# MACHINE LEVEL REPRESENTATION I

CAS CS 210 Computer Systems
Some slides based on CMU Slides
CS:APP2e Ch 3.1-3.4

# WHAT IS A CPU? WHAT IS IT DOING?



Figure 2-4. Relative Performance of the 8086 and 8088

#### 2.2 Processor Architecture

Microprocessors generally execute a program by repeatedly cycling through the steps shown below (this description is somewhat simplified):

- 1. Fetch the next instruction from memory.
- Read an operand (if required by the instruction).

#### 2-3

#### 8086 AND 8088 CENTRAL PROCESSING UNITS

- Execute the instruction.
- 4. Write the result (if required by the instruction).

In previous CPUs, most of these steps have been performed serially, or with only a single bus cycle fetch overlap. The architecture of the 8086 and 8088 CPUs, while performing the same steps, allocates them to two separate processing units within the CPU. The execution unit (EU) executes instructions; the bus interface unit (BIU) fetches instructions, reads operands and writes results.

The two units can operate independently of one another and are able, under most circumstances, to extensively overlap instruction fetch with execution. The result is that, in most cases, the time normally required to fetch instructions "disappears" because the EU executes instructions that have already been fetched by the BIU. Figure 2-5 illustrates this overlap and compares it with traditional microprocessor operation. In the example, overlapping reduces the elapsed time required to execute three instructions, and allows two additional instructions to be prefetched as well.

The processor causes the system to perform the desired operations by reading the first instruction in the program, and performing the very simple task dictated by the specific pattern of bits in this instruction (referred to as "executing" that instruction). It then goes on to the next instruction in the program and executes it. This simple operation of fetching an instruction and executing it is performed over and over, each time on the next instruction in sequence. In this way the program instructs the processor to bring about the desired system operation.

# THE STORED PROGRAM & THE LOOP!

# STORED PROGRAM CONCEPT



# THE LOOP! THE HEART OF MACHINE



# Instruction CPU Execution Cycle

- Obtain instruction from program storage
- Determine required actions and instruction size
- Locate and obtain operand data
- Compute result value
- Deposit results in storage for later use
- Determine successor instruction









Table 5-2 W65C02S OpCode Matrix

| MSD |            | W65C02S OpCode Matrix |               |   |               |             |             |              |          |            |            |            |                |            |              |             | MSD |
|-----|------------|-----------------------|---------------|---|---------------|-------------|-------------|--------------|----------|------------|------------|------------|----------------|------------|--------------|-------------|-----|
|     | 0          | 1                     | 2             | 3 | 4             | 5           | 6           | 7            | 8        | 9          | Α          | В          | С              | D          | Е            | F           |     |
| 0   | BRK<br>a   | ORA<br>(zp,x)         |               |   | TSB<br>zp •   | ORA<br>zp   | ASL<br>zp   | RMB0<br>zp • | PHP<br>s | ORA<br>#   | ASL<br>A   |            | TSB<br>a •     | ORA<br>a   | ASL<br>a     | BBR0<br>r • | 0   |
| 1   | BPL<br>r   | ORA<br>(zp),y         | ORA<br>(zp) * |   | TRB<br>zp •   | ORA<br>zp,x | ASL<br>zp,x | RMB1<br>zp • | CLC<br>i | ORA<br>a,y | INC<br>A * |            | TRB<br>a•      | ORA<br>a,x | ASL<br>a,x   | BBR1<br>r • | 1   |
| 2   | JSR<br>a   | AND (zp,x)            |               |   | BIT<br>zp     | AND<br>zp   | ROL<br>zp   | RMB2<br>zp • | PLP<br>s | AND<br>#   | ROL<br>A   |            | BIT<br>a       | AND<br>a   | ROL<br>a     | BBR2<br>r • | 2   |
| 3   | BMI<br>r   | AND (zp),y            | AND (zp) *    |   | BIT<br>zp,x • | AND<br>zp,x | ROL<br>zp,x | RMB3<br>zp • | SEC<br>I | AND<br>a,y | DEC<br>A   |            | BIT<br>a,x *   | AND<br>a,x | ROL<br>a,x   | BBR3        | 3   |
| 4   | RTI<br>s   | EOR<br>(zp,x)         |               |   |               | EOR<br>zp   | LSR<br>zp   | RMB4<br>zp • | PHA<br>s | EOR<br>#   | LSR<br>A * |            | JMP<br>a       | EOR<br>a   | LSR<br>a     | BBR4<br>r • | 4   |
| 5   | BVC<br>r   | EOR<br>(zp),y         | EOR (zp) *    |   |               | EOR<br>zp,x | LSR<br>zp,x | RMB5<br>zp • | CLI<br>i | EOR<br>a,y | PHY<br>s • |            |                | EOR<br>a,x | LSR<br>a,x   | BBR5        | 5   |
| 6   | RTS<br>s   | ADC (zp,x)            |               |   | STZ<br>zp •   | ADC<br>zp   | ROR<br>zp   | RMB6<br>zp • | PLA<br>s | ADC<br>#   | ROR<br>A   |            | JMP<br>(a)     | ADC<br>a   | ROR<br>a     | BBR6<br>r • | 6   |
| 7   | BVS<br>r   | ADC<br>(zp),y         | ADC (zp) *    |   | STZ<br>zp,x • | ADC<br>zp,x | ROR<br>zp,x | RMB7<br>zp • | SEI<br>i | ADC<br>a,y | PLY<br>s • |            | JMP<br>(a.x) * | ADC<br>a,x | ROR<br>a,x   | BBR7        | 7   |
| 8   | BRA<br>r • | STA<br>(zp,x)         |               |   | STY<br>zp     | STA<br>zp   | STZ<br>zp   | SMB0<br>zp • | DEY<br>i | BIT<br>#   | TXA<br>i   |            | STY<br>a•      | STA<br>a   | STX<br>a     | BBS0<br>r•  | 8   |
| 9   | BCC<br>r   | STA<br>(zp),y         | STA (zp) *    |   | STY<br>zp,x   | STA<br>zp,x | STZ<br>zp,y | SMB1 zp •    | TYA<br>i | STA<br>a,y | TSX<br>i   |            | STZ<br>a       | STA<br>a,x | STZ<br>a,x • | BBS1        | 9   |
| Α   | LDY<br>#   | LDA<br>(zp,x)         | LDX<br># *    |   | LDY<br>zp     | LDA<br>zp   | LDX<br>zp   | SMB2<br>zp • | TAY<br>i | LDA<br>#   | TAX<br>i   |            | LDY<br>a       | LDA<br>a   | LDX<br>a     | BBS2        | Α   |
| В   | BCS<br>r   | LDA<br>(zp),y         | LDA (zp) *    |   | LDY<br>zp,x   | LDA<br>zp,x | LDX<br>zp,y | SMB3<br>zp • | CLV<br>i | LDA<br>A,y | TSX<br>i   |            | LDY<br>a,x     | LDA<br>a,x | LDX<br>a,x   | BBS3        | В   |
| С   | CPY<br>#   | CMP<br>(zp,x)         |               |   | CPY<br>zp     | CMP<br>zp   | DEC<br>zp   | SMB4<br>zp • | INY<br>i | CMP<br>#   | DEX<br>i   | WAI<br>I • | CPY<br>a       | CMP<br>a   | DEC<br>a     | BBS4        | С   |
| D   | BNE<br>r   | CMP<br>(zp),y         | CMP<br>(zp) * |   |               | CMP<br>zp,x | DEC<br>zp,x | SMB5<br>zp • | CLD<br>i | CMP<br>a,y | PHX<br>s • | STP<br>I•  |                | CMP<br>a,x | DEC<br>a,x   | BBS5        | D   |
| E   | CPX<br>#   | SBC<br>(zp,x)         |               |   | CPX<br>zp     | SBC<br>zp   | INC<br>zp   | SMB6<br>zp • | INX<br>i | SBC<br>#   | NOP<br>i   |            | CPX<br>a       | SBC<br>a   | INC<br>a     | BBS6        | Е   |
| F   | BEQ<br>r   | SBC<br>(zp),y         | SBC (zp) *    |   |               | SBC<br>zp,x | INC<br>zp,x | SMB7<br>zp • | SED<br>i | SBC<br>a,y | PLX<br>s • |            |                | SBC<br>a,x | INC<br>a,x   | BBS7        | F   |
|     | 0          | 1                     | 2             | 3 | 4             | 5           | 6           | 7            | 8        | 9          | Α          | В          | С              | D          | Е            | F           |     |

# **Assembly Programmer's View**



- Called "EllRegister file
  - Heavily used program data
- Condition codes
  - Store status information about most recent arithmetic operation
  - Used for conditional branching

#### Memory

- Byte addressable array
- Code, user data, (some) OS data
- Includes stack used to support procedures

# AS PROGRAMMERS WHAT HAVE WE BEEN DOING ALL THIS TIME?

HAVE WE REALLY BEEN PROGRAMMING THE COMPUTER?

### **Turning C into Object Code**

- Code in files p1.c p2.c
- Compile with command: gcc -O p1.c p2.c -o p
  - Use optimizations (-O)
  - Put resulting binary in file p



# **Compiling Into Assembly**

#### C Code

```
int sum(int x, int y)
{
  int t = x+y;
  return t;
}
```

#### **Generated IA32 Assembly**

```
pushl %ebp
movl %esp,%ebp
movl 12(%ebp),%eax
addl 8(%ebp),%eax
movl %ebp,%esp
popl %ebp
ret
```

#### **Obtain with command**

```
gcc -0 -S code.c
```

Produces file code.s

Some compilers use single instruction "leave"

# **Assembly Characteristics: Data Types**

- "Integer" data of 1, 2, or 4 bytes
  - Data values
  - Addresses (untyped pointers)
- Floating point data of 4, 8, or 10 bytes
- No aggregate types such as arrays or structures
  - Just contiguously allocated bytes in memory

# **Assembly Characteristics: Operations**

- Perform arithmetic function on register or memory data
- Transfer data between memory and register
  - Load data from memory into register
  - Store register data into memory
- Transfer control
  - Unconditional jumps to/from procedures
  - Conditional branches

# **Object Code**

#### Code for sum

0x5d

0xc3

```
0x401040 < sum > :
    0x55
    0x89
    0xe5
    0x8b
    0x45
    0x0c
    0x03
    0x45
    0x08

    Total of 13 bytes

    0x89

    Each instruction

    0xec
               1, 2, or 3 bytes
```

Starts at address

 $0 \times 401040$ 

#### Assembler

- Translates .s into .o
- Binary encoding of each instruction
- Nearly-complete image of executable code
- Missing linkages between code in different files

#### Linker

- Resolves references between files
- Combines with static run-time libraries
  - E.g., code for malloc, printf
- Some libraries are dynamically linked
  - Linking occurs when program begins execution

# **Machine Instruction Example**

```
int t = x+y;
```

```
addl 8(%ebp),%eax
```

Similar to expression:

$$x += y$$

More precisely:

```
int eax;
int *ebp;
eax += ebp[2]
```

0x401046: 03 45 08

#### C Code

Add two signed integers

#### Assembly

- Add 2 4-byte integers
  - "Long" words in GCC parlance
  - Same instruction whether signed or unsigned
- Operands:

**x:** Register %**eax** 

y: Memory M[%ebp+8]

t: Register %eax

- Return function value in %eax

#### Object Code

- 3-byte instruction
- Stored at address 0x401046

### **Disassembling Object Code**

#### Disassembled

```
00401040 < sum>:
  0:
         55
                             %ebp
                       push
  1: 89 e5
                             %esp,%ebp
                       mov
  3: 8b 45 0c
                             0xc(%ebp),%eax
                       mov
  6: 03 45 08
                       add
                             0x8(%ebp), %eax
  9: 89 ec
                             %ebp,%esp
                       mov
         5d
  b:
                             %ebp
                       pop
      c3
                       ret
  c:
         8d 76 00
                             0x0(%esi), %esi
  d:
                       lea
```

#### Disassembler

```
objdump -d p
```

- Useful tool for examining object code
- Analyzes bit pattern of series of instructions
- Produces approximate rendition of assembly code
- Can be run on either a .out (complete executable) or .o file

# **Alternate Disassembly**

#### **Object**

#### $0 \times 401040$ : 0x550x890xe50x8b0x450x0c0x030x450x080x890xec 0x5d0xc3

#### Disassembled

```
0x401040 <sum>:
                    push
                            %ebp
                            %esp, %ebp
0x401041 < sum + 1>:
                    mov
0x401043 < sum + 3>:
                            0xc(%ebp),%eax
                    mov
0x401046 < sum + 6>:
                   add
                            0x8(%ebp), %eax
0x401049 < sum + 9>:
                   mov
                            %ebp,%esp
0x40104b < sum + 11>:
                   pop
                            %ebp
0x40104c < sum + 12>: ret
0x40104d <sum+13>: lea
                            0x0(%esi),%esi
```

#### Within gdb Debugger

```
gdb p
disassemble sum
```

Disassemble procedure

```
x/13b sum
```

Examine the 13 bytes starting at sum

#### What Can be Disassembled?

```
% objdump -d WINWORD.EXE
WINWORD.EXE: file format pei-i386
No symbols in "WINWORD.EXE".
Disassembly of section .text:
30001000 <.text>:
30001000: 55
                        push
                               %ebp
30001001: 8b ec
                        mov
                               %esp,%ebp
30001003: 6a ff
                               $0xffffffff
                     push
30001005: 68 90 10 00 30 push
                              $0x30001090
3000100a: 68 91 dc 4c 30 push
                               $0x304cdc91
```

- Anything that can be interpreted as executable code
- Disassembler examines bytes and reconstructs assembly source



# **Assembly Programmer's View**



- Called "EllRegister file
  - Heavily used program data
- Condition codes
  - Store status information about most recent arithmetic operation
  - Used for conditional branching

#### Memory

- Byte addressable array
- Code, user data, (some) OS data
- Includes stack used to support procedures