assemblyx86stack-frame
about esp stack balance
I saw a piece of code like this in asm:
.text:787924E0 testcall proc near
.text:787924E0
.text:787924E0 var_F0 = dword ptr -0F0h
.text:787924E0 var_34 = byte ptr -34h
.text:787924E0 retValue = std::basic_string<wchar_t,std::char_traits<wchar_t>,std::allocator<wchar_t> > ptr -24h
.text:787924E0 var_4 = dword ptr -4
.text:787924E0 result = dword ptr 8
.text:787924E0 agr1 = std::basic_string<char,std::char_traits<char>,std::allocator<char> > ptr 0Ch
.text:787924E0
.text:787924E0 push ebp
.text:787924E1 mov ebp, esp
.text:787924E3 sub esp, 0F4h
.text:787924E9 push ebx
.text:787924EA push esi
.text:787924EB push edi
.text:78792555 mov eax, [ebp+result]
.text:78792558 push edx
...
.text:78792567 pop eax
.text:78792568 pop edx
.text:78792569 pop edi
.text:7879256A pop esi
.text:7879256B pop ebx
.text:78792576 add esp, 0F4h
.text:78792583 mov esp, ebp
.text:78792585 pop ebp
.text:78792586 retn
I want to know the basic knowledge questions:
sub esp, 0F4h
why is 0xF4, how is it calculated ?
Solution
In old days people used ebp to point top of the old stack position. nowadays compilers can manually count and allocate enough space end then return the old stack position without ebp. also stack is top to bottom not bottom the top so when you subtract esp you allocate new space in stack.
- gdb: SSE register output format
- Ada Generics & Assembly Code generation
- What registers to save in the ARM C calling convention?
- Why is a function that only returns a stateful lambda compiled down to any assembly at all?
- What is the difference between a null terminated string and a string that is not terminated by null in x86 assembly language
- How to use execve in x86-64 assembly
- Calling convention and stack, returning value from call?
- AVR Instruction Sets and "missing" instructions by device
- How can I use gcc to compile x86 assembly code on an x64 computer
- How do I see the assembler files in CMake?
- Assembly/gdb: add behavior
- STM32 Thumb Mode Reset Vector
- Why do modern compilers prefer SSE over FPU for single floating-point operations
- Arm bootloader and kernel visualisation error
- Push all and pop all in emu8086
- Why does my conversion from LBA to CHS not work?
- Bootloader doesn't jump to stage 2 to display a message
- Why does my data section appear twice in the compiled binary? Ubuntu, x86, nasm, gdb, readelf
- Referencing the contents of a memory location. (x86 addressing modes)
- How to detect if a binary number has a 0 in Decimal
- A hand-coded branch to a bounce bed was not taken but taken with debugger attached
- Why does the VMCS ES selector have a index of 0 instead of 3?
- What is the result of this Assembly program?
- Is it "too clever" for using LEA to load constant to register?
- How to get function Argument from Stack - Assembly
- simple adder array int value in RISC-V asm
- Assembly ADC (Add with carry) to C++
- Why does Clang do this optimization trick only from Sandy Bridge onward?
- Why does a call to a pointer to member function handle virtual functions even if the class has no virtual methods?
- nasm assembly linux timer or sleep