From: Ed Beroset 
Subject: Re: Directly writing to memor
At 13:05 2/7/98, you wrote:
>
>DG> Setting SP 2 bytes above  is something I never thought of,
>DG> and would work in all situations.. unless, of course, one is working
>DG> with an XT, in which case SP is decremented after the write.
>
>actually on an XT it's decremented before the write,  and the new 
>value is stored at SS:(SP) I just tested it.
>
>on my 486 the old (un-decremented) value is stored at the new
>(decremented) address.
>
>in other words...
>
> start with SP=FFEE , then do push SP
>
> xt   SS:[FFEC] = FFEC
> 486  SS:[FFEC] = FFEE
>
> end with SP=FFEC
Thanks for posting that.  It's usually clearer to show the numbers in
addition to getting the text description.  Just for completeness, here's an
extract from Intel's Pentium manual which describes that difference:
-+--- extract begins
23.2.19.1. PUSH SP
The Pentium processor, Intel486, Intel386, and Intel 286 processors push a
different value on the stack for a PUSH SP instruction than the 8086
processor. The 32-bit processors push the value of the SP register before
it is decremented as part of the push operation; the 8086 processor pushes
the value of the SP register after it is decremented. If the value pushed
is important, replace PUSH SP instructions with the following three
instructions:
PUSH BP
MOV BP, SP
XCHG BP, [BP]
This code functions as the 8086 processor PUSH SP instruction on the
Pentium processor.
-+--- extract ends
>Someone said you could initialise SP to 2 bytes _past_ then end of
>stack segment and then push a Dword, I don't think that'll work
>because the cpu will attempt to write the last 2 bytes of the dword
>past the end of the stack segment, (won't that cause a SEGV and
>that'll cause a double-fault :) ) 
If that's what I wrote, I was wrong and you're right.  Thanks for the
correction!
>i think pointing to the first non-stack-segment asddress is the highest
you >can go with SP.
That's right.  What I was attempting to say (perhaps poorly!) was that the
initial value for SP can be two bytes beyond the last legal stack address,
e.g. the last legal stack address for a 16-bit 64K stack is 0fffeh and two
bytes beyond that is 10000h.  If one considers the stack to be 32-bit, the
last legal stack address is 0fffch, and four bytes beyond that is 10000h.  
As I'm sure you already know, if we start with that value (10000h) for a
64K stack, it doesn't matter what size value is pushed first.  "Pointing to
the first non-stack-segment address" is more succinct than how I was saying
it.  Perhaps it could be stated even more concisely as, "the highest safe
value for the stack pointer is one byte beyond the upper bound of the stack
segment."      
Ed
-!-
---
---------------