函数调用方式__stdecl _stdcall _fastcall __thiscall介绍
2016-04-11 17:33
411 查看
__cdecl 是C DECLaration的缩写(declaration,声明),表示C语言默认的函数调用方法:所有参数从右到左依次入栈,这些参数由调用者清除,称为手动清栈。被调用函数不会要求调用者传递多少参数,调用者传递过多或者过少的参数,甚至完全不同的参数都不会产生编译阶段的错误。
_stdcall 是StandardCall的缩写,是C++的标准调用方式:所有参数从右到左依次入栈,如果是调用类成员的话,最后一个入栈的是this指针。这些堆栈中的参数由被调用的函数在返回时清除,使用的指令是 retnX,X表示参数占用的字节数,CPU在ret之后自动弹出X个字节的堆栈空间。称为自动清栈。函数在编译的时候就必须确定参数个数,并且调用者必须严格的控制参数的生成,不能多,不能少,否则返回后会出错。
_fastcall 是编译器指定的快速调用方式。由于大多数的函数参数个数很少,使用堆栈传递比较费时。因此_fastcall通常规定将前两个(或若干个)参数由寄存器传递,其余参数还是通过堆栈传递。不同编译器编译的程序规定的寄存器不同。返回方式和_stdcall相当。
__thiscall 是为了解决类成员调用中this指针传递而规定的。__thiscall要求把this指针放在特定寄存器中,该寄存器由编译器决定。VC使用ecx,Borland的C++编译器使用eax。返回方式和_stdcall相当。
_fastcall 和 __thiscall涉及的寄存器由编译器决定,因此不能用作跨编译器的接口。所以Windows上的COM对象接口都定义为_stdcall调用方式。
下面来通过代码来查看一下他们到底是如何传递参数和出入栈:
[cpp] view plain copy print?
class TestCallType
{
public:
int default_call(int ,int);
int __cdecl __cdecl_call(int a, int b);
int _stdcall _stdcall_call(int a, int b);
int _fastcall _fastcall_call(int a, int b);
int __thiscall _thiscall_call(int,int);
int x;
};
int TestCallType::default_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::__cdecl_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::_stdcall_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::_fastcall_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::_thiscall_call(int a, int b)
{
this->x = a + b;
return this->x;
}
调用的地方反汇编出来如下:
[cpp] view plain copy print?
int _tmain(int argc, _TCHAR* argv[])
{
004115B0 push ebp
004115B1 mov ebp,esp
004115B3 sub esp,0CCh
004115B9 push ebx
004115BA push esi
004115BB push edi
004115BC lea edi,[ebp-0CCh]
004115C2 mov ecx,33h
004115C7 mov eax,0CCCCCCCCh
004115CC rep stos dword ptr es:[edi]
TestCallType call_type;
call_type.default_call(1, 2);
004115CE push 2 /* 参数入栈 */
004115D0 push 1 /* 参数入栈 */
004115D2 lea ecx,[call_type] /* this指针 */
004115D5 call TestCallType::default_call (411113h)
call_type.__cdecl_call(1, 2);
004115DA push 2 /* 参数入栈 */
004115DC push 1 /* 参数入栈 */
004115DE lea eax,[call_type] /* this指针 */
004115E1 push eax
004115E2 call TestCallType::__cdecl_call (41112Ch)
004115E7 add esp,0Ch /* 调用者负责清栈 */
call_type._fastcall_call(1,2);
004115EA push 2 /* 参数入栈 */
004115EC mov edx,1 /* 第一个参数通过寄存器传递 */
004115F1 lea ecx,[call_type] /* this指针 */
004115F4 call TestCallType::_fastcall_call (41100Ah)
call_type._stdcall_call(1,2);
004115F9 push 2
004115FB push 1
004115FD lea eax,[call_type] /* this指针 */
00411600 push eax
00411601 call TestCallType::_stdcall_call (4110EBh)
call_type._thiscall_call(1, 2);
00411606 push 2
00411608 push 1
0041160A lea ecx,[call_type] /* this指针 */
0041160D call TestCallType::_thiscall_call (41117Ch)
return 0;
0041161E xor eax,eax
}
函数定义的地方反汇编:
[cpp] view plain copy print?
int TestCallType::default_call(int a, int b)
{
004113D0 push ebp
004113D1 mov ebp,esp
004113D3 sub esp,0CCh
004113D9 push ebx
004113DA push esi
004113DB push edi
004113DC push ecx
004113DD lea edi,[ebp-0CCh]
004113E3 mov ecx,33h
004113E8 mov eax,0CCCCCCCCh
004113ED rep stos dword ptr es:[edi]
004113EF pop ecx
004113F0 mov dword ptr [ebp-8],ecx
this->x = a + b;
004113F3 mov eax,dword ptr [a]
004113F6 add eax,dword ptr [b]
004113F9 mov ecx,dword ptr [this]
004113FC mov dword ptr [ecx],eax
return this->x;
004113FE mov eax,dword ptr [this]
00411401 mov eax,dword ptr [eax]
}
00411403 pop edi
00411404 pop esi
00411405 pop ebx
00411406 mov esp,ebp
00411408 pop ebp /* 默认调用是_stdcall 被调用函数负责清栈 */
00411409 ret 8
--- No source file -------------------------------------------------------------
int TestCallType::__cdecl_call(int a, int b)
{
00411420 push ebp
00411421 mov ebp,esp
00411423 sub esp,0C0h
00411429 push ebx
0041142A push esi
0041142B push edi
0041142C lea edi,[ebp-0C0h]
00411432 mov ecx,30h
00411437 mov eax,0CCCCCCCCh
0041143C rep stos dword ptr es:[edi]
this->x = a + b;
0041143E mov eax,dword ptr [a]
00411441 add eax,dword ptr [b]
00411444 mov ecx,dword ptr [this]
00411447 mov dword ptr [ecx],eax
return this->x;
00411449 mov eax,dword ptr [this]
0041144C mov eax,dword ptr [eax]
}
0041144E pop edi
0041144F pop esi
00411450 pop ebx
00411451 mov esp,ebp
00411453 pop ebp
00411454 ret /* __cdecl 不用负责栈清除 */
--- No source file -------------------------------------------------------------
int TestCallType::_stdcall_call(int a, int b)
{
00411470 push ebp
00411471 mov ebp,esp
00411473 sub esp,0C0h
00411479 push ebx
0041147A push esi
0041147B push edi
0041147C lea edi,[ebp-0C0h]
00411482 mov ecx,30h
00411487 mov eax,0CCCCCCCCh
0041148C rep stos dword ptr es:[edi]
this->x = a + b;
0041148E mov eax,dword ptr [a]
00411491 add eax,dword ptr [b]
00411494 mov ecx,dword ptr [this]
00411497 mov dword ptr [ecx],eax
return this->x;
00411499 mov eax,dword ptr [this]
0041149C mov eax,dword ptr [eax]
}
0041149E pop edi
0041149F pop esi
004114A0 pop ebx
004114A1 mov esp,ebp
004114A3 pop ebp
004114A4 ret 0Ch //清除栈,字节数和参数入栈对应
--- No source file -------------------------------------------------------------
int TestCallType::_fastcall_call(int a, int b)
{
004114C0 push ebp
004114C1 mov ebp,esp
004114C3 sub esp,0D8h
004114C9 push ebx
004114CA push esi
004114CB push edi
004114CC push ecx
004114CD lea edi,[ebp-0D8h]
004114D3 mov ecx,36h
004114D8 mov eax,0CCCCCCCCh
004114DD rep stos dword ptr es:[edi]
004114DF pop ecx
004114E0 mov dword ptr [ebp-8],edx
004114E3 mov dword ptr [ebp-14h],ecx
this->x = a + b;
004114E6 mov eax,dword ptr [a]
004114E9 add eax,dword ptr [b]
004114EC mov ecx,dword ptr [this]
004114EF mov dword ptr [ecx],eax
return this->x;
004114F1 mov eax,dword ptr [this]
004114F4 mov eax,dword ptr [eax]
}
004114F6 pop edi
004114F7 pop esi
004114F8 pop ebx
004114F9 mov esp,ebp
004114FB pop ebp
004114FC ret 4 //清除栈,字节数和参数入栈对应
--- No source file -------------------------------------------------------------
int TestCallType::_thiscall_call(int a, int b)
{
00411510 push ebp
00411511 mov ebp,esp
00411513 sub esp,0CCh
00411519 push ebx
0041151A push esi
0041151B push edi
0041151C push ecx
0041151D lea edi,[ebp-0CCh]
00411523 mov ecx,33h
00411528 mov eax,0CCCCCCCCh
0041152D rep stos dword ptr es:[edi]
0041152F pop ecx
00411530 mov dword ptr [ebp-8],ecx
this->x = a + b;
00411533 mov eax,dword ptr [a]
00411536 add eax,dword ptr [b]
00411539 mov ecx,dword ptr [this]
0041153C mov dword ptr [ecx],eax
return this->x;
0041153E mov eax,dword ptr [this]
00411541 mov eax,dword ptr [eax]
}
00411543 pop edi
00411544 pop esi
00411545 pop ebx
00411546 mov esp,ebp
00411548 pop ebp
00411549 ret 8 //清除栈,字节数和参数入栈对应
--- No source file -------------------------------------------------------------
_stdcall 是StandardCall的缩写,是C++的标准调用方式:所有参数从右到左依次入栈,如果是调用类成员的话,最后一个入栈的是this指针。这些堆栈中的参数由被调用的函数在返回时清除,使用的指令是 retnX,X表示参数占用的字节数,CPU在ret之后自动弹出X个字节的堆栈空间。称为自动清栈。函数在编译的时候就必须确定参数个数,并且调用者必须严格的控制参数的生成,不能多,不能少,否则返回后会出错。
_fastcall 是编译器指定的快速调用方式。由于大多数的函数参数个数很少,使用堆栈传递比较费时。因此_fastcall通常规定将前两个(或若干个)参数由寄存器传递,其余参数还是通过堆栈传递。不同编译器编译的程序规定的寄存器不同。返回方式和_stdcall相当。
__thiscall 是为了解决类成员调用中this指针传递而规定的。__thiscall要求把this指针放在特定寄存器中,该寄存器由编译器决定。VC使用ecx,Borland的C++编译器使用eax。返回方式和_stdcall相当。
_fastcall 和 __thiscall涉及的寄存器由编译器决定,因此不能用作跨编译器的接口。所以Windows上的COM对象接口都定义为_stdcall调用方式。
| 调用类型 | 参数入栈顺序 | 由谁负责清栈 | 寄存器传递 |
| __stdecl | 从右到左依次入栈 | 调用函数 | this |
| _stdcall | 从右到左依次入栈 | 被调用函数 | this |
| _fastcall | 从右到左依次入栈 | 被调用函数 | this 和参数 |
| __thiscall | 从右到左依次入栈 | 被调用函数 | this |
| 默认(vs2005) | 从右到左依次入栈 | 被调用函数 | this |
[cpp] view plain copy print?
class TestCallType
{
public:
int default_call(int ,int);
int __cdecl __cdecl_call(int a, int b);
int _stdcall _stdcall_call(int a, int b);
int _fastcall _fastcall_call(int a, int b);
int __thiscall _thiscall_call(int,int);
int x;
};
int TestCallType::default_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::__cdecl_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::_stdcall_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::_fastcall_call(int a, int b)
{
this->x = a + b;
return this->x;
}
int TestCallType::_thiscall_call(int a, int b)
{
this->x = a + b;
return this->x;
}
调用的地方反汇编出来如下:
[cpp] view plain copy print?
int _tmain(int argc, _TCHAR* argv[])
{
004115B0 push ebp
004115B1 mov ebp,esp
004115B3 sub esp,0CCh
004115B9 push ebx
004115BA push esi
004115BB push edi
004115BC lea edi,[ebp-0CCh]
004115C2 mov ecx,33h
004115C7 mov eax,0CCCCCCCCh
004115CC rep stos dword ptr es:[edi]
TestCallType call_type;
call_type.default_call(1, 2);
004115CE push 2 /* 参数入栈 */
004115D0 push 1 /* 参数入栈 */
004115D2 lea ecx,[call_type] /* this指针 */
004115D5 call TestCallType::default_call (411113h)
call_type.__cdecl_call(1, 2);
004115DA push 2 /* 参数入栈 */
004115DC push 1 /* 参数入栈 */
004115DE lea eax,[call_type] /* this指针 */
004115E1 push eax
004115E2 call TestCallType::__cdecl_call (41112Ch)
004115E7 add esp,0Ch /* 调用者负责清栈 */
call_type._fastcall_call(1,2);
004115EA push 2 /* 参数入栈 */
004115EC mov edx,1 /* 第一个参数通过寄存器传递 */
004115F1 lea ecx,[call_type] /* this指针 */
004115F4 call TestCallType::_fastcall_call (41100Ah)
call_type._stdcall_call(1,2);
004115F9 push 2
004115FB push 1
004115FD lea eax,[call_type] /* this指针 */
00411600 push eax
00411601 call TestCallType::_stdcall_call (4110EBh)
call_type._thiscall_call(1, 2);
00411606 push 2
00411608 push 1
0041160A lea ecx,[call_type] /* this指针 */
0041160D call TestCallType::_thiscall_call (41117Ch)
return 0;
0041161E xor eax,eax
}
函数定义的地方反汇编:
[cpp] view plain copy print?
int TestCallType::default_call(int a, int b)
{
004113D0 push ebp
004113D1 mov ebp,esp
004113D3 sub esp,0CCh
004113D9 push ebx
004113DA push esi
004113DB push edi
004113DC push ecx
004113DD lea edi,[ebp-0CCh]
004113E3 mov ecx,33h
004113E8 mov eax,0CCCCCCCCh
004113ED rep stos dword ptr es:[edi]
004113EF pop ecx
004113F0 mov dword ptr [ebp-8],ecx
this->x = a + b;
004113F3 mov eax,dword ptr [a]
004113F6 add eax,dword ptr [b]
004113F9 mov ecx,dword ptr [this]
004113FC mov dword ptr [ecx],eax
return this->x;
004113FE mov eax,dword ptr [this]
00411401 mov eax,dword ptr [eax]
}
00411403 pop edi
00411404 pop esi
00411405 pop ebx
00411406 mov esp,ebp
00411408 pop ebp /* 默认调用是_stdcall 被调用函数负责清栈 */
00411409 ret 8
--- No source file -------------------------------------------------------------
int TestCallType::__cdecl_call(int a, int b)
{
00411420 push ebp
00411421 mov ebp,esp
00411423 sub esp,0C0h
00411429 push ebx
0041142A push esi
0041142B push edi
0041142C lea edi,[ebp-0C0h]
00411432 mov ecx,30h
00411437 mov eax,0CCCCCCCCh
0041143C rep stos dword ptr es:[edi]
this->x = a + b;
0041143E mov eax,dword ptr [a]
00411441 add eax,dword ptr [b]
00411444 mov ecx,dword ptr [this]
00411447 mov dword ptr [ecx],eax
return this->x;
00411449 mov eax,dword ptr [this]
0041144C mov eax,dword ptr [eax]
}
0041144E pop edi
0041144F pop esi
00411450 pop ebx
00411451 mov esp,ebp
00411453 pop ebp
00411454 ret /* __cdecl 不用负责栈清除 */
--- No source file -------------------------------------------------------------
int TestCallType::_stdcall_call(int a, int b)
{
00411470 push ebp
