0

I've disassembled the following C program :

int main() {
    
    int a = 10;
    a++;

    return 0;
}

and I obtained this :

0000000100003f90 <_main>:
100003f90: 55                           pushq   %rbp
100003f91: 48 89 e5                     movq    %rsp, %rbp
100003f94: c7 45 fc 00 00 00 00         movl    $0, -4(%rbp)
100003f9b: c7 45 f8 0a 00 00 00         movl    $10, -8(%rbp)
100003fa2: 8b 45 f8                     movl    -8(%rbp), %eax
100003fa5: 83 c0 01                     addl    $1, %eax
100003fa8: 89 45 f8                     movl    %eax, -8(%rbp)
100003fab: 31 c0                        xorl    %eax, %eax
100003fad: 5d                           popq    %rbp
100003fae: c3                           retq

I know what the pushq rbp instruction does but what is not clear is whose base stack frame pointer is saved onto the stuck ? This implies that another function called the main function and we can also confirm that from the return "100003fae: c3 retq".

Could someone explain what happens? I'm running mac os with an intel cpu but I would like to know what is the behavior in unix system in general

Steve Friedl
  • 3,929
  • 1
  • 23
  • 30
Kode1000
  • 111
  • 3
  • The rbp of the function that calls `main` is saved. – tkausl Jul 12 '23 at 14:14
  • 5
    `main` is not the entry point of your program. That is in C startup code which indeed calls your `main`. Even if it were the actual entry point, the compiler might still not handle it specially and just assume it needs to preserve `rbp` because that's what the calling convention says. – Jester Jul 12 '23 at 14:16
  • https://stackoverflow.com/questions/3469955/in-c-how-is-the-main-method-initially-called – Mat Jul 12 '23 at 14:45
  • Also related: [Can I do \`ret\` instruction from code at \_start in MacOS? Linux?](https://stackoverflow.com/q/47801580) re: macOS `_start` process entry-point details. (but that's talking about hand-written asm, not calling a `main`.) – Peter Cordes Jul 12 '23 at 15:52

0 Answers0