Presentation 159 Saufi n Yb

8/6/2019 Presentation 159 Saufi n Yb

http://slidepdf.com/reader/full/presentation-159-saufi-n-yb 1/15



� An instruction set, or instruction setarchitecture (ISA), is the part of the computerarchitecture related to programming, including

the native data types,instructions, registers, addressingmodes,memoryarchitecture, interrupt and exception handling,and external I/O. An ISA includes aspecification of the set of opcodes (machinelanguage), and the native commandsimplemented by a particular processor.



� Instruction set architecture is distinguishedfrom the microarchitecture, which is the set ofprocessor design techniques used to implement

the instruction set. Computers with differentmicroarchitectures can share a common instruction set. For example,the Intel Pentium and

the AMD Athlon implement nearly identicalversions of the x86 instruction set, but haveradically different internal designs.



� Some virtual machines that support bytecodefor Smalltalk, the Java virtual machine, andMicrosoft's Common Language

Runtime virtual machine as their ISA implement it by translating the bytecode forcommonly used code paths into nativemachine code, and executing less-frequently-used code paths byinterpretation; Transmeta implemented the x86instruction set atop VLIW processors in thesame fashion.



� In computing, input/output, or I/O, refers to thecommunication between an information processingsystem (such as a computer), and the outside world,possibly a human, or another information processingsystem. Inputs are the signals or data received by the

system, and outputs are the signals or data sent from it. Theterm can also be used as part of an action; to "perform I/O"is to perform an input or output operation. I/O devices areused by a person (or other system) to communicate with acomputer. For instance, a keyboard or a mouse may be an input device for a computer, whilemonitors and printers are

considered output devices for a computer. Devices forcommunication between computers, suchas modems and network cards, typically serve for bothinput and output.



� Note that the designation of a device as eitherinput or output depends on the perspective.Mouse and keyboards take as input physicalmovement that the human user outputs and

convert it into signals that a computer can understand. The output from these devices is inputfor the computer. Similarly, printers and monitorstake as input signals that a computer outputs. Theythen convert these signals into representations that

human users can see or read. For a human user theprocess of reading or seeing these representationsis receiving input. These interactions between computers and humans is studied in a fieldcalled human²computer interaction.



� In computer architecture, the combination ofthe CPU and main memory (i.e. memory that theCPU can read and write to directly, withindividual instructions) is considered the brain of a

computer, and from that point of view any transferof information from or to that combination, forexample to or from a disk drive, is considered I/O.The CPU and its supporting circuitryprovide memory-mapped I/O that is used in low-

level computer programming in theimplementation of device drivers. An I/Oalgorithm is one designed to exploit locality andperform efficiently when data reside on secondarystorage, such as a disk drive.



� Bit manipulation is the actof algorithmically manipulating bits or other piecesof data shorter than a word. Programming tasks that requirebit manipulation include low-level device control, errordetection and correction algorithms, data

compression, encryption algorithms, and optimization. Formost other tasks, modern programming languages allowthe programmer to work directly with abstractions insteadof bits that represent those abstractions. Source code thatdoes bit manipulation makes use of the bitwise operations:AND, OR, XOR, NOT, and bit shifts.

� Bit manipulation, in some cases, can obviate or reduce theneed to loop over a data structure and can give many-foldspeed ups, as bit manipulations are processed in parallel,but the code can become rather more difficult to write andmaintain.



� Integer values come in two flavors in C and C++,signed and unsigned. Unsigned values arerepresented by a format where each bit represents

a power of two, each position has a weight (1, 2, 4,8, 16, 32, etc..) and the value of the number isdetermined by adding the weights of each position whose bit is set to 1. A binary value of 0000 0010 isvalued at 2 since the weight of the second position

is 2 and no other bits are set to 1.� Signed values are more complicated because they

must also be able to represent negative numbers.There are many different ways to go about this,increasing the confusion. The more common ways

include one's complement, two's complement, andsign-magnitude. All of these methods use aparticular bit to mark the sign of the value, the sign is whether the value is positive or negative, 0 ispositive and 1 is negative. Each method goes aboutmarking the sign in different ways:



� One's complement - This method inverts all ofthe bits corresponding to the positive numberto create the negative number.

Ex. --- 1 - 00000001-1 ² 11111110

� Two's complement - This method performs aone's complement, but also adds one to the

resulting number.Ex. --- 1 - 00000001

-1 - 11111111

� Sign-magnitude - This method simply togglesthe sign bit.

Ex. --- 1 - 00000001

-1 - 10000001



� There are FOUR types of program controls:

� Jumps, branch, CALL, RETURN



� A branch is sequence of code in a computer program which isconditionally executed depending on whether the flow of controlis altered or not (at the branching point). The term can be used when referring to programs in high level languages as well as program written

in machine code or assembly language. Explicit branches in high-levelprogramming languages usually take the form of conditional statements ofvarious forms that encapsulates the branches of code that should beexecuted (or not) upon some condition; machine level instructions thatdefine corresponding branches of code are denoted jump instructions. Theprincipal function of a jump instruction can thus be compared tothe GOTOs needed to build control structures in older high levellanguages.

� Jump instructions typically have unconditional and conditional forms wherethe latter may be taken or not taken depending on some condition. Thetruthness of this condition is typically evaluated and temporarily storedby some previous instruction (not necessarily the one immediately before) and then used such as in jump if overflow-flag set. This temporaryinformation is often stored in a flag register but may also be locatedelsewhere. There are also machines (or particular instructions) where the

condition may be checked by the jump instruction itself, such as branch<label> i re ister X ne ative.



� When a branch is taken, the next instruction executedis defined by the argument to the jump instruction; when not taken, the next instruction executed is the

instruction immediately following the jumpinstruction in memory so that the flow of control isunchanged.

�

Depending on computer architecture, the assemblylanguage mnemonic for a jump instruction istypically some shortened form of the word jump orthe word branch, often along with other informative

letters (or an extra parameter) representing thecondition. Sometimes other details are included aswell, such as the range of the jump (the offset size) ora special addressing mode that should be used to

locate the actual effective offset.



� A call is a stack data structure that stores information aboutthe active subroutines of a computer program. This kind ofstack is also known as an execution stack, control stack, run-time stack, or machine stack, and is often shortened to just

"the stack". Although maintenance of the call stack isimportant for the proper functioning of most software, thedetails are normally hidden and automatic in high-levelprogramming languages.

� A call stack is used for several related purposes, but the main reason for having one is to keep track of the point to whicheach active subroutine should return control when it finishesexecuting. An active subroutine is one that has been called butis yet to complete execution after which control should behanded back to the point of call. Such activations ofsubroutines may be nested to any level (recursive as a special

case), hence the stack structure. If, for example, asubroutine DrawSquare calls a subroutine DrawLine fromfour different places, DrawLine must know where to return when its execution completes. To accomplish this,the address following the call instruction, the return address, ispushed onto the call stack with each call.



� Return is a computer security exploit technique in which the attacker leverages control of the callstack to indirectly execute cherry-picked machine

instructions or groups of machine instructionsimmediately prior to the return instruction in subroutines within the existingprogram code, in a way similar to the execution of

a threaded code in

terpreter.� Because all the instructions that are executed are

from executable memory areas within the originalprogram, this avoids the need for direct codein jection, and circumvents most measures that try toprevent the execution of instructions from user-controlled memory.

� Often the executed code itself consists only of 2 or3 assembler instructions that can already perform a

well-defined attack operation.

Documents

Presentation 159 Saufi n Yb