要验证程序,我需要生成一个确定性地址跟踪。所以我使用mmap
在虚拟内存中的固定位置分配数组。在固定位置的内存映射数组
这是我有:
#define PG_SIZE 4096
#define PG_START(_v) ((_v) & ~(unsigned long)(PG_SIZE-1))
// has to be aligned to page. otherwise it will be done for you.
#define ARRAY_ONE_BASE PG_START(0xffeffd000)
#define ARRAY_ONE_SIZE (4096 * 2 * sizeof(int))
unsigned long * allocateArray(unsigned long addr, size_t size) {
int stack_prot = PROT_READ | PROT_WRITE;
int flags = MAP_SHARED | MAP_FIXED | MAP_ANONYMOUS;
unsigned long *m_map;
m_map = mmap((caddr_t)PG_START(addr), size, stack_prot, flags, -1, 0);
// fail if mmap faield
if (m_map == MAP_FAILED) {
perror("mmap failed");
abort();
}
printf("Base address of allocated variable: %li\n", m_map);
assert((void *)m_map == (void *)addr);
return m_map;
}
int main(int argc, char *argv[]) {
unsigned long *addrOne = allocateArray(ARRAY_ONE_BASE, ARRAY_ONE_SIZE);
}
如果我编译和运行上面的代码,它工作正常。但是,当我尝试运行valgrind
工具lackey
时,它会出现分段错误。
命令:
gcc program.c
valgrind --read-var-info=yes --tool=lackey a.out
输出:
==28528== Lackey, an example Valgrind tool
==28528== Copyright (C) 2002-2013, and GNU GPL'd, by Nicholas Nethercote.
==28528== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info
==28528== Command: a.out
==28528==
==28528==
==28528== Process terminating with default action of signal 11 (SIGSEGV)
==28528== Bad permissions for mapped region at address 0x0
==28528== at 0x0: ???
==28528==
==28528== Counted 1 call to main()
==28528==
==28528== Jccs:
==28528== total: 22,338
==28528== taken: 9,947 (44%)
==28528==
==28528== Executed:
==28528== SBs entered: 21,937
==28528== SBs completed: 14,439
==28528== guest instrs: 120,810
==28528== IRStmts: 723,993
==28528==
==28528== Ratios:
==28528== guest instrs : SB entered = 55 : 10
==28528== IRStmts : SB entered = 330 : 10
==28528== IRStmts : guest instr = 59 : 10
==28528==
==28528== Exit code: 0
Segmentation fault (core dumped)
我已经试过在的mmap保护标志的不同组合,但有没有运气。我会很感激任何帮助。
更改内存地址的工作。我并不知道valgrind中的保留区域。谢谢! – goyalankit 2014-10-31 16:59:14