2006.3.16

ammer

参考文章: http://www.nsfocus.net/index.php?act=sec_doc&do=view&doc_id=901&keyword=
当 buf1 = malloc(32); 后,内存结构为:
buf1的管理结构(8bytes)|buf1真正可操作空间(32bytes)|下一个空闲堆的管理结构(8bytes)|两个双链表指针(8bytes)
但是我用:
int *buf1, *buf2;
  buf1 = malloc(32);
  buf2 = malloc(32);
  printf("buf1: %u, buf2: %u.\n", buf1, buf2);
  printf("two int before buf1: %u, %u.\n", buf1[-2], buf1[-1]);
  printf("four int after buf1: %u, %u, %u, %u.\n", buf1[8], buf1[9], buf1[10], buf1[11]);
  printf("two int before buf2: %u, %u.\n", buf2[-2], buf2[-1]);
  printf("four int after buf2: %u, %u, %u, %u.\n", buf2[8], buf2[9], buf2[10], buf2[11]);
得到的运行结果却为:
ammer@cj:~/tmp$ ./a.out
buf1: 134520840, buf2: 134520880.
two int before buf1: 0, 41.
four int after buf1: 0, 41, 0, 0.
two int before buf2: 0, 41.
four int after buf2: 0, 135089, 0, 0.
唯一看出的价值是 两次分配的内存段间空隙为 8 字节,且得到内存的前面8字节内容相同.
可以证实:
  int *buf1, *buf2, *buf3;
  buf1 = malloc(16);
  buf2 = malloc(32);
  buf3 = malloc(64);
  printf("buf1: %u, buf2: %u. buf3: %u\n", buf1, buf2, buf3);
  printf("two int before buf1: %u, %u. before buf2: %u, %u,
before buf3: %u, %u.\n", buf1[-2], buf1[-1], buf2[-2], buf2[-1],
buf3[-2], buf3[\-1]);
结果:
buf1: 134520840, buf2: 134520864. buf3: 134520904
two int before buf1: 0, 25. before buf2: 0, 41, before buf3: 0, 73.
看出: 1.分配的内存区前多出8个字节. 2.前一个数比分配大小大9.
     但改变分配的大小发现这个两个数都不固定,可能是字节对齐的需要.
原来此文为 windows 底下的分析 :(   明天继续
http://www.nsfocus.net/index.php?act=sec_doc&do=view&doc_id=753&keyword=malloc
http://www.nsfocus.net/index.php?act=sec_doc&do=view&doc_id=681&keyword=malloc
               
               
               

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/15482/showart_86577.html