Typically, a computer program uses four types of memory areas (also called partitions or segments):
- Section
text : contains program code. It is reserved when the program is loaded by the operating system. This area is fixed and does not change while the program is running. This is better called the "code" section, but the name has historical reasons. - The
data : section contains program variables. It is reserved when a program is loaded and initialized with values ββdefined by the programmer. These values ββcan be changed by the program during its execution. - the stack . This is a dynamic memory area. It is used to store data for function calls. It basically works by pushing values ββonto the stack and popping out of the stack. It is also called "LIFO": the last in the first. Here local function variables are found. If the function exits, the data is removed from the stack and lost (mostly).
- a bunch . This is also a dynamic memory area. In the programming language, there is a special function that "distributes" (reserves) part of this area at the request of the program. Another function is available to return this area to the heap if it is no longer required. Since the data is explicitly output, it can be used to store data that lives longer than just calling a function (other than a stack).
The data for the text and data sections are stored in the program file (they can be found on Linux, for example, using objdump (add . To the names). The stack and heap are not stored anywhere in the file, since they are dynamically allocated (on request) by the program itself.
Usually, after loading the program, the expansion of the memory area is considered as one large block, where both the stack and the heap are located . They begin at the opposite end of this area and grow towards each other. For most architectures, the heap grows from low to high memory addresses (ascending) and stack down (decreasing). If they ever intersect, the program runs out of memory. Since this may be undetected, the stack may corrupt (modify external data) the heap or vice versa. This can lead to any errors depending on how / what data has changed. If the stack is damaged, this can lead to the program working (this is, in fact, one of the ways the Trojan can work). However, modern operating systems must take steps to detect this situation before it becomes critical.
This is not only for x86, but also for most other families of processors and operating system, in particular: ARM, x86, MIPS, MSP430 (microcontroller), AVR (microcontroller), Linux, Windows, OS-X, iOS, Android (which uses Linux OS), DOS. For microcontrollers, often there is no heap (all memory is allocated at runtime), and the stack can be organized somewhat differently; this is also true for ARM-based Cortex-M microcontrollers. But, in any case, this is a special subject.
Disclaimer: this is very simplified, so please no comments like "how about bss, const, myspecialarea" ;-). Also, the C standard is not required for these areas, in particular for using a heap or stack. In fact, there are implementations that are also not used. These are most often embedded systems with small (8 or 16 bit) microcontrollers or DSPs. In addition, modern architectures use CPU registers instead of a stack to pass parameters and store local variables. They are defined in the binary interface of the target platform application.
For the stack, you can read the wikipedia article. Note the difference between the implementation between the data stack and the hardware stack implemented in a typical (micro) processor.