Date: 2019-06-27 18:32:24.000000000 +09:00 Categories:

  • assembly

tags:

  • assembly

This post was originally posted on my blog

The types of assembly languages

  • 8086 assembly (16 bit)
  • X86 assembly (32 bit)
  • X64 assembly (64 – bit)
  • ARM Assembler (embedded, mobile) p……

X86 and X64 assembler are written in two formats, depending on the compiler

  • Intel: Windows faction
  • AT&T: Unix faction

As an iOS developer, the main assembly language is

  • AT&T Assembly -> iOS emulator
  • ARM assembler -> iOS real device

Common assembly instructions

project AT&T Intel instructions
Register naming %rax rax
Operand order movq %rax, %rdx mov rdx, rax Assign the value of RAx to RDX
Constant \ immediate number movq $0x10, %rax mov rax, 0x10 Assign 0x10 to RAx
Memory assignment movq $0xa, 0x1ff7(%rip) mov qword ptr [rip+0x1ff7], 0xa Assign 0xA to the memory space with address rip + 0x1ff7
Fetch memory address leaq -0x18(%rbp), %rax Lea Rax, [RBP — 0x18] Assign the address value RBP — 0x18 to RAX
JMP instruction jmp *%rdx jmp rdx Call is written similarly to JMP
Operand length leaw 0x10(%dx), %ax lea ax, [dx + 0x10]

Description of operand length

  • b = byte (8-bit)
  • s = short (16-bit integer or 32-bit floating point)
  • w = word (16-bit)
  • l = long (32-bit integer or 64-bit floating point)
  • q = quad (64 bit) t = ten bytes (80-bit floating point)

register

There are 16 common registers

  • Rax, RBX, RCX, RDX, RSI, RDI, RBP, RSP
  • R9, R10, R11, R12, R13, R14, R15

The specific purpose of a register

  • Rax is often used as a function return value
  • Registers such as RDI, RSI, RDX, RCX, R8 and R9 are often used to store function parameters
  • RSP, RBP are used for stack operations
  • Rip as instruction pointer
    • Stores the address of the next instruction to be executed by the CPU
    • Once the CPU reads an instruction, RIP automatically points to the next instruction (the address where the next instruction is stored)

Common LLDB commands

  • Reads the value of a register
    • The register read/format
    • register read/x
  • Modifies the value of a register
    • Register Write Register name Value
    • register write rax 0
  • Read values in memory
    • X/Quantity – Format – Byte size Memory address
    • x/3xw 0x0000010
  • Modify the value in memory
    • Memory Write Memory address value
    • memory write 0x0000010 10
  • format
    • X is hexadecimal, f is floating point, and D is decimal
  • Byte size
    • B – byte 1 byte
    • H — half word 2 bytes
    • W-word 4 bytes
    • G – Giant word 8 bytes
  • Expression expression
    • Can be abbreviated :expr expression
    • expression $rax
    • expression $rax = 1
  • Po expression
  • Print expression
    • po/x $rax
    • po (int)$rax

Common LLDB commands

  • Thread step-over, next, n
    • Step through the lines, treating the child functions as a whole (source level)
  • Thread step-in, step, and S
    • Step through the line and enter the subfunction when it encounters it (source level)
  • Thread step-inst-over, Nexti, ni
    • Step through a single line, treating a child function as a whole (assembly level)
  • Thread step-inst, STEPI, and SI
    • Step through a line and enter a subfunction when it encounters one (assembly level)
  • Thread step – out and finish
    • Execute all lines of the current function and return to the previous function (breakpoint will be blocked)

regular

  • Memory address format :0x4bdc(%rip), generally is a global variable, global area (data segment)
  • Memory address format :-0x78(% RBP), generally local variables, stack space
  • The memory address format is 0x10(%rax) and is generally heap space

References:

From beginner to proficient in Swift programming

For more information, please pay attention to the personal public number