+4*esi]
	call writeint
	mov  al,' '
	call writechar
	inc  esi
	jmp again
final:	popad
	ret
output endp

分析

push len
push offset arr

先将长度和首地址进行入栈

push ebp
mov ebp,esp
pushad

将ebp进栈方便对len和arr进行寻址，将各寄存器进栈

mov edx,[ebp+8]
mov ecx,[ebp+12]

此时edx,ecx分别为arr首地址和长度

进行逻辑运算后

popad
pop ebp

ret 8

将各寄存器出栈，将ebp出栈，ret 8让栈平衡

案例二代码

源代码

void insertionSort( int arr[], int n){
int i;
for(i = 1; i < n; i++) {
insert(arr, i);
}
}

void insert ( int arr[], int n){
int key = arr[n];
int i = n;
while (arr[i - 1] > key) {
arr[i] = arr[i-1];
i--;
if(i == 0) break;
}
arr[i] = key;
}

汇编代码

INCLUDE Irvine32.inc
.data
arr dd 99, 2, 3, -11, 22, 88, 7, 77, 547, 717, -54
len dd ($-arr)/4
a dd ?
.code
insert PROC
;arr,a(i)
push ebp
mov ebp,esp
pushad
mov ebx,[ebp+8];ebx=i(n)
mov eax,[ebp+12];eax=arr
mov ecx,[eax+ebx*4];ecx=key
again:
cmp [eax+4*ebx-4],ecx
jle final
mov edx,[eax+4*ebx-4]
mov [eax+4*ebx],edx
sub ebx,1
cmp ebx,0
je final
jmp again
final:
	mov [eax+4*ebx],ecx
	popad
	pop ebp
	ret 8
insert ENDP

main PROC
mov a,1
again:
mov eax,a;a为下标(eax)
cmp eax,len;(len=n)
jae myout
push offset arr
push a
call insert
add a,1
jmp again

myout:
  mov ebx,0
  again2:
  cmp ebx,len
  jae final2
  mov eax,arr[ebx*4]
  call WriteInt
  add ebx,1
  jmp again2

final2:
	 exit
main ENDP
END main

案例三代码

include irvine32.inc
.data

arr dd 99, 2, 3, 1, 22, 88, 7, 77, 54
len dd ($-arr)/4
.code
slectSort proc
;;;;;void slectSort(int *arr,int n)
;;;;input:
;;;;;;;;;push n
;;;;;;;;;push offset arr
   push ebp
   mov ebp,esp
   pushad
   mov edx,[ebp+8];;edx:arr
mov esi,[ebp+12];;;;esi:i;i=n
again: cmp esi,1
   jle final
   push esi
   push edx
   call maxIndex;;;eax:j= maxIndex(arr,esi);
   mov ebx,[edx+4*eax]
   mov ecx,[edx+4*esi-4]
   mov [edx+4*eax],ecx
   mov [edx+4*esi-4],ebx
   dec esi
   jmp again
final:   popad
   pop ebp
   ret 8
slectSort endp

maxIndex proc
;;;;maxIndex(int*arr,int n)
;;;;input:
;;;;;;;;;push n
;;;;;;;;;push offset arr
;;;;;;;;;return:eax
   push ebp
   mov ebp,esp
   sub esp,4
   pushad
mov edx,[ebp+8]
   mov eax,0;;;eax:index
   mov esi,0;;;esi:i
again: cmp esi,[ebp+12]
   jge final
   mov ebx,[edx+4*eax]
cmp ebx,[edx+4*esi]
   jge next
   mov eax,esi
next:   inc esi
   jmp again
final:   mov [ebp-4],eax
   popad
   mov eax,[ebp-4]
   add esp,4
   pop ebp
   ret 8
maxIndex endp
output proc
   push esi
   push ecx
   push eax

   mov esi,0
again: cmp esi,ecx
   jge final
   mov eax,[edx+4*esi]
   call writeint
   mov al,' '
   call writechar
   add esi,1
   jmp again
final: pop eax
   pop ecx
   pop esi
   ret
output endp
main proc
   push len
   push offset arr
   call slectSort
mov edx,offset arr
   mov ecx,len
   call output
   exit
main endp

end main

main() {
int arr[] = {99, 2, 3, 1, 22, 88, 7, 77, 54};
int i;
slectSort(arr, 9);
for (int i = 0; i < 9; i++)
cout << arr[i] << endl;
return 0;
}

分析

这里主要分析以下部分代码

sub  esp,4

final:    
    mov [ebp-4],eax
    popad
    mov eax,[ebp-4]
    add esp,4
    pop ebp
    ret 8

由于要将运算的结果通过寄存器eax返回父函数，而eax在final的popad中被出栈导致数据丢失。此时我们在ebp进栈后通过sub esp,4开辟一个空间，运算结束后先将eax的值赋值给ebp-4这个空间,然后将popad，然后取出空间的值重新赋值给eax，然后将esp+4覆盖掉开辟的空间，最后弹出ebp，ret 8即可。