We studied, in the assembly, the characteristics of dynamic dispatch reference that uses trait objects.
In a debug build binary, function calls using a VTable struct are made. The structure of the VTable is shown below:
- 64-bit binary
vtable {
0x00: Destructor
0x08: Size of the struct implementing
0x10: Alignment of the struct implementing
Describe pointers to methods below
}- 32-bit binary
vtable {
0x00: Destructor
0x04: Size of the struct implementing
0x08: Alignment of the struct implementing
Describe pointers to methods below
}Note that, in release build and size-minimized binaries, VTables may be removed and converted into general conditional branches.
In debug build binaries, dynamic dispatch reference converts function calls into indirect calls by a VTable struct. Processing is shown below that places an address named VTable by IDA Pro in the stack.
After this processing, we can find retrieval of values from the VTable and indirect function calls. Each of the called functions receives the struct address as its first argument.
