当OD停在入口点,程序一行代码都尚未执行,此时寄存器中的值是如何确定的?eip指向当前地址,esp指向堆栈,那么eax,ebx,ecx中的值是如何来的?
黄舟2017-04-17 11:25:28
As far as x86 is concerned, there are not many general-purpose registers that can be controlled by the user program. The most important ones are eip and esp, which correspond to the first instruction of the user program and the stack address of the user program respectively. These two The os of the register will be set according to the format of the elf file when loading the user program. When the user program is running, the use of other general-purpose registers such as eax, ebx, ecx, and edx is managed by the compiler. Before the user program uses a register, the compiler will also load the required value into in the register. Segment registers such as cs, ds, es, and fs are also set by the operating system. As for the registers like cr3 that control the virtual memory to physical memory mapping table, they are also set by the OS and the user program does not have the authority to change them.
天蓬老师2017-04-17 11:25:28
eax, ebx, ecx are general-purpose registers, and will have a default value (should be 0) when the CPU starts.
阿神2017-04-17 11:25:28
The way the operating system runs a program (for example, compiled in C language) is: first create a new process, then run the program loader, set up the stack and copy the program from disk to memory, and then finally It transfers control to the main() function (actually main() is not the first function called in the program, but I say this here for simplicity), and then the program runs happily. After executing so much code before, I have to manipulate the registers...
PHPz2017-04-17 11:25:28
How hard does the OS work to load and execute a program? The OS needs to create page tables, read files, cut LDTs, and set registers. Otherwise, you won’t be able to see hello world. Did you create it?
CPU, who has done all the hard work in the background, is crying silently...