1 introduction to x86 assembly, part ii or “what does my laptop actually do?” ymir vigfusson...

1

Introduction to x86 Assembly, part IIor “What does my laptop actually do?”

Ymir Vigfusson

Some slides gracefully borrowed from 18-213@CMU

2

Review Example

int logical(int x, int y){ int t1 = x^y; int t2 = t1 >> 17; int mask = (1<<13) - 7; int rval = t2 & mask; return rval;}


logical:pushl %ebpmovl %esp,%ebp

movl 12(%ebp),%eaxxorl 8(%ebp),%eaxsarl $17,%eaxandl $8185,%eax

popl %ebpret

Body

SetUp

Finish

movl 12(%ebp),%eax # eax = yxorl 8(%ebp),%eax # eax = x^y (t1)sarl $17,%eax # eax = t1>>17 (t2)andl $8185,%eax # eax = t2 & mask (rval)

3

Review Example





popl %ebpret

Body

SetUp

Finish


4

Review Example





popl %ebpret

Body

SetUp

Finish


5

Review Example





popl %ebpret

Body

SetUp

Finish


213 = 8192, 213 – 7 = 8185213 = 8192, 213 – 7 = 8185

6

Control: Condition codes

7

Processor State (IA32, Partial) Information

about currently executing program Temporary data

( %eax, … ) Location of runtime stack

( %ebp,%esp ) Location of current code

control point( %eip, … )

Status of recent tests( CF, ZF, SF, OF )

%eip

General purposeregisters

Current stack top

Current stack frame

Instruction pointer

CF ZF SF OF Condition codes

%eax

%ecx

%edx

%ebx

%esi

%edi

%esp

%ebp

8

Condition Codes (Implicit Setting)

Single bit registersCF Carry Flag (for unsigned) SF Sign Flag (for signed)ZF Zero Flag OF Overflow Flag (for signed)

Implicitly set (think of it as side effect) by arithmetic operationsExample: addl/addq Src,Dest ↔ t = a+bCF set if carry out from most significant bit (unsigned overflow)ZF set if t == 0SF set if t < 0 (as signed)OF set if two’s-complement (signed) overflow(a>0 && b>0 && t<0) || (a<0 && b<0 && t>=0)

Not set by lea instruction

9

Condition Codes (Explicit Setting: Compare)

Explicit Setting by Compare Instructioncmpl Src2, Src1cmpl b,a like computing a-b without setting destination

CF set if carry out from most significant bit (used for unsigned comparisons)ZF set if a == bSF set if (a-b) < 0 (as signed)OF set if two’s-complement (signed) overflow(a>0 && b<0 && (a-b)<0) || (a<0 && b>0 && (a-b)>0)

10

Condition Codes (Explicit Setting: Test)

Explicit Setting by Test instructiontestl Src2, Src1testl b,a like computing a&b without setting destination

Sets condition codes based on value of Src1 & Src2Useful to have one of the operands be a mask

ZF set when a&b == 0SF set when a&b < 0

11

Reading Condition Codes SetX Instructions

Set single byte based on combinations of condition codes

SetX Condition Descriptionsete ZF Equal / Zerosetne ~ZF Not Equal / Not Zerosets SF Negativesetns ~SF Nonnegativesetg ~(SFÔF)&~ZF Greater (Signed)

setge ~(SFÔF) Greater or Equal (Signed)

setl (SFÔF) Less (Signed)setle (SFÔF)|ZF Less or Equal (Signed)seta ~CF&~ZF Above (unsigned)setb CF Below (unsigned)

12

movl 12(%ebp),%eax # eax = ycmpl %eax,8(%ebp) # Compare x : ysetg %al # al = x > ymovzbl %al,%eax # Zero rest of %eax

Reading Condition Codes (Cont.)

