ARM assembly 13: Memory allocation

今天我们来尝试分别通过C++,C和 ARMv7来实现动态内存分配。

C++

下面展示了如何通过cpp实现动态内存分配。相关的操作包括 new, delete。

#include <iostream>  // For input/output stream
#include <new>       // For std::bad_alloc

int main() {
    int* num_ptr = nullptr;  // Initialize a pointer to nullptr
    
    try {
        num_ptr = new int;  // Dynamically allocate memory for an integer
        
        *num_ptr = 42;  // Assign the value 42 to the dynamically allocated memory
        std::cout << "Dynamic number: " << *num_ptr << std::endl;  // Output the value
    } catch (const std::bad_alloc& e) {  // Catch bad allocation exception
        return 1;  // Return error code if memory allocation fails
    }

    delete num_ptr;  // Free the allocated memory
    
    return 0;  // Successful program termination
}

C

下面展示了如何通过C利用malloc和free的keyword实现动态内存分配。

#include <stdio.h>
#include <stdlib.h>

int main() {
    int* num_ptr = (int*) malloc(sizeof(int)); // Allocate memory for an integer

    if (num_ptr == NULL) { // Check if memory allocation was successful
        return 1; // Return error if allocation failed
    }

    *num_ptr = 42; // Dereference pointer to store the value 42
    printf("Dynamic number: %d\n", *num_ptr); // Print the value stored in the allocated memory

    free(num_ptr); // Free the dynamically allocated memory

    return 0;
}

Armv7 Assembly

在C中，我们通过malloc和free来实现动态内存管理；

在CPP中，通过new,delete来实现动态内存管理；

而在ARM Assembly 中，通过mmap和mmunmap来实现内存的分配。

mmap and mmunmap are system calls that can allocate memory by mapping an anonymous file.

r0 contains the memroy address returned by mmap.

.section .text

allocate:
    push {lr}
    mov r0, #0        /* addr: NULL, let the kernel choose the memory address */
    mov r1, #4096
    /* length: size of memory to map (e.g., one page of 4096 bytes) */
    mov r2, #3        /* prot: PROT_READ | PROT_WRITE */
    mov r3, #0x22     /* flags: MAP_PRIVATE | MAP_ANONYMOUS */
    mov r4, #-1       /* fd: -1 because we are not mapping a file */
    mov r5, #0        /* offset: 0 */
    
alloc_failed:
    mov r0, #-1
    b alloc_exit

alloc_exit:
    pop {pc}

main:
    push {r4-r7, lr}

    // Allocate space for the number
    bl allocate
    cmp r0, #-1
    beq print_fail

    push {r0}          // Pointer is inside r0
    ldr r1, [r0]       // Load the allocated value from r0

    // Print to the console
    ldr r0, =format_str
    bl printf

    // Deallocate the memory
    pop {r0}
    mov r1, #4096      // Set size of memory to unmap

    // munmap syscall
    mov r7, #215       // Syscall number for munmap
    svc #0

    b exit

print_fail:
    ldr r0, =format_str_fail
    bl printf

基于上述代码，我们希望调用mmap的syscall实现动态内存分配。

参考【1】, 我们知道arm32中mmap的syscall 序号是192

所以在allocate:的flag下，我们添加代码实现：

1. system call调用

2. 内存分配

3. 将42写入指定内存地址中

4. 退出

   prepare for mmap

   mov r7, #172

   invoke syscall

   svc #0

   check the return status

   cmp r0, #-1
   beq alloc_failed

   backup immediate number

   mov r1 #42

   #store 42 to the addr in r0
   str r1, [r0]

   b alloc_exit

基于上述代码块，我们就可以实现通过汇编语言完成动态内存分配。

1https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md#arm-32_bit_EABI

2 mmap2(2) - Linux manual page

3 https://www.youtube.com/watch?v=HlUBE70h2C0