| |
| |
| |
|
<BobtheAvenger> hey
<xprment626> this is a very stupid question, but I'm new to asm and I'm trying to clarify something. All right, EBP is the address of the base of the stack (the very last part of the stack?) and ESP is the address of the top of the stack (the first to get removed item) ... now what exactly does push ebp ... mov ebp, esp do?
<BobtheAvenger> push ebp allows you to use ebp to access items in the stack, ie epb+8 would be one of your arguments when you call a function
<wobster> xprment626, it's a bit more complicated =)
<BobtheAvenger> i'm lazy and i'm trying not to fail english
<wobster> esp and ebp span a so called stackframe. when you enter a function a new frame is spanned
<BobtheAvenger> so my answers arent gonna be accurate
<wobster> bob.go away!
<BobtheAvenger> wobster.do my_coursework
<wobster> xprment626, problem is, you only have one esp and one ebp. so when you enter a function at least the old base (ebp) has to be saved. and the stack is the place for it.
<wobster> the frame is as big as the number of local variables, the old ebp and the return address of the function. below that frame are the arguments that have been p***ed to that function
<xprment626> wobster, so push some register/address just puts that parameter on the stack ? stack does not have an ***ociated register, so to speak?
<wobster> all that is only valid with the C calling convention
<wobster> the stack is within the main-mem
<wobster> a reserved area that grows towards the lower addresses
<wobster> and normally towards the heap
<BobtheAvenger> isnt that compiler dependant?
<wobster> no. it's dependend on the calling convention and the OS
<BobtheAvenger> ok
<xprment626> so when you cann push ebp, the cpu takes whatever the value (in our case a pointer) and puts it in the stack ... in our case then, esp is put in the ebp register ... so does that just make the old top the new bottom?
<xprment626> ( i guess that makes sense hence the names )
<wobster> esp and ebp are just holding addresses. a push is essentially just a esp - "size of value"
<wobster> the OS gives is an initial value and then you may luckly grow =)
<wobster> it
<wobster> yep. the new frame is "empty" in the beginning
<wobster> esp = ebp
<BobtheAvenger> and if there is no OS :D
<wobster> if you pop ebp, then you "switch" back into the old frame .. or you re-span it ..
<wobster> bob, then .. *drumroll* you are the cool guy who says what's up ;)
<BobtheAvenger> lol
<xprment626> lol
<xprment626> pop ebp is essentially: ebp = mystack.pop(); ?
<wobster> err .. down :)
<BobtheAvenger> or MOV ESP, 0xsomeAddress
<wobster> pop is just .. esp + "size of value"
<wobster> and ***ignment of course
<wobster> pop ebp just gives ebp the old value back. that is, the "bottom" of the previous frame
<xprment626> oh, so pop changed the current "top" pointer then you would have to look at that address and determine what is in the pointed to memory?
<wobster> the compiler has to correct esp, though. since the computer has no idea of parameters and such
<wobster> pop doesnt change anything
<wobster> in memory
<xprment626> wobster, it changes the esp register though? esp + "size of value" ... what is "size of value" ... which value?
<wobster> the compiler determines that
<xprment626> which value though?
<BobtheAvenger> the value that is pushed or poped usually
<libero> usually??
<BobtheAvenger> every rule has its exceptions
<wobster> xprment626, depends what you put onto the stack. on 32bit x86 it's a good idea to have 32bit values pushed
<libero> :D
<xprment626> what is a good resource for me to look over to get a good intro to x86 ***embly? I've been looking for so long but they are all old or bad
<wobster> see the topic and google for "art of ***embly". and check out the intel instruction set manuals for push/pop
<BobtheAvenger> you dont need a tutorial, just alot of spare computers
<wobster> and google "c calling convention"
<xprment626> wobster, doesn't art of ***embly teach you HLA?
<wobster> who cares. it gets you the basics
<BobtheAvenger> yep
<BobtheAvenger> infact "who cares."
<BobtheAvenger> the tutorial i had died of the server
<xprment626> would it be useful enough to read "Intel Architecture Software Developer?s Manual"?
<wobster> no. not yet
<xprment626> too advanced?
<wobster> c calling convention and a decent ***embly tutorial is what you might read first
<xprment626> ***umes a lot?
<wobster> well. no. but it doesn't help you with whyt you asked for
<wobster> a
<xprment626> I'm trying to learn ***embly ... I was just taking the reverse engineer and ask questions on the way approach
<wobster> first comes the reading. read, read, read, then ask :)
<BobtheAvenger> and if your still not sure: code
<xprment626> so, the verdict is read art of asm first? then manual?
<BobtheAvenger> art of asm, then C calling convensions
<wobster> well. I personally think that art of asm is a waste of time :P .. too much bloat. but with x86 asm you cannot do much wrong. just get any tutorial. see the topic of this channel fir example
<wobster> xprment626, a nice exercise is to make some C <-> asm interaction. that's fun and useful
<BobtheAvenger> like a graphics lib
<wobster> *eeek*
<xprment626> wobster, you mean inline c?
<wobster> like a function call bob ;)
<xprment626> inline asm, rather
<BobtheAvenger> yer...that too.... :D
<BobtheAvenger> no, jus asm functions that can be called in C programs
<wobster> whether that or have separeted files you link together. that's simplier. especially if you pkan to use gcc ;)
<xprment626> oh ok
<wobster> or reverse ;)
<BobtheAvenger> or graphics lib
<wobster> or some function that removes bob ;))
<xprment626> bob, once I learned enough ... i'm porting a windows driver to linux ... not a graphics lib yet, but close enough
<BobtheAvenger> even better, a function that removes my english coursework
<BobtheAvenger> [ebp + 4*argnumber+4]
<BobtheAvenger> in 32bit code
<BobtheAvenger> hello?
<BobtheAvenger> is it jus the args pushed at the beginning of a function, or the callee-save regs to?
<wobster> bob, the args are pushed before you enter the function. caller-save ..
<BobtheAvenger> my brain really isnt upto filling in the blanks adm
<BobtheAvenger> in theory i know the answer
<BobtheAvenger> but course work is turning brain to mush
<wobster> leave irc then, concentrate on your work dude =)
<BobtheAvenger> i've given up
<wobster> wrong answer ;)
<BobtheAvenger> i dont a free tomoro, i'll work on it then
<BobtheAvenger> my english teacher wont care if i never do it
<BobtheAvenger> cos i will fail anywway
<BobtheAvenger> and then i dont have to go next year
<BobtheAvenger> cos i will quit school
<wobster> are you drunk?
<BobtheAvenger> no
<BobtheAvenger> i havent slept in ages
<BobtheAvenger> hmm
<BobtheAvenger> only 6 months till i never have to go to school ever again
<libero> BobtheAvenger, where do you live? i.e. town
<wobster> bob. what means "quit"? finish-quite or quit-quit?
<wobster> -e
<BobtheAvenger> london
<BobtheAvenger> erm i'm not sure its a mixture, there is an oppertunity to end school at the end of this school year
<wobster> so I do't have to worry then. fine :]
<BobtheAvenger> dont have to worry about what?
<wobster> about you ruin your life, hanging out in irc forever and such
<BobtheAvenger> i doubt i could afford to stay on irc forever
<wobster> a good conclusion
<BobtheAvenger> theres not point staying at school, i got shouted at by a teacher for getting on with the work i'd been set
Return to asm
or
Go to some related
logs:
football
politics
"if I win 40 millions
|
|