Linux kernel Analytics Job (1)-How does a computer work?

According to the 163MOOC College of China University of Science and Technology Meng Ningmeng teacher program written blog

Xiaochong Original Works Please specify the source

"Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000

One, the working process of the computer

The basic principle of the computer is the stored procedure and program control (von. Neumann system), simply put, we need to operate the instruction (program) and data first entered into the computer's storage device, and then the computer will strictly execute the instructions needed to execute, including from that address to take the number (or instructions), What to do (add and subtract shifts, etc.), and then send back to what address.

On the hardware, the basic components that make up the modern CPU have super-large logic gates, timers, and high-performance caches and high-precision clocks. The logic gate provides logical quorum function, the arithmetic is proficient in various operations, the cache improves the data exchange efficiency.

From the software, I think our program is to interact with the computer, especially the various registers on the CPU to use the computer's hardware functions, such as network communication, is our program uses the network interface for data interaction. or the most classic C language to print "Hello World" This program, simply speaking, our program control CPU-related registers in the video memory to write the "Hello World" This string displays the relevant instructions and data. In this process, the software control hardware is designed to show "Hello World" on top of our display, and the process itself can be abstracted as data interaction between software and display devices.

To be sure, on a computer, the software assumes the task of actively interacting with the hardware, and the hardware is passively receiving and responding to the data (and of course you have to follow the correct timing to ensure that the correct data is entered). Then there is no hardware can take the initiative to do something, of course, there are some, in the ASIC, are first through the software (now most of the FGPA level implementation) for simulation verification, and then through the pure hardware to achieve the relevant functions.

and the working process of our computers, I think, is the process of software operating these hardware.

As for how to operate these things, we need to understand the CPU registers, the basic assembly instructions and so on.

Below I follow Meng Teacher's course, disassembly a C language code to briefly introduce the process and the related knowledge involved.

Two, compilation of changes in the stack process during code work

As for how to go to the experimental building to carry out the relevant experiments, in Meng Teacher's video is very detailed, this is not a table.

My process is as follows:

The virtual machine inside the lab building is very convenient to use.

This is our target C code, a very simple piece of code.

The compile command is as follows:

1 intGintx) {2     returnX +3;3 }4 intFintx) {5     returng (x);6 }7 intMainvoid){8     returnF8) +1;9}

simple C-language code

Use the following command to generate the assembly code:

Gcc-s-O main.s main.c-m32

Note: Here the-m32 parameter is compiled with 32-bit disassembly instructions, because the virtual machine provided by the lab is 64 bits, so add this parameter. I experimented, and if I don't add this parameter, the resulting instruction will be doped with 64-bit instructions. such as Movq and Pushq.

The generated assembly code is as follows (the code has omitted some of the markers to facilitate analysis):

1. file"main.c"2 g:3 PUSHL%EBP4 movl%esp,%EBP5Movl8(%EBP),%eax6Addl $3,%eax7 popl%EBP8     ret9 F:Ten PUSHL%EBP One movl%esp,%EBP ASUBL $4,%esp -Movl8(%EBP),%eax - movl%eax, (%ESP) the     Pagerg -     Leave -     ret - Main: + PUSHL%EBP - movl%esp,%EBP +SUBL $4,%esp AMOVL $8, (%ESP) at     PagerF -Addl $1,%eax -     Leave -     ret

Decompile The assembly code

Let's get down to the chase.

First of all, the next few basic points:

1, the names and functions of several registers

• The EIP 32-bit instruction register is used to store the next instruction address that needs to be executed, and automatically +1 after the current instruction address is removed.
• EBP extended base point pointer register contains a pointer to the bottom of the top stack frame of the system stack
• The ESP stack pointer, used to point to the stack top of the stack (the top of the active record next pressed into the stack), while EBP is the frame pointer, pointing to the bottom of the current active record
• The EAX is a 32-bit general-purpose register. The EAX register is called an accumulator, and the AX register is the primary register for arithmetic operations, and all inputs and outputs use only Al or Ax as data registers

2, the stack of function calls is superimposed by multiple stacks. My understanding is that the function example () takes up a space as follows, and it is superimposed by multiple stacks within the function (since the stack was not very good at the time, it is not known that the understanding is correct?). ）：

3, the return value of the function is returned by default to the upper-level function by the EAX register store.

4,PUSHL%EBP, the value of the ESP is modified at the same time as the current EBP pressure stack.

5, in the program,

• ret = POPL%eip

• Enter = Push%EBP

  MOVL%ESP,%EBP

• Leae = Movl%ebp,%esp

  POPL%EBP

See below for specific analysis:

1. file"main.c"2 g:                            ;function G3PUSHL%EBP;add EBP to the stack, and the value of ESP minus 4 bytes, the stack grows down a bit4MOVL%esp,%EBP;The value of ESP is assigned to EBP by means of register addressing5Movl8(%EBP),%eax;Add the EBP addressing address plus 8 to assign the value of the stack space stored in the EAX6Addl $3,%eax;Add 3 of the data stored in the EAX, that is, 8 + 3 operation, and then assign the result to eax, at this time eax=117POPL%EBP;put the EBP out of the stack, when ESP adds 4 bytes, pointing to the stack where the leavel was originally stored8     ret                       ;put the EIP out of the stack, fall back to the previous jump position in the next paragraph of instruction, that is, the F function in the Leave place9     Ten F:                            ;function f OnePUSHL%EBP;add EBP to the stack, and the value of ESP minus 4 bytes, the stack grows down a bit AMOVL%esp,%EBP;The value of ESP is assigned to EBP by means of register addressing -SUBL $4,%esp;subtract the value of ESP by 4 bytes, that is, the stack grows down a bit -Movl8(%EBP),%eax;Add the EBP addressing address plus 8 to assign the value of the stack space stored in the EAX theMovl%eax, (%ESP);assign the value of EAX to the stack space of the address that the ESP points to -     PagerG;Jump to function g, after execution, the value that the EIP points to leave will be saved to the stack -     Leave                     ;The leave instruction assigns the value of EBP to the ESP and then the EBP out of the stack, and then the ESP points to the next paragraph of instruction that stores the last function jump, that is, ADDL in the function main -     ret                       ;put the EIP out of the stack, fall back to the previous jump position in the next paragraph of instruction, that is, the main function of the Addl place +      - Main:                         ;entry point of the program +PUSHL%EBP;stack the EBP, and the value of ESP minus 4 bytes, the stacks start to grow downward AMOVL%esp,%EBP;The value of ESP is assigned to EBP by means of register addressing atSUBL $4,%esp;subtract the value of ESP by 4 bytes, that is, the stack grows downward by a segment -MOVL $8, (%ESP);assign 8 to the stack space that the ESP points to -     PagerF;jump into function f, turn to F-segment code, at which point the EIP points to function f -Addl $1,%eax;Add a value of EAX to 1 and save it in eax, at which time eax = -     Leave                     ;The value of EBP is assigned to ESP, then the ESP will point to the end of stack 0, then the EBP will be out of the stack, and the EBP will also point to the end of the stack 0 -     ret                       ;The Eip is out of the stack because there is no next instruction and the program is done. 

stack changes in the assembly codeTime is not much, follow up with a flowchart to describe the stack process in detail. There may be a lot of errors in the article, especially the final assembly program stack analysis, I should not fully understand the meaning of teacher Meng, I implore you to correct, exchange and learn from each other.

Linux kernel Analytics Job (1)-How does a computer work?