Functions. Ray Seyfarth. August 4, Bit Intel Assembly Language c 2011 Ray Seyfarth

Similar documents
Data Structures. Ray Seyfarth. June 29, Bit Intel Assembly Language c 2011 Ray Seyfarth

Registers. Ray Seyfarth. September 8, Bit Intel Assembly Language c 2011 Ray Seyfarth

Computer Memory. Ray Seyfarth. June 29, Bit Intel Assembly Language c 2011 Ray Seyfarth

Computer Architecture and System Programming Laboratory. TA Session 3

Instructions and Instruction Set Architecture

CSE 351 Midterm - Winter 2015 Solutions

Assembly Language: Function Calls

Assembly III: Procedures. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

CSE 351 Midterm - Winter 2015

Princeton University Computer Science 217: Introduction to Programming Systems. Assembly Language: Function Calls

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2018 Lecture 4

CSE 351 Midterm - Winter 2017

Buffer Overflow Attack (AskCypert CLaaS)

Part 7. Stacks. Stack. Stack. Examples of Stacks. Stack Operation: Push. Piles of Data. The Stack

CSE351 Spring 2018, Midterm Exam April 27, 2018

CS429: Computer Organization and Architecture

18-600: Recitation #3

Machine Program: Procedure. Zhaoguo Wang

Computer Systems C S Cynthia Lee

Instruction Set Architectures

EECE.3170: Microprocessor Systems Design I Summer 2017 Homework 4 Solution

Computer Architecture and System Programming Laboratory. TA Session 5

143A: Principles of Operating Systems. Lecture 5: Calling conventions. Anton Burtsev January, 2017

Computer Systems Lecture 9

6.035 Project 3: Unoptimized Code Generation. Jason Ansel MIT - CSAIL

Assembly Language Programming 64-bit environments

Machine-level Programs Procedure

Generation. representation to the machine

Branching and Looping

CS Basics 8) Strings. Emmanuel Benoist. Fall Term Berner Fachhochschule Haute cole spcialise bernoise Berne University of Applied Sciences 1

CS Bootcamp x86-64 Autumn 2015

Machine-Level Programming III: Procedures

Register Allocation, i. Overview & spilling

Millions of instructions per second [MIPS] executed by a single chip microprocessor

Bryant and O Hallaron, Computer Systems: A Programmer s Perspective, Third Edition. Carnegie Mellon

The Stack & Procedures

Machine-Level Programming (2)

Processor state. Information about currently executing program. %rax, %rdi, ... %r14 %r15. %rsp. %rip CF ZF SF OF. Temporary data

Binghamton University. CS-220 Spring x86 Assembler. Computer Systems: Sections

Function Calls and Stack

143A: Principles of Operating Systems. Lecture 4: Calling conventions. Anton Burtsev October, 2017

Review addressing modes

238P: Operating Systems. Lecture 3: Calling conventions. Anton Burtsev October, 2018

Lecture 4 CIS 341: COMPILERS

Assembly Programming IV

Lecture 3 CIS 341: COMPILERS

1 Number Representation(10 points)

Computer Organization: A Programmer's Perspective

Subprograms, Subroutines, and Functions

Machine/Assembler Language Putting It All Together

x86-64 Programming II

Mechanisms in Procedures. CS429: Computer Organization and Architecture. x86-64 Stack. x86-64 Stack Pushing

x86-64 Programming III

How Software Executes

The Stack & Procedures

Areas for growth: I love feedback

Introduction to Compilers and Language Design Copyright (C) 2017 Douglas Thain. All rights reserved.

