x86-64: more register, easier programmer, harder code kernel and debug
all registers are the same, which is good
when boot, it starts with 16-bit mode, then 32, then 64 which is complicated and hard to write translation code
interrupts are more complicated
more register, more possibility can go wrong
more complicated page table / virtual memory
x86-64 = neutral generic term (used by academics and OS vendors) AMD64 = AMD’s marketing & technical name EM64T / Intel 64 = Intel’s marketing name for the same architecture x86-64: means "the 64-bit extension of x86 processors/instruction set that are backwards-compatible with 32-bit x86"
x86 / IA32 (32-bit x86 ISA): Means Intel Architecture, 32-bit. We will use this.
General Purpose: %eax, %ebx, %ecx, %edx

%esp (not stored in stack, but hardware register): pointing top most item in the stack (not next avaliable)
pushl, popl decrease, increase %esp by 4 in 32bits"esp" stands for extended stack pointer (extended from 16 bits)
Rowhammer (also written as row hammer or RowHammer) is a computer security exploit that takes advantage of an unintended and undesirable side effect in dynamic random-access memory (DRAM) in which memory cells interact electrically between themselves by leaking their charges, possibly changing the contents of nearby memory rows that were not addressed in the original memory access. (It happens when read and write frequently)
Instruction has varying number of bytes. Hardware will know how many bytes to expect for the next instruction.
804854e: e8 3d 06 00 00 (call 8048b90 <main>)
8048553: 50 (pushl %eax)
...
8048591: c3 (ret)
This 3d 06 00 00 is relative address while e8 is call. The return address will be 8048553
call:
assume %eip is 804854e
execute pushl <return_addr> to stack (we don't need to write pushl)
set %eip to 8048b90 (jump to new function)
ret:
assume %eip is 8048591 (the ret instruction)
then popl %eip (retrieve return address we don't need to write popl)
When function call, we store on stack
arguments
local variable
return pointer
weird things (static links, exception)


Note that we store the first argument closest to return address so that we can know how many arguments in total for functions like
printfwhich takes variable amount of arguments but total number of arguments is defined when we see the first argument.


Note that in image,
%ebxis a callee saved register for local variable, and we save that. We don't see%eaxbecause they are caller-save and our caller does not make use of%eax.
Note:
we use movl instead of pop to restore stack from because we might have many local variables to erase. movl does it more quickly.
both caller and callee want to use registers, so it is up to convention who save them to stack (by convention, some are caller save, some are callee save)

Register
%eaxholds return value.
Different program does not share virtual memory stack, how do we input arguments argc, argv to main() function? - OS will transfer environment variables on high address, higher than code.
What does return(0) do? - the same as exit(0)
Table of Content