Tutorial 1: The Basics
This tutorial
assumes that the reader knows how to use SpAsm. If you're not familiar
with SpAsm, download SpAsm.zip
and study the Help file inside the package before going on with the tutorial.
Good. You're now ready. Let's go!
Theory:
Win32 programs
run in protected mode which is available since 80286. But 80286 is now
history. So we only have to concern ourselves with 80386 and its descendants.
Windows runs each Win32 program in separated virtual space. That means
each Win32 program will have its own 4 GB address space. However, this
doesn't mean every win32 program has 4GB of physical memory, only that
the program can address any address in that range. Windows will do anything
necessary to make the memory the program references valid. Of course, the
program must adhere to the rules set by Windows, else it will cause the
dreaded General Protection Fault. Each program is alone in its address
space. This is in contrast to the situation in Win16. All Win16 programs
can *see* each other. Not so under Win32. This feature helps reduce the
chance of one program writing over other program's code/data.
Memory model
is also drastically different from the old days of the 16-bit world. Under
Win32, we need not be concerned with memory model or segments anymore!
There's only one memory model: Flat memory model. There's no more 64K segments.
The memory is a large continuous space of 4 GB. That also means you
don't have to play with segment registers. You can use any segment register
to address any point in the memory space. That's a GREAT help to programmers.
This is what makes Win32 assembly programming as easy as C.
When you program
under Win32, you must know some important rules. One such rule is that,
Windows uses esi, edi, ebp and ebx internally and it doesn't expect the
values in those registers to change. So remember this rule first: if you
use any of those four registers in your callback function, don't ever forget
to restore them before returning control to Windows. A callback function
is your own function which is called by Windows. The obvious example is
the windows procedure. This doesn't mean that you cannot use those four
registers, you can. Just be sure to restore them back before passing control
back to Windows.
Content:
Under
Win16, there are two types of calling convention, C
and PASCAL
C calling
convention passes parameters from right to left, that is , the rightmost
parameter is pushed first. The caller is responsible for balancing the
stack frame after the call. For example, in order to call a function named
foo(int first_param, int second_param, int third_param) in C calling convention
the asm codes will look like this:
push
[third_param]
; Push the third parameter
push
[second_param]
; Followed by the second
push
[first_param]
; And the first
call
foo
add
sp, 12
; The caller balances the stack frame
PASCAL
calling convention is the reverse of C calling convention. It passes parameters
from left to right and the callee is responsible for the stack balancing
after the call.
Win16 adoptsPASCAL
convention because it produces smaller codes. C convention is useful when
you don't know how many parameters will be passed to the function as in
the case of wsprintf(). In the case of wsprintf(), the function has no
way to determine beforehand how many parameters will be pushed on the stack,
so it cannot do the stack balancing.
STDCALL
is the hybrid of C and PASCAL convention. It passes parameter from right
to left but the callee is responsible for stack balancing after the call.Win32
platform use STDCALL
exclusively. Except in one case: wsprintf(). You must use C calling convention
with wsprintf().
[Iczelion's
Win32 Assembly HomePage]