"每个任务(进程)有一个栈,在这个进程中每个函数被调用时分别从这个栈占用一段区域,称为帧(frame)。%esp寄存器指向当前整个栈的栈顶,%ebp指向当前帧的帧底。不是当前帧(调用者)的帧底都已经被压栈。上一级调用者的帧底被压入当前%ebp内容所指的地址,也就是当前帧的帧底位置保存了上一级调用者的%ebp指针值(帧底),而每个%ebp的前一个单元存放的就是当前函数的返回地址(它是由调用者在call指令中入的栈),保证是在上一级帧的最后一个空间单元。这样就可以根据当前%ebp的值回溯出整个任务的调用栈(调用过程)。" ---- 高手对栈帧的解释
个人理解:当前帧的%ebp即标识了当前帧底,也保存了上一级调用者的%ebp,所以是一个连续的调用过程。
下面是APUE中提到的错误得使用vfork的例子,在一个函数中调用vfork,其中提到了栈帧。
#include "apue.h" static void f1(void), f2(void); int main(void) { f1(); f2(); _exit(0); } static void f1(void) { pid_t pid; if ((pid = vfork()) < 0) err_sys("vfork error"); /* child and parent both return */ } static void f2(void) { char buf[1000]; /* automatic variables */ int i; for (i = 0; i < sizeof(buf); i++) buf[i] = 0; }
When vfork is called, the parent's stack pointer points to the stack frame for the f1 function that calls vfork . vfork causes the child to execute first, and the child returns from f1 . The child then calls f2 , and its stack frame overwrites the previous stack frame for f1 . The child then zeros out the automatic variable buf , setting 1,000 bytes of the stack frame to 0. The child returns from f2 and then calls _exit , but the contents of the stack beneath the stack frame for main have been changed. The parent then resumes after the call to vfork and does a return from f1 . The return information is often stored in the stack frame, and that information has probably been modified by the child. After the parent resumes, what happens with this example depends on many implementation features of your UNIX system (where in the stack frame the return information is stored, what information in the stack frame is wiped out when the automatic variables are modified, and so on). The normal result is a core file, but your results may differ.
128
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
