Basic usage stack

1
votes

I’m currently learning about the stack (x86). I know it’s a pile of data which operates according the LIFO principle. I know the basic operations in regards to the stack are push (to add a value on the top of the stack) and pop (to remove a value). ESP is the reference to where we are now on the stack. Now, for what I don’t understand:

Example:

  Push 4
  Push ebx
  Push eax

The instructions above will generate a stack as followed:

 8 eax <-- ESP
 4 ebx
 0 4

With the ESP pointing towards the last added value eax.

Now when we expand these instructions with the pop operation we would get something as:

 Push 4
 Push ebx
 Pop ebx
 Push eax

The instructions above should result (if I’m correct) in following stack (for first three instructions):

 4 (ebx)
 0 4 <-- ESP

Ebx is removed from the stack and the ESP has moved downwards for 4 bits. Now the stack after executing all the instructions:

 4  eax <-- ESP
 0 4

I hope everything up to here is correct, if not comments are more than welcome ;-) Now for the instruction mov edx, [ebx,+04], starting from the first stack in this post. Is the result of this following:

 16 eax
 8 edx <-- ESP
 4 ebx
 0 4

It will start at ebx + 4 bits en write edx there moving the previous value (eax) to the top, or will it replace eax with edx?

A second questions is (more in general) how to initiate, address, and remove arrays on the stack.

My apologies for this long question, but I want to understand the (basics of the) stack. Thanks.

4
assemblyx86stack
The supposition part is correct. However, the qustion is not clear. Did you mean mov edx, [esp + 4] ? - ruslik
Just to clarify: ebx is not an address, it's a register. push ebx will place its contents on stack, and not the register. [ebx+4] will be just a memory address that have nothing to do with stack. Also, stack is in memory (and it's continuous!) so you can't insert something in the middle. It's an array, not list. - ruslik

4 Answers

1
votes

You examples and assumptions are nearly accurate. The problem is the stack grows down. so where you have address 0 and 4 and 8 make those instead 0xF8, 0xF4, 0xF0, etc. If you at the descriptions for the instructions in a reference manual you will see something like this:

PUSH: Decrements SP by the size of the operand (two or four, byte values are sign extended) and transfers one word from source to the stack top (SS:SP).

so if the sp (esp) is pointing at 0xFC when you start, and you 

push 4
push ebx
push eax

Then the stack will look like:

0xFC 4
0xF8 (ebx)
0xF4 (eax) <-- esp

So accessing [esp+4] might make more sense now as it retrieves the (ebx) value, and [esp+8] is the immediate 4 that was pushed.

So if you disassemble or compile to assembler some C programs with local variables or arrays you will see that on entry of the function they will subtract some number to the stack pointer, enough to cover all of the local variables, then [esp+something] is how they access that memory, so initializing or zeroing or whatever is a simple matter of esp based addressing into the stack.

0
votes

I hope everything up to here is correct, if not comments are more than welcome ;-) Now for the instruction mov edx, [ebx,+04], starting from the first stack in this post. Is the result of this following:

 16 eax
 8 edx <-- ESP
 4 ebx
 0 4

It will start at ebx + 4 bits en write edx there moving the previous value (eax) to the top, or will it replace eax with edx?

mov edx, [ebx + 4] will move the value at [ebx + 4] (this is a pointer deference, and will have nothing to do with your current stack unless ebx points to the stack (advanced: It probably will point to the stack, but referencing it will not change the stack in any way)) into edx. This appears different than your understanding in more than one way.

First, remember that the mov instruction's parameters are used as mov DEST, SRC, and not the other way around.

Second, this mov operation only moves the value at [ebx + 4] into edx, and as such does not alter the stack pointer (ESP here) in any way. The stack will remain unchanged from the first stack that are you are referencing here. For clarity, the stack will remain as:

 8 eax <-- ESP
 4 ebx
 0 4

And none of the values on the stack will have been changed in any way.

Also, I assume you are on a 32 bit architecture. In this case, registers like eax and the like will be 32 bits (4 bytes). Please keep in mind these are 4 BYTES and not BITS.

Your "second question" belongs in its own separate question here, with more information. Good luck!

0
votes

mov edx, [ebx+04] gets the data at address es:ebx+04 and puts it into edx. Perhaps did you mean mov [ebx+04], edx? In this case it will overwrite everything at address es:ebx+4. Assuming es points to the stack segment, and ebx is equal to esp then the stack will look something like:

12 edx    <-- [ebx+4]
8  edx    <-- esp = ebx
4  ebx
0  4
0
votes

The question is very wrong.
push ebx puts the value from ebx register on the stack, and not the register itself. By putting value of ebx register on the stack you can't use it as base for addressing. Also, there is no instruction (or way) to "insert" something in the middle of the memory. It's an array, and not dynamic list.

As I stated in comment, I think you don't understand the very basics of assembly. Read about memory model, registers, about basic instructions, write some programs.