X86 mov / add Instructions and memory addresses
I am learning x86 assembly in class and I am very lost in how you distinguish between what a registry operand is and what a memory reference does. I had a few confusion that I was hoping to clear up.
The following code is what my tutorial says, it is a long way to do push and pop respectively:
subl $4, %esp movl %ebp, (%esp) movl (%esp), %eax addl $4, %esp
So in a subl statement, can we always expect% esp to store the address value?
What is the difference between the two movl functions? Can the former be written as
movl (%ebp), %esp
? And for the second movl, does it move the address% esp or move the value pointed to by% esp?
As a follow-up, why can't we have source and destination as memory references like that?
movw (%eax), 4(%esp)
And finally, for the following code:
movb (%esp, %edx, 4), %dh
if the source is more than 1 byte (size% dh) what happens? Does it just truncate the value?
Sorry, that was a ton of questions, but any help would be greatly appreciated.
source to share
The following code is what my tutorial says is a long way to do push and pop respectively:
subl $4, %esp movl %ebp, (%esp) movl (%esp), %eax addl $4, %esp
So in a subl statement, we can always expect% esp to pass the address value?
Yes. The register ESP
contains the memory address of the last value to be pushed onto the stack.
What is the difference between the two movl functions? Can it first be written as
movl (%ebp), %esp
? And for the second movl does it move the address% esp or does it move the value that% esp points to?
A command MOV
in syntax AT&T
expects two operands: source and destination. MOV
copies data (in this case 32 bits, indicated by a suffix L
) from the first operand written on the left to the second operand written on the right. If one of them is enclosed in parentheses, it means that the operand is a memory operand, and the value in parentheses is its memory address, not the actual value)
So, it movl %ebp,(%esp)
means: copy the register value EBP
into memory, at the address indicated by the register value ESP
.
What did you mean with movl (%ebp),%esp
: Copy 32 bits of data, starting at the memory address indicated by the value EBP
, into a register ESP
.
So, you change the direction of travel.
As a consequence, why can't we have the source and destination of the so-called memory references?
movw (%eax), 4(%esp)
Short answer: because the encoding used by Intel doesn't allow it. Long answer: the way Intel designed the ISA, the resources available to calculate the two effective addresses in the good year 8086, etc.
And finally, for the following code:
movb (%esp, %edx, 4), %dh
if the source is more than 1 byte (size% dh) what happens? Does it just truncate the value?
The source is the same size as the destination. This is superimposed by both the suffix B
and the fact that the destination is an 8-bit register. The iin value in parentheses is the address of one byte of memory. By the way, this addressESP+EDX*4
source to share
So in a subl statement, can we always expect% esp to store the address value?
By definition, yes, because the next instruction uses it as an address. Whatever trash is, now there is an address. If it's some shit like 0xDEADBEEF .. well, now that's the address. It may or may not be a valid address (hopefully a valid, invalid stack is a bad product), but that's another matter.
What is the difference between the two movl functions?
Used in push to write to memory which is used in pop. The brackets on the right side indicate that this is a record, on the left side - read. So can you switch them? Obviously not, it will do something different. movl (%ebp), %esp
will read something from memory and then change where the stack is.
As a follow-up, why can't we have source and destination as memory references like that?
Because you cannot, there is no such instruction. This does not follow the normal encoding of the operand . I am guessing that such an instruction may have existed, but it does not, so you cannot use it.
movb (%esp, %edx, 4), %dh
if the source is more than 1 byte (size% dh) what happens?
It is not by definition that an instruction will read 1 byte.
source to share