Introduction to at&t Assembly syntax in Linux 1

 

I. at&t format Linux Assembly syntax format

1. In at&t Assembly format, Register names must be prefixed with '%'. In Intel assembly format, Register names do not need to be prefixed. For example:

At&t format	Intel format
Pushl % eax	Push eax

2. In at&t Assembly format, the prefix '$' is used to represent an immediate operand. In Intel assembly format, the representation of immediate numbers does not contain any prefix. For example:

At&t format	Intel format
Pushl $1	Push 1

3. The source and target operands in at&t and Intel are in the opposite position. In Intel assembly format, the destination operand is on the left of the source operand, while in at&t Assembly format, the destination operand is on the right of the source operand. For example:

At&t format	Intel format
Addl $1, % eax	Add eax, 1

4. In at&t Assembly format, the length of an operand is determined by the last letter of the operator. The suffixes 'B', 'w', and 'l' indicate that the operands are bytes (byte, 8 bits) characters (word, 16 bits) and long characters (long, 32 bits). In Intel assembly format, the length of an operand is expressed by prefix such as "Byte PTR" and "word PTR. For example:

At&t format	Intel format
Movb Val, % Al	MoV Al, byte PTR Val

5. In at&t Assembly format, the prefix '*' must be added before the operands of absolute transfer and call commands (jump/call), but not in Intel format.
6. The operation code of the remote Transfer Instruction and remote sub-call instruction is "ljump" and "lcall" in at&t Assembly format, while "JMP far" and "Call far" in Intel assembly format ", that is:

At&t format	Intel format
Ljump $ section, $ offset	JMP far section: Offset
Lcall $ section, $ offset	Call far section: Offset

7. The corresponding remote return command is:

At&t format	Intel format
LRET $ stack_adjust	RET far stack_adjust

8. In at&t Assembly format, the addressing method of memory operands is

Section: disp (base, index, scale)

9. In Intel assembly format, the addressing mode of memory operands is:

Section: [base + Index * scale + disp]

10. Because Linux uses 32-bit linear addresses in protection mode, the following address calculation method is used instead of considering the segment base address and offset when calculating the address:

Disp + base + Index * Scale

11. The following is an example of some memory operations:

At&t format	Intel format
Movl-4 (% EBP), % eax	MoV eax, [EBP-4]
Movl array (, % eax, 4), % eax	MoV eax, [eax * 4 + array]
Movw array (% EBX, % eax, 4), % CX	MoV CX, [EBX + 4 * eax + array]
Movb $4, % FS :( % eax)	MoV FS: eax, 4

2. Hello world!

Since the first example of all programming languages is to print a string "Hello World!" on the screen! ", Then we will introduce the Assembly Language Programming in Linux in this way.

In Linux, there are many ways to display a string on the screen, but the simplest way is to use the system call provided by the Linux kernel. The biggest advantage of using this method is that it can communicate directly with the kernel of the operating system. You do not need to link a function library such as libc or use the elf interpreter, therefore, the code size is small and the execution speed is fast.

Linux is a 32-bit operating system running in protected mode. It adopts the flat memory mode. Currently, binary code in ELF format is the most commonly used. An executable program in the ELF format is generally divided into the following parts :. text ,. data and. BSS, where. text is a read-only code area ,. data is a readable and writable data area, while. BSS is a readable and writable data zone without initialization. The Code area and data area are collectively referred to as sections in elf. You can use other standard sections or add custom sections as needed.
The elf executable program should have at least one. Text part. The following is our first assembler, In the at&t assembly language format:

Example 1. at&t format

# Hello. s . Data                   # Data Segment Declaration         MSG:. String "Hello, world! \ N "# string to be output         Len =.-MSG                 # String Length . Text                   # Code snippet Declaration . Global _ start         # Specify the entry function _ Start:                 # Display a string on the screen         Movl $ Len, % edX # Parameter 3: String Length         Movl $ MSG, % ECx # Parameter 2: string to be displayed         Movl $1, % EBX   # Parameter 1: file descriptor (stdout)         Movl $4, % eax   # System call number (sys_write)         Int $0x80     # Calling kernel functions                         # Exit the program         Movl $0, % EBX   # Parameter 1: Exit code         Movl $1, % eax   # System call number (sys_exit)         Int $0x80     # Calling kernel functions

When I first came into contact with at&t-formatted assembly code, many programmers thought it was too obscure. It doesn't matter. On the Linux platform, you can also use the Intel format to compile the assembly program:

Example 2. Intel format

; Hello. ASM Section. Data           ; Data Segment Declaration         Msg db "Hello, world! ", 0xa   ; String to be output         Len equ $-MSG               ; String Length Section. Text           ; Code segment Declaration Global _ start           ; Specifies the entry function _ Start:                 ; Display a string on the screen         MoV edX, Len   ; Parameter 3: String Length         MoV ECx, MSG   ; Parameter 2: string to be displayed         MoV EBX, 1     ; Parameter 1: file descriptor (stdout)         MoV eax, 4     ; System call number (sys_write)         Int 0x80       ; Call the kernel function                         ; Exit the program         MoV EBX, 0     ; Parameter 1: Exit code         MoV eax, 1     ; System call number (sys_exit)         Int 0x80       ; Call the kernel function

Although the syntax used by the above two assembler programs is completely different, the function is to call the sys_write provided by the Linux kernel to display a string, and then call sys_exit to exit the program. In the Linux kernel source File Include/asm-i386/unistd. H, you can find the definitions of all system calls.

Iii. Linux assembly tools

There are many types of assembler tools on Linux, but like DOS/Windows, the most basic tools are assembler, connector, and debugger.

1. Assembler

The assembler is used to convert source programs written in assembly languages into binary-format target codes. The standard assembler on the Linux platform is gas, which is the background compilation tool on which GCC depends. It is usually included in the binutils software package. Gas uses the standard at&t Assembly syntax and can be used to compile programs written in at&t format:

[Xiaowp @ Gary Code] $ as-O hello. O hello. s

Another commonly used assembler on Linux is NASM. It provides good macro commands and supports a considerable number of target code formats, including bin and. out, coff, elf, and RDF. NASM uses a manually compiled syntax analyzer, so the execution speed is much faster than that of gas. More importantly, it uses Intel assembly syntax, it can be used to compile assembler programs written in Intel syntax format:

[Xiaowp @ Gary Code] $ NASM-F elf hello. ASM

2. linker

The target code generated by the assembler cannot run directly on the computer. It must be processed by the linker to generate executable code. The linker is usually used to connect multiple target codes into one executable code. In this way, the entire program can be divided into several modules for separate development before they can be combined into an application. Linux uses LD as a standard linking program, which is also included in the binutils package. After compilation and generation of the target code through gas or NASM, the assembler can use LD to link it to an executable program:

[Xiaowp @ Gary Code] $ LD-S-O hello. o

3. Debugger

Some people say that the program is not compiled but called out. It shows that debugging plays an important role in software development, especially when programming in assembly languages. In Linux, You can debug assembly code by using a general debugger such as GDB and DDD, or by using an ALD (assembly language debugger) Specially Used to debug assembly code ).

From the perspective of debugging, the advantage of using gas is that you can include the symbol table in the generated target code ), in this way, you can use GDB and DDD for source code-level debugging. To include the symbol table in the generated executable program, you can compile and link the table in the following way:

[Xiaowp @ Gary Code] $ as -- maid-O hello. O hello. s [Xiaowp @ Gary Code] $ LD-O hello. o

When running the as command, the parameter-ststabs can tell the assembler to add a symbol table to the generated target code. Note that the-S parameter is not added when the LD command is used for link, otherwise, the symbol table in the target code will be deleted during the link.

Assembly programmers usually face some harsh software and hardware environments. The short and concise ALD may better meet the actual needs. Therefore, the following describes how to use the ALD to debug the assembly program. First, run the ALD command in the command line mode to start the debugger. The parameter of this command is the executable program to be debugged:

[Xiaowp @ Gary Doc] $ ALD hello Assembly Language debugger 0.1.3 Copyright (c) 2000-2002 Patrick alken Hell elf intel 80386 (32 bit), LSB, executable, Version 1 (current) Loading debugging symbols... (15 symbols loaded) ALD>

When the ALD prompt appears, run the disassemble command to decompile the code segment:

ALD> disassemble-S. Text Disconfiguring section. Text (0x08048074-0x08048096) 08048074 ba0f000000 mov edX, 0xf 08048079 b998900408 mov ECx, 0x8049098 0804807e bb0000000 mov EBX, 0x1 08048083 b804000000 mov eax, 0x4 08048088 CD80 int 0x80 0804808a bb00000000 mov EBX, 0x0 0804808f b80000000 mov eax, 0x1 08048094 CD80 int 0x80