The Y86 architecture has 8 32-bit registers, 3 condition codes (ZF, SF, OF), a program counter (PC), and up to 4GB of memory. It supports normal, register, and displacement addressing modes. Instructions include arithmetic, logical operations, jumps, calls, returns, and memory load/store. The execution cycle fetches, decodes, executes, and updates the PC for each instruction. Condition codes track the results of arithmetic operations for conditional jumps.
Lec20 Intro to Computer Engineering by Hsien-Hsin Sean Lee Georgia Tech -- Da...Hsien-Hsin Sean Lee, Ph.D.
The document describes the datapath and microcode control of a simple processor. It includes the following:
- The datapath components including register file, ALU, logical/shift units, and memory.
- How the datapath is controlled by microcode stored in a memory. Each instruction is mapped to a sequence of microinstructions that generate control signals.
- Examples of microcode control sequences that perform operations like memory load/store, arithmetic, and copying data between memory locations.
The document discusses the stack and buffer overflows. It provides an overview of registers, the stack, calling conventions, and buffer overflows. It explains how buffer overflows can corrupt local variables or overwrite the return pointer. The document shows how to craft payloads to exploit buffer overflows by overwriting values on the stack, such as changing a variable or calling a function directly.
Lec12 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- P6, Netbur...Hsien-Hsin Sean Lee, Ph.D.
The document summarizes key aspects of the P6 microarchitecture used in processors like the Pentium Pro, Pentium II, and Pentium III. It describes the system architecture with separate front-side and back-side buses. It then details the instruction fetch, decode, register renaming, out-of-order execution, memory handling, and retirement stages of the processor pipeline. Diagrams illustrate the branch prediction, reservation stations, reorder buffer, and memory order buffer components that enable speculative and out-of-order execution in the P6.
This presentation deals with different scenarios in attacking applications vulnerable to Buffer overflow by exploiting the default SEH chain, by the SEH overwrite
This document discusses procedures in assembly language. It covers defining procedures, documenting procedures, using the CALL and RET instructions to call and return from procedures, and examples of procedures including a SumOf procedure and nested procedure calls. Local variables within procedures are also mentioned.
Lec7 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Dynamic Sch...Hsien-Hsin Sean Lee, Ph.D.
This document summarizes a lecture on dynamic scheduling and the Tomasulo algorithm. It begins with an overview of dynamic scheduling and out-of-order execution. It then describes the Tomasulo algorithm used in IBM's 360/91 floating point unit, which introduced reservation stations, register renaming, and a common data bus to enable out-of-order execution while maintaining in-order retirement. Examples are provided to illustrate how the algorithm handles register dependencies like RAW, WAR, and WAW.
This document provides an overview of Windows user-mode debugging concepts like processes, threads, stack frames, and the WinDbg debugging tool. It discusses how to set up WinDbg and analyze crashes through examples like examining stack frames, debugging a simple crash, and commands commonly used in WinDbg. The document concludes with demonstrating how to analyze an IMA service crash using a memory dump.
This document provides an overview of x86 assembly language and the GNU Debugger (GDB). It describes the process of creating an executable file from source code using preprocessing, compilation, assembly and linking. It also covers x86 registers, common instructions like MOV, PUSH, CALL and RET. The document introduces Intel and AT&T syntax and system calls. Finally, it outlines basic operations and commands in GDB like breaking, running, examining memory and registers.
Lec20 Intro to Computer Engineering by Hsien-Hsin Sean Lee Georgia Tech -- Da...Hsien-Hsin Sean Lee, Ph.D.
The document describes the datapath and microcode control of a simple processor. It includes the following:
- The datapath components including register file, ALU, logical/shift units, and memory.
- How the datapath is controlled by microcode stored in a memory. Each instruction is mapped to a sequence of microinstructions that generate control signals.
- Examples of microcode control sequences that perform operations like memory load/store, arithmetic, and copying data between memory locations.
The document discusses the stack and buffer overflows. It provides an overview of registers, the stack, calling conventions, and buffer overflows. It explains how buffer overflows can corrupt local variables or overwrite the return pointer. The document shows how to craft payloads to exploit buffer overflows by overwriting values on the stack, such as changing a variable or calling a function directly.
Lec12 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- P6, Netbur...Hsien-Hsin Sean Lee, Ph.D.
The document summarizes key aspects of the P6 microarchitecture used in processors like the Pentium Pro, Pentium II, and Pentium III. It describes the system architecture with separate front-side and back-side buses. It then details the instruction fetch, decode, register renaming, out-of-order execution, memory handling, and retirement stages of the processor pipeline. Diagrams illustrate the branch prediction, reservation stations, reorder buffer, and memory order buffer components that enable speculative and out-of-order execution in the P6.
This presentation deals with different scenarios in attacking applications vulnerable to Buffer overflow by exploiting the default SEH chain, by the SEH overwrite
This document discusses procedures in assembly language. It covers defining procedures, documenting procedures, using the CALL and RET instructions to call and return from procedures, and examples of procedures including a SumOf procedure and nested procedure calls. Local variables within procedures are also mentioned.
Lec7 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Dynamic Sch...Hsien-Hsin Sean Lee, Ph.D.
This document summarizes a lecture on dynamic scheduling and the Tomasulo algorithm. It begins with an overview of dynamic scheduling and out-of-order execution. It then describes the Tomasulo algorithm used in IBM's 360/91 floating point unit, which introduced reservation stations, register renaming, and a common data bus to enable out-of-order execution while maintaining in-order retirement. Examples are provided to illustrate how the algorithm handles register dependencies like RAW, WAR, and WAW.
This document provides an overview of Windows user-mode debugging concepts like processes, threads, stack frames, and the WinDbg debugging tool. It discusses how to set up WinDbg and analyze crashes through examples like examining stack frames, debugging a simple crash, and commands commonly used in WinDbg. The document concludes with demonstrating how to analyze an IMA service crash using a memory dump.
This document provides an overview of x86 assembly language and the GNU Debugger (GDB). It describes the process of creating an executable file from source code using preprocessing, compilation, assembly and linking. It also covers x86 registers, common instructions like MOV, PUSH, CALL and RET. The document introduces Intel and AT&T syntax and system calls. Finally, it outlines basic operations and commands in GDB like breaking, running, examining memory and registers.
This document describes a simple compiler written in Scheme to compile a minimal functional language to x86 assembly. It discusses the key passes of the compiler including type inference, CPS transformation, closure conversion, generation of a low-level IR, register allocation, and machine code generation. While simple, the compiler demonstrates the major stages of a compiler from parsing and semantic analysis to code optimization and back-end code generation.
This document provides code examples for simple programming of an LED blink, a switch, and connecting a motor. The LED blink example sets port B pins as output, then blinks the LED by toggling pin 0 on and off with delays. The switch example sets port A as input and port B as output, then outputs a high or low to port B depending on the state of pin 0 on port A. The motor connection example sets the upper pins of port D as output and toggles pin 4 high and low to drive the motor forward and back.
This document discusses return oriented programming (ROP) as a technique for exploiting buffer overflows. It explains that on x86, the return address is stored on the stack, so by overflowing a buffer an attacker can control program flow. It then describes different ROP techniques like calling library functions or using "gadgets" that end in return to chain together snippets of code to achieve objectives like executing a shell.
Input Output programming in AVR microcontrollerRobo India
Robo India in this presentation presents the Input and Output programming in AVR Micro Controllers namely Atmega 16, Atmega 8, Atmega 328, Atmega 32 etc.
As in robotics, automation and embedded system Input and Output programming is essential. This presentation describes how to use input and output ports, resisters of AVR microcontroller.
If you have any query please write us, we are found at-
website:http://roboindia.com
mail: info@roboindia.com
A function is a reusable block of code that can be called from different parts of a program. Functions accept parameters as input and may return a value. When a function is called, its parameters and local variables are stored on the stack. Each function call creates a stack frame that contains its parameters, local variables, and return address. This allows functions to maintain separate variable scopes while sharing the call stack.
This document discusses timers on the 8051 microcontroller. It covers:
1. The 8051 has two 16-bit timers, T0 and T1, that can operate in different modes set by the TMOD register to function as timers or counters.
2. The timers use two 8-bit registers each, TL and TH, to store the 16-bit timer value. They are clocked by the system clock divided by 12.
3. Timer mode 1 is a 16-bit timer where the TF flag is set when the timer rolls over from 0xFFFF to 0x0000, which can trigger an interrupt. Timers can generate waveforms and measure time intervals.
Programming ATmega microcontroller using Embedded CVarun A M
Embedded C is a subset of C used for microcontrollers. It uses header files specific to microcontrollers and removes input/output functions like scanf and printf since sensors provide input and ports provide output. Control structures like if/else statements and loops remain the same. Programs configure ports as inputs or outputs using Data Direction and Port registers and read/write values to Port registers to set pin values. An example blinks an LED connected to port B by setting the port high, waiting, and setting it low in a loop.
This chapter discusses different instruction set architecture (ISA) designs including CISC, RISC, VLIW, and EPIC. CISC ISAs like x86 have complex, variable-length instructions and rely on microcode to simplify compilation, while RISC ISAs like MIPS have fixed-length, load-store instructions and require more compiler effort. Modern processors use RISC-like designs internally even if they support CISC ISAs. VLIW and EPIC ISAs rely on the compiler to schedule instructions across functional units at compile-time rather than using dynamic scheduling. While VLIW was popular for DSPs, most general-purpose processors today use superscalar out-of-
[2012 CodeEngn Conference 06] pwn3r - Secuinside 2012 CTF 예선 문제풀이GangSeok Lee
2012 CodeEngn Conference 06
Secuinside는 코스콤에서 주최, 연합해킹그룹 HARU, 고려대 정보보호대학원에서 주관하는 국제 해킹대회 및 보안컨퍼런스로써 얼마전 개최된 해킹대회 예선전 문제들을 풀기위해 사용한 분석기술과 ASLR과 NX를 우회하는 새로운 익스플로잇 기술에 대해서 소개한다.
http://codeengn.com/conference/06
This document discusses multithreading and multicore processors. It begins by explaining that instruction level parallelism is difficult to achieve for a single program, but that thread level parallelism exists when running multiple threads or programs simultaneously. It then covers different multithreading paradigms including coarse-grained and fine-grained multithreading as well as challenges with context switching. The document also discusses techniques for multicore processors including cache sharing and instruction fetching policies. It provides examples of commercial multicore chips and research prototypes.
Getting Started with Raspberry Pi - DCC 2013.1Tom Paulus
The Raspberry Pi is a small credit-card sized linux computer. Developers and hobbyists around the world are creating miraculous applications and projects, and now you can join them. Last year we presented Raspberry Pi, What We Have Learned So Far, This year's presentation covers the first steps to using your Pi. From the basics, like burning your SD Card to creating a News Reader, you will learn GPIO Basics and simple Python tools. Communication between other components using SPI or I2C will also be covered. It is recommended, but not required that you have a Raspberry Pi, some knowledge of Python and simple electronics.
Lec11 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Memory part3Hsien-Hsin Sean Lee, Ph.D.
This document discusses DRAM and storage systems. It begins by describing the basic DRAM cell and how DRAM is organized into banks, rows, and columns. It then covers DRAM operation including refreshing and different DRAM standards. The document also discusses disk organization with platters, tracks, and sectors. It provides details on disk access times and reliability techniques like RAID levels 0 through 6 which use data mirroring, striping, and error correction codes.
This document provides VHDL code for implementing various logic gates and basic digital circuits. It includes code for AND, OR, NOT, NAND, NOR, XOR and XNOR gates. It also provides code for half adder, full adder, multiplexer, demultiplexer, decoder, encoder, comparator, BCD to binary converter, JK flip-flop, and an n-bit counter. For each circuit, the VHDL code and a sample waveform output is given. The purpose is to design these basic digital components using VHDL and simulate their behavior.
In this unit we introduce interrupts in processors and microcontrollers. We explain how the UoS processor (which doesn't support interrupts currently) could be extended to support interrupts.
Unit duration: 50mn.
License: LGPL 2.1
Here is a program to do that:
ORG 20H
MOV R0,#20H ; starting address
MOV A,#F0H ; value to fill
L1: MOV @R0,A
INC R0
CJNE R0,#30H,L1
MOV R0,#30H ; starting address
MOV A,#E0H ; left shifted value
L2: MOV @R0,A
INC R0
CJNE R0,#40H,L2
END
The program:
A. Fills memory addresses 20h to 2Fh with value F0h
B. Fills memory addresses 30h to 3
Kernel Recipes 2014 - x86 instruction encoding and the nasty hacks we do in t...Anne Nicolas
I have always wanted to understand x86 instruction encoding in detail but never gotten around to it. Of course not, who has time nowadays?! So, in order to force me to do it, I decided to write an x86 instruction decoder.
This talk attempts to show what I have learned in the process and how instruction encoding is done on x86.
As a practical aspect, the decoder I’ve scratched together tries to verbosely show some of the crazy low-level hacks^Wtechniques we do in the Linux kernel like alternatives patching, jump labels, exception tables, etc – they have a lot to do with deep knowledge of x86 instructions and how code is generally laid out in the binary kernel image. Maybe this talk can help shed some light on the whole lowlevel fun that’s happening under the hood in the kernel and so many are missing out on. And maybe it’ll make it more interesting and palatable to people and they wont scare so fast anymore when we go deep into the bowels of the kernel and the machine.
Borislav Petkov, SUSE
This talk will shed some light into the intermediate language that is used inside the Hex-Rays Decompiler. The microcode is simple yet powerful to represent real world programs. We publish it and give programmatic access to it from C++.
The kernel exploit attacks have recently become difficult to be
launched because executing either malicious scripts or
instructions is prohibited by the DEP/NX (Data Execution
Prevention/Not Executable). As an alternative way, returnoriented programming (ROP) could be another option to treat the
prevention. However, despite lots of cost for making ROP gadgets,
it has no guarantee to assemble the proper gadgets. To overcome
this limitation, we introduce Page Table Manipulation Attack
(PTMA) to alter memory attribute through page table
modification. This attack enables an attacker to rewrite memory
attribute of protected memory. We show how to find the page
table entry of interest in Master Kernel Page Table and modify its
attribute in AArch32 and x86-64. The results show that PTMA
effectively circumvents the existing kernel exploitation defenses
that are based on memory permission
The document provides information about a microcontroller instruction set including:
- Instructions that affect flag settings and how they modify the flags.
- The instruction set and addressing modes which include registers, direct addressing, indirect addressing, constants, and branches.
- A summary of the instruction set organized in a table with the opcode, instruction name, addressing mode, and byte size/cycle information.
TIMER0 is an 8/16-bit timer in PIC18F microcontrollers that can be used to track time. It uses an internal or external clock source, and its frequency can be divided with a prescaler. TIMER0's value is stored in registers and increments in hardware. When it overflows at the maximum value, an interrupt flag is set. Software can check this flag to trigger events at timed intervals without needing to continuously check the timer value. Using overflow mode reduces code complexity compared to clearing the timer value periodically.
Austin TX - Introduction to Reverse Engineering course - slides include x86 architecture, registers, assembly. Virtual memory layout of a process, code and data structures.
This document discusses procedures in assembly language. It covers defining procedures, calling procedures using the CALL and RET instructions, passing parameters to procedures, and managing the runtime stack. Procedures use stack frames to access parameters passed on the stack and allocate space for local variables. Examples are provided of procedures that pass arguments by value and by reference.
This document describes a simple compiler written in Scheme to compile a minimal functional language to x86 assembly. It discusses the key passes of the compiler including type inference, CPS transformation, closure conversion, generation of a low-level IR, register allocation, and machine code generation. While simple, the compiler demonstrates the major stages of a compiler from parsing and semantic analysis to code optimization and back-end code generation.
This document provides code examples for simple programming of an LED blink, a switch, and connecting a motor. The LED blink example sets port B pins as output, then blinks the LED by toggling pin 0 on and off with delays. The switch example sets port A as input and port B as output, then outputs a high or low to port B depending on the state of pin 0 on port A. The motor connection example sets the upper pins of port D as output and toggles pin 4 high and low to drive the motor forward and back.
This document discusses return oriented programming (ROP) as a technique for exploiting buffer overflows. It explains that on x86, the return address is stored on the stack, so by overflowing a buffer an attacker can control program flow. It then describes different ROP techniques like calling library functions or using "gadgets" that end in return to chain together snippets of code to achieve objectives like executing a shell.
Input Output programming in AVR microcontrollerRobo India
Robo India in this presentation presents the Input and Output programming in AVR Micro Controllers namely Atmega 16, Atmega 8, Atmega 328, Atmega 32 etc.
As in robotics, automation and embedded system Input and Output programming is essential. This presentation describes how to use input and output ports, resisters of AVR microcontroller.
If you have any query please write us, we are found at-
website:http://roboindia.com
mail: info@roboindia.com
A function is a reusable block of code that can be called from different parts of a program. Functions accept parameters as input and may return a value. When a function is called, its parameters and local variables are stored on the stack. Each function call creates a stack frame that contains its parameters, local variables, and return address. This allows functions to maintain separate variable scopes while sharing the call stack.
This document discusses timers on the 8051 microcontroller. It covers:
1. The 8051 has two 16-bit timers, T0 and T1, that can operate in different modes set by the TMOD register to function as timers or counters.
2. The timers use two 8-bit registers each, TL and TH, to store the 16-bit timer value. They are clocked by the system clock divided by 12.
3. Timer mode 1 is a 16-bit timer where the TF flag is set when the timer rolls over from 0xFFFF to 0x0000, which can trigger an interrupt. Timers can generate waveforms and measure time intervals.
Programming ATmega microcontroller using Embedded CVarun A M
Embedded C is a subset of C used for microcontrollers. It uses header files specific to microcontrollers and removes input/output functions like scanf and printf since sensors provide input and ports provide output. Control structures like if/else statements and loops remain the same. Programs configure ports as inputs or outputs using Data Direction and Port registers and read/write values to Port registers to set pin values. An example blinks an LED connected to port B by setting the port high, waiting, and setting it low in a loop.
This chapter discusses different instruction set architecture (ISA) designs including CISC, RISC, VLIW, and EPIC. CISC ISAs like x86 have complex, variable-length instructions and rely on microcode to simplify compilation, while RISC ISAs like MIPS have fixed-length, load-store instructions and require more compiler effort. Modern processors use RISC-like designs internally even if they support CISC ISAs. VLIW and EPIC ISAs rely on the compiler to schedule instructions across functional units at compile-time rather than using dynamic scheduling. While VLIW was popular for DSPs, most general-purpose processors today use superscalar out-of-
[2012 CodeEngn Conference 06] pwn3r - Secuinside 2012 CTF 예선 문제풀이GangSeok Lee
2012 CodeEngn Conference 06
Secuinside는 코스콤에서 주최, 연합해킹그룹 HARU, 고려대 정보보호대학원에서 주관하는 국제 해킹대회 및 보안컨퍼런스로써 얼마전 개최된 해킹대회 예선전 문제들을 풀기위해 사용한 분석기술과 ASLR과 NX를 우회하는 새로운 익스플로잇 기술에 대해서 소개한다.
http://codeengn.com/conference/06
This document discusses multithreading and multicore processors. It begins by explaining that instruction level parallelism is difficult to achieve for a single program, but that thread level parallelism exists when running multiple threads or programs simultaneously. It then covers different multithreading paradigms including coarse-grained and fine-grained multithreading as well as challenges with context switching. The document also discusses techniques for multicore processors including cache sharing and instruction fetching policies. It provides examples of commercial multicore chips and research prototypes.
Getting Started with Raspberry Pi - DCC 2013.1Tom Paulus
The Raspberry Pi is a small credit-card sized linux computer. Developers and hobbyists around the world are creating miraculous applications and projects, and now you can join them. Last year we presented Raspberry Pi, What We Have Learned So Far, This year's presentation covers the first steps to using your Pi. From the basics, like burning your SD Card to creating a News Reader, you will learn GPIO Basics and simple Python tools. Communication between other components using SPI or I2C will also be covered. It is recommended, but not required that you have a Raspberry Pi, some knowledge of Python and simple electronics.
Lec11 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Memory part3Hsien-Hsin Sean Lee, Ph.D.
This document discusses DRAM and storage systems. It begins by describing the basic DRAM cell and how DRAM is organized into banks, rows, and columns. It then covers DRAM operation including refreshing and different DRAM standards. The document also discusses disk organization with platters, tracks, and sectors. It provides details on disk access times and reliability techniques like RAID levels 0 through 6 which use data mirroring, striping, and error correction codes.
This document provides VHDL code for implementing various logic gates and basic digital circuits. It includes code for AND, OR, NOT, NAND, NOR, XOR and XNOR gates. It also provides code for half adder, full adder, multiplexer, demultiplexer, decoder, encoder, comparator, BCD to binary converter, JK flip-flop, and an n-bit counter. For each circuit, the VHDL code and a sample waveform output is given. The purpose is to design these basic digital components using VHDL and simulate their behavior.
In this unit we introduce interrupts in processors and microcontrollers. We explain how the UoS processor (which doesn't support interrupts currently) could be extended to support interrupts.
Unit duration: 50mn.
License: LGPL 2.1
Here is a program to do that:
ORG 20H
MOV R0,#20H ; starting address
MOV A,#F0H ; value to fill
L1: MOV @R0,A
INC R0
CJNE R0,#30H,L1
MOV R0,#30H ; starting address
MOV A,#E0H ; left shifted value
L2: MOV @R0,A
INC R0
CJNE R0,#40H,L2
END
The program:
A. Fills memory addresses 20h to 2Fh with value F0h
B. Fills memory addresses 30h to 3
Kernel Recipes 2014 - x86 instruction encoding and the nasty hacks we do in t...Anne Nicolas
I have always wanted to understand x86 instruction encoding in detail but never gotten around to it. Of course not, who has time nowadays?! So, in order to force me to do it, I decided to write an x86 instruction decoder.
This talk attempts to show what I have learned in the process and how instruction encoding is done on x86.
As a practical aspect, the decoder I’ve scratched together tries to verbosely show some of the crazy low-level hacks^Wtechniques we do in the Linux kernel like alternatives patching, jump labels, exception tables, etc – they have a lot to do with deep knowledge of x86 instructions and how code is generally laid out in the binary kernel image. Maybe this talk can help shed some light on the whole lowlevel fun that’s happening under the hood in the kernel and so many are missing out on. And maybe it’ll make it more interesting and palatable to people and they wont scare so fast anymore when we go deep into the bowels of the kernel and the machine.
Borislav Petkov, SUSE
This talk will shed some light into the intermediate language that is used inside the Hex-Rays Decompiler. The microcode is simple yet powerful to represent real world programs. We publish it and give programmatic access to it from C++.
The kernel exploit attacks have recently become difficult to be
launched because executing either malicious scripts or
instructions is prohibited by the DEP/NX (Data Execution
Prevention/Not Executable). As an alternative way, returnoriented programming (ROP) could be another option to treat the
prevention. However, despite lots of cost for making ROP gadgets,
it has no guarantee to assemble the proper gadgets. To overcome
this limitation, we introduce Page Table Manipulation Attack
(PTMA) to alter memory attribute through page table
modification. This attack enables an attacker to rewrite memory
attribute of protected memory. We show how to find the page
table entry of interest in Master Kernel Page Table and modify its
attribute in AArch32 and x86-64. The results show that PTMA
effectively circumvents the existing kernel exploitation defenses
that are based on memory permission
The document provides information about a microcontroller instruction set including:
- Instructions that affect flag settings and how they modify the flags.
- The instruction set and addressing modes which include registers, direct addressing, indirect addressing, constants, and branches.
- A summary of the instruction set organized in a table with the opcode, instruction name, addressing mode, and byte size/cycle information.
TIMER0 is an 8/16-bit timer in PIC18F microcontrollers that can be used to track time. It uses an internal or external clock source, and its frequency can be divided with a prescaler. TIMER0's value is stored in registers and increments in hardware. When it overflows at the maximum value, an interrupt flag is set. Software can check this flag to trigger events at timed intervals without needing to continuously check the timer value. Using overflow mode reduces code complexity compared to clearing the timer value periodically.
Austin TX - Introduction to Reverse Engineering course - slides include x86 architecture, registers, assembly. Virtual memory layout of a process, code and data structures.
This document discusses procedures in assembly language. It covers defining procedures, calling procedures using the CALL and RET instructions, passing parameters to procedures, and managing the runtime stack. Procedures use stack frames to access parameters passed on the stack and allocate space for local variables. Examples are provided of procedures that pass arguments by value and by reference.
The document describes the Von Neumann model of computer architecture. It discusses how John von Neumann proposed a design in 1945 that became known as the Von Neumann machine. This model features a memory unit to store both instructions and data, a processing unit to perform arithmetic and logical operations, and a control unit to direct the flow of instructions. The processing unit contains an arithmetic logic unit and registers. The control unit fetches instructions from memory and directs the other units through steps like fetching operands, executing operations, and storing results. This basic Von Neumann model became the standard architecture for modern computers.
The document provides an introduction to computer organization and assembly language. It discusses that processor understands only machine language instructions as strings of 1s and 0s. Assembly language represents instructions in a more understandable symbolic code for a specific processor family. Assembly language is converted into executable machine code by an assembler utility. Understanding assembly language provides knowledge of how programs interface with the operating system, processor and BIOS, and how instructions access and process data.
Linear feedback shift registers (LFSRs) are circuits that can generate pseudo-random sequences of bits. They consist of a shift register with XOR logic gates in a feedback path. LFSRs can be used for random number generation, error detection and correction codes, and counting applications. They are efficient in that they require little hardware and operate at high speeds. The document then provides examples of 4-bit and 8-bit LFSR circuits and discusses how LFSRs can implement finite field arithmetic over Galois fields using polynomial representations. It also describes how LFSRs can be used to generate parity bits for error detection codes.
This document provides an overview of different processor architectures including RISC, accumulator, stack, and register-based architectures. It discusses the MIPS RISC architecture and why it is considered RISC. It then describes different processor examples like the 80x86 IA-32 architecture, the Pentium Pro, II, III, and IV, and the Java Virtual Machine stack-based architecture. It provides details on the complex IA-32 instruction set and addressing modes as well as performance enhancements in the Pentium series like out-of-order execution, deeper pipelining, caches, and hyperthreading.
Maximizing CPU Efficiency: A Comprehensive Exploration of Pipelining in Compu...haseebali10701
Pipelining in computer architecture is a technique used to increase CPU throughput by allowing multiple instructions to be processed simultaneously. Instead of completing one instruction at a time, the CPU divides the execution of instructions into several stages and overlaps the execution of different instructions. Each stage performs a different operation on the instruction, such as fetching, decoding, executing, and writing back the results. By breaking down the execution into smaller stages and processing multiple instructions concurrently, pipelining reduces the overall execution time of a program.
The document discusses the central processing unit (CPU) of a computer. It describes the three major parts of the CPU - the control unit, the arithmetic logic unit (ALU), and the register set. The control unit supervises operations and instructs the ALU. The register set stores intermediate data. The ALU performs arithmetic and logic operations to execute instructions. Memory units and instruction formats are also discussed.
Introduction to debugging linux applicationscommiebstrd
The document provides an overview of ELF (Executable and Linkable Format) files, assembly language, CPU registers, memory addressing, basic assembly instructions, and debugging tools like GDB. It describes the sections and structure of ELF files, number bases, memory layout, common instructions, and how to use GDB commands to debug programs.
An approach for load-time hacking using LD_PRELOAD is presented.
We discuss a simple, yet intriguing, strategy for overcoming the limitations discussed in Part 1 (i.e., the first publication given in the reference) of reverse engineering and exploitation using LD_PRELOAD, a dynamic linking technique. In particular, we relax the need for exit(1) in the main function. The essence of the technique is that both the stack pointer (esp) and the base frame pointer (ebp) are carefully adjusted when the wrapper to the library function is called. The proposed solution allows us to safely return to libc after dynamically modifying the control flow in the wrapper to (library) functions.
The document describes code generation for two commercial compilers:
1) The Borland C 3.0 compiler for the 80X86 generates assembly code using static simulation and frame pointers for function calls and local variable access.
2) The Sun 2.0 compiler for SPARCstations uses register-based calling conventions and generates efficient SPARC assembly code.
Both compilers handle code generation for arithmetic expressions, arrays, structures, pointers, control flow, and function calls.
This document discusses return-oriented programming (ROP) attacks and variants. It begins with an introduction to ROP attacks, explaining that they circumvent data execution prevention by chaining small snippets of executable code (called gadgets) that end in return instructions. It then covers different ROP attack techniques like using arithmetic, comparison, and loop gadgets to achieve Turing completeness. The document discusses challenges like handling null bytes and describes variants like jump-oriented programming (JOP) that uses indirect jumps. It also covers creating alphanumeric ROP shellcode by selecting printable addresses. In the end, it provides tips for effectively searching gadgets.
Slides from my workshop at Hack.LU 2010 in Luxembourg. This workshop introduced the basic concepts of Return Oriented Programming with some hands-on exercises.
Here are the analyses of the machine code instructions:
C7 C7 A9 12 - MOV DI, 12A9H
MOV register, immediate value
C7 is opcode for MOV reg, imm
C7 is DI register
A9 12 is the immediate value 12A9H
3B 47 F4 - CMP AX, [BX - 12]
CMP memory, register
3B is opcode for CMP m, r
47 is BX register
F4 is the displacement -12
Addressing is (BX - 12)
B8 00 02 8E D8 - MOV AX, 0200H; MOV DS, AX
This document provides information about x86 architecture including registers, flags, modes, common instructions, Intel and AT&T syntax, system calls, examples, and references. It defines the purpose of key registers like EAX, EBX, ESP and flags. It explains real and protect modes and differences between Intel and AT&T syntax. Examples demonstrate how to write assembly code and call system calls. References provided can be used to learn more about x86 assembly programming.
The document provides an overview of basic penetration testing techniques including buffer overflow vulnerabilities, return oriented programming (ROP), format string vulnerabilities, and ways to bypass data execution prevention (DEP) and address space layout randomization (ASLR). It discusses stack-based buffer overflows, the structure of the x86 stack, overwriting the return address, and controlling the instruction pointer. It also covers ROP techniques like ret2libc, gadgets, chaining, and using libc functions. Finally, it briefly mentions tools like pwntools, ROPgadget, and techniques like IO wrapping and LD_PRELOAD hijacking.
This document discusses pipelining in computer architecture through a five-stage pipelined datapath example. It includes:
1) An overview of the five stages - instruction fetch, instruction decode, execute, memory, and writeback;
2) An example of how the lw (load word) instruction progresses through each stage;
3) How pipeline control signals are added to coordinate execution across stages.
This document discusses processor design, including custom single-purpose processors and general-purpose processors. It covers topics such as combinational and sequential logic design, finite state machine design, optimizing custom processors by improving the original program, finite state machine with datapath, and datapath and finite state machine. General-purpose processors are also introduced, including their basic architecture consisting of a control unit and datapath.
This document provides an overview of machine instruction sets and classification of computers. It discusses different types of instruction sets including accumulator-based, stack-based, and general register machines. The components of an instruction set architecture (ISA) are defined, including registers, memory, instructions, and the fetch-execute cycle. Instructions are classified as data movement, arithmetic/logic, and branch instructions. Various addressing modes from 0 to 4 addresses are described along with examples of instruction formats for different addressing modes.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
2. Y86 programmer-visible state
• The Y86 has:
•
•
•
•
•
8 32-bit registers with the same names as the IA32 32-bit
registers
3 condition codes: ZF, SF, OF
•
no carry flag - interpret integers as signed
a program counter (PC)
•
Holds the address of the instruction currently being executed
a program status byte: AOK, HLT, ADR, INS
•
State of program execution
memory: up to 4 GB to hold program and data (4096 =
2^12)
RF: Program registers
%eax
%esi
%ecx
%edi
%edx
%esp
%ebx
CC: Condition
codes
Stat: Program Status
%ebp
ZF SF OF
DMEM: Memory
PC
2
3. Condition Codes
• 3 condition codes in y86
• ZF – Set if the result of the last arithmetic
operation is 0
• SF – Set if the result of the last arithmetic
operation resulted in the sign bit being set
• OF – Set if the result of the last arithmetic
operation resulted in an overflow
4. Conditions
• FLAGS: Zero, Sign, Overflow
• Less or Equal
•
Z = 1, S = 1, O = X
•
Z = 0, S = 1, O = X
•
Z = 1, S = 0, O = X
•
Z = 0, S = X, O = X
•
Z = 1, S = 0, O = X
•
Z = 0, S = 0, O = X
• Less
• Equal
• Not Equal
• Greater or Equal
• Greater
5. Simple Addressing Modes
• Normal = (R) = Mem[Reg[R]]
• Register Reg specifies memory address
• denoted by a register in ( )
• Example
value
0x120
0x11
0x121
0x22
0x122
0x33
0x123
ecx = 0x00000120
addr
0x44
movl (%ecx),%eax
move the value that is at the address in ecx into
eax
Moves 0x11223344 into eax
5
6. Simple Addressing Modes
• Displacement = D(R) = Mem[Reg[R]+D]
• Register R specifies start of memory address
• Constant displacement D specifies offset
• In bytes
loads 0x33445566 into edx
value
0x120
0x11
0x121
0x22
0x122
0x33
0x123
0x44
0x124
• Denoted by displacement(register)
ebp = 0x120
movl 2(%ebp),%edx
move the value at ebp (0x120) + 2 into edx
addr
0x55
0x125
0x66
6
7. Y86 example program w/ loop
# y86loop.ys
.pos 0x0
irmovl $0,%eax
irmovl $1,%ecx
Loop:
addl %ecx,%eax
irmovl $1,%edx
addl %edx,%ecx
irmovl $1000,%edx
subl %ecx,%edx
jge Loop
halt
# sum = 0
# num = 1
CONVERT TO C
sum=0;
num = 1;
do {
sum += num;
num++;
}
while (1000 – num >= 0)
# sum += num
# tmp = 1
# num++
# lim = 1000
# if lim - num >= 0
# loop again
7
8. Y86 example program w/ loop
# y86loop.ys
.pos 0x0
irmovl $0,%eax
irmovl $1,%ecx
Loop:
addl %ecx,%eax
irmovl $1,%edx
addl %edx,%ecx
irmovl $1000,%edx
subl %ecx,%edx
jge Loop
halt
# sum = 0
# num = 1
CONVERT TO C
sum=0;
num = 1;
do {
sum += num;
num++;
}
while (1000 – num >= 0)
# sum += num
# tmp = 1
# num++
# lim = 1000
# if lim - num >= 0
# loop again
Why don’t we just do addl $1, %edx??
Cant! not allowed, only register to register
8
9. Y86 Stack
• Stack top address always held in
esp
• Stack grows towards lower
addresses
Stack “Top”
%esp
•
•
•
Stack “Bottom”
Increasing
Addresses
10. Y86 Stack - Push
• Pushing
• Decrement the stack register by 4
then store new data
(1)
addr
value
(2)
addr
value
0x11B
//(1)esp = 0x120
movl 0xFECA8712, %eax
push %eax
//(1)esp = 0x11C
0x11B
0x11C
0x11C 0x12
0x11D
0x11D 0x87
0x11E
0x11E
0xCA
0x11F
0x11F
0xFE
0x120
0x11
0x120
0x11
0x121
0x22
0x121
0x22
0x122
0x33
0x122
0x33
11. Y86 Stack - Pop
• Pushing
• Save new data on stack, Increment
the stack register by 4
(1)
addr
//(1) esp = 0x11C
pop eax
//(2) esp = 0x120
//eax = 0xFECA8712
value
(2)
addr
value
0x11B
0x11B
0x11C 0x12
0x11C
0x11D 0x87
0x11D
0x11E
0xCA
0x11E
0x11F
0xFE
0x11F
0x120
0x11
0x120
0x11
0x121
0x22
0x121
0x22
0x122
0x33
0x122
0x33
16. Executing rmmovl
• Fetch
•
Read 6 bytes
•
Read operand
registers
• Decode
• Execute
•
Compute
effective address
• Memory
•
Write to memory
•
Do nothing
•
Increment PC by
6
• Write back
• PC Update
16
17. Executing Arithmetic/Logical Ops
• Fetch
•
Read 2 bytes
•
Read operand
registers
• Decode
• Execute
•
•
Perform operation
Set condition codes
•
Do nothing
•
Update register
•
Increment PC by 2
• Memory
• Write back
• PC Update
17
18. Executing popl
•
•
•
•
•
Fetch
•
Decode
•
Read stack pointer
Execute
•
Increment stack
pointer by 4
Memory
•
Read from old stack
pointer
Write back
•
•
•
Read 2 bytes
Update stack
pointer
Write result to
register
PC Update
•
Increment PC by 2
18
19. Jumps
•
•
•
•
•
•
Fetch
•
•
Read 5 bytes
Increment PC by 5
Decode
•
Do nothing
Execute
•
Determine whether to
take branch based on
jump condition and
condition codes
Memory
•
Do nothing
Write back
•
Do nothing
PC Update
•
Set PC to Dest if branch
taken or to incremented
PC if not branch
19
20. Executing Call
•
•
•
•
•
•
Fetch
•
•
Read 5 bytes
Increment PC by 5
Decode
•
Read stack pointer
Execute
•
Decrement stack pointer
by 4
Memory
•
Write incremented PC to
new value of stack pointer
Write back
•
Update stack pointer
PC Update
•
Set PC to Dest
20
21. Executing ret
•
•
•
•
•
•
Fetch
•
•
Read 1 bytes
Increment PC by 1
Decode
•
Read stack pointer
Execute
•
Decrement stack pointer
by 4
Memory
•
Write incremented PC to
new value of stack pointer
Write back
•
Update stack pointer
PC Update
•
Set PC to Dest
21
22.
23. Instruction encoding practice
•
Determine the byte encoding of the following Y86 instruction
sequence given ―.pos 0x100‖ specifies the starting address of the
object code to be 0x100 (practice problem 4.1)
.pos 0x100 # start code at address 0x100
irmovl
$15, %ebx
#load 15 into %ebx
rrmovl
%ebx, %ecx
#copy 15 to %ecx
loop:
rmmovl
%ecx, -3(%ebx)#save %ecx at addr
15-3=12
addl %ebx, %ecx #increment %ecx by 15
jmp
loop
# goto loop
23
39. x86 Registers
•
•
•
•
•
•
eax, ebx, ecx, edx
Registers can be accessed in parts
Rrx – Referes to the 64 bit register
erx – Refers to 32 bit register
rx – Referes to the lower 16 bits of erx
rh – Refers to the top 8 bits of the rx bit
register
• rl – Refers to the lower 8 bits of the rx register
40. Condition Flags
• CF – Carry – Last arithmetic resulted in a
carry
• PF – Parity – Last arithmetic/logical operation
results in even parity (even number of 1’s)
• ZF – Zero – Last arithmetic/logical operation
resulted in a zero
• SF – Sign – Last arithmetic operation resulted
in the sign bit being set
• OF – Overflow – Last arithmetic resulted in an
overflow
41. Condition Flags
• AF – Adjust – Last arithmetic results in a carry
out of the lowest 4 bits (Used for BCD
arithmetic)
• TF – Trap – Enables CPU single step mode –
Used for debugging
• IF – Interrupt Enable – Enables cpu to handle
system interrupts
• DF – Direction – Sets the direction of string
processing from R->L
42. Verbiage
• Opcode operand1, operand2
• operand1 and/or operand2 are not always
required, depending on the opcode
• mov
eax, ebx
• Opcode – mov
• operand1 – eax
• operand2 - ebx
43. Operand Specifiers
• Source operand
• Constants, registers, or memory
• Destination operand
• Registers or memory
• Cannot do Memory-Memory transfer with a
single instruction
• 3 types of operands
• Immediate
• Register
• Memory
43
44. IA32 – Intel Architecture
• 32-bit address bus
•
•
normal physical address space of 4 GBytes (232 bytes)
addresses ranging continuously from 0 to 0xFFFFFFFF
• Data formats
•
•
Primitive data types of C
Single letter suffix
•
•
denotes size of operand
No aggregate types
•
Arrays, structures
C Declaration
Suffix
Size
char
B
8 bits
short
W or S
16 bits
int
L
32 bits
* (pointer)
L
32 bits
float
S
32 bits
44
45. Addressing Modes
• An addressing mode is a mechanism for specifying an
address.
• Immediate
• Register
• Memory
•
•
•
•
Absolute
•
specify the address of the data
Indirect
•
use register to calculate address
Base + displacement
•
use register plus absolute address to calculate address
Indexed
•
•
Indexed
•
Add contents of an index register
Scaled index
•
Add contents of an index register scaled by a constant
45
46. Operand addressing example
Address Value
0x100
0xFF
0x104
0xAB
0x108
0x13
0x10C
0x11
Register
Value
ax
0x100
cx
0x01
dx
0x03
Operand
%eax
0x104
$0x108
(%eax)
Value Comment
0x100 Register
0xAB Absolute Address - memory
0x108 Immediate
0xFF Address 0x100 - indirect
Address 0x104 - base+displacement
4(%eax)
0XAB (4+register)
Address 0x10C – indexed
9(%eax,%edx)
0X11 (9 + eax+edx)
Address 0x108 – indexed
0x104(%ecx,%edx) 0X13 (0x104+ecx+edx)
Address 0x100 - scaled index
0xFC(,%ecx,4)
0XFF (0xfc+0+ecx*4)
Address 0x10C - scaled index
(%eax,%edx,4)
0X11 (eax+edx*4)
*scaled index multiplies the 2nd argument by the scaled value (the 3rd argument)
which must be a value of 1, 2, 4 or 8 (sizes of the primitive data types)
46
47. Operand Combinations example
Source
Dest
Src,Dest*
C analog
Immediate Register
movl $0x4, %eax
temp = 0x4;
Immediate Memory
movl $-147, (%eax)
*p = -147;
Register
Register
movl %eax, %edx
temp2 = temp1;
Register
Memory
movl %eax, (%edx)
*p = temp;
Memory
Register
movl (%eax), %edx
temp = *p;
• Each statement should be viewed separately.
• REMINDER: cannot do memory-memory transfer with a single instruction.
• The parentheses around the register tell the assembler to use the register
as a pointer.
47
48. Size Directive
• Typically you can infer the size being operated
on by which variation of the register is in use
• mov (ebx), %eax
• Destination EAX, implies moving 4 bytes
• mov (ebx), %ax
• Destination AX implies moving only 2 bytes
• mov (ebx), %ah
• Destination ah implies moving only 1 bytes
49. Size Directive
• Sometimes it is unclear though.
• mov $2, (%ebx)
• How many bytes do you move into memory @
address ebx. 2? 4? 8?
• Have to explicitly specify size when dealing
with immediate values
• movw $2, (%ebx)
• Explicitly move 2 bytes
• movl $2, (%ebx)
• Explicitly move 4 bytes
C Declaration
Suffix
Size
char
b
8 bits
short
w or s
16 bits
int
l
32 bits
* (pointer)
l
32 bits
float
s
32 bits
long
q
64 bits
50. x86 Instructions
• Three categories
• Data Movement
• Arithmetic/Logic
• Control-Flow
• We will not cover ALL x86 instructions, there
are numerous obscure ones
• We will cover all of the common instructions
• For full list of operands see Intel’s instruction
set reference
51. x86 Instructions
<reg32>
Any 32-bit register (EAX, EBX, ECX,
EDX, ESI, EDI, ESP, or EBP)
<reg16> Any 16-bit register (AX, BX, CX, or
DX)
<reg8> Any 8-bit register (AH, BH, CH, DH,
AL, BL, CL, or DL)
<reg> Any register
<mem> A memory address (e.g., [eax], [var +
4], or dword ptr [eax+ebx])
<con32> Any 32-bit constant
<con16> Any 16-bit constant
<con8> Any 8-bit constant
<con> Any 8-, 16-, or 32-bit constant
52. Data Movement
• mov source, destination
• Move data from source to destination
• Syntax
mov <reg>,<reg>
mov <reg>,<mem>
mov <mem>,<reg>
mov <const>, <reg>
mov <const>, <mem>
• Examples
mov %eax, %ebx — copy the value in eax
into ebx
53. Data Movement
• push
• add 4 bytes on top of the stack
• Syntax
push <reg32>
push <mem>
push <con32>
• Examples
push %eax — push eax on the stack
54. Data Movement
• pop
• remove top 4 byte value from stack
• Syntax
pop <reg32>
pop <mem>
• Examples
pop %eax — pop off stack into eax
55. Data Movement
• lea – Load Effective Address
• loads the address of the source into the
registers in the second operand
• Syntax
lea <mem>, <reg32>
• Examples
lea (var), %eax — address of var is
placed into eax
56. Arithmetic and Logic
• add
• adds together the two operands and stores result
in the second operand
• Syntax
add <reg>,<reg>
add <reg>,<mem>
add <mem>,<reg>
add <imm>,<reg>
add <imm>,<mem>
Examples
add $10, %eax — add 10 to the current value
in eax, and store result in eax
57. Arithmetic and Logic
• sub
• subtracts the two operands and stores result in the
second operand
• Syntax
sub <reg>,<reg>
sub <reg>,<mem>
sub <mem>,<reg>
sub <imm>,<reg>
sub <imm>,<mem>
Examples
sub $10, %eax — subtracts 10 from the
current value in eax, and store result in eax
Editor's Notes
Start of Chapter 4http://vip.cs.utsa.edu/classes/cs3843f2011/notes/ch04-1.html
Technically, the bits are set to ZF=1, SF=0 and OF=0 when the program startsWhy not add 1 to %ecx addl $1,%edx… CAN’T not allowed – only reg to reg Op
Technically, the bits are set to ZF=1, SF=0 and OF=0 when the program startsWhy not add 1 to %ecx addl $1,%edx… CAN’T not allowed – only reg to reg Op
Parts A, B and D of practice problem 4.2See pages 458-459 for solutions*** C and E have exceptions
Of course can’t have a constant as a destination operand
Similar to Y86 .long but Y86 has only one operand size (32-bit)
Reminder: Y86 has two addressing modes:(reg) = get the value at that address designated by the reg this is “indirect” for IA32D(reg) = displacement + reg then get the value at the address of D+R this is “base + displacement” for IA32