Friday, May 15, 2009

Calling conventions

The calling convention of a function answers the following questions,
  • How parameters are passed into a function
  • Who cleans up the stack on function return
The following lists common x86 function calling conventions.

Win32 (Stdcall): The parameters are pushed onto the stack from right to left. The called function cleans up the stack.

01003540 push esi
01003541 lea eax,[ebp-62Ch]
01003547 push eax
01003548 call module!func (01001058)

Native C++ (Thiscall): "this" pointer is passed via ECX; the rest of parameters are pushed onto the stack from right to left. The called function cleans up the stack.

00413586 mov eax,dword ptr [ebp+0Ch]
00413589 push eax
0041358a mov ecx,dword ptr [ebp+8]
0041358d push ecx
0041358e mov ecx,dword ptr [ebp-14h] ; store "this" to ECX
00413591 call module!func (00411505)

COM (Stdcall for C++): The parameters are pushed onto the stack from right to left, include "this" pointer, i.e. "this" pointer is pushed onto the stack as the first parameter. The called function cleans up the stack.

01002ffe mov ecx,dword ptr [eax] ; ecx="this"->lpvtbl
01003000 push ebx
01003001 push offset 01002c7c
01003006 push eax ; "this" as 1st parameter
01003007 call dword ptr [ecx] ; [ecx]=QueryInterface, [ecx+4]=AddRef, [ecx+8]=Release

Fastcall: First two parameters are passed in via ECX and EDX; the rest are pushed onto the stack from right to left. The called function cleans up the stack.

0100248e mov edx,eax ; 2nd parameter
01002490 mov ecx,edi ; 1st parameter
01002492 call module!func (01002445)

Cdecl: The parameters are pushed onto the stack from right to left. The calling function cleans up the stack.

01002490 push eax
01002491 push offset 0100118c
01002496 call module!func (010026c5)
0100249b pop ecx ; pop 1st parameter
0100249c pop ecx ; pop 2nd parameter

.NET Framework: The .NET Framework uses the fastcall calling convention. The first two paramters are passed via ECX and EDX. For an instance method, "this" pointer is passed via ECX as the first paramter.

There are three methods to dispatch a method call.

Interface-based dispatch:
mov ecx,edi ; move "this" pointer into ecx
mov eax,dword ptr [ecx] ; move "TypeHandle" into eax
mov eax,dword ptr [eax+0Ch] ; move IVMap into eax at offset 12
mov eax,dword ptr [eax+30h] ; move the ifc impl start slot into eax
call dword ptr [eax] ; call method

Direct dispatch:
mov ecx,esi ; move "this" pointer into ecx
cmp dword ptr [ecx],ecx ; compare and set flags
call dword ptr ds:[009552D8h] ; directly call method

Virtual dispatch:
mov ecx,esi ; move "this" pointer into ecx
mov eax,dword ptr [ecx] ; acquire the MethodTable address
call dword ptr [eax+44h] ; dispatch to the method at offset 0x44

(Excerpted from Drill Into .NET Framework Internals to See How the CLR Creates Runtime Objects)
Posted by at 4:04 PM
Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)