Review addressing modes

Similar documents
Processor state. Information about currently executing program. %rax, %rdi, ... %r14 %r15. %rsp. %rip CF ZF SF OF. Temporary data

Computer Systems C S Cynthia Lee

Assembly Language II: Addressing Modes & Control Flow

x86-64 Programming II

x86 Programming II CSE 351 Winter

CSC 8400: Computer Systems. Machine-Level Representation of Programs

Assembly Programming III

CSC 2400: Computer Systems. Towards the Hardware: Machine-Level Representation of Programs

Sungkyunkwan University

CSE 351 Midterm - Winter 2015 Solutions

The Hardware/Software Interface CSE351 Spring 2013

x86 64 Programming II

CS429: Computer Organization and Architecture

Machine Level Programming: Control

X86 Addressing Modes Chapter 3" Review: Instructions to Recognize"

L09: Assembly Programming III. Assembly Programming III. CSE 351 Spring Guest Lecturer: Justin Hsia. Instructor: Ruth Anderson

CSE 351 Midterm - Winter 2015

Machine-Level Programming (2)

Assembly II: Control Flow. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

Assembly II: Control Flow

CSCI 2021: x86-64 Control Flow

Control flow (1) Condition codes Conditional and unconditional jumps Loops Conditional moves Switch statements

Program Exploitation Intro

CSE 351 Midterm Exam

CSE 351 Midterm - Winter 2017

Machine Language CS 3330 Samira Khan

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2017 Lecture 5

CS 33. Machine Programming (2) CS33 Intro to Computer Systems XII 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.

Intel x86 Jump Instructions. Part 5. JMP address. Operations: Program Flow Control. Operations: Program Flow Control.

Assembly Language: Part 2

Machine-Level Programming II: Control

Machine-Level Programming II: Control

CS367. Program Control

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2017 Lecture 12

How Software Executes

Process Layout and Function Calls

Do not turn the page until 5:10.

CS356 Unit 5. Translation to Assembly. Translating HLL to Assembly ASSEMBLY TRANSLATION EXAMPLE. x86 Control Flow

Princeton University Computer Science 217: Introduction to Programming Systems. Assembly Language: Part 2

Second Part of the Course

CS 261 Fall Mike Lam, Professor. x86-64 Control Flow

Intel x86 Jump Instructions. Part 5. JMP address. Operations: Program Flow Control. Operations: Program Flow Control.

CS 261 Fall Mike Lam, Professor. x86-64 Control Flow

Machine- Level Representa2on: Procedure

Credits and Disclaimers

CSE351 Spring 2018, Midterm Exam April 27, 2018

Machine-Level Programming II: Control Flow

CS , Fall 2007 Exam 1

Computer Systems C S Cynthia Lee

Credits to Randy Bryant & Dave O Hallaron

5.1. CS356 Unit 5. x86 Control Flow

Machine-Level Programming II: Control

Machine Level Programming II: Arithmetic &Control

CSC 252: Computer Organization Spring 2018: Lecture 6

Machine-Level Programming II: Arithmetic & Control /18-243: Introduction to Computer Systems 6th Lecture, 5 June 2012

Assembly Language: IA-32 Instructions

Carnegie Mellon. Bryant and O Hallaron, Computer Systems: A Programmer s Perspective, Third Edition

CS 31: Intro to Systems ISAs and Assembly. Kevin Webb Swarthmore College February 9, 2016

Areas for growth: I love feedback

CS 31: Intro to Systems ISAs and Assembly. Kevin Webb Swarthmore College September 25, 2018

Machine- Level Programming II: Arithme6c & Control

Branching and Looping

Assembly II: Control Flow. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

System Programming and Computer Architecture (Fall 2009)

x86-64 Programming III

Intel x86-64 and Y86-64 Instruction Set Architecture

Machine-Level Programming II: Arithmetic & Control. Complete Memory Addressing Modes

Credits and Disclaimers

Lecture 3 CIS 341: COMPILERS

Assembly Programming IV

Where We Are. Optimizations. Assembly code. generation. Lexical, Syntax, and Semantic Analysis IR Generation. Low-level IR code.

