在Linux上的x86-64体系结构上访问堆栈框架
[英]Accessing stack frame on x86-64 architecture on Linux
问题描述
I am trying to access the different stack frames on a Linux system with x86-64 architecture. 
我试图在具有x86-64体系结构的Linux系统上访问不同的堆栈框架。 I am able to access the Register Base Pointer (rbp) of all the frames. 我可以访问所有帧的寄存器基址指针(rbp)。 Now I want to access the arguments to each function call. 现在,我想访问每个函数调用的参数。 I checked this link which says that the first 6 arguments are being passed through registers. 我检查了该链接 ,该链接说前6个参数正在通过寄存器传递。 However, as far as I understand, I can get only the arguments of the top-most function call by reading the registers. 但是,据我了解,我只能通过读取寄存器来获取最顶层函数调用的参数。 But what about the arguments sent to the other functions (that is, the stack-frames lying below the current frame)? 但是,发送给其他函数的参数又如何(即,位于当前帧下方的堆栈帧)呢? Presumably, they must be stored at some position in the stack itself, but I could not get the location. 大概必须将它们存储在堆栈本身中的某个位置,但是我无法找到该位置。 Can anybody help explain this? 有人可以帮忙解释一下吗?
Thanks a lot. 非常感谢。
1 个解决方案
解决方案1
1 已采纳 2014-09-13 12:04:56
Take this code: 采取以下代码:
int f1(int a1, int a2, int a3) {
return f2(2 * a1, 2 * a2, 2 * a3);
}
int f2(int a1, int a2, int a3) {
return a1 + a2 + a3;
}
Now say we call f1(): we put its arguments into RDI, RSI, and RDX as per the calling convention. 现在说我们调用f1():按照调用约定将其参数放入RDI,RSI和RDX。 It then multiplies each of these registers by 2 and calls f2(). 然后,将每个寄存器乘以2并调用f2()。 Those registers are defined as caller-saved, yet there is no need to save them, since f1() will not use them again. 这些寄存器被定义为保存呼叫者,但由于f1()将不再使用它们,因此无需保存它们。 Therefore, once we are in f2() we cannot reasonably expect to have any way to get the original arguments passed to f1(). 因此,一旦进入f2(),我们就无法合理地期望有任何方法可以将原始参数传递给f1()。 They are simply not in existence, and cannot be recovered because there is no way to "undo" even a simple operation like multiply-by-2 (because it might have overflowed). 它们根本不存在,并且无法恢复,因为即使是简单的操作(例如乘以2),也无法“撤消”(因为它可能已溢出)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.