《x86/x64体系探索及编程》中提到x64下只有一种调用约定,分别使用ecx,edx,edi,esi,r8d,r9d
浮点数使用xmm0。。。。
c代码:
#include "stdio.h"
#include "string.h"
void pp(int a,int b,int c,int d,int e,int f, int g, int h ,int i,int j)
{}
void main(){
pp(1,2,3,4,5,6,7,8,9,0);
}main函数的反汇编代码。
Dump of assembler code for function main: 0x000000000040048e <+0>: push rbp 0x000000000040048f <+1>: mov rbp,rsp 0x0000000000400492 <+4>: sub rsp,0x20 0x0000000000400496 <+8>: mov DWORD PTR [rsp+0x18],0x0 0x000000000040049e <+16>: mov DWORD PTR [rsp+0x10],0x9 0x00000000004004a6 <+24>: mov DWORD PTR [rsp+0x8],0x8 0x00000000004004ae <+32>: mov DWORD PTR [rsp],0x7 0x00000000004004b5 <+39>: mov r9d,0x6 0x00000000004004bb <+45>: mov r8d,0x5 0x00000000004004c1 <+51>: mov ecx,0x4 0x00000000004004c6 <+56>: mov edx,0x3 0x00000000004004cb <+61>: mov esi,0x2 0x00000000004004d0 <+66>: mov edi,0x1 0x00000000004004d5 <+71>: call 0x400474 <pp> 0x00000000004004da <+76>: leave 0x00000000004004db <+77>: ret
有汇编代码可知,gcc x64调用参数顺序为edi,esi,edx,ecx,r8d,r9d,edi为第一个参数esi为第二个参数,以此类推,剩下的参数使用栈来传递。
本文出自 “Backtrack-Metasploit” 博客,请务必保留此出处http://backtrackzone.blog.51cto.com/5612649/1662287
原文地址:http://backtrackzone.blog.51cto.com/5612649/1662287
