Accessing stack frame on x86-64 architecture on Linux
Question
I am trying to access the different stack frames on a Linux system with x86-64 architecture. I am able to access the Register Base Pointer (rbp) of all the frames. Now I want to access the arguments to each function call. I checked this link which says that the first 6 arguments are being passed through registers. However, as far as I understand, I can get only the arguments of the top-most function call by reading the registers. But what about the arguments sent to the other functions (that is, the stack-frames lying below the current frame)? Presumably, they must be stored at some position in the stack itself, but I could not get the location. Can anybody help explain this?
Thanks a lot.
1 answers
solution1
1 ACCPTED 2014-09-13 12:04:56
Take this code:
int f1(int a1, int a2, int a3) {
return f2(2 * a1, 2 * a2, 2 * a3);
}
int f2(int a1, int a2, int a3) {
return a1 + a2 + a3;
}
Now say we call f1(): we put its arguments into RDI, RSI, and RDX as per the calling convention. It then multiplies each of these registers by 2 and calls f2(). Those registers are defined as caller-saved, yet there is no need to save them, since f1() will not use them again. Therefore, once we are in f2() we cannot reasonably expect to have any way to get the original arguments passed to f1(). They are simply not in existence, and cannot be recovered because there is no way to "undo" even a simple operation like multiply-by-2 (because it might have overflowed).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.