6.1.3 ARM calling conventions
After a brief look at the commonly used ARM instructions, I believe you can barely read the
assembly of a function for now. When a function calls another function, arguments and return
values need to be passed between the caller and the callee. The rule of how to pass them is
called ARM calling conventions.
- Prologs and epilogs
We’ve mentioned in section 6.1.1 that “before and after a block of code is executed, SP
should stay the same, otherwise there will be a fatal problem”. This goal is achieved by the
cooperation of prolog and epilog of this code block. Generally, prolog does these:
² PUSH LR;
² PUSH R7;
² R7 = SP;
² PUSH registers that must be preserved;
² Allocates space in the stack frame for local storage.^
And epilog does an opposite job to prolog:
² Deallocates space that the prolog allocates;
² POP preserved registers;
² POP R7;
² POP LR, and PC = LR.
However, the work of prolog and epilog is not indispensable. If the code block doesn’t make
use of a register at all, then there is no need to push it onto stack. In iOS reverse engineering,
prologs and epilogs may change the value of SP, which deserves our attention. We’ll come
across this situation in chapter 10; review this section when you get there.
- Pass arguments and return values
If you want to delve deeper into how arguments and return values are passed, you can read
http://infocenter.arm.com/help/topic/com.arm.doc.ihi0042e/IHI0042E_aapcs.pdf. However,
in the majorty of cases, you just need to remember “sentence of the book”: