Presentation is loading. Please wait.

Presentation is loading. Please wait.

C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014.

Published byAnne Abbott Modified over 10 years ago

Similar presentations

Presentation on theme: "C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014."— Presentation transcript:

1 C Programming and Assembly Language Janakiraman V – jramaanv@yahoo.comjramaanv@yahoo.com NITK Surathkal 2 nd August 2014

2 Motivation Do you know how all this is implemented in assembly?

3 Agenda Brief introduction to the 8086 processor architecture Describe commonly used assembly instructions Use of stack and related instructions Translate high level function calls into low level assembly language Familiarize the calling conventions Explain how variables are passed and accessed

4 8086 Architecture ALU – Arithmetic and Logical unit – The heart of the processor Control Unit – Decodes instructions, Controls the execution flow Registers – Implicit memory locations within the processor Registers – Serve as arguments to most operations Flags – All ALU operations will set particular bits after execution

5 Registers EAX – Stores integer return values ECX – Stores the counters for loops and also stores “THIS” pointer EIP –Instruction pointer. Stores the address of the next instruction to be executed ESP – The Stack pointer. Implicitly changed during Call/ Ret instructions. EBP – Base pointer. Used to access local variables and function parameters.

6 Registers Contd… EBX – A general purpose register ESI– The source index register for string instructions EDI - The destination index registers for string instructions EFL – Flag register. Stores the flag bits of various flags like Carry, Zero, etc. Segment registers point to a segment of memory. EDS, ESS, EES, ECS EDX – Stores high 32 bits of 64 bit values

7 Instruction Set Data transfer Arithmetic and logical Stack Operations Branching and Looping Function calls String Instructions Prefix to instructions

8 Data transfer instructions  MOV Destination, Source - Format » Data transfer is always from RIGHT to LEFT. » Source Register is unaffected.  LEA – Load effective address. » Loads the offset Address of the specified variable into the destination. » Equivalent of int y = &x;

9 Arithmetic and Logical instructions Operation destination, source – Format » ADD AX, BX » SUB AX, [BX] » OR AX, [BX+4] » XOR AX, AX – Fastest way to clear registers

10 Exercise 1  Write an assembly program to evaluate the following expression. (All variables are 32 bit integers) » EAX = x*y + a – b » EBX =( x^y) | ( a&b) int x=4, y=6, a=3, b=2; __asm { MOV EAX, x MUL y ADD EAX, a SUB EAX, b MOV EBX, x XOR EBX, y MOV ECX, a AND ECX, b OR EBX, ECX }

11 Branching and Looping JMP Addr – Loads EIP with Addr Conditional Jumps » Transfers control based on a condition » Based on state of one or more flags » ALU operation sets flags

12 Exercise 2  Write an assembly program to evaluate the expression “ z = x * y ”using » Repeated addition » MUL instruction  Write an assembly program to calculate the string length of a constant string Multiplication by repeated addition. int x =9, y=10, z=0; __asm { XOR EAX, EAX MOV EBX, y MULT: ADD EAX, x DEC EBX JNZ MULT MOV z, EAX } String length of a constant string char* pChar = “Test data"; MOV EDI, pChar XOR ECX, ECX COMPARE: CMP [EDI], 0 JNZ INCREASE JMP DONE INCREASE: INC ECX INC EDI JMP COMPARE DONE: MOV len, ECX

13 Stack Operations  PUSH: PUSH EAX » ESP decreases by 4/ 2/ 1 » Data is moved on to top of stack » Used extensively to pass parameters to functions.  POP: POP EAX » ESP increases 4/ 2/ 1 » Data is copied to the destination » Compliment of PUSH

14 Exercise 3  Write an assembly program to swap two integers x and y.  Write a C program to swap two numbers using a function Swap(int* pX, int* pY). Implement the Swap function directly in assembly language Swap two integers. int x=4, y=5; __asm { PUSH x PUSH y POP x POP y } Function to swap variables void swap(int* pX, int* pY) { __asm { MOV EAX, pX MOV EBX, pY PUSH DWORD PTR [EAX] PUSH DWORD PTR [EBX] POP DWROD PTR [EAX] POP DWORD PTR [EBX] }

15 Function calls  CALL – CALL ADDR » Used for function calls. » Implicitly pushes the EIP on to the stack. » Reads the address specified (ADDR) and loads EIP with ADDR.  RET – RET n » Used to return to the calling function. » Implicitly pops the DWORD on the TOS into EIP. » ‘n’ Specifies the number to be added to ESP after returning. Used for stack clean up.

16 Compile the C program!! int g_iVar = 5; void main() { int z=0; z = Fn(2,4); g_iVar = z; } int Fn(int x, int y) { int z=0; z = x+ y return z; }

17 C and assembly language - FAQ How are function calls in ‘C’ translated into assembly? How are parameters passed to the function? What does it mean to say local variables are stored on stack? Scope of local variables! How are global variables accessed?

18 C and Assembly language Contd…. Cannot pass many parameters in registers Scope – Desirable feature Stack – Ideal to store local variables ESP cannot be used to access the local variables EBP is used to access them!!!

19 Parameters, Local and Global variables Before a function is called parameters are pushed onto stack Parameters are accessed by [EBP +n] Local variables are accessed by [EBP –n] Integers are returned in EAX Global variables are accessed by direct address values

20 Compile the C program Contd… void main() { int z=0; MOV z, 0 z = Fn(2,4); PUSH 0x00000004 PUSH 0x00000002 CALL Fn MOV z, EAX g_iVal = z; MOV [g_iVar], EAX } int Fn(int x, int y) { int z=0; MOV z, 0 z = x+ y; MOV EAX, x ADD EAX, y MOV z, EAX return z; RET }

21 Compile the C Program Contd…. CODE SEGMENT – Function – main(). int z = 0; C100 MOV [EBP-4], 0 z = Fn(2,4); C101 PUSH 0x00000004 C102 PUSH 0x00000002 C103 Call C200 C104 MOV [EBP-4], EAX g_iVar = z; C105 MOV [g_iVar], EAX. STACK SEGMENT 0x00000004 0x00000002 C104 ESP 0x00000000 local var Z EBP

22 Compile the C Program Contd…. CODE SEGMENT – Function – Fn() C200 MOV EBP, ESP C201 SUB ESP, 0x40 int z=0; C202MOV [EBP-4], 0 z = x+ y C203MOV EAX, [EBP+4] C204ADD EAX, [EBP+8] C205MOV [EBP-4], EAX return z; C206 ADD ESP, 0x40 C206RET STACK SEGMENT 0x00000004 0x00000002 C104 ESP EBP ESP Local variable space 0x00000000 ESP 0x00000006 Z EBP 0x00000000 local var Z

23 CODE SEGMENT – Function – main(). int z = 0; C100 MOV [EBP-4], 0 z = Fn(2,4); C101 PUSH 0x00000004 C102 PUSH 0x00000002 C103 Call C200 C104 MOV [EBP-4], EAX g_iVar = z; C105 MOV [g_iVar], EAX C106 RET STACK SEGMENT 0x00000004 0x00000002 C104 0x00000000 Local var Z ESP EBP 0x00000006 Stack corruption!!!!! You have accessed the stack of the function “Fn()” You computer will now REBOOT!!!!!

24 Compile the C Program Contd…. CODE SEGMENT – Function – main(). int z = 0; C100 MOV [EBP-4], 0 z = Fn(2,4); C101 PUSH 0x00000004 C102 PUSH 0x00000002 C103 Call C200 C104 MOV [EBP-4], EAX g_iVar = z; C105 MOV [g_iVar], EAX. STACK SEGMENT 0x00000004 0x00000002 C104 ESP 0x00000000 local var Z EBP

25 Compile the C Program Contd…. CODE SEGMENT – Function – Fn() C200 PUSH EBP C202 MOV EBP, ESP C203 SUB ESP, 0x40 int z=0; C204MOV [EBP-4], 0 z = x+ y C205MOV EAX, [EBP+8] C206ADD EAX, [EBP+12] C207MOV [EBP-4], EAX return z; C208 ADD ESP, 0x40 C209 POP EBP C20ARET 8 STACK SEGMENT 0x00000004 0x00000002 C104 ESP EBP ESP Local variable space 0x00000000 ESP 0x00000006 Z EBP 0x00000000 local var Z EBP - main() ESP EBP ESP

26 CODE SEGMENT – Function – main(). int z = 0; C100 MOV [EBP-4], 0 z = Fn(2,4); C101 PUSH 0x00000004 C102 PUSH 0x00000002 C103 Call C200 C104 MOV [EBP-4], EAX g_iVar = z; C105 MOV [g_iVar], EAX C106 Epilogue STACK SEGMENT 0x00000004 0x00000002 C104 0x00000000 Local var Z ESP EBP 0x0000006 0x00000006 ESP

27 Function calls in C - Summary  Function call gets translated to CALL addr  Prologue » Store the current EBP on stack » Set up the stack - Initialize the EBP » Allocate space for local variables.  Execute the function accordingly  Epilogue » Set the ESP to its original value » Set the EBP back to its original value

28 Stack clean up When? » Happens after returning from a function Why? » Undo the effect of pushing parameters How? » RET N or ADD ESP, N

29 C Program Assembly Contd… void main() { int z = 0; z = Function(2, 4); } /*Contd……*/ Prologue MOV [EBP-4], 0 PUSH 0x00000004 PUSH 0x00000002 CALL Function MOV [EBP-4], EAX Epilogue Contd……

30 C Program Assembly Contd… int Function(int a, int b) { int c=0; c = a + b; return c; } PUSH EBP MOV EBP, ESP --------- Prologue SUB ESP, N MOV [EBP-4], 0 MOV EAX, [EBP + 8] --- Body ADD EAX, [EBP+12] MOV [EBP-4], EAX ADD ESP, N POP EBP ----------------- Epilogue RET 8

31 Calling conventions  __cdecl » Default calling convention of C functions » Needed for variable argument list » Caller cleans the stack - ADD ESP, N instruction  __stdcall » Faster than the __cdecl call. » Callee cleans the stack - RET N instruction Contd……

32 Back to Exercise 3  Write a C program to swap two numbers using a function Swap(int* pX, int* pY). Implement the Swap function directly in assembly language Function to swap variables void swap(int* pX, int* pY) { __asm { PUSH DWORD PTR [pX] PUSH DWORD PTR [pY] POP DWROD PTR [pX] POP DWORD PTR [pY] } Function to swap variables void swap(int* pX, int* pY) { __asm { MOV DWORD PTR EAX, [EBP+4] MOV DWORD PTR EBX, [EBP+8] PUSH DWORD PTR [EAX] PUSH DWORD PTR [EBX] POP DWROD PTR [EAX] POP DWORD PTR [EBX] } Function to swap variables void swap(int* pX, int* pY) { __asm { PUSH DWORD PTR [[EBP+4]] PUSH DWORD PTR [[EBP+8]] POP DWROD PTR [[EBP+4]] POP DWORD PTR [[EBP+8]] } Double indirection is not a valid instruction

33 What about C++? struct stTest { int x; int y; }; void FnTest(stTest* pSt) { pSt->x = 0; pSt->y = 1; } void main() { stTest obj; FnTest(&obj); } class clsTest { int x; int y; public: void FnTest() { x = 0; y=1; } }; void main() { clsTest obj; obj.FnTest(); }

34 Calling convention Contd…  this call – The C++ calling convention » Behaves like the __cdecl call in most ways » This pointer is passed in the ECX register » Stores the this pointer in [EBP-4] location on stack

35 String Instructions Uses ESI, EDI as its operands. After the operation ESI and EDI are automatically Incremented/ Decremented depending on the direction flag. Usually used with the Prefix instructions. Very efficient for standard looping instructions.

36 Prefix to instructions  REP – REP MOVSB » Used to repeat instructions unconditionally » Implicitly decrements ECX by 1 after each execution » Stops once ECX = 0  REPNE/ REPE – REPE SCASB » Used to repeat instructions conditionally » Implicitly decrements ECX by 1 after each execution » Stops once ECX = 0 or ZERO flag is set/ reset

37 Optimized C functions Memcpy Strlen Memset

Download ppt "C Programming and Assembly Language Janakiraman V – NITK Surathkal 2 nd August 2014."

Similar presentations

Practical Malware Analysis

Practical Malware Analysis
Assembly Language for x86 Processors 6th Edition Chapter 5: Procedures (c) Pearson Education, 2010. All rights reserved. You may modify and copy this slide.

Assembly Language for x86 Processors 6th Edition Chapter 5: Procedures (c) Pearson Education, All rights reserved. You may modify and copy this slide.
COMP 2003: Assembly Language and Digital Logic

COMP 2003: Assembly Language and Digital Logic
Assembly Language for Intel-Based Computers Chapter 5: Procedures Kip R. Irvine.

Assembly Language for Intel-Based Computers Chapter 5: Procedures Kip R. Irvine.
Memory Image of Running Programs Executable file on disk, running program in memory, activation record, C-style and Pascal-style parameter passing.

Memory Image of Running Programs Executable file on disk, running program in memory, activation record, C-style and Pascal-style parameter passing.
PC hardware and x86 3/3/08 Frans Kaashoek MIT

PC hardware and x86 3/3/08 Frans Kaashoek MIT
1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.

1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.
1 Lecture 5: Procedures Assembly Language for Intel-Based Computers, 4th edition Kip R. Irvine.

1 Lecture 5: Procedures Assembly Language for Intel-Based Computers, 4th edition Kip R. Irvine.
Accessing parameters from the stack and calling functions.

Accessing parameters from the stack and calling functions.
Practical Session 3. The Stack The stack is an area in memory that its purpose is to provide a space for temporary storage of addresses and data items.

Practical Session 3. The Stack The stack is an area in memory that its purpose is to provide a space for temporary storage of addresses and data items.
– 1 – 15-213, F’02 ICS05 Instructor: Peter A. Dinda TA: Bin Lin Recitation 4.

– 1 – , F’02 ICS05 Instructor: Peter A. Dinda TA: Bin Lin Recitation 4.
Chapter 12: High-Level Language Interface. Chapter Overview Introduction Inline Assembly Code C calls assembly procedures Assembly calls C procedures.

Chapter 12: High-Level Language Interface. Chapter Overview Introduction Inline Assembly Code C calls assembly procedures Assembly calls C procedures.
CEG 320/520: Computer Organization and Assembly Language ProgrammingIntel Assembly 1 Intel IA-32 vs Motorola 68000.

CEG 320/520: Computer Organization and Assembly Language ProgrammingIntel Assembly 1 Intel IA-32 vs Motorola
6.828: PC hardware and x86 Frans Kaashoek

6.828: PC hardware and x86 Frans Kaashoek
Computer Architecture and Operating Systems CS 3230 :Assembly Section Lecture 7 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.

Computer Architecture and Operating Systems CS 3230 :Assembly Section Lecture 7 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.
Instruction Set Design by Kip R. Irvine (c) Kip Irvine, 2002-2003. All rights reserved. You may modify and copy this slide show for your personal use,

Instruction Set Design by Kip R. Irvine (c) Kip Irvine, All rights reserved. You may modify and copy this slide show for your personal use,
Www.SecurityXploded.com. Disclaimer The Content, Demonstration, Source Code and Programs presented here is AS IS without any warranty or conditions.

Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Fabián E. Bustamante, Spring 2007 Machine-Level Programming III - Procedures Today IA32 stack discipline Register saving conventions Creating pointers.

Fabián E. Bustamante, Spring 2007 Machine-Level Programming III - Procedures Today IA32 stack discipline Register saving conventions Creating pointers.
Assembly Language for Intel-Based Computers, 6 th Edition Chapter 8: Advanced Procedures (c) Pearson Education, 2010-2011. All rights reserved. You may.

Assembly Language for Intel-Based Computers, 6 th Edition Chapter 8: Advanced Procedures (c) Pearson Education, All rights reserved. You may.
The x86 Architecture Lecture 15 Fri, Mar 4, 2005.

The x86 Architecture Lecture 15 Fri, Mar 4, 2005.

Similar presentations

Ads by Google