,跟踪下的代码
- #include <iostream>
- using namespace std;
- class C
- {
- public:
- C()
- {
- }
- ~C()
- {
- }
- };
- void f1()
- {
- C x1;
- }
- int main()
- {//此处设断点
- f1();
- return 0;
- }//此处设断点
- --- F:/1/名次.cpp -------------------------------------------------------------------------------------------------------
- 18:
- 19: int main()
- 20: {
- 00401320 push ebp
- 00401321 mov ebp,esp
- 00401323 sub esp,40h
- 00401326 push ebx
- 00401327 push esi
- 00401328 push edi
- 00401329 lea edi,[ebp-40h]
- 0040132C mov ecx,10h
- 00401331 mov eax,0CCCCCCCCh
- 00401336 rep stos dword ptr [edi]
- 21: f1();
- 00401338 call @ILT+0(f1) (00401005)//跟进去
- /*
- 22: return 0;
- 0040133D xor eax,eax
- 23: }
- 0040133F pop edi
- 00401340 pop esi
- 00401341 pop ebx
- 00401342 add esp,40h
- 00401345 cmp ebp,esp
- 00401347 call __chkesp (00408210)
- 0040134C mov esp,ebp
- 0040134E pop ebp
- 0040134F ret
- */
- 00401005 jmp f1 (00401270)//跳转语句
- 14: void f1()
- 15: {
- 00401270 push ebp
- 00401271 mov ebp,esp
- 00401273 sub esp,44h
- 00401276 push ebx
- 00401277 push esi
- 00401278 push edi
- 00401279 lea edi,[ebp-44h]
- 0040127C mov ecx,11h
- 00401281 mov eax,0CCCCCCCCh
- 00401286 rep stos dword ptr [edi]
- 16: C x1;
- 00401288 lea ecx,[ebp-4]//注意ecx存的是地址
- 0040128B call @ILT+5(C::C) (0040100a)//跟进去
- 17: }
- 00401290 lea ecx,[ebp-4]
- 00401293 call @ILT+20(C::~C) (00401019)
- 00401298 pop edi
- 00401299 pop esi
- 0040129A pop ebx
- 0040129B add esp,44h
- 0040129E cmp ebp,esp
- 004012A0 call __chkesp (00408210)
- 004012A5 mov esp,ebp
- 004012A7 pop ebp
- 004012A8 ret
- --- No source file --------
- @ILT+5(??0C@@QAE@XZ):
- 0040100A jmp C::C (004012c0)//跳转
- 6: C()
- 004012C0 push ebp
- 004012C1 mov ebp,esp
- 004012C3 sub esp,44h
- 004012C6 push ebx
- 004012C7 push esi
- 004012C8 push edi
- 004012C9 push ecx
- 004012CA lea edi,[ebp-44h]
- 004012CD mov ecx,11h
- 004012D2 mov eax,0CCCCCCCCh
- 004012D7 rep stos dword ptr [edi]
- 004012D9 pop ecx
- 004012DA mov dword ptr [ebp-4],ecx//注意是地址给它
- 7: {
- 8: }
- 004012DD mov eax,dword ptr [ebp-4]//
- 004012E0 pop edi
- 004012E1 pop esi
- 004012E2 pop ebx
- 004012E3 mov esp,ebp
- 004012E5 pop ebp
- 004012E6 ret
- --- No source file
- 17: }
- 00401290 lea ecx,[ebp-4]
- 00401293 call @ILT+20(C::~C) (00401019) 跟进去
- /*
- 00401298 pop edi
- 00401299 pop esi
- 0040129A pop ebx
- 0040129B add esp,44h
- 0040129E cmp ebp,esp
- 004012A0 call __chkesp (00408210)
- 004012A5 mov esp,ebp
- 004012A7 pop ebp
- 004012A8 ret
- */
- @ILT+20(??1C@@QAE@XZ):
- 00401019 jmp C::~C (004012f0)
- 9: ~C()
- 10: {
- 004012F0 push ebp
- 004012F1 mov ebp,esp
- 004012F3 sub esp,44h
- 004012F6 push ebx
- 004012F7 push esi
- 004012F8 push edi
- 004012F9 push ecx
- 004012FA lea edi,[ebp-44h]
- 004012FD mov ecx,11h
- 00401302 mov eax,0CCCCCCCCh
- 00401307 rep stos dword ptr [edi]
- 00401309 pop ecx
- 0040130A mov dword ptr [ebp-4],ecx
- 11: }
- 0040130D pop edi
- 0040130E pop esi
- 0040130F pop ebx
- 00401310 mov esp,ebp
- 00401312 pop ebp
- 00401313 ret
- //返回到f1()结尾处
- 00401298 pop edi
- 00401299 pop esi
- 0040129A pop ebx
- 0040129B add esp,44h
- 0040129E cmp ebp,esp
- 004012A0 call __chkesp (00408210)
- 004012A5 mov esp,ebp
- 004012A7 pop ebp
- 004012A8 ret
- --- No source file -------------
- //返回到mian函数
- 22: return 0;
- 0040133D xor eax,eax
- 23: }
- 0040133F pop edi
- 00401340 pop esi
- 00401341 pop ebx
- 00401342 add esp,40h
- 00401345 cmp ebp,esp
- 00401347 call __chkesp (00408210)
- 0040134C mov esp,ebp
- 0040134E pop ebp
- 0040134F ret
你将发现f1()函数非常接近预料:设置栈框架,调用xl的构造和析构函数,然后重设栈框架。特别地,你将注意到没有任何EH产物或记录――并不奇怪,因为程序没有抛出或捕获任何异常。