inspect stack in assembly

Question

I am pushing some int value in inline-assembly:

_asm
  {
  mov eax,i3  
  push eax
  mov eax,ii  
  }  

Later I retrieve this value doing pops:

_asm
  {
  pop eax
  mov ii,eax  
  pop eax
  mov i3,eax  
  }  

What I'd like to inpect my stack without doing a pop. I need to rearrange or rewiew a few values. I can then restore the stack when I'm done.

I am very rusty in asm. Is there something like:

mov ii,esp+4 

that would move the next (not current) stack element? I'm just guessing. I need this code to run in both 32 bit win and 64 win environment.

Answer 1

What I'd like to inpect my stack without doing a pop. I need to rearrange or rewiew a few values.

This is how stack-allocated variables act in a function - hence why the function prologue is usually followed by a sub esp, x where x is an amount of space to allocate.

Variable access in C (and in C++) is, therefore, inspecting the stack. Alternatively, if you know how the compiler has allocated the variables, you can read them from your inline ASM.

One way to achieve what you're trying to do might be to list both your input variables and output variables as operands to the inline asm. This osdev article explains it nicely. This way, regardless of how the compiler re-orders the stack between coding alterations and optimisation flags, your assembler will still work.

Alternatively, if you write the entire function yourself, you can load the value of the stack at a given address like so:

mov eax, DWORD PTR [ebp-8]

This will load eax with the value of the memory address located at ebp-8.