1 / 36

Machine-Level Programming I: Basics

Machine-Level Programming I: Basics. Slides based on from those of Bryant and O’Hallaron. Machine Programming: Basics. History of Intel processors and architectures C, assembly, machine code Assembly Basics: Registers, operands, move Arithmetic & logical operations.

paley
Télécharger la présentation

Machine-Level Programming I: Basics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Machine-Level Programming I: Basics Slides based on from those of Bryant and O’Hallaron

  2. Machine Programming: Basics • History of Intel processors and architectures • C, assembly, machine code • Assembly Basics: Registers, operands, move • Arithmetic & logical operations

  3. Intel x86 Evolution: Milestones Name Date Transistors MHz • 8086 1978 29K 5-10 • First 16-bit Intel processor. Basis for IBM PC & DOS • 1MB address space • 386 1985 275K 16-33 • First 32 bit Intel processor , referred to as IA32 • Added “flat addressing”, capable of running Unix • Pentium 4E 2004 125M 2800-3800 • First 64-bit Intel x86 processor, referred to as x86-64 • Core 2 2006 291M 1060-3500 • First multi-core Intel processor • Core i7 2008 731M 1700-3900 • Four cores (our shark machines)

  4. Intel x86 Processors, cont. Intel’s first 32-bit processor • Machine Evolution • 8086 1978 0.03M • 38619850.3M • Pentium 1993 3.1M • Pentium/MMX 1997 4.5M • PentiumPro 1995 6.5M • Pentium III 1999 8.2M • Pentium 4 2001 42M • Pentium 4E 2004 125M • Core 2 Duo 2006 291M • Core i7 2008 731M • Core i7 2014 2.6 Billion Intel’s first 64-bit processor Intel’s first multi-core processor

  5. 2015 State of the Art • Core i7 Broadwell 2015 • Desktop Model • 4 cores • Integrated graphics • 3.3-3.8 GHz • 65W • Server Model • 8 cores • Integrated I/O • 2-2.6 GHz • 45W

  6. Machine Programming I: Basics • History of Intel processors and architectures • C, assembly, machine code • Assembly Basics: Registers, operands, move • Arithmetic & logical operations

  7. ISA • ISA(instruction set architecture) is a specification of the machine instructions implemented by a processor • The part of microprocessor design that one needs to understand or write assembly/machine code. • Includes: registers, native data types, addressing modes etc. • Example ISAs: • Intel/AMD: IA32, x86-64 • ARM: Used in almost all mobile phones

  8. (Programmer-Visible) CPU State PC: Program counter Store address of next instruction Called “RIP” (x86-64) Registers Store frequently used program data Condition codes Store status of most recent arithmetic or logical operation Used for conditional branching Memory Byte addressable array Code and user data Machine Code View CPU Memory Addresses Registers Code Data Stack Data PC Condition Codes Instructions

  9. Turning C into Object Code • Compiler transforms statements, expressions, procedures into low-level instruction sequences text C program (p1.c p2.c) Compiler (gcc–Og–c p1.c p2.c) binary Object program (p1.o p2.o) Linker (gccorld) binary Executable program (p)

  10. Compiling Into Assembly sum.s C Code (sum.c) sumstore: pushq%rbx movq%rdx, %rbx call plus movq%rax, (%rbx) popq%rbx ret long plus(long x, long y); void sumstore(long x, long y, long *dest) { long t = plus(x, y); *dest = t; } • To generate sum.s: gcc–Og –S sum.c • To generate sum.o: gcc–Og–c sum.c • Assembly: the human readable form of machine code • sum.s is the human readable version of sum.o

  11. Machine-level programming: Data Types • “Integer” data of 1, 2, 4, or 8 bytes • Data values • Memory Addresses • Floating point data of 4, 8, or 10 bytes • No aggregate types such as arrays or structures

  12. Machine-level programming: Operations • Perform arithmetic function on register or memory data • Transfer data between memory and register • Load data from memory into register • Store register data into memory • Transfer Control • Unconditional jumps • Conditional branches

  13. Machine-level programming: An Example • C Code • Assembly • Move 8-byte value (quad-words) from register %rax to memory • Object Code • 3-byte instruction • Stored at address 0x40059e *dest = t; movq %rax, (%rbx) 0x40059e: 48 89 03

  14. Object Code Code for sum.o • Assembler • Translates .sinto .o • Binary encoding of each instruction • Not executable due to missing linkages between code in different files • Linker • Resolves references between files • Combines with libraries • E.g., code for malloc, printf 0x0400595: 0x53 0x48 0x89 0xd3 0xe8 0xf2 0xff 0xff 0xff 0x48 0x89 0x03 0x5b 0xc3 • Total of 14 bytes • Each instruction 1, 3, or 5 bytes • Starts at address 0x0400595

  15. Disassembling Object Code Disassembled • Disassembler objdump–d sum.o • Produces approximate rendition of assembly code • Can be run on either a.out (complete executable) or .o file 0000000000400595 <sumstore>: 400595: 53 push %rbx 400596: 48 89 d3 mov%rdx,%rbx 400599: e8 f2 ffffffcallq400590 <plus> 40059e: 48 89 03 mov%rax,(%rbx) 4005a1: 5b pop %rbx 4005a2: c3 retq

  16. Alternate Disassembly Disassembled Object • Within gdb Debugger gdbsum disassemble sumstore x/14xb sumstore • Examine the 14 bytes starting at sumstore 0x0400595: 0x53 0x48 0x89 0xd3 0xe8 0xf2 0xff 0xff 0xff 0x48 0x89 0x03 0x5b 0xc3 Dump of assembler code for function sumstore: 0x0000000000400595 <+0>: push %rbx 0x0000000000400596 <+1>: mov%rdx,%rbx 0x0000000000400599 <+4>: callq 0x400590 <plus> 0x000000000040059e <+9>: mov%rax,(%rbx) 0x00000000004005a1 <+12>:pop %rbx 0x00000000004005a2 <+13>:retq

  17. What Can be Disassembled? • Anything can be interpreted as executable code • Disassembler starts at some byte and dissembles one instruction after another • Do not know when instructions stop and when data start • Not an exact science, esp. when code is purposefully obfuscated

  18. Machine Programming: Basics • History of Intel processors and architectures • C, assembly, machine code • Assembly Basics: Registers, operands, move • Arithmetic & logical operations

  19. x86-64 Integer Registers %rax %r8 %eax %r8d • Can reference low-order 4 bytes (also low-order 1 & 2 bytes) %rbx %r9 %ebx %r9d %rcx %r10 %ecx %r10d %rdx %r11 %edx %r11d %rsi %r12 %esi %r12d %rdi %r13 %edi %r13d %rsp %r14 %esp %r14d %rbp %r15 %ebp %r15d

  20. Moving Data • movqSource, Dest • Operand Types • Immediate: Constant integer data • Example: $0x400, $-533 • Encoded with 1, 2, or 4 bytes • Register: One of 16 integer registers • Example: %rax, %r13 • %rspreserved for special use • Some others have special uses for particular instructions • Memory:8 consecutive bytes of memory at address given by register • Various “address modes” • Simplest example: (%rax) Prefixed with $

  21. movqOperand Combinations Cannot do memory-memory transfer with a single instruction Source Dest Src,Dest C Analog Reg movq$0x4,%rax temp = 0x4; Imm Mem movq$-147,(%rax) *p = -147; Reg movq %rax,%rdx temp2 = temp1; movq Reg Mem movq %rax,(%rdx) *p = temp; Mem Reg movq(%rax),%rdx temp = *p;

  22. Simple Memory Addressing Modes • Normal (R) Mem[Reg[R]] • Register R specifies memory address movq(%rcx),%rax • Displacement D(R) Mem[Reg[R]+D] • Register R specifies start of memory region • Constant displacement D specifies offsetmovq8(%rbp),%rdx

  23. Example of Simple Addressing void swap (long *xp, long *yp) { long t0 = *xp; long t1 = *yp; *xp = t1; *yp = t0; } swap: movq (%rdi), %rax movq (%rsi), %rdx movq %rdx, (%rdi) movq %rax, (%rsi) ret

  24. Understanding Swap() Memory Registers Address Value of first argument 0x120 123 %rdi 0x120 0x118 %rsi 0x100 Value of second argument 0x110 %rax 0x108 %rdx 456 0x100 swap: movq (%rdi), %rax # t0 = *xp movq (%rsi), %rdx # t1 = *yp movq %rdx, (%rdi) # *xp = t1 movq %rax, (%rsi) # *yp = t0 ret

  25. Understanding Swap() Memory Registers Address 0x120 123 %rdi 0x120 0x118 %rsi 0x100 0x110 %rax 123 0x108 %rdx 456 0x100 swap: movq (%rdi), %rax # t0 = *xp movq (%rsi), %rdx # t1 = *yp movq %rdx, (%rdi) # *xp = t1 movq %rax, (%rsi) # *yp = t0 ret

  26. Understanding Swap() Memory Registers Address 0x120 123 %rdi 0x120 0x118 %rsi 0x100 0x110 %rax 123 0x108 %rdx 456 456 0x100 swap: movq (%rdi), %rax # t0 = *xp movq (%rsi), %rdx # t1 = *yp movq %rdx, (%rdi) # *xp = t1 movq %rax, (%rsi) # *yp = t0 ret

  27. Understanding Swap() Memory Registers Address 0x120 456 %rdi 0x120 0x118 %rsi 0x100 0x110 %rax 123 0x108 %rdx 456 456 0x100 swap: movq (%rdi), %rax # t0 = *xp movq (%rsi), %rdx # t1 = *yp movq %rdx, (%rdi) # *xp = t1 movq %rax, (%rsi) # *yp = t0 ret

  28. Understanding Swap() Memory Registers Address 0x120 456 %rdi 0x120 0x118 %rsi 0x100 0x110 %rax 123 0x108 %rdx 456 123 0x100 swap: movq (%rdi), %rax # t0 = *xp movq (%rsi), %rdx # t1 = *yp movq %rdx, (%rdi) # *xp = t1 movq %rax, (%rsi) # *yp = t0 ret

  29. Complete Memory Addressing Modes • General Form D(Rb,Ri,S) Mem[Reg[Rb]+S*Reg[Ri]+ D] • D: Constant “displacement” • Rb: Base register: Any of 16 integer registers • Ri: Index register: Any, except for %rsp • S: Scale: 1, 2, 4, or 8 (why these numbers?) • Special Cases (Rb,Ri) Mem[Reg[Rb]+Reg[Ri]] D(Rb,Ri) Mem[Reg[Rb]+Reg[Ri]+D] (Rb,Ri,S) Mem[Reg[Rb]+S*Reg[Ri]]

  30. Carnegie Mellon Address Computation Examples

  31. Machine Programming I: Basics • History of Intel processors and architectures • C, assembly, machine code • Assembly Basics: Registers, operands, move • Arithmetic & logical operations

  32. Carnegie Mellon Address Computation Instruction • leaqSrc, Dst (load effective address) • Set Dstto address denoted by src address mode expression • Uses • Computing addresses without a memory reference • E.g., translation of p = &x[i]; • Computing arithmetic expressions of the form x + k*y • k = 1, 2, 4, or 8 • Example long m3(longx) { return x*3; } Assembly (gcc –Og –S m3.c) leaq(%rdi,%rdi,2), %rax # t =x+x*2

  33. Carnegie Mellon Some Arithmetic Operations • Two Operand Instructions: addqSrc,DestDest = Dest + Src subqSrc,DestDest = DestSrc imulqSrc,DestDest = Dest * Src salqSrc,DestDest = Dest << SrcAlso called shlq sarqSrc,DestDest = Dest >> SrcArithmetic shrqSrc,DestDest = Dest >> SrcLogical xorqSrc,DestDest = Dest ^ Src andqSrc,DestDest = Dest & Src orqSrc,DestDest = Dest | Src • No distinction between signed and unsigned int (why?)

  34. Carnegie Mellon Some Arithmetic Operations • One Operand Instructions incqDestDest = Dest + 1 decqDestDest = Dest1 negqDestDest =  Dest notqDestDest = ~Dest

  35. Carnegie Mellon Arithmetic Expression Example long arith (long x, long y, long z) { long t1 = x+y; long t2 = z+t1; long t3 = x+4; long t4 = y * 48; long t5 = t3 + t4; long rval = t2 * t5; return rval; } rax = t1 leaq (%rdi,%rsi), %rax addq %rdx, %rax leaq (%rsi,%rsi,2), %rdx salq $4, %rdx leaq 4(%rdi,%rdx), %rcx imulq %rcx, %rax ret rax = t2 rdx= 3*y rdx= 48 *y = t4 rcx= x+4+t4 = t5 rax = t2*t5

  36. Machine Programming I: Summary • History of Intel processors and architectures • Evolutionary design leads to many quirks and artifacts • C, assembly, machine code • Low-level machine abstraction: program counter, registers, machine operations ... • Compiler must transform C statements into low-level machine abstraction • Assembly Basics: Registers, operands, move, arithmetic • C compiler will figure out different instruction combinations to carry out computation

More Related