x86 Stack
Özcan Esnaf - 2018719183
Memory Layout
Block of RAM installed in the system is addressed as a virtual address space, so it provides a consistency.
Higher part is preserved and used by the kernel, which userspace applications do not have access to.
Bottom of the memory is addressed as 0x00000000 on a 32-bit x86 system and higher upper limit is 0xFFFFFFFF.
Virtual Address to Physical Address translations are done through an operation called Virtual Address Translation
Higher part is preserved and used by the kernel, which userspace applications do not have access to.
Bottom of the memory is addressed as 0x00000000 on a 32-bit x86 system and higher upper limit is 0xFFFFFFFF.
Virtual Address to Physical Address translations are done through an operation called Virtual Address Translation
Virtual Address Translation
Physical memory is addressed as a big chunck of memory virtually by the operating system and the cpu, so
userspace programs view the memory with large address space.
This makes it more flexible for programs to run, without minding the memory address space constraints.
Many processes can run in the same address space without any extra effort to adapt to physical address.
Support programs that require more memory than the pysically installed. So, a swap file or space can be used and represented to the user program as memory space.
Memory Management Unit translates virtual addresses to phyical address on each data load and store operation.
This makes it more flexible for programs to run, without minding the memory address space constraints.
Many processes can run in the same address space without any extra effort to adapt to physical address.
Support programs that require more memory than the pysically installed. So, a swap file or space can be used and represented to the user program as memory space.
Memory Management Unit translates virtual addresses to phyical address on each data load and store operation.
Run-time Stack
Stack stores the data as LIFO.
As we add something to stack it is put on the higher address, and next one lower than it.
Stack goes downwards to the lower memory address.
So, adding to the stack decreases the ESP register, and removing data increases the ESP register.
ESP register always points to the data at the top of the stack, which is the last added.
As we add something to stack it is put on the higher address, and next one lower than it.
Stack goes downwards to the lower memory address.
So, adding to the stack decreases the ESP register, and removing data increases the ESP register.
ESP register always points to the data at the top of the stack, which is the last added.
Push and Pop Operations
For 32 bit, a push operation first decreases the ESP by 4, so it will point to 4 bytes below.
Newly pushed data is placed to the memory location now pointed by the ESP
Pop operation does the opposite of this. ESP is increased by 4, so it will point to 4 bytes above the last address
Newly pushed data is placed to the memory location now pointed by the ESP
Pop operation does the opposite of this. ESP is increased by 4, so it will point to 4 bytes above the last address
Procedure Calls
When a procedure is called, first, parameters are pushed the stack and then call is made to the function
address. Call operation is identical to pushing the eip to the stack and chane
mov eax, word0
push eax
mov ebx, word1
push ebx
call procedure2
procedure2:
mov eax,[EBP+4]
mov ebx,[EBP+8]
.
.
.
leave
ret