{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 【Aperson】 的问题《Why do I have PUSH ecx?》','https://www.manongdao.com/q-1359374.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Could somebody please tell me what is the purpose of the two push ecx instructions below? I can't understand what they are supposed to be doing?
I realise the push epb is saving the stack base pointer and then mov epb, esp is assigning the stack pointer to the previous stack base pointer.
int main(){
01301190 push ebp
01301191 mov ebp,esp
01301193 push ecx ;here??
01301194 mov dword ptr [h],0CCCCCCCCh
int h = my_func(1,3);
int my_func(int a, int b){
01301160 push ebp
01301161 mov ebp,esp
01301163 push ecx ;here??
01301164 mov dword ptr [m],0CCCCCCCCh
int m = 0;
0130116B mov dword ptr [m],0
m = a*b;
01301172 mov eax,dword ptr [a]
01301175 imul eax,dword ptr [b]
01301179 mov dword ptr [m],eax
return m;
0130117C mov eax,dword ptr [m]
}
0130117F mov esp,ebp
}
01301181 pop ebp
01301182 ret
The
push ecxallocates 4 bytes on the stack for the local variable (mandh). The actual content ofecxdoes not matter - the allocated slot is immediately overwritten by0CCCCCCCCh(this magic value is used by Visual C++ in debug builds to mark uninitialized variables).Visual C++ often uses
push ecxandpop ecxas alternatives tosub esp, 4andadd esp, 4. Why? There are several reasons:push ecxandpop ecxare single-byte instructions, whileaddandsubare three byte each. The difference may not be huge, but all the saved bytes in all functions may add up to something substantial.ecxis considered to be spoiled by a function call, so it's safe to trash it withpop ecxafter function calls. So you often see code like:For
push, there's no real reason to useecxspecifically - any of the basic registers would do. I guess it was just picked for symmetry, or to not be confused with real saving of a non-volatile register likeesioredi.It would be extremely instructive to see the definitions of
a,b, andmin the assembly code above. I'm guessing they areebp+8,ebp+12, andebp-4. If that is true, the compiler is not generating any special code for the debugger, it is just generating the code in the most straight-forward method. The location created on the stack by pushingecxis the memory location created for the local variablem.I assume you have optimizations turned off.
The compiler pushes ECX before calling the function. It does this because ECX is a volatile register and it wants to ensure its contents are restored when the function call is returned.
Inside the function it pushes ECX so that the debugger can easily read the arguments passed in to the function.
Disassembly of optimized code is usually easier to understand.
In debug mode, there may be a loop to fill local memory for variables with some special pattern, like 0CCCCCCCCh, and this loop normally uses ecx. In these cases, the loop isn't there. Looking at the code, the model is passing all arguments on the stack (as opposed to using ecx, edx for two of the parameters), so there's no real reason to be saving ecx. So the push ecx is just left over junk from the compiler, since it never uses ecx or "restores" ecx with a pop.