3-55
INSTRUCTION SET REFERENCE
CALLCall Procedure (Continued)
Note that a call gate (described in the next paragraph) can also be used to perform far call to a
code segment at the same privilege level. Using this mechanism provides an extra level of indi-
rection and is the preferred method of making calls between 16-bit and 32-bit code segments.
When executing an inter-privilege-level far call, the code segment for the procedure being called
must be accessed through a call gate. The segment selector specified by the target operand iden-
tifies the call gate. Here again, the target operand can specify the call gate segment selector
either directly with a pointer (ptr16:16 or ptr16:32) or indirectly with a memory location
(m16:16 or m16:32). The processor obtains the segment selector for the new code segment and
the new instruction pointer (offset) from the call gate descriptor. (The offset from the target
operand is ignored when a call gate is used.) On inter-privilege-level calls, the processor
switches to the stack for the privilege level of the called procedure. The segment selector for the
new stack segment is specified in the TSS for the currently running task. The branch to the new
code segment occurs after the stack switch. (Note that when using a call gate to perform a far
call to a segment at the same privilege level, no stack switch occurs.) On the new stack, the
processor pushes the segment selector and stack pointer for the calling procedures stack, an
(optional) set of parameters from the calling procedures stack, and the segment selector and
instruction pointer for the calling procedures code segment. (A value in the call gate descriptor
determines how many parameters to copy to the new stack.) Finally, the processor branches to
the address of the procedure being called within the new code segment.
Executing a task switch with the CALL instruction, is somewhat similar to executing a call
through a call gate. Here the target operand specifies the segment selector of the task gate for
the task being switched to (and the offset in the target operand is ignored.) The task gate in turn
points to the TSS for the task, which contains the segment selectors for the tasks code and stack
segments. The TSS also contains the EIP value for the next instruction that was to be executed
before the task was suspended. This instruction pointer value is loaded into EIP register so that
the task begins executing again at this next instruction.
The CALL instruction can also specify the segment selector of the TSS directly, which elimi-
nates the indirection of the task gate. Refer to Chapter 6, Task Management, of the Intel Archi-
tecture Software Developers Manual, Volume 3, for detailed information on the mechanics of a
task switch.
Note that when you execute at task switch with a CALL instruction, the nested task flag (NT) is
set in the EFLAGS register and the new TSSs previous task link field is loaded with the old
tasks TSS selector. Code is expected to suspend this nested task by executing an IRET instruc-
tion, which, because the NT flag is set, will automatically use the previous task link to return to
the calling task. Refer to Section 6.4., Task Linking in Chapter 6, Task Management of the Intel
Architecture Software Developers Manual, Volume 3, for more information on nested tasks.
Switching tasks with the CALL instruction differs in this regard from the JMP instruction which
does not set the NT flag and therefore does not expect an IRET instruction to suspend the task.