%rax 寄存器是否包含“调用”之后函数的返回值?操作说明?
这是一个简单的反汇编代码。
push %rbp
mov %rsp,%rbp
sub $0x10,%rsp
movq $0x0,-0x8(%rbp)
mov $0xf,%edi
callq 1070 <malloc@plt>
mov %rax,-0x8(%rbp)
mov -0x8(%rbp),%rax
mov %rax,%rdi
callq 1060 <free@plt>
mov $0x0,%eax
malloc 函数的返回值是否在 callq 1070 之后立即恢复到 rax 寄存器中? 我检测了调用 malloc_usable_size 的代码来获取 malloc 函数的分配大小,但遇到了分段错误。我以为我将错误的地址传输到malloc_usable_size。
对于str = (char *) malloc(15);,值str是否保存在%rax中? 我想问的是:如果str的值在callq 1070之后和mov %rax之前恢复到%rax中, -0x8(%rbp)?可以使用%rax的值来获取malloced区域的信息,例如malloced区域的大小吗?
this is a simple disassembly code.
push %rbp
mov %rsp,%rbp
sub $0x10,%rsp
movq $0x0,-0x8(%rbp)
mov $0xf,%edi
callq 1070 <malloc@plt>
mov %rax,-0x8(%rbp)
mov -0x8(%rbp),%rax
mov %rax,%rdi
callq 1060 <free@plt>
mov $0x0,%eax
Does the return value of malloc function is restored in the rax register right after the callq 1070 <malloc@plt> ?
I instrumented code that calls malloc_usable_size to get the malloced size of the malloc function, but it encountered segmentation fault. I thought that I transfer a wrong address to malloc_usable_size.
For str = (char *) malloc(15);, Does the value str is saved in the %rax?
What I want to ask is: if the value of str is restored in %rax right after callq 1070 <malloc@plt> and before mov %rax,-0x8(%rbp)? Can use the value of %rax to get the information of malloced area, such as the size of malloced area?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
你的问题非常不清楚。
str变量驻留在内存中的地址rpb[-8]处。malloc返回后,寄存器rax包含malloc返回值,并且该值存储在内存中位于地址rbp[-8](即它存储在str中)。请注意,您的反汇编使用的是 AT&T 语法。此指令
mov %rax,-0x8(%rbp)将值存储在rax中的rpb[-8]位置。Your question is exceedingly unclear.
The
strvariable resides in memory at addressrpb[-8]. Immediately after themallocreturns, registerraxcontains themallocreturn value, and that value is stored in the memory at addressrbp[-8](i.e. it is stored instr).Note that your disassembly is using AT&T syntax. This instruction
mov %rax,-0x8(%rbp)stores value in inraxat locationrpb[-8].