fbpx
Wikipedia

C dynamic memory allocation

February 11, 2024

C dynamic memory allocation refers to performing manual memory management for dynamic memory allocation in the C programming language via a group of functions in the C standard library, namely malloc, realloc, calloc, aligned_alloc and free.[1][2][3]

The C++ programming language includes these functions; however, the operators new and delete provide similar functionality and are recommended by that language's authors.[4] Still, there are several situations in which using new/delete is not applicable, such as garbage collection code or performance-sensitive code, and a combination of malloc and placement new may be required instead of the higher-level new operator.

Many different implementations of the actual memory allocation mechanism, used by malloc, are available. Their performance varies in both execution time and required memory.

Rationale edit

The C programming language manages memory statically, automatically, or dynamically. Static-duration variables are allocated in main memory, usually along with the executable code of the program, and persist for the lifetime of the program; automatic-duration variables are allocated on the stack and come and go as functions are called and return. For static-duration and automatic-duration variables, the size of the allocation must be compile-time constant (except for the case of variable-length automatic arrays[5]). If the required size is not known until run-time (for example, if data of arbitrary size is being read from the user or from a disk file), then using fixed-size data objects is inadequate.

The lifetime of allocated memory can also cause concern. Neither static- nor automatic-duration memory is adequate for all situations. Automatic-allocated data cannot persist across multiple function calls, while static data persists for the life of the program whether it is needed or not. In many situations the programmer requires greater flexibility in managing the lifetime of allocated memory.

These limitations are avoided by using dynamic memory allocation, in which memory is more explicitly (but more flexibly) managed, typically by allocating it from the free store (informally called the "heap"),[citation needed] an area of memory structured for this purpose. In C, the library function malloc is used to allocate a block of memory on the heap. The program accesses this block of memory via a pointer that malloc returns. When the memory is no longer needed, the pointer is passed to free which deallocates the memory so that it can be used for other purposes.

The original description of C indicated that calloc and cfree were in the standard library, but not malloc. Code for a simple model implementation of a storage manager for Unix was given with alloc and free as the user interface functions, and using the sbrk system call to request memory from the operating system.[6] The 6th Edition Unix documentation gives alloc and free as the low-level memory allocation functions.[7] The malloc and free routines in their modern form are completely described in the 7th Edition Unix manual.[8][9]

Some platforms provide library or intrinsic function calls which allow run-time dynamic allocation from the C stack rather than the heap (e.g. alloca()[10]). This memory is automatically freed when the calling function ends.

Overview of functions edit

The C dynamic memory allocation functions are defined in stdlib.h header (cstdlib header in C++).[1]

Function Description
malloc allocates the specified number of bytes
aligned_alloc allocates the specified number of bytes at the specified alignment
realloc increases or decreases the size of the specified block of memory, moving it if necessary
calloc allocates the specified number of bytes and initializes them to zero
free releases the specified block of memory back to the system

Differences between malloc() and calloc() edit

  • malloc() takes a single argument (the amount of memory to allocate in bytes), while calloc() takes two arguments — the number of elements and the size of each element.
  • malloc() only allocates memory, while calloc() allocates and sets the bytes in the allocated region to zero.[11]

Usage example edit

Creating an array of ten integers with automatic scope is straightforward in C: 

int array[10];

However, the size of the array is fixed at compile time. If one wishes to allocate a similar array dynamically without using a variable-length array, which is not guaranteed to be supported in all C11 implementations, the following code can be used: 

int *array = malloc(10 * sizeof(int));

This computes the number of bytes that ten integers occupy in memory, then requests that many bytes from malloc and assigns the result to a pointer named array (due to C syntax, pointers and arrays can be used interchangeably in some situations).

Because malloc might not be able to service the request, it might return a null pointer and it is good programming practice to check for this: 

int *array = malloc(10 * sizeof(int)); if (array == NULL) {  fprintf(stderr, "malloc failed\n");  return -1; }

When the program no longer needs the dynamic array, it must eventually call free to return the memory it occupies to the free store: 

free(array);

The memory set aside by malloc is not initialized and may contain cruft: the remnants of previously used and discarded data. After allocation with malloc, elements of the array are uninitialized variables. The command calloc will return an allocation that has already been cleared: 

int *array = calloc(10, sizeof(int));

With realloc we can resize the amount of memory a pointer points to. For example, if we have a pointer acting as an array of size   and we want to change it to an array of size  , we can use realloc. 

int *arr = malloc(2 * sizeof(int)); arr[0] = 1; arr[1] = 2; arr = realloc(arr, 3 * sizeof(int)); arr[2] = 3;

Note that realloc must be assumed to have changed the base address of the block (i.e. if it has failed to extend the size of the original block, and has therefore allocated a new larger block elsewhere and copied the old contents into it). Therefore, any pointers to addresses within the original block are also no longer valid.

Type safety edit

malloc returns a void pointer (void *), which indicates that it is a pointer to a region of unknown data type. The use of casting is required in C++ due to the strong type system, whereas this is not the case in C. One may "cast" (see type conversion) this pointer to a specific type: 

int *ptr, *ptr2; ptr = malloc(10 * sizeof(*ptr)); /* without a cast */ ptr2 = (int *)malloc(10 * sizeof(*ptr)); /* with a cast */

There are advantages and disadvantages to performing such a cast.

Advantages to casting edit

  • Including the cast may allow a C program or function to compile as C++.
  • The cast allows for pre-1989 versions of malloc that originally returned a char *.[12]
  • Casting can help the developer identify inconsistencies in type sizing should the destination pointer type change, particularly if the pointer is declared far from the malloc() call (although modern compilers and static analysers can warn on such behaviour without requiring the cast[13]).

Disadvantages to casting edit

  • Under the C standard, the cast is redundant.
  • Adding the cast may mask failure to include the header stdlib.h, in which the function prototype for malloc is found.[12][14] In the absence of a prototype for malloc, the C90 standard requires that the C compiler assume malloc returns an int. If there is no cast, C90 requires a diagnostic when this integer is assigned to the pointer; however, with the cast, this diagnostic would not be produced, hiding a bug. On certain architectures and data models (such as LP64 on 64-bit systems, where long and pointers are 64-bit and int is 32-bit), this error can actually result in undefined behaviour, as the implicitly declared malloc returns a 32-bit value whereas the actually defined function returns a 64-bit value. Depending on calling conventions and memory layout, this may result in stack smashing. This issue is less likely to go unnoticed in modern compilers, as C99 does not permit implicit declarations, so the compiler must produce a diagnostic even if it does assume int return.
  • If the type of the pointer is changed at its declaration, one may also need to change all lines where malloc is called and cast.

Common errors edit

The improper use of dynamic memory allocation can frequently be a source of bugs. These can include security bugs or program crashes, most often due to segmentation faults.

Most common errors are as follows:[15]

Not checking for allocation failures
Memory allocation is not guaranteed to succeed, and may instead return a null pointer. Using the returned value, without checking if the allocation is successful, invokes undefined behavior. This usually leads to crash (due to the resulting segmentation fault on the null pointer dereference), but there is no guarantee that a crash will happen so relying on that can also lead to problems.
Memory leaks
Failure to deallocate memory using free leads to buildup of non-reusable memory, which is no longer used by the program. This wastes memory resources and can lead to allocation failures when these resources are exhausted.
Logical errors
All allocations must follow the same pattern: allocation using malloc, usage to store data, deallocation using free. Failures to adhere to this pattern, such as memory usage after a call to free (dangling pointer) or before a call to malloc (wild pointer), calling free twice ("double free"), etc., usually causes a segmentation fault and results in a crash of the program. These errors can be transient and hard to debug – for example, freed memory is usually not immediately reclaimed by the OS, and thus dangling pointers may persist for a while and appear to work.

In addition, as an interface that precedes ANSI C standardization, malloc and its associated functions have behaviors that were intentionally left to the implementation to define for themselves. One of them is the zero-length allocation, which is more of a problem with realloc since it is more common to resize to zero.[16] Although both POSIX and the Single Unix Specification require proper handling of 0-size allocations by either returning NULL or something else that can be safely freed,[17] not all platforms are required to abide by these rules. Among the many double-free errors that it has led to, the 2019 WhatsApp RCE was especially prominent.[18] A way to wrap these functions to make them safer is by simply checking for 0-size allocations and turning them into those of size 1. (Returning NULL has its own problems: it otherwise indicates an out-of-memory failure. In the case of realloc it would have signaled that the original memory was not moved and freed, which again is not the case for size 0, leading to the double-free.)[19]

Implementations edit

The implementation of memory management depends greatly upon operating system and architecture. Some operating systems supply an allocator for malloc, while others supply functions to control certain regions of data. The same dynamic memory allocator is often used to implement both malloc and the operator new in C++.[20]

Heap-based edit

See also: sbrk

Implementation of legacy allocators was commonly done using the heap segment. The allocator would usually expand and contract the heap to fulfill allocation requests.

The heap method suffers from a few inherent flaws:

  • A linear allocator can only shrink if the last allocation is released. Even if largely unused, the heap can get "stuck" at a very large size because of a small but long-lived allocation at its tip which could waste any amount of address space, although some allocators on some systems may be able to release entirely empty intermediate pages to the OS.
  • A linear allocator is sensitive to fragmentation, while a good allocator will attempt to track and reuse free slots through the entire heap, as allocation sizes and lifetimes get mixed it can be difficult and expensive to find or coalesce free segments large enough to hold new allocation requests.
  • A linear allocator has extremely poor concurrency characteristics, as the heap segment is per-process every thread has to synchronise on allocation, and concurrent allocations from threads which may have very different work loads amplifies the previous two issues.

dlmalloc and ptmalloc edit

Doug Lea has developed the public domain dlmalloc ("Doug Lea's Malloc") as a general-purpose allocator, starting in 1987. The GNU C library (glibc) is derived from Wolfram Gloger's ptmalloc ("pthreads malloc"), a fork of dlmalloc with threading-related improvements.[21][22][23] As of November 2023, the latest version of dlmalloc is version 2.8.6 from August 2012.[24]

dlmalloc is a boundary tag allocator. Memory on the heap is allocated as "chunks", an 8-byte aligned data structure which contains a header, and usable memory. Allocated memory contains an 8- or 16-byte overhead for the size of the chunk and usage flags (similar to a dope vector). Unallocated chunks also store pointers to other free chunks in the usable space area, making the minimum chunk size 16 bytes on 32-bit systems and 24/32 (depends on alignment) bytes on 64-bit systems.[22][24]: 2.8.6, Minimum allocated size 

Unallocated memory is grouped into "bins" of similar sizes, implemented by using a double-linked list of chunks (with pointers stored in the unallocated space inside the chunk). Bins are sorted by size into three classes:[22][24]: Overlaid data structures 

  • For requests below 256 bytes (a "smallbin" request), a simple two power best fit allocator is used. If there are no free blocks in that bin, a block from the next highest bin is split in two.
  • For requests of 256 bytes or above but below the mmap threshold, dlmalloc since v2.8.0 use an in-place bitwise trie algorithm ("treebin"). If there is no free space left to satisfy the request, dlmalloc tries to increase the size of the heap, usually via the brk system call. This feature was introduced way after ptmalloc was created (from v2.7.x), and as a result is not a part of glibc, which inherits the old best-fit allocator.
  • For requests above the mmap threshold (a "largebin" request), the memory is always allocated using the mmap system call. The threshold is usually 256 KB.[25] The mmap method averts problems with huge buffers trapping a small allocation at the end after their expiration, but always allocates an entire page of memory, which on many architectures is 4096 bytes in size.[26]

Game developer Adrian Stone argues that dlmalloc, as a boundary-tag allocator, is unfriendly for console systems that have virtual memory but do not have demand paging. This is because its pool-shrinking and growing callbacks (sysmalloc/systrim) cannot be used to allocate and commit individual pages of virtual memory. In the absence of demand paging, fragmentation becomes a greater concern.[27]

FreeBSD's and NetBSD's jemalloc edit

Since FreeBSD 7.0 and NetBSD 5.0, the old malloc implementation (phkmalloc by Poul-Henning Kamp) was replaced by jemalloc, written by Jason Evans. The main reason for this was a lack of scalability of phkmalloc in terms of multithreading. In order to avoid lock contention, jemalloc uses separate "arenas" for each CPU. Experiments measuring number of allocations per second in multithreading application have shown that this makes it scale linearly with the number of threads, while for both phkmalloc and dlmalloc performance was inversely proportional to the number of threads.[28]

OpenBSD's malloc edit

OpenBSD's implementation of the malloc function makes use of mmap. For requests greater in size than one page, the entire allocation is retrieved using mmap; smaller sizes are assigned from memory pools maintained by malloc within a number of "bucket pages", also allocated with mmap.[29][better source needed] On a call to free, memory is released and unmapped from the process address space using munmap. This system is designed to improve security by taking advantage of the address space layout randomization and gap page features implemented as part of OpenBSD's mmap system call, and to detect use-after-free bugs—as a large memory allocation is completely unmapped after it is freed, further use causes a segmentation fault and termination of the program.

The GrapheneOS project initially started out by porting OpenBSD's memory allocator to Android's Bionic C Library.[30]

Hoard malloc edit

Main article: Hoard memory allocator

Hoard is an allocator whose goal is scalable memory allocation performance. Like OpenBSD's allocator, Hoard uses mmap exclusively, but manages memory in chunks of 64 kilobytes called superblocks. Hoard's heap is logically divided into a single global heap and a number of per-processor heaps. In addition, there is a thread-local cache that can hold a limited number of superblocks. By allocating only from superblocks on the local per-thread or per-processor heap, and moving mostly-empty superblocks to the global heap so they can be reused by other processors, Hoard keeps fragmentation low while achieving near linear scalability with the number of threads.[31]

mimalloc edit

Main article: mimalloc

An open-source compact general-purpose memory allocator from Microsoft Research with focus on performance.[32] The library is about 11,000 lines of code.

Thread-caching malloc (tcmalloc) edit

Every thread has a thread-local storage for small allocations. For large allocations mmap or sbrk can be used. TCMalloc, a malloc developed by Google,[33] has garbage-collection for local storage of dead threads. The TCMalloc is considered to be more than twice as fast as glibc's ptmalloc for multithreaded programs.[34][35]

In-kernel edit

Operating system kernels need to allocate memory just as application programs do. The implementation of malloc within a kernel often differs significantly from the implementations used by C libraries, however. For example, memory buffers might need to conform to special restrictions imposed by DMA, or the memory allocation function might be called from interrupt context.[36] This necessitates a malloc implementation tightly integrated with the virtual memory subsystem of the operating system kernel.

Overriding malloc edit

Because malloc and its relatives can have a strong impact on the performance of a program, it is not uncommon to override the functions for a specific application by custom implementations that are optimized for application's allocation patterns. The C standard provides no way of doing this, but operating systems have found various ways to do this by exploiting dynamic linking. One way is to simply link in a different library to override the symbols. Another, employed by Unix System V.3, is to make malloc and free function pointers that an application can reset to custom functions.[37]

The most common form on POSIX-like systems is to set the environment variable LD_PRELOAD with the path of the allocator, so that the dynamic linker uses that version of malloc/calloc/free instead of the libc implementation.

Allocation size limits edit

The largest possible memory block malloc can allocate depends on the host system, particularly the size of physical memory and the operating system implementation.

Theoretically, the largest number should be the maximum value that can be held in a size_t type, which is an implementation-dependent unsigned integer representing the size of an area of memory. In the C99 standard and later, it is available as the SIZE_MAX constant from <stdint.h>. Although not guaranteed by ISO C, it is usually 2^(CHAR_BIT * sizeof(size_t)) - 1.

On glibc systems, the largest possible memory block malloc can allocate is only half this size, namely 2^(CHAR_BIT * sizeof(ptrdiff_t) - 1) - 1.[38]

Extensions and alternatives edit

The C library implementations shipping with various operating systems and compilers may come with alternatives and extensions to the standard malloc interface. Notable among these is:

  • alloca, which allocates a requested number of bytes on the call stack. No corresponding deallocation function exists, as typically the memory is deallocated as soon as the calling function returns. alloca was present on Unix systems as early as 32/V (1978), but its use can be problematic in some (e.g., embedded) contexts.[39] While supported by many compilers, it is not part of the ANSI-C standard and therefore may not always be portable. It may also cause minor performance problems: it leads to variable-size stack frames, so that both stack and frame pointers need to be managed (with fixed-size stack frames, one of these is redundant).[40] Larger allocations may also increase the risk of undefined behavior due to a stack overflow.[41] C99 offered variable-length arrays as an alternative stack allocation mechanism – however, this feature was relegated to optional in the later C11 standard.
  • POSIX defines a function posix_memalign that allocates memory with caller-specified alignment. Its allocations are deallocated with free,[42] so the implementation usually needs to be a part of the malloc library.

