in1211/04-pds 1 tu-delft ia-32. in1211/04-pds 2 tu-delft ia family l ia (intel architecture) is a...
TRANSCRIPT
In1211/04-PDS 1TU-Delft
IA-32
In1211/04-PDS 2TU-Delft
IA family IA (Intel Architecture) is a family of processors
- 80386 (1985), 80486 (1989), - Pentium-line (1993-2000)
Each processor has the same architecture, but different organization- same instruction set- different performance levels
32-bit memory addresses and variable length instructions
Very large instruction set (not really RISC)
In1211/04-PDS 3TU-Delft
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
In1211/04-PDS 4TU-Delft
Other Example: PowerPC
Floating-pointunit
Integer unit
Instruction unit
instructions instructions
Cache
main memory
In1211/04-PDS 5TU-Delft
Floorplan PowerPC
In1211/04-PDS 6TU-Delft
FPU
DataCache
Instr.Cache
Registers
MMU
Load/Store
Unit
In1211/04-PDS 7TU-Delft
IA register structure
FP0
FP7
floating -pointregisters
R0
R7
general- purpose registers
In1211/04-PDS 8TU-Delft
Special registers
Code Segment CSStack Segment SS
DSESFSGS
Data Segments
In1211/04-PDS 9TU-Delft
Status Register
OF IF
31 13 12 11 0
Status Register
CFTF SF ZF
6 7 8 9
CFCarry
ZFZero
SFSign
IOPL I/O privilege level
OF Overflow
IF Interrupt enable
IOPL
In1211/04-PDS 10TU-Delft
Addressable data units
byte 3 byte 0
31 0 Bit
Byte
Doubleword 0
In1211/04-PDS 11TU-Delft
Memory Memory is byte addressable Doublewords can start at any byte location Data Operands are 8 or 32 bits wide Mode is little-endian scheme (cf big-endian
PowerPC)
In1211/04-PDS 12TU-Delft
Register Naming
R0 EAXR1 ECXR2 EDXR3 EBX
R4 ESPR5 EBPR6 ESIR7 EDI
EIPEFLAGS
Data registers
Pointer registers
Index registers
Instruction PointerStatus Register
In1211/04-PDS 13TU-Delft
Instructions Variable length instructions 1-12 bytes Five type of instructions
- Copy instructions (MOV)- Arithmetic and logic instructions- Flow control- Processor control instructions- I/O instructions
Format: INSTR Rdst,Rsrc
In1211/04-PDS 14TU-Delft
Instruction Format
Opcode Addressing Displacement Immediate
1 or 2 bytes 1 or 2 bytes 1 or 4 bytes 1 or 4 bytes
In1211/04-PDS 15TU-Delft
Addressing modes Many addressing modes:
- Immediate value- Direct M(value)- Register [reg]- Register Indirect M([reg])- Base with displacement M([reg]) +Disp- Index with displacement M([reg]S +Disp) - Base with index M([reg]+[reg]S)- Base with index and M([reg]+[reg]S+Disp)
displacement
S=1,2,4 or 8 Disp= 8 or 32-bit signed number
In1211/04-PDS 16TU-Delft
Immediate and Direct Immediate
MOV EAX, 25 [EAX] #25MOV EAX, 3FA00H [EAX] # 3FA00H
DirectMOV EAX, loc [EAX] M(loc)orMOV EAX, [loc] [EAX] M(loc)
In1211/04-PDS 17TU-Delft
Register indirect Register
MOV EBX,OFFSET loc [EBX] #locorLEA EBX,loc [EBX] #loc
Register indirectMOV EAX,[EBX] [EAX] M(EBX)
In1211/04-PDS 18TU-Delft
Base with Index and Displacement MOV EAX,[EBP+ESI*4+200]
EAX M([EBP] + [ESI]*4 + #200)
Operand
1000
40
EBP
ESI
1000
1200
1360
In1211/04-PDS 19TU-Delft
Arithmetic instructions May have one or two operands
ADD dst,scr
meaning
[dst] [dst] + [src]
In1211/04-PDS 20TU-Delft
Summation example
LEA EBX, NUM1 [EBX] #NUM1MOV ECX, N [EXC] M(N)MOV EAX, 0 [EAX] #0MOV EDI, 0 [EDI] #0
L: ADD EAX, [EBX+EDI*4] Add next number to EAXINC EDI [EDI] [EDI] +1DEC ECX [ECX] [ECX] -1JG L Branch if [ECX]>0MOV SUM, EAX M(SUM) [EAX]
In1211/04-PDS 21TU-Delft
Flow control Two basic branch instructions: JMP [loc] Branch unconditionally
JG, JZ, JS, etc Branch if condition is satisfied
In1211/04-PDS 22TU-Delft
Compare Used to compare values and leave register
contents unchanged
CMP dst, src [dst] - [src]
In1211/04-PDS 23TU-Delft
Sorting example
int[] listarray = new list[n];int temp;for(j=n-1, j>0, j--){
for(k=j-1, k>=0, k--){if(list[j] > list[k]) {
temp = list[k];list[k] = list[j];list[j] = temp;
}}
}
In1211/04-PDS 24TU-Delft
Assembler codeLEA EAX, list [EAX] #listMOV EDI, N [EDI] nDEC EDI [EDI] n-1 init(j)
outer: MOV ECX, EDI [ECX] jDEC ECX [ECX] j-1 init (k)MOV DL, [EAX+EDI] load list(j) into DL
inner: CMP [EAX+ECX], DL compare list(k) to list(j)JLE next if list(j) >= list(k)XCNG [EAX+ECX], DL swapMOV [EAX+ECX], DL new list(j) in DL
next: DEC ECX decrement kJGE inner repeat or terminate DEC EDI decrement jJGE outer repeat or terminate
In1211/04-PDS 25TU-Delft
Question Why is this assembler program an incorrect
translation of the Java program?
