flat assembler
Message board for the users of flat assembler.

Home Search Register
Log in to check your private messages Log in

Index > Windows > "Proc...endp" and "stdcall" makes life easier
Author
Thread Post new topic Reply to topic
Mat Quasar



Joined: 15 Dec 2024
Posts: 87
Mat Quasar 25 Jan 2025, 11:40
Out of curiousity, I use disassembler to see how "proc...endp" and "stdcall" translated in raw Assembly. And actually I think "proc...endp" makes maintaining stack frame easier.

This is my finding:

Code:
proc loc_abc uses ebx esi edi, param
  locals
        variable db 1024 dup (?)
  endl
   mov eax, [param]
   mov ebx. [variable]
    ret
endp


...is the same as...

Code:
loc_abc:
    push ebp          ;--+
    mov  ebp, esp     ;   |
    sub  esp, 1024    ;   +--->   or "enter 1024,0"  -- but slow
    push ebx
    push esi
    push edi

    mov  eax, [ebp+8]    ;+8 because 4 bytes is return address?
    mov  ebx, [ebp-1024]    
 
    pop edi
    pop esi
    pop ebx
    leave             ;or "mov esp,ebp" & "pop ebp" 
    retn 4            ;clear the 4-byte "param" off stack


And some more:

Code:
    stdcall loc_abc, ebx


...is equivalent to...

Code:
    push ebx
    call loc_abc
Post 25 Jan 2025, 11:40
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20508
Location: In your JS exploiting you and your system
revolution 25 Jan 2025, 12:25
Mat Quasar wrote:
Out of curiousity, I use disassembler to see ...
They are macros in fasm, and native in MASM.

So for fasm you can also examine the macros to discover the internal details of everything they can do and how they work.
Post 25 Jan 2025, 12:25
View user's profile Send private message Visit poster's website Reply with quote
Mat Quasar



Joined: 15 Dec 2024
Posts: 87
Mat Quasar 25 Jan 2025, 12:55
Thanks @revolution. So far I have examined "invoke", "cinvoke", "fastcall", "stdcall", "locals" and "proc...endp".

Even the "library" and "import" keyword in PE ".idata" section are also macro, I think.

Once I know how it is translated to raw Assembly, I am more happier to use the macros.
Post 25 Jan 2025, 12:55
View user's profile Send private message Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1691
Location: Toronto, Canada
AsmGuru62 25 Jan 2025, 13:53
These macro also have an awesome feature.
If you have the proc/endp declared in the source, but the name of the 'proc' is not mentioned anywhere else,
then the EXE file FASM produces will not have the code between proc/endp included!
It is like HLL Linker option: "Remove unreferenced code". Very cool!
Say, you have a file with 50 functions and you include it and call only a couple of functions.
Only their code will be inside the EXE file.
In x64 code proc/endp also balance the stack on 16 byte frame automatically, even if you declare locals.
Post 25 Jan 2025, 13:53
View user's profile Send private message Send e-mail Reply with quote
Mat Quasar



Joined: 15 Dec 2024
Posts: 87
Mat Quasar 25 Jan 2025, 14:43
Good to know, @AsmGuru62.
Post 25 Jan 2025, 14:43
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Main index Download Documentation Examples Message board

Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.