tlpi - 7 memory allocation

TLPI - Chapter 7 MEMORY ALLOCATION

Shu-Yu Fu ([email protected])

July 15, 2012


This chapter describes the functions that are used to allocatememory on the heap or the stack.


Allocating Memory on the Heap

We begin the a description of brk() (program break, the currentlimit of the heap) and sbrk(), upon which the malloc functionsare based.



Adjusting the Program Break: brk() and sbrk()

Resizing the heap is actually as simple as telling the kernel toadjust its idea of where the process’s program break is. Afterthe program break is increased, the program may access anyaddress in the newly allocated area, but no physical memorypages are allocated yet.

1 #include <uni s td . h>2 int brk (void ∗ end data segment ) ;3 Returns 0 on success , or −1 on e r r o r

The brk() system call sets the program break to the locationspecified by end data segment (page-aligned).

1 #include <uni s td . h>2 void ∗sbrk ( i n t p t r t increment ) ;3 Returns prev ious program break on success , or (void ∗)−1 on e r r o r

A call to sbrk() adjusts the program break by adding incrementto it. On success, sbrk() returns the previous address of theprogram break.



Allocating Memory on the Heap: malloc() and free()

1 #include <s t d l i b . h>2 void ∗malloc ( s i z e t s i z e ) ;3 Returns po in t e r to a l l o c a t ed memory on success , or NULL on e r r o r

The malloc() function allocate size bytes from the heap andreturns a pointer to the start of the newly allocated block ofmemory.

1 #include <s t d l i b . h>2 void f r e e (void ∗ptr ) ;

In general, free() doesn’t lower the program break, but insteadadds the block of memory to a list of free blocks.Making any use of ptr after the call to free() is an error thatcan lead to unpredictable results.

The glibc free() function calls sbrk() to lower theprogram break only when the free block at the top endis ”sufficiently” large, where ”sufficient” is determinedby parameters controlling the operation of the mallocpackage (128 KB is a typical value).



Implementation of malloc() and free()

Scan the list of memory blocks previously released byfree() in order to find one whose size is larger than orequal to its requirements.

If the block is larger, the it is split, so that a block of thecorrect size is returned to the caller and a smaller freeblock is left on the free list.

If no block on the free list is large enough, malloc()increases the program break in larger units, putting theexcess memory onto the free list.



Implementation of malloc() and free()

Q: When free() places a block of memory onto the free list,how does it know what size that block is?A: When malloc() allocates the block, it allocates extra bytesto hold an integer containing the size of the block.

When a block is placed on the free list, free() uses the bytes ofthe block itself in order to add the block to the list.



Tools and libraries for malloc debugging

Among the malloc debugging tools provided by glibc are thefollowing:

The mtrace() and muntrace() functions allow a programto turn tracing of memory allocation calls on and off.

The mcheck() and mprobe() functions allow a program toperform consistency check on blocks of allocated memory.Programs that employ these functions must be linked withthe mcheck library using the −lcheck option.

The MALLOC CHECK environment variable serves asimilar purpose to mcheck() and mprobe() (One notabledifference between the two techniques is that usingMALLOC CHECK doesn’t require modification andrecompilation of the program.). For security reasons, thesetting of MALLOC CHECK is ignored by set-user-IDand set-group-ID programs.

Further information about all of the above features can befound in the glibc manual.



Controlling and monitoring the malloc package

The glibc manual describes a range of nonstandard functions(not portable) that can be used to monitor and control theallocation of memory by functions in the malloc package.

The mallopt() function modifies various parameters thatcontrol the algorithm used by malloc().

The mallinfo() function returns a structure containingvarious statistics about the memory allocated by malloc().



Other Methods of Allocating Memory on the Heap

The C library provides a range of other functions for allocatingmemory on the heap.



Allocating memory with calloc() and realloc()

1 #include <s t d l i b . h>2 void ∗ c a l l o c ( s i z e t numitems , s i z e t s i z e )3 Returns po in t e r to a l l o c a t ed memory on success , or NULL on e r r o r

The calloc() function allocates memory for an array of identicalitems. Unlike malloc(), calloc() initializes the allocated memoryto 0.

1 #include <s t d l i b . h>2 void ∗ r e a l l o c (void ∗ptr , s i z e t s i z e )3 Returns po in t e r to a l l o c a t ed memory on success , or NULL on e r r o r

The realloc() function is used to resize (usually enlarge) a blockof memory previously allocated by one of the functions in themalloc package.




For the usual case, where we are increasing the size of the blockof memory,

realloc() attempts to coalesce the block with animmediately following block of memory on the free list, ifone exists and is large enough.

If the block lies at the end of the heap, then realloc()expands the heap.

If the block of memory lies in the middle of the heap, andthere is insufficient free space immediately following it,realloc() allocates a new block of memory and copies allexisting data from the old block to the new block.




Since realloc() may relocate the block of memory, we must usethe returned pointer from realloc() for future references to thememory block.

1 nptr = r e a l l o c ( ptr , newsize ) ;2 i f ( nptr == NULL) {3 /∗ Handle e r r o r ∗/4 } else { /∗ r e a l l o c ( ) succeeded ∗/5 ptr = nptr ;6 }

Memory allocated using calloc() or realloc() should bedeallocated with free().



Allocating aligned memory: memalign() and posix memalign()

1 #include <malloc . h>2 void ∗memalign ( s i z e t boundary , s i z e t s i z e ) ;3 Returns po in t e r to a l l o c a t ed memory on success , or NULL on e r r o r

The memalign() function allocates size bytes starting at anaddress aligned to a multiple of boundary, which must be apower of two.

1 #include <s t d l i b . h>2 int posix memalign (void ∗∗memptr , s i z e t alignment , s i z e t s i z e ) ;3 Returns 0 on success , or a p o s i t i v e e r r o r number on e r r o r

The memory is aligned to a multiple of alignment, which mustbe a power-of-two multiple of sizeof(void∗) (4 or 8 bytes onmost hardware architectures). Note also the unusual returnvalue of this function.Blocks of memory allocated using memalign() orposix memalign() should be deallocated with free().



Allocating aligned memory: memalign() and posix memalign()

On some UNIX implementations, it is not possible tocall free() on a block of memory allocated viamemalign(), because the memalign() implementationuses malloc() to allocate a block of memory, and thenreturns a pointer to an address with a suitablealignment in that block. The glibc implementation ofmemalign() doesn’t suffer this limitation.


Allocating Memory on the Stack: alloca()

Instead of obtaining memory from the heap, alloca() obtainsmemory from the stack by increasing the size of the stack frame.

1 #include <a l l o ca>2 void ∗ a l l o c a ( s i z e t s i z e ) ;3 Returns po in t e r to a l l o c a t ed block o f memory

We need no call free() to deallocate memory allocated withalloca(). Likewise, it is not possible to use realloc() to resize ablock of memory allocated by alloca().

Older versions of glibc, and some other UNIXimplementations (mainly BSD derivatives), require theinclusion of <stdlib.h> instead of <alloca.h> to obtainthe declaration of alloca().



If the stack overflow as a consequence of calling alloca(), theprogram behavior is unpredictable. In particular, we don’t get aNULL return to inform us of the error. (In fact, in thiscircumstance, we may receive a SIGSEGV signal.)We can’t use alloca() within a function argument list, as in thisexample:

1 func (x , a l l o c a ( s i z e ) , z ) ; /∗ WRONG! ∗/

Instead, we must use code such as this:

1 void ∗y ;2 y = a l l o c a ( s i z e ) ;3 func (x , y , z ) ;



Using alloca() to allocate memory has a few advantages overmalloc().

alloca() is faster than malloc().

The memory that alloca() allocates is automatically freedwhen the stack frame is removed.

Using alloca() can be especially useful if we employ longjmp()or siglongjmp() to perform a nonlocal goto from a signalhandler.


Summary

Using the malloc family of functions, a process candynamically allocate and release memory on the heap.

The alloca() function allocates memory on the stack.

tlpi - 7 memory allocation

Technology