Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | carmel-gaines |
View: | 218 times |
Download: | 1 times |
1
Machine-Level Representation of Programs
Ⅱ
2
Outline
• Data movement
• Data manipulation
• Control structure
• Suggested reading
– Chap 3.4, 3.5, 3.6
3
Indexed Addressing Mode Figure 3.3 P137
• Most general form
– Imm(Eb, Ei, s)
– M[Imm+ R[Eb]+ R[Ei]*s]
– Constant “displacement” Imm: 1, 2, or 4 bytes
– Base register Eb: Any of 8 integer registers
– Index register Ei : Any, except for %esp
– S: Scale: 1, 2, 4, or 8
4
Data Movement Figure 3.4 P139
Instruction Effect Description
movl S, D D S Move double word
movw S, D D S Move word
movb S, D D S Move byte
movsbl S, D D SignedExtend( S) Move sign-extended byte
movzbl S, D D ZeroExtend(S) Move zero-extended byte
pushl S R[%esp] R[%esp]-4M[R[%esp]] S
Push
popl D D M[R[%esp]]R[%esp] R[%esp]+4
Pop
5
Move Instructions
• Format
– movl src, dest
– src and dest can only be one of the following
• Immediate (except dest)
• Register
• Memory
6
Move Instructions
• Format
– The only possible combinations of the (src,
dest) are
• (immediate, register)
• (memory, register) load
• (register, register)
• (immediate, memory) store
• (register, memory) store
7
Data Movement Example P139
movl $0x4050, %eax immediateregister
movl %ebp, %esp registerregister
movl (%edx, %ecx), %eax memoryregister
movl $-17, (%esp) immediatememory
movl %eax, -12(%ebp)register memory
8
Data Movement Example P139
Initial value %dh=8d %eax =98765432
1 movb %dh, %al %eax=9876548d2 movsbl %dh, %eax %eax=ffffff8d
(Move sign-extended byte)3 movzbl %dh, %eax %eax=0000008d
( Move zero-extended byte)
9
Stack operations Figure 3.5 P140
%eax 0x123
%edx 0%esp 0x108 Increasing
address
0x108
Stack “top”
%esp
10
Stack operations
%eax 0x123
%edx 0%esp 0x104
0x104
Stack “top”
0x1230x108
%esp
pushl %eax
11
Stack operations
%eax 0x123
%edx 0x123
%esp 0x104
0x104
Stack “top”
0x123
0x108%esp
popl %edx
12
Data Movement Example P141
int exchange(int *xp, int y)
{
int x = *xp ; /* operator * performs dereferencing */
*xp = y ;
return x ;
}
int a = 4 ;
int b = exchange(&a, 3); /* “address of” operator creates a pointer */
printf(“a = %d, b = %d\n”, a, b);
13
Data Movement Example P142
int exchange(int *xp, int y){
int x = *xp ;
*xp = y ;return x ;
}
1 pushl %ebp
2 movl %esp, %ebp
3 movl 8(%ebp), %eax
4 movl 12(%ebp), %edx
5 movl (%eax), %ecx
6 movl %edx, (%eax)
7 movl %ecx, %eax
8 movl %ebp, %esp
9 popl %ebpAssembly code
14
Data Movement Example
y
xp
Rtn adr %esp
OffsetStack
•••
15
Data Movement Example
y
xp
Rtn adr
Old %ebp %esp 0
4
8
12
OffsetStack
•••
1 pushl %ebp
y
xp
Rtn adr %esp
OffsetStack
•••
16
Data Movement Example
y
xp
Rtn adr
Old %ebp%ebp%esp
0
4
8
12
OffsetStack
•••
2 movl %esp, %ebp
y
xp
Rtn adr
Old %ebp %esp 0
4
8
12
OffsetStack
•••
17
Data Movement Example
y
xp
Rtn adr
Old %ebp%ebp%esp
0
4
8
12
OffsetStack
•••
3 movl 8(%ebp), %eax
4 movl 12(%ebp), %edx
5 movl (%eax), %ecx
6 movl %edx, (%eax)
7 movl %ecx, %eax
18
Data Movement Example
y
xp
Rtn adr %esp
OffsetStack
•••
8 movl %ebp, %esp
9 popl %ebp
19
Arithmetic and Logical Operations Figure 3.7 P144
