在程序集中访问malloc内存

时间:2011-12-16 03:07:55

标签: memory-management assembly malloc x86-64 nasm

我正在尝试访问我已经在程序集中进行了malloced的内存,但我只是反复得到段错误。我在下面的代码中做错了什么,我确信它很简单,但我看不到它!

编辑:我正在使用64位NASM程序集

; Allocate room for 8 integers
mov r8, 8
mov rdi, r8
imul rdi, 8 ; Multiply by 8 (8 bytes per entry in 64bit)
xor rax, rax
call malloc
add rsp, 8
test rax, rax
jz malloc_failure
mov r8, rsp

; r8 now = base of array

; Set the first element to be 100
mov r9, 0
add r9, r8
mov qword [r9], 100

malloc_failure:
deallocate_start:
dealloc_1:
mov rdi, r8
xor rax, rax
call free
add rsp, 8
deallocate_end:
call os_return      ; return to operating system

段错误(不是很有趣......)

matrix05% ./arr5
Segmentation fault

1 个答案:

答案 0 :(得分:2)

mov r8, 8
mov rdi, r8
imul rdi, 8
xor rax, rax
call malloc
add rsp, 8       ;; here we _add_ 8 bytes to the stack pointer
                 ;; this is equivalent to _popping_ off the stack
                 ;; remember, the x86 stack grows down!
test rax, rax    ;; rax is indeed where the return value is..... but:
jz malloc_failure
mov r8, rsp      ;; we overwrite r8 with the stack pointer (why??)

; r8 now = base of array ;; no it's not

mov r9, 0
add r9, r8       ;; r9 = r8 = stack pointer
mov qword [r9], 100  ;; we now write 100 to the current stack pointer.
                 ;; The stack pointer initially (on entry to the function)
                 ;; pointed to a return address; where exactly are you overwriting?

malloc_failure:
deallocate_start:
dealloc_1:
mov rdi, r8
xor rax, rax
call free
add rsp, 8       ;; we pop from the stack pointer _again_. I do hope there's a sub rsp, 16 at the top...
deallocate_end:
call os_return      ; return to operating system (and probably crash because our stack is FUBAR'd)