如下,是一个利用内嵌汇编实现的两整数交换的程序。输出结果是2,1;2,1;1,2;2,1.可以看到Swap2这个函数行不通,在函数内两个变量确实交换了,但是调用后a和b没有交换,仍然是2,1。就像是传值一样,而没有传址,令我很困惑。
#include <cstdio>
void Swap1(int &_int1, int &_int2);
void Swap2(int &_int1, int &_int2);
int main() {
int a = 1, b = 2;
Swap1(a, b);
printf("%d,%d;", a, b);
Swap2(a, b);
printf("%d,%d.", a, b);
return 0;
}
void Swap1(int &_int1, int &_int2) {
unsigned c = _int1, d = _int2;
__asm {
mov ebx, [c];
xchg ebx, [d];
mov [c], ebx;
}
_int1 = c;
_int2 = d;
printf("%d,%d;", _int1, _int2);
}
void Swap2(int &_int1, int &_int2) {
__asm {
mov ebx, [_int1];
xchg ebx, [_int2];
mov [_int1], ebx;
}
printf("%d,%d;", _int1, _int2);
}
请各位朋友帮忙看看为什么会这样。
21: Swap2(a, b);
0040107B lea ecx,[ebp-8]
0040107E push ecx
0040107F lea edx,[ebp-4]
00401082 push edx
00401083 call @ILT+0(Swap2) (00401005)
00401088 add esp,8
22: printf("\n-%d,%d.", a, b);
0040108B mov eax,dword ptr [ebp-8]
0040108E push eax
0040108F mov ecx,dword ptr [ebp-4]
00401092 push ecx
00401093 push offset string "\n-%d,%d." (0042201c)
00401098 call printf (004011d0)
0040109D add esp,0Ch
根据如上代码,printf用的是本函数堆栈上的int1 int2,缺少一个写回的动作
36: void Swap2(int &_int1, int &_int2) {
00401170 push ebp
00401171 mov ebp,esp
00401173 sub esp,40h
00401176 push ebx
00401177 push esi
00401178 push edi
00401179 lea edi,[ebp-40h]
0040117C mov ecx,10h
00401181 mov eax,0CCCCCCCCh
00401186 rep stos dword ptr [edi]
37: __asm {
38: mov ebx, [_int1];
00401188 mov ebx,dword ptr [ebp+8]
39: xchg ebx, [_int2];
0040118B xchg ebx,dword ptr [ebp+0Ch]
40: mov [_int1], ebx;
0040118E mov dword ptr [ebp+8],ebx
41: }
42: printf("\n2-%d,%d;", _int1, _int2);
00401191 mov eax,dword ptr [ebp+0Ch]
00401194 mov ecx,dword ptr [eax]
00401196 push ecx
00401197 mov edx,dword ptr [ebp+8]
0040119A mov eax,dword ptr [edx]
0040119C push eax
0040119D push offset string "\n2-%d,%d;" (00422040)
004011A2 call printf (004011d0)
004011A7 add esp,0Ch
43: }
25: void Swap1(int &_int1, int &_int2) {
004010E0 push ebp
004010E1 mov ebp,esp
004010E3 sub esp,48h
004010E6 push ebx
004010E7 push esi
004010E8 push edi
004010E9 lea edi,[ebp-48h]
004010EC mov ecx,12h
004010F1 mov eax,0CCCCCCCCh
004010F6 rep stos dword ptr [edi]
26: unsigned c = _int1, d = _int2;
004010F8 mov eax,dword ptr [ebp+8]
004010FB mov ecx,dword ptr [eax]
004010FD mov dword ptr [ebp-4],ecx
00401100 mov edx,dword ptr [ebp+0Ch]
00401103 mov eax,dword ptr [edx]
00401105 mov dword ptr [ebp-8],eax
27: __asm {
28: mov ebx, [c];
00401108 mov ebx,dword ptr [ebp-4]
29: xchg ebx, [d];
0040110B xchg ebx,dword ptr [ebp-8]
30: mov [c], ebx;
0040110E mov dword ptr [ebp-4],ebx
31: }
32: _int1 = c;
00401111 mov ecx,dword ptr [ebp+8]
00401114 mov edx,dword ptr [ebp-4]
00401117 mov dword ptr [ecx],edx
33: _int2 = d;
00401119 mov eax,dword ptr [ebp+0Ch]
0040111C mov ecx,dword ptr [ebp-8]
0040111F mov dword ptr [eax],ecx
34: printf("\n1-%d,%d;", _int1, _int2);
00401121 mov edx,dword ptr [ebp+0Ch]
00401124 mov eax,dword ptr [edx]
00401126 push eax
00401127 mov ecx,dword ptr [ebp+8]
0040112A mov edx,dword ptr [ecx]
0040112C push edx
0040112D push offset string "\n1-%d,%d;" (00422034)
00401132 call printf (004011d0)
00401137 add esp,0Ch
35: }
手动写个 swap函数
然后查看反汇编,以及自动生成德汇编代码
所谓授人以鱼不如渔,VISUAL C++ 有个好用的工具叫Listing File,好多人都不用,但是和ASM打交道的同学们是必需的工具:Listing Files
通过设置 Listing Files的不同类型,可以产生一个和源代码相应的COD文件,它可以包含汇编代码,机器码和源代码。通过这些内容,可以清晰直观地看到VC编译器对源代码做了些什么改动。
以当前的ChildView.cpp为例,编译后会产生 ChildView.cod 文件,打开它,这就是你想要的:
应该这样调用:
Swap1(&a, &b);