In MS x64 Calling convention, is creating a shadow space necessity for WinAPI calls?

452 Views Asked by At

In MS x64 calling convention I am reading that caller should create a shadow space if we make calls to a Win64 API.

However I created a simple C++ program and making call to MessageBox and after disassembling this is what I see :

00007FF614FC2AD9  mov         r9d,136h  
00007FF614FC2ADF  lea         r8,[__xt_z+150h (07FF614FD5BF0h)]  
00007FF614FC2AE6  lea         rdx,[__xt_z+170h (07FF614FD5C10h)]  
00007FF614FC2AED  xor         ecx,ecx  
00007FF614FC2AEF  call        qword ptr [__imp_MessageBoxW (07FF614FDF6C0h)]  
00007FF614FC2AF5  mov         dword ptr [msgboxID],eax  

I don't see any Shadow space reservation.(Not even in the preceding instructions that are not shown here) What am I missing ?

Edit: Here is the C++ code for above:

  #include <Windows.h>


   int main()
   {
        int msgboxID = MessageBox(
        NULL,
        (LPCWSTR) L"Resource not available\nDo you want to try again?",
        (LPCWSTR) L"Account Details",
        MB_ICONWARNING | MB_CANCELTRYCONTINUE | MB_DEFBUTTON2
        );
     return 0;
   }
1

There are 1 best solutions below

0
On

Actually it does generate shadow space. But at the very beginning of the call.(not shown above stack) I thought it would create shadow space just before the call apparently that is not the case. So I will close this question and open a more proper one.