See also edit

References edit

  1. ^ a b 7.20.3 Memory management functions (PDF). ISO/IEC 9899:1999 specification (Technical report). p. 313.
  2. ^ Summit, Steve. "Chapter 11: Memory Allocation". C Programming Notes. Retrieved 2020-07-11.
  3. ^ "aligned_alloc(3) - Linux man page".
  4. ^ Stroustrup, Bjarne (2008). Programming: Principles and Practice Using C++. Addison Wesley. p. 1009. ISBN 978-0-321-54372-1.
  5. ^ "gcc manual". gnu.org. Retrieved 2008-12-14.
  6. ^ Brian W. Kernighan, Dennis M. Ritchie, The C Programming Language, Prentice-Hall, 1978; Section 7.9 (page 156) describes calloc and cfree, and Section 8.7 (page 173) describes an implementation for alloc and free.
  7. ^ alloc(3) – Version 6 Unix Programmer's Manual
  8. ^ malloc(3) – Version 7 Unix Programmer's Manual
  9. ^ Anonymous, Unix Programmer's Manual, Vol. 1, Holt Rinehart and Winston, 1983 (copyright held by Bell Telephone Laboratories, 1983, 1979); The man page for malloc etc. is given on page 275.
  10. ^ alloca(3) – FreeBSD Library Functions Manual
  11. ^ calloc(3) – Linux Programmer's Manual – Library Functions
  12. ^ a b "Casting malloc". Cprogramming.com. Retrieved 2007-03-09.
  13. ^ "clang: lib/StaticAnalyzer/Checkers/MallocSizeofChecker.cpp Source File". clang.llvm.org. Retrieved 2018-04-01.
  14. ^ "comp.lang.c FAQ list · Question 7.7b". C-FAQ. Retrieved 2007-03-09.
  15. ^ Reek, Kenneth (1997-08-04). Pointers on C (1 ed.). Pearson. ISBN 9780673999863.
  16. ^ "MEM04-C. Beware of zero-length allocations - SEI CERT C Coding Standard - Confluence". wiki.sei.cmu.edu.
  17. ^ "POSIX.1-2017: malloc". pubs.opengroup.org. Retrieved 2019-11-29.
  18. ^ Awakened (2019-10-02). "How a double-free bug in WhatsApp turns to RCE". Retrieved 2019-11-29.
  19. ^ Felker, Rich [@RichFelker] (2019-10-03). "Wow. The WhatsApp RCE was the wrong behavior for realloc(p,0) so many implementations insist on" (Tweet). Retrieved 2022-08-06 – via Twitter.
  20. ^ Alexandrescu, Andrei (2001). Modern C++ Design: Generic Programming and Design Patterns Applied. Addison-Wesley. p. 78.
  21. ^ "Wolfram Gloger's malloc homepage". malloc.de. Retrieved 2018-04-01.
  22. ^ a b c Kaempf, Michel (2001). "Vudo malloc tricks". Phrack (57): 8. from the original on 2009-01-22. Retrieved 2009-04-29.
  23. ^ "Glibc: Malloc Internals". sourceware.org Trac. Retrieved 2019-12-01.
  24. ^ a b c Lee, Doug. "A Memory Allocator". Retrieved 2019-12-01. HTTP for Source Code
  25. ^ "Malloc Tunable Parameters". GNU. Retrieved 2009-05-02.
  26. ^ Sanderson, Bruce (2004-12-12). "RAM, Virtual Memory, Pagefile and all that stuff". Microsoft Help and Support.
  27. ^ Stone, Adrian. "The Hole That dlmalloc Can't Fill". Game Angst. Retrieved 2019-12-01.
  28. ^ Evans, Jason (2006-04-16). "A Scalable Concurrent malloc(3) Implementation for FreeBSD" (PDF). Retrieved 2012-03-18.
  29. ^ "libc/stdlib/malloc.c". BSD Cross Reference, OpenBSD src/lib/.
  30. ^ "History | GrapheneOS". grapheneos.org. Retrieved 2023-03-02.
  31. ^ Berger, E. D.; McKinley, K. S.; Blumofe, R. D.; Wilson, P. R. (November 2000). Hoard: A Scalable Memory Allocator for Multithreaded Applications (PDF). ASPLOS-IX. Proceedings of the ninth international conference on Architectural support for programming languages and operating systems. pp. 117–128. CiteSeerX 10.1.1.1.4174. doi:10.1145/378993.379232. ISBN 1-58113-317-0.
  32. ^ Microsoft releases optimized malloc() as open source - Slashdot
  33. ^ TCMalloc homepage
  34. ^ Ghemawat, Sanjay; Menage, Paul; TCMalloc : Thread-Caching Malloc
  35. ^ Callaghan, Mark (2009-01-18). "High Availability MySQL: Double sysbench throughput with TCMalloc". Mysqlha.blogspot.com. Retrieved 2011-09-18.
  36. ^ "kmalloc()/kfree() include/linux/slab.h". People.netfilter.org. Retrieved 2011-09-18.
  37. ^ Levine, John R. (2000) [October 1999]. "Chapter 9: Shared libraries". Linkers and Loaders. The Morgan Kaufmann Series in Software Engineering and Programming (1 ed.). San Francisco, USA: Morgan Kaufmann. ISBN 1-55860-496-0. OCLC 42413382. Archived from the original on 2012-12-05. Retrieved 2020-01-12. Code: [1][2] Errata: [3]
  38. ^ "malloc: make malloc fail with requests larger than PTRDIFF_MAX". Sourceware Bugzilla. 2019-04-18. Retrieved 2020-07-30.
  39. ^ "Why is the use of alloca() not considered good practice?". stackoverflow.com. Retrieved 2016-01-05.
  40. ^ Amarasinghe, Saman; Leiserson, Charles (2010). . MIT OpenCourseWare. Massachusetts Institute of Technology. Archived from the original on 2015-06-22. Retrieved 2015-01-27.
  41. ^ "alloca(3) - Linux manual page". man7.org. Retrieved 2016-01-05.
  42. ^ posix_memalign – System Interfaces Reference, The Single UNIX Specification, Version 4 from The Open Group

