Just need some input.
I have been reading up on stacks and I understand them, kind of.
Just need some clarity.
If I 'mov ebx,5'
the '5' is on the top of the stack?
*****************
If I 'mov ebx,5'
then
If I 'mov ebx,7'
then
7
5
the stack looks like that?
them if I 'mov ebx, eax'
then the eax has 7 (the top one) in it's stack and ebx has 5 on it's stack?
Is this how it works?
AND,,,,,
If I am anywhere close to correct above, my next question pertaining to that is the addressing of the stack.
These numbers are actually sitting on the register at the time of 'mov' or are they address locations?
I keep reading a whole bunch about why addressing is crucial but just trying to understand the mechanics.
There is something special about this moment of 'mov' that understanding it will save me tons of pitfalls.
I am just real shaky on my understanding of it.
Thanks again for the site. This place is a awesome!
mov ebx, 5
5 is in the ebx register
push ebx
5 is on the stack
mov eax, ebx
5 is in eax and ebx registers
add eax, 2
7 is in eax register, 5 is in ebx register
push eax
7 is also added to the stack
pop ecx <---- Note doesnt matter which register but this pops information from previous push
7 is popped off the stack on to ecx (only 5 remains on the stack)
pop eax
5 is in eax register from first push
eax = 5
ebx = 5
ecx = 7
Stack is empty (2*push and 2*pop - balanced)
That was a sexy synopsis!
Thank you!
Makes perfectly good sense now.
So, there can be only 1 stack in memory at a time?
This means the stack is in memory and not on the chip?
How does this correlate with a 'protocol stack'?
Are these the same?
And if you can do a similar synopsis on OFFSET.
My brain doesn't want to 'snap into focus' on how addressing something by the +1 bit would work or benefit.
Just more dummy questions. I apologize for being such a noob.
Quote from: bcddd214
So, there can be only 1 stack in memory at a time?
This means the stack is in memory and not on the chip?
The stack is in memory, where ever ESP(SP) points too. Each task/process/thread has it's own stack.
QuoteHow does this correlate with a 'protocol stack'?
Are these the same?
Different beast.
Protocol stacks (USB, Ethernet) refers to a number of different layers of abstraction from the hardware to the user. A pile/heap, layers stacked atop each other. It hides the details of how the data is packetized, how it detects and retries when errors occur, etc.
and ESP (sp) points to either the memory address or the offset?
I am still trying to figure out what/why the difference.
Quote from: bcddd214
and ESP (sp) points to either the memory address or the offset? I am still trying to figure out what/why the difference.
In the environment you are using it in the ESP is pointing to a Virtual Address. ie [ESP], the data at ESP
If you used [ESP+4], it would be the data at the ESP plus the offset 4
hence 1 byte above the esp..?
But we don't store anything in the offset? It's just a marker?
and empty byte?
I apologize for the horrible noob questions.
I simply trying to understand the mechanics and not just a definition.
You are helping me out greatly.
Think of the stack as a linear address range in memory and the stack pointer (ESP register) holds a location within that address range. Each time you push an argument onto the stack it moves from its current location by the byte count used in the PUSH instruction. In 32 bit its usually 4 bytes. When you POP a register of memory the stack pointer moves back by the amount that the data size held, usually again 4 bytes.
You set the amount of stack memory with the linker which is usually plenty but some times if you are using stack intensive code that performs recursion, you have to set more stack memory because very deep recursion can set the stack pointer past the allocated stack memory which will crash the program.
Quote from: bcddd214
hence 1 byte above the esp..?
Not sure where you're pulling this 1 byte thing from. The stack is typically holding 32-bit values (4 bytes), or potentially 16-bit values (2 bytes), although in a your environment you'd be wise to avoid having the stack un-aligned in this fashion.
I gotcha now!
since PUSH will offset the (or the memory address higher), changing its value, the offset becomes the original memory address location, plus 4 bytes.
:)
Ok, the book doesn't do a good job if describing it. Only a definition.
Thank you!
The attachment contains a simple console app that hopefully helps illustrate how the stack works. It pushes and pops values and displays the contents of the stack, from the starting value of ESP to the current value of ESP, as it does so. The starting value is the higher address, and it is placed at the top of the console.