Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to assembly language programming and Computer Architecture By Anand George SourceLens.org Copyright. All rights reserved. Content Owner -

Published byAustin Goodman Modified over 7 years ago

Similar presentations

Presentation on theme: "Introduction to assembly language programming and Computer Architecture By Anand George SourceLens.org Copyright. All rights reserved. Content Owner -"— Presentation transcript:

1 Introduction to assembly language programming and Computer Architecture
By Anand George SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

2 Agenda Understanding of basic computer architecture
Introduction to x86 CPU architecture. Introduction to x86 instruction sets. Examples and demos. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

3 Why we need to learn assembly?
Better understanding of the output code generated by the complier. Understand different C language features better, by looking at the assembly generated for them. Certain language features like pointers, calling conventions etc are very difficult to understand without knowing the equivalent assembly code. Many other … reverse engineering…debugging…optimizing etc are some incomplete list. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

4 Basic Computer Architecture
Motherboard Memory which contain instruction and data. Devices Bus Controllers DMA Disk CPU NIC Buses Buses USB SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

5 CPU Chip in the Motherboard.
Connected to devices and memory directly via buses and bus controllers. Buses are practically wires. Fetch and execute instructions from memory. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

6 CPU Registers. CPU contain small internal memory regions
Small and very fast access compared to the main memory. They are called registers and are well defined for a particular make of CPU. Note ( Cache is not going be relevant to discussion ) SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

7 Working in a nutshell Programs are loaded into the memory.
CPU start executing it from the memory. CPU Mostly does following 3 things Read data from memory or devices to some register Modify ( also can be said process ) the data Write back to memory or devices. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

8 Example – Adding 2 numbers
Suppose you have a program which add 2 number and display the output. You type the 2 input numbers in the keyboard. CPU read those 2 numbers from the Keyboard into CPU registers. ( read ) Add values in registers. ( modify / process ) Result is written to video memory to display.( write ) SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

9 Note CPU do the processing mainly on values in registers due to performance reason an not on memory or device directly. Registers are like wallet for a CPU – Wallet is what you use immediate purchases ( processing ) but we cant put entire bank ( memory ) account amount to wallet as wallet is small. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

10 Understanding Data and Code
Memory normally contain programs. Programs are nothing but binary data. The binary information constitutes a program can be divided in 2 types Code Data SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

11 Code and Data Code is command to the CPU and instruct the CPU what to do with the data already given or going to give. Example. Suppose a Baby is CPU and following are the instructions given to baby Drink Milk Smile Close eyes Go to Sleep SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

12 Code and Data Drink, Smile, Close, Goto are Code.
Milk, Mouth, eyes, Sleep are data. Note that Mouth is implicit kind of data which is very common when it come to real CPU. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

13 Intel 32 bit CPU registers
Many – we concentrate on very few which are important for the time begin. All are 32 bit in size EAX, EBX, ECX, EDX, ESI, EDI, EBP ESP, EIP and EFLAGS. ESP, EIP are strictly special purpose. ECX, ESI, EDI are occasional special purpose. EAX, EBX, EBP, EDX are normally general purpose although use of EBP as special purpose is complier dependent. ( No restriction from CPU or any instruction dependents on them ) EFLAGS is also special purpose but it is different from other registers from the fact that it is the bits inside the registers are being used than the register as a whole ( details later ). SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

14 Demo View CPU registers in visual Studio in a hello world C application. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

15 Intel x86 32 bit Registers CPU Mostly Used Registers EAX ESI EBX EDI
ECX EBP ECX ESP EIP EFLAGS Control Register and others ( CR0 to CR4, DR0 to DR7, TR3 to TR7, GDTR, IDTR etc ) Segment Registers Special co processor registers like MMX, FL unit Reg etc SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

16 Registers and Programming
Registers are the programmer visible part of the CPU. From a programmers perspective Registers are CPU. All the programming language complier ( or complier plus runtime ) create one way or the other binary instruction to the CPU to which the program is targeted to. No Exception whatsoever. ( C#, java, perl, javascript or C/C++) SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

17 Special Purpose registers
Certain instructions uses some registers implicitly. In the example of Baby for the instruction SMILE the baby has to use the mouth ( special purpose register ). Again Mouth can be used for EATING as well so it is not strict special purpose. Lets consider the instruction HEAR to the baby now it has to use the EAR ( strict special purpose register ) to do it. And Ear normally cannot be used for anything else other than HEAR. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

