What are the ESP and the EBP registers?

[亡魂溺海] 提交于 2019-11-27 12:46:42

问题


I found that the ESP register is the current stack pointer and EBP is the base pointer for the current stack frame. However, I don't understand these definitions (I am just starting to learn how to code in assembler).

What I understand is that ESP points towards the stack itself and EBP points towards whatever is on top of the stack1. But these are just my guesses and they are most likely incorrect. Otherwise, what would a statement like the following mean?

MOV EBP, ESP    

Footnote 1: Editor's note: Yes, that's incorrect. In standard terminology, the "top of the stack" is where ESP points, even though it's the lowest address in the stack frame. By analogy to a stack data structure that grows upward, even though the callstack on x86 (like most ISAs) grows downward.


回答1:


esp is the stack pointer, ebp is/was for a stack frame so that when you entered a function ebp could get a copy of esp at that point, everything on the stack before that happens, return address, passed in parameters, etc and things that are global for that function (local variables) will now be a static distance away from the stack frame pointer for the duration of the function. esp is now free to wander about as the compiler desires and can be used when nesting to other functions (each needs to preserve the ebp naturally).

it is a lazy way to manage the stack. makes compiler debugging a lot easier, makes understanding the code generated by the compiler easier, but burns a register that might have been otherwise general purpose.




回答2:


Normally EBP is used to backup ESP, so if ESP is changed by the code in a function, all it takes to restore ESP is mov ESP, EBP. Also since EBP is normally left unchanged by the code in a function, it can be used to access passed parameters or local variables without having to adjust the offsets.

For "stack frame" usage, EBP is pushed onto the stack at the start of any function, so the value of EBP pushed onto the stack is the value of EBP from the function that called the current function. This makes it possible for code or for a debugger to "back trace" through all the instances where EBP was pushed on to the stack, and each instance of an EBP value on the stack could be considered to be the base pointer of a stack frame.

Note that some compilers have an "omit frame pointers" option, in which case EBP is not used to save ESP or as a stack frame pointer. Instead, the compiler keeps track of ESP, and all local offsets are offsets from the current value of ESP.




回答3:


EBP and ESP are remnants of the era, where compilers didn't e.g. have static analysis to detect how many bytes of a stack is needed in a function call. Also the stack was supposed to dynamically grow and shrink during the execution of a function, interrupts would have allowed to trash all the stack from 0 to SP, and spaghetti code was the de facto standard. Actually interrupts (and passing parameters through registers alone) were the designed method to call kernel functions.

In these surroundings one needs to have a fixed point of the stack, where the return address to the caller, local variables and the arguments of a function is always found. Thus the bp register was justified. In this architecture bp was allowed to be indexed ([bp - 300h]), but sp wasn't. Those opcodes/instruction encodings which could have been interpreted as mov ax, [sp + 1111h] were reused for other purposes.

In 386+ and via the introduction of the 'E', ESP gained the property of offset. At this time EBP was freed from the sole purpose, as esp was able to handle both tasks.

Note, that even now EBP points to memory through the stack segment (SS), just like ESP. Other addressing modes (without ESP/EBP as the base) default to the DS segment. (absolute, DI, SI, and/or BX in 16-bit mode, and in 32-bit addressing modes any register can be a base in an addressing mode).



来源:https://stackoverflow.com/questions/21718397/what-are-the-esp-and-the-ebp-registers

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!