RET 之后的指令总是 CALL 之后的指令吗? [英] Is the instruction after a RET always the one after CALL?
问题描述
在行为良好的 C 程序中,返回语句 (RET) 是否总是返回到 CALL 语句之后的指令?我知道这是默认设置,但我想检查是否有人知道或记得该标准不适用的真实案例(常见的编译器优化或其他事情......).有人告诉我,函数指针可能会发生这种情况(函数指针会将值放在堆栈上,而不是 CALL ......我搜索了它,但我没有在任何地方看到解释).
In a well-behaved C program, shall the return statement (RET) always return to the instruction following the CALL statement? I know this is the default, but I would like to check if anyone knows or remembers authentic examples of cases where this standard does not apply (common compiler optimization or other things...). Someone told me that it could happen with a function pointer (the function pointer would put the value on the stack, instead of the CALL... I searched for it but I did not see an explanation anywhere).
让我试着更好地解释我的问题.我知道我们可以使用其他结构来更改执行流程(包括操作堆栈)...我了解如果我们更改写入堆栈的返回地址,执行流程将更改为写入堆栈的地址.我需要知道的是:是否存在任何不寻常的执行情况,即下一条指令不是 CALL 之后的指令?我的意思是,我想确保它不会发生,除非发生意外情况(例如会导致结构化异常处理程序的内存访问冲突).
Let me try to better explain my question. I know that we can use other structures to change the execution flow (including manipulating the stack)... I understand that if we change the return address written on the stack the execution flow will change to the address that was written on the stack. What I need to know is: is there any not unusual execution situation where the next instruction is not the one that follows the CALL? I mean, I would like to be sure that it doesn't happen, unless something unexpected occurs (like a memory access violation that would lead to a structured exception handler).
我担心的是商业应用程序是否总是遵循上述模式.请注意,在这种情况下,我对异常有一个固定(重要的是要知道它们在这种情况下是否存在,对于我正在开发为理学硕士课程学科的研究项目).例如,我知道编译器有时可能会将 RET 更改为 JMP(尾调用优化).我想知道这样的事情是否会改变在 RET 之后执行的指令的顺序,主要是,如果 CALL 总是在 RET 之后执行的指令之前.
My concern is whether the commercial application programs in general ALWAYS follow the mentioned pattern. Notice that in this case I have a fixation for exceptions (it is important to know whether they exist in this case, for a research project I'm developing into a M. Sc. program's discipline). I know, for example, that a compiler may, sometimes, change a RET to a JMP (tail-call optimization). I would like to know if something like this may change the order of the instruction that is executed after the RET and, mainly, if the CALL will always be just before the instruction executed after the RET.
推荐答案
一个表现良好"的 C 程序可能被编译器翻译成一个不遵循这种模式的程序.例如,出于混淆原因,代码可以使用 push/ret 组合而不是 jmp.
A "well behaved" C program could be translated by a compiler to a program that does not follow this pattern. For example for obfuscation reasons the code could use a push / ret combination instead of a jmp.
这篇关于RET 之后的指令总是 CALL 之后的指令吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
