Presentation is loading. Please wait.

Presentation is loading. Please wait.

Recitation 2: Assembly & gdb Andrew Faulring 15213 Section A 16 September 2002.

Published byGillian Burke Modified over 8 years ago

Similar presentations

Presentation on theme: "Recitation 2: Assembly & gdb Andrew Faulring 15213 Section A 16 September 2002."— Presentation transcript:

1 Recitation 2: Assembly & gdb Andrew Faulring 15213 Section A 16 September 2002

2 Andrew Faulring faulring@cs.cmu.edu Office hours: –NSH 2504 (lab) / 2507 (conference room) –Normally Thursday 5–6 –THIS WEEK: Wednesday 5–6

3 Today’s Plan Preparing for Lab2 –due Thursday, 26 Sep @ 11:59PM Assembly programming C to ASM –Using gdb ASM to C –Reverse engineering (like in Lab2)

4 Machine Model EIPEIP Registers CPU Memory Object Code Program Data Addresses Data Instructions Stack Condition Codes

5 Special Registers %eaxReturn Value %eipInstruction Pointer %ebpBase (Stack Frame) Pointer %espStack Pointer

6 Simple Addressing Modes $1010 (R)Mem[R] $10(R)Mem[R + 10] $0x10(R)Mem[R + 16]

7 Indexed Addressing Modes Generic Form D(Rb, Ri, S)Mem[Reg[Rb]+S*Reg[Ri]+D] Examples (Rb,Ri)Mem[Reg[Rb]+Reg[Ri]] D(Rb,Ri)Mem[Reg[Rb]+Reg[Ri]+D] (Rb,Ri,S)Mem[Reg[Rb]+S*Reg[Ri]]

8 Example 1: Arithmetic int func1(int a, int b) { int x, y; x = a + b; y = 2*x - b; return x*y; }

9 func1 assembly func1: push %ebp # save frame pointer mov %esp,%ebp # frame ptr = stack ptr mov 0xc(%ebp),%eax # %eax = b mov 0x8(%ebp),%ecx # %ecx = a add %eax,%ecx # %ecx = x = a + b lea (%ecx,%ecx,1),%edx # %edx = 2 * x sub %eax,%edx # %edx = y = 2 * x - b mov %ecx,%eax # %eax = x imul %edx,%eax # %eax = x * y mov %ebp,%esp # restore stack pointer pop %ebp # restore frame pointer ret

10 gdb GNU debugger Your friend for Lab2 Usage –gdb

11 gdb commands run : starts the program, can include command line arguments disas : disassembles code into asm print : used to print values of variables & memory x : examine memory contents step, next : step through code break : set breakpoints in the code

12 Using gdb with func1 break func1 run disas where print/x $eax print/x $ecx

13 Example 2: Control int func2(int a, int b) { if(a>b) return a; else return b; }

14 ASM for func2 func2: push %ebp # save frame pointer mov %esp,%ebp # frame ptr = stack ptr mov 0x8(%ebp),%edx # %edx = a mov 0xc(%ebp),%eax # %eax = b cmp %eax,%edx # a > b jle.L1 # a <= b mov %edx,%eax # return a.L1: # otherwise %eax = b mov %ebp,%esp # restore stack pointer pop %ebp # restore frame pointer ret

15 Example 3: int func3(int a, int b) { int r = 0xDEADBEEF; switch(a) { case 0: r = a; break; case 1: r = b; break; case 2: r = a+b; break; case 3: r = a-b; break; case 4: r = a*b; break; } return r; }

16 ASM for func3 # $edx = a, $ecx = b, $eax = 0xdeadbeef 0x8048453 : mov 0x8(%ebp),%edx 0x8048456 : mov 0xc(%ebp),%ecx 0x8048459 : mov $0xdeadbeef,%eax # go to default case, if a > 4 0x804845e : cmp $0x4,%edx 0x8048461 : ja 0x804848b # execute the jump … 0x8048463 : jmp *0x8048578(,%edx,4) 0x804846a : lea 0x0(%esi),%esi

17 ASM for func3 case 0: return a 0x8048470 : mov %edx,%eax 0x8048472 : jmp 0x804848b case 1: return b 0x8048474 : mov %ecx,%eax 0x8048476 : jmp 0x804848b 0x8048478 : lea (%ecx,%edx,1),%eax case 2: return a+b 0x8048478 : lea (%ecx,%edx,1),%eax 0x804847b : jmp 0x804848b 0x804847d : lea 0x0(%esi),%esi

18 ASM for func3 case 3: a-b 0x8048480 : mov %edx,%eax 0x8048482 : sub %ecx,%eax 0x8048484 : jmp 0x804848b case 4: a*b 0x8048486 : mov %edx,%eax 0x8048488 : imul %ecx,%eax

19 Addresses of the cases case 0: 0x8048470 case 1: 0x8048474 case 2: 0x8048478 case 3: 0x8048480 case 4: 0x8048486

20 The Jump Table 0x8048463 : jmp *0x8048578(,%edx,4) (gdb) x/5xw 0x8048578 0x8048578 : 0x08048470 0x08048474 0x08048478 0x08048480 0x8048588 : 0x08048486 %edx = a Jump to instruction with address MEM[0x8048578 + a*4]

21 Example 4: asm => c Dump of assembler code for function func4: 0x80483c0 : push %ebp 0x80483c1 : mov %esp,%ebp 0x80483c3 : mov 0x8(%ebp),%ecx 0x80483c6 : xor %eax,%eax 0x80483c8 : xor %edx,%edx 0x80483ca : cmp %ecx,%eax 0x80483cc : jge 0x80483d7 0x80483ce : mov %esi,%esi 0x80483d0 : add %edx,%eax 0x80483d2 : inc %edx 0x80483d3 : cmp %ecx,%edx 0x80483d5 : jl 0x80483d0 0x80483d7 : mov %ebp,%esp 0x80483d9 : pop %ebp 0x80483da : ret 0x80483db : nop End of assembler dump.

22 Examining func4 : pushl %ebp # save frame pointer movl %esp,%ebp # frame ptr = stack ptr movl 0x8(%ebp),%ecx # put arg1 into %ecx xorl %eax,%eax # zero %eax xorl %edx,%edx # zero %edx

23 Examining func4 cmpl %ecx,%eax # compare arg1 (%ecx) and %eax jge.L4 # jump to.L4 if arg1 <= %eax (0).L6: addl %edx,%eax # %eax = %eax + %edx incl %edx # %edx = %edx + 1 cmpl %ecx,%edx # compare arg1 (%ecx) and %edx jl.L6 # jump to.L06 if %edx < arg1.L4: movl %ebp,%esp # restore stack pointer popl %ebp # restore frame pointer ret

24 Name the variables %ecx: x (first argument) %eax: result %edx: i

25 func4 int func4(int x) // %ecx = x { int result = 0; // %eax = result int i; // %edx = i for (i = 0; i < x; i++) result += i; return result; }

Download ppt "Recitation 2: Assembly & gdb Andrew Faulring 15213 Section A 16 September 2002."

Similar presentations

Recitation 4 Outline Buffer overflow –Practical skills for Lab 3 Code optimization –Strength reduction –Common sub-expression –Loop unrolling Reminders.

Recitation 4 Outline Buffer overflow –Practical skills for Lab 3 Code optimization –Strength reduction –Common sub-expression –Loop unrolling Reminders.
15-213 Recitation 4: 09/30/02 Outline The Stack! Essential skill for Lab 3 –Out-of-bound array access –Put your code on the stack Annie Luo

Recitation 4: 09/30/02 Outline The Stack! Essential skill for Lab 3 –Out-of-bound array access –Put your code on the stack Annie Luo
Gnu Debugger (GDB) Topics Overview Quick Reference Card Readings: Quick Reference Card February 7, 2012 CSCE 212Honors Computer Organization.

Gnu Debugger (GDB) Topics Overview Quick Reference Card Readings: Quick Reference Card February 7, 2012 CSCE 212Honors Computer Organization.
1 Homework / Exam Turn in mp2 at start of class today Reading –PAL, pp 3-6, 361-367 Exam #1 next class –Open Book / Open Notes –NO calculators or other.

