All geek questions in one place

How does this smoothed output correlate with the source of the function?

I have the following function in C:

uint myFunction (uint arrayLen, uint* array ) { uint i; uint j; uint sum = 0; for (i = 0; i < arrayLen/2; i++) for (j = 0; j < arrayLen; j++) if (array[i*2] == array[j]) sum += mySumFunction(arrayLen,array,6); mySortFunction(arrayLen,array); for (i = 0; i < arrayLen/2; i++) for (j = 0; j < arrayLen; j++) if (array[i*2] == array[j]) sum -= mySumFunction(arrayLen,array,7); return(sum); }

And here is the output for the function disassembly command

  Dump of assembler code for function myFunction: 0x080486a8 <myFunction+0>: push %ebp 0x080486a9 <myFunction+1>: mov %esp,%ebp 0x080486ab <myFunction+3>: sub $0x1c,%esp 0x080486ae <myFunction+6>: call 0x8048418 < mcount@plt > 0x080486b3 <myFunction+11>: movl $0x0,-0x4(%ebp) 0x080486ba <myFunction+18>: movl $0x0,-0xc(%ebp) 0x080486c1 <myFunction+25>: jmp 0x8048713 <myFunction+107> 0x080486c3 <myFunction+27>: movl $0x0,-0x8(%ebp) 0x080486ca <myFunction+34>: jmp 0x8048707 <myFunction+95> 0x080486cc <myFunction+36>: mov -0xc(%ebp),%eax 0x080486cf <myFunction+39>: shl $0x3,%eax 0x080486d2 <myFunction+42>: add 0xc(%ebp),%eax 0x080486d5 <myFunction+45>: mov (%eax),%edx 0x080486d7 <myFunction+47>: mov -0x8(%ebp),%eax 0x080486da <myFunction+50>: shl $0x2,%eax 0x080486dd <myFunction+53>: add 0xc(%ebp),%eax 0x080486e0 <myFunction+56>: mov (%eax),%eax 0x080486e2 <myFunction+58>: cmp %eax,%edx 0x080486e4 <myFunction+60>: jne 0x8048703 <myFunction+91> 0x080486e6 <myFunction+62>: movl $0x6,0x8(%esp) 0x080486ee <myFunction+70>: mov 0xc(%ebp),%eax 0x080486f1 <myFunction+73>: mov %eax,0x4(%esp) 0x080486f5 <myFunction+77>: mov 0x8(%ebp),%eax 0x080486f8 <myFunction+80>: mov %eax,(%esp) 0x080486fb <myFunction+83>: call 0x8048668 <mySumFunction> 0x08048700 <myFunction+88>: add %eax,-0x4(%ebp) 0x08048703 <myFunction+91>: addl $0x1,-0x8(%ebp) 0x08048707 <myFunction+95>: mov -0x8(%ebp),%eax 0x0804870a <myFunction+98>: cmp 0x8(%ebp),%eax 0x0804870d <myFunction+101>: jb 0x80486cc <myFunction+36> 0x0804870f <myFunction+103>: addl $0x1,-0xc(%ebp) 0x08048713 <myFunction+107>: mov 0x8(%ebp),%eax 0x08048716 <myFunction+110>: shr %eax 0x08048718 <myFunction+112>: cmp -0xc(%ebp),%eax 0x0804871b <myFunction+115>: ja 0x80486c3 <myFunction+27> 0x0804871d <myFunction+117>: mov 0xc(%ebp),%eax 0x08048720 <myFunction+120>: mov %eax,0x4(%esp) 0x08048724 <myFunction+124>: mov 0x8(%ebp),%eax 0x08048727 <myFunction+127>: mov %eax,(%esp) 0x0804872a <myFunction+130>: call 0x80485cc <mySortFunction> 0x0804872f <myFunction+135>: movl $0x0,-0xc(%ebp) 0x08048736 <myFunction+142>: jmp 0x8048788 <myFunction+224> 0x08048738 <myFunction+144>: movl $0x0,-0x8(%ebp) 0x0804873f <myFunction+151>: jmp 0x804877c <myFunction+212> 0x08048741 <myFunction+153>: mov -0xc(%ebp),%eax 0x08048744 <myFunction+156>: shl $0x3,%eax 0x08048747 <myFunction+159>: add 0xc(%ebp),%eax 0x0804874a <myFunction+162>: mov (%eax),%edx 0x0804874c <myFunction+164>: mov -0x8(%ebp),%eax 0x0804874f <myFunction+167>: shl $0x2,%eax 0x08048752 <myFunction+170>: add 0xc(%ebp),%eax 0x08048755 <myFunction+173>: mov (%eax),%eax 0x08048757 <myFunction+175>: cmp %eax,%edx 0x08048759 <myFunction+177>: jne 0x8048778 <myFunction+208> 0x0804875b <myFunction+179>: movl $0x7,0x8(%esp) 0x08048763 <myFunction+187>: mov 0xc(%ebp),%eax 0x08048766 <myFunction+190>: mov %eax,0x4(%esp) 0x0804876a <myFunction+194>: mov 0x8(%ebp),%eax 0x0804876d <myFunction+197>: mov %eax,(%esp) 0x08048770 <myFunction+200>: call 0x8048668 <mySumFunction> 0x08048775 <myFunction+205>: sub %eax,-0x4(%ebp) 0x08048778 <myFunction+208>: addl $0x1,-0x8(%ebp) 0x0804877c <myFunction+212>: mov -0x8(%ebp),%eax 0x0804877f <myFunction+215>: cmp 0x8(%ebp),%eax 0x08048782 <myFunction+218>: jb 0x8048741 <myFunction+153> 0x08048784 <myFunction+220>: addl $0x1,-0xc(%ebp) 0x08048788 <myFunction+224>: mov 0x8(%ebp),%eax 0x0804878b <myFunction+227>: shr %eax 0x0804878d <myFunction+229>: cmp -0xc(%ebp),%eax 0x08048790 <myFunction+232>: ja 0x8048738 <myFunction+144> 0x08048792 <myFunction+234>: mov -0x4(%ebp),%eax 0x08048795 <myFunction+237>: leave 0x08048796 <myFunction+238>: ret End of assembler dump.

I was wondering if anyone could help me read and translate the assembly instructions into the C code above. I specifically looked for explanations regarding the part of the separation indicated in the code (arrayLen/2) . I had the impression that he would switch to the right shift, but when I did not see that in the assembly code I was not sure what was happening.

Edit: I added the missing build code. Looks like I found an explanation for the separation part.

+4
source share
2 answers

It doesn't seem like you have an entire function, but here is a breakdown of what is here:

These three instructions set up your frame stack:

 0x080486a8 <myFunction+0>: push %ebp 0x080486a9 <myFunction+1>: mov %esp,%ebp 0x080486ab <myFunction+3>: sub $0x1c,%esp

I'm not sure what this is for:

 0x080486ae <myFunction+6>: call 0x8048418 < mcount@plt >

This is me and the amount initialized to 0 (stored on the stack):

 0x080486b3 <myFunction+11>: movl $0x0,-0x4(%ebp) 0x080486ba <myFunction+18>: movl $0x0,-0xc(%ebp)

This is the beginning of the outer cycle. As a rule, the loop in the assembly begins with a jump to the end. The end in this case is beyond the end of your build list.

 0x080486c1 <myFunction+25>: jmp 0x8048713 <myFunction+107>

This j is initialized to 0. This is done here because it must be reset every time an out for loop is executed.

 0x080486c3 <myFunction+27>: movl $0x0,-0x8(%ebp)

This is the beginning of the inner cycle.

 0x080486ca <myFunction+34>: jmp 0x8048707 <myFunction+95>

This array indexes me * 2, doing the arithmetic of the pointer to the address of the array. First he puts me in eax, then the left one shifts it 3 (multiplying it by 8). This optimization * 2, as well as taking into account the size of the array elements (4). Finally, he adds this to the array address, storing the result in eax.

 0x080486cc <myFunction+36>: mov -0xc(%ebp),%eax 0x080486cf <myFunction+39>: shl $0x3,%eax 0x080486d2 <myFunction+42>: add 0xc(%ebp),%eax

This is the value pointed to by the address calculated above and stores it in edx. In this assembly dialect, x (y) means * (y + x)

 0x080486d5 <myFunction+45>: mov (%eax),%edx

This computes the array [j] in a similar way, storing the result in eax this time:

 0x080486d7 <myFunction+47>: mov -0x8(%ebp),%eax 0x080486da <myFunction+50>: shl $0x2,%eax 0x080486dd <myFunction+53>: add 0xc(%ebp),%eax 0x080486e0 <myFunction+56>: mov (%eax),%eax

This checks the two calculations above to make sure they are equal:

 0x080486e2 <myFunction+58>: cmp %eax,%edx

If the test fails (if they are not equal), skip inside the if. (This jumps to the end of your list) jne means "jump if not equal"

 0x080486e4 <myFunction+60>: jne 0x8048703 <myFunction+91>

These instructions load the arguments to mySumFunction in the correct places:

 0x080486e6 <myFunction+62>: movl $0x6,0x8(%esp) 0x080486ee <myFunction+70>: mov 0xc(%ebp),%eax 0x080486f1 <myFunction+73>: mov %eax,0x4(%esp)

If listing is disabled here, but hopefully this will give you a good general idea.

+7
source

This is just the beginning.

the first lines declare vars and the loop condition.

This part

 0x080486cc <myFunction+36>: mov -0xc(%ebp),%eax 0x080486cf <myFunction+39>: shl $0x3,%eax 0x080486d2 <myFunction+42>: add 0xc(%ebp),%eax 0x080486d5 <myFunction+45>: mov (%eax),%edx 0x080486d7 <myFunction+47>: mov -0x8(%ebp),%eax 0x080486da <myFunction+50>: shl $0x2,%eax 0x080486dd <myFunction+53>: add 0xc(%ebp),%eax 0x080486e0 <myFunction+56>: mov (%eax),%eax 0x080486e2 <myFunction+58>: cmp %eax,%edx 0x080486e4 <myFunction+60>: jne 0x8048703 <myFunction+91>

similar to if (%ebp[0xc[2*%ebp[-0xc]]]!=%ebp[0xc[%ebp[8]]]) goto myFunction+91; I assume this is if (array[i*2] == array[j])

+2
source

Source: https://habr.com/ru/post/1391759/

More articles:


All Articles