University of Washington

Procedure-Calling Conventions October 30

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2017 Lecture 5

Machine- Level Representa2on: Procedure

CPS104 Recitation: Assembly Programming

+ Machine Level Programming: x86-64 History

x64 Cheat Sheet Fall 2014

CS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 21: Generating Pentium Code 10 March 08

How Software Executes

CS 107. Lecture 13: Assembly Part III. Friday, November 10, Stack "bottom".. Earlier Frames. Frame for calling function P. Increasing address

x86 Programming I CSE 351 Winter

Computer Architecture and Assembly Language. Practical Session 5

Practical Malware Analysis

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2017 Lecture 12

x86-64 Programming III & The Stack

6/20/2011. Introduction. Chapter Objectives Upon completion of this chapter, you will be able to:

CSE P 501 Exam Sample Solution 12/1/11

18-600: Recitation #4 Exploits

Unoptimized Code Generation

CSE P 501 Exam 12/1/11

Machine-Level Programming V: Unions and Memory layout

Midterm 1 topics (in one slide) Bits and bitwise operations. Outline. Unsigned and signed integers. Floating point numbers. Number representation

UW CSE 351, Winter 2013 Midterm Exam

Recitation: Attack Lab

Rev101. spritzers - CTF team. spritz.math.unipd.it/spritzers.html

Recitation: Bomb Lab. September 17 th 2018

Return Oriented Programming

CSCI 2021: x86-64 Control Flow

Where We Are. Optimizations. Assembly code. generation. Lexical, Syntax, and Semantic Analysis IR Generation. Low-level IR code.

Assembly Programming III

CSE351 Autumn 2014 Midterm Exam (29 October 2014)

Machine Programming 3: Procedures

MACHINE-LEVEL PROGRAMMING I: BASICS COMPUTER ARCHITECTURE AND ORGANIZATION

Intel x86-64 and Y86-64 Instruction Set Architecture

Reverse Engineering Low Level Software. CS5375 Software Reverse Engineering Dr. Jaime C. Acosta

CS-220 Spring 2018 Test 2 Version Practice Apr. 23, Name:

6.1. CS356 Unit 6. x86 Procedures Basic Stack Frames

reply db y prompt db Enter your favourite colour:, 0 colour db 80 dup(?) i db 20 k db? num dw 4000 large dd 50000

Binghamton University. CS-220 Spring X86 Debug. Computer Systems Section 3.11

Changelog. Assembly (part 1) logistics note: lab due times. last time: C hodgepodge

15-213/18-243, Spring 2011 Exam 1

void P() {... y = Q(x); print(y); return; } ... int Q(int t) { int v[10];... return v[t]; } Computer Systems: A Programmer s Perspective

Lecture 2 Assembly Language

Transcription:

Functions Ray Seyfarth August 4, 2011

Functions We will write C compatible function C++ can also call C functions using extern "C" {...} It is generally not sensible to write complete assembly programs About 10% of your program uses 90% of the time The compiler does an excellent job of code generation Writing about 10% of your application in assembly might be worth doing if you can take advantage of instructions like SSE or AVX We will write functions which can be called from C We will also take advantage of C library functions malloc to allocate memory scanf to read data printf to print data

Outline 1 The stack 2 The call instruction 3 The return instruction 4 Function parameters 5 Stack frames 6 Recursion

The stack The run-time stack is a region of memory which is used for a variety of temporary storage needs It starts with a high address of 0x7fffa6b79000 for my bash process It can be used for temporary storage of partially computed expressions It is used for some of the parameters to functions It is used for local variables in C/C++ functions It is used to store the address to return to after completing a function call The push instruction decrements the rsp register and stores the value being pushed at this address The pop instruction places the value at the top of the stack into its operand and increments rsp With the x86-64 instructions you should push and pop 8 bytes at a time

Initial stack setup The operating system starts a process by creating a stack with possibly randomly selected starting addresses Then it places a variety of data items into the stack. Finally it transfer to start (not really a call) The parameters to start are placed on the stack. The first parameter (last pushed on the stack) in the number of command line parameters The second parameter is the address of the string (on the stack) which is the first command line parameter (program name) These command line parameters continue and end with a 0 value on the stack. Above this point on the stack are addresses of the strings which constitute the environment Strings like "USER=seyfarth" Or "PATH=/bin:/usr/bin:/usr/local/bin" with multiple parts All these variables were contained in the starting process A child process inherits an environment

