w06b IA32 stack - Swarthmore College

TheStackandMemoryinIA32

10/6/16

Tuesday,wecoveredtheseIA32convenienceinstructions…• pushl src

subl $4, %espmovl src, (%esp)

• popl dstmovl (%esp), dstaddl $4, %esp

• leave%esp = %ebppopl %ebp

Nextup:call andret

• Calljumpstothestartofthecallee’s instructions.• indicatedbyalabel

• Retjumpsbacktothenextinstructionofthecaller.

Whydon’twejustdothiswithjmp?

Functioncalls

ProgramCounter(PC)

funcA:addl $5, %ecxmovl %ecx, -4(%ebp)…call funcBaddl %eax, %ecx…

funcB:pushl %ebpmovl %esp, %ebp…movl $10, %eaxleaveret

Whatwe’dlikethistodo:

TextMemoryRegion

Functioncalls

ProgramCounter(PC)




SetupfunctionB’sstack.

TextMemoryRegion

Functioncalls

ProgramCounter(PC)





ExecutethebodyofB,produceresult(storedin%eax).

TextMemoryRegion

Functioncalls

ProgramCounter(PC)





ExecutethebodyofB,produceresult(storedin%eax).

RestorefunctionA’sstack.

TextMemoryRegion

Functioncalls

ProgramCounter(PC)




Return:GobacktowhatweweredoingbeforefuncB started.

Unlikejumping,weintendtogoback!

TextMemoryRegion

Weneedtoget%eip back.

• call shouldsave%eip thenjumptocallee.

• ret shouldrestore%eip tojumpbacktothecaller.

Wecouldaccomplishthiswithoutcall andret.They’rejustconvenienceinstructions(likepush,pop,andleave).

Writewritecall andret usingotherIA32instructions.

• call f:save%eip thenjumptothestartoff.push %eipjmp f

• ret:restore%eip tojumpbacktothecaller.popl %eip

IA32Stack/FunctionCallInstructions

pushl Createspaceonthestackandplacethesourcethere.

subl $4, %espmovl src, (%esp)

popl Removethetopitemoffthestackandstoreitatthedestination.

movl (%esp), dstaddl $4, %esp

call 1.Pushreturnaddressonstack2.Jumptostartoffunction

push %eipjmp target

leave Preparethestackforreturn(restoringcaller’sstackframe)

movl %ebp, %esppopl %ebp

retReturntothecaller,PCß savedPC(popreturnaddressoffthestackintoPC(eip))

popl %eip

Onthestackbetweenthecaller’sandthecallee’s stackframes…

• Caller’sbasepointer(toresetthestack).

• Caller’sinstructionpointer(tocontinueexecution).

• Functionparameters.

Whatordershouldwestoreallofthesethingsonthestack?Why?

callee parameters

returnaddresscaller’sbasepointer

callee parameters

caller’sbasepointer

returnaddress

returnaddresscaller’sbasepointer

callee parameters

callee parameters

caller’sbasepointerreturnaddress

A B

C D

E:someotherorder.

Puttingitalltogether…

…Olderstackframes.

…

Caller’slocalvariables.

FinalArgumenttoCallee…

FirstArgumenttoCalleeReturnAddress

Callee’s localvariables.

Caller’sFramePointer

Caller’sframe.

Callee’sframe.

Sharedbycallerandcallee.

TranslatethistoIA32.Whatshouldbeonthestack?

int add_them(int a, int b, int c) {

return a+b+c;

}

int main() {

add_them(1, 2, 3);}

Assumethestackinitiallylookslike:

main

0xFFFFFFFF

%esp

%ebp

StackFrameContents

• Localvariables• Previousstackframebaseaddress• Functionarguments• Returnvalue• Returnaddress

• Savedregisters• Spilledtemporaries main

0xFFFFFFFF

function1

function2

SavingRegisters

• Registersareascarceresource,butthey’refasttoaccess.Memoryisplentiful,butslowertoaccess.

• Shouldthecallersaveitsregisterstofreethemupforthecallee touse?• Shouldthecallee savetheregistersincasethecallerwasusingthem?• Whoneedsmoreregistersfortemporarycalculations,thecallerorcallee?

• Clearlytheanswersdependonwhatthefunctionsdo…

Splittingthedifference…

• Wecan’tknowtheanswerstothosequestionsinadvance…

• Wehavesixgeneral-purposeregisters,let’sdividethemintotwogroups:• Caller-saved:%eax,%ecx,%edx• Callee-saved:%ebx,%esi,%edi

RegisterConvention

• Caller-saved:%eax,%ecx,%edx• Ifthecallerwantstopreservetheseregisters,itmustsavethempriortocallingcallee.• Thecallee isfreetotrashthese;thecallerwillrestoreifneeded.

• Callee-saved:%ebx,%esi,%edi• Ifthecallee wantstousetheseregisters,itmustsavethemfirst,andrestorethembeforereturning.• Thecallercanassumethesewillbepreserved.

Thisiswhylab4hadthecommentaboutusingonly%eax,%ecx,and%edx.

RunningOutofRegisters

• Somecomputationsrequiremorethansixregisterstostoretemporaryvalues.

• Registerspilling:Thecompilerwillmovesometemporaryvaluestomemory,ifnecessary.• Valuespushedontostack,poppedofflater• Noexplicitvariabledeclaredbyuser

IA32addressingmodes

• Directaddressing(whatwe’veseensofar)-4(%ebp)

• Indexedaddressing(%ecx, %edx, 4)

offset baseaddress

baseaddress

index scale

IndexedAddressingMode

• Generalform:offset(%base, %index, scale)

• Translation:Accessthememoryataddress…base + (index * scale) + offset

Discussion:whenwouldthismodebeuseful?

Supposei isat%ebp-8,andequals2.

Usersays:float_arr[i] = 9;

Translatesto:movl -8(%ebp), %edx

Heap

0x0824: iptr[0]

0x0828:iptr[1]

0x082C:iptr[2]

0x0830:iptr[3]

Example%ecx 0x0824

%edx 2Registers:

ECX:Arraybaseaddress




Heap

0x0824: iptr[0]

0x0828:iptr[1]

0x082C:iptr[2]

0x0830:iptr[3]

Example%ecx 0x0824

%edx 2Registers:





movl $9, (%ecx, %edx, 4)

Heap

0x0824: iptr[0]

0x0828:iptr[1]

0x082C:iptr[2]

0x0830:iptr[3]

Example%ecx 0x0824

%edx 2Registers:





movl $9, (%ecx, %edx, 4)

0x0824 + (2 * 4) + 0

0x0824 + 8 = 0x082C

Heap

0x0824: iptr[0]

0x0828:iptr[1]

0x082C:iptr[2]

0x0830:iptr[3]

Example%ecx 0x0824

%edx 2Registers:


Whatisthefinalstateafterthiscode?

addl $4, %eax

movl (%eax), %eax

sall $1, %eax

movl %edx, (%ecx, %eax, 2)

%eax 0x2464

%ecx 0x246C

%edx 7

(Initialstate)Registers:

Memory:Heap

0x2464: 5

0x2468: 1

0x246C:42

0x2470:3

0x2474:9

TranslatethisarrayaccesstoIA32

int *x;x = malloc(10*sizeof(int));

...

x[i] = -12;

Atthispoint,supposethatthevariablex isstoredat%ebp+8.Andi isin%edx.Useindexedaddressingtoassignintothearray.

Theleal instruction

• Usesthecircuitrythatcomputesaddresses.• Doesn’tactuallyaccessmemory.• Computean“address”andstoreitinaregister.• Canusethefullversionofindexedaddressing.

leal offset(%base, %index, scale), dest

leal 5(%eax, %esi, 2), %edx

#put %eax + 5 + (2*%esi) in %edx

Documents

w06b IA32 stack - Swarthmore College