1. Carnegie Mellon
Ithaca College
Machine-Level Programming IV Control Comp 21000: Introduction to Computer Organization & Systems Systems book chapter 3*

2. Today Control: Condition codes Conditional branches Loops
Ithaca College
Today
Control: Condition codes
Conditional branches
Loops
Switch Statements

3. Processor State (x86-64, Partial)
Ithaca College
Processor State (x86-64, Partial)
Information about currently executing program
Temporary data ( %rax, … )
Location of runtime stack ( %rsp )
Location of current code control point ( %rip, … )
Status of recent tests ( CF, ZF, SF, OF )
Registers
%rsp
%r8
%r9
%r10
%r11
%r12
%r13
%r14
%r15
%rax
%rbx
%rcx
%rdx
%rsi
%rdi
%rbp
Instruction pointer
%rip
Current stack top CF ZF SF OF
Condition codes

4. Condition Codes (Implicit Setting)
Ithaca College
Condition Codes (Implicit Setting)
Single bit registers
CF Carry Flag (for unsigned) SF Sign Flag (for signed)
ZF Zero Flag OF Overflow Flag (for signed)
Implicitly set (think of it as side effect) by arithmetic operations
Example: addq Src,Dest ↔ t = a+b
CF set if carry out from most significant bit (unsigned overflow)
ZF set if t == 0
SF set if t < 0 (as signed)
OF set if two’s-complement (signed) overflow (a>0 && b>0 && t<0) || (a<0 && b<0 && t>=0)
Not set by leaq instruction

5. Note that these flags are set just like we talked about in chapter 2!
Condition Codes
Examples: assume %rax contains 20
addl $10, %rax CF  0
ZF  0
SF  0
OF  0
subl $50, %rax CF  0
SF  1
Note that these flags are set just like we talked about in chapter 2!

6. Condition Codes Single Bit Registers
CF Carry Flag SF Sign Flag
ZF Zero Flag OF Overflow Flag
Also implicitly Set By logical Operations
xorl Src,Dest
C analog: t = a ^ b (a = Src, b = Dest)
CF set to 0
ZF set if t == 0
SF set if t < 0
OF set to 0
For shift operations:
CF set to last bit shifted out

7. Condition Codes (Implicit Setting)
There are no Boolean types in assembly language.
There is no concept of Boolean operators in assembly language.
So what is there?
Bits
All we can do is look at bits. What those bits mean is determined by the context of the program.
Instructions set flags.
Other instructions take action based on the bits in those flags.
Don’t think about it as comparison as in the C language sense.

8. Condition Codes (Explicit Setting: Compare)
Ithaca College
Condition Codes (Explicit Setting: Compare)
Explicit Setting by Compare Instruction
cmpq Src2, Src1
cmpq b,a like computing a-b without setting destination
CF set if carry out from most significant bit (used for unsigned comparisons)
ZF set if a == b
SF set if (a-b) < 0 (as signed)
OF set if two’s-complement (signed) overflow (a>0 && b<0 && (a-b)<0) || (a<0 && b>0 && (a-b)>0)
Note: notice that the operands are in reverse order; b is the first operand , but we compute a – b!
Note 2: there are also cmpw and cmpb instructions.

9. Comparison and Boolean
In C
if (a < b )
Which is the same as
if (a – b < 0 )
a – b < 0 creates a Boolean value
In assembly
cmpq %rsi, %rdi
Assuming that %rdi contains a and %rsi contains b
Doesn’t create a Boolean value
Does set condition codes
** we’ll talk about the if part later!

10. Example
%rax
0000
%rcx
0010
%rdx
%rbx
%rsi
%rdi
%rsp
%rbp
cmpq %rax, %rcx execute %rcx - %rax then set condition codes NOTHING SAVED!
Condition codes CF ZF SF OF ?? ?? ?? ??

11. Example
%rax
0000
%rcx
0010
%rdx
%rbx
%rsi
%rdi
%rsp
%rbp
cmpq %rax, %rcx execute %rcx - %rax then set condition codes NOTHING SAVED!
Condition codes CF ZF SF OF

12. Today Control: Condition codes Conditional branches Loops
Ithaca College
Today
Control: Condition codes
Conditional branches
Loops
Switch Statements

13. Jumping A jump instruction causes execution to jump to a new address
Really just puts the argument of the jump into the EIP
Jump destinations are usually indicated by a label
A label marks a place in code
1 xorq %rax, %rax
2 jmp .L1
3 movq (%rax), %rdx
4 .L1:
popq %rdx
The instruction jmp .L1 causes program to skip line 3
jmp is an unconditional jump instruction
Note that we wouldn’t really use the code this way!

14. Jumping or A jump instruction has two types of arguments
Direct jumps. Target is part of the instruction
Use a label
Indirect jumps. Target read from a register or memory.
Use a ‘*’ followed by an operand specifier
jmp *%eax or
jmp *(%eax)
Any addressing mode can be used
Note that jmp is an unconditional jump instruction

15. Jumping Other jump instructions are conditional
Either jump or continue executing at next instruction in the code
Depends on some combination of the condition codes
Conditional jumps can only be direct
Assembler changes labels into actual memory addresses
See section of the book
Not very important now; will be very important in chapter 7

16. Jumping jX Instructions
Ithaca College
Jumping
jX Instructions
Jump to different part of code depending on condition codes jX
Condition
Description
jmp 1
Unconditional je ZF
Equal / Zero
jne
~ZF
Not Equal / Not Zero js SF
Negative
jns
~SF
Nonnegative jg
~(SF^OF)&~ZF
Greater (Signed)
jge
~(SF^OF)
Greater or Equal (Signed) jl
(SF^OF)
Less (Signed)
jle
(SF^OF)|ZF
Less or Equal (Signed) ja
~CF&~ZF
Above (unsigned) jb CF
Below (unsigned)

17. Reading condition codes (cont)
Assume a is in %rdx and b in %rax
cmpq %rax, %rdx
jl SUM
Goal: jump if a is less than b
First instruction sets the condition code.
cmpq computes a – b
a < b then a – b < 0
Second instruction checks to see if the compq proved that a – b < 0
Checks (SF^OF)
Goal: jump if a < b or a – b < 0
jl LABEL ; if (SF^OF) %RIP  LABEL

18. Reading condition codes (cont)
Assume a is in %rdx and b in %rax
cmpq %rax, %rdx
jl SUM
How does this work?
cmpq computes a – b
If a < b then a – b < 0
If TRUE, then a – b will be negative AND there will be no overflow
If there is positive overflow (a – b is large), we have a – b < 0 but OF is set
If there is negative overflow (a – b is very small), we have a – b > 0 but OF is set
In either case the sign flag will indicate the opposite of the sign of the true difference. Hence, use exclusive-or of the OF and SF
jl LABEL ; if (SF^OF) %RIP  LABEL CF ZF SF OF
Condition codes

19. jl jump less (Signed) SF^OF
cmpq %cl, %al
Jl LABEL
Assume 8 bits
%al holds 50 %cl holds – = SF = OF = OF ^ SF is 50 < 20 Or 50 – 20 < 0
%al holds 50 %cl holds – = SF = OF = OF ^ SF is 50 < 70 Or 50 – 70 < 0 1 1
True
False

20. jl jump less (Signed) SF^OF
cmpq %cl, %al
Jl LABEL
Assume 8 bits
%al holds 127 %cl holds – 5 127– – 5 = = SF = OF = OF ^ SF is 127< – 5 Or 127– – 5 < 0
%al holds – 128 %cl holds + 5 – 128– 5 = = SF = OF = OF ^ SF is -128< 5 Or – 128– 5 < 0 1 1 1
underflow
overflow 1
True
False

21. Today Control: Condition codes Conditional branches Loops
Ithaca College
Today
Control: Condition codes
Conditional branches
If-then-else statements
Conditional moves
Loops
Switch Statements

