Download Lecture 11

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
page
70
page
71
page
72
page
73
page
74
page
75
page
76
page
77
page
78
page
79
page
80
page
81
page
82
page
83
page
84
page
85
page
86
page
87
Document related concepts
no text concepts found
Transcript 
Assembly Language for x86 Processors
6th Edition
Kip R. Irvine
Chapter 8: Advanced Procedures
Slides prepared by the author.
Revision date: 2/15/2010
(c) Pearson Education, 2010. All rights reserved. You may modify and copy this slide show for your personal use, or for
use in the classroom, as long as this copyright statement, the author's name, and the title are not changed.
Parameter Passing
 We currently have two ways to pass parameters to a
procedure
 By using registers
 By using global variables
 However these mechanisms to pass parameters are not
suited if we want
 To use a variable number of parameters
[Limited # of registers]
 To permit a procedure to call itself (for using recursion)
[Global variables are static]
 In these circumstances we can pass parameters via the
stack
 This is the mechanism of parameter passing used by high
level languages
2
Stack Frame
• Also known as an activation record
• Area of the stack set aside for a procedure's return
address, passed parameters, saved registers, and
local variables
• Created by the following steps:
• Calling program pushes arguments (i.e. parameters)
on the stack and calls the procedure.
• The called procedure pushes EBP on the stack, and
sets EBP to ESP.
• If local variables are needed, a constant is subtracted
from ESP to make room on the stack.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
3
Passing Arguments to a Procedure
1. Push arguments on stack
• Arguments pushed on the stack are called stack parameters
• (Use only 32-bit values in protected mode to keep the stack
aligned)
• To pass by value: push argument’s value
• To pass by reference: push argument’s offset
2. Call the called-procedure
3. Accept a return value in EAX, if any
4. Remove arguments from the stack if the called-procedure
did not remove them
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
4
Stack Parameters
 Suppose that we have a procedure, called IMUL2, who’s task is to
multiply two signed numbers and return the result into EAX.
 The caller calls IMUL2 with parameters varA and varB like this:
push varA ;push a dword variable
push varB ;another dword variable
call IMUL2 ;result in EAX, stack unchanged
add esp,8 ; clean the stack (i.e. restore ESP)
 We have assumed that IMUL2 did not changed the stack:
 ESP just after returning from IMUL2 is pointing to the same place as it
was just before calling IMUL2.
 But, since 8 bytes of parameters were pushed on the stack, we need
to increase ESP by 8 after returning from IMUL2
 Otherwise, ESP would be decreased by 8 at each IMUL2 usage and,
consequently, the stack could overflow if the 3 first statements were
inside a loop
 We say that the stack has been restored by the caller
 This is the method used by C/C++ compilers
5
Stack Parameters (cont.)
 Given that IMUL2 is called that
way, we can write it like this:
IMUL2 PROC
push ebp
mov ebp,esp
mov eax,[ebp+12]
imul eax,[ebp+8]
pop ebp
ret
IMUL2 ENDP
 These are called stack
frames (or activation
records)
varA
varB
ret addr.
orig. ebp
ebp
esp
after mov ebp,esp
 We use EBP to access the stack
parameters (not ESP)
6
 Compilers are using this method.
But, more simply, we could have
used ESP instead... [avoid using
ESP, however]
varA
varB
after ret
esp
Accessing Stack Parameters (C/C++)
• C and C++ functions access stack parameters using
constant offsets from EBP1.
• Example: [ebp + 8]
• EBP is called the base pointer or frame pointer
because it holds the base address of the stack frame.
• EBP does not change value during the function.
• EBP must be restored to its original value when a
function returns.
1 BP in Real-address mode
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
7
RET Instruction
• Return from subroutine
• Pops stack into the instruction pointer (EIP or IP).
Control transfers to the target address.
• Syntax:
• RET
• RET n
• Optional operand n causes n bytes to be added to
the stack pointer after EIP (or IP) is assigned a value.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
8
Who removes parameters from the stack?
