tags:

views:

983

answers:

5
Q: 

How might I convert Intel 80386 Machine Code to Assembly Language?

I've been given the following task:

Consider the following sequence of hexadecimal values:

55 89 E5 83 EC 08 83 E4 F0 31 C9 BA 01 00 00 00 B8 0D 00 00 00 01 D1 01 CA 48 79 F9 31 C0 C9 C3

This sequence of bytes represents a subroutine in Intel 80386 machine language in 32-bit mode.

  • When the instructions in this subroutine are executed, they leave values in the registers %ecx and %edx. What are the values?

  • What is the program in C that carries out the computation done by this subroutine, then prints the values computed by this program of %ecx and %edx as they would appear at the end of the execution of the subroutine.

As I do not have the 80386 instruction set memorized, I must first convert these opcode bytes into their assembly-language mnemonic equivalents. So, is there an online reference somewhere, a table mapping hex values to instructions or the like? I checked out Intel's website, but could find nothing. Or is there a better way to go about deciphering this...?

A: 

You should use a disassembler to see what are the instructions. You can grab NDISASM from the NASM package. Store the bytes in a file and run:

ndisasm -b 32 file        # -b 32 specifies you're running in 32 bit mode
Mehrdad Afshari  2010-01-31 22:08:53
Correction, the OP should do his homework and figure out the assembly instructions!
 2010-01-31 22:43:52
Mehrdad, I don't have the assembly file, just the Opcodes in Hex.
Ray  2010-01-31 22:46:20
@Ray: Use a hex editor to enter hex values in a file. Google hex editor for one that suits your platform.
Mehrdad Afshari  2010-01-31 22:48:31
@roygbiv: grow up if you don't like the op asking homework questions then add it to your list of ignored tags. Personally, I welcome people trying to understand something even if the question originated in HW.
Evan Carroll  2010-02-01 01:08:08
@Evan Carroll - I think your comment is offensive and out-of-line. You mis-understand and mis-construe what has been said in this thread as the post with the disassembled bytes was removed (Thank you!). Telling me things like "grow up" is childish. I'm not against homework questions. Quite the contrary. I'm trying my best to help the OP *learn* without being voted off StackOverflow. In fact, I invite him to post back telling us where he is stuck at next so that we can help him. In an effort to encourage learning, blatant answers/help to homework questions should never be given.
 2010-02-01 02:40:27
@Evan, how does the OP using a disassembler for his/her assignment help them understand anything? The disassembler should be used for checking answers, that's it.
Polaris878  2010-02-01 04:01:00
How do you guys know it's homework? He might be trying to determine the results of a sequence of bytes from a... dare I say it? Stack overflow!
Arthur Kalliokoski  2010-02-01 04:09:55
@everyone here: as you can see, using the disassembler teaches two brand-new practical things to the op: hex editors and disassemblers on its own. so, its not all too bad to use a disassembler for this task ;-)
frunsi  2010-02-01 04:11:18
@akallio: check above comments, he doesn't know hex editors.. so no
frunsi  2010-02-01 04:11:58
Running the sequence of bytes through an online disassembler in 16, 32 and 64 bit modes didn't seem to make sense, since the stack pointer was and'ed with a constant, but wasn't restored before the 'leave ret' sequence.
Arthur Kalliokoski  2010-02-01 04:18:09
+8  A: 

While you could cheat and use a dissassembler (a disassembler would not be very much help in learning), I would recommend actually learning something by reading the relevant chapters in the Intel 80386 manual. Start with Chapter 17. If/when you get stuck, come back to StackOverflow and post a question stating exactly how far you've gotten and what you don't understand.

