Wait so why isn't more ABI use a biased stack pointer that seems like an amazing idea to get the range out of [SP+imm] accesses 
Where does the call instruction store the return address in that model?
@robryk In... a register? Which is then spilled separately by a store instruction? Isn't that how most processors do things?
@koakuma I'm still unused to that model :)
@robryk No, I mean by having the stack pointer not point to the top of the stack
e.g in RISC-V ABI:
- Load/stores have a 12-bit signed integer offset
- Accessing memory beyond the TOS is absolutely haraam
So if your SP points to TOS then you'll waste half of that range (cus SP-1 to SP-4096 is illegal memory)
On the other hand if you define SP to point to, say, TOS+4096, then you can use the full power of the immediate field and be able to access 8 KiB of stack with just one instruction