Assembly CALL instruction, write faults?

In the page fault handler of the linux kernel using some opcode disassembly I am seeing that on the x86 architecture the CALL or 0xE8 instruction occasionally throws a write fault and ESI and EDI are both NULL. I was wondering if there is a specific reason for this as CALL takes a memory address and just changes EIP to that value and that doesn't require a page since it's just EIP + relative_offset. 开发者_Python百科If anyone could clear this up it would be much appreciated.

The call instruction doesn't just change eip - it also has to write the current eip (updated to point to the next instruction) to the stack before that change. A jmp-type instruction would act as you suggest but call is slightly different in that you have to be able to ret to the current location later on.

I can't be sure since you haven't given us the code, full register contents and page tables (that would be a large amount of information for a question), but it seems to me the likeliest explanation is that the stack is currently switched out and needs to be bought back in.

The other possibility I originally thought of was that the address you were jumping to was non-resident but I don't think that would cause a fault on the call itself.

It would cause a fault very quickly afterwards as the CPU tried to fetch the next instruction but I don't think that's what your description indicates, since:

• you state it's happening on the call; and
• that would be a read fault, not a write one.

The esi and edi values are a non-issue - they take no part in a call.