15 213 MachineLevel Programming II Control Flow Feb

15 -213 Machine-Level Programming II Control Flow Feb. 3, 2000 Topics • Condition Codes – Setting – Testing • Control Flow – If-then-else – Varieties of Loops – Switch Statements class 06. ppt

Condition Codes Single Bit Registers CF ZF SF OF Carry Flag Zero Flag Sign Flag Overflow Flag Implicit Setting By Arithmetic Operations addl Src, Dest C analog: t = a+b • CF set if carry out from most significant bit – Used to detect unsigned overflow • ZF set if t == 0 • SF set if t < 0 • OF set if two’s complement overflow (a>0 && b>0 && t<0) || (a<0 && b<0 && t>0) Not Set by leal instruction class 06. ppt – 2– CS 213 S’ 00

Setting Condition Codes (cont. ) Explicit Setting by Compare Instruction cmpl Src 2, Src 1 • cmpl b, a like computing a-b without setting destination • CF set if carry out from most significant bit – Used for unsigned comparisons • ZF set if a == b • SF set if (a-b) < 0 • OF set if two’s complement overflow (a>0 && b<0 && (a-b)<0) || (a<0 && b>0 && (a-b)>0) Explicit Setting by Test instruction testl Src 2, Src 1 • Sets condition codes based on value of Src 1 & Src 2 – Useful to have one of the operands be a mask • testl b, a like computing a&b without setting destination • ZF set when a&b == 0 • SF set when a&b < 0 class 06. ppt – 3– CS 213 S’ 00

Reading Condition Codes Set. X Instructions • Set single byte based on combinations of condition codes class 06. ppt – 4– CS 213 S’ 00

Reading Condition Codes (Cont. ) Set. X Instructions • Set single byte based on combinations of condition codes • One of 8 addressable byte registers – Embedded within first 4 integer registers – Does not alter remaining 3 bytes – Typically use andl 0 x. FF, %eax to finish job int gt (int x, int y) { return x > y; } movl cmpl setg andl 12(%ebp), %eax, 8(%ebp) %al $255, %eax class 06. ppt # # %eax %ah %al %edx %dh %dl %ecx %ch %cl %ebx %bh %bl %esi %edi %esp Body eax = y Compare x : eax al = x > y Zero rest of %eax – 5– %ebp Note inverted ordering! CS 213 S’ 00

Jumping j. X Instructions • Jump to different part of code depending on condition codes class 06. ppt – 6– CS 213 S’ 00

Conditional Branch Example _max: pushl %ebp movl %esp, %ebp int max(int x, int y) { if (x > y) return x; else return y; } movl 8(%ebp), %edx movl 12(%ebp), %eax cmpl %eax, %edx jle L 9 movl %edx, %eax Body L 9: movl %ebp, %esp popl %ebp ret class 06. ppt Set Up – 7– Finish CS 213 S’ 00

$Conditional Branch Example (Cont. ) int goto_max(int x, int y) { int rval =$

Conditional Branch Example (Cont. ) int goto_max(int x, int y) { int rval = y; int ok = (x <= y); if (ok) goto done; rval = x; done: return rval; } movl 8(%ebp), %edx movl 12(%ebp), %eax cmpl %eax, %edx jle L 9 movl %edx, %eax L 9: # class 06. ppt # edx = # eax = # x : y # if <= # eax = Done: – 8– • C allows “goto” as means of transferring control – Closer to machine-level programming style • Generally considered bad coding style x y goto L 9 x Skipped when x y CS 213 S’ 00

$“Do-While” Loop Example Goto Version C Code int fact_do (int x) { int result$

“Do-While” Loop Example Goto Version C Code int fact_do (int x) { int result = 1; do { result *= x; x = x-1; } while (x > 1); return result; } int fact_goto(int x) { int result = 1; loop: result *= x; x = x-1; if (x > 1) goto loop; return result; } • Use backward branch to continue looping • Only take branch when “while” condition holds class 06. ppt – 9– CS 213 S’ 00

$“Do-While” Loop Compilation Goto Version int fact_goto (int x) { int result = 1;$

“Do-While” Loop Compilation Goto Version int fact_goto (int x) { int result = 1; loop: result *= x; x = x-1; if (x > 1) goto loop; return result; } Registers %edxx %eaxresult class 06. ppt Assembly _fact_goto: pushl %ebp movl %esp, %ebp movl $1, %eax movl 8(%ebp), %edx # # Setup eax = 1 edx = x L 11: imull %edx, %eax decl %edx cmpl $1, %edx jg L 11 # # result *= x x-Compare x : 1 if > goto loop movl %ebp, %esp popl %ebp ret – 10 – # Finish CS 213 S’ 00

General “Do-While” Translation Goto Version C Code do loop: Body if (Test) goto loop Body while (Test); • Body can be any C statement – Typically compound statement: { } Statement 1; Statement 2; … Statementn; • Test is expression returning integer = 0 interpreted as false 0 interpreted as true class 06. ppt – 11 – CS 213 S’ 00

$“While” Loop Example #1 First Goto Version C Code int fact_while (int x) {$

“While” Loop Example #1 First Goto Version C Code int fact_while (int x) { int result = 1; while (x > 1) { result *= x; x = x-1; }; return result; } int fact_while_goto (int x) { int result = 1; loop: if (!(x > 1)) goto done; result *= x; x = x-1; goto loop; done: return result; } • Is this code equivalent to the do-while version? • Must jump out of loop if test fails class 06. ppt – 12 – CS 213 S’ 00

$Actual “While” Loop Translation Second Goto Version C Code int fact_while(int x) { int$

Actual “While” Loop Translation Second Goto Version C Code int fact_while(int x) { int result = 1; while (x > 1) { result *= x; x = x-1; }; return result; } int fact_while_goto 2 (int x) { int result = 1; if (!(x > 1)) goto done; loop: result *= x; x = x-1; if (x > 1) goto loop; done: return result; } • Uses same inner loop as do-while version • Guards loop entry with extra test class 06. ppt – 13 – CS 213 S’ 00

General “While” Translation C Code while (Test) Body Goto Version Do-While Version if (!Test) goto done; loop: Body if (Test) goto loop; done: if (!Test) goto done; do Body while(Test); done: class 06. ppt – 14 – CS 213 S’ 00

“While” Loop Example #2 /* Compute x raised to nonnegative power p */ int ipwr_while(int x, unsigned p) { int result = 1; while (p) { if (p & 0 x 1) result *= x; x = x*x; p = p>>1; } return result; } Algorithm • Exploit property that p = p 0 + 2 p 1 + 4 p 2 + … 2 n– 1 pn– 1 • Gives: xp = z 0 · z 1 2 · (z 2 2) 2 · … · (…((zn – 12) 2 )…) 2 zi = 1 when p. I = 0 zi = x when p. I = 1 n times • Complexity O(log p) class 06. ppt – 15 – Example 310 = 32 * 38 = 32 * ((32) 2) CS 213 S’ 00 2

ipwr Computation int ipwr(int x, unsigned p) { int result = 1; while (p) { if (p & 0 x 1) result *= x; x = x*x; p = p>>1; } return result; } class 06. ppt – 16 – CS 213 S’ 00

“While” “Do-While ” “Goto ” int result = 1; while (p) { if (p & 0 x 1) result *= x; x = x*x; p = p>>1; } int result = 1; if (!p) goto done; do { if (p & 0 x 1) result *= x; x = x*x; p = p>>1; } while (p); done: class 06. ppt int result = 1; if (!p) goto done; loop: if (!(p & 0 x 1)) goto skip; result *= x; skip: x = x*x; p = p>>1; if (p) goto loop; done: • Also converted conditional update into test and branch around update code – 17 – CS 213 S’ 00

Example #2 Compilation Goto Version int result = 1; if (!p) goto done; loop: if (!(p & 0 x 1)) goto skip; result *= x; skip: x = x*x; p = p>>1; if (p) goto loop; done: Registers %ecx %edx %eax x p result class 06. ppt pushl %ebp movl %esp, %ebp movl $1, %eax movl 8(%ebp), %ecx movl 12(%ebp), %edx testl %edx, %edx je L 36 L 37: # testb $1, %dl je L 38 imull %ecx, %eax L 38: # imull %ecx, %ecx shrl $1, %edx jne L 37 L 36: # movl %ebp, %esp popl %ebp ret – 18 – # Setup # eax = 1 # ecx = x # edx = p # Test p # If 0, goto done Loop: # Test p & 0 x 1 # If 0, goto skip # result *= x Skip: # x *= x # p >>= 1 # if p goto Loop Done: # Finish CS 213 S’ 00

“For” Loop Example General Form int result; for (result = 1; p != 0; p = p>>1) { if (p & 0 x 1) result *= x; x = x*x; } for (Init; Test; Update ) Body Init result = 1 Body Test p != 0 Update p = p >> 1 { if (p & 0 x 1) result *= x; x = x*x; } class 06. ppt – 19 – CS 213 S’ 00

