Sign in to follow this  
Idov

Frame pointer + Program Counter

Recommended Posts

Hi!
Suppose I have a program counter, and the thread context (Esp, Ebp, Eip etc.),
Can I get the frame pointer of the frame the PC belongs to somehow (in C++)?

thanks:)

Share this post


Link to post
Share on other sites
In general, no. Omitting the frame pointer is one of the more common optimizations performed in x86 code.

Share this post


Link to post
Share on other sites
Quote:
Original post by SiCrane
In general, no. Omitting the frame pointer is one of the more common optimizations performed in x86 code.


ok, but I'm talking about a program that runs in debug mode or does have frame pointers.

Share this post


Link to post
Share on other sites
Quote:
Original post by Sneftel
Conventionally, the frame pointer is EBP.


ok, and if I want to access the SECOND frame pointer directly (I have all the data from my first post), can I do it?
It's supposed to be stored somewhere too, right?

Share this post


Link to post
Share on other sites
Often it's stored at the bottom of the stack frame, so EBP is pointing to it. But just like EBP being used as the frame pointer, that's by custom only. It doesn't matter to the calling convention, and AFAIK isn't defined by it. To the called function, even if it is going to use EBP as its frame pointer, EBP is just another register to be saved.

Share this post


Link to post
Share on other sites
Quote:
Original post by Sneftel
Often it's stored at the bottom of the stack frame, so EBP is pointing to it. But just like EBP being used as the frame pointer, that's by custom only. It doesn't matter to the calling convention, and AFAIK isn't defined by it. To the called function, even if it is going to use EBP as its frame pointer, EBP is just another register to be saved.


but the EBP points the top stack frame, doesn't it? I need the one below it...

Share this post


Link to post
Share on other sites
Quote:
Original post by Idov
Quote:
Original post by Sneftel
Often it's stored at the bottom of the stack frame, so EBP is pointing to it. But just like EBP being used as the frame pointer, that's by custom only. It doesn't matter to the calling convention, and AFAIK isn't defined by it. To the called function, even if it is going to use EBP as its frame pointer, EBP is just another register to be saved.


but the EBP points the top stack frame, doesn't it? I need the one below it...


It can point anywhere you please, it's merely a register whose purpose is to point to a stack location.

It often acts as a temporary, to save the current height of the stack. It is therefore set at the beginning of a function, and 'popped' at the end. The ESP is the current height of the stack (the position you're working at).

Share this post


Link to post
Share on other sites
Quote:

It can point anywhere you please, it's merely a register whose purpose is to point to a stack location.

It often acts as a temporary, to save the current height of the stack. It is therefore set at the beginning of a function, and 'popped' at the end. The ESP is the current height of the stack (the position you're working at).


I think we have a little misunderstanding here. :)
I can only READ the data, I really don't want to change anything there.

Share this post


Link to post
Share on other sites
Quote:
Original post by Idov
but the EBP points the top stack frame, doesn't it? I need the one below it...
Exactly. EBP is (often) saved at the base of the stack frame.

Share this post


Link to post
Share on other sites
Quote:
Original post by Sneftel
Quote:
Original post by Idov
but the EBP points the top stack frame, doesn't it? I need the one below it...
Exactly. EBP is (often) saved at the base of the stack frame.


Ok, so we know where the 2nd stack frame ends.
but how can we know where it begins? (that what its frame pointer point at, right?)

Share this post


Link to post
Share on other sites
The "base" of the stack frame is where it begins. That's what makes it the base.

Look, it's not that complicated. Under ideal conditions, each saved EBP points to the previously saved EBP. They form a linked list of stack frames.

Share this post


Link to post
Share on other sites
Quote:
Original post by Sneftel
The "base" of the stack frame is where it begins. That's what makes it the base.


wait wait wait... Oo

ok.


The Callstack
====================================
Stack Pointer
Locals of method A
frame pointer of method A
return address of method A
parameters for method A <--- This is where the EBP points at?

Locals of method B
frame pointer of method B
return address of method B
parameters for method B <--- what points here???




Share this post


Link to post
Share on other sites
No, EBP would point at the base of the frame, where the saved frame pointer is. And that frame pointer points to the next frame pointer down. Nothing points to the parameters; they're at a known location relative to the base of the frame (which EBP is pointing to).

Read this.

Share this post


Link to post
Share on other sites
Quote:
Original post by Sneftel
No, EBP would point at the base of the frame, where the saved frame pointer is. And that frame pointer points to the next frame pointer down.


so if we put it in a c++ syntax it's something like this:

void *topFramePointer = Ebp;
void *secondFramePointer = *topFramePointer;
void *thirdFramePointer = *secondFramePointer;
...


(this code wouldn't compile, but who cares :) )

?



Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this