22. Conditional Branch Example (Old Style)
Ithaca College
Conditional Branch Example (Old Style)
Generation
barr> gcc –Og -S –fno-if-conversion control.c
absdiff:
cmpq %rsi, %rdi # x:y
jle .L4
movq %rdi, %rax
subq %rsi, %rax
ret
.L4: # x <= y
movq %rsi, %rax
subq %rdi, %rax
long absdiff
(long x, long y) {
long result;
if (x > y)
result = x-y;
else
result = y-x;
return result; }
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value

23. Expressing with Goto Code
Ithaca College
Expressing with Goto Code
C allows goto statement
Jump to position designated by label
long absdiff
(long x, long y) {
long result;
if (x > y)
result = x-y;
else
result = y-x;
return result; }
long absdiff_j
(long x, long y) {
long result;
int ntest = (x <= y);
if (ntest) goto else;
result = x-y;
goto Done;
else:
result = y-x;
Done:
return result; }
Generally considered bad coding style

24. Expressing with Goto Code
Ithaca College
Expressing with Goto Code
C allows goto statement
Jump to position designated by label
absdiff:
cmpq %rsi, %rdi # x:y
jle .L4
movq %rdi, %rax
subq %rsi, %rax
ret
.L4: # x <= y
movq %rsi, %rax
subq %rdi, %rax
long absdiff_j
(long x, long y) {
long result;
int ntest = (x <= y);
if (ntest) goto else;
result = x-y;
goto Done;
else:
result = y-x;
Done:
return result; }
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value

25. Expressing with Goto Code
Ithaca College
Expressing with Goto Code
C allows goto statement
Jump to position designated by label
absdiff:
cmpq %rsi, %rdi # x:y
jle .L4
movq %rdi, %rax
subq %rsi, %rax
ret
.L4: # x <= y
movq %rsi, %rax
subq %rdi, %rax
long absdiff_j
(long x, long y) {
long result;
int ntest = (x <= y);
if (ntest) goto else;
result = x-y;
goto Done;
else:
result = y-x;
Done:
return result; }
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value

26. Expressing with Goto Code
Ithaca College
Expressing with Goto Code
C allows goto statement
Jump to position designated by label
absdiff:
cmpq %rsi, %rdi # x:y
jle .L4
movq %rdi, %rax
subq %rsi, %rax
ret
.L4: # x <= y
movq %rsi, %rax
subq %rdi, %rax
long absdiff_j
(long x, long y) {
long result;
int ntest = (x <= y);
if (ntest) goto else;
result = x-y;
goto Done;
else:
result = y-x;
Done:
return result; }
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value

27. Expressing with Goto Code
Ithaca College
Expressing with Goto Code
C allows goto statement
Jump to position designated by label
absdiff:
cmpq %rsi, %rdi # x:y
jle .L4
movq %rdi, %rax
subq %rsi, %rax
ret
.L4: # x <= y
movq %rsi, %rax
subq %rdi, %rax
long absdiff_j
(long x, long y) {
long result;
int ntest = (x <= y);
if (ntest) goto else;
result = x-y;
goto Done;
else:
result = y-x;
Done:
return result; }
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value

28. Example 2 Copy ifStmt.c from home/barr/Student/Comp210/Resources/
gcc –O0 –o ifStmt –fno-if-conversion ifStmt.c
gdb ifStmt
In gdb: disass testIf1
int testIf1(int x, int y) {
int result;
int ntest = (x >= y);
if (ntest) goto else;
result = x * 4;
goto Done;
else:
result = y * 4;
Done:
return result; }
int testIf1(int x, int y) {
int result;
if (x < y)
result = x * 4;
else
result = y * 4;
return result; }

29. Example 2 continued… Register Use(s) %rdi Argument x %rsi Argument y
%rax
Return value
pushq %rbp movq %rsp, %rbp movq %rdi, -18(%rbp) movq %rsi, -20(%rbp) movq -18(%rbp), %rax cmpq -20(%rbp), %rax jge LBBO_2 shlq $2, %rax movq %rax, -8(%rbp) jmp LBB0_3 LBB0_2: movq -20(%rbp), %rax LBB0_3: movq -8(%rbp), %rax popq %rbp retq
int testIf1
(int x, int y) {
int result;
int ntest = (x >= y);
if (ntest) goto else;
result = x * 4;
goto Done;
else:
result = y * 4;
Done:
return result; }
LBBO_2 is
0x40054a <testIf1+36>
LBBO_3 is
0x <testIf1+48>

