Practical Session 4 Labels Definition advanced label pseudo
Practical Session 4
Labels Definition - advanced label: (pseudo) instruction operands ; comment • valid characters in labels are: letters, numbers, _, $, #, @, ~, . , and ? • first character can be: letter, _, ? and. (. has a special meaning) • label can be prefixed with a $ to indicate that it is intended to be read as an identifier and not a reserved word Example: $eax: mov eax, 2
Local Labels Definition A label beginning with a single period (. ) is treated as a local label, which means that it is associated with the previous non-local label. Example: label 1: mov eax, 3. loop: dec eax jne. loop ret (this is indeed label 1. loop) label 2: mov eax, 5. loop: dec eax jne. loop ret (this is indeed label 2. loop) Each JNE instruction jumps to the closest. loop, because the two definitions of. loop are kept separate.
How to run Linux from Window Go to http: //www. chiark. greenend. org. uk/~sgtatham/putty/download. html Run the following executable Use “lvs. cs. bgu. ac. il” or “lace. cs. bgu. ac. il” host name and click ‘Open’ Use your Linux username and password to login lace server Go to http: //www. cs. bgu. ac. il/facilities/labs. html Choose any free Linux computer Connect to the chosen computer by using “ssh –X cs 302 six 1 -4” (maybe you would be asked for your password again) cd (change directory) to your working directory
Assembly program with no. c file usage – sample. s section. data numeric: DD 0 x 12345678 string: DB 'abc' answer: DD 0 section. text global _start _start: pushad push dword 2 push dword 1 CALL my. Func return. Address: mov [answer], eax add esp, 8 popad mov ebx, 0 mov eax, 1 int 0 x 80 my. Func: push ebp mov ebp, esp mov eax, dword [ebp+8] mov ebx, dword [ebp+12] my. Func_code: add eax, ebx return. From_my. Func: mov esp, ebp pop dword ebp ret ; entry point (main) ; backup registers ; push argument #2 ; push argument #1 ; call the function my. Func ; retrieve return value from EAX ; "delete" function arguments ; exit program ; my. Func gets two parameters a and b returns a+b ; save previous value of ebp ; set ebp to point to my. Func frame ; get function argument #1 ; get function argument #2 ; eax = 3 ; "delete" local variables of my. Func ; restore previous value of ebp ; return to the caller
GNU Linker ld links together compiled assembly without using. c main file > nasm –f elf sample. s –o sample. o > ld -m elf_i 386 sample. o –o sample > sample or with gdb debugger > gdb sample
section. data numeric: DD 0 x 12345678 string: DB 'abc' answer: DD 0 print ‘numeric’ global variable numeric into memory – little endian print ‘string’ global variable string into memory – little endian pushad 0 xffffd 640 – 0 xffffd 620= 0 x 20 = 32 bytes = 8 registers * 4 bytes push function’s arguments into stack CALL my. Func return address section. text global _start _start: pushad push dword 2 push dword 1 CALL my. Func return. Address: mov [answer], eax add esp, 8 popad mov ebx, 0 mov eax, 1 int 0 x 80 my. Func: push ebp mov ebp, esp mov eax, dword [ebp+8] mov ebx, dword [ebp+12] my. Func_code: add eax, ebx return. From_my. Func: mov esp, ebp pop dword ebp ret
Command-line arguments In Linux, we receive command-line arguments on the stack as execution starts: • • The first argument is number of arguments (i. e. argc) Each one of the rest of arguments is a pointer to an argument string (i. e. argv[0] (this is the name of the program), argv[1] argv[2], and so on) ld(_start) vs. stack gcc (main) This is just like C’s main(int argc, char** argv) argv[2] argv[1] argv[0] ESP argc stack &{argv[0], argv[1], argv[2], …} ESP argc
Producing an assembly file for. c file -S (capital letter) to gcc compiler generates an assembly code to . c program. • > gcc –m 32 –S main. c Compile the following c code with –S option to observe parameters pass in C, compare to material given in class. #include <stdio. h> extern int atoi(char*); void main(int argc, char ** argv) { int m, n; if (argc < 3 ) { printf("use : %s num 1 num 2n", argv[0]); return 0; } m = atoi(argv[1]); n = atoi(argv[2]); return; } Producing a listing file -l option to NASM will generates a source-listing file, in which addresses and generated binary code are listed on the left, and the actual source code is listed on the right > nasm -f elf sample. s -l sample. lst
Producing a listing file – example 1 The first column (from the left) is simply the line number in the listing and is otherwise meaningless • The second column is the relative address, in hex, of where the code will be placed in memory • The third column is the actual compiled code • Labels (i. e. names suffixed with colons) do not create code, they are simply a way to tell the assembler that those locations have symbolic names. • For the normal type of call in 32 -bit mode (relative near call), the binary code for ‘CALL my. Func’ is the opcode E 8 followed by a 4 -byte value that specifies the target address, relative to the next instruction after the call. Address of my. Func label = 0 x 1 F Address of the next instruction after the call (i. e. ‘mov [answer], eax’) is 0 x. A 0 x 1 F-0 x. A=0 x 15, and we get exactly the binary code written here ‘E 815000000’ •
Producing a listing file – example 2 main. c file: #include <stdio. h> extern void my. Func (void); int main(void) { my. Func (); // Your assembly code function } func. s file section. rodata STR 1: DB "Assembly %s", 10, 0 STR 2: DB "code" section. text global my. Func extern printf my. Func: push ebp mov ebp, esp push STR 2 push STR 1 CALL printf mov esp, ebp pop ebp ret note that relative address of label of another section (. rodata) is put in “[…]” note that relative address of external function (printf) is not resolved in assembler step (would be resolved after linking by gcc with main. c file) func. lst listing file
> gdb func. out Producing a listing file – example 2 func. lst listing file gdb run with executable func. out print EIP register to examine binary code
- Slides: 12
