LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 12-03-2004, 10:51 AM   #1
kuna
LQ Newbie
 
Registered: Dec 2004
Location: Canada
Posts: 7

Rep: Reputation: 0
how does malloc() and free() functions work?


how does malloc() and free() functions work?

How does the free function know from which start position in memory (to end position) to free the memory ?

Kuna
 
Old 12-03-2004, 11:01 AM   #2
csfalcon
Member
 
Registered: Jun 2004
Location: MD
Distribution: Fedora Core
Posts: 269

Rep: Reputation: 31
educated guess:

malloc prob saves an entry of the size allocated for a pointer, and free looks up that entry for the information.
 
Old 12-03-2004, 11:38 AM   #3
itsme86
Senior Member
 
Registered: Jan 2004
Location: Oregon, USA
Distribution: Slackware
Posts: 1,246

Rep: Reputation: 56
malloc() and free() don't work the same way on every O/S.

I've created my own virtual memory system for a project I was working on called TinyMAZE. It's basically a wrapper for the stdlib malloc/free/etc. functions, but adds some features like detecting memory leaks, providing a volatile stack, etc. Here's the source code for it if you want to poke around and see how I did it. Basically it keeps information for each allocation in a struct. Then it malloc()'s the amount of memory requested and prepends the address of the struct instance for that allocation to the beginning of that memory block. That way when someone mvm_free(some_ptr) is called, the information for that allocation can be found at some_ptr - PTR_SIZE.

Anyway, it's not impossible for a real dynamic memory allocation implementation to work the same way. I'm pretty sure they all use some sort of header attached to the returned chunk of memory.

And here's a link to the code: http://www.tinymaze.com/mazevm.c
 
Old 12-03-2004, 12:57 PM   #4
aluser
Member
 
Registered: Mar 2004
Location: Massachusetts
Distribution: Debian
Posts: 557

Rep: Reputation: 42
Here's a simple, vague answer:

Your process has a region of memory, from address x to address y, called the heap. All your malloc'd data lives in this area. malloc() keeps some data structure, let's say a list, of all the free chunks of space in the heap. When you call malloc, it looks through the list for a chunk that's big enough for you, returns a pointer to it, and records the fact that it's not free any more as well as how big it is. When you call free() with the same pointer, free() looks up how big that chunk is and adds it back into the list of free chunks(). If you call malloc() and it can't find any large enough chunk in the heap, it uses the brk() syscall to grow the heap, i.e. increase address y and cause all the addresses between the old y and the new y to be valid memory.
brk() must be a syscall; there is no way to do the same thing entirely from userspace.

Does that help?
 
Old 12-03-2004, 01:06 PM   #5
kuna
LQ Newbie
 
Registered: Dec 2004
Location: Canada
Posts: 7

Original Poster
Rep: Reputation: 0
thank you for the anwser
 
Old 12-04-2004, 12:07 AM   #6
hk_linux
Member
 
Registered: Nov 2004
Location: India
Distribution: RedHat, PCQLinux, Fedora
Posts: 95

Rep: Reputation: 15
I have a similar question.
After we free a chunk of allocated memory,as aluser said, will go to the list of free chunks. My question is, if this free chunk is available only for this process or will it be given back to the kernel for allocations to other process, if they are in need of it?

I am using kernel 2.4. I am encountering some problems with my allocations and freeing. My process continuosly allocated chunks of 2M memory and frees it. My observation from "top" output is that the memory occupied by my process keeps on growing and stabilises at one level. It nevers shrinks. First i thought it to be a memory leak, but i have used tools for detecting leaks and found that there is no leak. Can anybody explain why this happens or give a pointer to some good writeups on this issue?
Can we rely on the "top" output for seeing the memory occupied by the process? Wat exactly happens after we free the memory?
 
Old 12-04-2004, 12:14 AM   #7
aluser
Member
 
Registered: Mar 2004
Location: Massachusetts
Distribution: Debian
Posts: 557

Rep: Reputation: 42
brk() can be used to shrink the heap as well as grow it. When this happens, y decreases. You can have situations where most of the heap is free, but it can't be shrunk because some chunk at the top of it (near y) isn't free; in this case, the process hogs a lot of memory it doesn't really need. Alternatively, the malloc and free could just decide to keep the heap a certain size and not make it any smaller, on the theory that brk() can be slow and you're likely to need the memory again. I don't know how they tend to be implemented in practice.

You should look into some malloc debugging tools if you're trying to hunt down a memory leak; I've used dmalloc, I'm sure there are others too.

btw, it should be noted that what I've described in my other post doesn't have to be *the* way it works everywhere, but it's true for unixy systems at a minimum.
 
Old 12-04-2004, 02:22 AM   #8
itsme86
Senior Member
 
Registered: Jan 2004
Location: Oregon, USA
Distribution: Slackware
Posts: 1,246

Rep: Reputation: 56
Try running strace on your program (strace ./myprog) and you can see the brk/sbrk system calls. If you do something like printf() you will see write() system calls also so you can tell when the brk/sbrk calls are happening relative to other parts of your program. strace can be an excellent debugging tool.
 
Old 12-04-2004, 03:59 AM   #9
shishir
Member
 
Registered: Jul 2003
Location: bangalore . india
Distribution: openSUSE 10.3
Posts: 251

Rep: Reputation: 33
just as an addition...: 2.6 is moving malloc from calling brk to calling mmap

also there is a good explanation+code of a 'malloc' in kernighan and ritchie....would really be a great place to look for explanation..also every OS has its own way of managing dynamic memory..

Last edited by shishir; 12-04-2004 at 04:02 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
*** glibc detected *** malloc() / free()/ double RohanShrivastav Programming 12 10-01-2012 10:08 AM
DBM functions don't work in PHP vharishankar Programming 4 09-26-2004 09:23 PM
malloc/free in C h/w Programming 12 02-26-2004 01:13 PM
malloc/free and segfault - advanced question iTux Programming 3 12-10-2003 04:51 PM
Is my malloc/free thinking correct? registering Programming 6 06-18-2003 11:35 PM


All times are GMT -5. The time now is 12:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration