Chapter 4 Quiz: Memory
18 questions covering virtual memory, segments, alignment, the stack, and NASM data declarations.
Multiple Choice
1. On a current x86-64 processor, virtual addresses are actually how many bits wide (not the theoretical 64)?
A) 32 bits B) 40 bits C) 48 bits D) 64 bits (all bits are used)
2. A process's .bss section stores:
A) Compiled machine code instructions B) Read-only string literals and constants C) Global and static variables that are initialized to non-zero values D) Global and static variables that are zero-initialized; the section occupies no space in the ELF file
3. The stack grows in which direction on x86-64?
A) Toward higher addresses B) Toward lower addresses C) It depends on the OS configuration D) Both directions — there is an upper and lower stack
4. After push rax, RSP has:
A) Increased by 8 B) Decreased by 8 C) Remained the same D) Increased by 4 (because x86-64 uses 32-bit push internally)
5. Which of the following NASM directives reserves 100 bytes of zero-initialized space in the .bss section?
A) db times 100 0
B) resb 100
C) times 100 db 0
D) reserve 100
6. The value 0x01020304 is stored in memory at address 0x1000 on a little-endian x86-64 machine. What byte is at address 0x1001?
A) 0x01
B) 0x02
C) 0x03
D) 0x04
7. An XMM register (SSE) requires what alignment for many SSE instructions (like MOVAPS)?
A) 4 bytes B) 8 bytes C) 16 bytes D) 32 bytes
8. The LEA instruction:
A) Loads a value from memory into a register
B) Computes an address and stores it in a register, WITHOUT accessing memory
C) Links the effective address to a specific memory location
D) Is identical to MOV reg, [address]
9. What does `$ - $$` evaluate to in a NASM expression? A) The address of the current instruction minus the address of the start of the file B) The current position minus the start of the current section (bytes from section start) C) The size of the previous declaration D) Always zero ($ == $$)
10. The System V AMD64 ABI requires RSP to be aligned to a multiple of 16 bytes:
A) At the start of every function (after the CALL has pushed the return address) B) Immediately before a CALL instruction C) At all times during function execution D) Only when calling functions that use SSE instructions
11. In /proc/self/maps, a region with permissions r-xp contains:
A) Read-write data (the heap or stack) B) Read-only data (string literals) C) Executable code D) Kernel-private data
12. The canonical address requirement on x86-64 means:
A) All code must be in the lower half of the address space B) Bits 63:48 of any address must all equal bit 47 (sign-extended from bit 47) C) All addresses must be aligned to page boundaries D) The kernel occupies addresses starting at 0, user space at the top
True/False
13. The .data and .bss sections both store initialized global variables in the ELF file.
True / False
14. A pointer in x86-64 assembly is simply a 64-bit integer that happens to contain a valid virtual address — the CPU has no separate pointer type distinct from an integer.
True / False
15. The NX (No-eXecute) bit in page table entries prevents code from being executed from the stack, preventing classic shellcode injection. This is visible in /proc/self/maps as the absence of the x permission on the [stack] region.
True / False
16. Writing to a memory address that is not mapped in the page table (or writing to a read-only page) causes a CPU exception. In user space, the OS converts this into a signal. The signal is:
A) SIGILL (illegal instruction) B) SIGFPE (floating point exception) C) SIGSEGV (segmentation violation) D) SIGABRT (abort)
Short Answer
17. Explain the difference between times 10 db 0 in .data and resb 10 in .bss. How do they differ in terms of ELF file size and runtime behavior? When would you choose each?
18. A programmer writes the following function that allocates a local buffer:
my_func:
push rbp
mov rbp, rsp
sub rsp, 100 ; 100-byte local buffer at [rbp-100]
; ... use buffer ...
leave
ret
There is a subtle bug related to alignment. Identify it, explain why it's a problem, and provide the corrected sub rsp value. Show your calculation.