CPSC 240 Midterm 2 Review
Fixed numeric example 1970
- Not used in computer systems 1970 = Decimal system, integer 1970.0 = Decimal system, real - Are used in computer systems 0x409EC80000000000 = IEEE754 (64 bits) 0x44F64000 = IEEE754 (32 bits) 0x67B2 = IEEE754 (16 bits) 0x0000 0000 0000 07B2 = Two's complement (64 bits) 0x0000 07B2 = Two's complement (32 bits) 0x07B2 = Two's complement (16 bits)
call ex: call printString
- calls a function; call <funcName> - Push the 64-bit rip register and jump to the <funcName>. - works by saving the address of where to return to when the function completes (referred to as the return address) - places contents of the rip register on the stack - recalls that the rip register points to the next instruction to be executed (which is the instruction immediately after the call)
ret
- return from a function - ret instruction pops the current top of the stack (rsp) into the rip register. Thus, the appropriate return address is restored. - effecting a jump to the line after the call.
What is the base number of the 64-bit floating point number system? Give the answer in decimal.
-1022 //It is negative
Convert the float number 0x3FD8 0000 0000 0000 to a decimal. What is the true exponent?
0 011 1111 1101 = 1021 True exponent: -2 1.1000 00000 000000 000000 0000 000... * 2^-2 11000 * 2^-6 24/64 = ⅜ 0.375
What is 1738 in a 10-digit babbage machine?
0 → 1 1 → 0 0 ← → 9 1 ← → 8 2 ← → 7 3 ← → 6 4 ← → 5 1738 → 8261 + 1 = 8262 8262 ← the negative rep of 1738 in babbage machine
What is the next number immediately less than positive infinity (64 bit numbers).
0x7FF00000000000000000
This integer is written in big endian: 0x2945 10FA 639B 3E7D. Compute the negative of this number and write that negative in little endian
0→F 1→E 2→D 3→C 4→B 5→A 6→9 7→8 0x2945 10FA 639B 3E7D D6BA EF06 9C64 C182 + 1 = 0x D6BA EF06 9C64 C183 reverse two's complement to make it negative in little endian 0x 381C 46C9 60FE AB6D
Examples of conversions also known as casting in the language of C++
1) Convert 64-bit long to 32-bit float cvtsi2ss xmm8, rcx Let rcx = 0x0000 0000 0000 07B2 then the low half of xmm8 = 0x44F 64000 2) Convert 32-bit int to 32-bit float cvtsi2ss xmm8, ecx Let ecs = 0x0000 07B2 then the low half of xmm8 = 0x44F6 0000 3) Convert 64-bit long to 64-bit double cvtsi2sd xmm8, rcx Let rcx = 0x0000 0000 0000 07B2 then xmm8 = 0x409E C800 0000 0000 4) Convert 32-bit int to 64 bit double cvtsi2sd xmm8, ecx Let ecx = 0x0000 07B2 then xmm8 = = 0x409E C800 0000 0000 5) Convert 32-bit float to 64-bit long using rounding cvtss2si rcx, xmm9 Let the low half of xmm9 = 0x44F64000 then rcx = 0x0000 0000 0000 07B2 6) Convert 32-bit float to 32-bit int using rounding cvtss2si ecx. xmm9 Let the low half of xmm9 = 0x44F6 4000 then ecx = 0x0000 07B2 7) Convert 64-bit double to 64-bit long using rounding cvtsd2si r12, xmm10 Let r12 = 0x0000 0000 0000 07B2 then xmm10 = 0x409E C800 0000 0000 8) Convert 64-bit double to 32-bit float using rounding cvtsd2si xmm0, xmm15 Let xmm15 = 0x409E C800 0000 0000 then the low half of xmm0 = 0x0000 07B2
A summary of the instructions that perform the signed widening conversion are as follows:
1) cwd - Convert word in ax into double-word in dx:ax. Note, only works for ax to dx:ax registers. 2) cwde - Convert word in ax into double-word in eax. Note, only works for ax to eax register. 3) cdq - Convert double-word in eax into quadword in edx:eax. Note, only works for eax to edx:eax registers. 4) cdqe - Convert double-word in eax into quadword in rax. Note, only works for rax register. 5) cqo - Convert quadword in rax into word in double- quadword in rdx:rax. Note, only works for rax to rdx:rax registers.
Convert the number 1.11001 x 2^-3 to base 10 number.
1.11001 x 2^-3 = 0.00111001 111001 * 2^-8 57/256 = 0.22265625 convert to decimal https://www.calculatorsoup.com/calculators/math/scientific-notation-converter.php base converter https://www.rapidtables.com/convert/number/base-converter.html?x=1.11001+x+10%5E-3+&sel1=10&sel2=16
Who is the first programmer?
Ada Lovelace
Suppose an array is declared in segment .bss. Later the program places some quadwords into the cells of that array. Where in memory are those quadwords stored?
All arrays declared in .bss are static arrays. The data for any static array are stored in the AR belonging to the function that declared the static array.
If the call to a function is always seg faulting what should the programmer try first to fix this problem?
Always try the easy fix first. The symptoms here are like the symptoms of being off the 16- byte boundary. So, we try to fix that first. Place "push qword 0" immediately before the setup block leading to the function call Place "pop rax" soon after the function call has completed. That's easy and should be tried first before using advanced techniques such as including the entire Debug.asm function into the program under development.
What is the context where we have needed to use cqo? What does cqo really do?
Answer for first question: You plan to divide one integer by another. You copy the numerator to rax. The you use "cqo" to extend that number through rdx. Then you can use the div command. Answer for the second question: Either of the following two answers are worth full-credit. It organizes rdx so that the pair rdx:rax is numerically equal to the single register rax. [That is the answer in non-tech language.] Cqo takes the left most bit of rax and copies it to every bit position of rdx. [Technical answer.]
What GDB command could have made the following output?
Answer: 10 rows x 8 columns = 80 groups display. Each group = 4 hex digits = 2 bytes = 1 word = symbol 'h' Command is x/80xh $rsp
What does the phrase "immediate mode" mean? Give an example to illustrate your answer.
Answer: Immediate mode refers to an operand of an instruction that is a hard constant. Example: add rbx, 16 The use of 16 is called "immediate mode".
Suppose you are writing a module in X86. Near the end of the source code you realize you have 15 pushes and 3 pops. You have to balance the stack before executing the "ret" instruction. You could use "pop rax" 12 times. What is a single instruction that will accomplish the same result.
Answer: add rsp, 96 This works because 96 = 12 x 8.
What is stored in the first quadword of all activation records? ["first" means the quadword was written into the activation record before all other quadwords in the activation record.]
The value in rbp when it was part of the previous activation record.
What is the name of the integer number system used in most modern computers?
Two's complement
Suppose that you used your computer science background to create a program "Ultrazip" that will compress any file into a zip file at a speed faster than any known zipping program. You decide to post your breakthrough product on github in order to share it with the world. What license do you put on that program?
GPL
Describe the main difference between the GPL License and the LGPL License
GPL: Software license open source LGPL: Less restrictive, library license open source
What are the names (or acronyms) of the "components" of a modern X86 microprocessor?
GPR, FPU, SSE, AVX *In the Intel online documentation GPR is omitted from the list of "components"
How did our specific programming language receive the name "x86"?
In the early years of production of IC chips (integrated circuit chips) there were models: 4004, 8008, 8086, 8087, 8088, 80286, 80386, 80486 and many others. The processor 8086 was a very big seller and the last 2 digits of its name stayed as the name of the programming language for all future processors decendants from that 8086.
Name the syntaxes of ASM and their respective assemblers
Intel and AT&T. Intel: NASM, YASM TASM, MASM AT&T: gas (GNU Assembly)
What is the model of the oldest microprocessor in the x86 family? This one is so old that some online lists fail to recognize it.
Intel model 4004
What is the purpose of the "-c" parameter sometimes found in some g++ and gcc compilation statements?
It means create an object file, but do not attempt to link anything. In brief, "-c" means compile only. The default action, without the "-c", is compile and link in a single step.
What license is or should be on the publicly available isfloat function?
LGPL
Let's suppose you invented new kind of sort function that executed in O(n) time. It was faster than any previously known sort function. You decided to make it public by posting the source code online. What license should you put on that software?
LGPL which means Lesser General Public License
What do we credit Richard Stallman with?
Pioneering copyleft. Advocating for right to use, modify and distribute free software. Started/Creator of open-source software
What exactly happens when "ret" (asm) or "return" (C++) executes?
Pop rbp occurs first, returning the previous any needed previous AR address value to return the pointer where needed. Pop rip occurs to point to the next instruction. Return pops the return address from the top of the stack and continues code execution at the point the function was called.
Place the following in order from low memory address to high memory address: Uninitialized Data (.bss), Initialized Data (.data), Stack, Program File, Heap Space
Program File, Initialized Data (.data), Uninitialized Data (.bss), Heap, Stack
What did the professor assert is the greatest opus magnum of all programming?
Roller Coaster Tycone #2. The 2 is important because #3 included some non- assembly statements. PS If you want to play this game on your computer it is still sold online, but you should buy #3 simply because it has more features.
Where do we use extern "C"?
That expression (compiler directive) is always placed on the left side of any prototype of a function compiled by C++. Note: The expression is not placed on the header of the function itself. It is only placed on the prototype of the function.
Why do we use extern "C" ?
That expression tells the compiler to pass parameters to a called function according to a universal standard.
What did somebody to do to earn the title "King of Assembly"?
That person created a highly popular game in the 2005 era using only assembly.
In the C++ compilation command there is a switch -c. What is the point of that switch?
The "-c" instructs the compiler to "compile only". If the "-c" is omitted the compiler attempts to "compile and link" in the same operation. *Footnote: see explanation in the Appendix located at the end of this document.
What is the backend boundary and what is the frontend boundary of the activation record currently in use? Specify each part of the answer with "back" or "front".
The "back" of the AR is sometimes called the "base" or the "start" of the AR. The backend (base) is pointed to by rbp. The frontend is pointed to by rsp.
What is the defining property of a "little endian" when speaking of numbers?
The LSB is first in the normal order of things.
Declare an array: income resq 80 Show how to output the entire array in groups of 32 bit floats with each group in IEEE754 hex.
The array income holds 80*8 = 640 bytes. A 32-bit number holds 4 bytes. Divide 640 by 4 to get 160 = number of 32-bit numbers (dwords) in this array. Therefore the answer is p/x {int[160]}&income
Explain precisely what cdqe does. A freshman was heard saying "I've heard that cdqe makes something larger but I have no clue about that."
The bits in any registers such as rax are numbered from right to left 0, 1, 2, 3, etc. What cdqe does is go to register rax and find bit number 31. Take that one bit and copy it into positions 32, 33, 34, ... 63 of rax. That says, the one bit at position 31 will fill the entire upper half of register rax. This instruction, cdqe, only acts on that one register, namely: rax.
We know that "mov rax, qword 0" will place 64 zero bits in rax, but what is another way to perform a "fast zero-put" of rax?
Xor, rax, rax
Create an if statement using only SSE registers. (SSE = xmm's).
Xorpd xmm9, xmm9 Ucomisd xmm10, xmm9 Jmp end_of_function
Let's suppose I have a 32-bit number stored in the low half of rax (called eax). How can I move that number to the high half of rax and leave zeros where the number use to be.
You can shift the number 32 bits to the left. The instruction is shl rax, 32
What are the properties that characterize a Von Neumann computer.
The computer must have all of these components: CPU Primary storage - aka RAM or memory Secondary storage - aka HDD or SSD or Nvme I/O devices - such as mouse, keyboard, monitor Bus - that is, cables for transmission of data
All modern computers (except possibly quantum computers) have a single stack at one end of memory. As we move away from the stack to the other end of memory what is the first important block of data we encounter?
The heap [There is only one of these.]
Linkage
The linkage is about getting to and returning from a function call correctly. ch 12 page 184
What happens if you include the S parameter in the compilation command of a C++ function.
The output file is a file containing source code written in AT&T syntax but functionally equivalent to the C++ function being compiled.
Provide the range for each of the following:
a. signed byte = -128 to 127 b. unsigned byte = 0 to 255 c. signed word = -32,768 to 32,767 d. unsigned word = 0 to 65,535 e. signed double-word = -2,147,483,684 to 2,147,483,647 f. unsigned double-word = 0 to 4,294,967,295
symbols to specify the size of a segment of memory can be used only with the 'x' operator If used with the 'p' operator a warning message will appear
b byte - 1 byte h halfword - 2 bits w word - 4 bits g giant - 8 bits
What two instructions handle linkage?
call - transfers control to the named function ret - returns control back to the calling routine
Conversion Instructions (SSE)
cvtpi2ps - convert packed doubleword integers to packed single-precision floating-point values cvtps2pi - convert packed single-precision floating-point values to packed doubleword integers cvtsi2ss - convert doubleword integer to scalar single-precision floating-point value cvtss2si - convert scalar single-precision floating-point value to a doubleword integer cvttps2pi - convert with truncation packed single-precision floating-point values to packed doubleword integers cvttss2si - convert with truncation scalar single-precision floating-point value to scalar doubleword integer
symbols of output formats These govern the form of the output and are for use with the 'p' command.term-4
d - decimal c - char a - address s - string i - instruction f - float u - unsigned integer of any size t - binary
How are the bits in a general purpose register such r12 organized? Pick one. a) From 0 to 32 left to right b) From 0 to 48 right to left c) From 1 to 64 right to left d) From 0 to 31 left to right e) From 0 to 63 left to right f)From 1 to 64 left to right g) From 0 to 63 right to left h) Blank
g. From 0 to 63 right to left
Universal Standard
is use registers in the order rdi, rsi, rdx, rcx, r, and r9.
apples and pears are 2 arrays declared in .bss both with physical size 100 qwords. r8 holds the number of valid numbers in apples. Write a block of asm instructions that will copy the first r8 cells from apples to the first r8 values of apples to the first r8 values of pears. In C++ we would make the following: for(int k = 0;k<r8;k++) pears[k] = apples[k]; Now give below the asm version of the same thing.
mov r12, 0 ;r12 is loop counter beginloop: cmp r12, r8 jge outofloop mov rax, [apples+8xr12] mov [pears+8xr12], rax inc r12 jmp beginloop outofloop:
The number of students in a classroom is stored in r8. r9 holds another integer. The instructor wants to form discussion groups with r9 members in each group. Write a block of assembly statements that will answer these questions. How many groups of equal size will be formed? Put the answer in r10. How many students are left over (without a group)? Put the answer in r11.
mov rax, r8 idiv r9 mov r10, rax mov r11, rdx
What action is performed by "return" instruction in C++ and C?
mov rbp, rsp pop rbp pop rip
Stepping through Execution
n - Execute the next statement or instruction. The command 'n' will execute a function call, but it will not step into that function. Suppose your program calls printf at a certain line of the source file. You want gdb to execute printf, but you probably do not wish to see all the details regarding printf. s - Step ahead to the next instruction. Recommended for stepping through an assembly module. c //Continue execution without pause until the next break is reached.
Show the value in rbp as a base 10 qword integer.
p/d $rbp
Display data Values Let a and b be an ordinary variables long a = 37; or char b[ ] = "Hello";
p/d a - Output contents of a in decimal (base 10) p/t a - Output contents of a in binary (base 2) p/s a - Output the contents of a in ascii characters. //For example, suppose a holds 0x4142. Then the output will be AB.
Pick any general register: we'll use rbp for illustration purposes.
p/x $rbp // Output the value in rbp in hex p/u $rbp // Output the value in rbp in unsigned decimal integer form p/s $rbp // Output the value in rbp as a string where each byte is outputted as an ascii character
Display addresses *The value of every variable is stored in the Stack Frame associated to the process where the variable is declared. Thus every variable has an address. Registers don't have addresses.
p/x &a // Output the location of a in hex p/u &a // Output the location of a in unsigned integer p/a &a // Output the address of a in address format.
GDB questions from midterm 1 Declaration: An array is declared in C++: long a[7] = {6,15,-1,14,-8,9,3}; double b[5] = {3.5,-7.7,8.33, 5.15, 9.1};
p/x a // Show all the values stored in a in hex p/u a[2] // Show the value stored at index 2 in unsigned integer p/f b // Show all the numbers of the array in standard floating point form p/x &b // Show the address where the number 3.5 is stored. same as p/x &b[0].
Show the contents of memory starting at 0x7fffffffde60 and continuing for the next 23 qwords showing the contents of each qword as an unsigned long.
x/20ug 0x7fffffffde60
examples of outputting values using the 'x' command
x/40xg $rsp // Output 40 contiguous giant words in hex starting at the address in rsp. x/30dg 0x7fffffffaa80 // Output 30 contiguous giant words in decimal starting at the address 0x7fffffffaa80 x/32xw 0x7FFFFFFF0000 // Output 32 contiguous words (4 bytes each) in hex beginning at the given address. x/100xg rip // Output 100 qwords in hex starting at the address of the next instruction to be executed. This is useful for finding opcodes in the executable section of memory, which may be later modified. x/xg rip // The same as "x/1xg rip". When no integer indicating the number of numeric units to be displayed is given then the default value '1' is assumed.
examples of outputting values from an array using the 'x' command
x/4xw number // Output the first 4 dwords (32 bits) of the array in hex form. x/5dh number // Output the first 5 words (16 bits) of the array in decimal x/7dg number // Output the first 7 dwords (32 bits) of the array in decimal. x/8xw number // Output the first 8 dwords (32 bits) of the array in hex x/9xg number // Output the first 9 qwords (64 bits) of the array in hex x/5xw number // Output the first 5 dwords (32 bits) of the array in hex x/4gx number // Output the first 4 qwords of the array in hex
What is -30495 in an 8-digit Babbage machine?
First compute the complement and then add 1 The complement is 99969504. Add one and we have the answer: 99969505.
Name and explain the 4 elements that can make up a Creative Commons license?
Attribution (by): All CC licenses require that others who use your work in any way must give you credit the way you request, but not in a way that suggests you endorse them or their use. If they want to use your work without giving you credit or for endorsement purposes, they must get your permission first. ShareAlike (sa): You let others copy, distribute, display, perform, and modify your work, as long as they distribute any modified work on the same terms. If they want to distribute modified works under other terms, they must get your permission first. NonCommercial (nc): You let others copy, distribute, display, perform, and (unless you have chosen NoDerivatives) modify and use your work for any purpose other than commercially unless they get your permission first. NoDerivatives (nd): You let others copy, distribute, display and perform only original copies of your work. If they want to modify your work, they must get your permission first.
Within a C++ file and an ASM file, what data gets stored in the stack or in the heap?
C++ with static data allocates all data into the stack frame, as it knows the set size (dynamic data goes into heap). ASM on the other hand has all data stored into the heap, as the data is not immediately known and ASM requires we make our stack frame work manually.
What do you have to do to translate a C++ function to an X86 function in ATT syntax.
Compile the C++ function in the usual way, but add the "-S" to the compile statement, and optionally change the extension on the name of the output file from .o to .att.
Here is a register rax = 7BCD EF09 8765 4321. Suppose we execute the instruction cqo. What will happen?
Converts the quadword in rax into a double quadword in rdx:rax
Suppose you wrote a term paper for POSC100 class titled "Rights of a Juror"mean. Your teacher said it was a marvelous piece of research. Now you want to post it online for others to view. What license should be placed on this work of intellectual property?
Creative Commons
examples of outputting values from an array using the 'p' command
p/x number // Output all the values of number in hex integers p/d number // Output all the values of number in decimal integers p/d number[3] // Output the one value in cell #3 of number p/t number // Output all the values of number in binary integers p/f number // Output all the values of number in decimal floating points p/u number // Output all the values of number in unsigned integer p/x &number // Output the starting address of number in hex p/d &number // Output the starting address of number in decimal p/a &number[2] // Output the address of cell #2 of number in hex p/d &number[3] // Output the address of cell #3 of number in decimal
Show the contents in the low 64 bits of xmm9 in hex.
p/x xmm9.v2_double //show low 64 bits and the high 64 bits p/x xmm9.v2_double[0] //Shows only the low 64-bits
What action is performed by the "ret" instruction in assembly?
pop rip
What action is performed by a function call in C++?
push rip A new activation record is created with the call of the function. This means a new address needs to be pushed onto the stack. Push rbp occurs to keep the previous address value on the stack until we call return. Mov rbp, rsp then is called to have rsp point to the new AR.
Execution Controls
r - Start the program running under the control of gdb q - Quit. Stop execution of the program. Reverse of the 'r' command. q - Quit and exit from gdb Notice that there are two uses of quit: - one terminates the execution of the program being debugged but gdb continues live - the other use of quit causes gdb to exit.
Temporary registers
r10 and r11
Think of a function that is part of a larger program. When that function executes it has its own activation record in memory. What is stored in the initial quadword of that activation record?
rbp of the caller function push rbp is the first instruction that executes in all asm programs. It's the first instruction because that statement is initiating a new activation record for the called function. We say that rbp is the first qword in an AR. Possible exception: the driver program is called by the loader module of the op system. The driver has its own AR. The first qword in that AR is all zeros.
Arguments Registers
rdi - 1st Argument rsi - 2nd Argument rdx - 3rd Argument rcx - 4th Argument r8 - 5th Argument r9 - 6th Argument
Which register points to the next instruction to be executed?
rip
Which register points to the current top of the stack?
rsp
How to output a IEEE754 number.
segment .data floatform db "%lf", 0 message db "Your number is %30.15lf. Bye",10,0 twonumbers db "Your numbers are %9.5lf and %9.5lf. Bye", 10,0 ;Block to set up floating point output mov rax,1 mov rdi, message movsd xmm0, xmm12 //place output number in xmm0 call printf ;Block to set up 2 numbers for output mov rax, 2 mov rdi, twonumbers movsd xmm0, xmm14 movsd xmm1, xmm15 call printf 1.2345678901234500000584362500000000000000 ;Block to set up scanf for input of 1 double mov rax, 1 mov rdi, floatform push qword 0 mov rsi, rsp call scanf mov xmm13, [rsp] //The double is copied from top of stack to xmm13 pop rax
Make an asm function "largest" that will find the largest value in the array and return that number to the caller. The prototype is long largest(long arr[ ], long count); //Save time: don't write all 15 pushes. Instead use a comment: ";15 pushes here" or "15 pops here".
segment .text ;15 pushes here mov r13, rdi ;r13 is the array mov r14 rsi ;r14 is the count of numbers in the array mov r15,1 ;r15 is the index into the array. mov r12, [r13] ;copy the number in cell 0 to r12 beginloop: cmp r15,r14 jge outofloop ;Block to determine if number in array > r15. ;If yes save new number in r15 cmp r15,[r13+8*r15] jge continue mov r15,[r13+8*15] continue: inc r15jmp beginloop outofloop: mov rax, r12 ;15pops ret
Changing Vales
set $r14 = 32 // Change the value stored in register r14 set $rdx = 0x46 // Change the value stored in register rdx set var a = 29 // Change the value in program variable a to become 29 set var numb[2] = 3.75 // Change the value in cell #2 to 3.75 set {unsigned long}0x7fffffff5a40 = 99 // Change value in memory to 99 The following is invalid: set 0x7fffffff5a40 = 99 because the size of the destination is not specified. The prefix {unsigned long} is a way of specifying that 8 bytes (1 qword) will be used in the destination for storage of the value 99.
Change the value in low 64 bits of xmm3 to be 0x400
set $xmm3.v2_double[0]=0x400
Explain what cdqe does in terms that a CS major who never took 240 can understand.
the 'd' represents "double' or 32 bits and the 'q' represents "quad word" or 64 bits The instruction changes the upper 32 bits so that the following becomes true: The entire 64-bit number in rax is numerically equal to the 32-bit number in the low half of rax. An example for teaching purposes. Suppose rax hold this value: 0x5555 6666 FFFF FFFF. The low 32 bits hold the numeric value -1. Therefore the cdqe instruction will change rax to be 0xFFFF FFFF FFFF FFFF. Now whole rax has numeric value -1. They are equal!! That is what cdqe does.
Given double stuff[100] Show the first 13 qwords of the array in IEEE754 hex
x/13xg stuff
Given char message[60]; Show the first 20 bytes of the array with the ascii number for each byte in the output.
x/20cb &message
