Studying a simplistic code disassembly output and memory map

Question

Can Someone explain to me what is happening below? Questions:

• Why doesn't variable i stay in a register?
• why does register rbp contain the address of a memory cache line and not the address of i (i.e. 4 bytes)?
• What does this mean? movl $0x5,-0x4(%rbp); What does % and the negative 0x4 mean?

---

int main(int argc, char* argv[])
{
    int i = 5;  // line 25
    i ++;       // line 26
}
-----------------------------------------------------

Disassembly:
25                  int i = 5;
00000000004014f4:   movl $0x5,-0x4(%rbp)
26                  i ++;
00000000004014fb:   addl $0x1,-0x4(%rbp)
-----------------------------------------------------

Register Values:
rbp: 0x23fe60
-----------------------------------------------------

Memory map at line 25:
Address  |   0-3  |   4-7  |   8-B  |   C-F  |
0x23fe60 |00000000|00000000|00000000|05000000|

Memory map at line 26:
Address  |   0-3  |   4-7  |   8-B  |   C-F  |
0x23fe60 |00000000|00000000|00000000|06000000|

Note: the above was generated by Eclipse, I am compiling using mingw on a 64 bit machine.

Answer 1

• Why doesn't variable i stay in a register?

This is a decision of the compiler. In the old days people would use the keyword register to give the compiler a hint that the variable is used frequently, so that the compiler could perhaps use a register for this field instead of a stack entry. This is not recommended now though, as compilers are very smart these days and will will often optimize far better than we can.

• why does register rbp contain the address of a memory cache line and not the address of i (i.e. 4 bytes)?

On entering a function, local variables will be pushed onto the stack. After this rbp will be set to the value of rsp, the stack pointer. As rsp points to the next free space, so does rbp, so you need to -4 to get the address of the last variable pushed onto the stack, in this case i.

• What does this mean? movl $0x5,-0x4(%rbp); What does % and the negative 0x4 mean?

Place the value 0x5 into the address rbp-4.

Answer 2

• Why doesn't variable i stay in a register?

Because your compiler didn't feel like it. It decided to place the variable i on the stack.

• why does register rbp contain the address of a memory cache line and not the address of i (i.e. 4 bytes)?

rbp doesn't contain the address of a memory cache. rbp is the Base Pointer, which points to the bottom of the stack. -0x4(%rbp) is the location of variable i in the memory (on the stack). It means value of rbp MINUS 4. Why 4? Because i takes 4 bytes. So it is the address of i.

See http://en.wikibooks.org/wiki/X86_Disassembly/The_Stack

• What does this mean? movl $0x5,-0x4(%rbp); What does % and the negative 0x4 mean?

There are 2 common assembly syntaxes

1. AT&T, which is an unreadable mess
2. "Regular" Intel syntax

Your code is in AT&T unfortunately. % is how variables are referenced in AT&T syntax. -0x4 is hex representation of number -4 (see the answer above).

See http://en.wikipedia.org/wiki/X86_assembly_language#Syntax

Answer 3

• There is no such thing as a 'cache address' - the cache is abstracted from the program, only the CPU and the OS knows about the cache and how to translate memory addresses to 'cache addresses'

• Variable i is allocated on the stack. rbp is the frame's 'base-pointer' which points to the current function's frame that's being executed on the stack. so -0x4(%rbp) means that in offset 4 (backwards - get back to that point later) to the register rbp, variable i is located. Read more about how the stack works and what its frames look like here: http://www.cs.umd.edu/class/sum2003/cmsc311/Notes/Mips/stack.html

• movl $0x5,-0x4(%rbp) is valid and you are correct, it seems weird coming from the Intel syntax world. But actually this is an example of an AT&T syntax code. Read here for further explanations: http://en.wikipedia.org/wiki/X86_assembly_language#Syntax

I really think u would benefit from reading this: http://lwn.net/Articles/250967, it really helped me a lot when thinking 'big picture' about memory.

Answer 4

• Do you mean "not in a register?" Because your program is not compiled with high optimization settings (but if you had compiled with high optimization values your entire procedure would be empty because it doesn't 'do anything' (has no side effects). The address containing your variable will certainly be brought in to the memory cache when the CPU executes those instructions

  • register rbp contains the base of the stack frame of the function, it's where local automatic variables are allocated from, this is specified by the calling convention of your language.

  • in this case the mov instruction is a move of an immediate value to the memory location. The % prefaces a register name. Since stacks grow downwards traditionally the offset of the local automatic variable is a negative offset from the base of the frame/stack.