IA32 Stack

Region of memory managed with Stack Bottom

stack discipline
Register %esp indicates lowest
allocated position in stack
i.e., address of top element Increasing
Addresses
Pushing
pushl Src
Fetch operand at Src
Decrement %esp by 4
Write operand at address given
by %esp Stack Grows
Stack
Popping Down
Pointer
popl Dest %esp
Read operand at address given
by %esp
Increment %esp by 4 Stack Top
Write to Dest
class07.ppt 2 CS 213 F01
 Stack Operation Examples
pushl %eax popl %edx

0x110 0x110 0x110

0x10c 0x10c 0x10c
0x108 123 0x108 123 0x108 123
0x104 213

%eax 213 %eax 213 %eax 213

%edx 555 %edx 555 %edx 213
%esp 0x108 %esp 0x104 %esp 0x108

class07.ppt 3 CS 213 F01

 Procedure Control Flow
Use stack to support procedure call and return

Procedure call:
call label Push return address on stack; Jump to label
Return address value
Address of instruction beyond call
Example from disassembly
804854e: e8 3d 06 00 00 call 8048b90 <main>
8048553: 50 pushl %eax
Return address = 0x8048553
Procedure return:
ret Pop address from stack; Jump to address

class07.ppt 4 CS 213 F01

 Procedure Call / Return Example
804854e: e8 3d 06 00 00 call 8048b90 <main>
8048553: 50 pushl %eax

call 8048b90 ret

0x110 0x110 0x110

0x10c 0x10c 0x10c
0x108 123 0x108 123 0x108 123
0x104 0x8048553

%esp 0x108 %esp 0x104 %esp 0x108

%eip 0x804854e %eip 0x8048b90 %eip 0x8048553

%eip is program counter

class07.ppt 5 CS 213 F01

 Stack-Based Languages
Languages that Support Recursion
e.g., C, Pascal, Java
Code must be Reentrant
Multiple simultaneous instantiations of single procedure
Need some place to store state of each instantiation
Arguments
Local variables
Return pointer
Stack Discipline
State for given procedure needed for limited time
From when called to when return
Callee returns before caller does
Stack Allocated in Frames
state for single procedure instantiation

class07.ppt 6 CS 213 F01

 Call Chain Example
Code Structure
Call Chain
yoo()
{ yoo


who(); who() who
{

amI
}
amI();
amI
amI()

{
}

amI

Procedure amI recursive amI();


}

class07.ppt 7 CS 213 F01

IA32 Stack Structure

Stack Growth
Toward lower addresses
yoo
Stack Pointer Increasing
Address of next available Addresses
location in stack who
Use register %esp
Frame Pointer
Start of current stack frame amI
Use register %ebp Stack Grows

Frame amI
Pointer
%ebp
amI
Stack
Pointer
%esp Stack
Top
class07.ppt 8 CS 213 F01
 IA32/Linux Stack Frame
Callee Stack Frame (Top to
Bottom)
Parameters for called functions
Caller
Local variables Frame
If cant keep in registers
Arguments
Saved register context Frame Pointer
Old frame pointer Return Addr
(%ebp)
Old %ebp
Caller Stack Frame
Return address Saved
Pushed by call instruction Registers
+
Arguments for this call Local
Variables

Argument
Stack Pointer
Build
(%esp)

class07.ppt 9 CS 213 F01

 Register Saving Conventions
When procedure yoo calls who:
yoo is the caller, who is the callee
Can Register be Used for Temporary Storage?
yoo: who:

movl $15213, %edx movl 8(%ebp), %edx
call who addl $91125, %edx
addl %edx, %eax
ret
ret

Contents of register %edx overwritten by who

Conventions
Caller Save
Caller saves temporary in its frame before calling
Callee Save
Callee saves temporary in its frame before using
class07.ppt 20 CS 213 F01
 IA32/Linux Register Usage
Surmised by looking at
code examples
Integer Registers %eax
Two have special uses Caller-Save
%edx
%ebp, %esp Temporaries
Three managed as callee- %ecx
save
%ebx
%ebx, %esi, %edi
Callee-Save
Old values saved on %esi
Temporaries
stack prior to using
%edi
Three managed as caller-
save %esp
%eax, %edx, %ecx Special
%ebp
Do what you please, but
expect any callee to do
so, as well
Register %eax also stores
returned value
class07.ppt 21 CS 213 F01
 swap
int zip1 = 15213; call_swap:
int zip2 = 91125;
pushl $zip2 # Global Var
void call_swap() pushl $zip1 # Global Var
{ call swap
swap(&zip1, &zip2);
}
Resulting

