0

As we know, when we use "call" instruction, we will create a return address stack buffer in x86&x64 (see http://www.agner.org/optimize/microarchitecture.pdf p.36) for future prediction of function return address) .

But how about the “syscall” instruction? Will it break the previous return stack buffer when it returns via sysret? Can we view it just like a jmp instruction, only from the perspective of return stack buffer?

Thank you for your help!

Oh, this is totally not about calling convention but the (branch predict unit) implement of the "syscall" and "sysret" instruction in x64 CPU. The question is not related to the register status before/after the "syscall".

Yuan Zhu
  • 49
  • 5
  • 1
    I would say that it in general should not, but the kernel could call so many functions that the buffer is effectively exhausted when it returns. – fuz May 13 '17 at 15:03
  • So you agree that syscall is just like a simple jump instruction? – Yuan Zhu May 13 '17 at 15:58
  • 1
    Nope, it's much more complex. Read the documentation for details. – fuz May 13 '17 at 16:15
  • 1
    Possible duplicate of [What are the calling conventions for UNIX & Linux system calls on x86-64](http://stackoverflow.com/questions/2535989/what-are-the-calling-conventions-for-unix-linux-system-calls-on-x86-64) – Johan May 14 '17 at 10:30

0 Answers0