MachineLevel Programming 3 Control Flow Topics n Control

Machine-Level Programming 3 Control Flow Topics n Control Flow l Switch Statements l Jump Tables

Switch Statements Implementation Options – 2– n Jump Table l Lookup branch target l Constant time l Possible when cases are small integer constants n Series of conditionals l Organize in tree structure l Logarithmic performance n GCC l Picks one based on case structure CMSC 313, F’ 09

long switch_eg (long x, long y, long z) { long w = 1; switch(x) { case 1: w = y*z; break; case 2: w = y/z; /* Fall Through */ case 3: w += z; break; case 5: case 6: w -= z; break; default: w = 2; } return w; }– 3 – Switch Statement Example Features n Multiple case labels n Fall through cases Missing cases n CMSC 313, F’ 09

Jump Table Structure Switch Form switch(x) { case val_0: Block 0 case val_1: Block 1 • • • case val_n-1: Block n– 1 } Jump Table jtab: Targ 0 Jump Targets Targ 0: Code Block 0 Targ 1: Code Block 1 Targ 2: Code Block 2 Targ 1 Targ 2 • • • Targn-1 • • • Approx. Translation target = JTab[x]; goto *target; Targn-1: – 4– Code Block n– 1 CMSC 313, F’ 09

Switch Statement Example (IA 32) long switch_eg (long x, long y, long z) { long w = 1; switch(x) { . . . } return w; } Setup: – 5– switch_eg: pushl %ebp movl %esp, %ebp pushl %ebx movl $1, %ebx movl 8(%ebp), %edx movl 16(%ebp), %ecx cmpl $6, %edx ja . L 61 jmp *. L 62(, %edx, 4) # Setup # w = 1 # edx = x # ecx = z # x: 6 # if > goto default # goto JTab[x] CMSC 313, F’ 09

Assembly Setup Explanation Table Structure n n Each target requires 4 bytes Table base address at. L 62 Jumping Direct Jump jmp. L 61 n Jump target is denoted by label. L 61 Indirect Jump jmp *. L 62(, %edx, 4) n Start of jump table denoted by label. L 62 n Register %edx holds x n Must scale by factor of 4 to get offset into table n Fetch target from effective Address. L 61 + x*4 l Only for 0 x 6 – 6– CMSC 313, F’ 09

Jump Table Contents. section. rodata . align 4. L 62: . long . L 61 # x = 0. long . L 56 # x = 1. long . L 57 # x = 2. long . L 58 # x = 3. long . L 61 # x = 4. long . L 60 # x = 5. long . L 60 # x = 6 – 7– switch(x) { case 1: //. L 56 w = y*z; break; case 2: //. L 57 w = y/z; /* Fall Through */ case 3: //. L 58 w += z; break; case 5: case 6: //. L 60 w -= z; break; default: //. L 61 w = 2; } CMSC 313, F’ 09

Code Blocks (Partial) switch(x) { . . . case 2: //. L 57 w = y/z; /* Fall Through */ case 3: //. L 58 w += z; break; . . . default: //. L 61 w = 2; } – 8– . L 61: // Default case movl $2, %ebx # w = 2 movl %ebx, %eax # Return w popl %ebx leave ret. L 57: // Case 2: movl 12(%ebp), %eax # y cltd # Div prep idivl %ecx # y/z movl %eax, %ebx # w = y/z # Fall through. L 58: // Case 3: addl %ecx, %ebx # w+= z movl %ebx, %eax # Return w popl %ebx leave ret CMSC 313, F’ 09

Code Blocks (Rest) switch(x) { case 1: //. L 56 w = y*z; break; . . . case 5: case 6: //. L 60 w -= z; break; . . . } – 9– . L 60: // Cases 5&6: subl %ecx, %ebx # w –= z movl %ebx, %eax # Return w popl %ebx leave ret. L 56: // Case 1: movl 12(%ebp), %ebx # w = y imull %ecx, %ebx # w*= z movl %ebx, %eax # Return w popl %ebx leave ret CMSC 313, F’ 09

IA 32 Object Code Context n n Label. L 61 becomes address 0 x 8048630 Label. L 62 becomes address 0 x 80488 dc Assembly Code switch_eg: . . . ja . L 61 # if > goto default jmp *. L 62(, %edx, 4) # goto JTab[x] Disassembled Object Code 08048610 <switch_eg>: . . . 8048622: 77 0 c ja 8048630 8048624: ff 24 95 dc 88 04 08 jmp *0 x 80488 dc(, %edx, 4) – 10 – CMSC 313, F’ 09

IA 32 Object Code (cont. ) Jump Table n Doesn’t show up in disassembled code Can inspect using GDB gdb asm-cntl (gdb) x/7 xw 0 x 80488 dc l Examine 7 hexadecimal format “words” (4 -bytes each) l Use command “help x” to get format documentation n 0 x 80488 dc: 0 x 08048630 0 x 08048650 0 x 0804863 a 0 x 08048642 0 x 08048630 0 x 08048649 – 11 – CMSC 313, F’ 09

