0

I'm working with the GDB debugger right now. Question: In the disassembly file, locate the definition of main. How much stack space (decimal number) does this function allocate for itself?

Here is the function:

08048460 <main>:
8048460:       55                      push   %ebp
8048461:       89 e5                   mov    %esp,%ebp
8048463:       83 e4 f0                and    $0xfffffff0,%esp
8048466:       83 ec 40                sub    $0x40,%esp
8048469:       b8 db 0f 49 40          mov    $0x40490fdb,%eax
804846e:       89 44 24 08             mov    %eax,0x8(%esp)
8048472:       b8 ec 78 ad e0          mov    $0xe0ad78ec,%eax
8048477:       89 44 24 04             mov    %eax,0x4(%esp)
804847b:       b8 ec 78 ad 60          mov    $0x60ad78ec,%eax
8048480:       89 04 24                mov    %eax,(%esp)
8048483:       e8 bc ff ff ff          call   8048444 <fn1>
8048488:       d9 5c 24 3c             fstps  0x3c(%esp)
804848c:       b8 db 0f 49 40          mov    $0x40490fdb,%eax
8048491:       89 44 24 08             mov    %eax,0x8(%esp)
8048495:       b8 ec 78 ad e0          mov    $0xe0ad78ec,%eax
804849a:       89 44 24 04             mov    %eax,0x4(%esp)
804849e:       b8 ec 78 ad 60          mov    $0x60ad78ec,%eax
80484a3:       89 04 24                mov    %eax,(%esp)
80484a6:       e8 a7 ff ff ff          call   8048452 <fn2>
80484ab:       d9 5c 24 38             fstps  0x38(%esp)
80484af:       c7 04 24 e0 85 04 08    movl   $0x80485e0,(%esp)
80484b6:       e8 c5 fe ff ff          call   8048380 <puts@plt>
80484bb:       d9 44 24 3c             flds   0x3c(%esp)
80484bf:       d8 64 24 38             fsubs  0x38(%esp)
80484c3:       dd 1c 24                fstpl  (%esp)
80484c6:       e8 95 fe ff ff          call   8048360 <abs@plt>
80484cb:       89 44 24 2c             mov    %eax,0x2c(%esp)
80484cf:       db 44 24 2c             fildl  0x2c(%esp)
80484d3:       dd 05 20 86 04 08       fldl   0x8048620
80484d9:       d9 c9                   fxch   %st(1)
80484db:       da e9                   fucompp
80484dd:       df e0                   fnstsw %ax
80484df:       9e                      sahf
80484e0:       0f 97 c0                seta   %al
80484e3:       84 c0                   test   %al,%al
80484e5:       74 21                   je     8048508 <main+0xa8>
80484e7:       d9 44 24 38             flds   0x38(%esp)
80484eb:       d9 44 24 3c             flds   0x3c(%esp)
80484ef:       d9 c9                   fxch   %st(1)
80484f1:       b8 e8 85 04 08          mov    $0x80485e8,%eax
80484f6:       dd 5c 24 0c             fstpl  0xc(%esp)
80484fa:       dd 5c 24 04             fstpl  0x4(%esp)
80484fe:       89 04 24                mov    %eax,(%esp)
8048501:       e8 6a fe ff ff          call   8048370 <printf@plt>
8048506:       eb 0c                   jmp    8048514 <main+0xb4>
8048508:       c7 04 24 08 86 04 08    movl   $0x8048608,(%esp)
804850f:       e8 6c fe ff ff          call   8048380 <puts@plt>
8048514:       b8 00 00 00 00          mov    $0x0,%eax
8048519:       c9                      leave
804851a:       c3                      ret
804851b:       90                      nop
804851c:       90                      nop
804851d:       90                      nop
804851e:       90                      nop
804851f:       90                      nop

I don't understand how to determine this. Is the question asking how much stack space the function allocates for itself before it's called or during the process it was being called? Is it asking how many bytes or how many registers in the stack are being taken up by this function?

I'm new to assembly, so is there a certain technique I should use to answer this question?

Rafi
  • 1,902
  • 3
  • 24
  • 46
  • The answer to this question has a pretty good explanation of the function prologue you're looking at. http://stackoverflow.com/questions/15655553/why-to-use-ebp-in-function-prologue-epilogue – rici Feb 26 '15 at 03:56

2 Answers2

1

First there's a push ebp, followed by rounding esp down to a 16 byte boundary, then 0x40 is subtracted from esp. This could get further complicated if something like _alloca() was used to dynamically allocate space from the stack.

rcgldr
  • 27,407
  • 3
  • 36
  • 61
  • Just curious, so the program saw all the variables being used and knew how much space to allocate on the stack before it did anything with the variables? – Rafi Feb 26 '15 at 04:25
  • Yes, that's right. Some compilers may allocate space as they go, e.g. if you open a block within a function and declare variables inside like this: `main() { int i; ... { int j; ... } ... }` some compilers, or even the same compiler with different options, will reserve all space at the beginning, and others as they go. – Pedro Gimeno Feb 26 '15 at 06:06
1

This line:

8048466:       83 ec 40                sub    $0x40,%esp

tells you that the space allocated is 0x40 (64) bytes.

Pedro Gimeno
  • 2,837
  • 1
  • 25
  • 33
  • I read through online sources thar sub %esp, x where x is a number reserves space on the stack. So is this the same thing? – Rafi Feb 26 '15 at 04:24
  • Kind of. The stack frame is initialized with the push %ebp; mov %esp,%ebp; the following instruction is usually the one that reserves space. That can depend on compilation flags and other factors, it's not a fixed rule. Note also that this is "AT&T syntax" which has the arguments reversed, and the left hand side is subtracted from the right hand side. – Pedro Gimeno Feb 26 '15 at 04:31
  • 1
    After re-reading your comment above I think that the AT&T syntax is what confused you. Try `set disassembly-flavor intel` to see the instruction as `sub esp,N`. – Pedro Gimeno Feb 26 '15 at 04:36