Caller (C)
push val2
push val1
call AddTwo
add esp,8
...... or ......
Called-procedure (STDCALL):
AddTwo PROC
push ebp
mov ebp,esp
mov eax,[ebp+12]
add eax,[ebp+8]
pop
ret
ebp
8
The MODEL directive specifies calling conventions
• See line: MODEL flat, STDCALL, in file Irvine.asm.
• The Irvine32 library uses STDCALL calling convention, and hence,
your procedures should clean the stack by using ret n.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
9
Stack Parameters (cont.)
 The other method is to let the
called procedure the responsibility
 The called procedure would
of restoring the stack
now be:
 This is the method used by
Pascal compilers
 The caller would simply do
push
push
call
; do
varA
varB
IMUL2
not increm. ESP
 But the procedure would now use
ret n to return
 This performs a RET instruction
and then increments ESP further
by n
10
IMUL2 PROC
push ebp
mov ebp,esp
mov eax,[ebp+12]
imul eax,[ebp+8]
pop ebp
ret 8 ; clean stack
IMUL2 ENDP
 Since 8 bytes of parameters
have been pushed onto the
stack
Passing a Variable Number of Parameters
 To pass a variable number of
arguments by the stack just push,  The called procedure:
as the last parameter, the number
of arguments
AddSome PROC
push ebp
 By popping this parameter, the push ecx
procedure knows how much mov ebp,esp
arguments were passed
 The caller:
push 35
push –63
push 23
push 3 ;# of args
call AddSome
add esp,16
11
mov ecx,[ebp+12] ;# of args
xor eax,eax ;hold sum
add ebp,16 ;last arg
L1:
add eax,[ebp]
add ebp,4 ;point to next
loop L1
pop ecx
pop ebp
ret
AddSome ENDP
Passing an Array by Reference
(1 of 2)
• The ArrayFill procedure fills an array with 16-bit
random integers
• The calling program passes the address of the array,
along with a count of the number of array elements:
.data
count = 100
array WORD count DUP(?)
.code
push OFFSET array
push COUNT
call ArrayFill
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
12
Passing an Array by Reference
(2 of 2)
ArrayFill can reference an array without knowing the array's
name:
ArrayFill PROC
push ebp
mov ebp,esp
pushad
mov esi,[ebp+12]
mov ecx,[ebp+8]
.
.
offset(array)
[EBP + 12]
count
[EBP + 8]
return address
EBP
EBP
ESI points to the beginning of the array, so it's easy to use a loop
to access each array element. View the complete program.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
13
Your turn . . .
• Create a procedure named Difference that subtracts
the first argument from the second one. Following is
a sample call:
push 14
push 30
call Difference
Difference PROC
push ebp
mov ebp,esp
mov eax,[ebp + 8]
sub eax,[ebp + 12]
pop ebp
ret 8
Difference ENDP
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
; first argument
; second argument
; EAX = 16
; second argument
; first argument
14
Passing 8-bit and 16-bit Arguments
• Cannot push 8-bit values on stack
• Pushing 16-bit operand may cause page fault or
ESP alignment problem
• incompatible with Windows API functions
• Expand smaller arguments into 32-bit values, using
MOVZX or MOVSX:
.data
charVal
.code
movzx
push
call
BYTE 'x'
eax,charVal
eax
Uppercase
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
15
Passing Multiword Arguments
• Push high-order values on the stack first; work backward in
memory
• Results in little-endian ordering of data
• Example:
.data
longVal QWORD 1234567800ABCDEFh
.code
push DWORD PTR longVal + 4
; high doubleword
push DWORD PTR longVal
; low doubleword
call WriteHex64
