stack figuration

Question

there is stack figuration which is

Parameter #N
...
...
Parameter 2   
Parameter 1
Return Address
Old %ebp  
Local Variable 1   
Local Variable 2


I have no idea what `"Old %ebp"` for.

if %ebp is used for accessing return address and parameters, then why don't %ebp point just

return address rather than "Old %ebp"?

is it for future uses?

my question are

Q1. what is "Old %ebp" for and what is it?
Q2. why %ebp point Old %ebp not just return address?

paxdiablo · Accepted Answer · 2011-03-21T04:19:35.053

The ebp register (base pointer) is often used in handling stack frames (different "levels" of the stack). While the stack pointer can change based on what you push and pop, the base pointer stays the same while you're at the same stack level.

That way, you can get at all the local variables on one side of ebp (e.g., mov ax,[ebp-8]) and all the passed parameters on the other side (e.g., mov ax,[ebp+12]), along with any other locations that are relative to ebp, such as the return code in some cases.

The reason you have the previous contents of the base pointer pushed on the stack is so that it is easy to recover the value when you move up to the previous stack frame. You just pop that value into ebp and it's restored, meaning you can access locals and passed parameters for the next level up.

This article provides a graphical overview of how it can work, something I usually find invaluable:

    +------------------+
+-> |   prev-prev EBP  |
|   +------------------+
|   | function param 2 |
|   +------------------+
|   | function param 1 |
|   +------------------+
|   |  return address  |
|   +------------------+
+---|   previous EBP   | <-- current EBP
    +------------------+
    |   local var 1    |
    +------------------+

The way it works is that you push the parameters for the function, then you simply call that function. The prolog code at the start of the function is something like:

push ebp           ; save old base pointer.
mov  ebp, esp      ; set new copy.
sub  esp, 16h      ; allocate space for local variables.

which saves the old ebp and sets up a new one, pointing to the variables pushed by the calling code. The subtraction from the stack pointer is to allocate space for locals.

As stated, this means passed parameters can be gotten at with [ebp+N] and locals with [ebp-N].

The epilog code is the reverse operation:

add  esp, 16h      ; forget about locals.
pop  ebp           ; restore previous value
ret                ; return to calling code.

after which ebp is now set to its previous value.

score 0 · Answer 2 · answered Mar 20 '11 at 02:28

%ebp is base pointer, all the parameters and local variables are accessed as offset from base pointer. Current ebp will be pointing to stack having old %ebp

eg Local Variable 1 is stored at %ebp-4, parameter 1 is stored at %ebp+8.

"Old %ebp" is base pointer of caller function, when calle returns base pointer old caller to restored.

To answer you second question it can do that but this been the convention. Part of the which does this is.

   push %ebp ; save old ebp to stack, this will become old ebp
   mov  %esp, %ebp  ; moving current base pointer to epp

PS: I mostly use nasm syntax so might be

stack figuration

2 Answers2

Linked