CMSC 313 Lecture 12 [draft] How C functions pass parameters

Similar documents
CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING PREVIEW SLIDES 16, SPRING 2013

CMSC 313 Lecture 12. Project 3 Questions. How C functions pass parameters. UMBC, CMSC313, Richard Chang

The System Bus Model

CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 17, SPRING 2013

x86 assembly CS449 Fall 2017

Assembly Language: Function Calls

Function Calls COS 217. Reading: Chapter 4 of Programming From the Ground Up (available online from the course Web site)

Question 4.2 2: (Solution, p 5) Suppose that the HYMN CPU begins with the following in memory. addr data (translation) LOAD 11110

Assembly Language: Function Calls" Goals of this Lecture"

AS08-C++ and Assembly Calling and Returning. CS220 Logic Design AS08-C++ and Assembly. AS08-C++ and Assembly Calling Conventions

Assembly Language: Function Calls" Goals of this Lecture"

Assembly Language: Function Calls. Goals of this Lecture. Function Call Problems

Machine-level Programming (3)

x86 assembly CS449 Spring 2016

administrivia today start assembly probably won t finish all these slides Assignment 4 due tomorrow any questions?

Stack -- Memory which holds register contents. Will keep the EIP of the next address after the call

CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING

Homework. In-line Assembly Code Machine Language Program Efficiency Tricks Reading PAL, pp 3-6, Practice Exam 1

Procedure Calls. Young W. Lim Sat. Young W. Lim Procedure Calls Sat 1 / 27

X86 Stack Calling Function POV

CSC 2400: Computing Systems. X86 Assembly: Function Calls"

Assembly III: Procedures. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

1 /* file cpuid2.s */ 4.asciz "The processor Vendor ID is %s \n" 5.section.bss. 6.lcomm buffer, section.text. 8.globl _start.

4) C = 96 * B 5) 1 and 3 only 6) 2 and 4 only

Intel assembly language using gcc

ASSEMBLY III: PROCEDURES. Jo, Heeseung

Assembly III: Procedures. Jo, Heeseung

CS 31: Intro to Systems Functions and the Stack. Martin Gagne Swarthmore College February 23, 2016

Lab 10: Introduction to x86 Assembly

Machine-Level Programming III: Procedures

The course that gives CMU its Zip! Machine-Level Programming III: Procedures Sept. 17, 2002

Assembly Programmer s View Lecture 4A Machine-Level Programming I: Introduction

Instruction Set Architecture

Instruction Set Architecture

Procedure Calls. Young W. Lim Mon. Young W. Lim Procedure Calls Mon 1 / 29

CPEG421/621 Tutorial

CS213. Machine-Level Programming III: Procedures

CS , Fall 2001 Exam 1

CAS CS Computer Systems Spring 2015 Solutions to Problem Set #2 (Intel Instructions) Due: Friday, March 20, 1:00 pm

Instruction Set Architecture

CISC 360 Instruction Set Architecture

CSC 2400: Computing Systems. X86 Assembly: Function Calls

Machine Program: Procedure. Zhaoguo Wang

W4118: PC Hardware and x86. Junfeng Yang

Y86 Processor State. Instruction Example. Encoding Registers. Lecture 7A. Computer Architecture I Instruction Set Architecture Assembly Language View

Turning C into Object Code Code in files p1.c p2.c Compile with command: gcc -O p1.c p2.c -o p Use optimizations (-O) Put resulting binary in file p

CPS104 Recitation: Assembly Programming

Instructor: Alvin R. Lebeck

CPSC W Term 2 Problem Set #3 - Solution

CS241 Computer Organization Spring 2015 IA

Computer Systems Lecture 9

EECE.3170: Microprocessor Systems Design I Summer 2017 Homework 4 Solution

Assembly I: Basic Operations. Jo, Heeseung

ASSEMBLY I: BASIC OPERATIONS. Jo, Heeseung

Region of memory managed with stack discipline Grows toward lower addresses. Register %esp contains lowest stack address = address of top element

Introduction Selected details Live demos. HrwCC. A self-compiling C-compiler. Stefan Huber Christian Rathgeb Stefan Walkner

Computer Systems Organization V Fall 2009

IA32 Stack. Stack BoDom. Region of memory managed with stack discipline Grows toward lower addresses. Register %esp contains lowest stack address

CS 33: Week 3 Discussion. x86 Assembly (v1.0) Section 1G

What the CPU Sees Basic Flow Control Conditional Flow Control Structured Flow Control Functions and Scope. C Flow Control.