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
16
Saving and Restoring Registers
• Push registers on stack just after assigning ESP to
EBP
• local registers are modified inside the procedure
MySub PROC
push ebp
mov ebp,esp
push ecx
push edx
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
; save local registers
17
Stack Affected by USES Operator
MySub1 PROC USES ecx edx
ret
MySub1 ENDP
• USES operator generates code to save and restore
registers:
MySub1 PROC
push ecx
push edx
pop
pop
ret
edx
ecx
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
18
53 68 75 72 79 6F
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
19
Local Variables
• Only statements within subroutine can view or modify
local variables
• Storage used by local variables is released when
subroutine ends
• local variable name can have the same name as a
local variable in another function without creating a
name clash
• Essential when writing recursive procedures, as well
as procedures executed by multiple execution
threads
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
20
Creating LOCAL Variables
Example - create two DWORD local variables:
Say: int x=10, y=20;
ret address
saved ebp
EBP
10 (x)
[ebp-4]
MySub PROC
20 (y)
[ebp-8]
push
mov
sub
ebp
ebp,esp
esp,8
mov
mov
DWORD PTR [ebp-4],10 ; initialize x=10
DWORD PTR [ebp-8],20 ; initialize y=20
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
;create 2 DWORD variables
21
LEA Instruction
• LEA returns offsets of direct and indirect operands
• OFFSET operator only returns constant offsets
• LEA required when obtaining offsets of stack
parameters & local variables
• Example
CopyString PROC,
count:DWORD
LOCAL temp[20]:BYTE
mov
mov
lea
lea
edi,OFFSET count
esi,OFFSET temp
edi,count
esi,temp
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
;
;
;
;
invalid operand
invalid operand
ok
ok
22
LEA Example
Suppose you have a Local variable at [ebp-8]
And you need the address of that local variable in ESI
You cannot use this:
mov esi, OFFSET [ebp-8]
; error
Use this instead:
lea esi,[ebp-8]
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
23
ENTER Instruction
• ENTER instruction creates stack frame for a called
procedure
• pushes EBP on the stack
• sets EBP to the base of the stack frame
• reserves space for local variables
• Example:
MySub PROC
enter 8,0
• Equivalent to:
MySub PROC
push ebp
mov ebp,esp
sub esp,8
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
24
LEAVE Instruction
Terminates the stack frame for a procedure.
Equivalent operations
MySub PROC
enter 8,0
...
...
...
leave
ret
MySub ENDP
push ebp
mov ebp,esp
sub esp,8
; 2 local DWORDs
mov
pop
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
esp,ebp ; free local space
ebp
25
LOCAL Directive
• The LOCAL directive declares a list of local
variables
• immediately follows the PROC directive
• each variable is assigned a type
• Syntax:
LOCAL varlist
Example:
MySub PROC
LOCAL var1:BYTE, var2:WORD, var3:SDWORD
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
26
Using LOCAL
Examples:
LOCAL flagVals[20]:BYTE
; array of bytes
LOCAL pArray:PTR WORD
; pointer to an array
myProc PROC,
LOCAL t1:BYTE,
; procedure
; local variables
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
27
LOCAL Example
(1 of 2)
BubbleSort PROC
LOCAL temp:DWORD, SwapFlag:BYTE
. . .
ret
BubbleSort ENDP
MASM generates the following code:
BubbleSort PROC
push ebp
mov ebp,esp
add esp,0FFFFFFF8h
. . .
