dlmalloc 的 mspace_malloc 返回奇怪的地址
[我已经解决了这个问题 - 请参阅下面我的最后一条评论。]
在我的应用程序中,我需要使用我自己的特殊 malloc,基于 Doug Lea 的 dlmalloc:我映射一个匿名文件(使用 mmap),创建一个 mspace映射文件的一部分,并将 mspace 传递给 mspace_malloc。我发现 mspace_malloc 返回的一些地址不在映射文件的范围内 - 尽管据我所知,该进程可以很好地写入和读取 malloc 的内存。为什么我会遇到这种行为,我该怎么做才能强制 mspace_malloc 返回 mspace 范围内的地址?
/* Inside dl_malloc.c */
#define ONLY_MSPACES 1
#define MSPACES 1
void * heap;
off_t heap_length;
mspace ms;
void init(size_t size) {
heap = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (heap == MAP_FAILED) {
perror("init: mmap");
exit(EXIT_FAILURE);
}
heap_length = size;
ms = create_mspace(heap, size, 0);
mspace_track_large_chunks(ms, 1);
}
void * my_malloc(size_t bytes) {
return mspace_malloc(heap, bytes);
}
/************************/
/* In application */
#include <stdio.h>
#include <stdlib.h>
#define HEAP_SIZE 0x10000 // 32 pages
#define ROWS 2
#define COLS 4096
extern void init(void);
extern void * my_malloc(size_t bytes);
extern void * heap;
extern off_t heap_length;
int main(void) {
init(HEAP_SIZE);
int ** matrix = (int **)my_malloc(sizeof(int *) * ROWS);
int i;
for (i = 0; i < ROWS; ++i)
matrix[i] = (int *)my_malloc(sizeof(int) * COLS);
printf("Heap bounds: %lx to %lx\n",
(off_t)heap, (off_t)heap + heap_length);
printf("Matrix: %p ", matrix;
for (i = 0; i < ROWS; ++i)
printf("Matrix[%d]: %p ", i, matrix[i]");
printf("\n");
return EXIT_SUCCESS;
}
当我运行这个程序时(嗯,上面是一个简化,但不是很多),我看到分配给矩阵的地址在为堆打印的边界内,但是两行的两个地址非常远< em>低于下限——比它低 0x100000000 以上!但我似乎能够读取和写入矩阵。最后一点我觉得令人费解并且想理解,但更紧迫的问题是我需要做一些事情来确保 my_malloc 返回的所有地址都在堆范围内,因为我的应用程序的其他部分需要这个。
顺便说一句,请注意,我不需要锁定对 create_mspace 的调用,因为我在此程序中仅使用一个线程。无论如何,我尝试将此参数设置为 1,但结果没有发现任何差异。
谢谢!
[I've solved this problem--please see my last comment below.]
In my application, I need to use my own special malloc, based on Doug Lea's dlmalloc: I map an anonymous file (using mmap), create an mspace out of part of the mapped file, and pass the mspace to mspace_malloc. I am finding that some of the addresses that mspace_malloc returns are not within the bounds of the mapped file--even though, as far as I can tell, the process can write to and read from the malloc'ed memory just fine. Why am I encountering this behavior, and what can I do to force mspace_malloc to return an address within the range of the mspace?
/* Inside dl_malloc.c */
#define ONLY_MSPACES 1
#define MSPACES 1
void * heap;
off_t heap_length;
mspace ms;
void init(size_t size) {
heap = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (heap == MAP_FAILED) {
perror("init: mmap");
exit(EXIT_FAILURE);
}
heap_length = size;
ms = create_mspace(heap, size, 0);
mspace_track_large_chunks(ms, 1);
}
void * my_malloc(size_t bytes) {
return mspace_malloc(heap, bytes);
}
/************************/
/* In application */
#include <stdio.h>
#include <stdlib.h>
#define HEAP_SIZE 0x10000 // 32 pages
#define ROWS 2
#define COLS 4096
extern void init(void);
extern void * my_malloc(size_t bytes);
extern void * heap;
extern off_t heap_length;
int main(void) {
init(HEAP_SIZE);
int ** matrix = (int **)my_malloc(sizeof(int *) * ROWS);
int i;
for (i = 0; i < ROWS; ++i)
matrix[i] = (int *)my_malloc(sizeof(int) * COLS);
printf("Heap bounds: %lx to %lx\n",
(off_t)heap, (off_t)heap + heap_length);
printf("Matrix: %p ", matrix;
for (i = 0; i < ROWS; ++i)
printf("Matrix[%d]: %p ", i, matrix[i]");
printf("\n");
return EXIT_SUCCESS;
}
When I run this program (well, the above is a simplification, but not by much), I see that the address assigned to matrix is within the bounds printed for the heap, but that the two addresses for the two rows are very far below the lower bound--more than 0x100000000 below it! And yet I seem to be able to read and write to the matrix. This last point I find puzzling and would like to understand, but the more urgent issue is that I need to do something to make sure that all the addresses that my_malloc returns are within the heap bounds, because other parts of my application need this.
BTW, note that I do not need to lock my call to create_mspace, since I'm only using one thread in this program. Anyway, I tried setting this argument to 1, but I saw no difference in the results.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
尤里卡(哈哈哈)!上面的简化示例使用给定的常量将正常工作,并且返回的地址将在范围内。但是,如果您在相对于原始 mspace 太大的大小上调用 my_malloc,malloc 将调用 mmap(除非您明确禁用此功能)。我看到的地址只是由于调用 mmap 而返回的地址。所以这个谜团的解决方案其实相当简单。我将这篇文章留下来,以防其他人碰巧遇到这个问题并忘记 malloc 对 mmap 的调用。
Eureka (hahaha)! The above, simplified example, with the given constants, will work correctly, and the returned addresses will be within range. However, if you call my_malloc on sizes that are too large relative to the original mspace, malloc will call mmap (unless you explicitly disable this). The addresses I was seeing were merely those returned as a result of those calls to mmap. So the solution to this mystery turned out to be rather simple. I'm leaving this posted in case others happen to run into this issue and forget about malloc's calls to mmap.