Question: Related to C++ and Assembly, what is ebp+8?


Related to C++ and Assembly, what is ebp+8?

Answers 1
Added at 2017-01-03 21:01

I have the following C++ code:

#include <tuple>
std::tuple<int, bool> foo()
    return std::make_tuple(128, true);
int main()
    auto result = foo();

The following is the disassembled version of the foo() function:

push    ebp
mov     ebp, esp
sub     esp, 24
mov     BYTE PTR [ebp-13], 1  // second argument
mov     DWORD PTR [ebp-12], 128 // first argument
mov     eax, DWORD PTR [ebp+8] // what is this? why we need this here?
sub     esp, 4
lea     edx, [ebp-13]   
push    edx                   // second
lea     edx, [ebp-12]
push    edx                   // first
push    eax                  // same as "ebp+8", what is this?
call    std::tuple<std::__decay_and_strip<int>::__type, std::__decay_and_strip<bool>::__type> std::make_tuple<int, bool>(int&&, bool&&)
add     esp, 12
mov     eax, DWORD PTR [ebp+8]
ret     4

As I know ebp+X is for access function arguments, but there is nothing like this for foo, so why does the compiler use it? It seems like it's the first parameter for std::make_tuple().


I'm not using optimization, I just want to learn RE.

Part of main in Assembly:

lea     eax, [ebp-16]  // loaction of local variable
sub     esp, 12
push    eax           // as hidden argument for foo
call    foo()
add     esp, 12
Answers to

Related to C++ and Assembly, what is ebp+8?

nr: #1 dodano: 2017-01-03 21:01

The calling convention specifies that non-trivial objects are returned through a hidden pointer passed as argument. That's what you are seeing. Technically, your code is implemented like this:

std::tuple<int, bool>* foo(std::tuple<int, bool>* result)
    *result = std::make_tuple(128, true);
    return result;
int main()
    std::tuple<int, bool> result;
Source Show
◀ Wstecz