Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why are address are not consecutive when allocating single bytes?

I am dynamically allocating memory as follows:

char* heap_start1 = (char*) malloc(1);
char* heap_start2 = (char*) malloc(1);

When I do printf as follows surprisingly the addresses are not consecutives.

printf("%p, %p \n",heap_start1,heap_start2);

Result:

   0x8246008, 0x8246018

As you can see there is a 15 bytes of extra memory that are left defragmented. It's definitely not because of word alignment. Any idea behind this peculiar alignment?

Thanks in advance!

I am using gcc in linux if that matters.

like image 227
as3rdaccount Avatar asked Dec 21 '22 10:12

as3rdaccount


2 Answers

glibc's malloc, for small memory allocations less than 16 bytes, simply allocates the memory as 16 bytes. This is to prevent external fragmentation upon the freeing of this memory, where blocks of free memory are too small to be used in the general case to fulfill new malloc operations.

A block allocated by malloc must also be large enough to store the data required to track it in the data structure which stores free blocks.

This behaviour, while increasing internal fragmentation, decreases overall fragmentation throughout the system.

Source: http://repo.or.cz/w/glibc.git/blob/HEAD:/malloc/malloc.c (Read line 108 in particular)

/*
...
Minimum allocated size: 4-byte ptrs:  16 bytes    (including 4 overhead)
...
*/

Furthermore, all addresses returned by the malloc call in glibc are aligned to: 2 * sizeof(size_t) bytes. Which is 64 bits for 32-bit systems (such as yours) and 128 bits for 64-bit systems.

like image 106
Randy the Dev Avatar answered Dec 24 '22 02:12

Randy the Dev


At least three possible reasons:

  • malloc needs to produce memory that is suitably-aligned for all primitive types. Data for SSE instructions needs to be 128-bit aligned. (There may also be other 128-bit primitive types that your platform supports that don't occur to me at the moment.)

  • A typical implementation of malloc involves "over-allocation" in order to store bookkeeping information for a speedy free. Not sure if GCC on Linux does this.

  • It may be allocating guard bytes in order to allow detection of buffer overflows and so on.

like image 26
Oliver Charlesworth Avatar answered Dec 24 '22 02:12

Oliver Charlesworth