Are there different ways to set RBP? Why does Windows x64 not point RBP at a saved-RBP right below the return address?
MSDN attach this picture to describe how use stack in x64 fastcall call convention:
My question is: Why is the frame pointer set where the arrow is shown? After all, we originally want after call:
push rbp
mov rbp, rsp
; allocate stack memory for local vars and for register and stack parameter area
; function's work
mov rsp, rbp
pop rbp
ret
We access parameter area for B function with:
mov [rbp + 10h], rcx
mov [rbp + 18h], rdx
mov [rbp + 20h], r8
mov [rbp + 28h], r9
Local var with:
mov [rbp - 8h], 1
mov [rbp - 10h],2
; etc
And access parameter area for future functions with:
; rcx rdx r8 r8 for 1-4
mov [rsp + 20h], 1 ; fifth arg, first stack arg
etc
Is that right or I mess something up?
An example on Godbolt with MSVC19.14 -O2 appears to confirm that MSVC really does put the frame pointer there, not in a fixed location relative to the return address. So it has to rely on stack-unwind metadata without the possibility of fallback to traditional frame-pointer linked-list following.
Normally (with no command-line options) MSVC doesn't use RBP as a frame pointer, not even in debug builds at least for simple functions. Only in functions that use alloca, or perhaps other reasons.
The x86-64 System V ABI (used on everything except Windows) does put RBP where you expect, in the traditional location right below the return address, if you use it as a traditional frame pointer at all. (Which gcc/clang do only without optimization, or if optimizing for code-size, or when alloca or over-aligning the stack.
Putting RBP closer to the middle of space you might want to access increases the amount of space you can reach with [rbp + disp8], which uses a sign-extended 8-bit displacement in the addressing mode. x86-64 System V has a 128-byte red-zone (below RSP), with 128 bytes chosen for that reason; access 128 bytes of local and arg space at and above RSP, and another 128 bytes below. Accessing farther away from a register needs [reg+disp32], a 4-byte offset, so 3 extra bytes per instruction that accesses stack space.
(It's rare to have many bytes of stack args, especially in Windows x64 which passes large structs by reference, not by value on the stack. So every arg takes exactly one 8-byte stack slot, making variadic functions simple.)
- How to set 1 second time delay at assembly language 8086
- What is the proper octal representation of the encoding of the operand register in intel 8086?
- gcc arm optimizes away parameters before System Call
- ARM inline asm: exit system call with value read from memory
- What's the purpose of the rotate instructions (ROL, RCL on x86)?
- Does INVLPG instruction or mprotect() affect the CPU cache state while invalidating TLB entries?
- x86 rep prefix with a count of zero: what happens?
- How to set a breakpoint on an assembly file using Xcode?
- Accumulate vector using Neon and print to stdout (assembly)
- jmp to address in inline AVR C
- Newbie on x86 asm - equivalence of mov a,[b+2] and add b,2|mov a,[b]
- Bomb lab phase 4 func4 - doubly-recursive function that calls itself with n-1 and n-2
- Binary bomb phase 4 assembly
- What kind of projects (besides the obvious OS stuff) use assembly language?
- Why does .NET use SIMD and not x87 for math operations not intrinsic to SIMD?
- _asm swap and compiler additions
- Having trouble finding error in my assembly code
- Why encode RISCV PseudoInstruction LI to four instructions instead of two?
- C++ VS2010 Compiler doesn't use 'push' for a simple function call
- assembly LINK : fatal error L1093:object file not found
- x86 addl vs subl
- adding 32 bit protected to operating system
- Should the box at the bottom be %rax instead of %rbx in Fig 6-1 of Jonathan Barlett's book?
- How does an adder perform unsigned integer subtraction?
- Compile and run assembly file using Masm and ConTEXT
- Explain how the AF flag works in an x86 instructions?
- Do any languages / compilers utilize the x86 ENTER instruction with a nonzero nesting level?
- What does the following assembly does for the following .c file
- Assembly x86 flags- overflow flag
- FASM 64 bit exception on call winmm.dll