Databases
StackOverflow2013
Postsdbo
POExamining code generated by the Visual Studio C++ compiler, part 1
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POExamining code generated by the Visual Studio C++ compiler, part 1
    text
    copied!<blockquote> <p><strong>Possible Duplicate:</strong><br> <a href="https://stackoverflow.com/questions/12692111/why-is-such-complex-code-emitted-for-dividing-a-signed-integer-by-a-power-of-two">Why is such complex code emitted for dividing a signed integer by a power of two?</a> </p> </blockquote> <h2>Background</h2> <p>I'm just learning x86 asm by examining the binary code generated by the compiler.</p> <p>Code compiled using the C++ compiler in <a href="http://msdn.microsoft.com/en-us/vstudio/dd582936.aspx" rel="nofollow noreferrer">Visual Studio 2010 beta 2</a>.</p> <pre><code>Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 16.00.21003.01 for 80x86 </code></pre> <h2>C code (sandbox.c)</h2> <pre><code>int mainCRTStartup() { int x=5;int y=1024; while(x) { x--; y/=2; } return x+y; } </code></pre> <h2>Compile it using the Visual Studio Command Prompt</h2> <pre><code>cl /c /O2 /Oy- /MD sandbox.c link /NODEFAULTLIB /MANIFEST:NO /SUBSYSTEM:CONSOLE sandbox.obj </code></pre> <h2>Disasm sandbox.exe in OllyDgb</h2> <p>The following starts from the entry point.</p> <pre><code>00401000 &gt;/$ B9 05000000 MOV ECX,5 00401005 |. B8 00040000 MOV EAX,400 0040100A |. 8D9B 00000000 LEA EBX,DWORD PTR DS:[EBX] 00401010 |&gt; 99 /CDQ 00401011 |. 2BC2 |SUB EAX,EDX 00401013 |. D1F8 |SAR EAX,1 00401015 |. 49 |DEC ECX 00401016 |.^75 F8 \JNZ SHORT sandbox.00401010 00401018 \. C3 RETN </code></pre> <h2>Examination</h2> <pre><code>MOV ECX, 5 int x=5; MOV EAX, 400 int y=1024; LEA ... // no idea what LEA does here. seems like ebx=ebx. elaborate please. // in fact, NOPing it does nothing to the original procedure and the values. CQD // sign extends EAX into EDX:EAX, which here: edx = 0. no idea why. SUB EAX, EDX // eax=eax-edx, here: eax=eax-0. no idea, pretty redundant. SAR EAX,1 // okay, y/= 2 DEC ECX // okay, x--, sets the zero flag when reaches 0. JNZ ... // okay, jump back to CQD if the zero flag is not set. </code></pre> <p>This part bothers me:</p> <pre><code>0040100A |. 8D9B 00000000 LEA EBX,DWORD PTR DS:[EBX] 00401010 |&gt; 99 /CDQ 00401011 |. 2BC2 |SUB EAX,EDX </code></pre> <p>You can nop it all and the values of EAX and ECX will remain the same at the end. So, what's the point of these instructions?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload