x86-CALL指令是否总是将EIP指向的地址压入堆栈? [英] x86 - Does CALL instruction ALWAYS push the address pointed by EIP to stack?

问题描述

在x86体系结构中的函数调用期间，是否存在返回地址没有被压入堆栈的情况?

Is there any condition where the return address is not pushed into stack during a function call in x86 architecture?

推荐答案

否.根据定义，CALL将把返回地址压入堆栈，然后再跳转到目标地址.该返回地址为EIP(或RIP)+ sizeof(call instruction)(通常为5个字节).

No. CALL will, by definition, push the return address onto the stack before jumping to the target address. That return address is EIP (or RIP) + sizeof(call instruction) (usually 5 bytes.)

将过程链接信息保存在堆栈上，并跳转到使用目标指定的被调用过程 操作数.

Saves procedure linking information on the stack and branches to the called procedure specified using the target operand.

这包括:

• Near Call (Near调用)-对当前代码段中的过程的调用"，其中EIP被压入堆栈.
• 远程调用 —对位于与当前代码段不同的段中的过程的调用"，其中CS，EIP被压入堆栈.

• Near Call — "A call to a procedure in the current code segment", where EIP is pushed onto the stack.
• Far Call — "A call to a procedure located in a different segment than the current code segment", where CS, EIP are pushed onto the stack.

JMP.

我熟悉的每个C编译器将始终使用CALL指令在x86上实现函数调用，但有一个例外: tail call (可以通过JMP实现).当一个函数返回另一函数调用的结果时，尤其会发生这种情况.例如

Every C compiler I'm familiar with will always implement function calls on x86 using a CALL instruction, with one exception: a tail call, which can be implemented with a JMP. This happens especially when one function returns the result of another function call. E.g.

int bar(int a, int b);

int foo(int a, int b)
{
    if (a < b)
       return 0;

    return bar(a, b);   // Will probably be:    jmp  bar
}

这篇关于x86-CALL指令是否总是将EIP指向的地址压入堆栈?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！