数组如何存储在内存中? [英] How is an array stored in memory?

问题描述

为了深入研究内存的分配和存储方式，我编写了一个可以扫描内存地址空间，查找值并写出新值的应用程序.

In an interest to delve deeper into how memory is allocated and stored, I have written an application that can scan memory address space, find a value, and write out a new value.

我开发了一个示例应用程序，其最终目标是能够以编程方式定位我的数组，并用新的数字序列覆盖它.在这种情况下，我创建了一个包含5个元素的一维数组，例如

I developed a sample application with the end goal to be able to programatically locate my array, and overwrite it with a new sequence of numbers. In this situation, I created a single dimensional array, with 5 elements, e.g.

int[] array = new int[] {8,7,6,5,4};

我运行了我的应用程序，并搜索了上面五个数字的序列.我一直在寻找介于4到8之间的任何值，以便连续显示5个数字.不幸的是，在很多情况下，我在数组中的序列号与数百个结果相匹配，因为数字4到8在内存中没有特别的顺序碰巧彼此相邻.

I ran my application and searched for a sequence of the five numbers above. I was looking for any value that fell between 4 and 8, for a total of 5 numbers in a row. Unfortunately, my sequential numbers within the array matched hundreds of results, as the numbers 4 through 8, in no particular sequence happened to be next to each other, in memory, in many situations.

是否有任何方法可以区分内存中的一组数字表示一个数组，而不仅仅是彼此相邻的整数?有什么办法知道，如果我找到一个特定的值，那么匹配的值就是一个数组的值?

Is there any way to distinguish that a set of numbers within memory, represents an array, not simply integers that are next to each other? Is there any way of knowing that if I find a certain value, that the matching values proceeding it are that of an array?

我假设当我声明int[] array时，它指向数组的第一个地址，这将为数组中存在的内容提供某种元数据，例如

I would assume that when I declare int[] array, its pointing at the first address of my array, which would provide some kind of meta-data to what existed in the array, e.g.

0x123456789 meta-data, 5 - 32 bit integers 
0x123456789 + 32 "8"
0x123456789 + 64 "7"
0x123456789 + 96 "6"
0x123456789 + 128 "5"
0x123456789 + 160 "4"

我要离开基地吗?

推荐答案

Debug + Windows + Memory + Memory 1，将地址"字段设置为数组".当您将视图切换为"4字节整数"时，您会看到以下内容:

Debug + Windows + Memory + Memory 1, set the Address field to "array". You'll see this when you switch the view to "4-byte Integer":

0x018416BC  6feb2c84 00000005 00000008 00000007 00000006 00000005 00000004

第一个地址是垃圾回收堆中对象的地址，加上对象标头中负偏移量(syncblk索引)的部分.您无法猜测该值，GC会四处移动它.第二个十六进制数字是数组类型(即方法表指针)的类型句柄".您无法猜到该值，类型句柄由CLR按需创建.第三个数字是数组长度.其余的是数组元素值.

The first address is the address of the object in the garbage collected heap, plus the part of the object header that's at a negative offset (syncblk index). You cannot guess this value, the GC moves it around. The 2nd hex number is the 'type handle' for the array type (aka method table pointer). You cannot guess this value, type handles are created by the CLR on demand. The 3rd number is the array length. The rest of them are the array element values.

在没有调试器的情况下在运行时可靠地找到该数组的几率很低.尝试没有什么意义.

The odds of reliably finding this array back at runtime without a debugger are quite low. There isn't much point in trying.

这篇关于数组如何存储在内存中?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！