18 EIP ( Instruction pointer )
Very Strict Special Purpose Always points to CODE which is the next instruction the CPU is going execute. EIP is Extended Institution Pointer. All instructions depends on this register value. Controls the flow of the program in general. Like the steering of a CAR. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

19 Demo EIP in visual Studio
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

20 ESP ( Stack pointer ) Normally a program has 100s of instructions if not 1000s. All programs need some temporary storage to keep track of immediate states of variables, flow etc. To manage that all program uses a small chunk of memory called stack. ESP register always points to the top of the stack. PUSH, POP, RET are some of the instructions depends on ESP. Normally non of the compliers use ESP for any other purpose other than point to stack of a thread ( program ). So it is normally a strict special purpose register. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

21 Demo ESP In Visual Studio
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

22 EFLAGS CF ZF SF DF OF Bit Label Description CF Carry flag 2 PF Parity flag 4 AF Auxiliary carry flag 6 ZF Zero flag 7 SF Sign flag 8 TF Trap flag 9 IF Interrupt enable flag 10 DF Direction flag 11 OF Overflow flag IOPL I/O Privilege level 14 NT Nested task flag 16 RF Resume flag 17 VM Virtual 8086 mode flag 18 AC Alignment check flag 19 VIF Virtual interrupt flag 20 VIP Virtual interrupt pending flag 21 ID ID flag SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

23 EFLAGS Set or cleared by results of operation like addition, subtraction etc. Some operations ( INC, DEC ) are “signed” which means the CPU will take care of the sign part of the number. Will restrict our discussion to Operation result based flags. Mainly Carry, Zero, Signed, Direction, Overflow. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

24 Operation based flags. CPU clear or set the flag after an operation if required. That is how the programmer “Check” the result of certain operations. We will be revisiting this when we discuss Jump instruction later to get a complete picture. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

25 Carry Flag Will be set ( value 1 ) if the result of previous operation is more than the maximum value the target register can hold. Mainly used for unsigned calculations. Result of a operation cannot be higher than the maximum value a register can hold. ( unlike the normal math ) Carry flag indicate that result of the operation is to huge and the value in the result register is not correct. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

26 Zero Flag Will be set if the result of an operation is zero.
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

27 Sign Flag Will be set if the most significant bit of the result register after an operation is 1. Which mean the result number is negative. Used in signed arithmetic. Can be used to check the result of the operation was positive value or negative value. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

28 Overflow flag Like a carry flag for signed operation.
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

29 Demo For assembly language practical - again all you need is Visual Studio no assembler etc. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

30 Instructions - MOV One of the very basic x86 instructions.
Move data between memory and CPU register and vice versa. Move data between 2 CPU registers. Lot of instruction which indirectly do what MOV does like LEA, PUSH, POP..some are faster than MOV. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

31 Demo MOV instruction in visual studio.
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

32 Some common Operations
Add – ADD Subtract – SUB OR AND XOR Shift SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

33 Demo Sum of 2 numbers Other operations
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

34 Jump instructions JMP – Unconditional Jump JNZ – jump if not zero.
Jump instructions change EIP register which means it changes the flow of execution. So many types of Jumps based on all the flags we discussed. We don’t care them as we are not going to program in assembly but only going to understand. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

35 Demo Jump instruction. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

36 Instruction which uses stack pointer.
PUSH POP RET PUSH and POP are more or less MOV instructions based on stack pointer. RET is more or less a JUMP based on stack pointer. All instructions used by Functions in C SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

37 CALL instruction Similar to Jump but again does some additional actions on stack. Normally used for function calls. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

38 Demo PUSH, POP, RET and CALL
SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

39 Functions and calling convention in C
How the arguments are passed to the stack of callee. Who is cleaning up the ( incrementing the stack pointer) stack. C calling convention standard calling convention other exist like thiscall, fastcall, x64 etc. all depends on complier. caller and callee should follow the calling convention. Normally programmer don’t have to bother but if you linking to a dynamically loaded binary’s function pointer complier is not there to give error. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

40 Pro-Con C-calling convention Std Caller cleans the stack
Caller manage the stack Std Callee cleans the stack Callee manage the stack SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

41 Pro-Con C-calling convention Std support variable number of arg.
will generate more code and binary will become big Std small binary no variable args. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

