{"id":1510,"date":"2022-09-11T23:32:17","date_gmt":"2022-09-11T15:32:17","guid":{"rendered":"https:\/\/www.zhiwanyuzhou.com\/?p=1510"},"modified":"2022-09-11T23:35:21","modified_gmt":"2022-09-11T15:35:21","slug":"x86%e3%80%81arm%e3%80%81mips%e6%9e%b6%e6%9e%84%e6%a0%88%e7%a9%ba%e9%97%b4%e5%88%86%e5%b8%83%e6%83%85%e5%86%b5%e5%88%86%e6%9e%90","status":"publish","type":"post","link":"https:\/\/www.zhiwanyuzhou.com\/index.php\/2022\/09\/11\/x86%e3%80%81arm%e3%80%81mips%e6%9e%b6%e6%9e%84%e6%a0%88%e7%a9%ba%e9%97%b4%e5%88%86%e5%b8%83%e6%83%85%e5%86%b5%e5%88%86%e6%9e%90\/","title":{"rendered":"x86\u3001arm\u3001mips\u67b6\u6784\u6808\u7a7a\u95f4\u5206\u5e03\u60c5\u51b5\u5206\u6790"},"content":{"rendered":"\n<h2>\u4e00\u3001\u51c6\u5907\u5de5\u4f5c<\/h2>\n\n\n\n<h4>1\u3001\u76f8\u5173\u6982\u5ff5<\/h4>\n\n\n\n<p>\u4e00\u4e2a\u51fd\u6570\u5982\u679c\u4e0d\u518d\u8c03\u7528\u5176\u4ed6\u7684\u51fd\u6570\uff0c\u90a3\u4e48\u8fd9\u4e2a\u51fd\u6570\u662f\u53f6\u5b50\u51fd\u6570\uff0c\u4e00\u4e2a\u51fd\u6570\u5982\u679c\u8c03\u7528\u5176\u4ed6\u7684\u51fd\u6570\uff0c\u90a3\u4e48\u8fd9\u4e2a\u51fd\u6570\u662f\u975e\u53f6\u5b50\u51fd\u6570\u3002\u4e00\u822c\u6765\u8bf4\uff0c\u51fd\u6570\u90fd\u662f\u975e\u53f6\u5b50\u51fd\u6570\u3002<\/p>\n\n\n\n<h4>2\u3001\u793a\u4f8b\u4ee3\u7801<\/h4>\n\n\n\n<p>\u4f7f\u7528\u4e0d\u540c\u5e73\u53f0\u7684gcc\u8fdb\u884c\u6e90\u7801\u7f16\u8bd1\u4ee5\u4e0b\u4ee3\u7801\uff0c\u5747\u4e0d\u5f00\u542fStack-canary\u4fdd\u62a4\u3001\u6808\u6267\u884c\u4fdd\u62a4\uff08-fno-stack-protector -no-pie\uff09\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code has-palette-color-4-color has-palette-color-8-background-color has-text-color has-background\"><code>#include &lt;stdio.h&gt;\n#include &lt;stdlib.h&gt;\n#include &lt;string.h&gt;\n\nint funcB(char *A, char *B,char *C, char *D,char *E, char *F)\n{\n\tchar a&#91;4]={'1'};\n\tchar b&#91;4]={'2'};\n\tA&#91;0] = 'a';\n\tB&#91;0] = 'b';\n\tC&#91;0] = 'c';\n\tD&#91;0] = 'd';\n\tE&#91;0] = 'e';\n\tF&#91;0] = 'f';\n\treturn 0;\n}\n\nint funcA()\n{\n\tchar A&#91;4] = {'A', 'A', 'A', 'A'};\n\tchar B&#91;4] = {'B', 'B', 'B', 'B'};\n\tchar C&#91;4] = {'C', 'C', 'C', 'C'};\n\tchar D&#91;4] = {'D', 'D', 'D', 'D'};\n\tchar E&#91;4] = {'E', 'E', 'E', 'E'};\n\tchar F&#91;4] = {'F', 'F', 'F', 'F'};\n\n\tfuncB(A,B,C,D,E,F);\n\treturn 0;\n}\n\n\n\nint main(int argc, char* argv&#91;])\n{\n\tfuncA();\n\treturn 0;\n}<\/code><\/pre>\n\n\n\n<h2>\u4e8c\u3001x86\u67b6\u6784<\/h2>\n\n\n\n<h4>1\u3001\u6c47\u7f16\u4ee3\u7801<\/h4>\n\n\n\n<pre class=\"wp-block-code has-palette-color-4-color has-palette-color-8-background-color has-text-color has-background\"><code>.text:08049176 ; =============== S U B R O U T I N E =======================================\n.text:08049176\n.text:08049176 ; Attributes: bp-based frame\n.text:08049176\n.text:08049176 ; int __cdecl funcB(char *A, char *B, char *C, char *D, char *E, char *F)\n.text:08049176                 public funcB\n.text:08049176 funcB           proc near               ; CODE XREF: funcA+56\u2193p\n.text:08049176\n.text:08049176 b               = byte ptr -8\n.text:08049176 a               = byte ptr -4\n.text:08049176 A               = dword ptr  8\n.text:08049176 B               = dword ptr  0Ch\n.text:08049176 C               = dword ptr  10h\n.text:08049176 D               = dword ptr  14h\n.text:08049176 E               = dword ptr  18h\n.text:08049176 F               = dword ptr  1Ch\n.text:08049176\n.text:08049176 ; __unwind {\n.text:08049176                 endbr32\n.text:0804917A                 push    ebp\n.text:0804917B                 mov     ebp, esp\n.text:0804917D                 sub     esp, 10h\n.text:08049180                 call    __x86_get_pc_thunk_ax\n.text:08049185                 add     eax, (offset _GLOBAL_OFFSET_TABLE_ - $)\n.text:0804918A                 mov     dword ptr &#91;ebp+a], 31h ; '1'\n.text:08049191                 mov     dword ptr &#91;ebp+b], 32h ; '2'\n.text:08049198                 mov     eax, &#91;ebp+A]\n.text:0804919B                 mov     byte ptr ds:(_GLOBAL_OFFSET_TABLE_ - 804C000h)&#91;eax], 61h ; 'a'\n.text:0804919E                 mov     eax, &#91;ebp+B]\n.text:080491A1                 mov     byte ptr ds:(_GLOBAL_OFFSET_TABLE_ - 804C000h)&#91;eax], 62h ; 'b'\n.text:080491A4                 mov     eax, &#91;ebp+C]\n.text:080491A7                 mov     byte