danial27@castor:~$ ./task3 foobar 10
i am foobar!
----------------------------------------------------------------------------------
danial27@castor:~$ objdump -d task3
task3: file format elf64-littleaarch64
Disassembly of section .text:
0000000000400078 <.text>:
400078: f940031d ldr x29, [x24] // load x29 with 2nd arg stored in x24
40007c: d65f03c0 ret // return from caller of JUMP10
400080: aa1803e0 mov x0, x24 // JUMP19/JUMP21: move exit code 0 in x24 into x0(exit code reg syscall)
400084: d2800ba8 mov x8, #0x5d // #93 // move exit syscall 93(0x5d) into x8(syscall register)
400088: d4000001 svc #0x0 // exit syscall using x0,x8
40008c: 6465656e .inst 0x6465656e ; undefined
400090: 61786520 .inst 0x61786520 ; undefined
400094: 796c7463 ldrh w3, [x3, #5690]
400098: 6f777420 uqshl v0.2d, v1.2d, #55
40009c: 67726120 .inst 0x67726120 ; undefined
4000a0: 6e656d75 umin v21.8h, v11.8h, v5.8h
4000a4: 000a7374 .inst 0x000a7374 ; undefined
4000a8: 00000a21 .inst 0x00000a21 ; undefined
4000ac: d503201f nop
4000b0: a9bd07e0 stp x0, x1, [sp, #-48]! // JUMP12/JUMP16/JUMP17/JUMP20/JUMP22: store pair of registers into sp shifted 6 bytes below stack
4000b4: a90123e2 stp x2, x8, [sp, #16] // store pair of registers 2 bytes above expanded sp
4000b8: f90017fe str x30, [sp, #40] // store x30/lr into address 5 bytes above sp (0x400148)
4000bc: aa1803e1 mov x1, x24 // move address stored in x24 (0x4001b4) into x1 (syscall address of text arg)
4000c0: 94000009 bl 0x4000e4 // branch with link to 0x4000e4 - JUMP13
4000c4: aa1d03e2 mov x2, x29 // move length of prefix string (5 if correct) into x2 (syscall length arg)
4000c8: d2800020 mov x0, #0x1 // #1 // move 1 into register x0 (syscall output type arg)
4000cc: d2800808 mov x8, #0x40 // #64 // move 64(x40) syscall write into x8(syscall register)
4000d0: d4000001 svc #0x0 // write syscall using args x0,x1,x2,x8
4000d4: f94017fe ldr x30, [sp, #40] // load x30/lr from address 5 bytes above sp (0x400148)
4000d8: a94123e2 ldp x2, x8, [sp, #16] // load pair of registers stored 2 bytes above expanded sp
4000dc: a8c307e0 ldp x0, x1, [sp], #48 // load pair of registers stored at stack and then restore back
4000e0: d65f03c0 ret // return from caller of JUMP12/JUMP16/JUMP20, JUMP17->JUMP18, JUMP22->JUMP21
4000e4: 9280001d mov x29, #0xffffffffffffffff // #-1 // JUMP13: move -1 into register x29
4000e8: 910007bd add x29, x29, #0x1 // JUMP14: increment x29 by 1
4000ec: 38401719 ldrb w25, [x24], #1 // load register byte from x24 one at a time
4000f0: 35ffffd9 cbnz w25, 0x4000e8 // check and branch to JUMP14 if register byte not zero
4000f4: d65f03c0 ret // return to caller of JUMP13
4000f8: a9bf63fe stp x30, x24, [sp, #-16]! //person // JUMP7: store new sp(x24) and lr(x30) 2 bytes below stack pointer
4000fc: f900031a str x26, [x24] //x24 // store 2nd arg from x26 into address stored in x24
400100: 91002318 add x24, x24, #0x8 // add 8(0x8) to address value stored in reg x24
400104: 94000014 bl 0x400154 // branch with link to 0x400154 - JUMP8
400108: a8c163fe ldp x30, x24, [sp], #16 // load pointers back from 2 bytes below stack
40010c: 10000739 adr x25, 0x4001f0 // store pc-relative address of 0x4001f0 in x25
