malloc(3)
NAME
malloc, calloc, realloc, free, reallocf -- general purpose memory alloca- tion functions
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <stdlib.h> void * malloc(size_t size); void * calloc(size_t number, size_t size); void * realloc(void *ptr, size_t size); void * reallocf(void *ptr, size_t size); void free(void *ptr); const char * _malloc_options; void (*_malloc_message)(char *p1, char *p2, char *p3, char *p4);
DESCRIPTION
The malloc() function allocates size bytes of memory. The allocated space is suitably aligned (after possible pointer coercion) for storage of any type of object. If the space is at least pagesize bytes in length (see getpagesize(3)), the returned memory will be page boundary aligned as well. If malloc() fails, a NULL pointer is returned. Note that malloc() does NOT normally initialize the returned memory to zero bytes. The calloc() function allocates space for number objects, each size bytes in length. The result is identical to calling malloc() with an argument of ``number * size'', with the exception that the allocated memory is explicitly initialized to zero bytes. The realloc() function changes the size of the previously allocated mem- ory referenced by ptr to size bytes. The contents of the memory are unchanged up to the lesser of the new and old sizes. If the new size is larger, the value of the newly allocated portion of the memory is unde- fined. If the requested memory cannot be allocated, NULL is returned and the memory referenced by ptr is valid and unchanged. If memory can be allocated, the memory referenced by ptr is freed and a pointer to the newly allocated memory is returned. Note that this may be different from the value passed as ptr. If ptr is NULL, the realloc() function behaves identically to malloc() for the specified size. The reallocf() function is identical to the realloc() function, except
TUNING
Once, when the first call is made to one of these memory allocation rou- tines, various flags will be set or reset, which affect the workings of this allocation implementation. The ``name'' of the file referenced by the symbolic link named /etc/malloc.conf, the value of the environment variable MALLOC_OPTIONS, and the string pointed to by the global variable _malloc_options will be interpreted, in that order, character by character as flags. Most flags are single letters, where uppercase indicates that the behav- ior is set, or on, and lowercase means that the behavior is not set, or off. A All warnings (except for the warning about unknown flags being set) become fatal. The process will call abort(3) in these cases. J Each byte of new memory allocated by malloc(), realloc() or reallocf() as well as all memory returned by free(), realloc() or reallocf() will be initialized to 0xd0. This options also sets the ``R'' option. This is intended for debugging and will impact performance negatively. H Pass a hint to the kernel about pages unused by the allocation functions. This will help performance if the system is paging excessively. This option is off by default. R Causes the realloc() and reallocf() functions to always reallo- cate memory even if the initial allocation was sufficiently large. This can substantially aid in compacting memory. U Generate ``utrace'' entries for ktrace(1), for all operations. Consult the source for details on this option. V Attempting to allocate zero bytes will return a NULL pointer instead of a valid pointer. (The default behavior is to make a minimal allocation and return a pointer to it.) This option is provided for System V compatibility. This option is incompatible with the ``X'' option. X Rather than return failure for any allocation function, display a diagnostic message on stderr and cause the program to drop core (using abort(3)). This option should be set at compile time by including the following in the source code: _malloc_options = "X"; Z This option implicitly sets the ``J'' and ``R'' options, and then zeros out the bytes that were requested. This is intended for debugging and will impact performance negatively. < Reduce the size of the cache by a factor of two. The default cache size is 16 pages. This option can be specified multiple times. > Double the size of the cache by a factor of two. The default cache size is 16 pages. This option can be specified multiple problem occurs: ln -s 'A<' /etc/malloc.conf To specify in the source that a program does no return value checking on calls to these functions: _malloc_options = "X";
ENVIRONMENT
The following environment variables affect the execution of the alloca- tion functions: MALLOC_OPTIONS If the environment variable MALLOC_OPTIONS is set, the characters it contains will be interpreted as flags to the allocation functions.
