Common function call Conventions: stdcall/cdecl/fastcall

Stdcall/cdecl/fastcall/thiscall/naked call

Stdcall call conventions

Stdcall is often referred to as pascal's call convention, because pascal is a very common computer for teaching.

The syntax of the programming language is rigorous. The function call Convention used is stdcall. In Microsoft
C ++ Series

In C/C ++ compilers, PASCAL macros are often used to declare this call Convention. Similar macros include WINAPI and CALLB.

ACK.

 

The syntax of the stdcall call Convention Declaration is (the previous function is used as an example ):

 

Int
_ Stdcall function (int a, int B)

 

The call Convention of stdcall means: 1) the parameter is pushed from right to left into the stack, 2) the function modifies the stack. 3) the function

The name is automatically followed by a leading underline, followed by a @ symbol, followed by the parameter size

 

The preceding function is used as an example. parameter B is first pushed to the stack, and parameter a is followed by function call (1, 2 ).

The translation into assembly language will become:

 

 

Push 2
The second parameter is added to the stack.

Push 1
The first parameter is added to the stack.

Call
Function call parameters. Note that cs: eip is automatically added to the stack.

 

 

For the function itself, you can translate it:

 

 

Push ebp
Save the ebp register, which will be used to save the top pointer of the stack. you can exit the Function

Recovery

Mov ebp, esp
Save Stack pointer

Mov eax, [ebp
+ 8 H] ebp in the stack is stored in sequence with ebp, cs: eip, a, B, ebp + 8 pointing

A

Add eax, [ebp
+ 0CH] B is saved at ebp + 12 in the stack.

Mov esp, ebp
Recover esp

Pop ebp

Ret 8

 

During compilation, the function name is translated into _ function @ 8.

 

Note that different compilers insert their own compilation code to provide compilation versatility, but the general code is as follows. Where

Esp is reserved to ebp at the beginning of the function. It is a common method for the compiler to restore the function at the end of the function.

 

From the perspective of function calls, 2 and 1 are pushed into the stack in sequence, and in the function, they are compared with ebp (that is,

Stack pointer. After the function is completed, ret
8 indicates clearing the 8-byte stack. The function itself

The stack is restored.

 

Cdecl call conventions

The cdecl call Convention, also known as the C call Convention, is the default call Convention of C language. Its definition syntax is:

 

 

Int Function
(Int A, int B) // The C call convention is not modified.

Int _ cdecl
Function (int A, int B) // specify C call conventions

 

 

When I wrote this article, I was surprised to find that the parameter pressure stack sequence set by cdecl is the same as that set by stdcall.

The parameter is first pushed to the stack from right to left. The difference is that the bold "> function itself does not clean up the stack, and the caller is responsible for clearing the heap.

Stack. Due to this change, the number of parameters allowed by the C call convention is not fixed, which is also a major part of the C language.

Features. For the previous function, the assembly code after cdecl is changed:

 

 

Call Process

Push 1

Push 2

Call
Function

Add ESP, 8
Note: The caller is restoring the stack.

Called function _ Function

Push EBP
Save the EBP register, which will be used to save the top pointer of the stack. you can exit the Function

Recovery

MoV EBP, ESP
Save Stack pointer

MoV eax, [EBP
+ 8 h] EBP in the stack is stored in sequence with EBP, CS: EIP, A, B, EBP + 8 pointing

A

Add eax, [EBP
+ 0ch] B is saved at EBP + 12 in the stack.

MoV ESP, EBP
Recover ESP

Pop EBP

RET
Note: The stack is not modified here.

 

 

According to msdn, this modifier is automatically prefixed with a leading underline before the function name, so the function name is recorded as _ F in the symbol table.

Unction, but I didn't seem to see this change during compilation.

 

Because the parameters are pressed from right to left, the initial parameters are at the position closest to the top of the stack.

When the number of parameters is not specified, the position of the first parameter in the stack must be known.

If the first and later parameters are determined, you can use an indefinite parameter, for example, the sprin

TF function, defined:

 

Int
Sprintf (char * buffer, const char * format ,...)

 

Since all the indefinite parameters can be determined through format, it is no problem to use the indefinite number of parameters.

 

Fastcall

The fastcall call Convention is similar to stdcall, which means:

 

The first and second DWORD parameters (or smaller ones) of the function are passed through ECx and EDX, and other parameters are passed through

Stack pressure from right to left

Call function to clear the stack

Function Name modification rules are the same as stdcall

The statement syntax is int.
Fastcall function (int A, int B)

 

Thiscall

Thiscall is the only function modifier that cannot be explicitly specified, because thiscall is not a keyword. It is a C ++ class

The default call Convention of member functions. Since the member function call has another this pointer, it must be specially processed.

Iscall means:

 

Parameter from right to left into Stack

If the number of parameters is determined, this pointer is passed to the caller through ECx; if the number of parameters is not determined, this pointer

All parameter stacks are pushed into the stack.

If the number of parameters is not fixed, the caller clears the stack. Otherwise, the function clears the stack by itself.

To illustrate this call Convention, define the following classes and use code:

 

Class

{

Public:

Int
Function1 (int A, int B );

Int
Function2 (int ,...);

};

Int
A: function1 (int A, int B)

{

Return A + B;

}

# Include

Int
A: function2 (int ,...)

{

Va_list AP;

Va_start (AP, );

Int I;

Int result =
0;

For (I = 0 I
<A I ++)

{

Result + =
Va_arg (AP, INT );

}

Return
Result;

}

Void
Callee ()

{

A;

A. function1
(1, 2 );

A. function2 (3,1, 2,3 );

}

 

After the callee function is translated into an assembly, it becomes:

 

 

// Function function1 call

0401c1d push
2

00401c1f
Push 1

00401c21 Lea
ECX, [ebp-8]

00401c24
Call function1 note that this is not included in the stack

// Function function2 call

00401C29
Push 3

00401C2B
Push 2

00401C2D
Push 1

00401C2F
Push 3

00401C31 lea
Eax, [ebp-8] introduce this pointer here

00401C34
Push eax

00401C35
Call function2

00401C3A add
Esp, 14 h

 

It can be seen that, when the number of parameters is fixed, it is similar to stdcall. If it is not scheduled, it is similar to cdecl.

 

Naked call

This is a rare call Convention. Generally, it is recommended that you do not use it. The compiler does not add such a function.

Add initialization and cleanup code. More specifically, you cannot use return to return values. You can only use insert assembly to return values.

Result. This is generally used for real-Mode Driver Design. Suppose we define a sum addition program, which can be defined:

 

 

_ Declspec (naked)
Int add (int a, int B)

{

_ Asm mov
Eax,

_ Asm add
Eax, B

_ Asm ret

}

 

Note that this function does not return an explicit return value. The returned result is implemented by modifying the eax register and the exit function

The ret command must be explicitly inserted. The code above is translated into an assembly and then changed:

 

 

Mov
Eax, [ebp + 8]

Add
Eax, [ebp + 12]

Ret 8

 

 

Note that this modifier is used in combination with _ stdcall and cdecl. The preceding code is the code used in combination with cdecl.

The code combined with stdcall becomes:

 

_ Declspec (naked)
Int _ stdcall function (int a, int B)

{

_ Asm mov
Eax,

_ Asm add
Eax, B

_ Asm ret 8
// Pay attention to the following 8

}

 

This function is called in the same way as the common cdecl and stdcall call functions.

 

Common problems caused by function call conventions

If the defined and used conventions are inconsistent, the stack will be damaged, leading to serious problems. The following two

Common problems:

 

The function prototype declaration and function body definition are inconsistent.

Different function conventions are defined during DLL Function Import.

For example, if we declare a function in dll:

 

_ Declspec (dllexport)
Int func (int a, int B); // note that there is no stdcall, which is

Cdecl

The time code used is:

 

Typedef int
(* Winapi dllfunc) func (int a, int B );

HLib =
LoadLibrary (...);

DLLFUNC func
= (DLLFUNC) GetProcAddress (...) // The call convention is modified here

Result =
Func (); // Error

 

This modifier is added because the caller does not understand the meaning of WINAPI, and the above Code will inevitably cause the stack to be broken.

Bad. The checkesp function inserted during MFC compilation will tell you that the stack is damaged.