Summary of Code
Explore the key patterns encountered in disassembling x64 Linux programs. Understand function prolog and epilog structures, register roles, parameter passing conventions, and how optimized code impacts debugging. Learn to identify issues in symbol files and backtraces, enabling effective analysis of compiled C code at the assembly level.
Here is a summary of the concepts we encountered in this course.
Function prolog / epilog
Let’s start with function prologs and function epilogs.
Function prolog
The function prolog is composed of these instructions:
Function epilog
The function epilog is composed of these instructions:
This code is equivalent to:
Some code may not restore %RSP if it does not change:
Knowing the prolog can help identify incorrect symbol files or function start addresses. For example, suppose we have the ...