mov esp,ebp
pop ebp
ret
BubbleSort ENDP
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
; add -8 to ESP
28
LOCAL Example
(2 of 2)
Diagram of the stack frame for the BubbleSort
procedure:
return address
EBP
ESP
EBP
temp
[EBP - 4]
SwapFlag
[EBP - 8]
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
29
Non-Doubleword Local Variables
• Local variables can be different sizes
• How created in the stack by LOCAL directive:
• 8-bit: assigned to next available byte
• 16-bit: assigned to next even (word) boundary
• 32-bit: assigned to next doubleword boundary
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
30
Local Byte Variable
Example1 PROC
LOCAL var1:BYTE
mov al,var1
ret
Example1 ENDP
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
; [EBP - 1]
31
WriteStackFrame Procedure
• Displays contents of current stack frame
• Prototype:
WriteStackFrame PROTO,
numParam:DWORD,
; number of passed parameters
numLocalVal: DWORD, ; number of DWordLocal variables
numSavedReg: DWORD ; number of saved registers
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
32
WriteStackFrame Example
main PROC
mov eax, 0EAEAEAEAh
mov ebx, 0EBEBEBEBh
INVOKE aProc, 1111h, 2222h
exit
main ENDP
aProc PROC USES eax ebx,
x: DWORD, y: DWORD
LOCAL a:DWORD, b:DWORD
PARAMS = 2
LOCALS = 2
SAVED_REGS = 2
mov a,0AAAAh
mov b,0BBBBh
INVOKE WriteStackFrame, PARAMS, LOCALS, SAVED_REGS
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
33
53 68 75 72 79 6F
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
34
Recursion
 A recursive procedure is one that calls itself
 Recursive procedures can easily be implemented in ASM when
parameter passing is done via the stack
 Ex: a C implementation of factorial:
int factorial(int n)
{
if (n<=1) { return 1; }
else { return n*factorial(n-1); }
}
 An ASM caller needs to push the argument into the stack:
push 8
call factorial ;result in EAX = 40320
add esp,4
;restore the stack
35
Recursively Calculating Sum 1 + … + n
The CalcSum procedure recursively calculates the sum
1+2+…+n. Receives: ECX = count = n. Returns: EAX = sum
CalcSum PROC
cmp ecx,0
jz L2
add eax,ecx
dec ecx
call CalcSum
L2: ret
CalcSum ENDP
Stack frame:
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
;
;
;
;
;
check counter value
quit if zero
otherwise, add to sum
decrement counter
recursive call
View the complete
program
36
Calculating a Factorial
(1 of 3)
This function calculates the factorial of integer n. A new value
of n is saved in each stack frame:
int function factorial(int n)
{
if(n == 0)
return 1;
else
return n * factorial(n-1);
}
As each call instance returns, the
product it returns is multiplied by the
previous value of n.
recursive calls
backing up
5! = 5 * 4!
5 * 24 = 120
4! = 4 * 3!
4 * 6 = 24
3! = 3 * 2!
3*2=6
2! = 2 * 1!
2*1=2
1! = 1 * 0!
1*1=1
0! = 1
1=1
(base case)
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
37
Calculating a Factorial
Factorial PROC
push ebp
mov ebp,esp
mov eax,[ebp+8]
cmp eax,0
ja
L1
mov eax,1
jmp L2
L1: dec eax
push eax
call Factorial
;
;
;
;
(2 of 3)
get n
n < 0?
yes: continue
no: return 1
; Factorial(n-1)
; Instructions from this point on execute when each
; recursive call returns.
ReturnFact:
mov ebx,[ebp+8]
mul ebx
; get n
; eax = eax * ebx
L2: pop ebp
ret 4
Factorial ENDP
; return EAX
; clean up stack
See the program listing
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
38
Calculating a Factorial
(3 of 3)
12
n
ReturnMain
Suppose we want to
calculate 12!
This diagram shows the
first few stack frames
created by recursive calls
to Factorial
Each recursive call uses
12 bytes of stack space.
ebp0
11
n-1
ReturnFact
ebp1
10
n-2
ReturnFact
ebp2
9
n-3
ReturnFact
ebp3
(etc...)
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
39
Exercises
 Ex1: Rewrite the factorial procedure when stack cleaning
is done by the caller (ie: in the Java/C/C++way)
 Ex2: Write a procedure who’s task is to fill with value 0
the first k bytes of a byte array. All parameters must be
passed by the stack and stack cleaning must be done by
the caller. Give an example of how this procedure would
be called.
 Ex3: Rewrite the AddSome procedure when stack
cleaning is done by the called procedure (ie: in the
Pascal way)
 Challenge: Write the pseudocode for a recursive
algorithm that generates the first 20 integers of the
Fibonacci series (1, 1, 2, 3, 5, 8, 13, 21, . . .).
40
Modular Programming
 Large projects need to be broken into small modules
with clean interfaces between modules
 The way to program a module should only depend on the
interfaces provided by other modules – not their
implementation
 One possibility would be to place groups of related
procedures into different files and then include them with
the include directive
41
 The include directive instructs the assembler to include
the file (at assembly time) at the place of the directive
 We must then ensure that the code will be placed in the
.code segment and the data will be placed in the .data
segment
Modular Programming (cont.)
 Hence, in each file, we should always put .code before the code and
.dada before the data. Ex:
File my_prog.asm
INCLUDE Irvine32.inc
INCLUDE Macros.inc
.data
msg1 BYTE "In main",0
.code
main PROC
mWriteString msg1
call procA
call procB
exit
main ENDP
include procA.asm
include procB.asm
END main
42
File procA.asm
.code
procA PROC
mWriteString msg2
ret
procA ENDP
.data
msg2 BYTE "In procA",0
File procB.asm
.code
procB PROC
mWriteString msg3
ret
procB ENDP
.data
msg3 BYTE "In procB",0
Modular Programming (cont.)
 Hence, by doing
ML my_prog.asm
 The assembler will create a single object file my_prog.obj which
will contain all the included code and data
 The scope of each name used (in any included file) will be the object
module in which they will be assembled. Here it is my_prog.obj
 Hence an error will be detected by the assembler if two different
included files use the same name
 Hence this method of included files should be avoided for large
projects
 Instead, we should assemble each file separately to obtain a
separate object module for each file and, thus, have a private
namespace for each file
 Make sure, however, to have an INCLUDE Irvine32.inc (or INCLUDE
Macros.inc) and an END directive in each separate file.
43  The file containing the main program must have END main as last line
Separately Assembled Modules
 However any module that wants to be used need to provide at least
one name to be used by others
 Use the directive PUBLIC to enable other modules to use names
defined in the module where PUBLIC is. Ex:
PUBLIC procA, varC, labelB
 Note that the usage is the same for any kind of names (procedures,
variables, label...)
 Use the directive EXTERN to declare names that are defined in other
modules
 But now we need to provide the qualifiers:
PROC for procedure names
BYTE, WORD, DWORD... for variable names
 Example:
EXTERN procA@0:proc, varA:dword, varB:word
 Place the directives extern and public just after INCLUDE directives
44
Example
File my_prog.asm
INCLUDE Irvine32.inc
INCLUDE Macros.inc
EXTERN procA@0:proc, procB@0:proc
.data
msg1 BYTE "In main",0
.code
main PROC
mWriteString msg1
call procA
call procB
exit
main ENDP
END main
45
File procA.asm
INCLUDE Irvine32.inc
INCLUDE Macros.inc
public procA
.code
procA PROC
mWriteString msg1
ret
procA ENDP
.data
msg1 BYTE "In procA",0
END
File procB.asm
INCLUDE Irvine32.inc
INCLUDE Macros.inc
public procB
.code
procB PROC
mWriteString msg1
ret
procB ENDP
.data
msg1 BYTE "In procB",0
END
Example (cont.)
 To assemble each file separately and link them do:
ML –c procA.asm
ML –c procB.asm
ML my_prog.asm procA.obj procB.obj
 The –c is the “compile only” option: it only produces an object file [no
executable file is produced]
 The last command will produce my_prog.obj and link all the .obj files
to produce my_prog.exe
 All .data segments will be concatenated into a single .data segment
and all .code segments will be concatenated into a single .code
segment
 Each .asm file now provides a separate namespace since each file
has been assembled separately
 Note that all three files are using the same name msg1. These refer to
different memory locations since the assembler and linker will produce
a different memory address for each variable msg1.
46
The Program’s Entry Point
 An executable program must have only one entry point (the address
of the first instruction to execute).
 This entry point must be in your main program, and is the very first
instruction to be executed
 The file containing the main program must end with the line “END main”
 A program must have only one single entry point
 Any file other than the one containing the main program should
terminate with the line END
47
Using Global Variables
 A variable made public in one object module will be
accessible to every other object module that will be
linked into the same .exe file
 As long as the other object modules are declaring this
variable to be extern
 Such a variable, which is said to be global, can be used
by procedures to pass a value across different modules.