Machine-Level Programming I: Introduction Jan. 30, 2001

CIT Week13 Lecture

Second Part of the Course

CSC 8400: Computer Systems. Using the Stack for Function Calls

CMSC 313 Fall2009 Midterm Exam 2 Section 01 Nov 11, 2009

Program Exploitation Intro

Sungkyunkwan University

Assembly Language Programming - III

Assembly I: Basic Operations. Computer Systems Laboratory Sungkyunkwan University

Systems I. Machine-Level Programming V: Procedures

Winter Compiler Construction T11 Activation records + Introduction to x86 assembly. Today. Tips for PA4. Today:

Register Allocation, iii. Bringing in functions & using spilling & coalescing

Computer Architecture and Assembly Language. Practical Session 3

CS , Fall 2002 Exam 1

Section 4: Threads and Context Switching

An Experience Like No Other. Stack Discipline Aug. 30, 2006

Implementing Threads. Operating Systems In Depth II 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Sample Exam I PAC II ANSWERS

University of Washington

CSC 2400: Computer Systems. Using the Stack for Function Calls

Machine Programming 3: Procedures

Section 4: Threads CS162. September 15, Warmup Hello World Vocabulary 2

X86 Assembly -Procedure II:1

Systems I. Machine-Level Programming I: Introduction

CISC 360. Machine-Level Programming I: Introduction Sept. 18, 2008

X86 Review Process Layout, ISA, etc. CS642: Computer Security. Drew Davidson

CSE P 501 Compilers. x86 Lite for Compiler Writers Hal Perkins Autumn /25/ Hal Perkins & UW CSE J-1

CS61 Section Solutions 3

Machine- Level Programming III: Switch Statements and IA32 Procedures

Machine Programming 1: Introduction

Function Call Convention

COMP 210 Example Question Exam 2 (Solutions at the bottom)

ICS143A: Principles of Operating Systems. Midterm recap, sample questions. Anton Burtsev February, 2017

Sistemi Operativi. Lez. 16 Elementi del linguaggio Assembler AT&T

Machine-Level Programming II: Control and Arithmetic

Process Layout and Function Calls

Buffer Overflow Attack

Instruction Set Architectures

CS , Fall 2004 Exam 1

CS 201 Winter 2014 (Karavanic) Final Exam

Transcription:

CMSC 313 Lecture 12 [draft] How C functions pass parameters UMBC, CMSC313, Richard Chang <chang@umbcedu>

Last Time Stack Instructions: PUSH, POP PUSH adds an item to the top of the stack POP removes an item from the top of the stack Subroutine Instructions: CALL, RET CALL saves EIP on the stack and jumps to the subroutine RET retrieves the caller s EIP from the stack Subroutine Examples UMBC, CMSC313, Richard Chang <chang@umbcedu>

Linux/gcc/i386 Function Call Convention Parameters pushed right to left on the stack first parameter on top of the stack Caller saves EAX, ECX, EDX if needed these registers will probably be used by the callee Callee saves EBX, ESI, EDI there is a good chance that the callee does not need these EBP used as index register for parameters, local variables, and temporary storage Callee must restore caller s ESP and EBP Return value placed in EAX UMBC, CMSC313, Richard Chang <chang@umbcedu>

A typical stack frame for the function call: int foo (int arg1, int arg2, int arg3) ESP ==> Callee saved registers EBX, ESI & EDI (as needed) temporary storage local variable #2 [EBP - 8] local variable #1 [EBP - 4] EBP ==> Caller's EBP Return Address Argument #1 [EBP + 8] Argument #2 [EBP + 12] Argument #3 [EBP + 16] Caller saved registers EAX, ECX & EDX (as needed) Fig 1

The caller's actions before the function call Save EAX, ECX, EDX registers as needed Push arguments, last first CALL the function ESP ==> EBP ==> Return Address Arg #1 = 12 Arg #2 = 15 Arg #3 = 18 Caller saved registers EAX, ECX & EDX (as needed) Fig 2

The callee's actions after function call Save main's EBP, set up own stack frame ESP ==> Callee saved registers EBX, ESI & EDI (as needed) push mov ebp ebp, esp temporary storage [EBP - 20] Allocate space for local variables and temporary storage Save EBX, ESI and EDI registers as needed EBP==> local variable #2 [EBP - 8] local variable #1 [EBP - 4] main's EBP Return Address Arg #1 = 12 [EBP + 8] Arg #2 = 15 [EBP + 12] Arg #3 = 18 [EBP + 16] Caller saved registers EAX, ECX & EDX (as needed) Fig 4

The callee's actions before returning Store return value in EAX ESP ==> Arg #1 = 12 Restore EBX, ESI and EDI registers as needed Restore main's stack frame mov pop RET to main esp, ebp ebp EBP ==> Arg #2 = 15 Arg #3 = 18 Caller saved registers EAX, ECX & EDX (as needed) Fig 5

The caller's actions after returning POP arguments off the stack Store return value in EAX Restore EAX, ECX and EDX registers as needed Return Address Arg #1 = 12 Arg #2 = 15 Arg #3 = 18 ESP ==> EBP ==> Caller saved registers EAX, ECX & EDX (as needed) Fig 6

// File: cfuncc // // Example of C function calls disassembled // #include <stdioh> // a silly function // int foo(int x, int y) { int z } z = x + y return z int main () { int b b = foo(35, 64) b = b + b printf ("b = %d\n", b) } linux3% gcc cfuncc linux3% aout b = 198 linux3% linux3% gcc -S cfuncc linux3% i2g -g cfuncs >cfuncasm linux3%

file "cfuncc" version "0101" gcc2_compiled: text align 4 globl foo type foo,@function foo: L1: pushl %ebp movl %esp,%ebp subl $4,%esp movl 8(%ebp),%eax movl 12(%ebp),%edx leal (%edx,%eax),%ecx movl %ecx,-4(%ebp) movl -4(%ebp),%edx movl %edx,%eax jmp L1 p2align 4,,7 leave ret

Lfe1: size foo,lfe1-foo section rodata LC0: string "b = %d\n" text align 4 globl main type main,@function main: pushl %ebp movl %esp,%ebp subl $4,%esp pushl $64 pushl $35 call foo addl $8,%esp movl %eax,%eax movl %eax,-4(%ebp) movl -4(%ebp),%eax addl %eax,-4(%ebp) movl -4(%ebp),%eax pushl %eax pushl $LC0 call printf addl $8,%esp L2: leave ret Lfe2: size main,lfe2-main ident "GCC: (GNU) egcs-29166 19990314/Linux (egcs-112 release)"

FILE "cfuncc" gcc2_compiled: SECTION text ALIGN 4 GLOBAL foo GLOBAL foo:function foo: push ebp mov ebp,esp sub esp,4 mov eax, [ebp+8] mov edx, [ebp+12] lea ecx, [edx+eax] mov [ebp-4],ecx mov edx, [ebp-4] mov eax,edx jmp L1 ALIGN 1<<4 IF < 7 L1: leave ret

Lfe1: SECTION LC0: GLOBAL foo:function (Lfe1-foo) rodata db 'b = %d',10,'' SECTION text ALIGN 4 GLOBAL main GLOBAL main:function main: push ebp mov ebp,esp sub esp,4 push dword 64 push dword 35 call foo add esp,8 mov eax,eax mov [ebp-4],eax mov eax, [ebp-4] add [ebp-4],eax mov eax, [ebp-4] push eax push dword LC0 call printf add esp,8 L2: leave ret Lfe2: GLOBAL main:function (Lfe2-main) IDENT "GCC: (GNU) egcs-29166 19990314/Linux (egcs-112 release)"

Lfe1: SECTION LC0: GLOBAL foo:function (Lfe1-foo) rodata db 'b = %d',10,'' SECTION text ALIGN 4 GLOBAL main GLOBAL main:function main: push ebp mov ebp,esp sub esp,4 push dword 64 push dword 35 call foo add esp,8 mov eax,eax mov [ebp-4],eax mov eax, [ebp-4] add [ebp-4],eax mov eax, [ebp-4] push eax push dword LC0 call printf add esp,8 L2: leave ret Lfe2: GLOBAL main:function (Lfe2-main) IDENT "GCC: (GNU) egcs-29166 19990314/Linux (egcs-112 release)"

File: printf1asm Using C printf function to print Assemble using NASM: nasm -f elf printf1asm C-style main function Link with gcc: gcc printf1o Declare some external functions extern printf SECTION data the C function, we'll call Data section msg: db "Hello, world: %c", 10, 0 The string to print SECTION text Code section main: global main push ebp set up stack frame mov ebp,esp push dword 97 an 'a' push dword msg address of ctrl string call printf Call C function add esp, 8 pop stack mov esp, ebp takedown stack frame pop ebp same as "leave" op ret linux3% nasm -f elf printf1asm linux3% gcc printf1o linux3% aout Hello, world: a linux3% exit

File: printf2asm Using C printf function to print Assemble using NASM: nasm -f elf printf2asm Assembler style main function Link with gcc: gcc -nostartfiles printf2asm %define SYSCALL_EXIT 1 Declare some external functions extern printf SECTION data the C function, we'll call Data section msg: db "Hello, world: %c", 10, 0 The string to print SECTION text Code section _start: global _start push dword 97 an 'a' push dword msg address of ctrl string call printf Call C function add esp, 8 pop stack mov eax, SYSCALL_EXIT Exit mov ebx, 0 exit code, 0=normal int 080H ask kernel to take over linux3% nasm -f elf printf2asm linux3% gcc -nostartfiles printf2o linux3% linux3% aout Hello, world: a linux3%

// File: arraytestc // // C program to test arrayincasm // void arrayinc(int A[], int n) main() { int A[7] = {2, 7, 19, 45, 3, 42, 9} int i } printf ("sizeof(int) = %d\n", sizeof(int)) printf("\noriginal array:\n") for (i = 0 i < 7 i++) { printf("a[%d] = %d ", i, A[i]) } printf("\n") arrayinc(a,7) printf("\nmodified array:\n") for (i = 0 i < 7 i++) { printf("a[%d] = %d ", i, A[i]) } printf("\n") linux3% gcc -c arraytestc linux3% nasm -f elf arrayincasm linux3% gcc arraytesto arrayinco linux3% linux3% aout sizeof(int) = 4 Original array: A[0] = 2 A[1] = 7 A[2] = 19 A[3] = 45 A[4] = 3 A[5] = 42 A[6] = 9 Modified array: A[0] = 3 A[1] = 8 A[2] = 20 A[3] = 46 A[4] = 4 A[5] = 43 A[6] = 10 linux3%

File: arrayincasm A subroutine to be called from C programs Parameters: int A[], int n Result: A[0], A[n-1] are each incremented by 1 SECTION text global arrayinc arrayinc: push ebp set up stack frame mov ebp, esp registers ebx, esi and edi must be saved, if used push ebx push edi mov edi, [ebp+8] get address of A mov ecx, [ebp+12] get num of elts mov ebx, 0 initialize count for_loop: mov eax, [edi+4*ebx] get array element inc eax add 1 mov [edi+4*ebx], eax put it back inc ebx update counter loop for_loop pop edi restore registers pop ebx mov esp, ebp take down stack frame pop ebp ret

// File: cfunc3c // // Example of C function calls disassembled // Return values with more than 4 bytes // #include <stdioh> typedef struct { int part1, part2 } stype // a silly function // stype foo(stype r) { } rpart1 += 4 rpart2 += 3 return r int main () { stype r1, r2, r3 int n n = 17 r1part1 = 74 r1part2 = 75 r2part1 = 84 r2part2 = 85 r3part1 = 93 r3part2 = 99 r2 = foo(r1) printf ("r2part1 = %d, r2part2 = %d\n", r1part1, r2part2 ) } n = foo(r3)part2

FILE "cfunc3c" gcc2_compiled: SECTION text ALIGN 4 GLOBAL foo GLOBAL foo:function foo: push ebp mov ebp,esp mov eax, [ebp+8] add dword [ebp+12],4 add dword [ebp+16],3 comments & spacing added set up stack frame addr to store return value rpart1 = [ebp+12] rpart2 = [ebp+16] L1: Lfe1: return value mov edx, [ebp+12] mov ecx, [ebp+16] mov [eax],edx mov [eax+4],ecx jmp L1 mov eax,eax leave ret 4 get rpart1 get rpart2 put rpart1 in return valu put rpart2 in return valu does nothing bye-bye pop 4 bytes after return

SECTION LC0: GLOBAL foo:function (Lfe1-foo) rodata db SECTION text ALIGN 4 GLOBAL main GLOBAL main:function main: push ebp mov ebp,esp sub esp,36 'r2part1 = %d, r2part2 = %d',10,'' comments & spacing added set up stack frame space for local variables initialize variables mov dword [ebp-28],17 mov dword [ebp-8],74 mov dword [ebp-4],75 mov dword [ebp-16],84 mov dword [ebp-12],85 mov dword [ebp-24],93 mov dword [ebp-20],99 call foo lea eax, [ebp-16] mov edx, [ebp-8] mov ecx, [ebp-4] push ecx push edx push eax call foo add esp,8 call printf mov eax, [ebp-12] push eax mov eax, [ebp-8] push eax push dword LC0 call printf add esp,12 n = [ebp-28] r1 = [ebp-8] r2 = [ebp-16] r3 = [ebp-24] get addr of r2 get r1part1 get r1part2 push r1part2 push r1part1 push addr of r2 pop r1 ret 4 popped r2's addr get r2part2 push it get r2part1 push it string constant's addr pop off arguments

call foo again lea eax, [ebp-36] mov edx, [ebp-24] mov ecx, [ebp-20] push ecx push edx push eax call foo add esp,8 assign to n mov eax, [ebp-32] mov [ebp-28],eax addr of temp variable get r3part1 get r3part2 push r3part2 push r3part1 push addr of temp var pop off arguments get part2 of temp var store in n L2: leave bye-bye ret Lfe2: GLOBAL main:function (Lfe2-main) IDENT "GCC: (GNU) egcs-29166 19990314/Linux (egcs-112 release)"

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback