Machine code

Source: Wikipedia, the free encyclopedia.
For code that is completely internal to some CPUs and normally inaccessible to programmers, see Microcode.

Program execution
General concepts
Types of code
Compilation strategies
Notable runtimes
Notable compilers & toolchains
W65C816S single-board computer, displaying code disassembly
, as well as processor register and memory dumps

In

computer code consisting of machine language instructions, which are used to control a computer's central processing unit (CPU). Although decimal computers were once common, the contemporary marketplace is dominated by binary computers; for those computers, machine code is "the binary representation of a computer program which is actually read and interpreted by the computer. A program in machine code consists of a sequence of machine instructions (possibly interspersed with data)."[1]

Each instruction causes the CPU to perform a very specific task, such as a load, a store, a

jump, or an arithmetic logic unit (ALU) operation on one or more units of data in the CPU's registers or memory
.

Early CPUs had specific machine code that might break backward compatibility with each new CPU released. The notion of an instruction set architecture (ISA) defines and specifies the behavior and encoding in memory of the instruction set of the system, without specifying its exact implementation. This acts as an abstraction layer, enabling compatibility within the same family of CPUs, so that machine code written or generated according to the ISA for the family will run on all CPUs in the family, including future CPUs.

In general, each architecture family (e.g. x86, ARM) has its own ISA, and hence its own specific machine code language. There are exceptions, such as the VAX architecture, which included optional support of the PDP-11 instruction set and IA-64, which included optional support of the IA-32 instruction set. Another example is the PowerPC 615, a processor designed to natively process both PowerPC and x86 instructions.

Machine code is a strictly numerical language, and is the lowest-level interface to the CPU intended for a programmer.

disassembly
.

The majority of practical programs today are written in higher-level languages. Those programs are either translated into machine code by a compiler, or are interpreted by an interpreter, usually after being translated into an intermediate code, such as a bytecode, that is then interpreted.[nb 1]

Machine code is by definition the lowest level of programming detail visible to the programmer, but internally many processors use microcode or optimize and transform machine code instructions into sequences of micro-ops. Microcode and micro-ops are not generally considered to be machine code; except on some machines, the user cannot write microcode or micro-ops, and the operation of microcode and the transformation of machine-code instructions into micro-ops happens transparently to the programmer except for performance related side effects.

Instruction set

Main article:
Instruction set

Every processor or processor family has its own

instruction set. Instructions are patterns of bits, digits, or characters that correspond to machine commands. Thus, the instruction set is specific to a class of processors using (mostly) the same architecture. Successor or derivative processor designs often include instructions of a predecessor and may add new additional instructions. Occasionally, a successor design will discontinue or alter the meaning of some instruction code (typically because it is needed for new purposes), affecting code compatibility to some extent; even compatible processors may show slightly different behavior for some instructions, but this is rarely a problem. Systems may also differ in other details, such as memory arrangement, operating systems, or peripheral devices
. Because a program normally relies on such factors, different systems will typically not run the same machine code, even when the same type of processor is used.

A processor's instruction set may have fixed-length or variable-length instructions. How the patterns are organized varies with the particular architecture and type of instruction. Most instructions have one or more opcode fields that specify the basic instruction type (such as arithmetic, logical, jump, etc.), the operation (such as add or compare), and other fields that may give the type of the operand(s), the addressing mode(s), the addressing offset(s) or index, or the operand value itself (such constant operands contained in an instruction are called immediate).[2]

Not all machines or individual instructions have explicit operands. On a machine with a single

constant propagation, constant folding
of registers (a register assigned the result of a constant expression freed up by replacing it by that constant) and other code enhancements.

Programs

A

Intel Pentium
from 1993 can execute at most two instructions per clock cycle when its pipeline is full.

conditional jumps
occur is dependent upon a condition such as a value being greater than, less than, or equal to another value.

