堆栈中的返回地址是如何指定的? [英] How is return address specified in stack?

问题描述

这是我通过反汇编看到的语句function(1,2,3);:

This is what I see by disassemble for the statement function(1,2,3);:

movl   $0x3,0x8(%esp)
movl   $0x2,0x4(%esp)
movl   $0x1,(%esp)
call   0x4012d0 <_Z8functioniii>

看起来ret地址根本没有入栈，那么ret是怎么工作的?

It seems the ret address is not pushed into stack at all,then how does ret work?

推荐答案

在 x86 处理器上(就您的汇编语言示例而言)，call 指令将返回地址压入堆栈并将控制权转移给函数.

On an x86 processor (as for your assembly language example), the call instruction pushes the return address on the stack and transfers control to the function.

因此在进入函数时，堆栈指针指向一个返回地址，准备好 ret 将其弹出到程序计数器(EIP/RIP)中.

So on entry to a function, the stack pointer is pointing at a return address, ready for ret to pop it into the program counter (EIP / RIP).

并非所有处理器架构都将返回地址放在堆栈上——通常有一组一个或多个寄存器旨在保存返回地址.在 ARM 处理器上，BL 指令将返回地址放置在特定寄存器(LR，或链接寄存器")中，并将控制权转移给函数.

Not all processor architectures put the return address on the stack- often there's a set of one or more registers designed to hold return addresses. On ARM processors, the BL instruction places the return address in a specific register (LR, or the 'link register') and transfers control to the function.

ia64 处理器做了类似的事情，只是有几个可能的寄存器(b0-b7)可以接收返回地址，并且会在指令中指定一个(b0 是默认值).

The ia64 processor does something similar, except that there are several possible registers (b0-b7) that can receive the return address and one will be specified in the instruction (with b0 being the default).

这篇关于堆栈中的返回地址是如何指定的?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！