Does `ret` also remove all the function's arguments from the stack?

Question

When ret is executed, it pops the (return) address and puts it in the EIP register.
But what about all the function's arguments left on the stack? Are we just ignoring them and resetting ESP over them? (ESP+8, if there are 2 args)

Answer 1

The real answer is ambiguous even if you declare x86 as the target, because "x86" supports multiple call conventions that differ in this particular aspect.

In the article you could easily see a bunch of calling conventions in x86-32 world. Well, the most currently used now is "cdecl" one which defines that a callee doesn't clear stack from parameters. But, "pascal" convention and others, described in "Callee clean-up" section, do this. This convention type can be used only with functions with fixed parameter set.

With x86-64 (AKA amd64, and simply "x64" in Microsoft world), there are two principal calling conventions (Microsoft and Unix (System V)) which both put parameter cleanup burden to caller.

So, nowadays one could assume in general parameters are cleaned by caller... but still keep in a far corner of mind that things may vary (similarly to that in COM port "byte" is not always 8 bits).

Answer 2

I found it out.

After returning to the caller function, the next instruction is ESP+8. Which essentially resets the ESP while leaving the arguments sitting there in memory (waiting to be overwritten in the future)