External links edit

 
The Wikibook C Programming has a page on the topic of: C Programming/C Reference
 
Wikiversity has learning resources about C/Memory_Management
  • Definition of malloc in IEEE Std 1003.1 standard
  • Lea, Doug; The design of the basis of the glibc allocator
  • Gloger, Wolfram; The ptmalloc homepage
  • Berger, Emery; The Hoard homepage
  • Douglas, Niall; The nedmalloc homepage
  • Evans, Jason; The jemalloc homepage
  • Google; The tcmalloc homepage
  • on OSDEV Community
  • Michael, Maged M.; Scalable Lock-Free Dynamic Memory Allocation
  • Bartlett, Jonathan; Inside memory management – The choices, tradeoffs, and implementations of dynamic allocation
  • wiki page with much information about fixing malloc
  • C99 standard draft, including TC1/TC2/TC3
  • Some useful references about C
  • ISO/IEC 9899 – Programming languages – C
  • Understanding glibc malloc

February 11, 2024
dynamic, memory, allocation, refers, performing, manual, memory, management, dynamic, memory, allocation, programming, language, group, functions, standard, library, namely, malloc, realloc, calloc, aligned, alloc, free, programming, language, includes, these,. C dynamic memory allocation refers to performing manual memory management for dynamic memory allocation in the C programming language via a group of functions in the C standard library namely malloc realloc calloc aligned alloc and free 1 2 3 The C programming language includes these functions however the operators new and delete provide similar functionality and are recommended by that language s authors 4 Still there are several situations in which using new delete is not applicable such as garbage collection code or performance sensitive code and a combination of malloc and placement new may be required instead of the higher level new operator Many different implementations of the actual memory allocation mechanism used by malloc are available Their performance varies in both execution time and required memory Contents 1 Rationale 2 Overview of functions 2 1 Differences between malloc and calloc 3 Usage example 4 Type safety 4 1 Advantages to casting 4 2 Disadvantages to casting 5 Common errors 6 Implementations 6 1 Heap based 6 2 dlmalloc and ptmalloc 6 3 FreeBSD s and NetBSD s jemalloc 6 4 OpenBSD s malloc 6 5 Hoard malloc 6 6 mimalloc 6 7 Thread caching malloc tcmalloc 6 8 In kernel 7 Overriding malloc 8 Allocation size limits 9 Extensions and alternatives 10 See also 11 References 12 External linksRationale editThe C programming language manages memory statically automatically or dynamically Static duration variables are allocated in main memory usually along with the executable code of the program and persist for the lifetime of the program automatic duration variables are allocated on the stack and come and go as functions are called and return For static duration and automatic duration variables the size of the allocation must be compile time constant except for the case of variable length automatic arrays 5 If the required size is not known until run time for example if data of arbitrary size is being read from the user or from a disk file then using fixed size data objects is inadequate The lifetime of allocated memory can also cause concern Neither static nor automatic duration memory is adequate for all situations Automatic allocated data cannot persist across multiple function calls while static data persists for the life of the program whether it is needed or not In many situations the programmer requires greater flexibility in managing the lifetime of allocated memory These limitations are avoided by using dynamic memory allocation in which memory is more explicitly but more flexibly managed typically by allocating it from the free store informally called the heap citation needed an area of memory structured for this purpose In C the library function malloc is used to allocate a block of memory on the heap The program accesses this block of memory via a pointer that malloc returns When the memory is no longer needed the pointer is passed to free which deallocates the memory so that it can be used for other purposes The original description of C indicated that calloc and cfree were in the standard library but not malloc Code for a simple model implementation of a storage manager for Unix was given with alloc and free as the user interface functions and using the a href Sbrk html title Sbrk sbrk a system call to request memory from the operating system 6 The 6th Edition Unix documentation gives alloc and free as the low level memory allocation functions 7 The malloc and free routines in their modern form are completely described in the 7th Edition Unix manual 8 9 Some platforms provide library or intrinsic function calls which allow run time dynamic allocation from the C stack rather than the heap e g alloca 10 This memory is automatically freed when the calling function ends Overview of functions editThe C dynamic memory allocation functions are defined in stdlib h header cstdlib header in C 1 Function Description span class n malloc span allocates the specified number of bytes span class n aligned alloc span allocates the specified number of bytes at the specified alignment span class n realloc span increases or decreases the size of the specified block of memory moving it if necessary span class n calloc span allocates the specified number of bytes and initializes them to zero span class n free span releases the specified block of memory back to the systemDifferences between malloc and calloc edit malloc takes a single argument the amount of memory to allocate in bytes while calloc takes two arguments the number of elements and the size of each element malloc only allocates memory while calloc allocates and sets the bytes in the allocated region to zero 11 Usage example editCreating an array of ten integers with automatic scope is straightforward in C int array 10 However the size of the array is fixed at compile time If one wishes to allocate a similar array dynamically without using a variable length array which is not guaranteed to be supported in all C11 implementations the following code can be used int array malloc 10 sizeof int This computes the number of bytes that ten integers occupy in memory then requests that many bytes from malloc and assigns the result to a pointer named array due to C syntax pointers and arrays can be used interchangeably in some situations Because malloc might not be able to service the request it might return a null pointer and it is good programming practice to check for this int array malloc 10 sizeof int if array NULL fprintf stderr malloc failed n return 1 When the program no longer needs the dynamic array it must eventually call free to return the memory it occupies to the free store free array The memory set aside by malloc is not initialized and may contain cruft the remnants of previously