The call instruction After preparing any parameters you call a function this way call my_function my function should be an appropriate address in the code segment The function s return value will be in rax or xmm0 The effect of a function call is much like push next_instruction jmp my_function next_instruction:

The return instruction The effect of the return instruction (ret) is to pop an address off the stack and branch to it We could get much the same effect using pop jmp rdi rdi

Function parameters On 32 bit Linux all parameters were pushed onto the stack On x86-64 there are 8 more registers, so some parameters are passed in registers. Linux and Mac OS/X pass integer and address parameters 1 through 6 in rdi, rsi, rdx, rcx, r8 and r9 The remaining integer and address parameters are pushed onto the stack The first 6 floating point parameters are passed in registers xmm0 - xmm5 The remaining floating point parameters are passed on the stack Windows uses registers rcx, rdx, r8 and r9 for the first 4 integer and address parameters and pushes the rest Windows uses xmm0 - xmm3 In all cases pushed parameters are pushed in reverse order

Function parameters (2) Functions like printf having a variable number of parameters must place the number of floating point parameters in rax Both Linux and Windows require the maintenance of the stack on 16 byte boundaries during the main part of functions The reason behind this requirement is to make it possible for local variables (on the stack) to be on 16 byte boundaries, a requirement for some SSE and AVX instructions Conforming functions generally start with push rbp re-establishes the 15 byte bounding temporarily botched by the function call Following that conforming functions subtract multiple of 16 from rsp to allocate stack space or push pairs of 8 byte values

Hello world, at last section.data msg: db "Hello World!",0x0a,0 main: section.text global main extern printf push rbp mov rbp, rsp lea rdi, [msg] ; parameter 1 for printf xor eax, eax ; 0 floating point parameters call printf xor eax, eax ; return 0 pop rbp ret

Stack frames Stack frames are used by the gdb debugger to trace backwards through the stack to inspect calls make in a process The set of stack frames is accessible using the rbp register which contains the previous value of rsp At the previous rsp location is stored the old value of rbp for the previous function Just above the previous rbp is the return address The rbp addresses give a linked list of stack frames which works great with the backtrace or bt command in gdb Your functions should look like push mov sub... leave ret rbp rbp, rsp rsp, multiple_of_16 ; undoes the first 3 instructions

Symbolic names for local variables Local variables in a function are at rsp and above Use the equ pseudo-op to give names to their offsets relative to rsp a equ 0 b equ 8 c equ 16 d equ 24 push rbp mov rbp, rsp sub rsp, 32 mov [rsp+a], rdi ; stores the first parameter in a mov [rsp+b], rsi ; save the second parameter mov rdi, 16 call malloc mov [rsp+d], rax ; save address returned by malloc leave ret

Register preservation For Linux a function must preserve registers rbx, rbp, and r12-r15 Try to dodge them, but if you need them place them in local variables on the stack first and restore before you leave It can be a relief to use these registers since they will still be available to you after a function call Windows functions must preserve registers rbx, rbp, rsi, rdi and r12-r15

Recursion A recursive function calls itself (perhaps indirectly) Using proper stack frames can help in debugging, especially with recursion Recursive solutions involve breaking a big problem into smaller problems, solving the smaller problems and building a complete solution from the sub-solutions If you break a problem up enough it generally becomes obvious how to solve it Perhaps you are defining a recursive sum of array elements. When you get down to 0 array elements it is easy to solve. These easy cases are called base cases A recursive function begins by checking if it is being asked to solve a base case If so, then it produces an immediate solution If not, then it applies recursion on sub-problems

Recursive factorial function fact: ; recursive function n equ 8 push rbp mov rbp, rsp sub rsp, 16 ; make room for storing n cmp rdi, 1 ; compare argument with 1 jg greater ; if n <= 1, return 1 mov eax, 1 ; set return value to 1 leave ret greater: mov [rsp+n], rdi ; save n dec rdi ; call fact with n-1 call fact mov rdi, [rsp+n] ; restore original n imul rax, rdi ; multiply fact(n-1)*n leave ret

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback