Trying to understand gcc's complicated stack-alignment at the top of main that copies the return address

前端 未结 3 1111
抹茶落季
抹茶落季 2020-12-02 13:45

hi I have disassembled some programs (linux) I wrote to understand better how it works, and I noticed that the main function always begins with:

lea    ecx,[         


        
相关标签:
3条回答
  • 2020-12-02 14:24
    lea    ecx,[esp+0x4] ; I assume this is for getting the adress of the first argument of     the main...why ?
    and    esp,0xfffffff0 ; ??? is the compiler trying to align the stack pointer on 16 bytes ???
    push   DWORD PTR [ecx-0x4] ; I understand the assembler is pushing the return adress....why ?
    push   ebp                
    mov    ebp,esp
    push   ecx  ;why is ecx pushed too ??
    

    Even if every instruction worked perfectly with no speed penalty despite arbitrarily aligned operands, alignment would still increase performance. Imagine a loop referencing a 16-byte quantity that just overlaps two cache lines. Now, to load that little wchar into the cache, two entire cache lines have to be evicted, and what if you need them in the same loop? The cache is so tremendously faster than RAM that cache performance is always critical.

    Also, there usually is a speed penalty to shift misaligned operands into the registers. Given that the stack is being realigned, we naturally have to save the old alignment in order to traverse stack frames for parameters and returning.

    ecx is a temporary register so it has to be saved. Also, depending on optimization level, some of the frame linkage ops that don't seem strictly necessary to run the program might well be important in order to set up a trace-ready chain of frames.

    0 讨论(0)
  • 2020-12-02 14:35

    I've had a go at it:

    ;# As you have already noticed, the compiler wants to align the stack
    ;# pointer on a 16 byte boundary before it pushes anything. That's
    ;# because certain instructions' memory access needs to be aligned
    ;# that way.
    ;# So in order to first save the original offset of esp (+4), it
    ;# executes the first instruction:
    lea    ecx,[esp+0x4]
    
    ;# Now alignment can happen. Without the previous insn the next one
    ;# would have made the original esp unrecoverable:
    and    esp,0xfffffff0
    
    ;# Next it pushes the return addresss and creates a stack frame. I
    ;# assume it now wants to make the stack look like a normal
    ;# subroutine call:
    push   DWORD PTR [ecx-0x4]
    push   ebp
    mov    ebp,esp
    
    ;# Remember that ecx is still the only value that can restore the
    ;# original esp. Since ecx may be garbled by any subroutine calls,
    ;# it has to save it somewhere:
    push   ecx
    
    0 讨论(0)
  • 2020-12-02 14:38

    This is done to keep the stack aligned to a 16-byte boundary. Some instructions require certain data types to be aligned on as much as a 16-byte boundary. In order to meet this requirement, GCC makes sure that the stack is initially 16-byte aligned, and allocates stack space in multiples of 16 bytes. This can be controlled using the option -mpreferred-stack-boundary=num. If you use -mpreferred-stack-boundary=2 (for a 22=4-byte alignment), this alignment code will not be generated because the stack is always at least 4-byte aligned. However you could then have trouble if your program uses any data types that require stronger alignment.

    According to the gcc manual:

    On Pentium and PentiumPro, double and long double values should be aligned to an 8 byte boundary (see -malign-double) or suffer significant run time performance penalties. On Pentium III, the Streaming SIMD Extension (SSE) data type __m128 may not work properly if it is not 16 byte aligned.

    To ensure proper alignment of this values on the stack, the stack boundary must be as aligned as that required by any value stored on the stack. Further, every function must be generated such that it keeps the stack aligned. Thus calling a function compiled with a higher preferred stack boundary from a function compiled with a lower preferred stack boundary will most likely misalign the stack. It is recommended that libraries that use callbacks always use the default setting.

    This extra alignment does consume extra stack space, and generally increases code size. Code that is sensitive to stack space usage, such as embedded systems and operating system kernels, may want to reduce the preferred alignment to -mpreferred-stack-boundary=2.

    The lea loads the original stack pointer (from before the call to main) into ecx, since the stack pointer is about to modified. This is used for two purposes:

    1. to access the arguments to the main function, since they are relative to the original stack pointer
    2. to restore the stack pointer to its original value when returning from main
    0 讨论(0)
提交回复
热议问题