42 Lot more on assembly..but we may not need..
How to go from here? Look at the assembly generated by the programs in previous sessions. Get acquainted with the assembly instruction pattern. Fill up if there is some gaps in required knowledge in the exercise. Make sure we are all set to start pointers in C. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

43 Demo Cdecl or c calling convention.
stdcall or standard calling convention. looking at assembly and understanding the difference. SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

44 Thank you SourceLens.org Copyright. All rights reserved. Content Owner - Meera R (meera at sourcelens.org)

Download ppt "Introduction to assembly language programming and Computer Architecture By Anand George SourceLens.org Copyright. All rights reserved. Content Owner -"

Similar presentations

Practical Malware Analysis

Practical Malware Analysis
Assembly Language for x86 Processors 6th Edition Chapter 5: Procedures (c) Pearson Education, 2010. All rights reserved. You may modify and copy this slide.

Assembly Language for x86 Processors 6th Edition Chapter 5: Procedures (c) Pearson Education, All rights reserved. You may modify and copy this slide.
C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014.

C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014.
IA-32 Processor Architecture

IA-32 Processor Architecture
© 2006 Pearson Education, Upper Saddle River, NJ 07458. All Rights Reserved.Brey: The Intel Microprocessors, 7e Chapter 2 The Microprocessor and its Architecture.

© 2006 Pearson Education, Upper Saddle River, NJ All Rights Reserved.Brey: The Intel Microprocessors, 7e Chapter 2 The Microprocessor and its Architecture.
PC hardware and x86 3/3/08 Frans Kaashoek MIT

PC hardware and x86 3/3/08 Frans Kaashoek MIT
1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.

1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.
1 Lecture 5: Procedures Assembly Language for Intel-Based Computers, 4th edition Kip R. Irvine.

1 Lecture 5: Procedures Assembly Language for Intel-Based Computers, 4th edition Kip R. Irvine.
Assembly Language for Intel-Based Computers Chapter 2: IA-32 Processor Architecture Kip Irvine.

Assembly Language for Intel-Based Computers Chapter 2: IA-32 Processor Architecture Kip Irvine.
ICS312 Set 3 Pentium Registers. Intel 8086 Family of Microprocessors All of the Intel chips from the 8086 to the latest pentium, have similar architectures.

ICS312 Set 3 Pentium Registers. Intel 8086 Family of Microprocessors All of the Intel chips from the 8086 to the latest pentium, have similar architectures.
© 2006 Pearson Education, Upper Saddle River, NJ 07458. All Rights Reserved.Brey: The Intel Microprocessors, 7e Chapter 2 The Microprocessor and its Architecture.

© 2006 Pearson Education, Upper Saddle River, NJ All Rights Reserved.Brey: The Intel Microprocessors, 7e Chapter 2 The Microprocessor and its Architecture.
1 Homework Reading –PAL, pp 127-152 Machine Projects –MP2 due at start of Class 12 Labs –Continue labs with your assigned section.

1 Homework Reading –PAL, pp Machine Projects –MP2 due at start of Class 12 Labs –Continue labs with your assigned section.
CEG 320/520: Computer Organization and Assembly Language ProgrammingIntel Assembly 1 Intel IA-32 vs Motorola 68000.

CEG 320/520: Computer Organization and Assembly Language ProgrammingIntel Assembly 1 Intel IA-32 vs Motorola
6.828: PC hardware and x86 Frans Kaashoek

6.828: PC hardware and x86 Frans Kaashoek
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Fall 2012 Chapter 2: x86 Processor Architecture. Irvine, Kip R. Assembly Language for x86 Processors 6/e, 2010. 2 Chapter Overview General Concepts IA-32.

Fall 2012 Chapter 2: x86 Processor Architecture. Irvine, Kip R. Assembly Language for x86 Processors 6/e, Chapter Overview General Concepts IA-32.
CET 3510 Microcomputer Systems Tech. Lecture 2 Professor: Dr. José M. Reyes Álamo.

CET 3510 Microcomputer Systems Tech. Lecture 2 Professor: Dr. José M. Reyes Álamo.
1 ICS 51 Introductory Computer Organization Fall 2009.

1 ICS 51 Introductory Computer Organization Fall 2009.
Microprocessors The ia32 User Instruction Set Jan 31st, 2002.

Microprocessors The ia32 User Instruction Set Jan 31st, 2002.
CNIT 127: Exploit Development Ch 1: Before you begin.

CNIT 127: Exploit Development Ch 1: Before you begin.

Similar presentations

Ads by Google