反汇编简单的 ARM 指令?
我一直在摆弄 IDA Pro,并试图为了它而拆解我自己的产品。
我注意到一些我不明白的事情,因为我的汇编语言知识很糟糕。下面是一小段调用CGContextSetRGBStrokeColor的代码。
CGContextSetRGBStrokeColor(ctx, 1, 1, 1, 1);
在 IDA 中,它看起来像这样:
我不明白很多事情:
- 0x3F800000< 是如何做到的/strong> 与数字 1 有关吗?我认为这是一个参考,但我不明白它指的是什么。
- 为什么 MOVS 被调用三次而不是四次(因为有四个参数)?
- R0、R1、R2等是CPU寄存器吗?
- 有人可以解释一下这些:
一些文本行http://a.imageshack.us/img836/ 4018/gah.png
此文件是一个框架(因此是一个Mach-O 文件)。该函数来自 CoreGraphics。
I've been messing around with IDA Pro and trying to disassemble my own products just for the sake of it.
I've noticed a couple of things I don't understand because my assembly language knowledge is terrible. Here is a little chunk of code which invokes CGContextSetRGBStrokeColor.
CGContextSetRGBStrokeColor(ctx, 1, 1, 1, 1);
In IDA it looks like this:
I don't understand a number of things:
- How does 0x3F800000 relate to the number 1? I assume it is a reference, however I did not get what it refers to.
- Why is MOVS being called three times instead of four (because there are four arguments)?
- Are R0,R1,R2 etc. CPU registers?
- Could someone explaing these:
Some text lines http://a.imageshack.us/img836/4018/gah.png
This file is a Framework (therefore a Mach-O file). That function comes from CoreGraphics.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
0x3F800000 在 IEEE 单精度表示中是 1.0。您可以右键单击该 0x3F800000 并选择浮点表示形式将其转换为 1.0。
在标准 ARM 调用约定中,前 4 个参数分别存储在 R0 到 R3 中。
ldr r1, =0x3f800000指令已存储第二个参数。是的。
请不要拆开非连续指令,因为第二条指令的 r3 和第三条指令的 r3 不同。
如果检查整个函数,您应该会看到“var_4C”是堆栈上变量 ctx 的地址。因此,
仅表示
r2 = ctx。指令movs r0, r2稍后将上下文作为第一个参数。另外,在 ARM 中,var_??相当于值-0x??。在 ARM 中,第 5 个及以上参数存储在堆栈中的 [sp, #0]、[sp, #4] 等位置。因此,指令
将 1.0 放在第 5 个参数处。
0x3F800000 is 1.0 in IEEE single precision representation. You could right click on that 0x3F800000 and choose floating point representation to convert it to 1.0.
In the standard ARM calling convention, the first 4 arguments are stored in R0 to R3 respectively. The
ldr r1, =0x3f800000instruction already stores the 2nd argument.Yes.
Please don't take apart non-consecutive instructions, since the r3 at the 2nd instruction and that in the 3rd are different.
If you check the whole function, you should see that "var_4C" is the address to the variable
ctxon stack. Hence,just means
r2 = ctx. The instructionmovs r0, r2much later put the context as the 1st argument.Also, in ARM, var_?? is equivalent to the value -0x??. In ARM, the 5th argument and above are stored on the stack at [sp, #0], [sp, #4], etc. Hence, the instruction
put the 1.0 on at the 5th argument.