Question

这就是我对以下声明的异议:<代码>功能(1,2,3);:

movl   $0x3,0x8(%esp)
movl   $0x2,0x4(%esp)
movl   $0x1,(%esp)
call   0x4012d0 <_Z8functioniii>

看来“ret Address根本不推入 st,因此ret work?

Answer 1

关于X86处理器(如你的组装语言), :>指示将关于批量和转移控制的收益地址推向该功能。

因此,在进入职能时,分站在一份返回地址上,准备在<代码>ret上登入方案柜(EIP / RIP)。

并非所有的加工商结构都把返回地址放在了 st头上,常常有一套一个或多个登记册,以持有返回地址。关于ARM处理器,BL指示将返回地址列入特定登记册(,或链接登记册>),并将控制权转让给该功能。


ia64加工商有类似之处,但有几种可能的登记册(b0-b 7)可以接收返回地址,并在指示中加以具体说明(b0为违约)。

Answer 2

理想的情况是,<代码> 电话/编码>发言应当考虑到这一点。方案对下一个地点将推向 st。当称为“次级常规”的职能完成时,当它遇到返回声明时,控制现在转向被推入 st线的地址,而且会蔓延。

Answer 3

它取决于ABI和架构,但如果返回地址在最后点上,它就产生了“<条码>查询/编码”指示的副作用,从而使之成为可能。

Answer 4

call pushes the current value of the RIP register (return address) to the stack + does the call
ret pops the return address(that call pushed) from the top of the stack (RSP register points there) and writes it in the RIP register.

例如,GNU/HCH箱:功能 f打字功能g,请看g。

http://www.ohchr.org。

... <- RSP (stack pointer shows top of stack) register points at this address
g s local vars
f s base pointer (old RBP value) <- RBP (base pointer) register points at this address
f s ret address (old RIP value) (this is what the call (from f) pushed, and what the ret (from g) will pop)
args that f called g with and didn t fit in the registers (I think on Windows this is different)
...

www.un.org/Depts/DGACM/index_spanish.htm High ADDRESS

g will free the local vars (movq %rsp, %rbp)
g will pop the "old RBP" and store it in RBP register (pop %rbp)
g will ret, which will modify RIP with the value that is stored where RSP points at

希望会有助于

友情链接