used and discarded data After allocation with malloc elements of the array are uninitialized variables The command calloc will return an allocation that has already been cleared int array calloc 10 sizeof int With realloc we can resize the amount of memory a pointer points to For example if we have a pointer acting as an array of size n displaystyle n nbsp and we want to change it to an array of size m displaystyle m nbsp we can use realloc int arr malloc 2 sizeof int arr 0 1 arr 1 2 arr realloc arr 3 sizeof int arr 2 3 Note that realloc must be assumed to have changed the base address of the block i e if it has failed to extend the size of the original block and has therefore allocated a new larger block elsewhere and copied the old contents into it Therefore any pointers to addresses within the original block are also no longer valid Type safety editmalloc returns a void pointer void which indicates that it is a pointer to a region of unknown data type The use of casting is required in C due to the strong type system whereas this is not the case in C One may cast see type conversion this pointer to a specific type int ptr ptr2 ptr malloc 10 sizeof ptr without a cast ptr2 int malloc 10 sizeof ptr with a cast There are advantages and disadvantages to performing such a cast Advantages to casting edit Including the cast may allow a C program or function to compile as C The cast allows for pre 1989 versions of malloc that originally returned a char 12 Casting can help the developer identify inconsistencies in type sizing should the destination pointer type change particularly if the pointer is declared far from the malloc call although modern compilers and static analysers can warn on such behaviour without requiring the cast 13 Disadvantages to casting edit Under the C standard the cast is redundant Adding the cast may mask failure to include the header stdlib h in which the function prototype for malloc is found 12 14 In the absence of a prototype for malloc the C90 standard requires that the C compiler assume malloc returns an int If there is no cast C90 requires a diagnostic when this integer is assigned to the pointer however with the cast this diagnostic would not be produced hiding a bug On certain architectures and data models such as LP64 on 64 bit systems where long and pointers are 64 bit and int is 32 bit this error can actually result in undefined behaviour as the implicitly declared malloc returns a 32 bit value whereas the actually defined function returns a 64 bit value Depending on calling conventions and memory layout this may result in stack smashing This issue is less likely to go unnoticed in modern compilers as C99 does not permit implicit declarations so the compiler must produce a diagnostic even if it does assume int return If the type of the pointer is changed at its declaration one may also need to change all lines where malloc is called and cast Common errors editThe improper use of dynamic memory allocation can frequently be a source of bugs These can include security bugs or program crashes most often due to segmentation faults Most common errors are as follows 15 Not checking for allocation failures Memory allocation is not guaranteed to succeed and may instead return a null pointer Using the returned value without checking if the allocation is successful invokes undefined behavior This usually leads to crash due to the resulting segmentation fault on the null pointer dereference but there is no guarantee that a crash will happen so relying on that can also lead to problems Memory leaks Failure to deallocate memory using free leads to buildup of non reusable memory which is no longer used by the program This wastes memory resources and can lead to allocation failures when these resources are exhausted Logical errors All allocations must follow the same pattern allocation using malloc usage to store data deallocation using free Failures to adhere to this pattern such as memory usage after a call to free dangling pointer or before a call to malloc wild pointer calling free twice double free etc usually causes a segmentation fault and results in a crash of the program These errors can be transient and hard to debug for example freed memory is usually not immediately reclaimed by the OS and thus dangling pointers may persist for a while and appear to work In addition as an interface that precedes ANSI C standardization malloc and its associated functions have behaviors that were intentionally left to the implementation to define for themselves One of them is the zero length allocation which is more of a problem with realloc since it is more common to resize to zero 16 Although both POSIX and the Single Unix Specification require proper handling of 0 size allocations by either returning NULL or something else that can be safely freed 17 not all platforms are required to abide by these rules Among the many double free errors that it has led to the 2019 WhatsApp RCE was especially prominent 18 A way to wrap these functions to make them safer is by simply checking for 0 size allocations and turning them into those of size 1 Returning NULL has its own problems it otherwise indicates an out of memory failure In the case of realloc it would have signaled that the original memory was not moved and freed which again is not the case for size 0 leading to the double free 19 Implementations editThe implementation of memory management depends greatly upon operating system and architecture Some operating systems supply an allocator for malloc while others supply functions to control certain regions of data The same dynamic memory allocator is often used to implement both malloc and the operator new in C 20 Heap based edit See also sbrk Implementation of legacy allocators was commonly done using the heap segment The allocator would usually expand and contract the heap to fulfill allocation requests The heap method suffers from a few inherent flaws A linear allocator can only shrink if the last allocation is released Even if largely unused the heap can get stuck at a very large size because of a small but long lived allocation at its tip which could waste any amount of address space although some allocators on some systems may be able to release entirely empty intermediate pages to the OS A linear allocator is sensitive to fragmentation while a good allocator will attempt to track and reuse free slots through the entire heap as allocation sizes and lifetimes get mixed it can be difficult and expensive to find or coalesce free segments large enough to hold new allocation requests A linear allocator has extremely poor concurrency characteristics as the heap segment is per process every thread has to synchronise on allocation and concurrent allocations from threads which may have very different work loads amplifies the previous two issues dlmalloc and ptmalloc edit Doug Lea has developed the public