Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of memory management

Published byChristopher Weaver Modified over 7 years ago

Similar presentations

Presentation on theme: "Overview of memory management"— Presentation transcript:

1 Overview of memory management
Stack-allocated memory When a function is called, memory is allocated for all of its parameters and local variables. Each active function call has memory on the stack (with the current function call on top) When a function call terminates, the memory is deallocated (“freed up”) Ex: main() calls f(), f() calls g() g() recursively calls g() g() g() f() main() CS 3090: Safety Critical Programming in C

2 Overview of memory management
Heap-allocated memory This is used for persistent data, that must survive beyond the lifetime of a function call global variables dynamically allocated memory – C statements can create new heap data (similar to new in Java/C++) Heap memory is allocated in a more complex way than stack memory Like stack-allocated memory, the underlying system determines where to get more memory – the programmer doesn’t have to search for free memory space! CS 3090: Safety Critical Programming in C

3 Allocating new heap memory
Note: void * denotes a generic pointer type Allocating new heap memory void *malloc(size_t size); Allocate a block of size bytes, return a pointer to the block (NULL if unable to allocate block) void *calloc(size_t num_elements, size_t element_size); Allocate a block of num_elements * element_size bytes, initialize every byte to zero, return pointer to the block CS 3090: Safety Critical Programming in C

4 Allocating new heap memory
void *realloc(void *ptr, size_t new_size); Given a previously allocated block starting at ptr, change the block size to new_size, return pointer to resized block If block size is increased, contents of old block may be copied to a completely different region In this case, the pointer returned will be different from the ptr argument, and ptr will no longer point to a valid memory region If ptr is NULL, realloc is identical to malloc Note: may need to cast return value of malloc/calloc/realloc: char *p = (char *) malloc(BUFFER_SIZE); CS 3090: Safety Critical Programming in C

5 Deallocating heap memory
void free(void *pointer); Given a pointer to previously allocated memory, put the region back in the heap of unallocated memory Note: easy to forget to free memory when no longer needed... especially if you’re used to a language with “garbage collection” like Java This is the source of the notorious “memory leak” problem Difficult to trace – the program will run fine for some time, until suddenly there is no more memory! CS 3090: Safety Critical Programming in C

6 Checking for successful allocation
Call to malloc might fail to allocate memory, if there’s not enough available Easy to forget this check, annoying to have to do it every time malloc is called... Reek’s solution: #define malloc DON’T CALL malloc DIRECTLY! #define MALLOC(num,type) (type *)alloc((num)*sizeof(type)) extern void *alloc(size_t size); Garbage inserted into source code if programmer uses malloc Use MALLOC instead... Scales memory region appropriately (Note use of parameters in #define) Also, calls “safe” alloc function CS 3090: Safety Critical Programming in C

7 Checking for successful allocation
implementation of alloc: #undef malloc void *alloc(size_t size) { void *new_mem; new_mem = malloc(size); if (new_mem == NULL) exit(1); return new_mem; } Nice solution – as long as “terminate the program” is always the right response CS 3090: Safety Critical Programming in C

8 Memory errors Using memory that you have not initialized
Using memory that you do not own Using more memory than you have allocated Using faulty heap memory management CS 3090: Safety Critical Programming in C

9 Using memory that you have not initialized
Uninitialized memory read Uninitialized memory copy not necessarily critical – unless a memory read follows void foo(int *pi) { int j; *pi = j; /* UMC: j is uninitialized, copied into *pi */ } void bar() { int i=10; foo(&i); printf("i = %d\n", i); /* UMR: Using i, which is now junk value */ CS 3090: Safety Critical Programming in C

10 Using memory that you don’t own
Null pointer read/write Zero page read/write typedef struct node { struct node* next; int val; } Node; int findLastNodeValue(Node* head) { while (head->next != NULL) { /* Expect NPR */ head = head->next; } return head->val; /* Expect ZPR */ What if head is NULL? CS 3090: Safety Critical Programming in C

11 Using memory that you don’t own
Invalid pointer read/write Pointer to memory that hasn’t been allocated to program void genIPR() { int *ipr = (int *) malloc(4 * sizeof(int)); int i, j; i = *(ipr ); j = *(ipr ); /* Expect IPR */ free(ipr); } void genIPW() { int *ipw = (int *) malloc(5 * sizeof(int)); *(ipw ) = 0; *(ipw ) = 0; /* Expect IPW */ free(ipw); CS 3090: Safety Critical Programming in C

12 Using memory that you don’t own
Common error in 64-bit applications: ints are 4 bytes but pointers are 8 bytes If prototype of malloc() not provided, return value will be cast to a 4-byte int /*Forgot to #include <malloc.h>, <stdlib.h> in a 64-bit application*/ void illegalPointer() { int *pi = (int*) malloc(4 * sizeof(int)); pi[0] = 10; /* Expect IPW */ printf("Array value = %d\n", pi[0]); /* Expect IPR */ } Four bytes will be lopped off this value – resulting in an invalid pointer value CS 3090: Safety Critical Programming in C

13 Using memory that you don’t own
Free memory read/write Access of memory that has been freed earlier int* init_array(int *ptr, int new_size) { ptr = (int*) realloc(ptr, new_size*sizeof(int)); memset(ptr, 0, new_size*sizeof(int)); return ptr; } int* fill_fibonacci(int *fib, int size) { int i; /* oops, forgot: fib = */ init_array(fib, size); /* fib[0] = 0; */ fib[1] = 1; for (i=2; i<size; i++) fib[i] = fib[i-1] + fib[i-2]; return fib; Remember: realloc may move entire block What if array is moved to new location? CS 3090: Safety Critical Programming in C

14 Using memory that you don’t own
Beyond stack read/write char *append(const char* s1, const char *s2) { const int MAXSIZE = 128; char result[128]; int i=0, j=0; for (j=0; i<MAXSIZE-1 && j<strlen(s1); i++,j++) { result[i] = s1[j]; } for (j=0; i<MAXSIZE-1 && j<strlen(s2); i++,j++) { result[i] = s2[j]; result[++i] = '\0'; return result; result is a local array name – stack memory allocated Function returns pointer to stack memory – won’t be valid after function returns CS 3090: Safety Critical Programming in C

15 Using memory that you haven’t allocated
Array bound read/write void genABRandABW() { const char *name = “Safety Critical"; char *str = (char*) malloc(10); strncpy(str, name, 10); str[11] = '\0'; /* Expect ABW */ printf("%s\n", str); /* Expect ABR */ } CS 3090: Safety Critical Programming in C

16 Faulty heap management
Memory leak int *pi; void foo() { pi = (int*) malloc(8*sizeof(int)); /* Allocate memory for pi */ /* Oops, leaked the old memory pointed to by pi */ free(pi); /* foo() is done with pi, so free it */ } void main() { pi = (int*) malloc(4*sizeof(int)); /* Expect MLK: foo leaks it */ foo(); CS 3090: Safety Critical Programming in C

17 Faulty heap management
Potential memory leak no pointer to the beginning of a block not necessarily critical – block beginning may still be reachable via pointer arithmetic int *plk = NULL; void genPLK() { plk = (int *) malloc(2 * sizeof(int)); /* Expect PLK as pointer variable is incremented past beginning of block */ plk++; } CS 3090: Safety Critical Programming in C

18 Faulty heap management
Freeing non-heap memory Freeing unallocated memory void genFNH() { int fnh = 0; free(&fnh); /* Expect FNH: freeing stack memory */ } void genFUM() { int *fum = (int *) malloc(4 * sizeof(int)); free(fum+1); /* Expect FUM: fum+1 points to middle of a block */ free(fum); free(fum); /* Expect FUM: freeing already freed memory */ CS 3090: Safety Critical Programming in C

19 Tools for analyzing memory management
Purify: runtime analysis for finding memory errors dynamic analysis tool: collects information on memory management while program runs contrast with static analysis tool like lint, which analyzes source code without compiling, executing it CS 3090: Safety Critical Programming in C

20 Reference S.C. Gupta and S. Sreenivasamurthy. “Navigating ‘C’ in a ‘leaky’ boat? Try Purify”. al/library/06/0822_satish-giridhar/ CS 3090: Safety Critical Programming in C

21 THANK YOU CS 3090: Safety Critical Programming in C

Download ppt "Overview of memory management"

Similar presentations

Dynamic memory allocation

Dynamic memory allocation
Carnegie Mellon 1 Dynamic Memory Allocation: Basic Concepts 15-213: Introduction to Computer Systems 17 th Lecture, Oct. 21, 2010 Instructors: Randy Bryant.

Carnegie Mellon 1 Dynamic Memory Allocation: Basic Concepts : Introduction to Computer Systems 17 th Lecture, Oct. 21, 2010 Instructors: Randy Bryant.
Chris Riesbeck, Fall 2007 Dynamic Memory Allocation Today Dynamic memory allocation – mechanisms & policies Memory bugs.