ptr ds:(_GLOBAL_OFFSET_TABLE_ - 804C000h)&#91;eax], 63h ; 'c'\n.text:080491AA                 mov     eax, &#91;ebp+D]\n.text:080491AD                 mov     byte ptr ds:(_GLOBAL_OFFSET_TABLE_ - 804C000h)&#91;eax], 64h ; 'd'\n.text:080491B0                 mov     eax, &#91;ebp+E]\n.text:080491B3                 mov     byte ptr ds:(_GLOBAL_OFFSET_TABLE_ - 804C000h)&#91;eax], 65h ; 'e'\n.text:080491B6                 mov     eax, &#91;ebp+F]\n.text:080491B9                 mov     byte ptr ds:(_GLOBAL_OFFSET_TABLE_ - 804C000h)&#91;eax], 66h ; 'f'\n.text:080491BC                 mov     eax, 0\n.text:080491C1                 leave\n.text:080491C2                 retn\n.text:080491C2 ; } \/\/ starts at 8049176\n.text:080491C2 funcB           endp\n.text:080491C2\n.text:080491C3\n.text:080491C3 ; =============== S U B R O U T I N E =======================================\n.text:080491C3\n.text:080491C3 ; Attributes: bp-based frame\n.text:080491C3\n.text:080491C3 ; int funcA()\n.text:080491C3                 public funcA\n.text:080491C3 funcA           proc near               ; CODE XREF: main+11\u2193p\n.text:080491C3\n.text:080491C3 F               = byte ptr -18h\n.text:080491C3 E               = byte ptr -14h\n.text:080491C3 D               = byte ptr -10h\n.text:080491C3 C               = byte ptr -0Ch\n.text:080491C3 B               = byte ptr -8\n.text:080491C3 A               = byte ptr -4\n.text:080491C3\n.text:080491C3 ; __unwind {\n.text:080491C3                 endbr32\n.text:080491C7                 push    ebp\n.text:080491C8                 mov     ebp, esp\n.text:080491CA                 sub     esp, 20h\n.text:080491CD                 call    __x86_get_pc_thunk_ax\n.text:080491D2                 add     eax, (offset _GLOBAL_OFFSET_TABLE_ - $)\n.text:080491D7                 mov     dword ptr &#91;ebp+A], 41414141h\n.text:080491DE                 mov     dword ptr &#91;ebp+B], 42424242h\n.text:080491E5                 mov     dword ptr &#91;ebp+C], 43434343h\n.text:080491EC                 mov     dword ptr &#91;ebp+D], 44444444h\n.text:080491F3                 mov     dword ptr &#91;ebp+E], 45454545h\n.text:080491FA                 mov     dword ptr &#91;ebp+F], 46464646h\n.text:08049201                 lea     eax, &#91;ebp+F]\n.text:08049204                 push    eax             ; F\n.text:08049205                 lea     eax, &#91;ebp+E]\n.text:08049208                 push    eax             ; E\n.text:08049209                 lea     eax, &#91;ebp+D]\n.text:0804920C                 push    eax             ; D\n.text:0804920D                 lea     eax, &#91;ebp+C]\n.text:08049210                 push    eax             ; C\n.text:08049211                 lea     eax, &#91;ebp+B]\n.text:08049214                 push    eax             ; B\n.text:08049215                 lea     eax, &#91;ebp+A]\n.text:08049218                 push    eax             ; A\n.text:08049219                 call    funcB\n.text:0804921E                 add     esp, 18h\n.text:08049221                 mov     eax, 0\n.text:08049226                 leave\n.text:08049227                 retn\n.text:08049227 ; } \/\/ starts at 80491C3\n.text:08049227 funcA           endp\n.text:08049227\n.text:08049228\n.text:08049228 ; =============== S U B R O U T I N E =======================================\n.text:08049228\n.text:08049228 ; Attributes: bp-based frame\n.text:08049228\n.text:08049228 ; int __cdecl main(int argc, const char **argv, const char **envp)\n.text:08049228                 public main\n.text:08049228 main            proc near               ; DATA XREF: _start+2A\u2191o\n.text:08049228\n.text:08049228 argc            = dword ptr  8\n.text:08049228 argv            = dword ptr  0Ch\n.text:08049228 envp            = dword ptr  10h\n.text:08049228\n.text:08049228 ; __unwind {\n.text:08049228                 endbr32\n.text:0804922C                 push    ebp\n.text:0804922D                 mov     ebp, esp\n.text:0804922F                 call    __x86_get_pc_thunk_ax\n.text:08049234                 add     eax, (offset _GLOBAL_OFFSET_TABLE_ - $)\n.text:08049239                 call    funcA\n.text:0804923E                 mov     eax, 0\n.text:08049243                 pop     ebp\n.text:08049244                 retn\n.text:08049244 ; } \/\/ starts at 8049228\n.text:08049244 main            