“For” “While” For Version While Version for (Init; Test; Update ) Init; while (Test ) { Body Update ; } Body Do-While Version Goto Version Init; if (!Test) goto done; do { Body Update ; } while (Test) done: class 06. ppt Init; if (!Test) goto done; loop: Body Update ; if (Test) goto loop; done: – 20 – CS 213 S’ 00

“For” Loop Compilation Goto Version result = 1; if (p == 0) goto done; loop: if (p & 0 x 1) result *= x; x = x*x; p = p >> 1; if (p != 0) goto loop; done: Init; if (!Test) goto done; loop: Body Update ; if (Test) goto loop; done: Init result = 1 Test Body p != 0 { if (p & 0 x 1) result *= x; x = x*x; Update p = p >> 1 class 06. ppt } – 21 – CS 213 S’ 00

$typedef enum {ADD, MULT, MINUS, DIV, MOD, BAD} op_type; char unparse_symbol(op_type op) { switch$

typedef enum {ADD, MULT, MINUS, DIV, MOD, BAD} op_type; char unparse_symbol(op_type op) { switch (op) { case ADD : return '+'; case MULT: return '*'; case MINUS: return '-'; case DIV: return '/'; case MOD: return '%'; case BAD: return '? '; } } class 06. ppt – 22 – Switch Statements Implementation Options • Series of conditionals – Good if few cases – Slow if many • Jump Table – Lookup branch target – Avoids conditionals – Possible when cases are small integer constants • GCC – Picks one based on case structure • Bug in example code – No default given CS 213 S’ 00

Jump Table Structure Switch Form switch(op) { case 0: Block 0 case 1: Block 1 • • • case n-1: Block n– 1 } Jump Table jtab: Targ 0 Jump Targets Targ 0: Code Block 0 Targ 1: Code Block 1 Targ 2: Code Block 2 Targ 1 Targ 2 • • • Targn-1 • • • Approx. Translation target = JTab[op]; goto *target; Targn-1: class 06. ppt – 23 – Code Block n– 1 CS 213 S’ 00

$Switch Statement Example Branching Possibilities typedef enum {ADD, MULT, MINUS, DIV, MOD, BAD} op_type;$

Switch Statement Example Branching Possibilities typedef enum {ADD, MULT, MINUS, DIV, MOD, BAD} op_type; Enumerated Values ADD MULT MINUS DIV MOD BAD char unparse_symbol(op_type op) { switch (op) { • • • } } Setup: class 06. ppt pushl %ebp movl %esp, %ebp movl 8(%ebp), %eax cmpl $5, %eax ja. L 64 jmp *. L 72(, %eax, 4) – 24 – # # # 0 1 2 3 4 5 Setup eax = op Compare op : 5 If > goto done goto Table[op] CS 213 S’ 00

Assembly Setup Explanation Symbolic Labels • Labels of form. LXX translated into addresses by assembler Table Structure • Each target requires 4 bytes • Base address at. L 72 Jumping jmp. L 64 • Jump target is denoted by label. L 64 jmp *. L 72(, %eax, 4) • Start of jump table denoted by label. L 72 • Register %eax holds op • Must scale by factor of 4 to get offset into table • Fetch target from effective Address. L 72 + op*4 class 06. ppt – 25 – CS 213 S’ 00

Jump Table Targets & Completion Table Contents. L 72: . long . L 66 #Op. L 67 #Op. L 68 #Op. L 69 #Op. L 70 #Op. L 71 #Op = = = 0 1 2 3 4 5 Enumerated Values ADD MULT MINUS DIV MOD BAD 0 1 2 3 4 5 class 06. ppt . L 66: movl $43, %eax # ’+’ jmp. L 64. L 67: movl $42, %eax # ’*’ jmp. L 64. L 68: movl $45, %eax # ’-’ jmp. L 64. L 69: movl $47, %eax # ’/’ jmp. L 64. L 70: movl $37, %eax # ’%’ jmp. L 64. L 71: movl $63, %eax # ’? ’ # Fall Through to. L 64 – 26 – CS 213 S’ 00

Switch Statement Completion. L 64: # Done: movl %ebp, %esp # Finish popl %ebp # Finish ret # Finish Puzzle • What value returned when op is invalid? Answer • Register %eax set to op at beginning of procedure • This becomes the returned value Advantage of Jump Table • Can do k-way branch in O(1) operations class 06. ppt – 27 – CS 213 S’ 00

Object Code Setup • Label. L 64 becomes address 0 x 80487 b 5 • Label. L 72 becomes address 0 x 8048770 804875 d: 89 e 5 movl %esp, %ebp 804875 f: 8 b 45 08 movl 0 x 8(%ebp), %eax 8048762: 83 f 8 05 cmpl $0 x 5, %eax 8048765: 77 4 e ja 80487 b 5 <unparse_symbol+0 x 59> 8048767: ff 24 85 70 87 jmp *0 x 8048770(, %eax, 4) class 06. ppt – 28 – CS 213 S’ 00