Instruction Effect Description
leal S, D D &S Load effective address
incl D D D + 1 Increment
decl D D D – 1 Decrement
negl D D -D Negate
notl D D ~D Complement
addl S, D D D + S Add
subl S, D D D – S Subtract
imull S, D D D * S Multiply
3.5 P143
20
Examples for Lea Instruction (Practice Problem 3.3 P143)
• %eax holds x, %ecx holds y
6+x leal 6(%eax), %edx
x+y leal (%eax, %ecx), %edx
x+4*y leal (%eax, %ecx, 4), %edx 7+9*x leal 7(%eax, %eax, 8), %edx
9+x+2*y
leal 9(%eax, %ecx, 2), %edx
10+4*y leal 0xA(, %ecx, 4), %edx
ResultExpression
21
Arithmetic and Logical Operations (Cont’d) Figure 3.7 P144
Instruction Effect Description
xorl S, D D D ^ S Exclusive-or
orl S, D D D | S Or
andl S, D D D & S And
sall k, D D D << k Left shift
shll k, D D D << k Left shift
sarl k, D D D >> k Arithmetic right shift
shrl k, D D D >> k Logical right shift
22
Arithmetic and Logical Operations (Practice Problem 3.4 P145)
Address
Value
0x100 0xFF
0x104 0xAB
0x108 0x13
0x10C 0x11
Register
Value
%eax 0x100
%ecx 0x1
%edx 0x3
0xFD (0x100-0x3)%eaxsubl %edx, %eax
0x0 (0x1-1)%ecxdecl %ecx
0x14 (0x13+1)0x108incl 8(%eax)
0x110 ($16*0x11)
0x10Cimull $16, (%eax, %edx, 4)
0xA8 (0xAB-0x3)0x104subl %edx, 4(%eax)
0x100 (1+0xFF)0x100addl %ecx, (%eax)
ValueDestinationInstruction
23
Assembly Code for Arithmetic ExpressionsFigure 3.8 P146int arith(int x, int y, int z){ int t1 = x+y; int t2 = z*48; int t3 = t1&0xFFFF; int t4 = t2*t3; return t4;}
movl 12(%ebp),%eax Get ymovl 16(%ebp),%edx Get zaddl 8(%ebp),%eax Compute t1=x+yleal (%edx,%edx,2),%edx Compute 3*zsall $4,%edx Compute t2=48*z=3*16*zandl $0xFFFF,%eax Compute t3=t1&FFFFimull %eax,%edx Compute t4=t2*t3movl %edx,%eax Set t4 as return val
24
Special Arithmetic OperationsFigure 3.9 P147
imull S
R[%edx]:R[%eax] S*R[%eax] Signed full multiply
mull S
R[%edx]:R[%eax] S*R[%eax] Unsigned full multiply
Cltd R[%edx]:R[%eax] SignExtend(R[%eax])
Convert to quad word
idivl S
R[%edx] R[%edx]:R[%eax] mod S ( 余数 )R[%eax] R[%edx]:R[%eax] S (商 )
Signed divide
divl S R[%edx] R[%edx]:R[%eax] mod SR[%eax] R[%edx]:R[%eax] S
Unsigned divide
25
Examples P148
Initially x at %ebp+8, y at %ebp+12, their full 64-bit product as 8 bytes on top of the stack
1 movl 8(%ebp), %eax2 imull 12(%ebp)3 pushl %edx4 pushl %eax
Store x/y and x%y on the stack.1 movl 8(%ebp), %eax2 cltd3 idivl 12(%ebp)4 pushl %eax5 pushl %edx
26
Control
• Two of the most important parts of
program execution
– Data flow (Accessing and operating data)
– Control flow (control the sequence of
operations)
3.6 P148
27
Control
• Sequential execution is default– The statements in C and
– the instructions in assembly code
– are executed in the order they appear in the program
• Chang the control flow– Control constructs in C
– Jump in assembly
28
Assembly Programmer’s View
FF
BF
7F
3F
C0
80
40
00
Stack
DLLs
TextData
Heap
Heap
08
%eax
%edx
%ecx
%ebx
%esi
%edi
%esp
%ebp
%al%ah
%dl%dh
%cl%ch
%bl%bh
%eip
%eflag
Addresses
Data
Instructions
29
Condition codes
• Condition codes
– A set of single-bit
– Maintained in a condition code register
– Describe attributes of the most recently
arithmetic or logical operation
30
Condition codes
