2
In the Calling Convention of ABI, the starting prologue of a new stack makes, by default, a push EBP. So far so good, but why do mov EBP, ESP if ESP is already "pointing" to the top, which - in this case - would be the value of EBP saved in the stack after the push?
When I "do" push EBP, the ESP is not already "pointing" to EBP?
2
The question should be the opposite. Why make a push EBP if you’re not gonna touch the register EBP?
The instruction push puts the value of the register on the stack to determine when to recover the value that is there back to the register. This way you can use this register at will and change its values as much as you want without worrying, since the original value is preserved, then at a certain time (in this case in the epilogue of the function) there will be a pop EBP to restore the value from the top of the stack to the register. So do this and do not change the value of the EBP is wasting one instruction there, and possibly another when giving the pop.
He did it because soon after will change the value of EBP.
ESP is already pointing to the top
ESP is the Stack Pointer register (extended), so it points to the top of the stack. At this point the stack is at the end of the stack frame previous, the part that is reserved for the variables of the previous function. So certainly EBP and ESP are not of equal value, you have to put the new value of EBP based on the value of ESP.
EBP is the Base Pointer register (extended), so it points to the base of the stack frame current, that at the moment it enters a function, before executing the prologue, the value is the basis of the previous function.
So this operation is doing what the EBP get a fresh start.
What must be confusing you is why you didn’t see an instruction change the ESP, and in fact one does not usually do this, other instructions is that they do it as part of their operation. The most obvious are the instructions push and pop which obviously changes the value every time you put or take something out of the stack. So these instructions keep changing ESP, but the EBP is only changed manually, so they are only equal when you move the value from one to the other, right after having any instruction that moves the ESP, will no longer be.
When I "push" EBP, ESP is no longer "pointing" to EBP?
Your conclusion that stack top and base stack frame previous are the same thing is wrong.
Can help:
Browser other questions tagged assembly stack architecture-computers
You are not signed in. Login or sign up in order to post.
excellent! Mt obgd
– Silas Paixão