flat assembler
Message board for the users of flat assembler.

Index > Main > right instruction to return from subrutine

Author
Thread Post new topic Reply to topic
Logos



Joined: 23 Sep 2015
Posts: 13
Logos 26 Sep 2015, 23:21
Hi!

I would like to call a subroutine at a absolute 32bit address. Would this work?

mov edx,0xf000000e
call edx

If I would like to return from that subroutine, what instruction should I use?
Post 26 Sep 2015, 23:21
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3499
Location: Bulgaria
JohnFound 27 Sep 2015, 05:00
Yes, it will work. But if you know the address why not use directly "call 0xf000000e"?

Another deal is what code will stay on this address. If you didn't place code on this address, the above instruction will end with exception.

The subroutine must end with instruction "retn" or "retf" in order to return to the caller.
Post 27 Sep 2015, 05:00
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Trinitek



Joined: 06 Nov 2011
Posts: 257
Trinitek 27 Sep 2015, 05:19
JohnFound wrote:
Yes, it will work. But if you know the address why not use directly "call 0xf000000e"?
From what I gather from the Intel manual, that is not going to do the same thing as Logos's code. Logos is executing an absolute indirect call, which can't be encoded to use immediate data as the address. The only variants that accept immediate data are relative displacement calls.
Post 27 Sep 2015, 05:19
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3499
Location: Bulgaria
JohnFound 27 Sep 2015, 06:35
It will work. The assembler will compute the proper instruction encoding. If you need to call particular known address, it will work OK. (test it)

It is another story that such calls are never used with protected mode OS because you simply can't know where some subroutine is located.

Logos is simply too beginner to realize what he really wants. Wink
Post 27 Sep 2015, 06:35
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Logos



Joined: 23 Sep 2015
Posts: 13
Logos 27 Sep 2015, 13:35
JohnFound wrote:

It is another story that such calls are never used with protected mode OS because you simply can't know where some subroutine is located.

Logos is simply too beginner to realize what he really wants. Wink


Ok! So what you are saying is that it would override the MMU?
Post 27 Sep 2015, 13:35
View user's profile Send private message Reply with quote
Logos



Joined: 23 Sep 2015
Posts: 13
Logos 27 Sep 2015, 18:22
JohnFound wrote:
Yes, it will work. But if you know the address why not use directly "call 0xf000000e"?

Another deal is what code will stay on this address. If you didn't place code on this address, the above instruction will end with exception.

The subroutine must end with instruction "retn" or "retf" in order to return to the caller.


I'm writing a compiler, and it generates machinecode.

call 0xf000000e
would make a subroutine jump with a relative address. I would like to use a absolute address.

If I use retn, wouldn't that leave residue data on the stack? Isn't retf the right instruction?

As I'm making machine code directly, I cant depend on someone else compiler to correct stuff for me.

I will hand code some machine code, tomorrow to see that everything work as it should. But just now, I'm gathering all intel I need, to make my compiler do generate working code, so I don't have to debug more than necessary.
Post 27 Sep 2015, 18:22
View user's profile Send private message Reply with quote
Trinitek



Joined: 06 Nov 2011
Posts: 257
Trinitek 29 Sep 2015, 02:18
Code:
mov eax, 0xf000000e
call eax            ; Call near, absolute indirect
; ...
retn                ; Opcode = 0xC3, Near return to calling procedure    
That will do what you are wanting to do. But JohnFound is right, you'd never use the above in a protected mode operating system because the function that you want to call might not actually exist at that location. The operating system is free to move memory around as it pleases, thus changing the absolute addresses. That's why relative addresses are preferred.

A little note, also: RETN is also used to return from relative address calls. RETF is only used for far calls, which, in a protected mode environment, are used for jumping to locations belonging to different tasks that might be running in the same or a different privilege level.

Additionally, there is a variant of RETN and RETF that allows you to specify how many bytes to pop from the stack if you have junk data from the called procedure that you don't need anymore. Check the Intel docs for that.
Post 29 Sep 2015, 02:18
View user's profile Send private message Reply with quote
sunnysigil



Joined: 18 Jun 2014
Posts: 6
sunnysigil 03 Dec 2015, 11:19
Trinitek wrote:
[code]mov eax, 0xf000000e
Additionally, there is a variant of RETN and RETF that allows you to specify how many bytes to pop from the stack if you have junk data from the called procedure that you don't need anymore. Check the Intel docs for that.


It's simply ret imm16 where imm16 is the amount of bytes you wish to release off the stack.
Post 03 Dec 2015, 11:19
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.