1. Machine-Level Representation of Programs II

2. Outline Conditional codes Jump instructions Loop Control Switch
Suggested reading
Chap 3.6

3. Special Arithmetic Operations
imull S
R[%edx]:R[%eax] S*R[%eax]
Signed full multiply
mull S
Unsigned full multiply
Cltd
R[%edx]:R[%eax]  SignExtend(R[%eax])
Convert to quad word
idiv S
R[%edx]  R[%edx]:R[%eax] mod S
R[%eax]  R[%edx]:R[%eax]  S
Signed divide
divl S
R[%edx] R[%edx]:R[%eax] mod S
Unsigned divide

4. Examples Initially x at %ebp+8, y at %ebp+12 1 movl 8(%ebp), %eax
2 imull 12(%ebp)
3 pushl %edx
4 pushl %eax
2 cltd
3 idivl 12(%ebp)
5 pushl %edx

5. Assembly Programmer’s ViewFF BF 7F 3F C0 80 40 00
Stack
DLLs
Text
Data
Heap 08
%eax
%edx
%ecx
%ebx
%esi
%edi
%esp
%ebp
%al
%ah
%dl
%dh
%cl
%ch
%bl
%bh
%eip
%eflag
Addresses
Instructions

6. Condition codes Condition codes A set of single-bit
Maintained in a condition code register
Describe attributes of the most recently arithmetic or logical operation

7. Condition codes EFLAGS CF: Carry Flag
The most recent operation generated a carry out of the most significant bit
Used to detect overflow for unsigned operations
OF: Overflow Flag
The most recent operation caused a two’s complement overflow — either negative or positive

8. Condition codes EFLAGS ZF: Zero Flag
The most recent operation yielded zero
SF: Sign Flag
The most recent operation yielded a negative value

9. Setting Conditional Codes
Implicit Setting By Arithmetic Operations
addl Src,Dest
C analog: t = a+b
CF set if carry out from most significant bit
Used to detect unsigned overflow
ZF set if t == 0
SF set if t < 0
OF set if two’s complement overflow
(a>0 && b>0 && t<0) || (a<0 && b<0 && t>=0)

10. Conditional Code lea instruction Xorl instruction Shift instruction
has no effect on condition codes
Xorl instruction
The carry and overflow flags are set to 0
Shift instruction
carry flag is set to the last bit shifted out
Overflow flag is set to 0

11. Setting Conditional Codes
Explicit Setting by Compare Instruction
cmpl Src2,Src1
cmpl b,a like computing a-b without setting destination
CF set if carry out from most significant bit
Used for unsigned comparisons
ZF set if a == b
SF set if (a-b) < 0
OF set if two’s complement overflow
(a>0 && b<0 && (a-b)<0) ||
(a<0 && b>0 && (a-b)>0)

12. Setting Conditional Codes
Explicit Setting by Test instruction
testl Src2,Src1
Sets condition codes based on value of Src1 & Src2
Useful to have one of the operands be a mask
testl b,a like computing a&b without setting destination
ZF set when a&b == 0
SF set when a&b < 0

13. Accessing Conditional Codes
The condition codes cannot be read directly
One of the most common methods of accessing them is
setting an integer register based on some combination of condition codes
Set commands

14. Accessing Conditional Codes
After each set command is executed
A single byte to 0 or to 1 is obtained
The descriptions of the different set commands apply to the case
where a comparison instruction has been executed

15. Accessing Conditional Codes
Instruction
Synonym
Effect
Set Condition
Sete
Setz ZF
Equal/zero
Setne
Setnz
~ZF
Not equal/not zero
Sets SF
Negative
Setns
~SF
Nonnegative
Setl
Setnge
SF^OF
Less
Setle
Setng
(SF^OF)|ZF
Less or Equal
Setg
Setnle
~(SF^OF)&~ZF
Greater
Setge
Setnl
~(SF^OF)
Greater or Equal
Seta
Setnbe
~CF&~ZF
Above
Setae
Setnb
~CF
Above or equal
Setb
Setnae CF
Below
Setbe
Setna
CF|ZF
Below or equal