Object Code (cont. ) Jump Table • Disassembler tries to interpret byte sequence as instructions • Very strange results! 804876 c: 04 804876 e: 89 8048770: 88 8048775: 87 8048776: 04 8048778: 98 8048779: 87 804877 c: a 0 8048781: 87 8048784: b 0 8048786: 04 08 f 6 87 04 08 90 08 04 08 87 04 08 a 8 04 08 87 08 class 06. ppt movl movb %esi, %esi %al, 0 x 87900804(%edi) addb cwtl xchgl movb addb $0 x 8, %al – 29 – %eax, (%eax, %ecx, 1) 0 xa 8080487, %al %eax, (%eax, %ecx, 1) $0 x 87, %al $0 x 8, %al CS 213 S’ 00

Decoding Jump Table Known • Starts at 8048770 • 4 bytes / entry • Little Endian byte ordering 804876 c: 04 08 804876 e: 89 f 6 8048770: 88 87 04 08 90 Address Entry 8048775: 87 8048770: 08048788 8048776: 04 08 8048774: 08048790 8048778: 98 8048778: 08048798 8048779: 87 04 08 804877 c: a 0 87 04 08 a 8 8048781: 87 04 08 8048784: b 0 87 804877 c: 080487 a 0 8048780: 080487 a 8 8048784: 080487 b 0 8048786: 04 08 class 06. ppt – 30 – CS 213 S’ 00

Alternate Decoding Technique Use GDB gdb code-examples (gdb) x/6 xw 0 x 8048770 – Examine 6 hexadecimal format “words” (4 -bytes each) – Use command “help x” to get format documentation 0 x 8048770 <unparse_symbol+20>: 0 x 08048788 0 x 08048790 0 x 08048798 0 x 080487 a 0 0 x 8048780 <unparse_symbol+36>: 0 x 080487 a 8 0 x 080487 b 0 class 06. ppt – 31 – CS 213 S’ 00

Disassembled Targets • No-operations (nop) inserted to align target addresses 8048788: b 8 804878 d: eb 804878 f: 90 8048790: b 8 8048795: eb 8048797: 90 8048798: b 8 804879 d: eb 804879 f: 90 80487 a 0: b 8 80487 a 5: eb 80487 a 7: 90 80487 a 8: b 8 80487 ad: eb 80487 af: 90 80487 b 0: b 8 2 b 00 00 00 26 2 a 00 00 00 1 e 2 d 00 00 00 16 2 f 00 00 00 0 e 25 00 00 00 06 3 f 00 00 00 class 06. ppt movl jmp nop movl jmp nop movl $0 x 2 b, %eax 80487 b 5 <unparse_symbol+0 x 59> $0 x 2 a, %eax 80487 b 5 <unparse_symbol+0 x 59> $0 x 2 d, %eax 80487 b 5 <unparse_symbol+0 x 59> $0 x 2 f, %eax 80487 b 5 <unparse_symbol+0 x 59> $0 x 25, %eax 80487 b 5 <unparse_symbol+0 x 59> $0 x 3 f, %eax – 32 – CS 213 S’ 00

Matching Disassembled Targets Address Entry 8048770: 08048788 8048774: 08048790 8048778: 08048798 804877 c: 080487 a 0 8048780: 080487 a 8 8048784: 080487 b 0 class 06. ppt 8048788: 804878 d: 804878 f: 8048790: 8048795: 8048797: 8048798: 804879 d: 804879 f: 80487 a 0: 80487 a 5: 80487 a 7: 80487 a 8: 80487 ad: 80487 af: 80487 b 0: – 33 – b 8 eb 90 b 8 eb 90 b 8 2 b 00 00 00 26 2 a 00 00 00 1 e 2 d 00 00 00 16 2 f 00 00 00 0 e 25 00 00 00 06 3 f 00 00 00 movl jmp nop movl jmp nop movl CS 213 S’ 00

Summary C Control • • Standard Techniques • All loops converted to do-while form • Large switch statements use jump tables if-then-else do-while switch Conditions in CISC Assembler Control • CISC machines generally have condition code registers • jump • Conditional jump Conditions in RISC Compiler • Must generate assembly code to implement more complex control • Use general registers to store condition information • Special comparison instructions • E. g. , on Alpha: cmple $16, 1, $1 – Sets register $1 to 1 when Register $16 <= 1 class 06. ppt – 34 – CS 213 S’ 00