endp\n.text:08049244\n.text:08049245\n.text:08049245 ; =============== S U B R O U T I N E =======================================<\/code><\/pre>\n\n\n\n<h4>2\u3001\u6808\u5206\u5e03<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>\u51fd\u6570\u540d<\/td><td>\u5f62\u53c2<\/td><td>\u5c40\u90e8\u53c2\u6570<\/td><td>\u7533\u8bf7\u6808\u7a7a\u95f4\u5927\u5c0f<\/td><\/tr><tr><td>main<\/td><td>3\u4e2adword\u503c=12\u5b57\u8282<\/td><td>0\u4e2a<\/td><td>0\u5b57\u8282<\/td><\/tr><tr><td>funcA<\/td><td>0\u4e2a<\/td><td>6\u4e2adword\u503c=20\u5b57\u8282<\/td><td>32\u5b57\u8282<\/td><\/tr><tr><td>funcB<\/td><td>6\u4e2adword\u503c=24\u5b57\u8282<\/td><td>2\u4e2adword\u503c=8\u5b57\u8282<\/td><td>16\u5b57\u8282<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>main-&gt;funcA-&gt;funcB\u65f6\uff0c\u5373\u6267\u884c\u52300x000011F8\uff08retn\u4e4b\u524d\uff09\uff0c\u6b64\u65f6\u6808\u5206\u5e03\u5982\u4e0b\u6240\u793a\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"475\" height=\"579\" src=\"https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-1.png\" alt=\"\" class=\"wp-image-1519\" srcset=\"https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-1.png?v=1662901066 475w, https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-1-246x300.png?v=1662901066 246w\" sizes=\"(max-width: 475px) 100vw, 475px\" \/><\/figure>\n\n\n\n<h4>3\u3001\u4f20\u53c2\u65b9\u5f0f<\/h4>\n\n\n\n<p>\u4ece\u53f3\u81f3\u5de6\uff0c\u4f9d\u6b21\u538b\u6808\uff08F->E->D->C->B->A\uff09\uff0ccall\u51fd\u6570\u540e\uff0c\u5c06\u8fd4\u56de\u5730\u5740\u538b\u6808\u3002<\/p>\n\n\n\n<h2>\u4e09\u3001arm\u67b6\u6784<\/h2>\n\n\n\n<h4>1\u3001\u6c47\u7f16\u4ee3\u7801<\/h4>\n\n\n\n<pre class=\"wp-block-code has-palette-color-4-color has-palette-color-8-background-color has-text-color has-background\"><code>.text:000083E4 ; =============== S U B R O U T I N E =======================================\n.text:000083E4\n.text:000083E4 ; Attributes: bp-based frame\n.text:000083E4\n.text:000083E4 ; int funcA()\n.text:000083E4                 EXPORT funcA\n.text:000083E4 funcA                                   ; CODE XREF: main+18\u2193p\n.text:000083E4\n.text:000083E4 var_2C          = -0x2C\n.text:000083E4 var_28          = -0x28\n.text:000083E4 F               = -0x24\n.text:000083E4 E               = -0x20\n.text:000083E4 D               = -0x1C\n.text:000083E4 C               = -0x18\n.text:000083E4 B               = -0x14\n.text:000083E4 A               = -0x10\n.text:000083E4\n.text:000083E4                 MOV             R12, SP\n.text:000083E8                 PUSH            {R11,R12,LR,PC}\n.text:000083EC                 SUB             R11, R12, #4\n.text:000083F0                 SUB             SP, SP, #0x20\n.text:000083F4                 SUB             R2, R11, #-A\n.text:000083F8                 MOV             R3, #0x4141\n.text:00008400                 ORR             R3, R3, R3,LSL#16\n.text:00008404                 STR             R3, &#91;R2]\n.text:00008408                 SUB             R2, R11, #-B\n.text:0000840C                 MOV             R3, #0x4242\n.text:00008414                 ORR             R3, R3, R3,LSL#16\n.text:00008418                 STR             R3, &#91;R2]\n.text:0000841C                 SUB             R2, R11, #-C\n.text:00008420                 MOV             R3, #0x4343\n.text:00008428                 ORR             R3, R3, R3,LSL#16\n.text:0000842C                 STR             R3, &#91;R2]\n.text:00008430                 SUB             R2, R11, #-D\n.text:00008434                 MOV             R3, #0x4444\n.text:0000843C                 ORR             R3, R3, R3,LSL#16\n.text:00008440                 STR             R3, &#91;R2]\n.text:00008444                 SUB             R2, R11, #-E\n.text:00008448                 MOV             R3, #0x4545\n.text:00008450                 ORR             R3, R3, R3,LSL#16\n.text:00008454                 STR             R3, &#91;R2]\n.text:00008458                 SUB             R2, R11, #-F\n.text:0000845C                 MOV             R3, #0x4646\n.text:00008464                 ORR             R3, R3, R3,LSL#16\n.text:00008468                 STR             R3, &#91;R2]\n.text:0000846C                 SUB             R2, R11, #-A\n.text:00008470                 SUB             R1, R11, #-B ; B\n.text:00008474                 SUB             