GitHub - wh5a/DieHard: A memory allocator adapted for my research

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
docs		docs
test		test
util		util
Makefile		Makefile
README		README
ansiwrapper.h		ansiwrapper.h
bitmap.h		bitmap.h
bumpalloc.h		bumpalloc.h
check.h		check.h
checkpoweroftwo.h		checkpoweroftwo.h
combineheap.h		combineheap.h
diefast.h		diefast.h
diehard.h		diehard.h
diehardheap.h		diehardheap.h
heapshield.cpp		heapshield.cpp
largeheap.h		largeheap.h
lock.h		lock.h
lockheap.h		lockheap.h
log2.h		log2.h
marsaglia.h		marsaglia.h
mersenne.h		mersenne.h
mmapalloc.h		mmapalloc.h
mmapwrapper.h		mmapwrapper.h
modulo.h		modulo.h
mwc.h		mwc.h
oneheap.h		oneheap.h
platformspecific.h		platformspecific.h
randomheap.h		randomheap.h
randomminiheap.h		randomminiheap.h
randomnumbergenerator.h		randomnumbergenerator.h
realrandomvalue.h		realrandomvalue.h
reentrantheap.h		reentrantheap.h
sassert.h		sassert.h
staticforloop.h		staticforloop.h
staticif.h		staticif.h
staticlog.h		staticlog.h
wrapper.cpp		wrapper.cpp

Repository files navigation

Here we give an brief analysis of the work flow of C programs on
Linux.

libdiehard.cpp gets compiled to libdiehard.so, which when added to
LD_PRELOAD will intercept all malloc calls and
friends. libdiehard_r.so is for replicated execution.

libdiehard.cpp #include wrapper.cpp, which serves as the entry points
for the library functions.

Although you only see libdiehard.cpp getting compiled, all interesting
implementations take place in those .h files containing template
definitions. libdiehard.cpp simply combines a set of heap types and
picks the parameters to create a heap instance.

The heap's type is
ANSIWrapper<LockHeap<ReentrantHeap<CombineHeap<DieHardHeap<Numerator, Denominator, 65536, (DIEHARD_DIEFAST == 1)>, TheLargeHeap> > > >.
Follow the types from the outermost and you get the calling sequences.

Essentially, we are managing two types of heaps by combining a small
one (DieHardHeap) and a big one (LargeHeap). When a request is larger
than a threshold (by default 64K, the third parameter to the
DieHardHeap template), we allocate directly from LargeHeap.

DieHardHeap is described in the journal paper Section 4.1. DieHard
dynamically sizes its heap to be M times larger than requested, where
M is a fraction >= 1. By default libdiehard.cpp chooses 4/3 (the first
and second parameters to the DieHardHeap template).

DieHard manages memory through miniheaps. Each miniheap contains
objects of exactly one size. DieHard uses a clever template trick to
declare miniheaps at compile time (see the use of StaticForLoop in
diehardheap.h). The smallest miniheap holds doubles (objects smaller
than doubles are rounded up), the next holds objects of twice the
size, etc, until the largest miniheap holds objects of 64K.

If the fourth parameter DIEHARD_DIEFAST is set, when a miniheap is
first initialized, or when a buffer is freed, it's filled with a
random word. Every time a buffer is malloc'ed or free'd, DieHard
checks to see if the allocated buffer only contains repeating words of
that random value. Doing this helps capturing heap overflows.

LargeHeap manages memory simply through mmap/munmap wrapped by
MmapWrapper. MmapWrapper doesn't specify an address and lets the OS
pick one, which isn't random at all. We may want to randomize
this. The requested size doesn't have to be divisible by page size.
Therefore LargeHeap can create external fragmentation. When the
requested size is large, the overhead is negligible.

In the end the miniheaps are also allocated through mmap. Their
addresses are not very random, but objects allocated from the
miniheaps are picked randomly.

For more randomness, look at DieHarder paper Section 6.3 for more ideas.