RET, and its exact synonym RETN, pop IP or EIP from the stack and transfer control to the new address. Optionally, if a numeric second operand is provided, they increment the stack pointer by a further imm16 bytes after popping the return address.
ret:也可以叫做近返回,即段内返回。处理器从堆栈中弹出IP或者EIP,然后根据当前的CS:IP跳转到新的执行地址。如果之前压栈的还有其余的参数,则这些参数也会被弹出。
RETF executes a far return: after popping IP/EIP, it then pops CS, and then increments the stack pointer by the optional argument if present.
retf:也叫远返回,从一个段返回到另一个段。先弹出堆栈中的IP/EIP,然后弹出CS,有之前压栈的参数也会弹出。(近跳转与远跳转的区别就在于CS是否压栈。)
IRET returns from an interrupt (hardware or software) by means of popping IP (or EIP), CS and the flags off the stack and then continuing execution from the new CS:IP.
iret:用于从中断返回,会弹出IP/EIP,然后CS,以及一些标志。然后从CS:IP执行。
IRETW pops IP, CS and the flags as 2 bytes each, taking 6 bytes off the stack in total.
iretw:先后弹出IP,CS和标志位,每次都以2个字节为一个单位弹出,总共6个字节。
IRETD pops EIP as 4 bytes, pops a further 4 bytes of which the top two are discarded and the bottom two go into CS, and pops the flags as 4 bytes as well, taking 12 bytes off the stack.
iretd:以4字节为单位弹出EIP,然后再弹4个字节,这四个字节的前两个字节被抛弃,低两个字节留下写入CS,然后弹出4字节的标志。(主要因为CS只有16位)
IRET is a shorthand for either IRETW or IRETD, depending on the default BITS setting at the time.
iret是iretw或者iretd的缩写,取决于一个段被申明为16位段还是32位
从异常或中断处理例程返回必须使用IRET(或IRETD)指令。IRET 指令与RET 指
令的唯一不同在于前者将恢复保存的EFLAGS 寄存器。只有当CPL 为0 时,才恢复EFLAGS
寄存器的IOPL 域。只有CPL 小于或等于IOPL 时才改变IF 标志。
转自:http://linux.cn/home-space-uid-11720-do-blog-id-5748.html