将自定义字段放入 struct malloc_chunk 时出现问题
我试图在 struct malloc_chunk 中放入一个 head 标签和一个 foot 标签,如下所示:
struct malloc_shunk {
INTERNAL_SIZE prev_size;
INTERNAL_SIZE size;
}
这是我所做的:
1.
struct malloc_shunk {
INTERNAL_SIZE foot_tag;
INTERNAL_SIZE prev_size;
INTERNAL_SIZE size;
}
在将 head_tag 放入 malloc_chunk 之前,我只添加了 foot_tag 并编译了 glibc。我制作了一个小型测试程序,从系统中分配 60 个字节,然后释放它。你可以看到 malloc 正确返回,free 抱怨说“无效指针”。 malloc 返回的指针是 0x9313010。这使得指向 malloc_chunk 开头的指针为 0x9313004。 因此,当空闲传递给 0x9313010 时,它会通过 (mem2chunk) 将其转换为 0x9313004 并检查其是否对齐。由于我的字长是 4,因此使用 0x9313010 进行对齐检查是我遇到问题的地方。您能告诉我 Mem 指针(由 malloc 返回)是否需要绝对双字对齐。 (因为这里它可能不满足该标准,因为 malloc 返回的指针和块的开头之间的差异将是 12 个字节,而不是 8)。
为了永远到来 1. 问题,我刚刚在结构中添加了 1 个头标签,使其成为
结构malloc_shunk { INTERNAL_SIZE 脚标记; INTERNAL_SIZE 前一个大小; INTERNAL_SIZE 大小; INTERNAL_SIZE head_tag; } 现在 malloc 返回的指针和块的开头之间的差异将是 16,它将始终是双字对齐的。但是在这里我面临着一个更大的问题,因为当第一个 malloc 被调用时,竞技场已经设置并且垃圾箱已经初始化。这里受害者的大小并没有像正常情况下那样为零。问题在于,victim->size 实际上是存储“top”而不是“last_remainder”的地方。我想征求您的意见是否有任何其他方法/解决方法/解决方案,以便我可以克服我当前面临的竞技场初始化问题。
谢谢和问候, 卡皮尔
i am trying to put a head-tag and a foot tag inside struct malloc_chunk, like this:
struct malloc_shunk {
INTERNAL_SIZE prev_size;
INTERNAL_SIZE size;
}
Here is what i did:
1.
struct malloc_shunk {
INTERNAL_SIZE foot_tag;
INTERNAL_SIZE prev_size;
INTERNAL_SIZE size;
}
before putting the head_tag inside malloc_chunk, i just added foot_tag only and compiled glibc. I made a small test program that mallocs 60 bytes from the system and then frees it. Thou i can see that the malloc returned properly, free complained, saying "invalid pointer". The pointer malloc returned was 0x9313010. That makes the pointer to the start of malloc_chunk to be 0x9313004.
So when the free is passed 0x9313010, it converts it to 0x9313004 through (mem2chunk) and the check it for alignment. Since my wordsize is 4, alignment check with 0x9313010 is where i am getting problems. Can you please tell me if the Mem pointer (returned by malloc) needs to be absolutely double-word aligned. (as here it may not satisfy that criterion, as difference betwwen the pointer returned by malloc and start of chunk will be 12 bytes here and not 8).
To ever come 1. issue , i just added 1 head-tag to the structure so that it becomes
struct malloc_shunk {
INTERNAL_SIZE foot_tag;
INTERNAL_SIZE prev_size;
INTERNAL_SIZE size;
INTERNAL_SIZE head_tag;
}
Now the difference betwwen the pointer returned by malloc and start of chunk will be 16 which will always be double word aligned. But Here i am facing a bigger problem as the time when first malloc is called the arena is setup and bins are initallised. The size of the victim here is not coming out to be zero as it should be in normal cases. The problem is that the victim->size is actually comes out to be the place where 'top' is stored rather than 'last_remainder'. i'd like to ask for you opinion if there is any other way/workaround/solution, so that i can over come this initialization of arena issue i am currently facing.
Thanks and Regards,
Kapil
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
根据我所学到的,尽量不要修改结构 malloc_chunk。即使你必须确保顶部指针最初为 0,否则堆将永远不会形成。 _int_malloc() 中的 sYSMALLOC() 函数首先从内核 MMAP 出更大的块。仅当 top 最初为 0 时才会调用它。
From what ever i have learnt, try not to modify the structure malloc_chunk. Even if you have to then make sure that the top pointer is initially 0 otherwise heap will never be formed. Its the sYSMALLOC() function in _int_malloc() that first MMAPs a bigger chunk from kernel. It will be invoked only if the top is 0 initially.