• EFLAGS– CF: Carry Flag
• The most recent operation generated a carry out of the most significant bit
• Used to detect overflow for unsigned operations
– OF: Overflow Flag
• The most recent operation caused a two’s complement overflow — either negative or positive
31
Condition codes
• EFLAGS
– ZF: Zero Flag
• The most recent operation yielded zero
– SF: Sign Flag
• The most recent operation yielded a
negative value
32
Setting Conditional Codes
• Implicit Setting By Arithmetic Operationsaddl Src,DestC analog: t = a+b– CF set if carry out from most significant bit
• Used to detect unsigned overflow
– ZF set if t == 0– SF set if t < 0– OF set if two’s complement overflow
(a>0 && b>0 && t<0) || (a<0 && b<0 && t>=0)
33
Conditional Code
• lea instruction – has no effect on condition codes
• Xorl instruction– The carry and overflow flags are set to 0
• Shift instruction– carry flag is set to the last bit shifted out– Overflow flag is set to 0
34
Setting Conditional Codes
• Explicit Setting by Compare Instructioncmpl Src2,Src1– cmpl b,a like computing a-b without setting
destination– CF set if carry out from most significant bit
• Used for unsigned comparisons
– ZF set if a == b– SF set if (a-b) < 0– OF set if two’s complement overflow
(a>0 && b<0 && (a-b)<0) || (a<0 && b>0 && (a-b)>0)
35
Setting Conditional Codes
• Explicit Setting by Test instruction
testl Src2,Src1
– Sets condition codes based on value of Src1 & Src2
• Useful to have one of the operands be a mask
– testl b,a like computing a&b without setting destination
– ZF set when a&b == 0
– SF set when a&b < 0
36
Accessing Conditional Codes
• The condition codes cannot be read
directly
• One of the most common methods of
accessing them is
– setting an integer register based on some
combination of condition codes
– Set commands
37
Accessing Conditional Codes
• after each set command is executed– A single byte to 0 or to 1 is obtained
• The descriptions of the different set commands apply to the case – where a comparison instruction has been
executed
38
Accessing Conditional CodesFigure 3.10 P150
Instruction Synonym Effect Set Condition
Sete Setz ZF Equal/zero
Setne Setnz ~ZF Not equal/not zero
Sets SF Negative
Setns ~SF Nonnegative
Setl Setnge SF^OF Less
Setle Setng (SF^OF)|ZF Less or Equal
Setg Setnle ~(SF^OF)&~ZF Greater
Setge Setnl ~(SF^OF) Greater or Equal
Seta Setnbe ~CF&~ZF Above
Setae Setnb ~CF Above or equal
Setb Setnae CF Below
Setbe Setna CF|ZF Below or equal
39
Accessing Conditional Codes
• The destination operand is either – one of the eight single-byte register elements
or – a memory location where the single byte is to
be stored
• To generate a 32-bit result– we must also clear the high-order 24 bits
40
Accessing Conditional Codes P151
Initially a is in %edx, b is in %eax
1 cmpl %eax, %edx#compare a:b
2 setl %al#set low order by to 0 or 1
3 movzbl %al, %eax #set remaining bytes of %eax
to 0
41
Jump Instructions P152
• Under normal execution– instructions follow each other in the order they
are listed
• A jump instruction can cause – the execution to switch to a completely new
position in the program.
• Label – Jump destinations
42
Jump Instructions P152
1 xorl %eax, %eax Set %eax to 0
2 jmp .L1 Goto .L1
3 movl (%eax), %edx Null pointer dereference
4 .L1:5 popl %edx
43
Unconditional jump P153
• Jumps unconditionally
• Direct jump: jmp label
– jmp .L
• Indirect jump: jmp *Operand
– jmp *%eax
– jmp *(%eax)
44
Conditional jump
• Either jump or continue executing at the next instruction in the code sequence– Depending on some combination of the
condition codes
• All direct jump
45
Jump Instructions P154
1 jle .L42 .p2align 4,,7 align next instruction to multiple of 83 .L5:4 movl %edx, %eax5 sarl $1, %eax ; Arithmetic right shift6 subl %eax, %edx7 testl %edx, %edx8 jg .L59 .L4:10 movl %edx, %eax
46
Jump Instructions
• PC-relative – Jump target is an offset relative to the address
of the instruction just followed jump (pointed by PC)
• Absolute address – Jump target is an absolute address
47
1 8: 7e 11 jle 1b<silly+0x1b>
2 a: 8d b6 00 00 00 00 lea 0x0(%esi), %esi
3 10: 89 d0 movl %edx, %eax dest1:
4 12: c1 f8 01 sarl $1, %eax
5 15: 29 c2 subl %eax, %edx
6 17: 85 d2 testl %edx, %edx
7 19: 7f f5 jg 10<silly+0x10>
8 1b: 89 d0 movl %edx, %eax dest2:
dest1: 11+a = 1b 11+10
dest2: 1b+f5(-b) =10 F5=-11=0X(-b)
Example for Jump P154
48
1 80483c8: 7e 11 jle80483db<silly+0x1b>
2 80483ca: 8d b6 00 00 00 00 lea 0x0(%esi), %esi
3 80483d0: 89 d0 movl %edx, %eax dest1:4 80483d2: c1 f8 01 sarl $1, %eax5 80483d5: 29 c2 subl %eax, %edx6 80483d7: 85 d2 testl %edx, %edx7 80483d9: 7f f5 jg 80483d0<silly+0x10>8 80483db: 89 d0 movl %edx, %eax dest2:
11+a = 1b => 11+ca=db1b+f5(-b) =10 => db+f5(-b)=d0
Example for Jump P155
49
Translating Conditional Branches P157
if ( test-expr )
then-statement
else
else-statement
t = test-expr ;
if ( t )
goto true ;
else-statement
goto done
true:
then-statement
done:
50
Translating Conditional Branches P156
1. int absdiff(int x, int y)
2. {
3. if (x < y)
4. return y – x;
5. else
6. return x – y;
7. }
1. int gotodiff(int x, int y)
2. {
3. int rval ;
4. if (x < y)
5. goto less
6. rval = x – y ;
7. goto done;
8. less:
9. rval = y – x;
10. done:
11. return rval;
12. }
51
Jump Instructions P156
1. movl 8(%ebp), %edx get x
2. movl 12(%ebp), %eax get y
3. cmpl %eax, %edx cal x - y
4. jl .L3 if x < y goto less
5. subl %eax, %edx compute x – y (subl: des-src)
6. movl %edx, %eax set return val
7. jmp .L5 goto done
8. .L3: less:
9. subl %edx, %eax compute y – x (subl: des-src)
10. .L5: done: Begin Completion code
52
Do-while Translation P158
do body-statement
while (test-expr)
loop: body-statement
t = test-expr; if ( t )
goto loop ;
53
Do-while Translation P159
int fib_dw(int n) { int i = 0; int val = 0 ; int nval = 1 ; do { int t = val + nval ; val = nval ; nval = t ; i++; } while ( i<n) ; return val ; }
register value initially
%ecx i 0
%esi n n
%ebx val 0
%edx nval 1
%eax t -
54
Do-while Translation P159
.L6:
lea (%ebx, %edx), %eax
movl %edx, %ebx
movl %eax, %edx
incl %ecx
cmpl %esi, %ecx
jl .L6
movl %ebx, %eax register value initially
%ecx i 0
%esi n n
%ebx val 0
%edx nval 1
%eax t -
lea: %ebx+%edx => %eax
55
While Loop Translation P161
while (test-expr)
body-statement
loop: if ( !test-expr)
t = test-expr goto done;
if ( !t ) do
goto done; body-statement
body-statement while(test-expr)
goto loop; done:
done:
56
While Loop Translation P162
int fib_w(int n) {
int i=1;int val=1;int nval=1;
