flat assembler
Message board for the users of flat assembler.
Index
> Windows > Should I use "fastcall" or "call" in PE64? |
Author |
|
Flier-Mate 03 Jun 2023, 13:09
I am excited to start my journey in 64-bit Windows Assembly programming. Just had a quick read about x64 calling convention.
I am confused whether to use "fastcall" macro or just use "call" for calling Win32 API function. My first program work even if changing "fastcall" to "call". Code: sub rsp, 16 mov rcx, -11 fastcall [GetStdHandle] push 0 mov r9, 0 mov r8, _len mov rdx, hindi mov rcx, rax fastcall [WriteConsoleA] mov rcx, 0 fastcall [ExitProcess] From disassembly by using IDA Freeware, a "fastcall" would reserve stack of 32-byte before calling, and restore the stack after return, as shown below: Code: sub rsp, 20h call cs:GetStdHandle add rsp, 20h sub rsp, 20h call cs:WriteConsoleA add rsp, 20h sub rsp, 20h call cs:ExitProcess add rsp, 20h What is the difference between using "fastcall" macro and "call"? I read this: Quote: The x64 Application Binary Interface (ABI) uses a four-register fast-call calling convention by default. Quote: Since 16 bytes is a common alignment size for XMM operations, this value should work for most code. https://learn.microsoft.com/en-us/cpp/build/x64-calling-convention?view=msvc-170 Can someone advise?
|
||||||||||
03 Jun 2023, 13:09 |
|
Flier-Mate 03 Jun 2023, 13:26
I see, revolution.
I have some more question about stack, in PE64DEMO.asm example that came along with FASM, I noticed: Code: sub rsp,8*5 ; reserve stack for API use and make stack dqword aligned Can I just "sub rsp, 16" instead of "sub rsp, 40"? Also, do I really need to "add rsp, 20h" before "call [xxxx]", and "sub rsp, 20h" after return from API function call? Sorry for noob question. |
|||
03 Jun 2023, 13:26 |
|
revolution 03 Jun 2023, 13:30
You don't need to continually use sub/add. You can do only at entry and exit as long as you reserve enough for the largest needed for any function call.
Also proper aligned is a requirement, or you risk the code crashing. You can allocate in increments of 16-bytes only. Upon each entry the stack has a return address and is unaligned, so you have to adjust by 8 more bytes to fix it, and then in multiples of 16-bytes. |
|||
03 Jun 2023, 13:30 |
|
Flier-Mate 03 Jun 2023, 13:39
revolution wrote: You don't need to continually use sub/add. You can do only at entry and exit as long as you reserve enough for the largest needed for any function call. Thank you very much for the explanation, it helps a lot. |
|||
03 Jun 2023, 13:39 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.