Graphics Programs Reference
In-Depth Information
0x804836f <main+24>: mov DWORD PTR [esp+8],0x3
0x8048377 <main+32>: mov DWORD PTR [esp+4],0x2
0x804837f <main+40>: mov DWORD PTR [esp],0x1
0x8048386 <main+47>: call 0x8048344 <test_function>
( gdb)
This breakpoint is right before the stack frame for the test_function() call
is created. This means the bottom of this new stack frame is at the current
value of ESP, 0xbffff7f0 . The next breakpoint is right after the procedure
prologue for test_function() , so continuing will build the stack frame. The
output below shows similar information at the second breakpoint. The local
variables ( flag and buffer ) are referenced relative to the frame pointer (EBP).
(gdb) cont
Continuing.
Breakpoint 2, test_function (a=1, b=2, c=3, d=4) at stack_example.c:5
5 flag = 31337;
(gdb) i r esp ebp eip
esp 0xbffff7c0 0xbffff7c0
ebp 0xbffff7e8 0xbffff7e8
eip 0x804834a 0x804834a <test_function+6>
(gdb) disass test_function
Dump of assembler code for function test_function:
0x08048344 <test_function+0>: push ebp
0x08048345 <test_function+1>: mov ebp,esp
0x08048347 <test_function+3>: sub esp,0x28
0x0804834a <test_function+6>: mov DWORD PTR [ebp-12],0x7a69
0x08048351 <test_function+13>: mov BYTE PTR [ebp-40],0x41
0x08048355 <test_function+17>: leave
0x08048356 <test_function+18>: ret
End of assembler dump.
(gdb) print $ebp-12
$1 = (void *) 0xbffff7dc
(gdb) print $ebp-40
$2 = (void *) 0xbffff7c0
(gdb) x/16xw $esp
0xbffff7c0: 0x00000000 0x08049548 0xbffff7d8 0x08048249
0xbffff7d0: 0xb7f9f729 0xb7fd6ff4 0xbffff808 0x080483b9
0xbffff7e0: 0xb7fd6ff4
0xbffff89c
0xbffff808
0x0804838b
0xbffff7f0:
0x00000001 0x00000002 0x00000003 0x00000004
(gdb)
The stack frame is shown on the stack at the end. The four arguments to
the function can be seen at the bottom of the stack frame (
), with the return
address found directly on top (
). Above that is the saved frame pointer of
0xbffff808 (
), which is what EBP was in the previous stack frame. The rest of
the memory is saved for the local stack variables: flag and buffer . Calculat-
ing their relative addresses to EBP show their exact locations in the stack
frame. Memory for the flag variable is shown at
and memory for the
buffer variable is shown at
. The extra space in the stack frame is just
padding.
Search WWH ::




Custom Search