views:

145

answers:

3

This is what I see by disassemble for the statement function(1,2,3);:

movl   $0x3,0x8(%esp)
movl   $0x2,0x4(%esp)
movl   $0x1,(%esp)
call   0x4012d0 <_Z8functioniii>

It seems the ret address is not pushed into stack at all,then how does ret work?

+2  A: 

It depends on the ABI and the architecture, but if the return address does end up on the stack it's a side-effect of the call instruction that puts it there.

Carl Norum
+3  A: 

Ideally, the call statement should take care of that. The program counter's next location will be pushed into the stack. When the function (sub routine) that was called completes it work and when it encounters a return statement, the control now goes to the address that was pushed into the stack and it will get popped.

Bragboy
How does `call` deal with it then?I just want to see where the *ret address* is specified
Mask
You will have break down the call method to further hex code. The cheat sheet for instruction set specified for the particular processor would reveal that. For example if you take the simplest of microprocessors 8085 and ADD X instruction will not show the second value (lets assume Y like ADD X,Y). Instead it will add the value X to some reserved register within the processor say H and store the value in H. The overflow bit should there be any will be stored in another register. That is how ADD instruction is designed. CALL instruction also will have similar predefined rules
Bragboy
Part of the job of the call instruction is to push the return address onto the stack. The return address is just the address directly after the parameters to the call instruction. To see what the return address is in your example above, you'd have to look at the stack as soon as the program gets into the procedure at 0x4012d0.
Rob Heiser
@Mask, you can think that return address is passed as address of call instruction stored in IP/EIP register. when processor gets next insruction and it's call instruction (far/short etc.) it can add size of instruction to IP and push it to stack (SP register) with doing this it will change value of IP to appropriate address ref passed with CALL instruction (relative for short, absolute for far, register based etc.). P.S. Is this question is still have no approved answers?..
ony
+3  A: 

On an x86 processor (as for your assembly language example), the call instruction pushes the return address on the stack and transfers control to the function.

Not all processor architectures put the return address on the stack- often there's a set of one or more registers designed to hold return addresses. On ARM processors, the BL instruction places the return address in a specific register (LR, or the 'link register') and transfers control to the function. The ia64 processor does something similar, except that there are several possible registers (b0-b7) that can receive the return address and one will be specified in the instruction (with b0 being the default).

Michael Burr