400110: f9000b19 str x25, [x24, #16] //x24+2 // store pc-relative address into 2 byte shifted reg x24 (overwrites 0x4001c0)
400114: d65f03c0 ret // return to caller of JUMP7
400118: a9bf63fe stp x30, x24, [sp, #-16]! // JUMP9: store new sp and lr(x30) 2 bytes below stack pointer
40011c: f9400b19 ldr x25, [x24, #16] // load x25 with address stored in shifted x24 (0x4001f0)
400120: f9400739 ldr x25, [x25, #8] // load x25 with address stored in byte-shifted x25 (0x400078)
400124: d63f0320 blr x25 // branch with link to address in x25 - 0x400078 - JUMP10
400128: f10007bf cmp x29, #0x1 // compare 2nd arg with 1 (x29 - 1)
40012c: 54000088 b.hi 0x40013c // b.pmore // branch to 0x40013c if unsigned higher - JUMP11
400130: f84107fe ldr x30, [sp], #16 // store original link address back into x30/lr
400134: 100004b8 adr x24, 0x4001c8 // store address of (goo goo) text into x24
400138: 17ffffde b 0x4000b0 // branch to 0x4000b0 - JUMP22 (print goo goo)
40013c: f94003fe ldr x30, [sp] // JUMP11: store stack pointer into x30/lr (0x4001a8)
400140: 100003b8 adr x24, 0x4001b4 // store pc-relative address of 0x4001b4 into reg x24
400144: 97ffffdb bl 0x4000b0 // branch with link to 0x4000b0 - JUMP12 (print I am )
400148: a8c163fe ldp x30, x24, [sp], #16 // load pair of sp and lr and restore stack pointer (x30=0x4001a8, sp=0xff440)
40014c: 91002318 add x24, x24, #0x8 // add 8(0x8) to address stored in reg x24 (0xff440->0xff448)
400150: 14000022 b 0x4001d8 // branch to address 0x4001d8 - JUMP15
400154: f9000319 str x25, [x24] //named //x24+1 // JUMP8: store 1st arg from x25 into address stored in x24 (1 byte above 2nd arg)
400158: 10000359 adr x25, 0x4001c0 // store pc-relative address of 0x4001c0 in x25
40015c: f9000719 str x25, [x24, #8] //x24+2 // store pc-relative address into address stored in shifted x24 (1 byte above 1st arg)
400160: d65f03c0 ret // return to caller of JUMP8
400164: f94003f8 ldr x24, [sp] // _start: load number of args provided (stored in stack)
400168: f1000f1f cmp x24, #0x3 // compare args to ensure there are 3 args (command plus to actual args)
40016c: 54000080 b.eq 0x40017c // b.none // if true, jump to 0x40017c - JUMP1
400170: 10fff8f8 adr x24, 0x40008c // else store address of (ERROR) text into x24
400174: 97ffffcf bl 0x4000b0 // branch with link to 0x4000b0 - JUMP20 (print ERROR)
400178: 17ffffc2 b 0x400080 // branch to 0x400080 - JUMP21
40017c: f9400ff8 ldr x24, [sp, #24] // JUMP1: load from stack shifted 3 bytes (sp -> command --> 1st arg --> 2nd arg)
400180: 94000020 bl 0x400200 // branch with link to 0x400200 - JUMP2
400184: d10083ff sub sp, sp, #0x20 // allocate space on stack 4 bytes (32 bits (0x20)) on stack
400188: 910003f8 mov x24, sp // move new stack pointer onto x24
40018c: f9401bf9 ldr x25, [sp, #48] // load x25 with stack pointer shifted 6 bytes (sp -> new alloc -> ... -> 1st arg)
400190: aa1d03fa mov x26, x29 // move 2nd arg from reg x29 to reg x26
400194: 97ffffd9 bl 0x4000f8 // branch with link to 0x4000f8 - JUMP7
400198: 910003f8 mov x24, sp // move original stack pointer onto x24
40019c: f9400b19 ldr x25, [x24, #16] // load x25 with pc-relative address from instr 0x4001f0 ignored?
