Why is the address on stack 8 bytes farther?

Question

There is this mov instuction:

        0040064e 89 7d dc        MOV        dword ptr [RBP + local_2c],EDI

EDI stores argc from main function. I wanted to check its value by looking at rbp - 0x2c:

(gdb) x/x $rbp-0x2C
0x7ffffffee1c4: 0x00000000

As you can see, there is nothing there. The thing is - the argc value is 8 bytes farther:

(gdb) x/x $rbp-0x2C+0x8
0x7ffffffee1cc: 0x00000002

My question is - why does that happen?

assembly

x86-64

disassembly

callstack

stack-frame

asked on Stack Overflow Apr 6, 2020 by

erzis • edited Apr 6, 2020 by

0 Answers

User contributions licensed under CC BY-SA 3.0