flat assembler
Message board for the users of flat assembler.

Index > Windows > Win32 calls. Register usage?

Goto page 1, 2, 3 ... 9, 10, 11  Next
Author
Thread Post new topic Reply to topic
booter



Joined: 08 Dec 2006
Posts: 67
booter 15 May 2009, 02:41
Which registers are used by Win32 calls?
I mean, should it always be like that?
Code:
pushad
invoke someWin32
mov  dword [esp+28],eax ; return eax
popad    

Thanks
Post 15 May 2009, 02:41
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20484
Location: In your JS exploiting you and your system
revolution 15 May 2009, 03:41
The Win32 API uses Stdcall.
Post 15 May 2009, 03:41
View user's profile Send private message Visit poster's website Reply with quote
bitshifter



Joined: 04 Dec 2007
Posts: 796
Location: Massachusetts, USA
bitshifter 16 May 2009, 11:42
Also note that a few like wsprintf use cdecl calling convention.
You would want to use the cinvoke instruction on those types.

_________________
Coding a 3D game engine with fasm is like trying to eat an elephant,
you just have to keep focused and take it one 'byte' at a time.
Post 16 May 2009, 11:42
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20484
Location: In your JS exploiting you and your system
revolution 16 May 2009, 12:37
bitshifter wrote:
Also note that a few like wsprintf use cdecl calling convention.
Actually, just that one function only.
Post 16 May 2009, 12:37
View user's profile Send private message Visit poster's website Reply with quote
pal



Joined: 26 Aug 2008
Posts: 227
pal 16 May 2009, 17:14
Why would you pushad then move a value into a register for it to be removed when you use popad.

Quote:

Pushes the contents of the general-purpose registers onto the stack. The registers are stored on the stack in the following order: EAX, ECX, EDX, EBX, EBP, ESP (original value), EBP, ESI, and EDI (if the current operand-size attribute is 32) and AX, CX, DX, BX, SP (original value), BP, SI, and DI (if the operand-size attribute is 16). (These instructions perform the reverse operation of the POPA/POPAD instructions.) The value pushed for the ESP or SP register is its value before prior to pushing the first register (see the "Operation" section below).

The PUSHA (push all) and PUSHAD (push all double) mnemonics reference the same opcode. The PUSHA instruction is intended for use when the operand-size attribute is 16 and the PUSHAD instruction for when the operand-size attribute is 32. Some assemblers may force the operand size to 16 when PUSHA is used and to 32 when PUSHAD is used. Others may treat these mnemonics as synonyms (PUSHA/PUSHAD) and use the current setting of the operand-size attribute to determine the size of values to be pushed from the stack, regardless of the mnemonic used.

In the real-address mode, if the ESP or SP register is 1, 3, or 5 when the PUSHA/PUSHAD instruction is executed, the processor shuts down due to a lack of stack space. No exception is generated to indicate this condition.
Post 16 May 2009, 17:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20484
Location: In your JS exploiting you and your system
revolution 16 May 2009, 17:34
[esp+28] points the the location where eax will be poped from.
Post 16 May 2009, 17:34
View user's profile Send private message Visit poster's website Reply with quote
manfred



Joined: 28 Feb 2009
Posts: 43
Location: Racibórz, Poland
manfred 16 May 2009, 18:29
revolution wrote:
Actually, just that one function only.
Did you mean "Actually, just those two functions only"?

_________________
Sorry for my English...
Post 16 May 2009, 18:29
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20484
Location: In your JS exploiting you and your system
revolution 16 May 2009, 19:42
If you like, wsprintfA and wsprintfW.
Post 16 May 2009, 19:42
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2465
Location: Bucharest, Romania
Borsuc 16 May 2009, 19:45
cdecl is stupid. Seriously why the hell should the caller clean the stack? Does it expect you to call the same function twice or something?
Post 16 May 2009, 19:45
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20484
Location: In your JS exploiting you and your system
revolution 16 May 2009, 19:46
For variable argument counts. Else how?
Post 16 May 2009, 19:46
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 16 May 2009, 23:10
Quote:

Does it expect you to call the same function twice or something?

That doesn't justify the convention as the parameters are considered garbage at return so you must load them again.

Code:
// Example of a function that would destroy the parameter (supposing no optimizations are performed)
int sum(int a, int b)
{
  a += b; // Allowed, parameters work like pre-initialized variables
  return a;
}

// Some caller
accum = 0;
for (i = 0; i < 10; i++)
  for (j = 0; j < 10; j++)
    accum += sum(j,i); // Here would be an error reusing the 2nd parameter    


There must be some benefit over stdcall, but parameter reusing is not one of them.
Post 16 May 2009, 23:10
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2465
Location: Bucharest, Romania
Borsuc 16 May 2009, 23:15
revolution wrote:
For variable argument counts. Else how?
The function can do that as well.

What Loco said further outlines it. I seriously think it should be scrapped totally.

_________________
Previously known as The_Grey_Beast
Post 16 May 2009, 23:15
View user's profile Send private message Reply with quote
Plue



Joined: 15 Dec 2005
Posts: 151
Plue 17 May 2009, 14:12
> There must be some benefit over stdcall
Yes, most c compilers use it by default. And vararg functions are somewhat faster (although all other functions are slower).

Really, there is no benefit. It was simply designed by sillies and now we're stuck with it.
Post 17 May 2009, 14:12
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 17 May 2009, 14:28
Borsuc: how would you make a VARARG function do stack cleanup?

Plue wrote:
Really, there is no benefit. It was simply designed by sillies and now we're stuck with it.
"Stuck with it"? If you don't like cdecl, write your functions as stdcall or fastcall, problem solved. Decent compilers will optimize inter-module calls anyway, and if calling convention is a speed issue for your cross-module function calls, your code design is probably wrong.

By the way, you don't have to "add esp, xx" after every function call for cdecl...
Post 17 May 2009, 14:28
View user's profile Send private message Visit poster's website Reply with quote
manfred



Joined: 28 Feb 2009
Posts: 43
Location: Racibórz, Poland
manfred 17 May 2009, 15:25
Vararg function doing stack cleanup, simple solution:
Code:
func:
; foo bar
; ecx=sizeof(args)
pop edx
add esp, ecx
jmp edx    

_________________
Sorry for my English...
Post 17 May 2009, 15:25
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 17 May 2009, 15:50
manfred: which will defeat the CALL/RET pairing optimization that some CPUs have. Also, in the case that arguments aren't exactly matched, you will be returning to never-never land.
Post 17 May 2009, 15:50
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20484
Location: In your JS exploiting you and your system
revolution 17 May 2009, 15:59
Let's go and visit Peter Pan and friends:
Code:
...
mov ebp,esp
stdcall printf,"%d%d%d%d%d",eax ;oops only one parameter!
mov esp,ebp
ret

printf:
;foo bar
pop edx
add esp,4*5
jmp edx    
Works well. And didn't get to see Peter Pan at all Sad

Yeah, I know, a corner case, but just sayin'.
Post 17 May 2009, 15:59
View user's profile Send private message Visit poster's website Reply with quote
manfred



Joined: 28 Feb 2009
Posts: 43
Location: Racibórz, Poland
manfred 17 May 2009, 18:12
f0dder wrote:
manfred: which will defeat the CALL/RET pairing optimization that some CPUs have.
I know. I said this is simple solution, there must be some better, but more complicated.

_________________
Sorry for my English...
Post 17 May 2009, 18:12
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2465
Location: Bucharest, Romania
Borsuc 17 May 2009, 21:15
f0dder wrote:
Borsuc: how would you make a VARARG function do
stack cleanup?
Well a solution has been presented. I'm not sure how the call/ret pairing works but does this make it work? (even though it's more bloated than the alternative with jmp)

Code:
push string  ; assume it is "%d%d"
push eax
push ecx
push 2*4
call printf
...


printf:
pop eax
pop ecx
add esp, ecx
push eax
ret    


And if you care about speed, well. Don't use VARARG functions Wink

f0dder wrote:
"Stuck with it"? If you don't like cdecl, write your functions as stdcall or fastcall, problem solved.
Nope, what if you use an API that uses it?

f0dder wrote:
By the way, you don't have to "add esp, xx" after every function call for cdecl...
How?

_________________
Previously known as The_Grey_Beast


Last edited by Borsuc on 18 May 2009, 17:25; edited 1 time in total
Post 17 May 2009, 21:15
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 17 May 2009, 21:39
Borsuc wrote:
Nope, what if you use an API that uses it?
Just how many (Windows) API calls use it? Sure, if you're dealing with third-party libraries without source available, you're stuck... but imho isn't not exactly a big deal anyway.

Borsuc wrote:
f0dder wrote:
By the way, you don't have to "add esp, xx" after every function call for cdecl...
How?
Simple, as long as you aren't dealing with loops, you can (at the cost of som additionally used stack space) defer the "ADD ESP, xx" part until after several calls have been made - several compilers can do this.
Post 17 May 2009, 21:39
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2, 3 ... 9, 10, 11  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.