如何解释CPU窗口的反汇编窗格的列? [英] How do I interpret the columns of the CPU window's disassembly pane?

问题描述

有一个称为CPU窗口的工具，通过按 Ctrl + Alt + C 可以显示我的代码的反汇编.

There is a tool called the CPU window, which I get pressing Ctrl+Alt+C, that shows the disassembly of my code.

内存地址左侧的绿色箭头指示当前执行点的位置，然后是内存地址，但是第二列是什么意思，为什么编译器有时会在跳转后跳转多个地址指示?

A green arrow to the left of the memory address indicates the location of the current execution point, then there is the memory addresses, but what does the second column mean, and why does the compiler sometimes jump more than one address after an instruction?

例如:

|first column|second column|assembly|
004520F4 55             push ebp      //continuous 
004520F5 8BEC           mov ebp, esp  //jumps to F7
004520F7 6A00           push $00      //jumps to F9
004520F9 53             push ebx      //continuous
004520FA 33D2           xor edx,edx

推荐答案

让我们看一下代码:

004520F4 55             push ebp      
004520F5 8BEC           mov ebp, esp  
004520F7 6A00           push $00      
004520F9 53             push ebx      
004520FA 33D2           xor edx,edx

此处的每一行代表一条机器指令.呈现的信息如下:

Each line here represent a single machine instruction. The information presented is as follows:

• 第一列是指令开始的地址，以十六进制显示.
• 第二列是指令的机器代码，以十六进制显示.
• 第三列是反汇编为汇编语言的指令.

因此第二和第三列表示完全相同的信息.提供第三列是为了使代码更易于理解.

So the second and third columns represent the exact same information. The third column is provided to make the code more understandable.

请注意，不同的指令具有不同的长度.第一和第四条指令只有一个字节长.其他两个字节长.这就解释了为什么在两个字节指令之后，指令地址增加一个字节以上.

Note that different instructions have different lengths. The first and fourth instructions are only a single byte long. The others are two bytes long. And that explains why the instruction address increments by more than a single byte following two byte instructions.

有些指令甚至可能占用两个以上的字节，因此此类指令的增量可以为3、4，依此类推.一个很好的例子是对目标地址或偏移量进行编码的调用或跳转指令.因此，在32位计算机上的绝对跳转可能会编码为5个字节，一个用于操作码，另一个用于地址.

There are instructions that can take even more than two bytes and so you can have increments of 3, 4 and so on for such instructions. A good example would be call or jump instructions which encode the target address or offset. So, an absolute jump on a 32 bit machine might be encoded in 5 bytes, one for the opcode and four for the address.

在过去的美好时光里，甚至在我还没出生的很久以前，程序员甚至没有汇编程序，而是直接在机器指令中编写代码.那一定充满了乐趣！

Back in the good old days, long before I was even born, programmers didn't even have assemblers and wrote code directly in machine instructions. That must have been a whole load of fun!

这篇关于如何解释CPU窗口的反汇编窗格的列?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！