while ( i<n ) {int t=val+nval ;val = nval ;nval = t ;
i = i+1; }
return val ; }
int fib_w_got0(int n) {
int val=1;int nval=1;
int nmi, t ;
if ( val >= n )goto done ;
nmi = n-1;
loop:t=val+nval ;val = nval ;nval = t ;
nmi--;if ( nmi )
goto loop done:
return val }
57
While Loop Translation P162
1. movl 8(%ebp), %eax 2. movl $1, %ebx3. movl $1, %ecx4. cmpl %eax, ebx5. jge .L96. lea –1(%eax), %edx7. .L10:8. lea (%ecx, %ebx), %eax9. movl %ecx, %ebx10. movl %eax, %ecx11. decl %edx12. jnz .L1013. .L9:
Register usageRegister Variable Initially
%edx nmi n-1
%ebx val 1
%ecx nval 1
58
For Loop Translation P164
for ( init-expr, test-expr, update-expr)body-statement
init-expr while ( test-expr) {
body-statementupdate-expr
}
59
For Loop Translation P165
int fib_f(int n) {
int i;int val=1;int nval=1;
for ( i=1; i<n; i++ ) {int t = val + nval ;val = nval ; nval = t ;
}return val ;
}
60
Switch statements P167
int switch_eg(int x) {
int result = x ;switch ( x ) {case 100:
result *= 13 ;break ;
case 102:result += 10 ;/* fall through */
case 103result += 11;break ;
case 104: case 106:
result *= result ;break ;
default:result = 0 ;
}return result ;
}
61
Switch Construct
• Properties of Switch Construct– Integer testing– Multiple outcomes (may be a large number)– Improve the readability of the source code
62
case 103result += 11;break ;
case 104: case 106:result *= result
;break ;
default:result = 0 ;
}return result ;
}
Switch Statements
int switch_eg(int x)
{
int result = x ;
switch ( x ) {
case 100:
result *= 13 ;
break ;
case 102:
result += 10 ;
/* fall through */
Integer
testing
Multiple cases
63
Switch Form
switch(op) { case val_0: Block 0 case val_1: Block 1 • • • case val_n-1: Block n–1}
64
Jump Table
• Efficient implementation• Avoid long sequence of if-else statement• Criteria
– the number of cases and the sparsity of the case value
65
Jump Table Implementation
Targ0
Targ1
Targ2
Targn-1
•••
jtab:
Jump Table
target = JTab[op];goto *target;
Approx. Translation
Code Block0
Targ0:
Code Block1
Targ1:
Code Block2
Targ2:
Code Blockn–1
Targn-1:
•••
Jump Targets
66
case 103result += 11;break ;
case 104: case 106:result *= result
;break ;
default:result = 0 ;
}return result ;
}
Switch Statements
int switch_eg(int x)
{
int result = x ;
switch ( x ) {
case 100:
result *= 13 ;
break ;
case 102:
result += 10 ;
/* fall through */
Integer
testing
Multiple cases
67
Jump Table Implementation P167
int switch_eg_goto ( int x) {
unsigned xi = x-100;int result = x ;if ( xi >6 )
goto loc_def ;goto jt[xi];
loc_a:result *= 13 ;goto done ;
loc_b:result += 10 ;
loc_c:result +=11;
goto done ; loc_d:
result *= result ;goto done ;
loc_def:result = 0 ;
done:return result ;
}
code jt[7] = {loc_a, loc_def, loc_b, loc_c, loc_d, loc_def, loc_d};
68
Jump Table Implementation P168
1. lea –100(%edx), %eax
2. cmpl $6, %eax
3. ja. L9
4. jmp *.L10(, %eax, 4)
5. .L4:
6. leal ( %edx, %edx, 2), %eax
7. leal (%edx, %eax, 4), %edx
8. jmp .L3
9. .L5:
10. addl $10, %edx
69
Jump Table Implementation
11. .L6:
12. addl $11, %edx
13. jmp .L3
14. .L8:
15. imull %edx, %edx
16. jmp .L3
17. .L9:
18. xorl %edx, %edx
19. .L3:
20. movl %edx, %eax
70
Jump Table P169
1. .section .rodata
2. .align 4
3. .L10:
4. .long .L4 case 100: loc_a
5. .long .L9 case 101: loc_def
6. .long .L5 case 102: loc_b
7. .long .L6 case 103: loc_c
8. .long .L8 case 104: loc_d
9. .long .L9 case 105: loc_def
10. .long .L8 case 106: loc_d