 2010-01-31 22:28:43
WTF?! Using a disassembler is cheating? Decoding x86 instructions is a horribly stupid homework. I think the point was understanding the instructions, not their encoding.
Mehrdad Afshari  2010-01-31 22:33:14
@Mehrdad - Yes it is cheating, if you are trying to understand machine opcodes/their encodings and translations to higher level languages (opcode -> assembly -> C). If the only point of the assignment was to understand the instructions then the professor should have started with assembly language *not* machine code. That's why I believe the intent of the assignment is to grasp a little bit of machine code which *is not that difficult.*
 2010-01-31 22:38:11
@roygbiv: If I wanted my students to learn instruction encoding for a particular architecture, I would have asked them to *write a disassembler*, not decode stuff by hand. I don't think any sane teacher will give such a homework for the purpose of instruction encoding. I assumed the purpose of the homework was to trace the instructions. By the way, I would have chosen something more elegant than x86 to teach them instruction encodings. The x86 instruction encoding is too complex to be suitable for learning.
Mehrdad Afshari  2010-01-31 22:43:38
@Mehdrad - Well you're not the OP's professor are you?
 2010-01-31 22:45:07
@roygbiv: No, I'm not. But I reserve the right to express my personal opinion and neutralize stupidity (in case what you think is the purpose of the homework, which I don't assume to be true) as much as I can.
Mehrdad Afshari  2010-01-31 22:48:07
@roygbiv, If you have this at the bottom of the assignement : Your professor knows that most of you don't know 80386 assembly and machine language. You will need to be resourceful...What would you do ???
Ray  2010-01-31 22:50:45
@Ray - How much do you want to learn? Do as you see fit.
 2010-01-31 22:55:52
@roaygbiv, I am asking for a hint or a reference I can use. I am not asking you to solve my problem. If you can not help don't bother to comment.Thanks Mehrdad.
Ray  2010-01-31 23:03:22
@Visible Spectrum, I would imagine someone is having a bad day ;)@Ray, that is a hint!
Bear  2010-01-31 23:05:25
@Ray - I *gave* you a link that would help you enormously. Did you bother to *read* it? I would say at least try to decode one or two instructions in an attempt to at least gain *something* more from the assignment than *yea, I posted on stackoverflow and they said download a disassembler, but I didn't even have to do that because they posted the disassembled bytes for me*.
 2010-01-31 23:07:22
@roygbiv: I wasn't the downvoter. Contrary to how it looks, I appreciate your concern and for the reason you mentioned I didn't post the disassembly. I don't think @Ray downvoted you either as he doesn't have enough rep to do so. It should have been a drive-by downvoter. Happens in SO sometimes.
Mehrdad Afshari  2010-01-31 23:10:01
A: 

I wouldn't use a disassembler, go through the instruction manual and figure out what each group of bits could mean. This will get you the corresponding assembly instruction. From there it shouldn't be too hard to get that into C. I agree with the other poster that it is messed up doing this assignment in x86. Something like SPARC or MIPS would be much easier (as these have fixed width instructions).

Polaris878  2010-02-01 03:58:49
A: 

There's a much simpler method than those suggested, and I suspect this is the one the teacher has in mind:

  1. Go to a command prompt
  2. run Debug
  3. command "e"
  4. enter the byte values
  5. command "u"
  6. read the results

Decoding opcodes from the chart is very, very tedious, and I'd be surprised if that was what was intended.

egrunin  2010-02-01 21:57:21
you are assuming a windows world.
GregS  2010-02-03 03:33:47
True. Is there an equivalent 'interactive assembler' tool in *nix?
egrunin  2010-02-03 19:05:52
A: 

Use objdump -d if you're using Unix.

 2010-02-04 10:21:40

related questions

MIPS Assembly Pointer to a Pointer?
Grub and getting into Real Mode (low level assembler question)
What can cause MASM to display "junk"?
Pseudo random generator, Assembler
How can I multiply two 64bit numbers using x86 assembly language?
what interrupt would you hook from DOS to get the real-time clock
Is learning Assembly Language worth the effort?
Prefetch instructions on ARM
What was the name of the Mac (68000) assembler?
What is the fastest way to convert float to int on x86
Comprehensive List of x86_64 Assembly Instructions
Assembly CPU frequency measuring algorithm
Is there a way to insert assembly code into C?
JIT code generation techniques
What is the meaning of "non temporal" memory accesses in x86
How do I get the assembler output from a C file in VS2005
Is GCC broken when taking the address of an argument on ARM7TDMI?
8086 Assembler Tutorial
Is it worth it to learn a dialect of assembly?
Assembler IDE/Simulator for beginner
What is the best way to learn Assembly? Specifically, for someone who has experience in dynamic languages.
Incrementing from 0 to 100 in assembly language.
Mixing 32 bit and 16 bit code with nasm
x86 Assembly on a mac...
Good x86 assembly book