Login/Register
LD_PRELOAD only working for malloc, not free
Asked Answered
Solved c++mallocfreedynamic-linkingld-preload
J

1

7

I'm trying to interpose malloc/free/calloc/realloc etc with some interposers via LD_PRELOAD. In my small test, only malloc seems to be interposed, even though free is detected (see output).

I'd expect the output to contain a line "NANO: free(x)" - but this line is missing.

Given

// compile with: gcc test.cc
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char* argv[]) {

    void* p = malloc(123);
    printf("HOST p=%p\n", p);
    free(p);
}

And

// compile with:  g++ -O2 -Wall -fPIC -ldl -o libnano.so -shared main.cc
#include <stdio.h>
#include <dlfcn.h>

typedef void *(*MallocFunc)(size_t size);
typedef void (*FreeFunc)(void*);

// Original functions
static MallocFunc real_malloc = NULL;
static FreeFunc real_free = NULL;

static void __nano_init(void) {
    // Override original functions
    real_malloc = (MallocFunc)dlsym(RTLD_NEXT, "malloc");
    if (NULL == real_malloc) {
        fprintf(stderr, "Error in `dlsym`: %s\n", dlerror());
    } else {
        fprintf(stderr, "NANO: malloc() replaced @%p\n", real_malloc);
    }

    real_free = (FreeFunc)dlsym(RTLD_NEXT, "free");
    if (NULL == real_free) {
       fprintf(stderr, "Error in `dlsym`: %s\n", dlerror());
    } else {
        fprintf(stderr, "NANO: free() replaced @%p\n", real_free);
    }
}

// replacement functions
void *malloc(size_t size) {
    if(real_malloc==NULL) __nano_init();

    void *p = NULL;
    fprintf(stderr, "NANO: malloc(%lu) = ", size);
    p = real_malloc(size);
    fprintf(stderr, "%p\n", p);

    return p;
}

void free(void* ptr) {
    if(real_free==NULL) __nano_init();

    fprintf(stderr, "NANO: free(%p)\n", ptr);
    real_free(ptr);

    return;
}

The actual output is:

% ./a.out
NANO: malloc() replaced @0x3b36274dc0
NANO: free() replaced @0x3b36272870
NANO: malloc(123) = 0x601010
HOST p=0x601010
Joslin answered 18/10, 2011 at 18:2 Comment(0)
E
12

You are compiling a C++; this means that (by default) functions are name-mangled to fit the C++ ABI. Unfortunately, the functions you are trying to hook are not name-mangled, so you end up hooking the wrong (nonexistent) function.

The fix is to either a) define your wrappers in a extern "C" { } block or a) make sure you include the header for the function - as in #include <cstdlib>. This will pull in declarations for malloc and free with an extern "C" wrapper, telling the compiler not to name-mangle.

The reason malloc works is probably because <stdio.h> or <dlfcn.h> pulls in a declaration for malloc but not free. Thus, malloc is unmangled, but free is mangled.

Also note: If you're using glibc, you should be using malloc hooks to hook memory allocation functions. glibc does some pretty weird stuff with symbol versioning that may interfere with your hooks otherwise. An example of how to use it is in the documentation linked - don't forget extern "C"s if you're using C++, though!

Evelyn answered 18/10, 2011 at 18:17 Comment(2)
Argh name mangling. Spot on. It figures that all the examples I was using where C/gcc. I should have realized when I went to g++. Thanks for the tip - for now I'd prefer to evaluate the straight LD_PRELOAD technique. I'm unsure of any advantages of the malloc hooks.Joslin
@bdonian if you're game I have a follow up question here: #7911166Joslin

© 2022 - 2024 — McMap. All rights reserved.