SetX Instructions: Set single byte based on combination of condition

codes One of 8 addressable byte

registers Does not alter remaining 3 bytes Typically use movzbl to finish jobint gt (int x, int y){ return x > y;}

int gt (int x, int y){ return x > y;}

Body

%eax %ah %al

%ecx %ch %cl

%edx %dh %dl

%ebx %bh %bl

%esi

%edi

%esp

%ebp

13

Conditional branches and moves

14

Jumping jX Instructions

Jump to different part of code depending on condition codes

jX Condition Descriptionjmp 1 Unconditional

je ZF Equal / Zero

jne ~ZF Not Equal / Not Zero

js SF Negative

jns ~SF Nonnegative

jg ~(SFÔF)&~ZF Greater (Signed)

jge ~(SFÔF) Greater or Equal (Signed)

jl (SFÔF) Less (Signed)

jle (SFÔF)|ZF Less or Equal (Signed)

ja ~CF&~ZF Above (unsigned)

jb CF Below (unsigned)

15

Conditional Branch Example

int absdiff(int x, int y){ int result; if (x > y) { result = x-y; } else { result = y-x; } return result;}

int absdiff(int x, int y){ int result; if (x > y) { result = x-y; } else { result = y-x; } return result;}

absdiff:pushl %ebpmovl %esp, %ebpmovl 8(%ebp), %edxmovl 12(%ebp), %eaxcmpl %eax, %edxjle .L6subl %eax, %edxmovl %edx, %eaxjmp .L7

.L6:subl %edx, %eax

.L7:popl %ebpret

Body1

Setup

Finish

Body2b

Body2a

16

Conditional Branch Example (Cont.)int goto_ad(int x, int y){ int result; if (x <= y) goto Else; result = x-y; goto Exit;Else: result = y-x;Exit: return result;}

int goto_ad(int x, int y){ int result; if (x <= y) goto Else; result = x-y; goto Exit;Else: result = y-x;Exit: return result;}

C allows “goto” as means of transferring control Closer to machine-level

programming style Generally

considered bad coding style


.L6:subl %edx, %eax

.L7:popl %ebpret

Body1

Setup

Finish

Body2b

Body2a

17

GO TO statements considered harmful

18




.L6:subl %edx, %eax

.L7:popl %ebpret

Body1

Setup

Finish

Body2b

Body2a

19




.L6:subl %edx, %eax

.L7:popl %ebpret

Body1

Setup

Finish

Body2b

Body2a

20




.L6:subl %edx, %eax

.L7:popl %ebpret

Body1

Setup

Finish

Body2b

Body2a

21

Loops

22

C Codeint pcount_do(unsigned x) { int result = 0; do { result += x & 0x1; x >>= 1; } while (x); return result;}

int pcount_do(unsigned x) { int result = 0; do { result += x & 0x1; x >>= 1; } while (x); return result;}

Goto Versionint pcount_do(unsigned x){ int result = 0;loop: result += x & 0x1; x >>= 1; if (x) goto loop; return result;}

int pcount_do(unsigned x){ int result = 0;loop: result += x & 0x1; x >>= 1; if (x) goto loop; return result;}

“Do-While” Loop Example

Count number of 1’s in argument x (“popcount”)

Use conditional branch to either continue looping or to exit loop

23

Goto Version“Do-While” Loop Compilation

Registers:%edx x%ecx result

movl $0, %ecx # result = 0.L2: # loop:

movl %edx, %eaxandl $1, %eax # t = x & 1addl %eax, %ecx # result += tshrl %edx # x >>= 1jne .L2 # If !0, goto loop

int pcount_do(unsigned x) { int result = 0;loop: result += x & 0x1; x >>= 1; if (x) goto loop; return result;}

int pcount_do(unsigned x) { int result = 0;loop: result += x & 0x1; x >>= 1; if (x) goto loop; return result;}

24

C Code

do Body while (Test);

do Body while (Test);

Goto Version

loop: Body if (Test) goto loop

loop: Body if (Test) goto loop

General “Do-While” Translation

Body:

Test returns integer = 0 interpreted as false ≠ 0 interpreted as true

{ Statement1; Statement2; … Statementn;}

25

C Code Goto Version

“While” Loop Example

Is this code equivalent to the do-while version? Must jump out of loop if test fails

int pcount_while(unsigned x) { int result = 0; while (x) { result += x & 0x1; x >>= 1; } return result;}

int pcount_while(unsigned x) { int result = 0; while (x) { result += x & 0x1; x >>= 1; } return result;}

int pcount_do(unsigned x) { int result = 0; if (!x) goto done;loop: result += x & 0x1; x >>= 1; if (x) goto loop;done: return result;}

int pcount_do(unsigned x) { int result = 0; if (!x) goto done;loop: result += x & 0x1; x >>= 1; if (x) goto loop;done: return result;}

26

While version

while (Test) Bodywhile (Test) Body

Do-While Version

if (!Test) goto done; do Body while(Test);done:

if (!Test) goto done; do Body while(Test);done:

General “While” Translation

Goto Version

if (!Test) goto done;loop: Body if (Test) goto loop;done:

if (!Test) goto done;loop: Body if (Test) goto loop;done:

27

C Code

“For” Loop Example

Is this code equivalent to other versions?

#define WSIZE 8*sizeof(int)int pcount_for(unsigned x) { int i; int result = 0; for (i = 0; i < WSIZE; i++) { unsigned mask = 1 << i; result += (x & mask) != 0; } return result;}


28

“For” Loop While Loop

for (Init; Test; Update )

Body

For Version

Init;

while (Test ) {

Body

Update;

}

While Version

29

“For” Loop Form


Body

General Form

for (i = 0; i < WSIZE; i++) { unsigned mask = 1 << i; result += (x & mask) != 0; }

for (i = 0; i < WSIZE; i++) { unsigned mask = 1 << i; result += (x & mask) != 0; }

i = 0i = 0

i < WSIZEi < WSIZE

i++i++

{ unsigned mask = 1 << i; result += (x & mask) != 0;}

{ unsigned mask = 1 << i; result += (x & mask) != 0;}

Init

Test

Update

Body

30

“For” Loop … Goto


Body

For Version

Init;

while (Test ) {

Body

Update;

}

While Version

Init; if (!Test) goto done; do Body Update while(Test);done:

Init; if (!Test) goto done; do Body Update while(Test);done:

Init; if (!Test) goto done;loop: Body Update if (Test) goto loop;done:

Init; if (!Test) goto done;loop: Body Update if (Test) goto loop;done:

31

C Code

“For” Loop Conversion Example

Initial test can be optimized away



Goto Version

int pcount_for_gt(unsigned x) { int i; int result = 0; i = 0; if (!(i < WSIZE)) goto done; loop: { unsigned mask = 1 << i; result += (x & mask) != 0; } i++; if (i < WSIZE) goto loop; done: return result;}

int pcount_for_gt(unsigned x) { int i; int result = 0; i = 0; if (!(i < WSIZE)) goto done; loop: { unsigned mask = 1 << i; result += (x & mask) != 0; } i++; if (i < WSIZE) goto loop; done: return result;}

Init

!Test

Body

UpdateTest

32

So what about these arrays?

int a[16];

char *c;c = (char *)malloc(256);

How are arrays actually represented in assembly?

33

Basic Data Types Integral

Stored & operated on in general (integer) registers Signed vs. unsigned depends on instructions used

Intel ASM Bytes Cbyte b 1 [unsigned] charword w 2 [unsigned] shortdouble word l 4 [unsigned] intquad word q 8 [unsigned] long int (x86-64)

Floating Point Stored & operated on in floating point registers

Intel ASM Bytes CSingle s 4 floatDouble l 8 doubleExtended t 10/12/16 long double

34

Array Allocation Basic Principle

T A[L]; Array of data type T and length L Contiguously allocated region of L * sizeof(T) bytes

char string[12];

x x + 12

int val[5];

x x + 4 x + 8 x + 12 x + 16 x + 20

double a[3];

x + 24x x + 8 x + 16

char *p[3];

x x + 8 x + 16 x + 24

x x + 4 x + 8 x + 12

IA32

x86-64

35

Array Access Basic Principle

T A[L]; Array of data type T and length L Identifier A can be used as a pointer to array element 0: Type T*

Reference Type? Value?val[4] int 3val int * xval+1 int * x + 4&val[2] int * x + 8val[5] int ??*(val+1)int 5val + i int * x + 4i

int val[5]; 1 5 2 1 3

x x + 4 x + 8 x + 12 x + 16 x + 20

WATWAT

36

Array Example

Declaration “zip_dig cmu” equivalent to “int cmu[5]” Example arrays were allocated in successive 20 byte blocks

Not guaranteed to happen in general

#define ZLEN 5typedef int zip_dig[ZLEN];

zip_dig cmu = { 1, 5, 2, 1, 3 };zip_dig mit = { 0, 2, 1, 3, 9 };zip_dig ucb = { 9, 4, 7, 2, 0 };

zip_dig cmu; 1 5 2 1 3

16 20 24 28 32 36

zip_dig mit; 0 2 1 3 9

36 40 44 48 52 56

zip_dig ucb; 9 4 7 2 0

56 60 64 68 72 76

37

Array Access - Idea

Array start

4 element array of ints

%edx

%eaxOffset

38

Array Accessing Example

Register %edx contains starting address of array

Register %eax contains array index

Desired digit at 4*%eax + %edx

Use memory reference (%edx,%eax,4)

int get_digit (zip_dig z, int dig){ return z[dig];}

# %edx = z # %eax = dig

movl (%edx,%eax,4),%eax # z[dig]

IA32

zip_dig cmu; 1 5 2 1 3

16 20 24 28 32 36

39

# edx = zmovl $0, %eax # %eax = i

.L4: # loop:addl $1, (%edx,%eax,4) # z[i]++addl $1, %eax # i++cmpl $5, %eax # i:5jne .L4 # if !=, goto loop

Array Loop Example (IA32)

void zincr(zip_dig z) { int i; for (i = 0; i < ZLEN; i++) z[i]++;}

40

Pointer Loop Example (IA32)void zincr_p(zip_dig z) { int *zend = z+ZLEN; do { (*z)++; z++; } while (z != zend); }

void zincr_v(zip_dig z) { void *vz = z; int i = 0; do { (*((int *) (vz+i)))++; i += ISIZE; } while (i != ISIZE*ZLEN);}

# edx = z = vzmovl $0, %eax # i = 0

.L8: # loop:addl $1, (%edx,%eax) # Increment vz+iaddl $4, %eax # i += 4cmpl $20, %eax # Compare i:20jne .L8 # if !=, goto loop

41

How do we fit a 2D matrix into memory?

41

a b c

d e f

g h i

a b c

d e f

g h i

Row-major ordering

Q: How do we find cell (i,j)?WAT

43

Nested Array Example

“zip_dig pgh[4]” equivalent to “int pgh[4][5]” Variable pgh: array of 4 elements, allocated contiguously Each element is an array of 5 int’s, allocated contiguously

Important: “Row-Major” ordering of all elements guaranteed

#define PCOUNT 4zip_dig pgh[PCOUNT] = {{1, 5, 2, 0, 6}, {1, 5, 2, 1, 3 }, {1, 5, 2, 1, 7 }, {1, 5, 2, 2, 1 }};

zip_digpgh[4];

76 96 116 136 156

1 5 2 0 6 1 5 2 1 3 1 5 2 1 7 1 5 2 2 1

44

Multidimensional (Nested) Arrays Declaration

T A[R][C]; 2D array of data type T R rows, C columns Type T element requires K bytes

Array Size R * C * K bytes

Arrangement Row-Major Ordering

A[0][0] A[0][C-1]

A[R-1][0]

• • •

• • • A[R-1][C-1]

•••

•••

int A[R][C];

• • •A[0][0]

A[0]

[C-1]• • •

A[1][0]

A[1]

[C-1]• • •

A[R-1][0]

A[R-1][C-1]

• • •

4*R*C Bytes

a b c

d e f

g h i

45

• • •

Nested Array Row Access Row Vectors

A[i] is array of C elements Each element of type T requires K bytes Starting address A + i * (C * K)

• • •A[i][0]

A[i]

[C-1]

A[i]

• • •A

[R-1][0]

A[R-1][C-1]

A[R-1]

• • •

A

• • •A[0][0]

A[0]

[C-1]

A[0]

A+i*C*4 A+(R-1)*C*4

int A[R][C];

46

Nested Array Row Access Code

Row Vector pgh[index] is array of 5 int’s Starting address pgh+20*index

IA32 Code Computes and returns address Compute as pgh + 4*(index+4*index)

int *get_pgh_zip(int index){ return pgh[index];}

# %eax = indexleal (%eax,%eax,4),%eax # 5 * indexleal pgh(,%eax,4),%eax # pgh + (20 * index)

#define PCOUNT 4zip_dig pgh[PCOUNT] = {{1, 5, 2, 0, 6}, {1, 5, 2, 1, 3 }, {1, 5, 2, 1, 7 }, {1, 5, 2, 2, 1 }};

47

• • •

Nested Array Row Access Array Elements

A[i][j] is element of type T, which requires K bytes Address A + i * (C * K) + j * K = A + (i * C + j)* K

• • • • • •A[i][j]

A[i]

• • •A

[R-1][0]

A[R-1][C-1]

A[R-1]

• • •

A

• • •A[0][0]

A[0]

[C-1]

A[0]

A+i*C*4 A+(R-1)*C*4

int A[R][C];

A+i*C*4+j*4

48

• • •

Nested Array Row Access Array Elements

A[i][j] is element of type T, which requires K bytes Address A + i * (C * K) + j * K = A + (i * C + j)* K

• • • • • •A[i][j]

A[i]

• • •A

[R-1][0]

A[R-1][C-1]

A[R-1]

• • •

A

• • •A[0][0]

A[0]

[C-1]

A[0]

A+i*C*4 A+(R-1)*C*4

int A[R][C];

A+i*C*4+j*4

A[i][j] ==

A + (i*C + j)*K

49

Nested Array Element Access Code

Array Elements pgh[index][dig] is int Address: pgh + 20*index + 4*dig

= pgh + 4*(5*index + dig) IA32 Code

Computes address pgh + 4*((index+4*index)+dig)

int get_pgh_digit (int index, int dig){ return pgh[index][dig];}

movl 8(%ebp), %eax # indexleal (%eax,%eax,4), %eax # 5*indexaddl 12(%ebp), %eax # 5*index+digmovl pgh(,%eax,4), %eax # offset 4*(5*index+dig)

50

struct rec { int a[3]; int i; struct rec *n;};

Structure Allocation

Concept Contiguously-allocated region of memory Refer to members within structure by names Members may be of different types

Memory Layoutia n

0 12 16 20

51


IA32 Assembly# %edx = val# %eax = rmovl %edx, 12(%eax) # Mem[r+12] = val

void set_i(struct rec *r, int val){ r->i = val;}

Structure Access

Accessing Structure Member Pointer indicates first byte of structure Access elements with offsets

ia n

0 12 16 20

r+12r

52

movl 12(%ebp), %eax # Get idxsall $2, %eax # idx*4addl 8(%ebp), %eax # r+idx*4

int *get_ap (struct rec *r, int idx){ return &r->a[idx];}

Generating Pointer to Structure Member

Generating Pointer to Array Element Offset of each structure

member determined at compile time

Arguments Mem[%ebp+8]: r Mem[%ebp+12]: idx

r+idx*4r

ia n

0 12 16 20


1 introduction to x86 assembly, part ii or “what does my laptop actually do?” ymir vigfusson...

Documents