C's Memory Model

Home , Sizeof

C’s memory model LAST TODAY NEXT

• Transition to C • C’s Memory Model Numbers in C

• Code organization • Arrays and pointers

• Contracts • Pointer casting

• Compiling • Arrays on the stack

• Memory management • Structs on the stack • “Address of” operator • Undeﬁned behavior Transition to C

LOST GAINED

Contracts Preprocessor

Explicit memory management Safety

Garbage collection Tools: valgrind

Memory initialization

Tools: Interpreter (coin) Memory model

OS restricted H 0xB4B main H 0xB4B hdict_lookup Local STACK k 0x73C i 0 memory k1 0x73C key_equiv k2 0x735

2 4 Allocated HEAP memory 0x735 0x73C 73 42 "hamlet" read-only TEXT "rose" main … hdict_lookup … CODE key_hash … read-only key_equiv … OS restricted Exercise

int *x = xmalloc(sizeof(int)); *x = 3; int *y = x; *x = 4; printf("%d\n", *y);

What is printed after executing this code? Allocating an array

int *A = xmalloc(sizeof(int)*5);

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0 … … A[0] A[1] A[2] A[3] A[4] Allocating an array

int *A = xmalloc(sizeof(int)*5); A[1] = 7; A[2] = A[1] + 5; A[4] = 1

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0

… 7 12 1 … A[0] A[1] A[2] A[3] A[4] Allocating an array

int *A = xmalloc(sizeof(int)*5); A[1] = 7; A[2] = A[1] + 5; A[4] = 1 *A = 42;

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0

… 42 7 12 1 … A[0] A[1] A[2] A[3] A[4] Allocating an array

int *A = xmalloc(sizeof(int)*5); A[1] = 7; A[2] = A[1] + 5; A[4] = 1 *A = 42;

• A is the address of the ﬁrst element of the array. • A+1 is the address of the next element. • A+i is the address of ithelement of A. • In fact, A[i] is convenient syntax for *(A+i)

i is not bytes but the number of elements to skip over. Pointer arithmetic

void print_memory_int(int* start_ptr, int num) { int *ptr = start_ptr; for (int i = 0; i < num; i++) { printf("%d\n", *ptr); ptr = ptr + 1; } } Example: print elements in an allocated array

void print_memory_int(int* start_ptr, int num) { int *ptr = start_ptr; for (int i = 0; i < num; i++) { printf("%d\n", *ptr); ptr = ptr + 1; } }

int *A = xmalloc(sizeof(int)*5); print_memory_int(A,5); xmalloc does not initialize memory!

KAYNAR3:code dilsun$ ./a.out KAYNAR3:code dilsun$ ./a.out 0 0 -1342177280 -805306368 0 0 -1342177280 -805306368 -1232863216 -1232863216 Initializing memory

void print_memory_int(int* start_ptr, int num) { int *ptr = start_ptr; for (int i = 0; i < num; i++) { printf("%d\n", *ptr); ptr = ptr + 1; } }

int *A = xcalloc(5, sizeof(int)); print_memory_int(A,5); xcalloc behaves like alloc_array in C0.

KAYNAR3:code dilsun$ ./a.out 0 0 0 0 0 Undeﬁned behaviors

int *A = xcalloc(5,sizeof(int)); printf(“A[-10000] is %d",A[-10000] );

KAYNAR3:code dilsun$ ./a.out 0 0 0 0 0 Segmentation fault: 11

Safety violations in C0 are undeﬁned behavior in C. Examples of undeﬁned behavior

• Reading/writing to non-allocated memory

• Reading uninitialized memory (even if correctly allocated)

• Using memory that has beed freed

• Double free Aliasing

int *A = xmalloc(sizeof(int)*5); A[1] = 7; A[2] = A[1] + 5; A[4] = 1 int *B = A + 2;

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0

… 7 12 1 … A[0] A[1] A[2] A[3] A[4] B[0] B[1] B[2] Pointer casting

int *A = xmalloc(sizeof(int)*5); A[1] = 7; A[2] = A[1] + 5; A[4] = 1 char *C = (char *)A;

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0

… 7 12 1 … A[0] A[1] A[2] A[3] A[4]

printf("Charater at index 16: %d\n",C[16]); prints 1 but depends on how integers are represented struct point { int x; int y; Pointer casting };

struct point *D = (struct point *) (A+2);

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0

… 7 12 1 … A[0] A[1] A[2] A[3] A[4]

D[0] D[1]

printf("(x1,y1) = (%d, %d)\n", D[0].x, D[0].y); prints (x1,y1) = (12, 0) struct point { int x; int y; Pointer casting };

struct point *D = (struct point *) (A+2);

A 0xBB0 0xBB4 0xBB8 0xBBC 0xBC0

… 7 12 1 … A[0] A[1] A[2] A[3] A[4]

D[0] D[1]

printf("(x1,y1) = (%d, %d)\n", D[1].x, D[1].y); prints (x1,y1) = (1, ?) Out of bound access Stack allocated arrays

In C0, arrays and structs can only be allocated on the heap.

In C, arrays and structs can also be allocated on the stack.

int E[10]; E[0] = 3;

int F[] = {2, 4, 56, 8, 3}; F[4] = 10; struct point p; p.x = 3; p.y = 7; printf("p is (%d, %d)\n", p.x, p.y); Strings in C (different ways to create them)

On the heap: char *s1 = xmalloc(4*sizeof(char)); s1[0] = 'c'; s1[1] = 'a'; s1[2] = ’t'; s1[3] = '\0';

On the stack: char s2[] = {'d', 'o', 'g', '\0'}; char s3[] = "pig";

In read-only text: char *s3 = “fox" Exercise: Where is the data stored?

char *s1 = xmalloc(3*sizeof(char)); heap

char s2[] = {'d', 'o', 'g', '\0'}; stack

char *s3 = "fox"; read-only text

char s4[] = "pig"; stack &: “Address of” operator

In C0, & can be used only to get address of functions. In C, it can be used to get address of any value that has a memory address.

OS restricted int i = 42; H 0xB4B main H 0xB4B hdict_lookup Local increment(&i); STACK k 0x73C i 0 memory k1 0x73C key_equiv k2 0x735 increment(&p.y);

2 4 Allocated HEAP memory 0x735 0x73C increment(&A[3]); 73 42 "hamlet" read-only TEXT "rose" main … hdict_lookup … CODE key_hash … read-only key_equiv … OS restricted Transition to C

LOST GAINED

Contracts Preprocessor

Safety Explicit memory management

Garbage collection Tools: valgrind

Memory initialization Pointer arithmetics

Tools: Interpreter (coin) Stack allocated arrays and structs

Well-behaved arrays Generalized “address of”

Fully deﬁned language

Strings