Index
> Windows > Stack Frames and Calling Conventions... |
| Author |
|
|
baldr 25 Sep 2010, 20:19
Nameless,
add ebp, 8 is quite an unusual way to adjust the stack frame pointer. wsprintf() is still cdecl, use cinvoke. mov esp, ebp is unnecessary if the stack is balanced (cf. cinvoke). sub ebp, 8 is unnecessary too (provided stack is balanced), because of pop ebp. Since your .function appears to use cdecl calling conventions, those push 17 16 15 / call .function can be replaced with ccall .function, 17, 16, 15 |
|||
25 Sep 2010, 20:19 |
|
|
Nameless 25 Sep 2010, 20:24
can u show me a sample of a balanced stack frame?
u kinda removed all the lines  lol
EDIT: Code: format pe gui 4.0 include 'C:\fasm\include\win32ax.inc' .data lpBuf rb 1024 .code Start: jmp .caller .function: push ebp mov ebp, esp ;add ebp, 8 mov eax, [ebp+8] cinvoke wsprintf, lpBuf, "x1 = %d", eax invoke MessageBox, 0, lpBuf, "test", 0 mov eax, [ebp+12] cinvoke wsprintf, lpBuf, "x2 = %d", eax invoke MessageBox, 0, lpBuf, "test", 0 mov eax, [ebp+16] cinvoke wsprintf, lpBuf, "x3 = %d", eax invoke MessageBox, 0, lpBuf, "test", 0 ;sub ebp, 8 ;mov esp, ebp pop ebp ret .caller: ;push 17 ;x3 ;push 16 ;x2 ;push 15 ;x1 ;call .function ccall .function, 15, 16, 17 invoke MessageBox, 0, "ret Success", "Back", 0 invoke ExitProcess, 0 .end Start better? EDIT2: y would the stack be unbalanced? for using call insted of ccall? cause as far as i know they are the same in this sample, no diffrence ! |
|||
|
25 Sep 2010, 20:24 |
|
|
Picnic 25 Sep 2010, 23:45
Nameless wrote: when should i use "ret x" insted of just "ret" ? Hi, I'll try to explain with simple code. Code: ;example of __cdecl push arg1 push arg2 push arg3 call function add esp, 0Ch ; effectively "pop; pop; pop" Code: ;example of __stdcall push arg1 push arg2 push arg3 call function ;no stack cleanup - callee does this A C function in stdcall convention Code: ; void __stdcall MyFunction(int x, int y, int z) ; { ; ... ; return; ; } In Fasm.. Code:
push [x]
push [y]
push [z]
call MyFunction
MyFunction:
push ebp ; save the value of ebp
mov ebp, esp ; ebp now points to the top of the stack
sub esp, 0Ch ; space allocated on the stack for the local variables
; DWORD [ebp+08h] ; z
; DWORD [ebp+0Ch] ; y
; DWORD [ebp+10h] ; x
mov esp, ebp ; remove space for local variables, by reverting esp to its old value
pop ebp ; restore the old value of ebp to its old value, which is on top of the stack
ret 0Ch ; clean the stack, remove sizeof(x) + sizeof(y) + sizeof(z)
Last edited by Picnic on 26 Sep 2010, 09:13; edited 2 times in total |
|||
|
25 Sep 2010, 23:45 |
|
|
baldr 26 Sep 2010, 06:44
Nameless,
Stack frame (in most cases) is static structure, you don't have to balance it. 
Stack itself, on the other hand, is so dynamic that you can easily lose balance of pushs, pops and other things that change esp. Let's say that stack is balanced when esp has expected values at important locations (for example, at pop ebp it points to saved ebp value). cdecl calling conventions, which wsprintf and .function use, requires caller to remove function arguments from stack. ccall/cinvoke macroinstructions handle this automagically (they count arguments while pushing them in stack and add appropriate constant to esp after the function was called). stdcall calling conventions are almost similar to cdecl, but arguments are removed by callee (i.e. the function being called). That's where ret imm16 becomes handy: it combines functionality of simple ret with add esp, imm16. Your new version looks better, yet there is some room for improvement. You don't have to preload function arguments in eax before invoking wsprintf, they can be passed to cinvoke directly (you'll need to specify argument size though — fasm can deduce it from mov eax, [ebp+8] but can't from push [ebp+8]). ----8<---- Picnic, Didn't you mean void stdcall MyFunction(…? |
|||
|
26 Sep 2010, 06:44 |
|
|
Picnic 26 Sep 2010, 09:14
Oops, i edit my post
 |
|||
|
26 Sep 2010, 09:14 |
|
|
Nameless 26 Sep 2010, 10:15
wohoooooooo
thanks alot, i almost got it now Code: sub esp, 0Ch ; space allocated on the stack for the local variables local variables? so i can use push and pop freely inside the function? and when all done it gets back to normal? or does "local variables" mean the variables created with the directive "locals ..... endl" ? |
|||
|
26 Sep 2010, 10:15 |
|
|
revolution 26 Sep 2010, 10:44
Nameless wrote: local variables? so i can use push and pop freely inside the function? and when all done it gets back to normal? Nameless wrote: or does "local variables" mean the variables created with the directive "locals ..... endl" ? |
|||
|
26 Sep 2010, 10:44 |
|
|
Nameless 26 Sep 2010, 12:52
so whats the use of this line?
Code: sub esp, 0Ch ; space allocated on the stack for the local variables ?? |
|||
|
26 Sep 2010, 12:52 |
|
|
revolution 26 Sep 2010, 13:00
Nameless wrote: so whats the use of this line? |
|||
|
26 Sep 2010, 13:00 |
|
|
Nameless 26 Sep 2010, 13:06
im sorry to ask this, but can u show me an example?
thanks |
|||
|
26 Sep 2010, 13:06 |
|
|
revolution 26 Sep 2010, 13:09
Code: mov ebp,esp sub esp,4 mov [ebp-4],0x1234 ;... mov eax,[ebp-4] Last edited by revolution on 26 Sep 2010, 13:30; edited 1 time in total |
|||
|
26 Sep 2010, 13:09 |
|
|
Nameless 26 Sep 2010, 13:26
wohooooooooooooooooooo
<-------- Thats the real one
i got it all now , hehehe
thanks alot |
|||
|
26 Sep 2010, 13:26 |
|
< Last Thread | Next Thread > |
Forum Rules:
|