domain dlmalloc Doug Lea s Malloc as a general purpose allocator starting in 1987 The GNU C library glibc is derived from Wolfram Gloger s ptmalloc pthreads malloc a fork of dlmalloc with threading related improvements 21 22 23 As of November 2023 the latest version of dlmalloc is version 2 8 6 from August 2012 24 dlmalloc is a boundary tag allocator Memory on the heap is allocated as chunks an 8 byte aligned data structure which contains a header and usable memory Allocated memory contains an 8 or 16 byte overhead for the size of the chunk and usage flags similar to a dope vector Unallocated chunks also store pointers to other free chunks in the usable space area making the minimum chunk size 16 bytes on 32 bit systems and 24 32 depends on alignment bytes on 64 bit systems 22 24 2 8 6 Minimum allocated size Unallocated memory is grouped into bins of similar sizes implemented by using a double linked list of chunks with pointers stored in the unallocated space inside the chunk Bins are sorted by size into three classes 22 24 Overlaid data structures For requests below 256 bytes a smallbin request a simple two power best fit allocator is used If there are no free blocks in that bin a block from the next highest bin is split in two For requests of 256 bytes or above but below the mmap threshold dlmalloc since v2 8 0 use an in place bitwise trie algorithm treebin If there is no free space left to satisfy the request dlmalloc tries to increase the size of the heap usually via the brk system call This feature was introduced way after ptmalloc was created from v2 7 x and as a result is not a part of glibc which inherits the old best fit allocator For requests above the mmap threshold a largebin request the memory is always allocated using the mmap system call The threshold is usually 256 KB 25 The mmap method averts problems with huge buffers trapping a small allocation at the end after their expiration but always allocates an entire page of memory which on many architectures is 4096 bytes in size 26 Game developer Adrian Stone argues that dlmalloc as a boundary tag allocator is unfriendly for console systems that have virtual memory but do not have demand paging This is because its pool shrinking and growing callbacks sysmalloc systrim cannot be used to allocate and commit individual pages of virtual memory In the absence of demand paging fragmentation becomes a greater concern 27 FreeBSD s and NetBSD s jemalloc edit Since FreeBSD 7 0 and NetBSD 5 0 the old malloc implementation phkmalloc by Poul Henning Kamp was replaced by jemalloc written by Jason Evans The main reason for this was a lack of scalability of phkmalloc in terms of multithreading In order to avoid lock contention jemalloc uses separate arenas for each CPU Experiments measuring number of allocations per second in multithreading application have shown that this makes it scale linearly with the number of threads while for both phkmalloc and dlmalloc performance was inversely proportional to the number of threads 28 OpenBSD s malloc edit OpenBSD s implementation of the malloc function makes use of mmap For requests greater in size than one page the entire allocation is retrieved using mmap smaller sizes are assigned from memory pools maintained by malloc within a number of bucket pages also allocated with mmap 29 better source needed On a call to free memory is released and unmapped from the process address space using munmap This system is designed to improve security by taking advantage of the address space layout randomization and gap page features implemented as part of OpenBSD s mmap system call and to detect use after free bugs as a large memory allocation is completely unmapped after it is freed further use causes a segmentation fault and termination of the program The GrapheneOS project initially started out by porting OpenBSD s memory allocator to Android s Bionic C Library 30 Hoard malloc edit Main article Hoard memory allocator Hoard is an allocator whose goal is scalable memory allocation performance Like OpenBSD s allocator Hoard uses mmap exclusively but manages memory in chunks of 64 kilobytes called superblocks Hoard s heap is logically divided into a single global heap and a number of per processor heaps In addition there is a thread local cache that can hold a limited number of superblocks By allocating only from superblocks on the local per thread or per processor heap and moving mostly empty superblocks to the global heap so they can be reused by other processors Hoard keeps fragmentation low while achieving near linear scalability with the number of threads 31 mimalloc edit Main article mimalloc An open source compact general purpose memory allocator from Microsoft Research with focus on performance 32 The library is about 11 000 lines of code Thread caching malloc tcmalloc edit Every thread has a thread local storage for small allocations For large allocations mmap or sbrk can be used TCMalloc a malloc developed by Google 33 has garbage collection for local storage of dead threads The TCMalloc is considered to be more than twice as fast as glibc s ptmalloc for multithreaded programs 34 35 In kernel edit Operating system kernels need to allocate memory just as application programs do The implementation of malloc within a kernel often differs significantly from the implementations used by C libraries however For example memory buffers might need to conform to special restrictions imposed by DMA or the memory allocation function might be called from interrupt context 36 This necessitates a malloc implementation tightly integrated with the virtual memory subsystem of the operating system kernel Overriding malloc editBecause malloc and its relatives can have a strong impact on the performance of a program it is not uncommon to override the functions for a specific application by custom implementations that are optimized for application s allocation patterns The C standard provides no way of doing this but operating systems have found various ways to do this by exploiting dynamic linking One way is to simply link in a different library to override the symbols Another employed by Unix System V 3 is to make malloc and free function pointers that an application can reset to custom functions 37 The most common form on POSIX like systems is to set the environment variable LD PRELOAD with the path of the allocator so that the dynamic linker uses that version of malloc calloc free instead of the libc implementation Allocation size limits editThe largest possible memory block malloc can allocate depends on the host system particularly the size of physical memory and the operating system implementation Theoretically the largest number should be the maximum value that can be held in a a href Size t html class mw redirect title Size t size t a type which is an implementation dependent unsigned integer representing the size of an area of memory