ret,retf,iret等的区别

RET, and its exact synonym RETN, pop IP or EIP from the stack and transfer control to the new address. Optionally, if a numeric second operand is provided, they increment the stack pointer by a further imm16 bytes after popping the return address.

ret:也可以叫做近返回,即段内返回。处理器从堆栈中弹出IP或者EIP,然后根据当前的CS:IP跳转到新的执行地址。如果之前压栈的还有其余的参数,则这些参数也会被弹出。


RETF executes a far return: after popping IP/EIP, it then pops CS, and then increments the stack pointer by the optional argument if present.

retf:也叫远返回,从一个段返回到另一个段。先弹出堆栈中的IP/EIP,然后弹出CS,有之前压栈的参数也会弹出。(近跳转与远跳转的区别就在于CS是否压栈。)


IRET returns from an interrupt (hardware or software) by means of popping IP (or EIP), CS and the flags off the stack and then continuing execution from the new CS:IP.

iret:用于从中断返回,会弹出IP/EIP,然后CS,以及一些标志。然后从CS:IP执行。


IRETW pops IP, CS and the flags as 2 bytes each, taking 6 bytes off the stack in total.

iretw:先后弹出IP,CS和标志位,每次都以2个字节为一个单位弹出,总共6个字节。


IRETD pops EIP as 4 bytes, pops a further 4 bytes of which the top two are discarded and the bottom two go into CS, and pops the flags as 4 bytes as well, taking 12 bytes off the stack.

iretd:以4字节为单位弹出EIP,然后再弹4个字节,这四个字节的前两个字节被抛弃,低两个字节留下写入CS,然后弹出4字节的标志。(主要因为CS只有16位)


IRET is a shorthand for either IRETW or IRETD, depending on the default BITS setting at the time.

iret是iretw或者iretd的缩写,取决于一个段被申明为16位段还是32位段。

你可能感兴趣的:(ret,retf,iret等的区别)