Disassembled Targets 8048630: bb 02 00 00 00 mov $0 x 2, %ebx 8048635: 89 d 8 mov %ebx, %eax 8048637: 5 b pop %ebx 8048638: c 9 leave 8048639: c 3 ret 804863 a: 8 b 45 0 c mov 0 xc(%ebp), %eax 804863 d: 99 cltd 804863 e: f 7 f 9 idiv %ecx 8048640: 89 c 3 mov %eax, %ebx 8048642: 01 cb add %ecx, %ebx 8048644: 89 d 8 mov %ebx, %eax 8048646: 5 b pop %ebx 8048647: c 9 leave 8048648: c 3 ret 8048649: 29 cb sub %ecx, %ebx 804864 b: 89 d 8 mov %ebx, %eax 804864 d: 5 b pop %ebx 804864 e: c 9 leave 804864 f: c 3 ret 8048650: 8 b 5 d 0 c mov 0 xc(%ebp), %ebx 8048653: 0 f af d 9 imul %ecx, %ebx 8048656: 89 d 8 mov %ebx, %eax 8048658: 5 b pop %ebx 8048659: c 9 leave 804865 a: c 3 ret – 12 – CMSC 313, F’ 09

Matching Disassembled Targets 0 x 08048630 0 x 08048650 0 x 0804863 a 0 x 08048642 0 x 08048630 0 x 08048649 – 13 – 8048630: bb 02 00 00 00 mov 8048635: 89 d 8 mov 8048637: 5 b pop 8048638: c 9 leave 8048639: c 3 ret 804863 a: 8 b 45 0 c mov 804863 d: 99 cltd 804863 e: f 7 f 9 idiv 8048640: 89 c 3 mov 8048642: 01 cb add 8048644: 89 d 8 mov 8048646: 5 b pop 8048647: c 9 leave 8048648: c 3 ret 8048649: 29 cb sub 804864 b: 89 d 8 mov 804864 d: 5 b pop 804864 e: c 9 leave 804864 f: c 3 ret 8048650: 8 b 5 d 0 c mov 8048653: 0 f af d 9 imul 8048656: 89 d 8 mov 8048658: 5 b pop 8048659: c 9 leave 804865 a: c 3 ret CMSC 313, F’ 09

Sparse Switch Example /* Return x/111 if x is multiple && <= 999. -1 otherwise */ int div 111(int x) { switch(x) { case 0: return 0; case 111: return 1; case 222: return 2; case 333: return 3; case 444: return 4; case 555: return 5; case 666: return 6; case 777: return 7; case 888: return 8; case 999: return 9; default: return -1; } } – 14 – n Not practical to use jump table l Would require 1000 entries n Obvious translation into if-then-else would have max. of 9 tests CMSC 313, F’ 09

Sparse Switch Code (IA 32) movl 8(%ebp), %eax cmpl $444, %eax je. L 8 jg. L 16 cmpl $111, %eax je. L 5 jg. L 17 testl %eax, %eax je. L 4 jmp. L 14. . . – 15 – # get x # x: 444 # x: 111 # x: 0 n Compares x to possible case values n Jumps different places depending on outcomes. . L 5: movl $1, %eax jmp L 19. L 6: movl $2, %eax jmp L 19. L 7: movl $3, %eax jmp L 19. L 8: movl $4, %eax jmp L 19. . . CMSC 313, F’ 09

Sparse Switch Code Structure < < 111 = 444 = > 4 > 777 < = 1 7 0 -1 = 0 222 2 -1 n – 16 – 555 = n > 5 333 = 3 < = -1 888 = > 8 666 = 6 -1 999 = 9 Organizes cases as binary tree Logarithmic performance CMSC 313, F’ 09

Summarizing C Control Standard Techniques n n if-then-else do-while IA 32 loops converted to do-while form n while, for n n switch Large switch statements use jump tables n Assembler Control n n n Conditional jump Conditional move Indirect jump Conditions in CISC machines generally have condition code registers Compiler n – 17 – Must generate assembly code to implement more complex control CMSC 313, F’ 09

Quiz Time Write the C that produced the following assembly language code This function takes a single integer argument located at 0 x 8(%ebp) 0000 <mystery 1>: 0: 55 push %ebp 1: 31 c 0 xor %eax, %eax 3: 89 e 5 mov %esp, %ebp 5: 8 b 4 d 08 mov 0 x 8(%ebp), %ecx 8: 85 c 9 test %ecx, %ecx a: 7 e 0 c jle 18 <mystery 1+0 x 18> c: 31 d 2 xor %edx, %edx e: 89 f 6 mov %esi, %esi 10: 8 d 04 50 lea (%eax, %edx, 2), %eax 13: 42 inc %edx 14: 39 d 1 cmp %edx, %ecx 16: 75 f 8 jne 10 <mystery 1+0 x 10> 18: 5 d pop %ebp 19: c 3 ret – 18 – CMSC 313, F’ 09

Quiz Time Write the C that produced the following assembly language code This function takes a single integer argument located at 0 x 8(%ebp) 0000 <mystery 2>: 0: 55 push %ebp 1: 31 c 0 xor %eax, %eax 3: 89 e 5 mov %esp, %ebp 5: 8 b 4 d 08 mov 0 x 8(%ebp), %ecx 8: 85 c 9 test %ecx, %ecx a: 7 e 0 c jle 18 <mystery 2+0 x 18> c: 31 d 2 xor %edx, %edx e: 89 f 6 mov %esi, %esi 10: 8 d 04 50 lea (%eax, %edx, 2), %eax 13: 42 inc %edx 14: 39 d 1 cmp %edx, %ecx 16: 75 f 8 jne 10 <mystery 2+0 x 10> 18: 5 d pop %ebp 19: c 3 ret – 19 – CMSC 313, F’ 09