 This mechanism increases the complexity of the interfaces
(since every module must be aware of all the global
variables)
 Hence the number of global variables should be limited
48
Global Variable Example
File mp.asm
File procA.asm
INCLUDE Irvine32.inc
INCLUDE Irvine32.inc
PUBLIC varA
EXTERN procA@0:proc
PUBLIC procA
EXTERN varA:dword
.data
varA DWORD ?
.code
procA PROC
mov eax,varA
call WriteDec
ret
procA ENDP
END
.code
main PROC
mov varA,333
call procA
exit
main ENDP
END main
To assemble and link, you can do:
ML mp.asm procA.asm
49
Multimodule Programs
• A multimodule program is a program whose source
code has been divided up into separate ASM files.
• Each ASM file (module) is assembled into a separate
OBJ file.
• All OBJ files belonging to the same program are
linked using the link utility into a single EXE file.
• This process is called static linking
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
50
Advantages
• Large programs are easier to write, maintain, and
debug when divided into separate source code
modules.
• When changing a line of code, only its enclosing module
needs to be assembled again. Linking assembled
modules requires little time.
• A module can be a container for logically related
code and data (think object-oriented here...)
• encapsulation: procedures and variables are
automatically hidden in a module unless you declare
them public
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
51
Creating a Multimodule Program
• Here are some basic steps to follow when
creating a multimodule program:
• Create the main module
• Create a separate source code module for each
procedure or set of related procedures
• Create an include file that contains procedure
prototypes for external procedures (ones that are
called between modules)
• Use the INCLUDE directive to make your
procedure prototypes available to each module
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
52
Example: ArraySum Program
• Let's review the ArraySum program from Chapter 5.
Summation
Program (main)
Clrscr
PromptForIntegers
WriteString
ReadInt
ArraySum
DisplaySum
WriteString
WriteInt
Each of the four white rectangles will become a module.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
53
Sample Program output
Enter a signed integer: -25
Enter a signed integer: 36
Enter a signed integer: 42
The sum of the integers is: +53
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
54
INCLUDE File
The sum.inc file contains prototypes for external functions that
are not in the Irvine32 library:
INCLUDE Irvine32.inc
PromptForIntegers PROTO,
ptrPrompt:PTR BYTE,
ptrArray:PTR DWORD,
arraySize:DWORD
; prompt string
; points to the array
; size of the array
ArraySum PROTO,
ptrArray:PTR DWORD,
count:DWORD
; points to the array
; size of the array
DisplaySum PROTO,
ptrPrompt:PTR BYTE,
theSum:DWORD
; prompt string
; sum of the array
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
55
Inspect Individual Modules
•
•
•
•
Main
PromptForIntegers
ArraySum
DisplaySum
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
56
Macros
• Read Chapter 10, Section 10.2
• Macro procedures are named block of ASM statements
• Can be invoked as many times in a program as you wish
• When invoking a macro, a copy of its code is inserted directly
into the program at the location where it is being invoked
• Automatic code insertion
• Book’s macro codes are defined in the Macro.inc file
• Use INCLUDE Macro.inc when using macros from the book
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
57
Defining Macros
• Defined directly at the beginning of a source program, or,
placed in separate file and included using INCLUDE directive
• Example: Macros to display character ‘X’ or a char variable
mPrintX Macro
mov al, ’X’
call WriteChar
ENDM
mPutChar Macro cvar
push eax
mov al, cvar
call WriteChar
pop eax
ENDM
• Defined using MACRO and ENDM directives
MacroName Macro parameter-1, parameter-2, …
Statement-list
ENDM
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
58
Invoking Macros
• Macros are called (invoked) by simply inserting their names,
possibly followed by their arguments
• Example: Display the first 20 letters of the alphabet
mov al, ’A’
mov ecx, 20
Iterate:
mPutChar al ; macro call
inc al
loop Iterate
mov al, ’A’
mov ecx, 20
Iterate:
1 push eax
1 mov al, cvar
1 call WriteChar
1 pop eax
inc al
loop Iterate
• At compile time: the actual source code (on the left) is expanded by
substituting all occurences of mPutChar al with its actual macro code. The
expanded code (on the right) is visible in the source listing file.
• Macros execute faster than PROCs but tend to yield larger programs
59
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
53 68 75 72 79 6F
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
60
INVOKE, ADDR, PROC, and PROTO
•
•
•
•
•
•
•
INVOKE Directive
ADDR Operator
PROC Directive
PROTO Directive
Parameter Classifications
Example: Exchaning Two Integers
Debugging Tips
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
61
INVOKE Directive
• The INVOKE directive is a powerful replacement for
Intel’s CALL instruction that lets you pass multiple
arguments
• Syntax:
INVOKE procedureName [, argumentList]
• ArgumentList is an optional comma-delimited list of
procedure arguments
• Arguments can be:
•
•
•
•
immediate values and integer expressions
variable names
address and ADDR expressions
register names
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
62
INVOKE Examples
.data
byteVal BYTE 10
wordVal WORD 1000h
.code
; direct operands:
INVOKE Sub1,byteVal,wordVal
; address of variable:
INVOKE Sub2,ADDR byteVal
; register name, integer expression:
INVOKE Sub3,eax,(10 * 20)
; address expression (indirect operand):
INVOKE Sub4,[ebx]
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
63
ADDR Operator
• Returns a near or far pointer to a variable, depending on
which memory model your program uses:
• Small model: returns 16-bit offset
• Large model: returns 32-bit segment/offset
• Flat model: returns 32-bit offset
• Simple example:
.data
myWord WORD ?
.code
INVOKE mySub,ADDR myWord
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
64
PROC Directive
(1 of 2)
• The PROC directive declares a procedure with an
optional list of named parameters.
• Syntax:
label PROC paramList
• paramList is a list of parameters separated by
commas. Each parameter has the following syntax:
paramName : type
type must either be one of the standard ASM types
(BYTE, SBYTE, WORD, etc.), or it can be a pointer to
one of these types.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
65
PROC Directive
(2 of 2)
• Alternate format permits parameter list to be on one or
more separate lines:
label PROC,
comma required
paramList
• The parameters can be on the same line . . .
param-1:type-1, param-2:type-2, . . ., param-n:type-n
• Or they can be on separate lines:
param-1:type-1,
param-2:type-2,
. . .,
param-n:type-n
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
66
AddTwo Procedure
(1 of 2)
• The AddTwo procedure receives two integers and returns
their sum in EAX.
AddTwo PROC,
val1:DWORD, val2:DWORD
mov eax,val1
add eax,val2
ret
AddTwo ENDP
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
67
PROC Examples
(2 of 3)
FillArray receives a pointer to an array of bytes, a single byte fill
value that will be copied to each element of the array, and the
size of the array.
FillArray PROC,
pArray:PTR BYTE, fillVal:BYTE
arraySize:DWORD
mov ecx,arraySize
mov esi,pArray
mov al,fillVal
L1: mov [esi],al
inc esi
loop L1
ret
FillArray ENDP
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
68
PROC Examples
(3 of 3)
Swap PROC,
pValX:PTR DWORD,
pValY:PTR DWORD
. . .
Swap ENDP
ReadFile PROC,
pBuffer:PTR BYTE
LOCAL fileHandle:DWORD
. . .
ReadFile ENDP
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
69
PROTO Directive
• Creates a procedure prototype
• Syntax:
• label PROTO paramList
• Every procedure called by the INVOKE directive must
have a prototype
• A complete procedure definition can also serve as its
own prototype
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
70
PROTO Directive
• Standard configuration: PROTO appears at top of the program
listing, INVOKE appears in the code segment, and the procedure
implementation occurs later in the program:
MySub PROTO
; procedure prototype
.code
INVOKE MySub
; procedure call
MySub PROC
.
.
