C 代码
int sum(int a, int b, int c, int d, int e, int f, int g, int h, int i) {
return a + b + c + d + e + f + g + h + i;
}
int main(int argc, char * argv[]) {
int c = sum(1,2,3,4,5,6,7,8,9);
printf("%d",c);
}
运行时截取的汇编代码
0x1044d0f00 <+0>: sub sp, sp, #0x30 ; =0x30
0x1044d0f04 <+4>: stp x29, x30, [sp, #0x20]
0x1044d0f08 <+8>: add x29, sp, #0x20 ; =0x20
0x1044d0f0c <+12>: orr w8, wzr, #0x1
0x1044d0f10 <+16>: orr w9, wzr, #0x2
0x1044d0f14 <+20>: orr w2, wzr, #0x3
0x1044d0f18 <+24>: orr w3, wzr, #0x4
0x1044d0f1c <+28>: mov w4, #0x5
0x1044d0f20 <+32>: orr w5, wzr, #0x6
0x1044d0f24 <+36>: orr w6, wzr, #0x7
0x1044d0f28 <+40>: orr w7, wzr, #0x8
0x1044d0f2c <+44>: mov w10, #0x9
0x1044d0f30 <+48>: stur w0, [x29, #-0x4]
0x1044d0f34 <+52>: str x1, [sp, #0x10]
-> 0x1044d0f38 <+56>: mov x0, x8
0x1044d0f3c <+60>: mov x1, x9
0x1044d0f40 <+64>: str w10, [sp]
0x1044d0f44 <+68>: bl 0x1044d0e88 ; sum at main.m:12
0x1044d0f48 <+72>: str w0, [sp, #0xc]
0x1044d0f4c <+76>: ldr w8, [sp, #0xc]
0x1044d0f50 <+80>: mov x30, x8
0x1044d0f54 <+84>: mov x11, sp
0x1044d0f58 <+88>: str x30, [x11]
0x1044d0f5c <+92>: adrp x0, 184
0x1044d0f60 <+96>: add x0, x0, #0xebf ; =0xebf
0x1044d0f64 <+100>: bl 0x10457cd14 ; symbol stub for: printf
0x1044d0f68 <+104>: mov w8, #0x0
0x1044d0f6c <+108>: str w0, [sp, #0x8]
0x1044d0f70 <+112>: mov x0, x8
0x1044d0f74 <+116>: ldp x29, x30, [sp, #0x20]
0x1044d0f78 <+120>: add sp, sp, #0x30 ; =0x30
0x1044d0f7c <+124>: ret
sp, sp, #0x30 // 栈从 0x1044d0f00 向上拉升 #0x30
通过观察,我们不难发现 sum(3, 5) 函数的参数3,5 在汇编中是通过两个寄存器传递的
orr w8, wzr, #0x3
mov w9, #0x5
然后到了sum 函数的内部,又通过sp 将数据保存到了栈
w0, [sp, #0xc]
ldr w8, [sp, #0xc]
近期评论