[SOLVED] assembly ebp, esp problem

v3ct0r · 03-16-2014, 08:31 AM

Hey guys, I have a little weird quesion here about the first three lines instrunctions goes as a function starts excuting.
A tipical example in ATT assembly

Code:

pushl %ebp           ;%ebp -> -4(%esp), %esp <- %esp -4
movl %esp, %ebp      ;%ebp <- %esp, ther
movl 8(%ebp), %eax

let's assume that %ebp is 0x100 as initial, and %esp is 0x64, the first line makes %esp to 0x60, then the second line makes %ebp to 0x60, where the third line is going to get m(0x68) data to %eax, but %eax should get m(%108)...
But definitely I'm lost in a rabbit hole, where I'm a wrong at this.

v3ct0r · 03-16-2014, 08:54 AM

Damn it, I know what the point, it turns out after invoke, before the

Code:

movl %esp, %ebp

%ebp is still the frame pointer of last function, but after that, ebp becomes the current frame pointer, while the arguments is exactly on the 4n+4(%ebp).

So in general, %ebp is like a guard for memory, which cares about all local variable's address. program uses %ebp to infer arg and local var.
And %ebp is stable in a function.
All the arguments have to be in stack before invoke a function.
I'm far too 'new' to assembly, what a shame