Why do we "PUSH EBP" and "MOV EBP, ESP" in the CALLEE in Assembly?

assembly x86 x86-64 cpu-registers
16,697

Solution 1

It is establishing a new stack frame within the callee, while preserving the stack frame of the caller. A stack frame allows consistent access to passed parameters and local variables using fixed offsets relative to EBP anywhere in the function, while ESP is free to continue being modified as needed while the function is running. ESP is a moving target, so accessing parameters and variables using dynamic offsets relative to ESP can be tricky, if not impossible, depending on how the function uses the stack. Creating a stack frame is generally safer, at the cost of using a few bytes of stack space to preserve the pointer to the caller's stack frame.

Solution 2

The given answer from Remy is perfect, however here is one small addition, a thing you might also see right after

mov ebp, esp

it's very possible to see instruction such:

sub esp, 20h   ; creating space for local variables with size 20h
sub esp, CCh   ; creating space for local variables with size CCh

along side with an AND call sometimes (like and esp, 0FFFFFFF0h). This is also part of the dealing with the stack and it's done so the stack can be align and be divisible by 16. Of course all this depends on the used calling convention (cdecl, fastcall, stdcall etc.)

Share:
16,697
Artur Grigio
Author by

Artur Grigio

"A Grigio always makes the deadline!" House Grigio

Updated on July 19, 2022

Comments

  • Artur Grigio
    Artur Grigio almost 2 years

    Why do we push ebp as the first action in the Callee of an Assembly function?

    I understand that then we use mov edi, [ebp+8] to get the passed in variables, but our esp is already pointing to return address of the Caller function. We can easily access the passed in variables with mov edi, [esp+4] or if we pushed the Callee registers, then mov edi, [esp+16].

    So, why have that extra register in the cpu (the ebp) which you later have to manage in functions? i.e.

    push ebp
mov ebp, esp

...

mov esp, ebp
pop ebp

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What is the difference between "mov (%rax),%eax" and "mov %rax,%eax"?
What does the R stand for in RAX, RBX, RCX, RDX, RSI, RDI, RBP, RSP?
What are the names of the new X86_64 processors registers?
Why do x86-64 instructions on 32-bit registers zero the upper part of the full 64-bit register?
Using scanf with x86-64 GAS assembly
Simple way to print value of a register in x86 assembly
Understanding how EIP (RIP) register works?
x86 assembly: Pass parameter to a function through stack
How to compare a signed value and an unsigned value in x86 assembly
Nasm Error: invalid combination of opcode and operands