问题
I have a few questions about ebp, esp and stack frame in following code.
Why did we substract 28 from esp ? We have two local variables x and y in main. So why didn't we substract 8?
And don't we put values to stack from right to left? So why did we add 1 to [eax+8] instead of [eax+4] ?
I am a little bit confuse about this structure. Can you help me out? Thx.
func(int a, int b, int c) { return a+b+c; } main() { int x, y=3; x=func(y,2,1); }
回答1:
The stack pointer is subtracted by 28 because you need 8 bytes for your two local variables and 12 bytes for the parameters to func. The extra 8 bytes are likely due to your compiler's attempt to align main's stack to a 16-byte boundary (there's already 4 bytes on the stack for main's return address and another 4 bytes when EBP was pushed to establish the stack frame in main's first instruction). See -mpreferred-stack-boundary if you're using GCC.
The parameters are being passed right-to-left. Since the stack space was already allocated for the three parameters when it was subtracted from the stack pointer, 1 is moved into the "highest" position relative to the current stack pointer (+8), 2 is moved into the middle (+4), and the value in y is moved into the stack pointer itself. This is the same as pushing 1 on the stack, pushing 2 on the stack, and then pushing y on the stack. By the last push instruction, 1 is +8 from ESP, 2 is +4 from ESP, and y is +0 from ESP. Note that inside of func, it has to add 8 to these offsets because the return address is pushed on the stack from the call instruction and func pushes EBP to establish a stack frame.
Confused about which structure?
来源:https://stackoverflow.com/questions/14185381/ebp-esp-and-stack-frame-in-assembly-with-nasm