I have debugged into the assembly language for the following simple sample, but I never saw any instructions dealing with push eip/pop eip, which dealing with saving/restoring the return address when function foo completes. Any ideas?
int foo (int a, int b)
int a1 = 100;
int b1 = a1 + 100;
a1 = foo (a1, b1);
thanks in advance,
EIP is the program counter. It changes for every instruction, and it is managed by call and ret, jmp and other "flow control" instructions, so there's really little need to push or pop it explicitly - in fact, there's no instructions to do that. In fact, plain "ret" is the same as "pop eip", and in PDP-11, although there was a "ret" instrction, it actually had the same opcode as "mov (sp)+, pc".
You can "pop" EIP into another register:
mov dword ptr x, eax
But be advised that this potentially messes up the CPU's internal procedure jump stack, thus leading to stalled pipelines on function returns.
Search the blog The Old New Thing, where Raymond Chen warned about this.
Correct - not pairing call with return will mess up the "return stack optimizer".
Originally Posted by CornedBee