In-depth understanding of computer systems (3.3)---data transfer (or replication) instructions

This article reprinted address : http://www.cnblogs.com/zuoxiaolong/p/computer15.html

Introduction

In the previous chapter, we have introduced the basic part of assembly language, including the data format, register, and how to identify the number of operands, and then we should get to know the various instructions in assembly language. Most of these instructions are very simple, but it is really magical to combine them to simulate any effect we want in our program.

　　

Data transfer Instructions

The purpose of the data transfer instruction is to copy one data from one location to another. In this case, the data transfer instruction will contain a source operand and a destination operand, and the instruction will copy the value of the original operand to the destination operand and overwrite it.

Data transmission instructions can be divided into five types, namely MOV, Movs, Movz, push and pop, the following LZ in turn, introduced the role of these five instructions.

　　

MOV instructions

The function of the MOV instruction is to copy the data from the source operand S to the target operand D, the MOV instruction has a data format and two operands, so the general form is [Movx s D]. where x is the data format, S is the source operand and D is the purpose operand.

Here's a simple example, such as we have an instruction for MOVL%edx%eax. The execution process is as shown.

As you can see, the contents of the%edx register are copied to the%EAX register after the instruction is executed. It is necessary to mention that the MOV instruction can be appended to any data format, such as the above process, the data format is four bytes, that is, double word. It is therefore not difficult to infer that we can also use MOVB and MOVW to replicate a byte or two bytes.

Movs directive

The function of the Movs instruction is to expand the data in the source operand S into symbols, then copy to the purpose operand D, the Movs instruction has two data formats and two operands, so the general form is [Movsxy S D]. where x, y is the data format, S is the source operand, and D is the purpose operand. where x, y combination of a total of three, is bw, BL, WL, the three combinations represent the meaning of single-byte to double-byte, single-byte to double word and double-byte to double word.

Here the LZ still cite an example, for the instruction MOVSWL%DX%eax, its function as shown.

In order to be able to see the extension of the sign bit here, LZ uses a 16 binary integer representation here. As you can see, the Movs instruction will 0x8fff extended to the%eax register, where%DX is the next 16 bits of the register%edx.

　　

MOVZ directive

The purpose of the MOVZ instruction is to expand the source operand s by 0 and then copy to the destination operand. It is very similar to the Movs Directive and has two data formats and two operands, so the general form is [Movzxy S D]. where x, y is the data format, S is the source operand, and D is the purpose operand. where x, y combination of a total of three, is bw, BL, WL, the three combinations represent the meaning of single-byte to double-byte, single-byte to double word and double-byte to double word.

Here's a similar example, and let's take a look at the instructions movzwl%dx%eax, how it works differently than the Movs above.

As can be seen, the movz and Movs instructions are very similar, but after this expansion, the target register%eax the first 16 bits is 0 and no longer 1.

Push command

The push instruction differs from the MOV family directive above, and its purpose operand is fixed to the top of the stack, so there is no purpose operand in its instruction. Another thing to note is that it needs to move the top pointer (-4) before the copy operation. the general form of the push instruction is [PUSHL S], where l means the data format is double word, S is the source operand, and the destination operand defaults to the top of the stack.

Here LZ to give a simple example, such as PUSHL%edx this command, its task is to copy the value of the%edx register to the top of the stack. Let's start by looking at the status of the registers and the memory before the command executes.

As you can see, the registers%EBP and%esp point to the frame pointer and the stack pointer respectively, and%ESP is actually the top of the stack pointing. Since the top of the stack is now in the position of-16, to push the%edx into the stack, you first need to move the top of the stack to a position of-20 before copying, as shown in the state of the move.

As you can see, the position of the stack pointer has changed, moved down four bits, and put the value of the%edx register into the new stack top, so the PUSHL%edx instruction is equivalent to the following two instructions.

Subl $4,%esp

Movl%edx, (%ESP)

As can be seen here, in fact, the PUSHL command to do a hidden operation, is to move the stack pointer (-4), it is hoped that the ape friends attention.

Pop instructions

The pop instruction is the opposite of the push instruction, and the one that is into the stack is the stack. For a pop instruction, its source operand is pinned to the top of the stack, instead it is copied before the stack pointer is moved. The general form of the pop instruction is [popl D], where l means the data format is double word, D is the purpose operand, and the source operand defaults to the top of the stack.

Next we take an example, similar to the example above, we consider the effect of POPL%edx this instruction, which pops the value of the top of the stack to the register%edx. First, the status of the register and the memory before execution.

