Understanding of the Stack

I. Position of the stack in the address space

Any program usually contains code snippets and data segments, and the code and data itself are static. The program wants to run, first to create a process for it by the operating system, and to map its code snippets and data segments in the process's virtual address space. It is not enough to have code snippets and data segments, and the process should have its own dynamic environment in the process, the most important of which is the stack. The distribution of the address space for the process under Linux:

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/84/30/wKioL1eIP6fCRxtVAAATKbUNbKs843.png "title=" Jie1.png "alt=" Wkiol1eip6fcrxtvaaatkbunbks843.png "/>

First, EXECV (2) maps the process code snippet and data segment, and actually reads the contents of the code snippet and data segment into memory, which is done on demand by the system's fault handler for the pages. In addition, EXECV (2) also Chingqing BSS to 0, which is why the global variable with the initial value is not assigned and the static variable has an initial value of zero. The highest position of the process user space is used to hold the command-line arguments and environment variables at the time of the program's runtime, and there is a large amount of space below the address space and above the BSS segment, while the stack and heap as the dynamic running environment of the process is in which the stack stretches downward and the heap stretches upward.

Two. Structure of the stack frame

In the stack, the stack frame that corresponds to each function is actually stored, and when the function call occurs, the new stack frame is pressed into the stack, and when the function returns, the corresponding stack frame pops up from the stack. Stack frame structure:

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/84/30/wKioL1eIQuXA8sBkAAAY86SiHyw049.png "title=" Jie2.png "alt=" Wkiol1eiquxa8sbkaaay86sihyw049.png "/>

The top of the stack frame is the argument of the function, the following is the return address of the function and a pointer to the previous stack frame, and the bottom is the space used by the local variable assigned to the function. A stack frame typically has two pointers, one for the stack frame pointer and the other for the stack top pointer. The position that the former points to is fixed, and the position that the latter points to is variable during function operation. therefore, when a function accesses an argument or a local variable, it takes the stack frame pointer as the base address, plus the offset. The figure shows that the offset of the argument is positive and the offset of the local variable is negative.

three. Analysis of function Stack frames

The following code:

int function (int a,int b,int c)

{

Char buffer[14];

int sum;

Sum=a+b+c;

return sum;

}

int main ()

{

int i;

I=function (a);

}

stack frames for function functions:

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/84/31/wKioL1eIR0ChHDqmAAAYhE_wiuY880.png "title=" Jia3.png "alt=" Wkiol1eir0chhdqmaaayhe_wiuy880.png "/>

(1) Construction of function functions stack frame

Where functions are called in the main function, the values of the three arguments are three-to-one. Since parameter passing in the C language follows the reverse stack order, three parameters are pressed from right to left into the stack. Next, in addition to transferring control to function, the address of the next instruction Addl, that is, the return address of the function functions, is pressed into the stack. Then enter the function functions, first the stack frame pointer of the main function is saved in the stack, and the next time the current stack-top pointer esp holds the stack frame pointer in EBP, and finally the function of the local variable buffer[14] and sum in the stack allocated space.

(2) Procedure for assigning the value of a a,b,c to sum

When you access arguments and local variables in a function, the stack frame pointer is the base address, plus the offset. Here the stack frame pointer is the EBP, for the sake of clarity, the figure is marked out in the stack frame so the composition is offset from the stack frame pointer ebp.

(3) The stack frame destruction process corresponding to the function hufunction after execution

First, the leave instruction copies the stack frame pointer ebp to the ESP (that is, ESP=EBP, so that ESP points to the address of EBP, so the local variable sum,buffer space is freed), so the local variable is buffer[14 in the stack) And the space allocated by sum is freed;

The leave directive also has a function of ejecting a machine word from the stack frame and storing it in EBP (that is, the next top operation, from the stack pops a word is actually the value of the previous EBP is taken out into the EBP register), The EBP is then reverted to the stack frame pointer of the main function. The RET command behind again pops a machine word from the stack frame and stores it in the instruction pointer Eip (the address of Addl POPs is assigned to the Register EIP), so the control returns to the ADDL instruction in the main function, and the ADDL instruction adds 12 to the stack-top pointer, esp This frees up the stack space occupied by the three arguments that are pressed into the stack before the function functions are transferred.

This article is from the "Zwy" blog, make sure to keep this source http://10548195.blog.51cto.com/10538195/1826617

Understanding of the Stack