Assembly languages

Main article: Assembly language

A much more human friendly rendition of machine language, called

general-purpose register, would be represented in assembly language as DEC B.[4]

Example

The MIPS architecture provides a specific example for a machine code whose instructions are always 32 bits long.[5]: 299  The general type of instruction is given by the op (operation) field, the highest 6 bits. J-type (jump) and I-type (immediate) instructions are fully specified by op. R-type (register) instructions include an additional field funct to determine the exact operation. The fields used in these types are: 

   6      5     5     5     5      6 bits
[  op  |  rs |  rt |  rd |shamt| funct]  R-type
[  op  |  rs |  rt | address/immediate]  I-type
[  op  |        target address        ]  J-type

rs, rt, and rd indicate register operands; shamt gives a shift amount; and the address or immediate fields contain an operand directly.[5]: 299–301 

For example, adding the registers 1 and 2 and placing the result in register 6 is encoded:[5]: 554  

[  op  |  rs |  rt |  rd |shamt| funct]
    0     1     2     6     0     32     decimal
 000000 00001 00010 00110 00000 100000   binary

Load a value into register 8, taken from the memory cell 68 cells after the location listed in register 3:[5]: 552  

[  op  |  rs |  rt | address/immediate]
   35     3     8           68           decimal
 100011 00011 01000 00000 00001 000100   binary

Jumping to the address 1024:[5]: 552  

[  op  |        target address        ]
    2                 1024               decimal
 000010 00000 00000 00000 10000 000000   binary

Overlapping instructions

On processor architectures with

variable-length instruction sets[6] (such as Intel's x86 processor family) it is, within the limits of the control-flow resynchronizing phenomenon known as the Kruskal count,[7][6][8][9][10] sometimes possible through opcode-level programming to deliberately arrange the resulting code so that two code paths share a common fragment of opcode sequences.[nb 2] These are called overlapping instructions, overlapping opcodes, overlapping code, overlapped code, instruction scission, or jump into the middle of an instruction, and represent a form of superposition.[11][12][13]

In the 1970s and 1980s, overlapping instructions were sometimes used to preserve memory space. One example were in the implementation of error tables in

boot loaders which have to fit into boot sectors.[nb 3]

It is also sometimes used as a

disassembly and tampering.[6][9]

The principle is also utilized in shared code sequences of

fat binaries which must run on multiple instruction-set-incompatible processor platforms.[nb 2]

This property is also used to find

gadgets in existing code repositories and is utilized in return-oriented programming as alternative to code injection for exploits such as return-to-libc attacks.[15][6]

Relationship to microcode

In some computers, the machine code of the

System/360
family of computers and their successors. With dataflow path widths of 8 bits to 64 bits and beyond, they nevertheless present a common architecture at the machine language level across the entire line.

Using microcode to implement an emulator enables the computer to present the architecture of an entirely different computer. The System/360 line used this to allow porting programs from earlier IBM machines to the new family of computers, e.g. an IBM 1401/1440/1460 emulator on the IBM S/360 model 40.

Relationship to bytecode

Machine code is generally different from bytecode (also known as p-code), which is either executed by an interpreter or itself compiled into machine code for faster (direct) execution. An exception is when a processor is designed to use a particular bytecode directly as its machine code, such as is the case with Java processors.

Machine code and assembly code are sometimes called native code when referring to platform-dependent parts of language features or libraries.[16]

Storing in memory

From the point of view of the CPU, machine code is stored in RAM, but is typically also kept in a set of caches for performance reasons. There may be different caches for instructions and data, depending on the architecture.

The CPU knows what machine code to execute, based on its internal program counter. The program counter points to a memory address and is changed based on special instructions which may cause programmatic branches. The program counter is typically set to a hard coded value when the CPU is first powered on, and will hence execute whatever machine code happens to be at this address.

Similarly, the program counter can be set to execute whatever machine code is at some arbitrary address, even if this is not valid machine code. This will typically trigger an architecture specific protection fault.

The CPU is oftentimes told, by page permissions in a paging based system, if the current page actually holds machine code by an execute bit — pages have multiple such permission bits (readable, writable, etc.) for various housekeeping functionality. E.g. on

data as machine code
, or finding new ways to use existing machine code, by various techniques, is the basis of some security vulnerabilities.

Similarly, in a segment based system, segment descriptors can indicate whether a segment can contain executable code and in what rings that code can run.

From the point of view of a

context switching
considerably as compared to process switching.

Readability by humans

Pamela Samuelson wrote that machine code is so unreadable that the United States Copyright Office cannot identify whether a particular encoded program is an original work of authorship;[17] however, the US Copyright Office does allow for copyright registration of computer programs[18] and a program's machine code can sometimes be decompiled in order to make its functioning more easily understandable to humans.[19] However, the output of a decompiler or disassembler will be missing the comments and symbolic references, so while the output may be easier to read than the object code, it will still be more difficult than the original source code. This problem does not exist for object-code formats like SQUOZE, where the source code is included in the file.

Cognitive science professor Douglas Hofstadter has compared machine code to genetic code, saying that "Looking at a program written in machine language is vaguely comparable to looking at a DNA molecule atom by atom."[20]

See also

Look up machine code in Wiktionary, the free dictionary.

Notes

  1. Perl, Python, Ruby and other special purpose or scripting languages
    .
  2. ^
    fat binaries
    .
  3. folding
    techniques to still fit everything into a physical sector of only 512 bytes without giving up any of their extended functionality.

References

  1. ISBN 9789332570405
    .
  2. ^ Kjell, Bradley. "Immediate Operand".
  3. ISBN 0-262-54178-5
    . Retrieved 2023-03-05.
  4. ISBN 0-89588-094-6
    . Retrieved 2023-03-05.
  5. ^
    ISBN 978-0-12-370497-9
    . Retrieved 2023-03-05.
  6. ^
    S2CID 14174680. Archived
    (PDF) from the original on 2018-09-04. Retrieved 2021-12-25. (12 pages)
  7. ISBN 978-3-540-79127-0
    . (22 pages)
  8. S2CID 4634611. LNCS 8550. Archived
    (PDF) from the original on 2023-08-26. Retrieved 2023-08-26. (10 pages)
  9. ^ a b Jakubowski, Mariusz H. (February 2016). "Graph Based Model for Software Tamper Protection". Microsoft. Archived from the original on 2019-10-31. Retrieved 2023-08-19.
  10. ISSN 1654-790X. Archived
    (PDF) from the original on 2023-08-26. Retrieved 2023-08-26. (1+xvii+1+152 pages)
  11. ^ a b "Unintended Instructions on x86". Hacker News. 2021. Archived from the original on 2021-12-25. Retrieved 2021-12-24.
  12. ^ Kinder, Johannes (2010-09-24). Static Analysis of x86 Executables [Statische Analyse von Programmen in x86 Maschinensprache] (PDF) (Dissertation). Munich, Germany: Technische Universität Darmstadt. D17. Archived from the original on 2020-11-12. Retrieved 2021-12-25. (199 pages)
  13. ^ "What is "overlapping instructions" obfuscation?". Reverse Engineering Stack Exchange. 2013-04-07. Archived from the original on 2021-12-25. Retrieved 2021-12-25.
  14. Gates, William "Bill" Henry, Personal communication (NB. According to Jacob et al
    .)
  15. ACM Press. Archived
    (PDF) from the original on 2021-12-15. Retrieved 2021-12-24.
  16. ^ "Managed, Unmanaged, Native: What Kind of Code Is This?". developer.com. 2003-04-28. Retrieved 2008-09-02.
  17. PMID 10268940
    .
  18. US Copyright Office
    . August 2008. Retrieved 2014-02-23.
  19. ^ "What is decompile? - Definition from WhatIs.com". WhatIs.com. Retrieved 2016-12-26.
  20. Hofstadter, Douglas R.
    (1980). Gödel, Escher, Bach: An Eternal Golden Braid. p. 290.

Further reading

Retrieved from "https://en.wikipedia.org/w/index.php?title=Machine_code&oldid=1205582567"