One 、 about esp And ebp Register description

ebp esp Two registers It's the address
Use address to maintain function stack frame

Two 、 For the whole process of creation and destruction

1. about _mainCRTstarup Creation of functions for

matters needing attention :
Pressing stack (push): Put an element at the top of the stack
Out of the stack (pop): Delete an element at the top of the stack
The address of stack space should be used first , Using low address

1. push Stack pressing operation take ebp Pressure into the stack
   meanwhile esp Point to , ebp The upward address becomes smaller , therefore esp Your address is getting smaller

2. mov: take esp The value of ebp
   Both point to the same location
   

3. sub ( reduce )
   take esp subtract 0E4h( octal )
   (1)
   
   (2)esp Because the address becomes smaller Up and esp And ebp The space enclosed by the two is just main Stack frame of function
   

4. push stay main Function stack top push ebx esi edi
   With pressing data esp It also points to the data namely esp Move up
   

2. about main Function creation

lea representative load effective address Load valid address
take ebp-0E4h Put it in edi in
dowrd act as 4 Bytes
from edi The position begins ecx( Deposit 39h Time ) Of dword The data is all changed to 0xCCCCCCCCh Until ebp end

(1). Why does it sometimes print out hot

0Ah representative 10
hold 0Ah Put it in ebp-8 Data in
Because it's all addresses therefore ebp-8 For in ebp Address minus 8 Bytes
If a Is not assigned Then put it as 0xCCCCCCCCh
So sometimes The print result is hot hot hot
14h Print in hexadecimal representative 20 namely ebp-20
ebp-20h representative ebp-32

ebp-20 by b Value namely 20
hold ebp-14h(ebp-20) Pass in eax in
push eax take eax Pressing stack
meanwhile esp Point to eax
2.

take ebp-8 Pass in ecx in
At the same time ecx Pressing stack
here ebp-8 Deposit is a The value is 10
esp Point to ecx
3.
Call a function
Stack the address of the next instruction
meanwhile esp Point to call The address of the next instruction

3. about Add Creation of functions for

take ebp Pressing stack esp Point to ebp Here is in the main function ebp
. take esp Assign a value to ebp,ebp And esp All point to ebp

2.
sub: take esp subtract 0CCh
Because the address is small on
push Pressing stack ebx esi edi
3.
from edi Position start Conduct ecx(33h Hexadecimal ) Time dword data All into 0CCCCCCCCh

4.
hold 0 Put it in ebp-8 Location

(2). Why is the formal parameter not in the function

(3). Function return How to put the value back

  >

1.

Out of the stack here esp The address gets bigger Move down

mov hold ebp Assign a value to esp

(4).ebp-main After leaving the stack ebp Register pointing

(5). Shape parameter a,b How to return to the operating system

return ret It's going back to call The address of the next instruction

Here with add Destruction of functions esp It also pops up from the address position of the next instruction to the next position
Original esp The address indicated plus 8 That is, the current position
will Set formal parameter a b And the operating system

hold eax Move to ebp-32(20h by 16 Base number ) in
the function z Value Passed to the main function c in

4. Overall process diagram