Assembly : function prologue & epilogue // Said Eddak

When using high level programming language, calling a function is straightforward : we just call it and pass it the needed arguments. For example in C :

void greet(int number) {
  printf("Hello, your number is %d\n", number);
}

int main() {
  greet(5);
  return 0;
}

Let’s dive into what actually happen in assembly to understand better how functions are started and terminated.

1. Parameters and Function Call

push 5      # (1) First Parameter
call greet  # (2) Function Call

We first need to push all the parameters onto the stack in reverse order. The first argument will then be at the top of the stack (1). Now that the parameters are on the stack, we can call the function (2). The goal of “call” does is to push the EIP register (the instruction pointer) and set EIP to the start address of the called function, so in our case, EIP will contain the start address of the greet function.

2. Called function set up

push ebp        # (1) Saving the base pointer
mov ebp, esp    # (2) Setting the base pointer for the current stack frame
sub esp, 12     # (3) Allocating space for local variables

Once we get into the called function, we need to set up the stack in order to use it. We first start by pushing the EBP register (base pointer). This register point to the base of the current stack frame and will allow us to access the data we have on the stack (like parameters or local variables). The parameters are typically located at [ebp + 4], [ebp + 8], etc. In other word, the goal of this instruction is to save the base pointer of the caller in order to be able to restore its stack frame once we return back to it (1).

Now that the previous base pointer is saved on the stack, we set the current base pointer by doing “mov ebp, esp” (2). We can now set up the space for the local variables by allocating the needed space (3). For example “sub esp, 12” will create 12 bytes of space for the local variables (which is 3 times 32 bits variables). Note that the stack usually grow in reverse order, which is why “sub” is used to expand the stack.

The memory layout of the current stack frame looks like this : Alet text

3. Return from the function

mov esp, ebp  # (1) Clean up the stack
pop ebp       # (2) Restore previous base pointer
ret           # (3) Return to the caller

Now that the function performed its task, it needs to return to where it came from. But before that, we need to clean up what we used on the stack. First, the stack is cleaned by doing “mov esp, ebp”. The goal of this instruction is to move the top of the stack back to the base of the current stack frame, which will clean everything we pushed onto it.

Now that the stack is clean, we reset the base pointer to its previous value by doing a “pop ebp”. The base pointer now contains the base pointer of the previous stack frame (2).

Finally, we use “ret” to return to the function that initiated the call. What the ret keyword actually do is “pop EIP”, therefore the value of the instruction pointer that we saved (using “call”) is now restored (3).

That’s it for the epilogue and prologue. If there is any mistake, do not hesitate to reach out.

Author : Said Eddak