An Introduction to x86 ASM

Machine-Level Programming II: Control and Arithmetic

Computer Architecture and System Programming Laboratory. TA Session 3

CS 33. Machine Programming (2) CS33 Intro to Computer Systems XI 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Do not turn the page until 11:30.

ASSEMBLY II: CONTROL FLOW. Jo, Heeseung

Condition Codes. Lecture 4B Machine-Level Programming II: Control Flow. Setting Condition Codes (cont.) Setting Condition Codes (cont.

Machine Programming 2: Control flow

Towards the Hardware"

CS-220 Spring 2018 Test 2 Version Practice Apr. 23, Name:

Recitation 4: Bomb Lab

Basic Assembly Instructions

CS241 Computer Organization Spring Addresses & Pointers

University of Washington Computer Science & Engineering Winter 2018 Instructor: Mark Wyse March 14, CSE 351 Final Exam. Last Name: First Name:

CS 107. Lecture 13: Assembly Part III. Friday, November 10, Stack "bottom".. Earlier Frames. Frame for calling function P. Increasing address

Chapter 3 Machine-Level Programming II Control Flow

Binghamton University. CS-220 Spring X86 Debug. Computer Systems Section 3.11

CSE 351 Midterm Exam Spring 2016 May 2, 2015

CF Carry Flag SF Sign Flag ZF Zero Flag OF Overflow Flag. ! CF set if carry out from most significant bit. "Used to detect unsigned overflow

x64 Cheat Sheet Fall 2014

Condition Codes The course that gives CMU its Zip! Machine-Level Programming II Control Flow Sept. 13, 2001 Topics

Control flow. Condition codes Conditional and unconditional jumps Loops Switch statements

Ex: Write a piece of code that transfers a block of 256 bytes stored at locations starting at 34000H to locations starting at 36000H. Ans.

CPS104 Recitation: Assembly Programming

x86-64 Programming III & The Stack

CSE 351 Section 4 GDB and x86-64 Assembly Hi there! Welcome back to section, we re happy that you re here

How Software Executes

CS61 Section Solutions 3

administrivia today start assembly probably won t finish all these slides Assignment 4 due tomorrow any questions?

Transcription:

Review addressing modes Op Src Dst Comments movl $0, %rax Register movl $0, 0x605428 Direct address movl $0, (%rcx) Indirect address movl $0, 20(%rsp) Indirect with displacement movl $0, -8(%rdi, %rax, 4) Indirect with scaled-index lea -8(%rdi, %rax, 4), %rax Calculate address, no load/deref "Load effective address" compute target address and stop (no access memory) Used for: pointer math, address of, e.g. p = &arr[i]; simple linear equations, e.g dst = x + k*y k = 1, 2, 4, or 8

CPU registers What are registers? Small set of named "data cubbies" on CPU itself CPU can directly manipulate values in register (reaching out to memory is much slower) 16 general-purpose integer registers Each register stores a 64-bit data value Anything in integer family long, int, char, address, signed/unsigned (floating point registers are separate) Virtual sub-registers %rax -> %eax -> %ax -> %al Some registers have special role Dictated by ISA/convention If/when not in use for special role, register may be used for other purposes Register %rax %rdi %rsi %rdx %rsp %rip %eflags int binky(int arg) Function binky is going to read arg from %edi and write return value to %eax Special role Return value from function 1st argument to function 2nd argument to function 3rd argument to function Stack pointer Instruction pointer Processor status/condition cod... see full list in x86 guide on web site

Two operand instructions Sample ALU instructions add src, dst dst = dst + src sub src, dst dst = dst - src imul src, dst dst = dst * src and src, dst dst = dst & src xor src, dst dst = dst ^ src sal count, dst dst = dst << count sar count, dst dst = dst >> count One operand instructions neg dst dst = -dst not dst dst = ~dst No distinction between signed/unsigned operands why?

Compiler explorer Fun tool to interactively examine C->asm translation! https://godbolt.org

Program execution What does it mean for a program to execute? Instructions loaded into memory Stack configured (more on that later ) %rip stores address of current instruction, proceeds sequentially program code entered at main function 00000000004004d6 <loop>: 4004d6: 8b 07 mov (%rdi),%eax 4004d8: 83 c0 01 add $0x1,%eax 4004db: 89 07 mov %eax,(%rdi) 4004dd: eb f7 jmp 4004d6 <loop> 4004de: 4004dd: 4004dc: 4004db: 4004da: 4004d9: 4004d8: 4004d7: 4004d6: f7 eb 07 89 01 c0 83 07 8b jmp mov add mov jmp is akin to mov <target>, %rip (not valid to directly access %rip in this way though ) %rip

Processor state Information about currently executing program Temporary data %rax, %rdi, current parameters, local variables Location of runtime stack %rsp Location of current instruction %rip Status of recent operation CF ZF SF OF %rax %rdi... %r14 %r15 %rsp %rip CF ZF SF OF %eflags General purpose registers Stack pointer Instruction pointer Condition codes

Control flow Controlling flow Instructions proceed sequentially by default Jmp instruction changes %rip (unconditionally) if/loops/switch need a conditional jmp "branch" cmp $0x9, %eax je target Branch is 2-step process 1. Previous instruction writes condition codes Codes report whether operation resulted in zero, overflow, etc 2. Branch instruction reads condition codes Whether takes branch or falls through depends on state of condition codes CF ZF SF OF %eflags Test result is "passed" through %eflags register

Op Condition codes Comments cmp op1, op2 Computes op2-op1, discard result, set condition codes test op1, op2 Computes op2&op1, discard result, set condition codes sub op1, op2 op 2 = op2-op1, set condition codes add op1, op2 op2 = op2+op1, set condition codes %eflags register used as set of boolean values ZF = zero flag SF = sign flag CF = carry flag, unsigned overflow (out of MSB) OF = overflow flag, signed overflow (into MSB) Codes explicitly set by cmp/test, implicitly set by many instructions Codes read by jx instructions

Example branch instructions Examples: Op Description Condition jmp unconditional je equal/zero ZF=1 jne not equal/not zero ZF=0 js negative SF=1 jl less (signed) SF!=OF jle less or equal (signed) SF!=OF or ZF=1 jb below (unsigned) CF=1 Assume previous instruction was cmp op1, op2. Computed "result" op2-op1 je: Jump if ZF is 1 result op2-op1 is zero means op1 is equal to op2 jl: Jump if SF!= 0F result op2-op1 is negative means op2 is less than op1 other case: if result ended up positive due to overflow, op2 is also less than op1

If/then int if_then(int arg) { if (arg == 6) arg++; arg *= 35; return arg + 7; } 4004d6: cmp $0x6,%edi 4004d9: jne 4004de <if_then+0x8> 4004db: add $0x1,%edi 4004de: imul $0x23,%edi,%edi 4004e1: lea 0x7(%rdi),%eax 4004e4: retq Consider: How does assembly change if test on line 1 is: arg == 9? arg <= 6? What if put line 3 inside else clause? (test? expr : expr) Can be implemented by similar if/else assembly sequence

Loops int for_loop(int n) { int sum = 0; for (int i = 0; i < n; i++) sum += i; return sum; } 400504: mov $0x0,%edx 400509: mov $0x0,%eax 40050e: jmp 400515 <for_loop+0x11> 400510: add %edx,%eax 400512: add $0x1,%edx 400515: cmp %edi,%edx 400517: jl 400510 <for_loop+0xc> 400519: repz retq Translation re-arranged from what you might expect First iteration jumps over body to get to test/branch why?

Objdump Assembly tools Extracts code from compiled executable, displays instructions in assembly myth51> objdump d myprogram Gdb Can debug at source or assembly level! Single step by instruction, read/write register values (gdb) disassemble main (gdb) info reg (gdb) layout split Compiler explorer https://godbolt.org/g/nyuqky References on web site http://cs107.stanford.edu/guide/x86-64.html http://cs107.stanford.edu/resources/onepage_x86-64.pdf

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback