0

I'm still learning assembly and C, but now, I'm trying to understand how the compiler works. I have here a simple code:

int sub()
{
  return 0xBEEF;
}
main()
{
  int a=10;
  sub();
}

Now I know already how the CPU works, jumping into the frames and subroutines etc. What i don't understand is where the program "store" their local variables. In this case in the main's frame?

Here is the main frame on debugger:

   0x080483f6 <+0>:     push   %ebp
   0x080483f7 <+1>:     mov    %esp,%ebp
   0x080483f9 <+3>:     sub    $0x10,%esp
=> 0x080483fc <+6>:     movl   $0xa,-0x4(%ebp)
   0x08048403 <+13>:    call   0x80483ec <sub>
   0x08048408 <+18>:    leave  
   0x08048409 <+19>:    ret

I have in "int a=10;" a break point that's why the the offset 6 have that arrow. So, the main's function starts like the others pushing the ebp bla bla bla, and then i don't understand this:

   0x080483f9 <+3>:     sub    $0x10,%esp
=> 0x080483fc <+6>:     movl   $0xa,-0x4(%ebp)

why is doing sub in esp? is the variable 'a' on the stack with the offset -0x4 of the stack pointer?

just to clear the ideas here :D

Thanks in advance!

int3
  • 658
  • 1
  • 5
  • 21

1 Answers1

2
   0x080483f9 <+3>:     sub    $0x10,%esp

You will find such an instruction in every function. Its purpose is to create a stack frame of the appropriate size so that the function can store its locals (remember that the stack grows backward!).
The stack frame is a little too big in this case. This is because gcc (starting from 2.96) pads stack frames to 16 bytes boundaries by default to account for SSEx instructions which require packed 128-bit vectors to be aligned to 16 bytes. (reference here).

=> 0x080483fc <+6>:     movl   $0xa,-0x4(%ebp)

This line is initializing a to the correct value (0xa = 10d). Locals are always referred with an offset relative to ebp, which marks the beginning of the stack frame (which is therefore included between ebp and esp).

Community
  • 1
  • 1
BlackBear
  • 22,411
  • 10
  • 48
  • 86
  • `0x10` is `16` in decimal. So why would the `sub` instruction mean that the stack frame has a size of 4 bytes? – us2012 Oct 06 '13 at 14:52
  • @us2012: you are completely right, I overlooked that.. And I just took a break ;) – BlackBear Oct 06 '13 at 14:57
  • Much better, +1 :) If you had an explanation for *why* the stack frame seems to be larger than required, that would be awesome. – us2012 Oct 06 '13 at 14:59
  • so the movl is moving 0xa (10d) to the offset -0x4 of the ebp (main). thanks so much :D – int3 Oct 06 '13 at 15:14
  • 1
    @us2012 here you are :) – BlackBear Oct 06 '13 at 15:16
  • @int3 you are welcome ;) you might want to accept my answer to indicate that it answers your question. You can to that for your other question as well :) --> http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work/5235#5235 – BlackBear Oct 06 '13 at 15:17
  • oh i thought it were somekind of mod here doing that job. but thanks for the info. next time i won't forget! :D – int3 Oct 06 '13 at 15:27