test

IA-32 Assembly Language Reference Manual

Procedure Call and Return Instructions

Far Call -- Procedure Call (lcall) 

lcall   	immptr
lcall   	*mem48
Operation

far call ptr16:{16|32} far call m16:{16|32}

Description

The lcall instruction calls intersegment (far) procedures using a full pointer. lcall causes the procedure named in the operand to be executed. When the called procedure completes, execution flow resumes at the instruction following the lcall instruction (see the return instruction).

lcall ptr16:{16|32} uses a four-byte or six-byte operand as a long pointer to the called procedure.

lcall m16:{16|32} fetches the long pointer from the specified memory location.

In Real Address Mode or Virtual 8086 Mode, the long pointer provides 16 bits for the CS register and 16 or 32 bits for the EIP register. Both forms of the lcall instruction push the CS and IP or EIP registers as a return address.

Example

Use a four-byte operand as a long pointer to the called procedure. 

lcall $0xfebc, $0x12345678

Fetch a long pointer from the memory location addressed by the edx register, offset by 3. 

lcall *3(%edx)

Near Call -- Procedure Call (call) 

call    	disp32
call    	*r/m32
Operation

near call rel{16|32}

near call r/m{16|32}

Description

The call instruction calls near procedures using a full pointer. call causes the procedure named in the operand to be executed. When the called procedure completes, execution flow resumes at the instruction following the call instruction (see the return instruction).

call rel{16|32} adds a signed offset to address of the instruction following the call instruction to determine the destination; that is, the displacement is relative to the next instruction. The displacement value is stored in the EIP register. For rel16, the upper 16 bits of EIP are cleared to zero resulting in an offset value that does not exceed 16 bits.

call r/m{16|32} specifies a register or memory location from which the absolute segment offset is fetched. The offset of the instruction following the call instruction is pushed onto the stack. After the procedure completes, the offset is popped by a near ret instruction within the procedure.

Both forms of the call instruction have no affect on the CS register.

Example

Program counter minus 0x11111111. 

call .-0x11111111

Add a signed offset value to the address of the next instruction. 

call *4(%edi)

Return from Procedure (ret) 

ret
ret		imm16
Operation

return to caller

Description

The ret instruction transfers control to the return address located on the stack. This address is usually placed on the stack by a call instruction. Issue the ret instruction within the called procedure to resume execution flow at the instruction following the call.

The optional numeric (16- or 32-bit) parameter to ret specifies the number of stack bytes or words to be released after the return address is popped from the stack. Typically, these bytes or words are used as input parameters to the called procedure.

For an intersegment (near) return, the address on the stack is a segment offset that is popped onto the instruction pointer. The CS register remains unchanged.

Example

Transfer control to the return address located on the stack. 

ret

Transfer control to the return address located on the stack. Release the next 16-bytes of parameters. 

ret $-32767

Long Return (lret) 

lret
lret    	imm16
Operation

return to caller

Description

The lret instruction transfers control to a return address located on the stack. This address is usually placed on the stack by an lcall instruction. Issue the lret instruction within the called procedure to resume execution flow at the instruction following the call.

The optional numeric (16- or 32-bit) parameter to lret specifies the number of stack bytes or words to be released after the return address is popped from the stack. Typically, these bytes or words are used as input parameters to the called procedure.

For an intersegment (far) return, the address on the stack is a long pointer. The offset is popped first, followed by the selector.

In Real Mode, CS and IP are loaded directly. In Protected mode, an intersegment return causes the processor to check the descriptor addressed by the return selector. The AR byte of the descriptor must indicate a code segment of equal or lesser privilege (or greater or equal numeric value) than the current privilege level. Returns to a lesser privilege level cause the stack to be reloaded from the value saved beyond the parameter block.

Example

Transfer control to the return address located on the stack. 

lret

Transfer control to the return address located on the stack. Release the next 16-bytes of parameters. 

lret $-32767

Enter/Make Stack Frame for Procedure Parameters (enter) 

enter   	imm16, imm8
Operation

make stack frame for procedure parameters

Description

Create the stack frame required by most block-structured high-level languages. The imm16 operand specifies the number of bytes of dynamic storage allocated on the stack for the routine being entered. The imm8 operand specifies the lexical nesting level (0 to 31) of the routine within the high-level language source code. The nesting level determines the number of stack frame pointers copied into the new stack frame from the preceding frame.

Example

Create a stack frame with 0xfecd bytes of dynamic storage on the stack and a nesting level of 0xff. 

enter $0xfecd, $0xff

High Level Procedure Exit (leave) 

leave
Operation

set (E)SP to (E)BP, then pop (E)BP

Description

The leave instruction reverses the actions of an enter instruction. leave copies the frame pointer to the stack point and releases the stack space formerly used by a procedure for its local variables. leave pops the old frame pointer into (E)BP, thus restoring the caller's frame. A subsequent ret nn instruction removes any arguments pushed onto the stack of the exiting procedure.

Example

Copy the frame pointer to the stack pointer and release the stack space. 

leave