Next, when executing the pop instruction, the value of the top of the stack is copied to%edx and then the stack pointer is moved (+4). Let's take a look at the state after it executes.

As you can see, the contents of the top of the stack have been ejected to the%edx register, and the current stack top has moved to the position of-16, which is +4 operation. So the POPL%edx directive is equivalent to the following two instructions.

MOVL (%ESP),%edx

Addl $4,%esp

As can be seen here, in fact, the POPL directive also did a hidden operation, is to move the stack pointer (+4).

Data Replication Example

We've learned almost all of the data replication instructions above, and then we'll write a little program that looks at the data replication instructions and how to do our program operations.

Simple (int *xp,int  y) {    int t = *XP;     *xp=y;     return t;}

Above is a simple C program SUM.C, which contains some assignment operations, let's take a look at its assembly code. Use the Gcc-o1-s sum.c to get our assembler code and use the cat SUM.S to see it.

.file    "SUM.C". Text.globl simple. Type simple, @functionsimple: PUSHL%EBP MOVL%ESP,%EBP
The above is the building part of the stack movl8(%EBP),%edx MOVL (%edx),%eax movl A(%EBP),%ecx MOVL%ECX, (%edx)
The following is the completion section of the Stack popl%EBP ret. Size simple,.-Simple . Ident"GCC: (Ubuntu 4.4.3-4ubuntu5.1) 4.4.3". Section. Note. GNU-stack,"", @progbits

When analyzing this assembly code, we should be divided into three parts, first of all, the building of the stack, then the use, and finally the completion part. As you can see, there are almost all data copying instructions, let's take a look at the build part of the stack first.

In fact, for the first PUSHL and MOVL instructions, it mainly did two things. The first is to back up the original frame pointer to the top of the stack, and then unify the frame pointer and stack pointer to the new stack, which completes the creation of a new stack. When it is finished, the stack's status is as follows.

As you can see, the Register%EBP and register%esp all point to the position of the current frame pointer, where the variable XP is located at +8, and y is in the +12 position. Because XP is a pointer variable, it points to an in-memory region where the value is *XP.

Knowing the status of registers and memories, when the stack has been established, then we look at the next sentence of the assembly code.

    MOVL    8(%EBP),%edx

This sentence copies the value of memory address%ebp+8 to%edx, and it is clear from the above figure that the%ebp+8 location stores the XP variable. This command does a simple operation, which is to extract XP to the%edx register, as shown below.

At this point, the value of%edx has been changed to variable XP, to see the following sentence.

MOVL (%edx),%eax

This sentence assigns the value of the memory address to%edx to the register%eax and prepares the return value. At this point the value of the%edx register has been changed to the XP variable, so (%edx) is actually *XP, and the%EAX register is generally used as the return value of the function, so it actually replaces the temporary variable T. The status after execution is shown below.

Now that you have completed the int t = *XP in the program and the return value is prepared for return T, the next sentence of the assembly code is very simple, as follows.

    MOVL    (%EBP),%ecx

Its role is to copy the value of address%ebp+12 to register%ECX, as you can see,%ebp+12 is the stored variable y. So its role is to copy y to register%ECX, as shown below.

The above step is quite simple, let's take a look at the last step, as follows.

    MOVL    %ecx, (%edx)

Its role is to copy the value of the%ECX register to the%edx location in memory. At this point the value of%ecx is Y, while%edx is XP, so the destination operand is the location that XP points to, that is, *xp. This sentence is executed in the program code, *xp=y this operation, it executes after the state as shown below.

As you can see, after *xp=y is executed, the XP pointer points to the position where the value has changed to Y. At this point the program has basically run finished, the rest of the work is the completion of the operation of the stack, that is, POPL instructions. After the stack completes, that is, after the pop instruction executes, the current frame is restored to the caller's frame, as shown below.

At this point the current frame has been restored to the caller's frame, the last RET instruction changes the value of the program counter (PC), and then jumps out of the child function, continuing to execute the caller's code. Here, our data replication example is over, although this example is not difficult, but the small perfectly formed, if the understanding of the process, I believe that even more complicated assembly instructions, it is only a little longer analysis of the time.

Article Summary

This chapter is relatively long, LZ in order to facilitate understanding, inserted a lot of pictures, I hope to help you, but these pictures are really bad painting, wasted LZ a lot of time. This article mainly introduces some data copy instructions, are copied to copy, the next chapter we will discuss the calculation of the instructions, there will be some subtraction, shift, take address and other operations.

In-depth understanding of computer systems (3.3)---data transfer (or replication) instructions