30. Setting up the runtime stack
Example 2 continued…
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value
pushq %rbp movq %rsp, %rbp movq %rdi, -18(%rbp) movq %rsi, -20(%rbp) movq -18(%rbp), %rax cmpq -20(%rbp), %rax jge LBBO_2 shlq $2, %rax movq %rax, -8(%rbp) jmp LBB0_3 LBB0_2: movq -20(%rbp), %rax LBB0_3: movq -8(%rbp), %rax popq %rbp retq
Setting up the runtime stack
int testIf1
(int x, int y) {
int result;
int ntest = (x >= y);
if (ntest) goto else;
result = x * 4;
goto Done;
else:
result = y * 4;
Done:
return result; }
if x - y >= 0
jump
calculate x=x*4
and jump
Calculate y=y*4
LBBO_2 is
0x40054a <testIf1+36>
LBBO_3 is
0x <testIf1+48>
Set up the return value

31. General Conditional Expression Translation (Using Branches)
Ithaca College
General Conditional Expression Translation (Using Branches)
C Code
val = Test ? Then_Expr : Else_Expr;
val = x>y ? x-y : y-x;
Test Is an expression returning an integer
= 0 interpreted as false
≠ 0 interpreted as true
Create separate code regions for then & else expressions
Execute appropriate one
Goto Version
ntest = !Test;
if (ntest) goto Else;
val = Then_Expr;
goto Done;
Else:
val = Else_Expr;
Done:
. . .

32. Today Control: Condition codes Conditional branches Loops
Ithaca College
Today
Control: Condition codes
Conditional branches
If-then-else statements
Conditional moves
Loops
Switch Statements

33. Using Conditional Moves
Ithaca College
Using Conditional Moves
Conditional Move Instructions
Instruction supports:
if (Test) Dest  Src
Supported in post-1995 x86 processors
GCC tries to use them
But, only when known to be safe
Why?
Branches are very disruptive to instruction flow through pipelines
Conditional moves do not require control transfer
C Code
val = Test
? Then_Expr
: Else_Expr;
Goto Version
result = Then_Expr;
eval = Else_Expr;
nt = !Test;
if (nt) result = eval;
return result;

34. Conditional Move cmovX Instructions
Ithaca College
Conditional Move
* source/destination may be 16, 32, or 64 bits (not 8). No size suffix: assembler infers the operand length based on destination register
cmovX Instructions
Jump to different part of code depending on condition codes jX
Synonym
Condition
Description
cmove S*,R*
cmovz ZF
Equal / Zero
cmovne S,R
cmovnz
~ZF
Not Equal / Not Zero
cmovs S,R SF
Negative
cmovns S,R
~SF
Nonnegative
cmovg S,R
cmovnle
~(SF^OF)&~ZF
Greater (Signed)
cmovge S,R
cmovnl
~(SF^OF)
Greater or Equal (Signed)
cmovl S,R
cmovnge
(SF^OF)
Less (Signed)
cmovle S,R
cmovng
(SF^OF)|ZF
Less or Equal (Signed)
cmova S,R
cmovnbe
~CF&~ZF
Above (unsigned)
cmovae S,R
cmovnb
~CF
Above or equal (unsigned)
cmovb S,R
cmovnae CF
Below (unsigned)
cmovbe S,R
cmovna
CF | ZF
Below or equal (unsigned)

35. Conditional Move Example
Ithaca College
Conditional Move Example
long absdiff
(long x, long y) {
long result;
if (x > y)
result = x-y;
else
result = y-x;
return result; }
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value
absdiff:
movq %rdi, %rax # x
subq %rsi, %rax # result = x-y
movq %rsi, %rdx # y
subq %rdi, %rdx # eval = y-x
cmpq %rsi, %rdi # x:y
cmovle %rdx, %rax # if <=, result = eval
ret

36. Bad Cases for Conditional Move
Ithaca College
Bad Cases for Conditional Move
Expensive Computations
val = Test(x) ? Hard1(x) : Hard2(x);
Both values get computed
Only makes sense when computations are very simple
In general, gcc only uses conditional moves when the two expressions can be computed very easily, e.g., single instructions.
Risky Computations
val = p ? *p : 0;
Both values get computed
May have undesirable effects (always dereference p but it may be null!)
Computations with side effects
val = x > 0 ? x*=7 : x+=3;
Both values get computed
Must be side-effect free

37. Practice Problem Generation Register Use(s) %rdi Argument x %rsi
Ithaca College
Practice Problem
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value
Generation
test:
leaq 0(,%rdi,8), %rax
testq %rsi, %rsi
jle .L4
movq %rsi, %rax
subq %rdi, %rax
movq %rdi, %rdx
andq %rsi, %rdx
cmpq %rsi, %rdi
cmovge %rdx, %rax
ret
.L4:
addq %rsi, %rdi
cmpq %-2, %rsi
cmovle %rdi, %rax
long test
(long x, long y) {
long val = _________;
if (_________){
if (__________){
val = ________;
else
} else if (________)
return val; }
test %rsi, %rsi
Does %rsi & %rsi
long val = 8*x;
if (y > 0) {
if (x < y)
val = y - x;
else
val = x & y;
}else if (y <= -2)
val = x*y;
return val;

38. Practice Problem Generation Register Use(s) %rdi Argument x %rsi
Ithaca College
Practice Problem
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value
Generation
test:
leaq 0(,%rdi,8), %rax
testq %rsi, %rsi
jle .L4
movq %rsi, %rax
subq %rdi, %rax
movq %rdi, %rdx
andq %rsi, %rdx
cmpq %rsi, %rdi
cmovge %rdx, %rax
ret
.L4: # x <= y
addq %rsi, %rdi
cmpq %-2, %rsi
cmovle %rdi, %rax
long test
(long x, long y) {
long val = 8*x;
if (y > 0){
if (x < y){
val = y - x;
else
val = x & y;
} else if (y <= -2)
val = x + y;
return val; }
long val = 8*x;
if (y > 0) {
if (x < y)
val = y - x;
else
val = x & y;
}else if (y <= -2)
val = x + y;
return val;

39. Condition Codes (Explicit Setting: Test)
Ithaca College
Condition Codes (Explicit Setting: Test)
Explicit Setting by Test instruction
testq Src2, Src1
testq b,a like computing a&b without setting destination
Sets condition codes based on value of Src1 & Src2
Useful to have one of the operands be a mask
CF set to 0
ZF set when a&b == 0
SF set when a&b < 0
OF set to 0
Note: typically the same operand is repeated to test whether it is negative, zero, or positive:
testl %rax, %rax sets the condition codes depending on the value in %rax
Note 2: there are also testl, testw and testb instructions.

40. Reading Condition Codes
Ithaca College
Reading Condition Codes
SetX Instructions
Set low-order byte of destination to 0 or 1 based on combinations of condition codes
Does not alter remaining 7 bytes
SetX
Condition
Description
sete ZF
Equal / Zero
setne
~ZF
Not Equal / Not Zero
sets SF
Negative
setns
~SF
Nonnegative
setg
~(SF^OF)&~ZF
Greater (Signed)
setge
~(SF^OF)
Greater or Equal (Signed)
setl
(SF^OF)
Less (Signed)
setle
(SF^OF)|ZF
Less or Equal (Signed)
seta
~CF&~ZF
Above (unsigned)
setb CF
Below (unsigned)

41. x86-64 Integer Registers %rax %r8 %rbx %r9 %rcx %r10 %rdx %r11 %rsi
%al
%r8
%r8b
%rbx
%bl
%r9
%r9b
%rcx
%cl
%r10
%r10b
%rdx
%dl
%r11
%r11b
%rsi
%sil
%r12
%r12b
%rdi
%dil
%r13
%r13b
%rsp
%spl
%r14
%r14b
%rbp
%bpl
%r15
%r15b
Can reference low-order byte

42. Reading condition codes
Consider:
setl D (SF^OF) Less (Signed <) D  (SF^OF)
First compare two numbers, a and b where both are in 2’s complement form using an arithmetic, logical, test or cmp instruction
Then use setX to set a register with the result of the test
cmpq %rax, %rdx
setl %al puts the result in byte register %al

43. Reading condition codes (cont)
Assume a is in %rax and b in %rdx
cmpq %rax, %rdx
setl %al puts the result in byte register %al
First instruction sets the condition code.
cmpq computes b – a
If b < a then b – a < 0 If there is no overflow, this is indicated by SF
If there is positive overflow (b – a is large), we have b – a < 0 but OF is set
If there is negative overflow (b – a is very small), we have b – a > 0 but OF is set
In either case the sign flag will indicate the opposite of the sign of the true difference. Hence, use exclusive-or of the OF and SF
Second instruction sets the %al register to or depending on the value of (SF^OF)
setl D ; D  (SF^OF)

44. Reading condition codes (cont)
Example: assume %rax holds 20 and %rdx holds 50
cmpq %rax, %rdx
50 – 20, SF  0, OF  0
setl %al
%al  0 ^ 0 =
Example: assume %rax holds 0x and %rdx holds 20
20 – ( ) , SF  1, OF  1
%al  1 ^ 1 = setq gives false;
20 is not less than
setl D ; D  (SF^OF)

45. Reading condition codes (cont)
Example: assume %rax holds 20 and %rdx holds 0x
cmpq %rax, %rdx
( ) - 20 , SF  0, OF  1
0x xFFFFFFEC
= 0x7FFFFFED (note that 7 = 0111)
setl %al
%al  0 ^ 1 = setq gives true;
is less
than 20

46. If this is zero, can’t be >
Setg Greater (Signed)
~(SF^OF)&~ZF
~SF&~OF
If this is zero, can’t be >
First do an arith, logical, cmp or test.
Then use the flags
If the overflow flag is set, can’t be > if we did a cmpl or testl as the previous instruction. Why? CF ZF SF OF
Condition codes

47. Reading Condition Codes (Cont.)
Ithaca College
Reading Condition Codes (Cont.)
SetX Instructions:
Set single byte based on combination of condition codes
One of addressable byte registers
Does not alter remaining bytes
Typically use movzbl to finish job
32-bit instructions also set upper 32 bits to 0
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value
int gt (long x, long y) {
return x > y; }
cmpq %rsi, %rdi # Compare x:y
setg %al # Set when >
movzbl %al, %rax # Zero rest of %rax
ret

48. Reading Condition Codes (Cont.)
Ithaca College
Reading Condition Codes (Cont.)
Register
Use(s)
%rdi
Argument x
%rsi
Argument y
%rax
Return value
%rax
%ah
%al
%rdx
%dh
%dl
All 0’s:
%rcx
%ch
%cl
%rbx
%bh
%bl
Either or
%rsi
%rdi
int gt (long x, long y) {
return x > y; }
%rsp
%rbp
cmpq %rsi, %rdi # Compare x:y
setg %al # Set when >
movzbl %al, %rax # Zero rest of %rax
ret

49. Summarizing C Control Assembler Control Standard Techniques
Ithaca College
Summarizing
C Control
if-then-else
do-while
while, for
switch
Assembler Control
Conditional jump
Conditional move
Indirect jump (via jump tables)
Compiler generates code sequence to implement more complex control
Standard Techniques
Loops converted to do-while or jump-to-middle form
Large switch statements use jump tables
Sparse switch statements may use decision trees (if-elseif-elseif-else)
long val = 8*x;
if (y > 0) {
if (x < y)
val = y - x;
else
val = x & y;
}else if (y <= -2)
val = x*y;
return val;

50. Summary Today Next Time Control: Condition codes
Ithaca College
Summary
Today
Control: Condition codes
Conditional branches & conditional moves
Next Time
Loops
Switch statements
Stack
Call / return
Procedure call discipline