Operating system stack frame
The stack is extended from higher to lower addresses. Each function of each call has its own independent stack frame, the stack frame to maintain a variety of information needs. Ebp register points to the bottom (upper address) of the current stack frame, esp register points to the top of the current stack frame (the address). Accessor illustration shows the typical arrangement, the stack was observed at the position where the
Operation stack: push eax; equivalent esp = esp-4, eax -> [esp]; below
Pop operations: pop eax; equivalent to [esp] -> eax, esp = esp + 4; FIG follows
Let's look at the following C program in the implementation process, stack changes
void func(int m, int n) {
int a, b;
a = m;
b = n;
}
main() {
...
func(m, n);
L: next statement
...
}
Before calling func main function, the stack case, that main stack frame:
Esp from the lower address to the upper address ebp this area, that is the main function of the current stack frame. When you call func main, the written compilation roughly:
push m
push n; two parameters onto the stack
call func; func call, fill in the return address stack, and jump to the func
When the jump to the func, take a look at the compilation of roughly look like func:
__func:
push ebp; this is very important, because now to a new function, that is to have its own stack frame, then, must be preserved at the bottom of the stack frame above the main function, the stack is not saved, because the a top stack frame will be speaking at the bottom of the stack frame func. (Two adjacent stack frame)
mov ebp, esp; on top of a stack frame, that is, the bottom of the stack frame; temporary stack now look at the situation
Here, a new stack frame begins
sub esp, 8; int a, b which declares two int, so reducing esp 8 bytes a, b, allocated space
mov dword ptr [esp+4], [ebp+12]; a=m
mov dword ptr [esp], [ebp+8]; b=n
In this way, the case of the stack becomes:
entitled 8;
Back and what this means is 8, the parameter is the number of bytes occupied, when returned, esp-8, to release the parameters m, n, Space
Thus, by EBP, it can be easily positioned to the above parameters. When returning from the function func, esp first moved to the bottom of the stack frame (i.e., the release of a local variable), and then put on the bottom of a stack frame pointer function to eject EBP, and then pop the return address to cs: the IP, esp continues to move across the parameters, so, ebp, esp returned to the state before calling the function, which is now restored original main stack frame of