Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 7. Procedures and the Stack

Similar documents
Assembly Language Lab # 9

Microprocessors ( ) Fall 2010/2011 Lecture Notes # 15. Stack Operations. 10 top

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 10. Advanced Procedures

Lecture 15 Intel Manual, Vol. 1, Chapter 3. Fri, Mar 6, Hampden-Sydney College. The x86 Architecture. Robb T. Koether. Overview of the x86

Lab 2: Introduction to Assembly Language Programming

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB

Computer Architecture and Assembly Language. Practical Session 3

Procedures and the Stack. Chapter 4 S. Dandamudi

Assembly Language for Intel-Based Computers, 4 th Edition. Chapter 5: Procedures. Chapter Overview. The Book's Link Library

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB

The x86 Architecture

Lab 4: Basic Instructions and Addressing Modes

Objectives. ICT106 Fundamentals of Computer Systems Topic 8. Procedures, Calling and Exit conventions, Run-time Stack Ref: Irvine, Ch 5 & 8

Libraries and Procedures

Assembly Language Programming: Procedures. EECE416 uc. Charles Kim Howard University. Fall

Stack, subprograms. procedures and modular programming role of stack while using procedures stack implementation (Pentium)

Stack -- Memory which holds register contents. Will keep the EIP of the next address after the call

COMPUTER ENGINEERING DEPARTMENT

Assembly Language for Intel-Based Computers, 4 th Edition

Libraries and Procedures

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 8. Conditional Processing

6/20/2011. Introduction. Chapter Objectives Upon completion of this chapter, you will be able to:

Chapter 3: Addressing Modes

Lab 3: Defining Data and Symbolic Constants

Experiment 8 8 Subroutine Handling Instructions and Macros

COE 205. Computer Organization and Assembly Language Dr. Aiman El-Maleh

16.317: Microprocessor Systems Design I Fall 2015

Module 3 Instruction Set Architecture (ISA)

EECE.3170: Microprocessor Systems Design I Summer 2017 Homework 4 Solution

Program Exploitation Intro

Lab 6: Conditional Processing

Assembly Language for Intel-Based Computers, 4 th Edition. Chapter 5: Procedures

X86 Addressing Modes Chapter 3" Review: Instructions to Recognize"

UMBC. 1 (Feb. 9, 2002) seg_base + base + index. Systems Design & Programming 80x86 Assembly II CMPE 310. Base-Plus-Index addressing:

16.317: Microprocessor Systems Design I Fall 2014

Assembly Language. Lecture 5 Procedures

CSC 2400: Computer Systems. Towards the Hardware: Machine-Level Representation of Programs

16.317: Microprocessor Systems Design I Fall 2013

Basic Execution Environment

Low-Level Essentials for Understanding Security Problems Aurélien Francillon

Assembly Language. Lecture 5 Procedures

16.317: Microprocessor Systems Design I Spring 2015

Lab 5: Input/Output using a Library of Procedures

Scott M. Lewandowski CS295-2: Advanced Topics in Debugging September 21, 1998

CSC 8400: Computer Systems. Machine-Level Representation of Programs

EEM336 Microprocessors I. Data Movement Instructions

Digital Forensics Lecture 3 - Reverse Engineering

x86 assembly CS449 Fall 2017

Chapter 11. Addressing Modes

UMBC. A register, an immediate or a memory address holding the values on. Stores a symbolic name for the memory location that it represents.

Registers. Ray Seyfarth. September 8, Bit Intel Assembly Language c 2011 Ray Seyfarth

Computer Architecture and System Software Lecture 07: Assembly Language Programming

Assembly Language Each statement in an assembly language program consists of four parts or fields.

EEM336 Microprocessors I. Addressing Modes

UMBC. contain new IP while 4th and 5th bytes contain CS. CALL BX and CALL [BX] versions also exist. contain displacement added to IP.

Practical Malware Analysis

MODE (mod) FIELD CODES. mod MEMORY MODE: 8-BIT DISPLACEMENT MEMORY MODE: 16- OR 32- BIT DISPLACEMENT REGISTER MODE

Addressing Modes on the x86

Introduction to IA-32. Jo, Heeseung

Marking Scheme. Examination Paper Department of CE. Module: Microprocessors (630313)

Function Calls COS 217. Reading: Chapter 4 of Programming From the Ground Up (available online from the course Web site)

COMPUTER ENGINEERING DEPARTMENT

INTRODUCTION TO IA-32. Jo, Heeseung

complement) Multiply Unsigned: MUL (all operands are nonnegative) AX = BH * AL IMUL BH IMUL CX (DX,AX) = CX * AX Arithmetic MUL DWORD PTR [0x10]

GLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine

CS 31: Intro to Systems ISAs and Assembly. Martin Gagné Swarthmore College February 7, 2017

EXPERIMENT WRITE UP. LEARNING OBJECTIVES: 1. Get hands on experience with Assembly Language Programming 2. Write and debug programs in TASM/MASM

Marking Scheme. Examination Paper. Module: Microprocessors (630313)

ADDRESSING MODES. Operands specify the data to be used by an instruction

An Introduction to x86 ASM

Lab 3. The Art of Assembly Language (II)

UNIVERSITY OF CALIFORNIA, RIVERSIDE

x86 Assembly Tutorial COS 318: Fall 2017

Reverse Engineering II: The Basics

Reverse Engineering II: Basics. Gergely Erdélyi Senior Antivirus Researcher

EECE416 :Microcomputer Fundamentals and Design. X86 Assembly Programming Part 1. Dr. Charles Kim

Winter Compiler Construction T11 Activation records + Introduction to x86 assembly. Today. Tips for PA4. Today:

We can study computer architectures by starting with the basic building blocks. Adders, decoders, multiplexors, flip-flops, registers,...

Assembly Language Programming

Assembly Language: Function Calls

CS 31: Intro to Systems ISAs and Assembly. Kevin Webb Swarthmore College February 9, 2016

administrivia today start assembly probably won t finish all these slides Assignment 4 due tomorrow any questions?

CS 31: Intro to Systems ISAs and Assembly. Kevin Webb Swarthmore College September 25, 2018

CNIT 127: Exploit Development. Ch 1: Before you begin. Updated

The IA-32 Stack and Function Calls. CS4379/5375 Software Reverse Engineering Dr. Jaime C. Acosta

Assembly Language: Function Calls" Goals of this Lecture"

CS 161 Computer Security. Week of January 22, 2018: GDB and x86 assembly

We will first study the basic instructions for doing multiplications and divisions

Complex Instruction Set Computer (CISC)

Assembly Language for Intel-Based Computers, 4 th Edition

Assembler Programming. Lecture 2

CMSC Lecture 03. UMBC, CMSC313, Richard Chang

Binghamton University. CS-220 Spring x86 Assembler. Computer Systems: Sections

Assembly Language: Function Calls" Goals of this Lecture"

The Stack. Lecture 15: The Stack. The Stack. Adding Elements. What is it? What is it used for?

CS61 Section Solutions 3

CS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 21: Generating Pentium Code 10 March 08

Assembly Language: Function Calls. Goals of this Lecture. Function Call Problems

/ 28 HLL assembly Q4: Conditional instructions / 40 TOTAL SCORE / 100 EXTRA CREDIT / 10

Summary: Direct Code Generation

Transcription:

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB Lab # 7 Procedures and the Stack April, 2014

1 Assembly Language LAB Runtime Stack and Stack Instructions A stack is a LIFO structure (Last-In, First-Out), because the last value put into the stack is always the first value taken out. The runtime stack is a memory array managed directly by the CPU. The ESP is called the extended stack pointer register and contains the 32-bit address of the last item that was pushed on the stack. We rarely manipulate the ESP register directly. Instead, the PUSH, POP, CALL, and RET instructions modify the ESP register. The.STACK directive allocates a stack in memory. By default, the assembler allocates 1KB of memory for the stack, which is sufficient for small programs. You can also specify the size of the stack in bytes. For example, the following directive allocates a stack of 4096 bytes. The operating system initializes ESP register to the address of the first byte above the stack..stack 4096 There are several important uses of the stack in programs: A stack makes a convenient temporary save area for registers when they are used for more than one purpose. After they are modified, they can be restored to their original values. When the CALL instruction executes, the CPU saves the return address on the stack. When calling procedures, we often pass parameter values on the stack. Local variables inside a procedure are allocated on the stack and discarded when the procedure ends. PUSH and POP Instructions The PUSH instruction has the following syntax: push source The source operand can be 16-bit or 32-bit register, a word or double word in memory, or an immediate constant. For a word-size source operand, the ESP register is decremented by 2 and the source operand is stored on the stack at the address pointed by the ESP register. For a double word-size source operand, the ESP register is decremented by 4 and the source operand is stored. The stack grows downwards or backwards towards lower addresses. The POP instruction has the following syntax: pop destination The destination operand can be a word or double word in memory, or a 16-bit or 32-bit general purpose register. The POP instruction does the opposite job a PUSH. It copies the word or double word on top of the stack into the destination memory or register and then increments the ESP register. If the destination is a word then the ESP register is incremented by 2. Otherwise, it is incremented by 4 bytes. PUSHAD, POPAD, PUSHA, and POPA Instructions The PUSHAD instruction pushes all of the 32-bit general-purpose registers on the stack in the following order: EAX, ECX, EDX, EBX, ESP (original value), EBP, ESI, and EDI. The POPAD instruction pops the same registers off the stack in reverse order. If you write a procedure that modifies a number of 32-bit registers, then you can use the PUSHAD at the beginning of the procedure to save all the 32-bit general-purpose registers before they are modified, and you use the POPAD at the end of the procedure to restore their values.

2 Assembly Language LAB Similarly, the PUSHA instruction pushes the 16-bit general-purpose registers in the following order: AX, CX, DX, BX, SP (original value), BP, SI, and DI. The POPA instruction pops the same registers in reverse order. PUSHFD and POPFD Instructions There are times when it is useful to save the flags so you can restore their values later. The PUSHFD instruction pushes the 32-bit EFLAGS register on the stack, and POPFD pops the stack into EFLAGS. Lab Work: Demonstrating the Stack Instructions TITLE Demonstrating Stack Instructions (stack.asm).686.model flat, stdcall.stack 4096 INCLUDE Irvine32.inc.data var1 DWORD 01234567h var2 DWORD 89ABCDEFh.code main PROC pushad ; Save general-purpose registers ; PUSH and POP push var1 push var2 push 6A6A4C4Ch pop eax pop ebx pop cx pop dx popad ; restore general-purpose registers ; Exchanging 2 variables in memory push var1 push var2 pop var1 pop var2 exit main ENDP END main

3 Assembly Language LAB Lab Work: Assemble, Link, and Trace the Execution of Program stack.exe Run the 32-bit Windows Debugger. Open the source file stack.asm. Open a Watch window and watch the variables var1 and var2. Open a Registers window to view the registers. Place the cursor at the beginning of the main procedure and press F7 to start debugging it. Observe the esp register is initialized to 0x18ff88, or to some other value depending on the program or the computer system. The operating system initialized the esp register at the beginning of the program execution. Open a Memory window to view the stack and type 18ff5c as the virtual address as shown below. A smaller value 18ff5c is chosen than 18ff88 because the stack grows downwards. This will allow you to view 48 bytes of the stack (0x88 0x5c = 48 bytes). Notice that the stack is uninitialized and contains junk values. You can change the Display format to Long Hex to view the stack as double words rather than bytes, and resize the window to view one double word (or 4 bytes) per line.

4 Assembly Language LAB Now press F10 to step through the program execution. The first instruction pushad will push all the eight 32-bit general-purpose registers on the stack. Observe that the esp register has changed to 0x18ff68, and that the offsets from 0018ff84 to 0018ff68 have been modified to contain a copy of the register values. Continue pressing F10 and try to anticipate the changes at each step. Check the values of the registers and variables after executing the pop instructions. Defining and Using Procedures A procedure is declared using the PROC and ENDP directives. It must be assigned a name and must end with a return statement. Each program we have written so far contains a procedure called main. As programs become larger, it is important to break them down into procedures to make them more modular and to simplify programming. As an example, let us write a procedure name SumOf that calculates the sum of three 32-bit integers. We will assume that the integers are assigned to EAX, EBX, and ECX before the procedure is called. The procedure returns the sum in EAX: SumOf PROC add eax, ebx add eax, ecx ret SumOf ENDP CALL and RET Instructions The CALL instruction calls a procedure by directing the processor to begin execution at the first instruction inside the procedure. The procedure uses a RET instruction to return from the procedure. This will allow the processor to continue at the instruction that appears just after the CALL instruction where the procedure was called. The CALL instruction works as follows: It pushes a return address on the stack. This is the address of the instruction appearing after the CALL instruction. The return address tells the RET instruction where to return. It modifies the EIP register to contain the address of the called procedure. This is the address of the first instruction inside the called procedure. The processor starts executing the body of the procedure. The RET instruction works as follows: It pops the return address off the stack into the instruction pointer (EIP register). The processor will continue program execution at the instruction that appears after the CALL instruction. Before calling a procedure, you have to pass to it the parameters it expects. For example, the above procedure SumOf expects three parameters in the eax, ebx, and ecx registers: mov eax, 40000h mov ebx, 60000h mov ecx, 80000h call SumOf... ; result is in the EAX register

5 Assembly Language LAB Demonstrating Procedures TITLE Demonstrating Procedures (procedure.asm).686.model flat, stdcall.stack 4096 INCLUDE Irvine32.inc.data.code main PROC mov eax, 8ffffh mov ebx, 12 mov ecx, 5 call sort3 exit main ENDP ; Sorts 3 integers in EAX, EBX, and ECX sort3 PROC cmp eax, ebx jle L1 call swapab L1: cmp eax, ecx jle L2 call swapac L2: cmp ebx, ecx jle L3 call swapbc L3: ret sort3 ENDP ; Swaps the values of the EAX and EBX registers swapab PROC Push eax Push ebx Pop eax Pop ebx ret swapab ENDP ; Swaps the values of the EAX and ECX registers swapac PROC Push eax Push ecx Pop eax Pop ecx ret swapac ENDP

6 Assembly Language LAB ; Swaps the values of the EBX and ECX registers swapbc PROC Push ebx Push ecx Pop ebx Pop ecx ret swapbc ENDP END main The above program demonstrates the definition and use of procedures in a program. It has five procedures: main, sort3, swapab, swapac, and swapbc. Program execution starts in the main procedure. The main procedure calls the sort3 procedure, which calls the swapab, swapac, and swapbc procedures, to sort the EAX, EBX, and ECX registers in ascending order. You will now trace the execution of the above program to understand procedure call and return, and how the return address is saved on the stack. Lab Work: Assemble, Link, and Trace the Execution of procedure.exe Run the 32-bit Windows Debugger. Open the source file procedure.asm. Open a Register window and view the registers esp, eax, ebx, ecx, and eip. The eip register is very important here because it contains the address the next instruction to be executed. Place the cursor at the beginning of the main procedure and press F7 to start debugging it. Observe that the esp register is initialized to 18ff88 (hexadecimal) by the operating system. Open a Memory window to view the stack and type 18ff68 as the virtual address as shown below. Change the Display format to Long Hex to view the stack as double words rather than bytes, and resize the window to view 2 double words (or 8 bytes) per line. At the call sort3 instruction, press F8 to step into the procedure call. This will take you to the beginning of the sort3 procedure. If you press F10 at call sort3, the debugger will execute and return from procedure sort3, without showing you the details of the procedure call and return. Therefore, you should use the F8 key to trace procedure calls and returns. The call instruction will push the return address on the stack, and the ret instruction will pop it off the stack.

7 Assembly Language LAB Lab Exercise 1. Write a program that finds the maximum of 3 Integers in array: array DWORD 1,2,-3 Write a procedure that finds the Signed integer and another procedure that finds the Unsigned integer. The output should be: Maximum Signed Integer = +2 Maximum Unsigned Integer = 4294967293 Best Wishes

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback