Question

我正在做一些X86演习;我的任务是通过《<代码>write(<>的图书馆拨打,直到我们达到《指示》为止,但我取得与我的一些同学者不同的结果。我所见到的是<代码>。 SYSENTER:

   │0xf7fdf421 <__kernel_vsyscall+1>        push   %edx                                                                                            
   │0xf7fdf422 <__kernel_vsyscall+2>        push   %ebp                                                                                            
   │0xf7fdf423 <__kernel_vsyscall+3>        mov    %esp,%ebp                                                                                       
   │0xf7fdf425 <__kernel_vsyscall+5>        sysenter

Is this what I should see? If so, why is it different from what some of my classmates saw? Also are %edx and %ebp registers saved on the stack before executing the sysenter instruction? (Would it not seem so according to the answer I got or am I wrong?)

这里,我从我的委任中的最初指示是:

法典:

.file    "A3Program2.c"
    .section    .rodata
.LC0:
    .string    "hello
"
.LC1:
    .string    "xxxx
"
    .text
.globl secondCall
    .type    secondCall, @function
secondCall:
    pushl    %ebp
    movl    %esp, %ebp
    subl    $40, %esp
    movl    $6, 8(%esp)
    movl    $.LC0, 4(%esp)
    movl    $1, (%esp)
    call    write
    movl    %eax, -12(%ebp)
    movl    $8, 8(%esp)
    movl    $.LC1, 4(%esp)
    movl    $1, (%esp)
    call    write
    addl    %eax, -12(%ebp)
    movl    12(%ebp), %eax
    movl    8(%ebp), %edx
    leal    (%edx,%eax), %eax
    addl    %eax, -12(%ebp)
    movl    -12(%ebp), %eax
    leave
    ret
    .size    secondCall, .-secondCall
.globl firstCall
    .type    firstCall, @function
firstCall:
    pushl    %ebp
    movl    %esp, %ebp
    subl    $40, %esp
    movl    $2, 4(%esp)
    movl    $4, (%esp)
    call    secondCall
    movl    %eax, -12(%ebp)
    movl    -12(%ebp), %eax
    leave
    ret
    .size    firstCall, .-firstCall
.globl main
    .type    main, @function
main:
    pushl    %ebp
    movl    %esp, %ebp
    andl    $-16, %esp
    subl    $16, %esp
    call    firstCall
    movl    %eax, 12(%esp)
    movl    $0, %eax
    leave
    ret
    .size    main, .-main
    .ident    "GCC: (Ubuntu/Linaro 4.4.4-14ubuntu5) 4.4.5"
    .section    .note.GNU-stack,"",@progbits

www.un.org/Depts/DGACM/index_spanish.htm 下面的指令是:。

Find the line number of the second call to write, “call write”, in the secondCall function. 就此规定一个起点。 Which is 22 according to me.

就此规定一个起点。

 break 22

Run the program inside the debugger.

run

The program will stop at the break point you set. Step into the code which does not have the debugging information.

si

You will see “[ No Source Available ]” in the source layout. So you need to view the disassembled instructions.

 layout asm

Repeatedly step into (si and then return/enter will execute the si command repeatedly) until you see “sysenter” appear in the asm layout section of the screen. I am trying to copy the instructions (including their addresses) from the top of the asm layout section, down to and including the sysenter instruction.

Hint: You can change the focus of the keyboard to the command area by typing Ctrl-x o. This way the arrow keys can be used to bring back earlier commands (it just saves some typing).

Answer 1

http://www.trilithium.com/johan/2005/08/linux-gate/“rel=”nofollow noretinger” 虚拟共同物体(VDSO)——其内容为 详细内容。有一些条件可能导致DVD的内容发生变化;因此,there这里没有单一的正确答案。

具体而言,在32轨×86系统上,至少有三种不同的机制可用于系统电话:

INT $0x80
SYSCALL (recent AMD CPUs)
SYSENTER (recent Intel CPUs)

请注意,只有<代码>INT 0x80在所有清单中发挥作用(编辑,纸浆厂甚至在有更现代的替代品的情况下也可提供);然而,它也进展缓慢。盒子将在boot间支持,并选择使用现有最高效机制的DVDSO版本。

因此,根据您的《万国邮联》模式,您可以在DVD中看到不同的代码,特别是如果您有“万国邮联”,你可能会看到“<海关编码><所有的道路,如果你真的老的万国邮联,你甚至会看到<条码>0x80的道路。如果你对他人进行 cur弄,本源代码如下:

INT $0x80 method
SYSCALL method
SYSENTER method - read the comments for why %ecx, %edx, and %ebp are pushed

Most likely, the other folks in your lab who got a different result had an AMD CPU and were looking at the SYSCALL path (or they had an antique PC, and were looking at the INT $0x80 path).

请注意,在64个轨道程序中,SYSCALL将直接使用,而根本不通过DVDSO。

友情链接