R12, R11, #-C\n.text:00008478                 SUB             LR, R11, #-D\n.text:0000847C                 SUB             R3, R11, #-E\n.text:00008480                 STR             R3, &#91;SP,#0x2C+var_2C] ; E\n.text:00008484                 SUB             R3, R11, #-F\n.text:00008488                 STR             R3, &#91;SP,#0x2C+var_28] ; F\n.text:0000848C                 MOV             R0, R2  ; A\n.text:00008490                 MOV             R2, R12 ; C\n.text:00008494                 MOV             R3, LR  ; D\n.text:00008498                 BL              funcB\n.text:0000849C                 MOV             R3, #0\n.text:000084A0                 MOV             R0, R3\n.text:000084A4                 SUB             SP, R11, #0xC\n.text:000084A8                 LDMFD           SP, {R11,SP,PC}\n.text:000084A8 ; End of function funcA\n.text:000084A8\n.text:000084AC\n.text:000084AC ; =============== S U B R O U T I N E =======================================\n.text:000084AC\n.text:000084AC ; Attributes: bp-based frame\n.text:000084AC\n.text:000084AC ; int __cdecl funcB(unsigned __int8 *A, unsigned __int8 *B, unsigned __int8 *C, unsigned __int8 *D, unsigned __int8 *E, unsigned __int8 *F)\n.text:000084AC                 EXPORT funcB\n.text:000084AC funcB                                   ; CODE XREF: funcA+B4\u2191p\n.text:000084AC\n.text:000084AC D               = -0x24\n.text:000084AC C               = -0x20\n.text:000084AC B               = -0x1C\n.text:000084AC A               = -0x18\n.text:000084AC b               = -0x14\n.text:000084AC a               = -0x10\n.text:000084AC E               =  4\n.text:000084AC F               =  8\n.text:000084AC\n.text:000084AC                 MOV             R12, SP\n.text:000084B0                 PUSH            {R11,R12,LR,PC}\n.text:000084B4                 SUB             R11, R12, #4\n.text:000084B8                 SUB             SP, SP, #0x18\n.text:000084BC                 STR             R0, &#91;R11,#A]\n.text:000084C0                 STR             R1, &#91;R11,#B]\n.text:000084C4                 STR             R2, &#91;R11,#C]\n.text:000084C8                 STR             R3, &#91;R11,#D]\n.text:000084CC                 LDR             R2, &#91;R11,#A]\n.text:000084D0                 MOV             R3, #0x61 ; 'a'\n.text:000084D4                 STRB            R3, &#91;R2]\n.text:000084D8                 LDR             R2, &#91;R11,#B]\n.text:000084DC                 MOV             R3, #0x62 ; 'b'\n.text:000084E0                 STRB            R3, &#91;R2]\n.text:000084E4                 LDR             R2, &#91;R11,#C]\n.text:000084E8                 MOV             R3, #0x63 ; 'c'\n.text:000084EC                 STRB            R3, &#91;R2]\n.text:000084F0                 LDR             R2, &#91;R11,#D]\n.text:000084F4                 MOV             R3, #0x64 ; 'd'\n.text:000084F8                 STRB            R3, &#91;R2]\n.text:000084FC                 LDR             R2, &#91;R11,#E]\n.text:00008500                 MOV             R3, #0x65 ; 'e'\n.text:00008504                 STRB            R3, &#91;R2]\n.text:00008508                 LDR             R2, &#91;R11,#F]\n.text:0000850C                 MOV             R3, #0x66 ; 'f'\n.text:00008510                 STRB            R3, &#91;R2]\n.text:00008514                 MOV             R3, #0x31 ; '1'\n.text:00008518                 STRB            R3, &#91;R11,#a]\n.text:0000851C                 MOV             R3, #0x32 ; '2'\n.text:00008520                 STRB            R3, &#91;R11,#b]\n.text:00008524                 MOV             R3, #0\n.text:00008528                 MOV             R0, R3\n.text:0000852C                 SUB             SP, R11, #0xC\n.text:00008530                 LDMFD           SP, {R11,SP,PC}\n.text:00008530 ; End of function funcB\n.text:00008530\n.text:00008534\n.text:00008534 ; =============== S U B R O U T I N E =======================================\n.text:00008534\n.text:00008534 ; Attributes: bp-based frame\n.text:00008534\n.text:00008534 ; int __cdecl main(int argc, const char **argv, const char **envp)\n.text:00008534                 EXPORT main\n.text:00008534 main                                    ; DATA XREF: _start+20\u2191o\n.text:00008534                                         ; .text:off_83DC\u2191o\n.text:00008534\n.text:00008534 argv            = -0x14\n.text:00008534 argc            = -0x10\n.text:00008534\n.text:00008534                 MOV             R12, SP\n.text:00008538                 PUSH            {R11,R12,LR,PC}\n.text:0000853C                 SUB             R11, R12, #4\n.text:00008540                 SUB             SP, SP, #8\n.text:00008544                 STR             R0, &#91;R11,#argc]\n.text:00008548                 STR             R1, &#91;R11,#argv]\n.text:0000854C                 BL              funcA\n.text:00008550                 MOV             R3, #0\n.text:00008554                 MOV             R0, R3\n.text:00008558                 SUB             SP, R11, #0xC\n.text:0000855C                 LDMFD           SP, {R11,SP,PC}\n.text:0000855C ; End of function main\n.text:0000855C\n.text:00008560\n.text:00008560 ; =============== S U B R O U T I N E =======================================<\/code><\/pre>\n\n\n\n<h4>2\u3001\u6808\u5206\u5e03<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>\u51fd\u6570\u540d<\/td><td>\u5f62\u53c2<\/td><td>\u5c40\u90e8\u53c2\u6570<\/td><td>\u7533\u8bf7\u6808\u7a7a\u95f4\u5927\u5c0f<\/td><\/tr><tr><td>main<\/td><td>2\u4e2adword\u503c=8\u5b57\u8282<\/td><td>0\u4e2a<\/td><td>8\u5b57\u8282<\/td><\/tr><tr><td>funcA<\/td><td>0\u4e2a<\/td><td>6\u4e2adword\u503c=20\u5b57\u8282<\/td><td>32\u5b57\u8282<\/td><\/tr><tr><td>funcB<\/td><td>6\u4e2adword\u503c=24\u5b57\u8282<\/td><td>2\u4e2adword\u503c=8\u5b57\u8282<\/td><td>16\u5b57\u8282<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>main-&gt;funcA-&gt;funcB\u65f6\uff0c\u5373\u6267\u884c\u52300x000084A0\uff08\u51fd\u6570\u672b\u5c3e\u524d\uff09\uff0c\u6b64\u65f6\u6808\u5206\u5e03\u5982\u4e0b\u6240\u793a\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"553\" height=\"605\" src=\"https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-3.png\" alt=\"\" class=\"wp-image-1524\" srcset=\"https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-3.png?v=1662905330 553w, https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-3-274x300.png?v=1662905330 274w\" sizes=\"(max-width: 553px) 100vw, 553px\" \/><\/figure>\n\n\n\n<h4>3\u3001\u4f20\u53c2\u65b9\u5f0f<\/h4>\n\n\n\n<p>\u524d\u56db\u4e2a\u53c2\u6570\uff0cR0->R1->R2->R3\u5bc4\u5b58\u5668\uff1aA->B->C->D\uff0c\u5269\u4f59\u7684\u53c2\u6570\u4ece\u53f3\u81f3\u5de6\uff0c\u4f9d\u6b21\u538b\u6808\uff08F->E\uff09\uff0cBL\u51fd\u6570\u540e\uff0c\u5c06\u8fd4\u56de\u5730\u5740\u5b58\u4e8eLR\u5bc4\u5b58\u5668\u3002<\/p>\n\n\n\n<h2>\u56db\u3001mips\u67b6\u6784<\/h2>\n\n\n\n<h4>1\u3001\u6c47\u7f16\u4ee3\u7801<\/h4>\n\n\n\n<pre class=\"wp-block-code has-palette-color-4-color has-palette-color-8-background-color has-text-color has-background\"><code>.text:00400710  # =============== S U B R O U T I N E =======================================\n.text:00400710\n.text:00400710  # Attributes: bp-based frame fpd=0x10\n.text:00400710\n.text:00400710  # int __cdecl funcB(char *A, char *B, char *C, char *D, char *E, char *F)\n.text:00400710                 .globl funcB\n.text:00400710 funcB:                                   # CODE XREF: funcA+C8\u2193p\n.text:00400710                                          # DATA XREF: LOAD:004003A4\u2191o ...\n.text:00400710\n.text:00400710 a               = -8\n.text:00400710 b               = -4\n.text:00400710 var_s0          =  0\n.text:00400710 A               =  8\n.text:00400710 B               =  0xC\n.text:00400710 C               =  0x10\n.text:00400710 D               =  0x14\n.text:00400710 E               =  0x18\n.text:00400710 F               =  0x1C\n.text:00400710\n.text:00400710                 addiu   $sp, -0x18\n.text:00400714                 sw      $fp, 0x10+var_s0($sp)\n.text:00400718                 move    $fp, $sp\n.text:0040071C                 sw      $a0, 0x10+A($fp)\n.text:00400720                 sw      $a1, 0x10+B($fp)\n.text:00400724                 sw      $a2, 0x10+C($fp)\n.text:00400728                 sw      $a3, 0x10+D($fp)\n.text:0040072C                 sw      $zero, 0x10+a($fp)\n.text:00400730                 li      $v0, 0x31  # '1'\n.text:00400734                 sb      $v0, 0x10+a($fp)\n.text:00400738                 sw      $zero, 0x10+b($fp)\n.text:0040073C                 li      $v0, 0x32  # '2'\n.text:00400740                 sb      $v0, 0x10+b($fp)\n.text:00400744                 lw      $v1, 0x10+A($fp)\n.text:00400748                 li      $v0, 0x61  # 'a'\n.text:0040074C                 sb      $v0, 0($v1)\n.text:00400750                 lw      $v1, 0x10+B($fp)\n.text:00400754                 li      $v0, 0x62  # 'b'\n.text:00400758                 sb      $v0, 0($v1)\n.text:0040075C                 lw      $v1, 0x10+C($fp)\n.text:00400760                 li      $v0, 0x63  # 'c'\n.text:00400764                 sb      $v0, 0($v1)\n.text:00400768                 lw      $v1, 0x10+D($fp)\n.text:0040076C                 li      $v0, 0x64  # 'd'\n.text:00400770                 sb      $v0, 0($v1)\n.text:00400774                 lw      $v1, 0x10+E($fp)\n.text:00400778                 li      $v0, 0x65  # 'e'\n.text:0040077C                 sb      $v0, 0($v1)\n.text:00400780                 lw      $v1, 0x10+F($fp)\n.text:00400784                 li      $v0, 0x66  # 'f'\n.text:00400788                 sb      $v0, 0($v1)\n.text:0040078C                 move    $v0, $zero\n.text:00400790                 move    $sp, $fp\n.text:00400794                 lw      $fp, 0x10+var_s0($sp)\n.text:00400798                 addiu   $sp, 0x18\n.text:0040079C                 jr      $ra\n.text:004007A0                 nop\n.text:004007A0  # End of function funcB\n.text:004007A0\n.text:004007A4\n.text:004007A4  # =============== S U B R O U T I N E =======================================\n.text:004007A4\n.text:004007A4  # Attributes: bp-based frame fpd=0x38\n.text:004007A4\n.text:004007A4  # int funcA()\n.text:004007A4                 .globl funcA\n.text:004007A4 funcA:                                   # CODE XREF: main+30\u2193p\n.text:004007A4                                          # DATA XREF: LOAD:00400384\u2191o ...\n.text:004007A4\n.text:004007A4 var_28          = -0x28\n.text:004007A4 var_24          = -0x24\n.text:004007A4 var_20          = -0x20\n.text:004007A4 A               = -0x18\n.text:004007A4 B               = -0x14\n.text:004007A4 C               = -0x10\n.text:004007A4 D               = -0xC\n.text:004007A4 E               = -8\n.text:004007A4 F               = -4\n.text:004007A4 var_s0          =  0\n.text:004007A4 var_s4          =  4\n.text:004007A4\n.text:004007A4                 li      $gp, (_GLOBAL_OFFSET_TABLE_+0x7FF0 - .)\n.text:004007AC                 addu    $gp, $t9\n.text:004007B0                 addiu   $sp, -0x40\n.text:004007B4                 sw      $ra, 0x38+var_s4($sp)\n.text:004007B8                 sw      $fp, 0x38+var_s0($sp)\n.text:004007BC                 move    $fp, $sp\n.text:004007C0                 sw      $gp, 0x38+var_20($sp)\n.text:004007C4                 li      $v0, 0x400000\n.text:004007C8                 nop\n.text:004007CC                 lw      $v0, (C_0_2411 - 0x400000)($v0)\n.text:004007D0                 nop\n.text:004007D4                 sw      $v0, 0x38+A($fp)\n.text:004007D8                 li      $v0, 0x400000\n.text:004007DC                 nop\n.text:004007E0                 lw      $v0, (C_1_2412 - 0x400000)($v0)\n.text:004007E4                 nop\n.text:004007E8                 sw      $v0, 0x38+B($fp)\n.text:004007EC                 li      $v0, 0x400000\n.text:004007F0                 nop\n.text:004007F4                 lw      $v0, (C_2_2413 - 0x400000)($v0)\n.text:004007F8                 nop\n.text:004007FC                 sw      $v0, 0x38+C($fp)\n.text:00400800                 li      $v0, 0x400000\n.text:00400804                 nop\n.text:00400808                 lw      $v0, (C_3_2414 - 0x400000)($v0)\n.text:0040080C                 nop\n.text:00400810                 sw      $v0, 0x38+D($fp)\n.text:00400814                 li      $v0, 0x400000\n.text:00400818                 nop\n.text:0040081C                 lw      $v0, (C_4_2415 - 0x400000)($v0)\n.text:00400820                 nop\n.text:00400824                 sw      $v0, 0x38+E($fp)\n.text:00400828                 li      $v0, 0x400000\n.text:0040082C                 nop\n.text:00400830                 lw      $v0, (C_5_2416 - 0x400000)($v0)\n.text:00400834                 nop\n.text:00400838                 sw      $v0, 0x38+F($fp)\n.text:0040083C                 addiu   $v1, $fp, 0x38+B\n.text:00400840                 addiu   $a2, $fp, 0x38+C  # C\n.text:00400844                 addiu   $a3, $fp, 0x38+D  # D\n.text:00400848                 addiu   $v0, $fp, 0x38+E\n.text:0040084C                 sw      $v0, 0x38+var_28($sp)  # E\n.text:00400850                 addiu   $v0, $fp, 0x38+F\n.text:00400854                 sw      $v0, 0x38+var_24($sp)  # F\n.text:00400858                 addiu   $v0, $fp, 0x38+A\n.text:0040085C                 move    $a0, $v0         # A\n.text:00400860                 move    $a1, $v1         # B\n.text:00400864                 la      $t9, funcB\n.text:00400868                 nop\n.text:0040086C                 jalr    $t9 ; funcB\n.text:00400870                 nop\n.text:00400874                 lw      $gp, 0x38+var_20($fp)\n.text:00400878                 move    $v0, $zero\n.text:0040087C                 move    $sp, $fp\n.text:00400880                 lw      $ra, 0x38+var_s4($sp)\n.text:00400884                 lw      $fp, 0x38+var_s0($sp)\n.text:00400888                 addiu   $sp, 0x40\n.text:0040088C                 jr      $ra\n.text:00400890                 nop\n.text:00400890  # End of function funcA\n.text:00400890\n.text:00400894\n.text:00400894  # =============== S U B R O U T I N E =======================================\n.text:00400894\n.text:00400894  # Attributes: bp-based frame fpd=0x18\n.text:00400894\n.text:00400894  # int __cdecl main(int argc, const char **argv, const char **envp)\n.text:00400894                 .globl main\n.text:00400894 main:                                    # DATA XREF: LOAD:004003B4\u2191o\n.text:00400894                                          # __start+1C\u2191o ...\n.text:00400894\n.text:00400894 var_8           = -8\n.text:00400894 var_s0          =  0\n.text:00400894 var_s4          =  4\n.text:00400894 argc            =  8\n.text:00400894 argv            =  0xC\n.text:00400894\n.text:00400894                 li      $gp, (_GLOBAL_OFFSET_TABLE_+0x7FF0 - .)\n.text:0040089C                 addu    $gp, $t9\n.text:004008A0                 addiu   $sp, -0x20\n.text:004008A4                 sw      $ra, 0x18+var_s4($sp)\n.text:004008A8                 sw      $fp, 0x18+var_s0($sp)\n.text:004008AC                 move    $fp, $sp\n.text:004008B0                 sw      $gp, 0x18+var_8($sp)\n.text:004008B4                 sw      $a0, 0x18+argc($fp)\n.text:004008B8                 sw      $a1, 0x18+argv($fp)\n.text:004008BC                 la      $t9, funcA\n.text:004008C0                 nop\n.text:004008C4                 jalr    $t9 ; funcA\n.text:004008C8                 nop\n.text:004008CC                 lw      $gp, 0x18+var_8($fp)\n.text:004008D0                 move    $v0, $zero\n.text:004008D4                 move    $sp, $fp\n.text:004008D8                 lw      $ra, 0x18+var_s4($sp)\n.text:004008DC                 lw      $fp, 0x18+var_s0($sp)\n.text:004008E0                 addiu   $sp, 0x20\n.text:004008E4                 jr      $ra\n.text:004008E8                 nop\n.text:004008E8  # End of function main\n.text:004008E8\n.text:004008E8  # ---------------------------------------------------------------------------\n.text:004008EC                 .align 4\n.text:004008F0\n.text:004008F0  # =============== S U B R O U T I N E =======================================<\/code><\/pre>\n\n\n\n<h4>2\u3001\u6808\u5206\u5e03<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>\u51fd\u6570\u540d<\/td><td>\u5f62\u53c2<\/td><td>\u5c40\u90e8\u53c2\u6570<\/td><td>\u7533\u8bf7\u6808\u7a7a\u95f4\u5927\u5c0f<\/td><\/tr><tr><td>main<\/td><td>2\u4e2adword\u503c=8\u5b57\u8282<\/td><td>0\u4e2a<\/td><td>32\u5b57\u8282<\/td><\/tr><tr><td>funcA<\/td><td>0\u4e2a<\/td><td>6\u4e2adword\u503c=20\u5b57\u8282<\/td><td>64\u5b57\u8282<\/td><\/tr><tr><td>funcB<\/td><td>6\u4e2adword\u503c=24\u5b57\u8282<\/td><td>2\u4e2adword\u503c=8\u5b57\u8282<\/td><td>24\u5b57\u8282<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>main-&gt;funcA-&gt;funcB\u65f6\uff0c\u5373\u6267\u884c\u52300x00400798\uff08\u51fd\u6570\u672b\u5c3e\u524d\uff09\uff0c\u6b64\u65f6\u6808\u5206\u5e03\u5982\u4e0b\u6240\u793a\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"537\" height=\"659\" src=\"https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-4.png\" alt=\"\" class=\"wp-image-1527\" srcset=\"https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-4.png?v=1662908811 537w, https:\/\/www.zhiwanyuzhou.com\/wp-content\/uploads\/2022\/09\/image-4-244x300.png?v=1662908811 