In1211/04-PDS 26TU-Delft
Subroutines CALL sub [EIP] #sub Return address is saved in on stack (ESP
register)
Return is RET [EIP] [EDI]
In1211/04-PDS 27TU-Delft
Stack instructions ESP register is used as stack pointer PUSH src [ESP] [ESP] - #4
M([ESP]) [src] POP dst [dst] M([ESP])
[ESP] [ESP] + #4
PUSHAD (POPAD): push (pop) all 8 registers on (from) stack
In1211/04-PDS 28TU-Delft
Stack frames....
PUSH N Parameter n on stack2000 CALL Sub1 Call subroutine at 2400...........
10052
2400
EDI
EPI 10052
Sub1 starts at address 2400
Stack Pointer
Stack
In1211/04-PDS 29TU-Delft
Subroutine Sub1Sub1: PUSH EDA Save EDA
PUSH EDB Save EDBMOV EDA, [EDI + 12] n to EDADEC EDA....PUSH EDA Load n-1 on stack
L: CALL Sub2 Call subroutinePOP N Put result in M(N)POP EDB Restore EDAPOP EDA Restore EDBRET return
In1211/04-PDS 30TU-Delft
Stack frame in Sub1
EDB
EDA
Return Address
n
10036
?
EDI
EIP 10052
Stack frame at arrow previous slide
10036
In1211/04-PDS 31TU-Delft
Question What is the value op EIP?
In1211/04-PDS 32TU-Delft
Subroutine Sub12400 PUSH EDA Save EDA
PUSH EDB Save EDBMOV EDA, [EDI + 12] n to EDADEC EDA....PUSH EDA Load n-1 on stack
L: CALL Sub2 Call subroutinePOP N Put result in M(N)POP EDB Restore EDAPOP EDA Restore EDBRET return
In1211/04-PDS 33TU-Delft
Stack frame in Sub1Stack frame at arrow previous slide
[EDB]
[EDA]
Return Address
n
10036
?EIP 10052
10036
n-1EDA
EIP
In1211/04-PDS 34TU-Delft
Subroutine Sub12400 PUSH EDA Save EDA
PUSH EDB Save EDBMOV EDA, [EDI + 12] n to EDADEC EDA....PUSH EDA Load n-1 on stack
L: CALL Sub2 Call subroutinePOP N Put result in M(N)POP EDB Restore EDAPOP EDA Restore EDBRET return
In1211/04-PDS 35TU-Delft
Stack frame in Sub1Stack frame at arrow previous slide
n-1
[EDB]
[EDA]
Return Address
n
10032
?EIP 10052
10036
n-1EDA
EIP
In1211/04-PDS 36TU-Delft
Subroutine Sub2
Sub2: MOV EDA, [EDI+4]DEC EDAMOV [EDI+4], EDARET
In1211/04-PDS 37TU-Delft
Stack frame in Sub2
Stack frame at arrow previous slide Return Address
n-1
[EDB]
[EDA]
Return Address
n
10028
?EIP 10052
10036
n-2EDA
EIP
In1211/04-PDS 38TU-Delft
Subroutine Sub2
Sub2: POP EDADEC EDAPUSH EDARET return
Sub2: MOV EDA, [EDI+4]DEC EDAMOV [EDI+4], EDARET
In1211/04-PDS 39TU-Delft
Stack frame in Sub2
Stack frame at arrow previous slide Return Address
n-2
[EDB]
[EDA]
Return Address
n
10028
?EIP 10052
10036
n-2EDA
EIP