What c code would compile to something like `call *%eax`?

Question

I'm working with c and assembly and I've seen call *%eax in a few spots. I wanted to write a small c program that would compile to something like this, but I'm stuck.

I was thinking about just writing up some assembly code like in this question: x86 assembly instruction: call *Reg only using AT&T syntax in my case to get a small example with the call in it. However, that wouldn't solve my burning question of what kind of c code compiles to that?

I understand that it is a call to the address that eax is pointing to.

Answer 1

Just to add another example with local variables instead.

#include <stdio.h> 
// A normal function with an int parameter 
// and void return type 
void fun(int a) 
{ 
    printf("Value of a is %d\n", a); 
} 

int main() 
{ 
    // fun_ptr is a pointer to function fun()  
    void (*fun_ptr)(int) = &fun; 

    // Invoking fun() using fun_ptr 
    (*fun_ptr)(10); 

    return 0; 
} 

The Assembly (There are some extra lines, for this was compiled in x86 on an x64 computer. I can provide the x64 if requested by new viewers)

000011c7 <main>:
    11c7:       8d 4c 24 04             lea    0x4(%esp),%ecx
    11cb:       83 e4 f0                and    $0xfffffff0,%esp
    11ce:       ff 71 fc                pushl  -0x4(%ecx)
    11d1:       55                      push   %ebp
    11d2:       89 e5                   mov    %esp,%ebp
    11d4:       51                      push   %ecx
    11d5:       83 ec 14                sub    $0x14,%esp
    11d8:       e8 28 00 00 00          call   1205 <__x86.get_pc_thunk.ax>
    11dd:       05 23 2e 00 00          add    $0x2e23,%eax
    11e2:       8d 80 99 d1 ff ff       lea    -0x2e67(%eax),%eax
    11e8:       89 45 f4                mov    %eax,-0xc(%ebp)
    11eb:       83 ec 0c                sub    $0xc,%esp
    11ee:       6a 0a                   push   $0xa
    11f0:       8b 45 f4                mov    -0xc(%ebp),%eax
    11f3:       ff d0                   call   *%eax
    11f5:       83 c4 10                add    $0x10,%esp
    11f8:       b8 00 00 00 00          mov    $0x0,%eax
    11fd:       8b 4d fc                mov    -0x4(%ebp),%ecx
    1200:       c9                      leave  
    1201:       8d 61 fc                lea    -0x4(%ecx),%esp
    1204:       c3                      ret 

Answer 2

Documentation: http://gcc.gnu.org/onlinedocs/gcc/Local-Reg-Vars.html#Local-Reg-Vars

Try this

#include <stdio.h>

typedef void (*FuncPtr)(void);
void _Func(void){
   printf("Hello");
}

int main(int argc, char *argv[]){
   register FuncPtr func asm ("eax") = _Func;
   func();

   return 0;
}   

And its relative assembly:

    .file   "functorTest.c"
    .section .rdata,"dr"
LC0:
    .ascii "Hello\0"
    .text
.globl __Func
    .def    __Func; .scl    2;  .type   32; .endef
__Func:
    pushl   %ebp
    movl    %esp, %ebp
    subl    $24, %esp
    movl    $LC0, (%esp)
    call    _printf
    leave
    ret
    .def    ___main;    .scl    2;  .type   32; .endef
.globl _main
    .def    _main;  .scl    2;  .type   32; .endef
_main:
    pushl   %ebp
    movl    %esp, %ebp
    andl    $-16, %esp
    call    ___main
    movl    $__Func, %eax
    call    *%eax       ; see? 
    movl    $0, %eax
    movl    %ebp, %esp
    popl    %ebp
    ret
    .def    _printf;    .scl    2;  .type   32; .endef