244w\" sizes=\"(max-width: 537px) 100vw, 537px\" \/><\/figure>\n\n\n\n<h4>3\u3001\u4f20\u53c2\u65b9\u5f0f<\/h4>\n\n\n\n<p>\u524d\u56db\u4e2a\u53c2\u6570\uff0ca0->a1->a2->a3\u5bc4\u5b58\u5668\uff1aA->B->C->D\uff0c\u5269\u4f59\u7684\u53c2\u6570\u4ece\u53f3\u81f3\u5de6\uff0c\u4f9d\u6b21\u538b\u6808\uff08F->E\uff09\uff0cjalr\u51fd\u6570\u540e\uff0c\u5c06\u8fd4\u56de\u5730\u5740\u5b58\u4e8era\u5bc4\u5b58\u5668\u3002<\/p>\n\n\n\n<h2>\u4e94\u3001\u603b\u7ed3<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>\u67b6\u6784<\/td><td>x86<\/td><td>arm<\/td><td>mips<\/td><\/tr><tr><td>\u8fd0\u884c\u5230funB\u672b\u5c3e\u524d\u6d88\u8017\u6808\u7a7a\u95f4<\/td><td>0x6C \u5b57\u8282<\/td><td>0x70 \u5b57\u8282<\/td><td>0x80 \u5b57\u8282<\/td><\/tr><tr><td>\u4f20\u53c2\u65b9\u5f0f<\/td><td>\u4ece\u5de6\u81f3\u53f3\u538b\u6808\uff0c\u5176\u6b21\u8fd4\u56de\u5730\u5740\u538b\u6808<\/td><td>\u524d4\u4e2a\u53c2\u6570\u4ece\u5de6\u81f3\u53f3\u5b58\u5165R0-R3\u5bc4\u5b58\u5668\uff0c\u5269\u4f59\u53c2\u6570\u4ece\u53f3\u81f3\u5de6\u538b\u6808\uff0c\u5176\u6b21\u8fd4\u56de\u5730\u5740\u5b58\u5165LR\u5bc4\u5b58\u5668<\/td><td>\u524d4\u4e2a\u53c2\u6570\u4ece\u5de6\u81f3\u53f3\u5b58\u5165a0-a3\u5bc4\u5b58\u5668\uff0c\u5269\u4f59\u53c2\u6570\u4ece\u53f3\u81f3\u5de6\u538b\u6808\uff0c\u5176\u6b21\u8fd4\u56de\u5730\u5740\u5b58\u5165ra\u5bc4\u5b58\u5668<\/td><\/tr><tr><td>\u6808\u64cd\u4f5c<\/td><td>\u4f7f\u7528push\u3001pop\u7684\u65b9\u5f0f<\/td><td>\u4f7f\u7528push\u3001pop\u7684\u65b9\u5f0f<\/td><td>\u5185\u5b58\u5730\u5740\u64cd\u4f5c<\/td><\/tr><tr><td>\u51fd\u6570\u8fd4\u56de\u65b9\u5f0f<\/td><td>\u8c03\u7528call\u7684\u65f6\u5019\u8fd4\u56de\u5730\u5740\u5b58\u4e8e\u6808<br>call funA<br>...<br>retn<\/td><td>\u8fd4\u56de\u5730\u5740\u5728LR<br>PUSH {R11,R12,LR,PC}<br>...<br>LDMFD SP, {R11,SP,PC}<\/td><td>\u53f6\u5b50\u51fd\u6570(funA)\u548c\u975e\u53f6\u5b50\u51fd\u6570(funB)\u5728\u5b58\u653e\u8fd4\u56de\u5730\u5740\u7684\u65f6\u5019\uff0c\u5b58\u5728\u5dee\u5f02\u3002<br>\u53f6\u5b50\u51fd\u6570\u53ea\u628a\u8fd4\u56de\u5730\u5740\u4fdd\u5b58\u5728$ra\u5bc4\u5b58\u5176\u4e2d\uff0c\u7ed3\u675f\u51fd\u6570\u8c03\u7528\u7684\u65f6\u5019\uff0c\u901a\u8fc7jr $ra\u6307\u4ee4\u8fd4\u56de\u5373\u53ef\u3002<br>\u975e\u53f6\u5b50\u51fd\u6570\u628a\u5728\u51fd\u6570\u8c03\u7528\u521d\u59cb\u628a$ra\u5bc4\u5b58\u5668\u4e2d\u7684\u8fd4\u56de\u5730\u5740\u4fdd\u5b58\u5728\u6808\u4e2d\uff0c\u7136\u540e\u7ed3\u675f\u51fd\u6570\u8c03\u7528\u7684\u65f6\u5019\u5c06\u6808\u4e2d\u4fdd\u5b58\u7684\u8fd4\u56de\u5730\u5740\u52a0\u8f7d\u5230$ra\u5bc4\u5b58\u5668\u4e2d\uff0c\u518d\u901a\u8fc7jr $ra\u6307\u4ee4\u8fd4\u56de\u3002<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2>\u516d\u3001\u53c2\u8003\u94fe\u63a5<\/h2>\n\n\n\n<p><a href=\"https:\/\/www.cnblogs.com\/L0g4n-blog\/p\/13968404.html\">https:\/\/www.cnblogs.com\/L0g4n-blog\/p\/13968404.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4e00\u3001\u51c6\u5907\u5de5\u4f5c 1\u3001\u76f8\u5173\u6982\u5ff5 \u4e00\u4e2a\u51fd\u6570\u5982\u679c\u4e0d\u518d\u8c03\u7528\u5176\u4ed6\u7684\u51fd\u6570\uff0c\u90a3\u4e48\u8fd9\u4e2a\u51fd\u6570\u662f\u53f6\u5b50\u51fd\u6570\uff0c\u4e00\u4e2a\u51fd\u6570\u5982\u679c\u8c03\u7528\u5176\u4ed6\u7684\u51fd\u6570\uff0c\u90a3\u4e48\u8fd9\u4e2a\u51fd\u6570\u662f\u975e\u53f6\u5b50\u51fd\u6570\u3002\u4e00\u822c\u6765\u8bf4\uff0c\u51fd\u6570\u90fd\u662f\u975e\u53f6\u5b50\u51fd\u6570\u3002 2\u3001\u793a\u4f8b\u4ee3\u7801 \u4f7f\u7528\u4e0d\u540c\u5e73\u53f0\u7684g\u2026<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[23],"tags":[],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[],"version":5}},"_links":{"self":[{"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/posts\/1510"}],"collection":[{"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/comments?post=1510"}],"version-history":[{"count":16,"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/posts\/1510\/revisions"}],"predecessor-version":[{"id":1531,"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/posts\/1510\/revisions\/1531"}],"wp:attachment":[{"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/media?parent=1510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/categories?post=1510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zhiwanyuzhou.com\/index.php\/wp-json\/wp\/v2\/tags?post=1510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}