Stack
void swap(int *xp, int *yp)
{
int t0 = *xp; &zip2
int t1 = *yp; &zip1
*xp = t1;
*yp = t0; Rtn adr %esp
}

class07.ppt 10 CS 213 F01

 swap
swap:
pushl %ebp
movl %esp,%ebp Set
pushl %ebx Up
void swap(int *xp, int *yp)
{ movl 12(%ebp),%ecx
int t0 = *xp; movl 8(%ebp),%edx
int t1 = *yp; movl (%ecx),%eax
*xp = t1; Body
movl (%edx),%ebx
*yp = t0; movl %eax,(%edx)
} movl %ebx,(%ecx)

movl -4(%ebp),%ebx
movl %ebp,%esp Finish
popl %ebp
ret

class07.ppt 11 CS 213 F01

 swap Setup #1
Entering Resulting
Stack Stack
%ebp %ebp

&zip2 yp
&zip1 xp
Rtn adr %esp Rtn adr
Old %ebp %esp

swap:
pushl %ebp
movl %esp,%ebp
pushl %ebx

class07.ppt 12 CS 213 F01

 swap Setup #2
Entering
Stack Resulting
%ebp Stack

&zip2 yp
&zip1 xp
Rtn adr %esp Rtn adr
Old %ebp %ebp
%esp
swap:
pushl %ebp
movl %esp,%ebp
pushl %ebx

class07.ppt 13 CS 213 F01

 swap Setup #3
Entering
Stack Resulting
%ebp Stack

&zip2 yp
&zip1 xp
Rtn adr %esp Rtn adr
Old %ebp %ebp
Old %ebx %esp
swap:
pushl %ebp
movl %esp,%ebp
pushl %ebx

class07.ppt 14 CS 213 F01

 Effect of swap Setup
Entering
Stack Resulting
%ebp Stack


Offset

&zip2 12 yp
&zip1 8 xp
Rtn adr %esp 4 Rtn adr
0 Old %ebp %ebp
Old %ebx %esp
swap:
pushl %ebp
movl %esp,%ebp
pushl %ebx

class07.ppt 15 CS 213 F01

 swap Finish #1
swaps

Stack

Offset Offset
12 yp 12 yp
8 xp 8 xp
4 Rtn adr 4 Rtn adr
0 Old %ebp %ebp 0 Old %ebp %ebp
-4 Old %ebx %esp -4 Old %ebx %esp

movl -4(%ebp),%ebx
movl %ebp,%esp
Observation popl %ebp
Saved & restored register %ebx ret

class07.ppt 16 CS 213 F01

 swap Finish #2
swaps swaps

Stack Stack

Offset Offset
12 yp 12 yp
8 xp 8 xp
4 Rtn adr 4 Rtn adr
0 Old %ebp %ebp 0 Old %ebp %ebp
-4 Old %ebx %esp %esp

movl -4(%ebp),%ebx
movl %ebp,%esp
popl %ebp
ret

class07.ppt 17 CS 213 F01

 swap Finish #3
swaps %ebp
swaps
Stack
Stack

Offset Offset

12 yp 12 yp

8 xp 8 xp

4 Rtn adr 4 Rtn adr

%esp
0 Old %ebp %ebp
%esp

movl -4(%ebp),%ebx
movl %ebp,%esp
popl %ebp
ret

class07.ppt 18 CS 213 F01

 swap Finish #4
swaps %ebp %ebp

Stack
Exiting
Offset
Stack
12 yp &zip2
8 xp &zip1 %esp
4 Rtn adr
%esp

movl -4(%ebp),%ebx
movl %ebp,%esp
Observation popl %ebp
Saved & restored register %ebx ret
Didnt do so for %eax, %ecx, or %edx

class07.ppt 19 CS 213 F01