00411471 mov ebp,esp
00411473 sub esp,0C0h
00411479 push ebx
0041147A push esi
0041147B push edi
0041147C lea edi,[ebp-0C0h]
00411482 mov ecx,30h
00411487 mov eax,0CCCCCCCCh
0041148C rep stos dword ptr es:[edi]
this->x = a + b;
0041148E mov eax,dword ptr [a]
00411491 add eax,dword ptr [b]
00411494 mov ecx,dword ptr [this]
00411497 mov dword ptr [ecx],eax
return this->x;
00411499 mov eax,dword ptr [this]
0041149C mov eax,dword ptr [eax]
}
0041149E pop edi
0041149F pop esi
004114A0 pop ebx
004114A1 mov esp,ebp
004114A3 pop ebp
004114A4 ret 0Ch //清除栈,字节数和参数入栈对应
--- No source file -------------------------------------------------------------
int TestCallType::_fastcall_call(int a, int b)
{
004114C0 push ebp
004114C1 mov ebp,esp
004114C3 sub esp,0D8h
004114C9 push ebx
004114CA push esi
004114CB push edi
004114CC push ecx
004114CD lea edi,[ebp-0D8h]
004114D3 mov ecx,36h
004114D8 mov eax,0CCCCCCCCh
004114DD rep stos dword ptr es:[edi]
004114DF pop ecx
004114E0 mov dword ptr [ebp-8],edx
004114E3 mov dword ptr [ebp-14h],ecx
this->x = a + b;
004114E6 mov eax,dword ptr [a]
004114E9 add eax,dword ptr [b]
004114EC mov ecx,dword ptr [this]
004114EF mov dword ptr [ecx],eax
return this->x;
004114F1 mov eax,dword ptr [this]
004114F4 mov eax,dword ptr [eax]
}
004114F6 pop edi
004114F7 pop esi
004114F8 pop ebx
004114F9 mov esp,ebp
004114FB pop ebp
004114FC ret 4 //清除栈,字节数和参数入栈对应
--- No source file -------------------------------------------------------------
int TestCallType::_thiscall_call(int a, int b)
{
00411510 push ebp
00411511 mov ebp,esp
00411513 sub esp,0CCh
00411519 push ebx
0041151A push esi
0041151B push edi
0041151C push ecx
0041151D lea edi,[ebp-0CCh]
00411523 mov ecx,33h
00411528 mov eax,0CCCCCCCCh
0041152D rep stos dword ptr es:[edi]
0041152F pop ecx
00411530 mov dword ptr [ebp-8],ecx
this->x = a + b;
00411533 mov eax,dword ptr [a]
00411536 add eax,dword ptr [b]
00411539 mov ecx,dword ptr [this]
0041153C mov dword ptr [ecx],eax
return this->x;
0041153E mov eax,dword ptr [this]
00411541 mov eax,dword ptr [eax]
}
00411543 pop edi
00411544 pop esi
00411545 pop ebx
00411546 mov esp,ebp
00411548 pop ebp
00411549 ret 8 //清除栈,字节数和参数入栈对应
--- No source file -------------------------------------------------------------
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Android Fragment应用实战
- Intellij GIT设置 图文
- call to OpenGL ES API with no current context (logged once per thread)
- hdoj1241 Oil Deposits
- mac os终端颜色显示及vi配置 .
- 函数调用方式--__thiscall调用方式和__cdecl,__stdcall有什么区别
- WebService到底是什么?
- Android的View生命周期
- varnish
- ovirt挂载多存储环境时注意事项
- Qt移动应用开发(三):使用精灵图片实现帧动画
- 微信支付h5支付(v3)
- java方法中使用js的alert。
- Eclipse常用快捷键总结(实用版)
- 一个检查文件夹下文件大小的小程序
- springAOP简单使用
- Spring MVC3 + Ehcache 缓存实现
- HTML5 canvas画布
- poj 3254 Corn Fields【状态压缩dp-入门】
- Android Studio -- Could not save project!: Unable to save project files.不能保存项目,报错解决办法