Assembly Chapters 5 and 8 Flashcards
5.1 How does the PUSH instruction work?
first decrements ESP and then copies a source operand into the stack. A 16 bit operand causes ESP to be decremented by 2. A 32-bit operand causes ESP to be decremented by 4.
5.1 What are the instruction formats for PUSH
PUSH reg/mem16
PUSH reg/mem32
PUSH imm32
How does the POP instruction work?
first copies the contents of the stack element pointed to by ESP into a 16 or 32 bit destination operand and then increments ESP.
What are the instruction formats of POP?
POP reg/mem16
POP reg/mem32
What is PUSHFD?
instruction that pushes the 32-bit EFLAGS register on the stack
What POPFD?
pops the stack into EFLAGS
MOV instruction can be used to copy the flags to a variable. True or False?
False. use PUSHFD
What is PUSHAD?
pushes all of the 32 bit general purpose registers on the stack in the following order: EAX, ECX, EDX, EBX, ESP EBP, ESI & EDI
What is going on in the following lines of code?
MySub PROC pushad mov eax, ... mov edx,... mov ecx,... popad ret MySub ENDP
saving the 32 bit general purpose registers by pushing them on stack and then modifying them and then restoring values before call ret
What is RET
forces program to return to location where it was before procedure was called
How does the CALL instruction work?
pushes its return address on the stack and copies the called procedure’s address into the instruction pointer
How much memory does a CALL statement use?
5 bytes
8.2 What is the stack frame?
AKA activation record, the area of the stack set aside for passed arguments, subroutine return address, local variables, and saved registers.
What is a prologue and epilogue?
statements that save EBP register and point EBP to the top of the stack. The Epilogue is statements that restore the EBP register and calls the RET
