This learning content for the computer work principle, mainly from the storage computer's work model, the Basic assembly language and the assembly code execution process Three aspects to carry on the collation, the emphasis analysis assembly code execution process, takes a simple C language Program disassembly experiment as the example carries on the analysis.
Von Neumann architecture of the computer working model of a stored program
The core idea of von Neumann architecture is to store the program computer, and the program and data are stored in the computer, and the first instruction that executes the program according to the storage program's first address is an "objective law" that all kinds of computer architectures obey.
The main features of Von Neumann system are three:
1. The von Neumann system divides the computer into: memory (program memory, data Memory), CPU (operator, Controller, register), input device and output device. Where the arithmetic, memory, controller and input five parts constitute the computer hardware.
2. The internal computer uses the binary to represent the instruction and the program
3. Put the written program and data into memory and start the computer work.
The CPU work process can be broadly divided into three steps: Take the instruction, analyze the instruction and execute the instruction. Where the staging of both the instruction data and the address occurs in the register. The main object of assembly language is register. The register of the CPU is mainly divided into general register, control register and segment register three kinds. The Intel Processor Family (X86) has undergone 16-bit (8086,1978), 32-bit (i386,1985) and 64-bit (Pentium 4e,2004) three critical phases. Different bits of CPU register function is not very small, the following details about the x86-32 of the relevant situation.
The X86-32 has 8 general-purpose registers: 4 Data registers (EAX, EBX, ECX, and edx), 2 variable-address registers (ESI and EDI), and 2 stack pointer registers (ESP and EBP); 6 segment Registers (ES, CS, SS, DS, FS, and GS) ; 2 Control registers: 1 instruction pointer Register (EIP), 1 flag Register (eflags).
The Basic assembly language
This article briefly introduces several assembly instructions, the detailed assembly instruction explanation can be viewed from the following links 46391211?utm_source=blogxgwz0
Movl
String transfer instruction MOVL
Format: MOVL oprd1,oprd2
Function: Oprd1<--oprd2.
Description
- Where OPRD2 is the source string symbol address, OPRD1 is the destination string symbolic address.
- BYTE string operation: If df=0, then add, if df=1, then reduce.
- When the string operation: If the df=0, then add, if df=1, then reduce,.
- When the operand is not present in the instruction, the byte string transfer format is MOVSB and the string transfer format is MOVSW.
- This directive does not affect the flag bit.
Popl
Stack operation Instruction Popl
Format: POPL OPRD
Function: command to implement popup operation
Description
- The OPRD is a 32-bit (word) operand, which can be a register or a memory operand.
- The operation of the POPL instruction is: Polp oprd:oprd<--(sp), (SP) <--(SP) +2
In contrast to the press-in operation, the top of the stack is popped first, and then the contents of the pointer sp are modified.
3. No effect on status flag bit
Pushl
Stack operation instruction PUSHL
Format: PUSHL OPRD
Function: Instructions for implementing a press-in operation
Description
- The OPRD is a 32-bit (word) operand, which can be a register or a memory operand.
- The operation of the PUSHL is: (sp) <--(SP)-2, ((SP)) <--OPRD The stack pointer SP is modified first (press-in is auto minus 2), then the specified operand is fed to the new stack top position.
The ((SP)) <--OPRD here can also be understood as: [(SS) *16+ (SP)]<--OPRD or [SS:SP]<--OPRD
3. No effect on status flag bit
Pager
Procedure Invoke Command call
Format: Call OPRD
Function: Procedure Call instruction
Description
- Where OPRD is the destination address of the process.
- Procedure calls can be divided into segments and calls between segments. The addressing method can also be divided into two types: direct addressing and indirect addressing.
- This directive does not affect the flag bit.
Ret
return instruction RET
Format: RET
Function: This directive does not affect the flag bit when the process of the call implements the next instruction returned from the procedure to the original calling program.
Description
Because the properties of near or far are indicated at the time of the procedure definition, the RET instruction performs different operations based on calls between segments and between segments
Call in segment: Returns the offset from the segment of the return address of a word returned by the stack to IP.
Out-of-paragraph use: When returned, the first word ejected by the stack is the offset within the segment of the return address, which is fed into the IP, and the second word of the stack pops up as the segment base of the return address, which is fed into CS.
The process of assembly code execution
In this section we analyze an example of a small disassembly experiment. The experimental environment provides a 64-bit virtual machine environment based on Web access for the experimental building. The specific process is as follows;
Compiling the Main.c file
Generate ". S" for the extension of the assembly code file MAIN.S
----> View. s file
----> Delete "." Link Auxiliary information string at the beginning
Assembly Instruction Execution Process analysis
The last code obtained in the figure is divided into three parts: g function, f function and main function.
The program starts with the main function
Pushl%ebp
The value of the ESP is reduced by 4 first, and then the value of EBP is stored in the location indicated by ESP, where the ordinal of 1 in the stack stores the current value of EBP (0), and EBP still points to position 0,esp to point to position 1;
MOVL%esp,%EBP
Both EBP and ESP point to position 1;
Subl $4,%esp
ESP points to position 2;
MOVL, (%ESP)
The position of the stack 2 stores the immediate number 12;
Call F
First, the EIP is pressed into the stack, the EIP at this time the value is the next command to execute the position, we might as well as the line number, the line number 23 is placed in the stack position 3, when the ESP points to position 3,EBP point 1; Then assign the starting position of function f to the register EIP, The next instruction is the first instruction of F;
PUSHL%EBP
Position in stack 4 stores the value of EBP (position 1), esp points to position 4;
MOVL%esp,%EBP
ESP and EBP point to position 4;
Subl $4,%esp
ESP points to position 5;
MOVL 8 (%EBP),%eax
The value at two positions before EBP is given to the register eax, and the value stored at position 2 is 12 to eax;
Movl%eax, (%ESP)
Stores the value in the EAX to the location where ESP points, where 5 of the stack is stored 12;
Call G
First, the EIP is pressed into the stack, the line number 15 is placed in the stack position 6, when the ESP points to position 6,EBP point to position 4; then assign the starting position of function g to the register EIP, the next instruction is the first instruction of G;
PUSHL%EBP
Position in stack 7 stores the value of EBP (position 4), ESP points to position 7;
MOVL%esp,%EBP
Both ESP and EBP point to position 7;
MOVL 8 (%EBP),%eax
The value at two positions before EBP is given to the register eax, and the value stored at position 5 is 12 to eax;
Addl $6,%eax
The value in EAX is added to 6 and becomes 18;
POPL%EBP
The stack top data is ejected into EBP, and the value "position 4" of position 7 in the stack is assigned to EBP, while ESP points to position 6;
Ret
Pop the stack top data into the EIP, the value "line 15" of position 6 in the stack is assigned to the EIP, while ESP points to position 5, the next instruction becomes the instruction at line 15th;
Leave
This instruction first assigns the value of EBP to ESP, that is, both ESP and EBP point to position 4, then pops the top element of the stack into EBP, and assigns the value "position 1" of position 4 in the stack to EBP, while the ESP points to position 3;
Ret
Pop the stack top data into the EIP, the value "line 23" of position 3 in the stack is assigned to the EIP, while ESP points to position 2, the next instruction becomes the instruction at line 23rd;
Addl $,%eax
The value in the register EAX is added to 1, which becomes 19;
Leave
The value of EBP is assigned to ESP,ESP and EBP to point to position 1, and then the top element of the stack pops into EBP, where the value "position 0" of position 4 in the stack is assigned to EBP, while ESP points to position 0;
Ret
Pop the stack top data into the EIP and assign the value of position 0 in the stack to the EIP, while ESP points to position 1, and the next instruction becomes the instruction before the program begins.
Problem encountered: Delete "." In a small experiment. The "g^.s*/d" instruction is mistakenly used in the heading string procedure
Workaround: Successfully resolved after using "g/./d"
Experience: Recently did not find the right learning rhythm, each homework is completed in a hurry, but compared to the previous week of unplanned has been improved, in order to fully adapt to two weeks
Introduction to how computers work