x86

Memory Layout #

• Code/text: program code
• Data: static variables allocated on start
• Heap: dynamic memory allocated with alloc and free
• Stack: local variables and stack frames

Basics #

x86 is a commonly used instruction set in consumer computers.

• x86 is little endian (smallest bit on lowest memory address)
• x86 has variable length instructions that can be from 1 to 16 bytes long.
• x86 has 8 general purpose registers (EAX, EBX, ECX, EDX, ESI, EDI), a stack pointer ESP (sp in riscv), a base pointer EBP (fp in riscv), and an instruction pointer register EIP (pc in riscv)

Syntax #

• Registers: mod signs (%eax, %esp, %edi)
• Immediates: dollar signs ($1, $0x4)
• Memory reference: 8(%esp) gets 8 bytes past esp location
• Example instruction: add $0x8, %ebx adds 8 to ebx

Stack Frames #

The stack frame of a function is the space on the stack allocated for local variables. It goes away upon return from the function.

Variables in the stack frame are stored in higher addresses first (with the exception of structs and function arguments, which are pushed in reverse order).

• For example, f(v1, v2, v3) call would put v3 at the highest memory address.

To add or remove a variable from the stack frame, use push and pop.

Calling Convention #

Calling a function:

• Push arguments onto stack (in rev. order)
• Push old EIP onto stack (RIP)
• Move EIP
• Push old EBP onto stack (SFP)
• Move EBP
• Move ESP (This creates a new stack frame)
• Execute funciton
• Move ESP back
• Pop old EBP
• Pop old EIP
• Remove arguments from stack

In assembly code, the call instruction can be used:

• Call pushes EIP onto stack (known as RIP, return instruction pointer) and then changes EIP to the new location.