Text only | Text with Images

The MASM Forum Archive 2004 to 2012

General Forums => The Campus => Topic started by: zemtex on July 23, 2011, 02:13:30 AM

Title: externdef question
Post by: zemtex on July 23, 2011, 02:13:30 AM
It's been awhile since I've played with assembly and I have a question about externdef

externdef _imp__CreateWindowExA@48:PTR pr12

(I plucked it out from one of hutch's samples)

I am familiar with public, extern, externdef and proto, but I can NOT remember what "pr1" and "pr2" .... "pr12" means. I think it is parameternumber so that the linker can effectively calculate the start address of the function, maybe not?
Title: Re: externdef question
Post by: dedndave on July 23, 2011, 02:33:51 AM
that's called a "declspec" declaration
the prN is the number of dword parameters the function requires

if you use a regular invoke, the assembler generates a relative call into the IAT
in the IAT is an indirect JMP dword ptr [address]
the address is a lookup into another table that has the address of the actual code
that is 3 steps of reference

by using declspec calls, you eliminate 1 of the 3 reference steps
the assembler generates a CALL dword ptr [address]
again, the address is a lookup into another table that has the address of the actual code

if you look at this thread...
http://www.masm32.com/board/index.php?topic=17073.0
you will see that i wrote a routine that removes another step
it works best on regular invoke's because there is no NOP required
CALL indirect is a 2 byte instruction (plus a 4 byte operand)
i replace one of the 2 bytes with a NOP
Title: Re: externdef question
Post by: hutch-- on July 23, 2011, 02:47:51 AM
zemtex,

Its just a macro for the argument count, it saved loading the data structures in the assembler with a mountain of argument prototype data when all you needed was the arg count.

The main gain with using that form of prototyping is it does a direct address call rather than branching to the lookup table at the end of the PE file. In most instances it does not matter but in some context you get a slightly faster function call from it.
Title: Re: externdef question
Post by: zemtex on July 23, 2011, 03:11:02 AM
It makes sense in a loop

The masm documentation also says it is an effective way to reduce the size of the executable
Title: Re: externdef question
Post by: dedndave on July 23, 2011, 03:51:57 AM
if you can eliminate the IAT altogether, maybe
programs assembled with GoAsm are something like that, i guess
Title: Re: externdef question
Post by: sinsi on July 23, 2011, 04:54:13 AM
It's also a good way if you call the same function a lot e.g. CreateWindowEx in the WM_CREATE code.
Prototype it, use assume esi:ptr whatever then you can use invoke esi,...
Text only | Text with Images