In the C99 standard and later it is available as the SIZE MAX constant from lt a href Stdint h html class mw redirect title Stdint h stdint h a gt Although not guaranteed by ISO C it is usually 2 CHAR BIT a href Sizeof html title Sizeof sizeof a size t 1 On glibc systems the largest possible memory block malloc can allocate is only half this size namely 2 CHAR BIT a href Sizeof html title Sizeof sizeof a ptrdiff t 1 1 38 Extensions and alternatives editThe C library implementations shipping with various operating systems and compilers may come with alternatives and extensions to the standard malloc interface Notable among these is a href Alloca html class mw redirect title Alloca alloca a which allocates a requested number of bytes on the call stack No corresponding deallocation function exists as typically the memory is deallocated as soon as the calling function returns alloca was present on Unix systems as early as 32 V 1978 but its use can be problematic in some e g embedded contexts 39 While supported by many compilers it is not part of the ANSI C standard and therefore may not always be portable It may also cause minor performance problems it leads to variable size stack frames so that both stack and frame pointers need to be managed with fixed size stack frames one of these is redundant 40 Larger allocations may also increase the risk of undefined behavior due to a stack overflow 41 C99 offered variable length arrays as an alternative stack allocation mechanism however this feature was relegated to optional in the later C11 standard POSIX defines a function posix memalign that allocates memory with caller specified alignment Its allocations are deallocated with free 42 so the implementation usually needs to be a part of the malloc library See also editBuffer overflow Memory debugger Memory protection Page size Variable length arrayReferences edit a b 7 20 3 Memory management functions PDF ISO IEC 9899 1999 specification Technical report p 313 Summit Steve Chapter 11 Memory Allocation C Programming Notes Retrieved 2020 07 11 aligned alloc 3 Linux man page Stroustrup Bjarne 2008 Programming Principles and Practice Using C Addison Wesley p 1009 ISBN 978 0 321 54372 1 gcc manual gnu org Retrieved 2008 12 14 Brian W Kernighan Dennis M Ritchie The C Programming Language Prentice Hall 1978 Section 7 9 page 156 describes calloc and cfree and Section 8 7 page 173 describes an implementation for alloc and free alloc 3 Version 6 Unix Programmer s Manual malloc 3 Version 7 Unix Programmer s Manual Anonymous Unix Programmer s Manual Vol 1 Holt Rinehart and Winston 1983 copyright held by Bell Telephone Laboratories 1983 1979 The man page for malloc etc is given on page 275 alloca 3 FreeBSD Library Functions Manual calloc 3 Linux Programmer s Manual Library Functions a b Casting malloc Cprogramming com Retrieved 2007 03 09 clang lib StaticAnalyzer Checkers MallocSizeofChecker cpp Source File clang llvm org Retrieved 2018 04 01 comp lang c FAQ list Question 7 7b C FAQ Retrieved 2007 03 09 Reek Kenneth 1997 08 04 Pointers on C 1 ed Pearson ISBN 9780673999863 MEM04 C Beware of zero length allocations SEI CERT C Coding Standard Confluence wiki sei cmu edu POSIX 1 2017 malloc pubs opengroup org Retrieved 2019 11 29 Awakened 2019 10 02 How a double free bug in WhatsApp turns to RCE Retrieved 2019 11 29 Felker Rich RichFelker 2019 10 03 Wow The WhatsApp RCE was the wrong behavior for realloc p 0 so many implementations insist on Tweet Retrieved 2022 08 06 via Twitter Alexandrescu Andrei 2001 Modern C Design Generic Programming and Design Patterns Applied Addison Wesley p 78 Wolfram Gloger s malloc homepage malloc de Retrieved 2018 04 01 a b c Kaempf Michel 2001 Vudo malloc tricks Phrack 57 8 Archived from the original on 2009 01 22 Retrieved 2009 04 29 Glibc Malloc Internals sourceware org Trac Retrieved 2019 12 01 a b c Lee Doug A Memory Allocator Retrieved 2019 12 01 HTTP for Source Code Malloc Tunable Parameters GNU Retrieved 2009 05 02 Sanderson Bruce 2004 12 12 RAM Virtual Memory Pagefile and all that stuff Microsoft Help and Support Stone Adrian The Hole That dlmalloc Can t Fill Game Angst Retrieved 2019 12 01 Evans Jason 2006 04 16 A Scalable Concurrent malloc 3 Implementation for FreeBSD PDF Retrieved 2012 03 18 libc stdlib malloc c BSD Cross Reference OpenBSD src lib History GrapheneOS grapheneos org Retrieved 2023 03 02 Berger E D McKinley K S Blumofe R D Wilson P R November 2000 Hoard A Scalable Memory Allocator for Multithreaded Applications PDF ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems pp 117 128 CiteSeerX 10 1 1 1 4174 doi 10 1145 378993 379232 ISBN 1 58113 317 0 Microsoft releases optimized malloc as open source Slashdot TCMalloc homepage Ghemawat Sanjay Menage Paul TCMalloc Thread Caching Malloc Callaghan Mark 2009 01 18 High Availability MySQL Double sysbench throughput with TCMalloc Mysqlha blogspot com Retrieved 2011 09 18 kmalloc kfree include linux slab h People netfilter org Retrieved 2011 09 18 Levine John R 2000 October 1999 Chapter 9 Shared libraries Linkers and Loaders The Morgan Kaufmann Series in Software Engineering and Programming 1 ed San Francisco USA Morgan Kaufmann ISBN 1 55860 496 0 OCLC 42413382 Archived from the original on 2012 12 05 Retrieved 2020 01 12 Code 1 2 Errata 3 malloc make malloc fail with requests larger than PTRDIFF MAX Sourceware Bugzilla 2019 04 18 Retrieved 2020 07 30 Why is the use of alloca not considered good practice stackoverflow com Retrieved 2016 01 05 Amarasinghe Saman Leiserson Charles 2010 6 172 Performance Engineering of Software Systems Lecture 10 MIT OpenCourseWare Massachusetts Institute of Technology Archived from the original on 2015 06 22 Retrieved 2015 01 27 alloca 3 Linux manual page man7 org Retrieved 2016 01 05 posix memalign System Interfaces Reference The Single UNIX Specification Version 4 from The Open GroupExternal links edit nbsp The Wikibook C Programming has a page on the topic of C Programming C Reference nbsp Wikiversity has learning resources about C Memory Management Definition of malloc in IEEE Std 1003 1 standard Lea Doug The design of the basis of the glibc allocator Gloger Wolfram The ptmalloc homepage Berger Emery The Hoard homepage Douglas Niall The nedmalloc homepage Evans Jason The jemalloc homepage Google The tcmalloc homepage Simple Memory Allocation Algorithms on OSDEV Community Michael Maged M Scalable Lock Free Dynamic Memory Allocation Bartlett Jonathan Inside memory management The choices tradeoffs and implementations of dynamic allocation Memory Reduction GNOME wiki page with much information about fixing malloc C99 standard draft including TC1 TC2 TC3 Some useful references about C ISO IEC 9899 Programming languages C Understanding glibc malloc Retrieved from https en wikipedia org w index php title C dynamic memory allocation amp oldid 1204200711, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.