RETURN VALUES
The malloc() and calloc() functions return a pointer to the allocated memory if successful; otherwise a NULL pointer is returned and errno is set to ENOMEM. The realloc() and reallocf() functions return a pointer, possibly identi- cal to ptr, to the allocated memory if successful; otherwise a NULL pointer is returned, and errno is set to ENOMEM if the error was the result of an allocation failure. The realloc() function always leaves the original buffer intact when an error occurs, whereas reallocf() deal- locates it in this case. The free() function returns no value.
DEBUGGING MALLOC PROBLEMS
The major difference between this implementation and other allocation implementations is that the free pages are not accessed unless allocated, and are aggressively returned to the kernel for reuse. Most allocation implementations will store a data structure con- taining a linked list in the free chunks of memory, used to tie all the free memory together. That can be suboptimal, as every time the free-list is traversed, the otherwise unused, and likely paged out, pages are faulted into primary memory. On systems which are paging, this can result in a factor of five increase in the number of page-faults done by a process. A side effect of this architecture is that many minor transgressions on the interface which would traditionally not be detected are in fact detected. As a result, programs that have been running happily for years may suddenly start to complain loudly, when linked with this allocation implementation. The first and most important thing to do is to set the ``A'' option. This option forces a coredump (if possible) at the first sign of trouble, rather than the normal policy of trying to continue if at all possible. It is probably also a good idea to recompile the program with suitable options and symbols for debugger support. If the program starts to give unusual results, coredump or generally ``J'' option may help provoke the problem. In truly difficult cases, the ``U'' option, if supported by the kernel, can provide a detailed trace of all calls made to these functions. Unfortunately this implementation does not provide much detail about the problems it detects, the performance impact for storing such information would be prohibitive. There are a number of allocation implementations available on the 'Net which focus on detecting and pinpointing problems by trading performance for extra sanity checks and detailed diagnostics.
DIAGNOSTIC MESSAGES
If malloc(), calloc(), realloc() or free() detect an error or warning condition, a message will be printed to file descriptor STDERR_FILENO. Errors will result in the process dumping core. If the ``A'' option is set, all warnings are treated as errors. The _malloc_message variable allows the programmer to override the func- tion which emits the text strings forming the errors and warnings if for some reason the stderr file descriptor is not suitable for this. Please note that doing anything which tries to allocate memory in this function will assure death of the process. The following is a brief description of possible error messages and their meanings: (ES): mumble mumble mumble The allocation functions were compiled with ``EXTRA_SANITY'' defined, and an error was found during the additional error checking. Consult the source code for further information. mmap(2) failed, check limits This most likely means that the system is dangerously overloaded or that the process' limits are incorrectly speci- fied. freelist is destroyed The internal free-list has been corrupted. out of memory The ``X'' option was specified and an allocation of memory failed. The following is a brief description of possible warning messages and their meanings: chunk/page is already free The process attempted to free() memory which had already been freed. junk pointer, ... A pointer specified to one of the allocation functions points outside the bounds of the memory of which they are aware. malloc() has never been called No memory has been allocated, yet some- thing is being freed or realloc'ed. modified (chunk-/page-) pointer The pointer passed to free() or realloc() has been modified. pointer to wrong page The pointer that free(), realloc(), or reallocf() is trying to free does not reference a possible page. recursive call A process has attempted to call an allocation function /usr/share/doc/papers/malloc.ascii.gz
STANDARDS
The malloc(), calloc(), realloc() and free() functions conform to ISO/IEC 9899:1990 (``ISO C90'').
HISTORY
The present allocation implementation started out as a file system for a drum attached to a 20bit binary challenged computer which was built with discrete germanium transistors. It has since graduated to handle primary storage rather than secondary. It first appeared in its new shape and ability in FreeBSD 2.2. The reallocf() function first appeared in FreeBSD 3.0.
AUTHORS
Poul-Henning Kamp <phk@FreeBSD.org>
BUGS
The messages printed in case of problems provide no detail about the actual values. It can be argued that returning a NULL pointer when asked to allocate zero bytes is a silly response to a silly question. FreeBSD 5.4 August 27, 1996 FreeBSD 5.4
SPONSORED LINKS
Man(1) output converted with man2html , sed , awk