1.7 Stack
What these instruction do: save the value in theEBPregister, set the value of theEBPregister to the value
of theESPand then allocate space on the stack for local variables.
The value in theEBPstays the same over the period of the function execution and is to be used for local
variables and arguments access. For the same purpose one can useESP, but since it changes over time
this approach is not too convenient.
The function epilogue frees the allocated space in the stack, returns the value in theEBPregister back to
its initial state and returns the control flow to thecaller:
mov esp, ebp
pop ebp
ret 0
Function prologues and epilogues are usually detected in disassemblers for function delimitation.
1.6.1 Recursion
Epilogues and prologues can negatively affect the recursion performance.
More about recursion in this book:3.4.3 on page 481.
1.7 Stack
The stack is one of the most fundamental data structures in computer science^48 .AKA^49 LIFO^50.
Technically, it is just a block of memory in process memory along with theESPorRSPregister in x86 or
x64, or theSPregister in ARM, as a pointer within that block.
The most frequently used stack access instructions arePUSHandPOP(in both x86 and ARM Thumb-mode).
PUSHsubtracts fromESP/RSP/SP4 in 32-bit mode (or 8 in 64-bit mode) and then writes the contents of its
sole operand to the memory address pointed byESP/RSP/SP.
POPis the reverse operation: retrieve the data from the memory location thatSPpoints to, load it into the
instruction operand (often a register) and then add 4 (or 8) to thestack pointer.
Afterstackallocation, thestackpointerpointsatthebottomofthestack.PUSHdecreasesthestackpointer
andPOPincreases it. The bottom of the stack is actually at the beginning of the memory allocated for the
stack block. It seems strange, but that’s the way it is.
ARM supports both descending and ascending stacks.
For example theSTMFD/LDMFD,STMED^51 /LDMED^52 instructions are intended to deal with a descending
stack(growsdownwards,startingwithahighaddressandprogressingtoalowerone). TheSTMFA^53 /LDMFA^54 ,
STMEA^55 /LDMEA^56 instructionsareintendedtodealwithanascendingstack(growsupwards,startingfrom
a low address and progressing to a higher one).
1.7.1 Why does the stack grow backwards?
Intuitively, we might think that the stack grows upwards, i.e. towards higher addresses, like any other
data structure.
The reason that the stack grows backward is probably historical. When the computers were big and
occupied a whole room, it was easy to divide memory into two parts, one for theheapand one for the
stack. Of course, it was unknown how big theheapand the stack would be during program execution, so
this solution was the simplest possible.
(^48) wikipedia.org/wiki/Call_stack
(^49) Also Known As
(^50) Last In First Out
(^51) Store Multiple Empty Descending (ARM instruction)
(^52) Load Multiple Empty Descending (ARM instruction)
(^53) Store Multiple Full Ascending (ARM instruction)
(^54) Load Multiple Full Ascending (ARM instruction)
(^55) Store Multiple Empty Ascending (ARM instruction)
(^56) Load Multiple Empty Ascending (ARM instruction)