Menu
int brk(void *end_data_segment);
void *sbrk(intptr_t increment);
Calling sbrk() with an increment of 0 can be used to find the current location of the program break.
What is program break? Where does it start from,0x00?
819
The program break is the address of the first location beyond the current end of the data region. The amount of available space increases as the break value increases.
Presumably the internals of your stdio implementation use malloc (e.g. to create buffers), which in turn calls sbrk itself. In other words, printf calls malloc internally, which reserves memory using sbrk . This time we see an increment of 0xa, which matches your previous sbrk(10) call exactly.
The sbrk() function is used to change the space allocated for the calling process. The change is made by adding incr bytes to the process's break value and allocating the appropriate amount of space. The amount of allocated space increases when incr is positive and decreases when incr is negative.
malloc allocates memory to the heap to the program for it's use, free releases the memory from use back to the heap (and can be reused by a future call to malloc )
Oversimplifying:
A process has several segments of memory:
(Of course, nowadays it's much more complex. There is a rodata segment, a uninitialized data segment, mappings allocated via mmap, a vdso, ...)
One traditional way a program can request more memory in a Unix-like OS is to increment the size of the data segment, and use a memory allocator (i.e. malloc() implementation) to manage the resulting space. This is done via the brk() system call, which changes the point where the data segment "breaks"/ends.
81
A program break is end of the process's data segment. AKA...
the program break is the first location after the end of the uninitialized data segment
As to where it starts from, it's system dependent but probably not 0x00.
29
These days, sbrk(2) (and brk) are nearly obsolete system calls (and you can nearly forget about them and ignore the old notion of break; focus on understanding mmap(2)). Notice that the sbrk(2) man page says in its NOTES :
Avoid using
brk()andsbrk(): the malloc(3) memory allocation package is the portable and comfortable way of allocating memory.
(emphasis mine)
Most implementations of malloc(3) (notably the one in musl-libc) are rather using mmap(2) to require memory - and increase their virtual address space - from the kernel (look at that virtual address space wikipage, it has a nice picture). Some malloc-s use sbrk for small allocations, mmap for large ones.
Use strace(1) to find out the system calls (listed in syscalls(2)) done by some given process or command. BTW you'll then find that bash and ls (and probably many other programs) don't make a single call to sbrk.
Explore the virtual address space of some process by using proc(5). Try cat /proc/$$/maps and cat /proc/self/maps and even cat /proc/$$/smaps and read a bit to understand the output.
Be aware of ASLR & vdso(7).
And sbrk is not very thread friendly.
(my answer focuses on Linux)
42
You are saying that sbrk() is an obsolute system call and that we should use malloc(), but malloc(), according to her documentation, when allocating less memory than 128 KiB (32 pages) uses it. So we shouldn´t use sbrk() directly, but malloc() use it, if allocation is bigger than 128 KiB then malloc() uses mmap() that allocates private pages to the userspace. Finally its a good idea to understand sbrk(), at least for understanding the "Program Break" concept.
29
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
