Professional Documents
Culture Documents
计算机系统基础05
¢ Evolutionary design
§ Backwards compatible up until 8086, introduced in 1978
§ Added more features as time goes on
¢ Added Features
§ Instructions to support multimedia operations
§ Instructions to enable more efficient conditional operations
§ Transition from 32 bits to 64 bits
§ More cores
Bryant and O’Hallaron, Computer Systems: A Programmer’s Perspective, Third Edition 5
Carnegie Mellon
Our Coverage
¢ IA32
§ The traditional x86
¢ x86-64
§ The standard
§ bupt1> gcc hello.c
¢ Presentation
§ Book covers x86-64
§ Web aside on IA32
§ We will only cover x86-64
Levels of Abstraction
C programmer
C code
Nice clean layers,
but beware…
Assembly programmer
Computer Designer
Definitions
¢ Architecture: (also ISA: instruction set architecture) The
parts of a processor design that one needs to understand
for writing correct machine/assembly code
§ Examples: instruction set specification, registers
¢ Example ISAs:
§ Intel: x86, IA32, Itanium, x86-64
§ ARM: Used in almost all mobile phones
§ RISC V: New open-source ISA
Bryant and O’Hallaron, Computer Systems: A Programmer’s Perspective, Third Edition 13
Carnegie Mellon
Programmer-Visible State
§ PC: Program counter § Memory
§ Byte addressable array
§ Address of next instruction
§ Code and user data
§ Called “RIP” (x86-64)
§ Stack to support procedures
§ Register file
§ Heavily used program data
§ Condition codes
§ Store status information about most
recent arithmetic or logical operation
§ Used for conditional branching
Bryant and O’Hallaron, Computer Systems: A Programmer’s Perspective, Third Edition 14
Carnegie Mellon
source
%esi %si index
destination
%edi %di index
stack
%esp %sp pointer
base
%ebp %bp
pointer
¢ Transfer control
§ Unconditional jumps to/from procedures
§ Conditional branches
§ Indirect branches
movq (%rcx),%rax
movq 8(%rbp),%rdx
%rsi
%rdi
void swap
(long *xp, long *yp)
{ swap:
long t0 = *xp; movq (%rdi), %rax
long t1 = *yp; movq (%rsi), %rdx
*xp = t1; movq %rdx, (%rdi)
*yp = t0; movq %rax, (%rsi)
} ret
Understanding Swap()
Memory
void swap Registers
(long *xp, long *yp)
{ %rdi
long t0 = *xp;
%rsi
long t1 = *yp;
*xp = t1; %rax
*yp = t0;
} %rdx
Register Value
%rdi xp
%rsi yp swap:
%rax t0 movq (%rdi), %rax # t0 = *xp
%rdx t1 movq (%rsi), %rdx # t1 = *yp
movq %rdx, (%rdi) # *xp = t1
movq %rax, (%rsi) # *yp = t0
ret
Bryant and O’Hallaron, Computer Systems: A Programmer’s Perspective, Third Edition 24
Carnegie Mellon
Understanding Swap()
Memory
Registers Address
123 0x120
%rdi 0x120
0x118
%rsi 0x100
0x110
%rax 0x108
%rdx 456 0x100
swap:
movq (%rdi), %rax # t0 = *xp
movq (%rsi), %rdx # t1 = *yp
movq %rdx, (%rdi) # *xp = t1
movq %rax, (%rsi) # *yp = t0
ret
Understanding Swap()
Memory
Registers Address
123 0x120
%rdi 0x120
0x118
%rsi 0x100
0x110
%rax 123 0x108
%rdx 456 0x100
swap:
movq (%rdi), %rax # t0 = *xp
movq (%rsi), %rdx # t1 = *yp
movq %rdx, (%rdi) # *xp = t1
movq %rax, (%rsi) # *yp = t0
ret
Understanding Swap()
Memory
Registers Address
123 0x120
%rdi 0x120
0x118
%rsi 0x100
0x110
%rax 123 0x108
%rdx 456 456 0x100
swap:
movq (%rdi), %rax # t0 = *xp
movq (%rsi), %rdx # t1 = *yp
movq %rdx, (%rdi) # *xp = t1
movq %rax, (%rsi) # *yp = t0
ret
Understanding Swap()
Memory
Registers Address
456 0x120
%rdi 0x120
0x118
%rsi 0x100
0x110
%rax 123 0x108
%rdx 456 456 0x100
swap:
movq (%rdi), %rax # t0 = *xp
movq (%rsi), %rdx # t1 = *yp
movq %rdx, (%rdi) # *xp = t1
movq %rax, (%rsi) # *yp = t0
ret
Understanding Swap()
Memory
Registers Address
456 0x120
%rdi 0x120
0x118
%rsi 0x100
0x110
%rax 123 0x108
%rdx 456 123 0x100
swap:
movq (%rdi), %rax # t0 = *xp
movq (%rsi), %rdx # t1 = *yp
movq %rdx, (%rdi) # *xp = t1
movq %rax, (%rsi) # *yp = t0
ret
movq (%rcx),%rax
movq 8(%rbp),%rdx
¢ Special Cases
(Rb,Ri) Mem[Reg[Rb]+Reg[Ri]]
D(Rb,Ri) Mem[Reg[Rb]+Reg[Ri]+D]
(Rb,Ri,S) Mem[Reg[Rb]+S*Reg[Ri]]
%rcx 0x0100
%rcx 0x0100
¢ Uses
§ Computing addresses without a memory reference
E.g., translation of p = &x[i];
§
§ Computing arithmetic expressions of the form x + k*y
§ k = 1, 2, 4, or 8
¢ Example
long m12(long x)
{
Converted to ASM by compiler:
return x*12; leaq (%rdi,%rdi,2), %rax # t = x+2*x
} salq $2, %rax # return t<<2
¢ Transfer control
§ Unconditional jumps to/from procedures
§ Conditional branches
Object Code
Code for sumstore
¢ Assembler
0x0400595:
0x53 § Translates .s into .o
0x48 § Binary encoding of each instruction
0x89 § Nearly-complete image of executable code
0xd3
0xe8 § Missing linkages between code in different
0xf2 files
0xff ¢ Linker
0xff
0xff § Resolves references between files
• Total of 14 bytes
0x48 § Combines with static run-time libraries
0x89 • Each instruction
E.g., code for malloc, printf
§
0x03 1, 3, or 5 bytes
0x5b • Starts at address
§ Some libraries are dynamically linked
0xc3 0x0400595 § Linking occurs when program begins
execution
¢ Disassembler
objdump –d sum
§ Useful tool for examining object code
§ Analyzes bit pattern of series of instructions
§ Produces approximate rendition of assembly code
§ Can be run on either a.out (complete executable) or .o file
Bryant and O’Hallaron, Computer Systems: A Programmer’s Perspective, Third Edition 49
Carnegie Mellon
Alternate Disassembly
Disassembled
Alternate Disassembly
Disassembled
Object
Code
Dump of assembler code for function sumstore:
0x0400595: 0x0000000000400595 <+0>: push %rbx
0x53 0x0000000000400596 <+1>: mov %rdx,%rbx
0x48 0x0000000000400599 <+4>: callq 0x400590 <plus>
0x89 0x000000000040059e <+9>: mov %rax,(%rbx)
0xd3 0x00000000004005a1 <+12>:pop %rbx
0xe8 0x00000000004005a2 <+13>:retq
0xf2
0xff
0xff
0xff ¢ Within gdb Debugger
0x48 § Disassemble procedure
0x89 gdb sum
0x03
0x5b disassemble sumstore
0xc3 § Examine the 14 bytes starting at sumstore
x/14xb sumstore
Bryant and O’Hallaron, Computer Systems: A Programmer’s Perspective, Third Edition 51
Carnegie Mellon
No symbols in "WINWORD.EXE".
Disassembly of section .text:
30001000 <.text>:
30001000: 55 push %ebp
30001001: 8b ec mov %esp,%ebp
30001003: 6a ff
Reverse engineering
push
forbidden by
$0xffffffff
30001005: 68Microsoft
90 10 00 End User License
30 push Agreement
$0x30001090
3000100a: 68 91 dc 4c 30 push $0x304cdc91
教材阅读
¢ 第3章 3.1-3.5