什么是我的堆栈程序的第一个变量? [英] What is the first variables of my stack program?

问题描述

我已经开始组装.

我不明白为什么我在argc之前有两个变量.

I don't understand why I have two variables before argc.

什么是0000和0008?

What is the 0000 and the 0008 ?

global _main

section .text
_main:
    ; write
    mov rax, 0x2000004
    mov rdi, 0x1
    mov rsi, [rsp+24]
    mov rdx, 3
    syscall

    ; return (0)
    mov rax, 0x2000001
    mov rdi, 0x0
    syscall

我在macOSX Mojave上，并使用以下命令进行编译:

I'm on macOSX Mojave and I compile with:

nasm -f macho64 ex01.s && ld -macosx_version_min 10.14 -lSystem ex01.o

推荐答案

您的目标是现代MacOS，因此 ld 将发出dyld辅助的 LC_MAIN 加载命令作为入口点处理. [rsp] 是libdyld _start 函数结尾的返回地址:

You're targetting modern MacOS, hence ld will emit dyld assisted LC_MAIN load command for entry point handling. The [rsp] is the return address to libdyld _start function epilogue:

mov        edi, eax ; pass your process return code as 1st argument under System V 64bit ABI
call       exit ;from libSystem
hlt

这意味着您不需要像在以下情况中那样通过系统调用退出过程:

What it means you don't need to exit your process through a system call like you do in:

; return (0)
mov rax, 0x2000001
mov rdi, 0x0
syscall

相反:

xor eax,eax
ret

就足够了(这就是编译器将发出btw的内容).

is enough (and that's what compilers will emit btw).

您的缓冲区也将通过 ret / libdyld 方法刷新.这与您正在执行的系统写调用无关，但是例如可以用于 printf .

Your buffer will also get flushed in the ret / libdyld approach. That's irrelevant for your system write call you are doing, but could be for a printf for instance.

这是一个很棒的文章描述了很多细节.

Here's a great article that describes lots of details.

这篇关于什么是我的堆栈程序的第一个变量?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！