MySub ENDP
; procedure implementation
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
71
PROTO Example
• Prototype for the ArraySum procedure, showing its
parameter list:
ArraySum PROTO,
ptrArray:PTR DWORD,
szArray:DWORD
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
; points to the array
; array size
72
Parameter Classifications
• An input parameter is data passed by a calling program to a
procedure.
• The called procedure is not expected to modify the
corresponding parameter variable, and even if it does, the
modification is confined to the procedure itself.
• An output parameter is created by passing a pointer to a variable
when a procedure is called.
• The procedure does not use any existing data from the variable,
but it fills in a new value before it returns.
• An input-output parameter is a pointer to a variable containing input
that will be both used and modified by the procedure.
• The variable passed by the calling program is modified.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
73
Trouble-Shooting Tips
• Save and restore registers when they are modified by a
procedure.
• Except a register that returns a function result
• When using INVOKE, be careful to pass a pointer to the correct
data type.
• For example, MASM cannot distinguish between a DWORD
argument and a PTR BYTE argument.
• Do not pass an immediate value to a procedure that expects a
reference parameter.
• Dereferencing its address will likely cause a generalprotection fault.
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
74
53 68 75 72 79 6F
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
75
Java Bytecodes
• Stack-oriented instruction format
• operands are on the stack
• instructions pop the operands, process, and push
result back on stack
• Each operation is atomic
• Might be be translated into native code by a just in
time compiler
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
76
Java Virual Machine (JVM)
• Essential part of the Java Platform
• Executes compiled bytecodes
• machine language of compiled Java programs
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
77
Java Methods
• Each method has its own stack frame
• Areas of the stack frame:
• local variables
• operands
• execution environment
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
78
Bytecode Instruction Format
• 1-byte opcode
• iload, istore, imul, goto, etc.
• zero or more operands
• Disassembling Bytecodes
• use javap.exe, in the Java Development Kit (JDK)
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
79
Primitive Data Types
• Signed integers are in twos complement format,
stored in big-endian order
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
80
JVM Instruction Set
• Comparison Instructions pop two operands off the
stack, compare them, and push the result of the
comparison back on the stack
• Examples: fcmp and dcmp
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
81
JVM Instruction Set
• Conditional Branching
• jump to label if st(0) <= 0
ifle label
• Unconditional Branching
• call subroutine
jsr label
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
82
Java Disassembly Examples
• Adding Two Integers
int
int
int
sum
A =
B =
sum
= A
3;
2;
= 0;
+ B;
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
83
Java Disassembly Examples
• Adding Two Doubles
double A = 3.1;
double B = 2;
double sum = A + B;
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
84
Java Disassembly Examples
• Conditional Branch
double A = 3.0;
boolean result = false;
if( A > 2.0 )
result = false;
else
result = true;
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
85
Summary
• Stack parameters
• more convenient than register parameters
• passed by value or reference
• ENTER and LEAVE instructions
• Local variables
• created on the stack below stack pointer
• LOCAL directive
• Recursive procedure calls itself
• Calling conventions (C, stdcall)
• MASM procedure-related directives
• INVOKE, PROC, PROTO
• Java Bytecodes – another approch to programming
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
86
53 68 75 72 79 6F
Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010.
87
Related documents
Chapter 5
Chapter 5
ch.5
ch.5
Some Notes on Reverse Engineering and x86 Assembly
Some Notes on Reverse Engineering and x86 Assembly
local variables - ICS 312 - Machine
local variables - ICS 312 - Machine
Chapter 3
Chapter 3
local variables
local variables
Solution - Michael J. Geiger, Ph.D.
Solution - Michael J. Geiger, Ph.D.
push ebp - Fullerton College Staff Web Pages
push ebp - Fullerton College Staff Web Pages
slides
slides
Hello ASM World: A Painless and Contextual Introduction to x86
Hello ASM World: A Painless and Contextual Introduction to x86
Chapter 2 - Fullerton College Staff Web Pages
Chapter 2 - Fullerton College Staff Web Pages
section3
section3
x86 Quick Overview - UT Computer Science
x86 Quick Overview - UT Computer Science
60-266 Lab 1
60-266 Lab 1