1 Homework / Exam Turn in mp2 at start of class today Reading –PAL, pp 3-6, Exam #1 next class –Open Book / Open Notes –NO calculators or other.
Machine Programming – Procedures and IA32 Stack CENG334: Introduction to Operating Systems Instructor: Erol Sahin Acknowledgement: Most of the slides are.

Machine Programming – Procedures and IA32 Stack CENG334: Introduction to Operating Systems Instructor: Erol Sahin Acknowledgement: Most of the slides are.
University of Washington Last Time For loops  for loop → while loop → do-while loop → goto version  for loop → while loop → goto “jump to middle” version.

University of Washington Last Time For loops  for loop → while loop → do-while loop → goto version  for loop → while loop → goto “jump to middle” version.
Machine-Level Programming I: Introduction Topics Assembly Programmer’s Execution Model Accessing Information Registers Memory Arithmetic operations CS.

Machine-Level Programming I: Introduction Topics Assembly Programmer’s Execution Model Accessing Information Registers Memory Arithmetic operations CS.
Machine-Level Programming III: Procedures Apr. 17, 2006 Topics IA32 stack discipline Register saving conventions Creating pointers to local variables CS213.

Machine-Level Programming III: Procedures Apr. 17, 2006 Topics IA32 stack discipline Register saving conventions Creating pointers to local variables CS213.
– 1 – 15-213, F’02 ICS05 Instructor: Peter A. Dinda TA: Bin Lin Recitation 4.

– 1 – , F’02 ICS05 Instructor: Peter A. Dinda TA: Bin Lin Recitation 4.
C Prog. To Object Code text text binary binary Code in files p1.c p2.c

C Prog. To Object Code text text binary binary Code in files p1.c p2.c
Stack Activation Records Topics IA32 stack discipline Register saving conventions Creating pointers to local variables February 6, 2003 CSCE 212H Computer.

Stack Activation Records Topics IA32 stack discipline Register saving conventions Creating pointers to local variables February 6, 2003 CSCE 212H Computer.
15-213 Recitation: Bomb Lab June 5, 2015 Dipayan Bhattacharya.

Recitation: Bomb Lab June 5, 2015 Dipayan Bhattacharya.
Machine-Level Programming 3 Control Flow Topics Control Flow Switch Statements Jump Tables.

Machine-Level Programming 3 Control Flow Topics Control Flow Switch Statements Jump Tables.
Y86 Processor State Program Registers

Y86 Processor State Program Registers
1 Carnegie Mellon Stacks 15-213: Introduction to Computer Systems Recitation 5: September 24, 2012 Joon-Sup Han Section F.

1 Carnegie Mellon Stacks : Introduction to Computer Systems Recitation 5: September 24, 2012 Joon-Sup Han Section F.
University of Washington x86 Programming III The Hardware/Software Interface CSE351 Winter 2013.

University of Washington x86 Programming III The Hardware/Software Interface CSE351 Winter 2013.
Fabián E. Bustamante, Spring 2007 Machine-Level Programming III - Procedures Today IA32 stack discipline Register saving conventions Creating pointers.

Fabián E. Bustamante, Spring 2007 Machine-Level Programming III - Procedures Today IA32 stack discipline Register saving conventions Creating pointers.
Recitation 4: The Stack & Lab3 Andrew Faulring 15213 Section A 30 September 2002.

Recitation 4: The Stack & Lab3 Andrew Faulring Section A 30 September 2002.
1 #include void silly(){ char s[30]; gets(s); printf(%s\n,s); } main(){ silly(); return 0; }

1 #include void silly(){ char s[30]; gets(s); printf("%s\n",s); } main(){ silly(); return 0; }
15-213 Recitation 2 – 2/11/02 Outline Stacks & Procedures Homogenous Data –Arrays –Nested Arrays Mengzhi Wang Office Hours: Thursday.

Recitation 2 – 2/11/02 Outline Stacks & Procedures Homogenous Data –Arrays –Nested Arrays Mengzhi Wang Office Hours: Thursday.

Similar presentations

Ads by Google