4001a0: f9400339 ldr x25, [x25] // load x25 with value in x25? but stored 0x400118
4001a4: d63f0320 blr x25 // branch with link to subroutine at 0x400118 - JUMP9
4001a8: 910083ff add sp, sp, #0x20 // JUMP18: restore 4 bytes from stack pointer
4001ac: d2800018 mov x24, #0x0 // #0 // move 0 back into x24
4001b0: 17ffffb4 b 0x400080 // branch to 0x400080 - JUMP19
4001b4: 6d612069 ldp d9, d8, [x3, #-496]
4001b8: 00000020 .inst 0x00000020 ; undefined
4001bc: d503201f nop
4001c0: 004001d8 .inst 0x004001d8 ; undefined
4001c4: 00000000 .inst 0x00000000 ; undefined
4001c8: 206f6f67 .inst 0x206f6f67 ; undefined
4001cc: 0a6f6f67 bic w7, w27, w15, lsr #27
4001d0: 00000000 .inst 0x00000000 ; undefined
4001d4: d503201f nop
4001d8: f81f0ffe str x30, [sp, #-16]! // JUMP15: store x30/lr and expand sp by 2 bytes
4001dc: f9400318 ldr x24, [x24] // load arg 1 into x24 (already loaded?)
4001e0: 97ffffb4 bl 0x4000b0 // branch with link to 0x4000b0 - JUMP16 (print arg 1)
4001e4: f84107fe ldr x30, [sp], #16 // load x30/lr and restore sp
4001e8: 10fff618 adr x24, 0x4000a8 // store pc-relative address of 0x4000a8 back into x24
4001ec: 17ffffb1 b 0x4000b0 // branch to 0x4000b0 - JUMP17 (print !)
4001f0: 00400118 .inst 0x00400118 ; undefined
4001f4: 00000000 .inst 0x00000000 ; undefined
4001f8: 00400078 .inst 0x00400078 ; undefined
4001fc: 00000000 .inst 0x00000000 ; undefined
400200: d280001d mov x29, #0x0 // #0 // JUMP2: move number 0 into reg x29
400204: d280015a mov x26, #0xa // #10 // move number 10(0xa) into reg x26
400208: 38401719 ldrb w25, [x24], #1 // JUMP6: load register byte (individual char) from x24 (2nd arg) into w25
40020c: 340000f9 cbz w25, 0x400228 // check byte zero-terminated and branch to 0x400228 if so - JUMP3
400210: 7100c339 subs w25, w25, #0x30 // subtract 48(0x30) from register byte
400214: 540000a4 b.mi 0x400228 // b.first // branch if w25 negative(char below 0) - JUMP4
400218: 71002b3f cmp w25, #0xa // compare by doing w25 subtract 10(0xa)
40021c: 54000065 b.pl 0x400228 // b.nfrst // branch if above diff is positive(char above 9) - JUMP5
400220: 9b1a67bd madd x29, x29, x26, x25 // multiply x29 by 10 then add loaded register byte x25 (form original number again)
400224: 17fffff9 b 0x400208 // loop branch back to 0x400208 - JUMP6
400228: d65f03c0 ret // JUMP3/JUMP4/JUMP5: return to caller of JUMP2
----------------------------------------------------------------------------------
danial27@castor:~$ xxd task3
00000000: 7f45 4c46 0201 0100 0000 0000 0000 0000 .ELF............
00000010: 0200 b700 0100 0000 6401 4000 0000 0000 ........d.@.....
00000020: 4000 0000 0000 0000 4002 0000 0000 0000 @.......@.......
00000030: 0000 0000 4000 3800 0100 4000 0300 0200 ....@.8...@.....
00000040: 0100 0000 0500 0000 0000 0000 0000 0000 ................
00000050: 0000 4000 0000 0000 0000 4000 0000 0000 ..@.......@.....
00000060: 2c02 0000 0000 0000 2c02 0000 0000 0000 ,.......,.......
00000070: 0000 0100 0000 0000 1d03 40f9 c003 5fd6 ..........@..._.
00000080: e003 18aa a80b 80d2 0100 00d4 6e65 6564 ............need
00000090: 2065 7861 6374 6c79 2074 776f 2061 7267 exactly two arg
000000a0: 756d 656e 7473 0a00 210a 0000 1f20 03d5 uments..!.... ..
000000b0: e007 bda9 e223 01a9 fe17 00f9 e103 18aa .....#..........
000000c0: 0900 0094 e203 1daa 2000 80d2 0808 80d2 ........ .......
000000d0: 0100 00d4 fe17 40f9 e223 41a9 e007 c3a8 ......@..#A.....
000000e0: c003 5fd6 1d00 8092 bd07 0091 1917 4038 .._...........@8
000000f0: d9ff ff35 c003 5fd6 fe63 bfa9 1a03 00f9 ...5.._..c......
00000100: 1823 0091 1400 0094 fe63 c1a8 3907 0010 .#.......c..9...
00000110: 190b 00f9 c003 5fd6 fe63 bfa9 190b 40f9 ......_..c....@.
00000120: 3907 40f9 2003 3fd6 bf07 00f1 8800 0054 9.@. .?........T
00000130: fe07 41f8 b804 0010 deff ff17 fe03 40f9 ..A...........@.
00000140: b803 0010 dbff ff97 fe63 c1a8 1823 0091 .........c...#..
00000150: 2200 0014 1903 00f9 5903 0010 1907 00f9 ".......Y.......
00000160: c003 5fd6 f803 40f9 1f0f 00f1 8000 0054 .._...@........T
00000170: f8f8 ff10 cfff ff97 c2ff ff17 f80f 40f9 ..............@.
00000180: 2000 0094 ff83 00d1 f803 0091 f91b 40f9 .............@.
00000190: fa03 1daa d9ff ff97 f803 0091 190b 40f9 ..............@.
000001a0: 3903 40f9 2003 3fd6 ff83 0091 1800 80d2 9.@. .?.........
000001b0: b4ff ff17 6920 616d 2000 0000 1f20 03d5 ....i am .... ..
000001c0: d801 4000 0000 0000 676f 6f20 676f 6f0a ..@.....goo goo.
000001d0: 0000 0000 1f20 03d5 fe0f 1ff8 1803 40f9 ..... ........@.
000001e0: b4ff ff97 fe07 41f8 18f6 ff10 b1ff ff17 ......A.........
000001f0: 1801 4000 0000 0000 7800 4000 0000 0000 ..@.....x.@.....
00000200: 1d00 80d2 5a01 80d2 1917 4038 f900 0034 ....Z.....@8...4
00000210: 39c3 0071 a400 0054 3f2b 0071 6500 0054 9..q...T?+.qe..T
00000220: bd67 1a9b f9ff ff17 c003 5fd6 002e 7368 .g........_...sh
00000230: 7374 7274 6162 002e 7465 7874 0000 0000 strtab..text....
00000240: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000250: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000260: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000270: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000280: 0b00 0000 0100 0000 0600 0000 0000 0000 ................
00000290: 7800 4000 0000 0000 7800 0000 0000 0000 x.@.....x.......
000002a0: b401 0000 0000 0000 0000 0000 0000 0000 ................
000002b0: 0800 0000 0000 0000 0000 0000 0000 0000 ................
000002c0: 0100 0000 0300 0000 0000 0000 0000 0000 ................
000002d0: 0000 0000 0000 0000 2c02 0000 0000 0000 ........,.......
000002e0: 1100 0000 0000 0000 0000 0000 0000 0000 ................
000002f0: 0100 0000 0000 0000 0000 0000 0000 0000 ................
----------------------------------------------------------------------------------
danial27@castor:~$ readelf --sections task3
There are 3 section headers, starting at offset 0x240:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .text PROGBITS 0000000000400078 00000078
00000000000001b4 0000000000000000 AX 0 0 8
[ 2] .shstrtab STRTAB 0000000000000000 0000022c
0000000000000011 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
L (link order), O (extra OS processing required), G (group), T (TLS),
C (compressed), x (unknown), o (OS specific), E (exclude),
p (processor specific)
0x400078-