Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does CALL instruction ALWAYS push the address pointed by EIP to stack?

Tags:

x86

assembly

call

instructions

eip

Is there any condition where the return address is not pushed into stack during a function call in x86 architecture?

like image 597
balajimc55 Avatar asked Nov 13 '15 02:11

balajimc55

People also ask

What does call instruction do on stack?

When the CALL instruction is executed, the address of the instruction below the CALL instruction is pushed onto the stack. When the execution of that subroutine is finished and RET is executed, the address of the instruction below the CALL instruction is loaded in the program counter and it is executed.

What does the call instruction do?

The call instruction calls near procedures using a full pointer. call causes the procedure named in the operand to be executed. When the called procedure completes, execution flow resumes at the instruction following the call instruction (see the return instruction).

What happens when call instruction is executed?

When an x86 CALL instruction is executed, the contents of program counter i.e. address of instruction following CALL, are stored in the stack and the program control is transferred to subroutine.

What is call push to stack?

The callq instruction takes one operand, the address of the function being called. It pushes the return address (current value of %rip , which is the next instruction after the call) onto the stack and then jumps to the address of the function being called.

1 Answers

No. CALL will, by definition, push the return address onto the stack before jumping to the target address. That return address is EIP (or RIP) + sizeof(call instruction) (usually 5 bytes.)

Volume 2 of the Intel® 64 and IA-32 Architectures Software Developer’s Manual states that CALL:

Saves procedure linking information on the stack and branches to the called procedure specified using the target operand.

This includes:

  • Near Call — "A call to a procedure in the current code segment", where EIP is pushed onto the stack.
  • Far Call — "A call to a procedure located in a different segment than the current code segment", where CS, EIP are pushed onto the stack.

The alternative, not pushing a return address, is a JMP.

Every C compiler I'm familiar with will always implement function calls on x86 using a CALL instruction, with one exception: a tail call, which can be implemented with a JMP. This happens especially when one function returns the result of another function call. E.g.

int bar(int a, int b);

int foo(int a, int b)
{
    if (a < b)
       return 0;

    return bar(a, b);   // Will probably be:    jmp  bar
}
like image 111
Jonathon Reinhart Avatar answered Nov 15 '22 12:11

Jonathon Reinhart
Sign in to Comment

Related questions

Process Page Tables
Trying to assemble the output of an disassembler (such as objdump) [duplicate]
What manages RAM?
64 bit assembly on Mac OS X runtime errors: "dyld: no writable segment" and "Trace/BPT trap"
Reading in 16 bits from a 32 bit register
Neccessity of push and pop operands on CPUs
Address substraction value is alway 12? Is size of variables slight?
Confusion with how Win32 API calls work in assembly
68k assembly - plus symbol on address registers
Why do Linux program .text sections start at 0x0804800 and stack tops start at 0xbffffff?
x86 TEST instruction not working?
Writing own SVC calls ARM assembly
ABI vs C++ Standard
How to print a character in Linux x86 NASM?
What are the scan codes for keyboard arrows? (right,left,down,up)
How do C developers work with assembly that's foreign to them?
gcc assembler preprocessor not compatible with standard headers
Can you add preprocessor directives in assembly?
x86_64 - Assembly - loop conditions and out of order
Explanation of setting the overflow flag

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!