当控制权返回给被调用方保存的寄存器时，操作系统是否会采取任何假设? [英] Does the operating system assumes anything about callee-saved registers when control returns to it?

问题描述

当控制权返回给被调用者保存的寄存器时，操作系统是否采取任何措施?

Does the operating system assumes anything about callee-saved registers when control returns to it?

我想知道操作系统(例如Windows)是否假设有关被调用方保存的寄存器(例如ebp, esi, edi)的任何内容?

I've wondered whether the OS, say Windows, assumes anything about the callee-saved registers like ebp, esi, edi?

换句话说，当控制权传回给操作系统时，操作系统是否要求保留这些寄存器中的任何一个值(main中的ret)?

In other words, does the OS require the value in any of these registers preserved, when control transfers back to it (ret in main)?

我找不到指定的任何内容，但我猜答案是否定的(已经看过编译器生成的代码).是否有关于该主题的文档?

I cannot find anything specified, but I guess the answer is no (having looked at compiler generated code). Is there any documentation on the topic?

推荐答案

Windows 32设计为具有进程隔离功能.
一个进程执行的任何操作 ^* 都不会导致另一个进程(包括)操作系统本身发生故障.
因此，退出时如何处理寄存器都无关紧要.

Windows 32 is designed to have process isolation.
Nothing^* that a process does can cause another process (including) the operating system itself to fail.
For this reason it does not matter what you do with the registers upon exit.

唯一的例外是esp.如果堆栈指针混乱，您的应用程序将因堆栈错误或访问冲突而终止.
这仍然不会影响操作系统，但是只会稍微提前终止您的应用程序.

The only exception is esp. If the stack pointer is messed up your application will terminate with a stack fault or access violation.
This will still not affect the OS however, it will merely terminate your app slightly early.

^* 显然，这不包括合法系统调用或漏洞利用对系统的影响.

请注意，main中的ret不会不将控制权返回给操作系统.几乎所有Win32 c应用程序都包含一个运行时库.如果是，则main中的ret返回到一些初始化代码，如下所示:

Note that the ret in main does not return control to the OS. Almost all Win32 c applications have a runtime library included. If so the ret in main returns to some initialization code that look like this:

//pseudo-init

do set up (setup command line params for main to read).
call main;
call Windows.ExitProcess(); 

对于应用程序而言，拥有干净"的Windows出口很重要，因此它可以清理自己的资源(关闭文件等).操作系统并不真正在乎.如果应用程序自身无法清除，操作系统将为它完成工作.
比崩溃更糟糕的是挂"死了.如果应用程序陷入无限循环，或者更糟糕的是，无限循环不断占用越来越多的资源，则可以很轻松地使系统瘫痪.

Having a 'clean' exit to Windows is important to an application so it can clean up its own resources (close files etc). The OS does not really care. If an application does not clean up after itself, the OS will do the job for it.
Much worse than having a crashing up is a 'hung' one. If an application is stuck in an endless loop, or worse an endless loop that keeps claiming more and more resources then the system can be brought to its knees quite easily.

这篇关于当控制权返回给被调用方保存的寄存器时，操作系统是否会采取任何假设?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！