tags:

views:

2086

answers:

3
+2  Q: 

ret, retn, retf - how to use them

I have the following asm code:

; int __stdcall wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nShowCmd)
_wWinMain@16 proc near

var_8= dword ptr -8
var_4= dword ptr -4
hInstance= dword ptr  8
hPrevInstance= dword ptr  0Ch
lpCmdLine= dword ptr  10h
nShowCmd= dword ptr  14h

push    ebp
mov     ebp, esp
sub     esp, 8
mov     [ebp+var_4], 5
mov     eax, [ebp+var_4]
add     eax, 1
mov     [ebp+var_8], eax
xor     eax, eax
mov     esp, ebp
pop     ebp
retn    10h

From what I read, you have 3 types of return instruction: ret, retn and retf, meaning return, return near and return far. They allow an optional argument nBytes, that I guess it's the number of bytes to pop, from the defined variables. When should I use retn or retf instead of ret? How can I calculate the optional parameter, nBytes?

+5  A: 

There are actually only two different returns, retn and retf. When you just use ret, the assembler or compiler is smart enough to pick which one is necessary. A near return is a jump to within the existing code segment, a far return is a jump to a different code segment. On Windows you only have a single code segment, and thus ret should just be a mnemonic for retn. Separate retn and retf instructions are a throwback to older days when segmented memory models were common. Pretty much all 32-bit x86 systems running today uses a flat, not segmented, memory model.

Ret with no argument pops the return address off of the stack and jumps to it. Some calling conventions (like __stdcall) specify that the callee function cleans up the stack. In this case, they call ret with number of bytes to pop those parameters off of the stack. The 16 bytes are the parameters to the winmain function.

Michael  2009-09-08 23:49:05
Sorry, I didn't get this last part. When using retn <something> I should be clearing what? Those 2 variables + the ebp(4 bytes)? As you say that makes 8 + 4 = 12, but the code shows 16. What are those 4 bytes left?
devoured elysium  2009-09-09 00:01:10
Sorry, forget the calling convention was __stdcall. I'll update my answer.
Michael  2009-09-09 00:02:14
If you substitute the function epilog with ret 0ch, then the content of ebp will be incorrect in the calling function.
Max  2009-09-09 00:02:23
+3  A: 

It's actually two types: retn and retf. The third one ret is coded by the assembler into one of the first two.

The difference is that retn (return near) will pop the instruction pointer (IP) only. While the retf (return far) will pop both the instruction pointer (IP) and the code segment (CS).

Aziz  2009-09-08 23:50:26
+3  A: 

In the mnemonic ret N, N is the size of parameters on the stack. In this case it is 4 * 4 = 16 (10h) for 4 DWORDs.
But this only applies to calling conventions when the callee is responsible for stack cleanup. In case of cdecl convention the ret should be without any numbers, as the caller is responsible for stack cleanup.

Max  2009-09-09 00:08:06
Ah so the N in ret N refers to the number of pushed arguments passed by the caller, and not the local variables as I thought. Is that it?
devoured elysium  2009-09-09 00:12:31
Yes. It's the number of pushed arguments. Locals are poped by mov esp, ebp command at the end
Max  2009-09-09 00:22:41

related questions

MIPS Assembly Pointer to a Pointer?
Grub and getting into Real Mode (low level assembler question)
What can cause MASM to display "junk"?
Pseudo random generator, Assembler
How can I multiply two 64bit numbers using x86 assembly language?
what interrupt would you hook from DOS to get the real-time clock
Is learning Assembly Language worth the effort?
Prefetch instructions on ARM
What was the name of the Mac (68000) assembler?
What is the fastest way to convert float to int on x86
Comprehensive List of x86_64 Assembly Instructions
Assembly CPU frequency measuring algorithm
Is there a way to insert assembly code into C?
JIT code generation techniques
What is the meaning of "non temporal" memory accesses in x86
How do I get the assembler output from a C file in VS2005
Is GCC broken when taking the address of an argument on ARM7TDMI?
8086 Assembler Tutorial
Is it worth it to learn a dialect of assembly?
Assembler IDE/Simulator for beginner
What is the best way to learn Assembly? Specifically, for someone who has experience in dynamic languages.
Incrementing from 0 to 100 in assembly language.
Mixing 32 bit and 16 bit code with nasm
x86 Assembly on a mac...
Good x86 assembly book