0

I want to override memory allocations in my program on Mac OS 10.9 using DYLD_INSERT_LIBRARIES. This is a very simple skeleton of the code I have implemented: 

void *(*default_malloc)(size_t) = NULL;
void (*default_free)() = NULL;
void *(*default_calloc)(size_t, size_t) = NULL;
void *(*default_realloc)(void *, size_t) = NULL;

void *malloc(size_t size)
{
    if(!default_malloc)
    {       
        default_malloc = dlsym(RTLD_NEXT, "malloc");    
    }

    size_t allocSize = size + 16;
    char *mem = (char *)default_malloc(allocSize);
    malloc_printf("malloc returned %p\n", mem + 16);
   return mem + 16;
}

void *calloc(size_t num, size_t size)
{
    if(!default_calloc)
    {
        default_calloc = dlsym(RTLD_NEXT, "calloc");
    }

    void *p = malloc(num*size);
    memset(p, 0, num*size); 
    malloc_printf("calloc function returned %p\n", p);
    return p;
}

void *realloc(void *xp, size_t size)
{
    if(!default_realloc)
    {
        default_realloc = dlsym(RTLD_NEXT, "realloc");
    }

    char *p = (char *)default_realloc((char *)xp - 16, size + 16);
    malloc_printf("realloc function returned %p\n", p + 16);
    return p + 16;  
}

void free(void *buff)
{
    if(buff == NULL)
    return;

    if(!default_free)
    {
        default_free = dlsym(RTLD_NEXT, "free");
    }

    char *mem = buff;
    malloc_printf("free function called for %p\n", mem);
    default_free(mem - 16);
}

I am not sure what is wrong here. When I run my program with it, I get the following output:

$ DYLD_INSERT_LIBRARIES=lib_overrides.dylib ls
ls(2431) malloc: malloc returned 0x7fa6b0400030
ls(2431) malloc: malloc returned 0x7fa6b04000a0
ls(2431) malloc: malloc returned 0x7fa6b0400110
ls(2431) malloc: malloc returned 0x7fa6b0400130
ls(2431) malloc: free function called for 0x7fa6b04000a0
ls(2431) malloc: malloc returned 0x7fa6b04000a0
ls(2431) malloc: malloc returned 0x7fa6b04003c0
ls(2431) malloc: free function called for 0x7fa6b04003e0
ls(2431) malloc: *** error for object 0x7fa6b04003e0: pointer being freed was not allocated

How did free get the pointer 0x7fa6b04003e0? It is not returned by malloc anywhere as the logs suggest. I have reviewed the code many times but unable to locate the problem. Any help is much appreciated. Kindly help.

NOTE: If I stop adding 16 from allocations functions and subtracting 16 from free, then everything works fine. So does it mean that there is some other allocation function which is not overridden here(apart from malloc/calloc/realloc)?

Aarkan
  • 3,811
  • 6
  • 40
  • 54

2 Answers2

0

I got the same problem and I worked around by checking if the pointer has been allocated in the free function.

Also for some reasons I have to use

DYLD_INSERT_LIBRARIES=/path/to/dylib DYLD_FORCE_FLAT_NAMESPACE=1 ls

maybe that can help some peoples.

I believe these pointers pass to free are allocations made by the "real malloc" before the dynamic linker load your dylib.

coremart
  • 1
-1

realloc and free can and will be called with null pointers. And obviously you run into trouble with anything allocated before and freed after you install these functions.

Look at instruments and debugging features instead.

gnasher729
  • 51,477
  • 5
  • 75
  • 98
  • But, I have handled for NULL in free. Also, the lib should be loaded before libc, so how is it possible that something is allocated before these functions are installed? – Aarkan Feb 28 '14 at 20:59
  • Everything needing memory calls malloc. strdup for example. Opening a file will allocate memory and closing the file will release it. Aand so on. – gnasher729 Feb 28 '14 at 21:36
  • Check https://developer.apple.com/library/ios/documentation/Performance/Conceptual/ManagingMemory/Articles/MallocDebug.html – gnasher729 Feb 28 '14 at 21:39