I was writing a program in Nasm and I found out that while winapi functions like CreateProcessA or GetModuleFileNameA do pop their arguments from the stack once they have finished, printf is not doing that.
Is there a reason for that? And more importently: are there any other winapi functions who do not pop the elements from the stack? Because my program is misbehaving and I want to be sure that none of it is caused by not pop'd values.
99% percent of exported Windows functions use the stdcall calling convention. On 32-bit x86 this creates smaller more efficient code because the callee restores the stack.
Functions that take a variable number of arguments cannot use stdcall because only the caller knows how many arguments there are and therefore the caller has to restore the stack.
printf is not a Windows function, it is a C library function and most of the C library uses the cdecl calling convention where the caller restores the stack. The Windows provided print functions like wsprintf are also cdecl. You can assume that any API function ending with ... as the final parameter uses cdecl.