flat assembler
Message board for the users of flat assembler.
Index
> Main > Purpose of ebp/rbp |
Author |
|
AsmGuru62 06 Oct 2011, 18:53
It used for local variables.
'4' in this case is a size of a local variable(s) - which can be accessed with [ebp+ofs] - in our case 'ofs' = 0. To access locals ESP also can be used, but then any PUSH/POP will be affecting the 'ofs'. In that case EBP is not used and procedure looks like this: Code: PROC1: sub esp, 20h ; <-- allocate room for locals ... mov [esp+8h], ecx ; <-- store ECX into local variable ... ; ; Return from procedure ; add esp, 20h ret |
|||
06 Oct 2011, 18:53 |
|
idle 06 Oct 2011, 19:37
Code: proc One p1,p2,p3 [stack] = return point | p1 | p2 | p3 push ebp [stack] = ebp | return point | p1 | p2 | p3 mov ebp,esp ebp = stack stdcall Two,p1,p2,p3 [stack] = ebp+08 | ebp+12 | ebp+16 | ebp | return point | p1 | p2 | p3 = p1 | p2 | p3 | ebp | return point | p1 | p2 | p3 equals Code: One: [stack] = return point | p1 | p2 | p3 push dword[esp+3*4] [stack] = p3 | return point | p1 | p2 | p3 push dword[esp+3*4] [stack] = p2 | p3 | return point | p1 | p2 | p3 push dword[esp+3*4] [stack] = p1 | p2 | p3 | return point | p1 | p2 | p3 rather the style a one writes in you will understand with time |
|||
06 Oct 2011, 19:37 |
|
idle 06 Oct 2011, 19:41
AsmGuru62 wrote:
[ebp-4] |
|||
06 Oct 2011, 19:41 |
|
dancho 06 Oct 2011, 20:00
btw, if you asking yourself why is there sub at the start of the procedure,well
the stack stores various data from high memory , and esp register serves as indirect memory operand of the top stack, so when you add data the stack grows down from high to low memory, and when you remove data from the stack it shrinks from low to high, and thats why we have add instruction at the procedure end, program need to restore ( balance ) stack pointer for the same data we take it at the start... and ( as your example shows ) the ebp register ( base pointer ) is usually used as pointer to the stack memory area... |
|||
06 Oct 2011, 20:00 |
|
Goplat 06 Oct 2011, 21:22
Fred wrote: I still don't get this entirely. If every procedure starts with "push ebp/mov ebp,esp" and ends with "pop ebp", then a debugger can follow the chain of pushed EBPs to give you a stack trace. Apart from debugging, addressing local variables relative to EBP takes one fewer byte in the instruction encoding than relative to ESP, so if you have more than four such references it'll make the code smaller (unless you could do better by using EBP for other purposes). In 16-bit code you couldn't do memory access relative to SP at all, so using BP was a necessity. |
|||
06 Oct 2011, 21:22 |
|
AsmGuru62 06 Oct 2011, 21:35
In my code the lines reversed, like so: Code: PUSH EBP SUB ESP, <local size> MOV EBP,ESP That is why I used +4 and not -4. It was done because I generate locals as structures: Code: virtual at 0 loc32: .VAR1 INT32 ? .VAR2 INT32 ? .VAR3 INT32 ? end virtual ... MOV EAX, [EBP + loc32.VAR2] |
|||
06 Oct 2011, 21:35 |
|
Fred 07 Oct 2011, 13:36
AsmGuru62 wrote: It used for local variables. Hmm, yeah, changes to esp would require a different offset. I haven't ran into this myself, but I guess changes to esp might happen. Goplat wrote: If every procedure starts with "push ebp/mov ebp,esp" and ends with "pop ebp", then a debugger can follow the chain of pushed EBPs to give you a stack trace. Ah, ok. Quote: Apart from debugging, addressing local variables relative to EBP takes one fewer byte in the instruction encoding than relative to ESP, so if you have more than four such references it'll make the code smaller (unless you could do better by using EBP for other purposes). Aha, interesting. =) So... ebp is (mostly) used as an offset to local vars in function calls since esp might change? And making stack traces possible. |
|||
07 Oct 2011, 13:36 |
|
typedef 07 Oct 2011, 17:37
I've also seen codes where [esp-x] was just filled with a number like so
Code: push ebp mov ebp,esp mov dword[esp-4],100h ... |
|||
07 Oct 2011, 17:37 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.