16. Accessing Conditional Codes
The destination operand is either
one of the eight single-byte register elements or
a memory location where the single byte is to be stored
To generate a 32-bit result
we must also clear the high-order 24 bits

17. Accessing Conditional Codes
Initially a is in %edx, b is in %eax
1 cmpl %eax, %edx #compare a:b
2 setl %al #set low order by to 0 or 1
3 movzbl %al, %eax
#set remaining bytes of %eax to 0

18. Two of the most important parts of program execution
Control
Two of the most important parts of program execution
Data flow (Accessing and operating data)
Control flow (control the sequence of operations)

19. Sequential execution is default
Control
Sequential execution is default
the instructions are executed in the order they appear in the program
Chang the control flow
Jump instructions

20. Jump Instructions
1 xorl %eax, %eax Set %eax to 0
2 jmp .L1 Goto .L1
3 movl (%eax), %edx Null pointer dereference
4 .L1:
5 popl %edx

21. Jumps unconditionally Direct jump: jmp label
Unconditional jump
Jumps unconditionally
Direct jump: jmp label
jmp .L
Indirect jump: jmp *Operand
jmp *%eax
jmp *(%eax)

22. Conditional jump
Either jump or continue executing at the next instruction in the code sequence
Depending on some combination of the condition codes
All direct jump

23. Jump Instructions jle .L2 .L5: movl %edx, %eax sarl $1, %eax
subl %eax, %edx
Leal (%edx, %edx, 2), %edx
testl %edx, %edx
jg L5
9 .L2:
10 movl %edx, %eax

24. Example for Jump 8: 7e 0d jle 17<silly+0x17>
a: 89 d0 mov %edx, %eax dest1:
3 c: c1 f8 sar %eax
e: 29 c2 sub %eax, %edx
10: 8d lea (%edx, %edx, 2), %edx
6 13: 85 d2 test %edx, %edx
15: 7f f3 jg a<silly+0x10>
17: 89 d0 movl %edx, %eax dest2:
d+a = 17
17+f3(-d) =a

25. Example for Jump 804839c: 7e 0d jle 17<silly+0x17>
804839e: 89 d0 mov %edx, %eax dest1:
a0: c1 f8 sar %eax
80483a2: 29 c2 sub %eax, %edx
80483a4: 8d lea (%edx, %edx, 2), %edx
a7: 85 d2 test %edx, %edx
80483a9: 7f f3 jg a<silly+0x10>
80483ab: 89 d0 movl %edx, %eax dest2:
d e = 80483ab
80483ab+f3(-d) = e

26. Jump Instructions PC-relative Absolute address
Jump target is an offset relative to the address of the instruction just followed jump (pointed by PC)
Absolute address
Jump target is an absolute address

27. Loop

28. Control Constructs in C
Gotos
goto L
break
continue
Branch
if () { } else { }
switch () { }

29. Control Constructs in C
Loop
while () { }
do { } while ()
for (init; test; incr) { }

30. Translating Conditional Branches
t = test-expr ;
if ( t )
goto true ;
else-statement
goto done
true:
then-statement
done:
if ( test-expr )
then-statement
else
else-statement

31. Translating Conditional Branches
int absdiff(int x, int y) {
if (x < y)
return y – x;
else
return x – y; }
int absdiff(int x, int y) {
int rval ;
if (x < y)
goto less
rval = x – y ;
goto done;
less:
rval = y – x;
done:
return rval; }

32. Jump Instructions movl 8(%ebp), %edx get x movl 12(%ebp), %eax get y
cmpl %eax, %edx cal x - y
jl .L if x < y goto less
subl %eax, %edx compute x - y
movl %edx, %eax set return val
jmp .L5 goto done
.L3: less:
subl %edx, %eax compute y – x
.L5: done: Begin Completion code

33. Do-while Translation do body-statement while (test-expr) loop:
t = test-expr;
if ( t )
goto loop ;

34. Do-while Translation .L6: lea (%ebx, %edx), %eax movl %edx, %ebx
movl %eax, %edx
incl %ecx
cmpl %esi, %ecx
jl L6
movl %ebx, %eax
int fib_dw(int n) {
int i = 0;
int val = 0 ;
int nval = 1 ;
do {
int t = val + nval ;
val = nval ;
nval = t ;
i++;
} while ( i<n) ;
return val ; }
register
value
initially
%ecx i
%esi n
%ebx
val
%edx
nval 1
%eax t -

35. While Loop Translation
while (test-expr)
body-statement
loop: if ( !test-expr)
t = test-expr goto done;
if ( !t ) do
goto done; body-statement
body-statement while(test-expr)
goto loop; done:
done:

36. While Loop Translation
int fib_w_goto(int n) {
int val=1;
int nval=1;
int nmi, t ;
if ( val >= n )
goto done ;
nmi = n-1;
loop:
t=val+nval ;
val = nval ;
nval = t ;
nmi--;
if ( nmi )
goto loop
done:
return val }
int fib_w(int n) {
int i=1;
int val=1;
int nval=1;
while ( i<n ) {
int t=val+nval ;
val = nval ;
nval = t ;
i++; }
return val ;

37. While Loop Translation
Register usage
Register
Variable
Initially
%edx
nmi
n-1
%ebx
val 1
%ecx
nval
movl 8(%ebp), %eax
movl $1, %ebx
movl $1, %ecx
cmpl %eax, ebx
jge .L9
lea –1(%eax), %edx
.L10:
lea (%ecx, %ebx), %eax
movl %ecx, %ebx
movl %eax, %ecx
decl %edx
jnz .L10
.L9:

38. While Loop Translation
/* strcpy: copy t to s; pointer version 2 */
void strcpy(char *s, char *t){
while ((*s = *t) != '\0') {
s++ ;
t++ ; }

39. While Loop Translation
movl 12(%ebp), %eax
movzbl (%eax), %edx
movl 8(%ebp), %eax
movb %dl, (%eax)
movzbl (%eax), %eax
testb %al, %al
jne L3
popl %ebp
ret
_strcpy:
pushl %ebp
movl %esp, %ebp
jmp L2
L3:
addl $1, 8(%ebp)
addl $1, 12(%ebp)

40. For Loop Translation for ( init-expr; test-expr; update-expr)
body-statement
init-expr
while ( test-expr) {
body-statement
update-expr }

41. For Loop Translation
/* strcmp: return <0 if s<t, 0 if s==t, >0 if s>t */
int strcmp(char *s, char *t) {
for (; *s == *t ; s++, t++)
if (*s == '\0')
return 0;
return *s - *t; }

42. For Loop Translation _strcmp: pushl %ebp movl %esp, %ebp subl $4, %esp
jmp L2
L5:
movl 8(%ebp), %eax
movzbl (%eax), %eax
testb %al, %al
jne L3
movl $0, -4(%ebp)
jmp L4
L3:
addl $1, 8(%ebp)
addl $1, 12(%ebp)
L2:
movl 8(%ebp), %eax
movzbl (%eax), %edx
movl 12(%ebp), %eax
movzbl (%eax), %eax
cmpb %al, %dl
je L5

43. For Loop Translation movl 8(%ebp), %eax movzbl (%eax), %eax
movsbl %al,%edx
movl 12(%ebp), %eax
movsbl %al,%eax
movl %edx, %ecx
subl %eax, %ecx
movl %ecx, -4(%ebp)
L4:
movl -4(%ebp), %eax
leave
ret

44. Conditional Move Original C code 1 int absdiff(int x, int y) {
2 return x < y ? y-x : x-y;
3 }
(b) Implementation using conditional assignment
1 int cmovdiff(int x, int y) {
2 int tval = y-x;
3 int rval = x-y;
4 int test = x < y;
5 /* Line below requires
single instruction: */
7 if (test) rval = tval;
8 return rval;
9 } 44 44

45. Conditional Move (c) Generated assembly code %ecx x
(x at %ebp+8, y at %ebp+12)
movl 8(%ebp), %ecx Get x
movl 12(%ebp), %edx Get y
movl %edx, %ebx Copy y
subl %ecx, %ebx Compute y-x
movl %ecx, %eax Copy x
subl %edx, %eax Compute x-y and set as return value
cmpl %edx, %ecx Compare x:y
cmovl %ebx, %eax If < , replace return value with y-x
%ecx x
%edx y
%ebx y-x
%eax x-y 45 45

46. Conditional Move instructions suppose that “there is no side effect”
Invalid Situation
Conditional Move instructions suppose that “there is no side effect”
int cread(int *xp) {
return (xp ? *xp : 0); } 46 46

47. Switch

48. Switch Statements int switch_eg(int x, int n) { int result = x ;
switch ( n ) {
case 100:
result *= 13 ;
break ;
case 102:
result += 10 ;
/* fall through */
case 103
result += 11;
break ;
case 104: case 106:
result *= result ;
default:
result = 0 ; }
return result ;

49. Properties of Switch Construct
Integer testing
Multiple outcomes (may be a large number)
Improve the readability of the source code

50. Switch Statements int switch_eg(int x, int n) { int result = x ;
switch ( n ) {
case 100:
result *= 13 ;
break ;
case 102:
result += 10 ;
/* fall through */
case 103
result += 11;
break ;
case 104: case 106:
result *= result ;
default:
result = 0 ; }
return result ;
Multiple cases
Integer testing

51. Switch Form
switch(op) {
case val_0:
Block 0
case val_1:
Block 1
• • •
case val_n-1:
Block n–1 }

52. Efficient implementation Avoid long sequence of if-else statement
Jump Table
Efficient implementation
Avoid long sequence of if-else statement
Criteria
the number of cases and the sparcity of the case value

53. Jump Table Implementation
Jump Targets
Targ0
Targ1
Targ2
Targn-1 •
jtab:
Code Block 0
Targ0:
Code Block 1
Targ1:
Code Block 2
Targ2:
Code Block n–1
Targn-1: •
Approx. Translation
target = JTab[op];
goto *target;

54. Switch Statements int switch_eg(int x, int n) { int result = x ;
switch ( n ) {
case 100:
result *= 13 ;
break ;
case 102:
result += 10 ;
/* fall through */
case 103
result += 11;
break ;
case 104: case 106:
result *= result ;
default:
result = 0 ; }
return result ;

55. Jump Table Implementation
code jt[7] = {loc_a, loc_def, loc_b, loc_c, loc_d, loc_def, loc_d};
int switch_eg_goto ( int x, int n) {
unsigned ni = n - 100;
int result = x ;
if ( ni >6 )
goto loc_def ; //default
goto jt[xi];
loc_a: //100
result *= 13 ;
goto done ;
loc_b: //102
result += 10 ; /* fall through*/
loc_c: //103
result +=11;
goto done ;
loc_d: //104, 106
result *= result ;
loc_def: //default
result = 0 ;
done:
return result ; }

56. Jump Table .section .rodata .align 4 .L7: .long .L3 case 100: loc_a
.long .L2 case 101: loc_def
.long .L4 case 102: loc_b
.long .L5 case 103: loc_c
.long .L6 case 104: loc_d
.long .L2 case 105: loc_def
.long .L6 case 106: loc_d

57. Jump Table Implementation
movl 8(%ebp), %edx get x
movl 12(%ebp), %eax get n
subl $100, %eax compute index = n – 100
cmpl $6, %eax compare index:6
ja .L2 If > , goto default
jmp *.L7(, %eax, 4)
.L2: default:
mov $0, %eax result = 0
jmp .L8 goto done

58. Jump Table Implementation
.L5: loc_c: // 103
movl %edx, %eax result = x
jmp .L9 goto rest
.L3: loc_a: // 100
leal (%edx, %edx, 2), %eax result = x * 3
leal (%edx, %eax, 4), %eax result = x + 4 * result
jmp .L8 goto done
.L4: loc_b: // 102
leal 10(%edx), %eax result = x + 10

59. Jump Table Implementation
.L9: rest: // fall through
addl $11, %eax result += 11
jmp .L8 goto done
.L6: loc_d: // 104, 106
movl %edx, %eax result = x
imull %edx, %eax result *= x
.L8: done: