Chapter 40 Exercises: Your Assembly Future
Inventory Exercises
Exercise 40.1 ⭐ — Knowledge inventory Complete this self-assessment honestly. For each topic, rate your confidence: 1 (need to review), 2 (understand concepts), 3 (can implement from scratch).
| Topic | Confidence (1-3) | One thing to review |
|---|---|---|
| x86-64 register conventions | ||
| ARM64 calling convention | ||
| SIMD intrinsics (SSE/AVX) | ||
| System call invocation | ||
| Stack buffer overflow mechanics | ||
| Stack canary assembly | ||
| ROP chain structure | ||
| MinOS boot sequence | ||
| GDB/Ghidra RE workflow | ||
| Performance counter interpretation |
After filling this in, choose the lowest-rated topic and spend one hour reviewing it.
Exercise 40.2 — What you can now read For each of the following, predict what it does, then verify by looking it up:
a) 64 48 8b 04 25 28 00 00 00 (9 bytes)
b) 0f 1f 40 00 (4 bytes, hint: this is useful for padding)
c) f3 0f 1e fa (4 bytes, on a CET-enabled CPU)
d) 48 8d 04 fd 00 00 00 00 (8 bytes, hint: LEA with a scaled index)
Career Planning Exercises
Exercise 40.3 — Career path alignment For each career path, identify which chapters of this book most directly apply:
| Career Path | Most Relevant Chapters | Next Learning Step |
|---|---|---|
| OS/kernel development | ||
| Security research | ||
| Compiler engineering | ||
| Embedded systems | ||
| Performance engineering | ||
| Hardware design |
Exercise 40.4 ⭐ — First project selection Choose ONE project from this list and write a one-paragraph project plan including: what you will build, what resources you will use, and what "done" looks like.
Projects: a) Extend MinOS with a FAT12 filesystem reader b) Write a Lisp-to-x86-64 compiler c) Complete a 5-challenge CTF pwn track on pwn.college d) Submit a Linux kernel driver patch e) Write a RISC-V emulator in C f) Implement a malloc() with a segregated free list
Exercise 40.5 — Timeline planning Choose your top project from Exercise 40.4. Create a realistic weekly plan:
- Week 1: What specifically will you learn/set up?
- Week 2: What specific component will you implement?
- Weeks 3-4: What will the working version demonstrate?
- Month 2: What does a polished version look like?
Technical Review Exercises
Exercise 40.6 ⭐ — Comprehensive ISA comparison Fill in this comparison table:
| Feature | x86-64 | ARM64 | RISC-V |
|---|---|---|---|
| Integer registers | 16 GPR | ? | ? |
| Calling conv: first 4 int args | RDI, RSI, RDX, RCX | ? | ? |
| Return value register | RAX | ? | ? |
| Syscall instruction | syscall |
? | ? |
| Syscall number register | RAX | X8 | ? |
write syscall number |
1 | 64 | ? |
| PC-relative address in 1 instr | lea |
adr |
? |
| Instruction width | 1-15 bytes | 4 bytes | ? |
| Branch protection (CET equiv.) | ENDBR64 | BTI | ? |
Exercise 40.7 — ABI quiz (open book) Without looking at your notes, write from memory:
a) The 6 argument registers for System V AMD64 ABI, in order b) The callee-saved registers in System V AMD64 ABI c) The ARM64 AAPCS64 argument registers d) What the "red zone" is and its size e) Stack alignment requirement before CALL in x86-64
Check your answers against Appendix E.
Exercise 40.8 ⭐ — Security mitigation review For each mitigation, write one sentence explaining what it does at the assembly level:
a) Stack canary (the prologue code)
b) NX/DEP (what hardware feature enforces it)
c) ASLR (what it randomizes)
d) CET SHSTK (what happens on RET)
e) CET IBT (what ENDBR64 marks)
Teaching and Communication Exercises
Exercise 40.9 — Explain to a beginner Write a clear explanation (3-4 sentences each) suitable for someone who knows C but has never written assembly:
a) Why does a buffer overflow overwrite the return address? b) What does "register-calling convention" mean? c) Why is the stack non-executable in modern systems? d) What is a page fault?
Exercise 40.10 ⭐ — Teach the MinOS boot sequence Write a 200-word explanation of the MinOS boot sequence suitable for a CS undergraduate who understands C and memory management but has not read this book. Focus on conveying the sequence of events clearly, not every technical detail.
Exercise 40.11 — Interview preparation Assembly and systems knowledge appears in technical interviews for security, systems, and performance roles. For each question, write a confident 2-3 sentence answer:
a) "What happens at the assembly level when a C function returns?" b) "How does ASLR protect against buffer overflow exploitation?" c) "What is the difference between a stack canary and CET SHSTK?" d) "What is out-of-order execution and why does it matter for performance?" e) "Explain what a TLB is."
Community Participation Exercises
Exercise 40.12 — Community choice Choose one community from the chapter and:
a) Create an account (OSDev forum, pwn.college, HackTheBox, RE Stack Exchange, etc.) b) Read the community guidelines c) Find one question you can answer OR one discussion where you have something to contribute d) Make your first post
Exercise 40.13 ⭐ — CTF first steps Create a pwn.college account and complete the first 3 challenges in either the "Assembly Refresher" or "Program Security" module:
a) What was the hardest part of each challenge? b) What technique did you use that this book covered? c) What technique did the challenge require that you had not seen before?
Exercise 40.14 — Conference talk selection Browse the recorded talks from one of these conferences: - DEF CON (defcon.org/media/video) - CCC (media.ccc.de) - Usenix Security (usenix.org/conferences/byname/108)
Find one talk about assembly-level security, reverse engineering, or systems performance. Watch it and write a 200-word summary explaining: what the speaker's main thesis is, what assembly-level technique is used, and what you learned.
Long-Term Planning Exercises
Exercise 40.15 — Contribution map For the Linux kernel:
a) Clone the kernel: git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
b) Navigate to arch/x86/kernel/ — what files do you recognize from this book?
c) Navigate to arch/arm64/kernel/ — same question
d) Read Documentation/process/submitting-patches.rst
e) Find one file in drivers/char/ that has a TODO or FIXME comment
Exercise 40.16 ⭐ — "Now I understand" reflection Complete these sentences honestly, with specific technical detail:
a) "Before this book, I thought [concept X] worked like [wrong model]. Now I understand it actually works by [correct explanation]." b) "The most surprising thing I learned was [specific fact] because [why it was surprising]." c) "The hardest concept to understand was [X] until I [what made it click]." d) "I will apply [specific technique from this book] in my work by [concrete plan]."
Exercise 40.17 — Teaching plan The best way to consolidate knowledge is to teach it. Choose one topic from this book and plan a 20-minute explanation you could give to a peer:
a) What is the audience's assumed background? b) What single insight is the most important to convey? c) What demonstration or example would make it concrete? d) What question would you ask to check understanding at the end?
Exercise 40.18 ⭐ — Project portfolio planning Identify three projects of increasing complexity that would demonstrate your assembly and systems knowledge to a potential employer or collaborator:
Entry-level demonstration (~20 hours): A project showing basic assembly competence Intermediate demonstration (~100 hours): A project showing systems-level understanding Advanced demonstration (~400+ hours): A project showing deep systems expertise
For each: what is the project, what does it demonstrate, and what is the first concrete step?
Exercise 40.19 — Reverse engineering practice Find a small open-source compiled binary you use regularly (a command-line utility, a library function). Strip its debug symbols and practice reverse engineering it:
a) What does strings reveal?
b) What does the dynamic symbol table (objdump -T) reveal?
c) Find the main function in Ghidra and reconstruct its top-level logic
d) Identify one function whose purpose you can determine purely from its assembly
Exercise 40.20 ⭐ — Closing reflection: your assembly future Write a one-page (approximately 300-word) personal statement answering:
What specific skills from this book will you use in your work, and in what context? What project represents your most ambitious goal with these skills? What kind of problem do you now understand that you could not have understood before?
This is not a test — there is no correct answer. It is a record of where you are when you finish, which will be interesting to compare to where you are in two years.