Chris Riesbeck, Fall 2007 Dynamic Memory Allocation Today Dynamic memory allocation – mechanisms & policies Memory bugs.
Various languages….  Could affect performance  Could affect reliability  Could affect language choice.

Various languages….  Could affect performance  Could affect reliability  Could affect language choice.
CS1061: C Programming Lecture 21: Dynamic Memory Allocation and Variations on struct A. O’Riordan, 2004, 2007 updated.

CS1061: C Programming Lecture 21: Dynamic Memory Allocation and Variations on struct A. O’Riordan, 2004, 2007 updated.
16.216 ECE Application Programming Instructor: Dr. Michael Geiger Fall 2012 Lecture 31: Dynamic memory allocation.

ECE Application Programming Instructor: Dr. Michael Geiger Fall 2012 Lecture 31: Dynamic memory allocation.
Dynamic memory allocation in C (Reek, Ch. 11) 1CS 3090: Safety Critical Programming in C.

Dynamic memory allocation in C (Reek, Ch. 11) 1CS 3090: Safety Critical Programming in C.
Spring 2005, Gülcihan Özdemir Dağ Lecture 12, Page 1 BIL104E: Introduction to Scientific and Engineering Computing, Spring 2005. Lecture 12 Outline 12.1Introduction.

Spring 2005, Gülcihan Özdemir Dağ Lecture 12, Page 1 BIL104E: Introduction to Scientific and Engineering Computing, Spring Lecture 12 Outline 12.1Introduction.
Growing Arrays in C Language. When to Use Do not use Growing Sorted Array –O(n 2 ) Operation –Avoid when n is large Use Keep track of a variable –Few.

Growing Arrays in C Language. When to Use Do not use Growing Sorted Array –O(n 2 ) Operation –Avoid when n is large Use Keep track of a variable –Few.
CS 61C: Great Ideas in Computer Architecture (Machine Structures) Dynamic Memory Management Instructors: Randy H. Katz David A. Patterson

CS 61C: Great Ideas in Computer Architecture (Machine Structures) Dynamic Memory Management Instructors: Randy H. Katz David A. Patterson
Growing Arrays in C By: Victoria Tielebein CS 265- Spring 2011.

Growing Arrays in C By: Victoria Tielebein CS 265- Spring 2011.
Pointer applications. Arrays and pointers Name of an array is a pointer constant to the first element whose value cannot be changed Address and name refer.

Pointer applications. Arrays and pointers Name of an array is a pointer constant to the first element whose value cannot be changed Address and name refer.
CS 61C: Great Ideas in Computer Architecture Introduction to C, Part III Instructors: Krste Asanovic & Vladimir Stojanovic

CS 61C: Great Ideas in Computer Architecture Introduction to C, Part III Instructors: Krste Asanovic & Vladimir Stojanovic
Memory allocation CSE 2451 Matt Boggus. sizeof The sizeof unary operator will return the number of bytes reserved for a variable or data type. Determine:

Memory allocation CSE 2451 Matt Boggus. sizeof The sizeof unary operator will return the number of bytes reserved for a variable or data type. Determine:
Discussion: Week 3/26. Structs: Used to hold associated data together Used to group together different types of variables under the same name struct Telephone{

Discussion: Week 3/26. Structs: Used to hold associated data together Used to group together different types of variables under the same name struct Telephone{
Finding Bugs with DevPartner Studio Error Detection Philippe CHARMAN Polytech’Nice – Sophia.

Finding Bugs with DevPartner Studio Error Detection Philippe CHARMAN Polytech’Nice – Sophia.
Programming III SPRING 2015 School of Computer and Information Sciences Francisco R. Ortega, Ph.D. McKnight Fellow and GAANN Fellow LECTURE #5 More about.

Programming III SPRING 2015 School of Computer and Information Sciences Francisco R. Ortega, Ph.D. McKnight Fellow and GAANN Fellow LECTURE #5 More about.
Memory Arrangement Memory is arrange in a sequence of addressable units (usually bytes) –sizeof( ) return the number of units it takes to store a type.

Memory Arrangement Memory is arrange in a sequence of addressable units (usually bytes) –sizeof( ) return the number of units it takes to store a type.
CS 61C: Great Ideas in Computer Architecture Lecture 4: Introduction to C, Part III Instructor: Sagar Karandikar

CS 61C: Great Ideas in Computer Architecture Lecture 4: Introduction to C, Part III Instructor: Sagar Karandikar
Pointers Applications

Pointers Applications

Similar presentations

Ads by Google