Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does the ret instruction add 4 to esp register?

Tags:

return

x86

assembly

stack-pointer

instructions

Does the ret instruction cause "esp" register to be increased by 4?

like image 375
remainn Avatar asked Nov 27 '10 15:11

remainn

People also ask

What does the RET instruction do?

The ret instruction transfers control to the return address located on the stack. This address is usually placed on the stack by a call instruction. Issue the ret instruction within the called procedure to resume execution flow at the instruction following the call .

What does RET do ESP?

Basically, a ret instruction This will take a dword from the top of the stack at esp and load it to eip, while also adding 4 to esp's value (to move it up to the next entry). This is essentially identical to your second option.

What does call and RET instructions do in terms of register ESP and stack?

1. CALL and RET Instructions. Two instructions control the use of assembly-language procedures: CALL pushes the return address onto the stack and transfers control to a procedure. RET pops the return address off the stack and returns control to that location.

When the RET instruction at the end of subroutine is executed?

RET is the instruction used to mark the end of sub-routine. It has no parameter. After execution of this instruction program control is transferred back to main program from where it had stopped. Value of PC (Program Counter) is retrieved from the memory stack and value of SP (Stack Pointer) is incremented by 2.

2 Answers

Yes, it performs 

pop eip

You can use 

mov eax, [esp]
jmp eax

to avoid it.

EDIT: It's exactly what ret does. For example, jmp rel_offet is nothing than a hidden add eip, offset, or jmp absolute_offset is mov eip, absolute_offset. Sure there are differences in the way the processor treats them, but from programmer's point of view it's all that happens.

Also, there is a special form of ret : ret imm8 that also adds this imm8 value to esp : for example a __stdcall function uses it to discard its parameters from the stack. Not to mention retf version, used in 16bit mode, that also pops the cs from the stack.

EDIT2:

pop register

means:

mov register, [esp]
add esp, 4
like image 83
ruslik Avatar answered Oct 13 '22 11:10

ruslik

yes, because on the stack there is (well, there should be, see buffer overflow) the address to where resume the execution of the program. So ret means 

pop ret_addr           ; pop deletes ret_addr from stack by adding 4 to esp
mov eip, ret_addr

which is

pop eip

just as ruslik said

like image 27
BlackBear Avatar answered Oct 13 '22 10:10

BlackBear
Sign in to Comment

Related questions

#include header with C declarations in an assembly file without errors?
Why INC and ADD 1 have different performances? [duplicate]
Can branch prediction cause illegal instruction?
Is an entire static program loaded into memory when launched?
How to get opcodes of a c program
asm in C "too many memory references for `mov'"
Running assembly in an empty virtual machine instance?
What is the difference between la and li in opcodes in MIPS?
Is it possible to access 32-bit registers in C?
Converting Int to Float or Float to Int using Bitwise operations (software floating point)
In GNU Assembler, what does a dot signify at the beginning of a name?
What does the PIC register (%ebx) do?
Linux system call table or cheatsheet for Assembly [closed]
pop or add esp, 4 ? What is the difference?
Commenting syntax for x86 AT&T syntax assembly
Can't include a file in NASM
C uses assemble: operand type mismatch for push
ADC instruction in ASM 8086
Why does GCC emit "lea" instead of "sub" for subtraction?
AArch64 relocation prefixes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!