__cdecl or __stdcall on Windows?

c++ windows dll calling-convention binary-compatibility
54,965

Solution 1

I just did some real-world testing (compiling DLLs and applications with MSVC++ and MinGW, then mixing them). As it appears, I had better results with the cdecl calling convention.

More specifically: the problem with stdcall is that MSVC++ mangles names in the DLL export table, even when using extern "C". For example foo becomes _foo@4. This only happens when using __declspec(dllexport), not when using a DEF file; however, DEF files are a maintenance hassle in my opinion, and I don't want to use them.

The MSVC++ name mangling poses two problems:

  • Using GetProcAddress on the DLL becomes slightly more complicated;
  • MinGW by default doesn't prepend an undescore to the decorated names (e.g. MinGW will use foo@4 instead of _foo@4), which complicates linking. Also, it introduces the risk of seeing "non-underscore versions" of DLLs and applications pop up in the wild which are incompatible with the "underscore versions".

I've tried the cdecl convention: interoperability between MSVC++ and MinGW works perfectly, out-of-the-box, and names stay undecorated in the DLL export table. It even works for virtual methods.

For these reasons, cdecl is a clear winner for me.

Solution 2

The biggest difference in the two calling conventions is that "__cdecl" places the burden of balancing the stack after a function call on the caller, which allows for functions with variable amounts of arguments. The "__stdcall" convention is "simpler" in nature, however less flexible in this regard.

Also, I believe managed languages use stdcall convention by default, so anyone using P/Invoke on it would have to explicitly state the calling convention if you go with cdecl.

So, if all of your function signatures are going to be statically defined I would probably lean toward stdcall, if not cdecl.

Solution 3

In terms of security, the __cdecl convention is "safer" because it is the caller that needs to deallocate the stack. What may happen in a __stdcall library is that the developer might have forgotten to deallocate the stack properly, or an attacker might inject some code by corrupting the DLL's stack (e.g. by API hooking) which is then not checked by the caller. I don't have any CVS security examples that show my intuition is correct.

Share:
54,965
Tuval4980
Author by

Tuval4980

Updated on June 14, 2020

Comments

  • Tuval4980
    Tuval4980 almost 4 years

    I'm currently developing a C++ library for Windows which will be distributed as a DLL. My goal is to maximize binary interoperability; more precisely, the functions in my DLL must be usable from code compiled with multiple versions of MSVC++ and MinGW without having to recompile the DLL. However, I'm confused about which calling convention is best, cdecl or stdcall.

    Sometimes I hear statements like "the C calling convention is the only one guaranteed to be the same accross compilers", which contrasts with statements like "There are some variations in the interpretation of cdecl, particularly in how to return values". This doesn't seem to stop certain library developers (like libsndfile) to use the C calling convention in the DLLs they distribute, without any visible problems.

    On the other hand, the stdcall calling convention seems to be well-defined. From what I've been told, all Windows compilers are basically required to follow it because it's the convention used for Win32 and COM. This is based on the assumption that a Windows compiler without Win32/COM support would not be very useful. A lot of code snippets posted on forums declare functions as stdcall but I can't seem to find one single post which clearly explains why.

    There's too much conflicting information out there, and every search I run gives me different answers which doesn't really help me decide between the two. I'm searching for a clear, detailed, argumented explanation as to why I should choose one over the other (or why the two are equivalent).

    Note that this question not only applies to "classic" functions, but also to virtual member function calls, since most client code will interface with my DLL through "interfaces", pure virtual classes (following patterns described e.g. here and there).

  • jtbr
    jtbr almost 6 years
    Notably, this does not apply to 64-bit DLLs, because __stdcall and __cdecl are generally both ignored- so no name mangling occurs on exported C functions.
  • Ela782
    Ela782 over 5 years
    @jtbr How about exported C++ functions (i.e. no extern "C")?
  • jtbr
    jtbr over 5 years
    @Ela782 C++ will always have some name mangling, in order to support function overloading. But this is not standardized and can thus vary between compilers.
  • Ela782
    Ela782 over 5 years
    @jtbr Sorry, I didn't mean the name mangling. I meant whether __stdcall and __cdecl are both ignored too in 64-bit DLLs with exported C++ functions.
  • jtbr
    jtbr over 5 years
    @Ela782 Yes; I believe __stdcall and __cdecl are ignored in all x86-64 compilations. See wikipedia.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

C++ DLL Unload Destructor?
Listing the exported functions of a DLL
Windows DLL on Linux System
"Mixing a dll boost library with a static runtime is a really bad idea..."
LoadLibrary fails with error code 193
Cannot open source file in visual studio 2015
Error : the application was unable to start correctly
Can a DLL call/load another DLL?
How to modify a function in a compiled DLL
Load a DLL from another directory at program start