Stack in Memory and Registers

Explore how stack memory and CPU registers work together in x64 Linux architecture. Understand the mechanics of function calls, jumps, and the call stack using GDB, enabling you to analyze program execution and debug effectively at the assembly level.

We'll cover the following...

Register review
Application memory simplified
Stack overflow
Jumps
Calls
Call stack

Register review

We know the following general-purpose CPU registers:

%RAX (among its specific uses is to contain function return values)
%RBX
%RCX
%RDX

We also have special purpose registers:

%RIP (Instruction Pointer)
%RSP (Stack Pointer)

AMD64 and Intel EM64T architectures introduced additional general-purpose registers—%R8, %R9, %R10, %R11, %R12, %R13, %R14, %R15.

These additional registers are used a lot in x $64$ code. More general-purpose registers allow faster code execution because temporary computation results can be stored there instead of in-memory locations. Here is a disassembly of the read function:

(gdb) disass read

The dump of the read ...

1.Introduction to the Course

2.Memory, Registers, and Simple Arithmetic

3.Code Optimization

4.Number Representations

5.Pointers

6.Bytes, Words, Double, and Quad Words

7.Pointers to Memory

8.Logical Instructions and RIP

9.Reconstructing a Program with Pointers

10.Memory and Stacks

11.Frame Pointer and Local Variables

12.Function Parameters

13.More Instructions

14.Function Pointer Parameters

15.Summary of Code Disassembly Patterns

Assessment

Stack in Memory and Registers

Register review