how does push and pop work in assembly

前端 未结 2 1234
情书的邮戳
情书的邮戳 2020-12-08 17:29

I\'m getting confused on what does pop actually do in assembly. Does pop move the value PUSHed onto the stack last (meaning it doesn\'

相关标签:
2条回答
  • 2020-12-08 18:17

    The latter

    POP EBP
    

    is equivalent to

    MOV EBP, [ESP]
    ADD ESP, 4           ; but without modifying flags, like  LEA ESP, [ESP+4]
    

    (in Intel syntax - target on the left, source on the right)

    0 讨论(0)
  • 2020-12-08 18:18

    PUSH <src> does:

     ESP := ESP-4  ; for x86; -8 for x64
     MEMORY[ESP]:=<operandvalue>
    

    POP <dst> does:

     <operandtarget>:=MEMORY[ESP];
     ESP:=ESP+4    ; for x86; +8 for x64
    

    It is much easier to understand what machine instructions do if you write their descriptions down in pseudo code like this. The Intel reference manuals are full of such pseudo code, and it is worth your time and trouble to get them, and read the details for yourself. (e.g. in the HTML extract https://www.felixcloutier.com/x86/push and https://www.felixcloutier.com/x86/pop)

    Regarding your specific question: Your store of $5 into -4(%esp) is a valid machine instruction, and the processor will execute it without complaint, but it is really extremely unsafe programming. If the processor takes a trap or interrupt just after that instruction, the processor state (is usually) saved "on top of the stack", and will overwrite your value. Since interrupts occur asynchronously, the behaviour you will see is that, rarely, the $5 gets lost. That makes for an extremely hard program to debug.

    The "add $4" moves the ESP back to the place before the push instruction. So, you cannot say anything about the value popped into ebp except it is "unknown" as you suggested as one of your options.

    See Raymond Chen's blog for details of why writing below ESP is unsafe even in user-space under Windows. (Interrupts won't use the user-space stack asynchronously, but a few things can.) On non-Windows, POSIX signal handlers can step on space below the user-space ESP. (Except in x86-64 System V, where the ABI defines a "red zone" of 128 bytes below RSP that's safe to use.)

    0 讨论(0)
自定义标题
段落格式
字体
字号
代码语言
提交回复
热议问题