malloc zeroing out memory?

Question

Given this C code compiled with gcc 4.3.3

#include <stdio.h>
#include <stdlib.h>

 
int main(int argc, char * argv[])
{
 
    int * i;
    
    i = malloc(sizeof(int));
    
    printf("%d\n", *i);
    return 0;
 
}

I would expect the output to be whatever was in the memory that malloc() returns, but instead the output is 0. Is malloc zeroing out the memory it returns? If so, why?

What you expect is the case. It outputs whatever was in the memory that malloc() returns, which happened to be zero. — David Schwartz, Aug 30 '11 at 14:26

score 41 · Accepted Answer · answered Oct 25 '09 at 21:56

41

malloc itself doesn't zero out memory but it many operating systems will zero the memory that your program requests for security reasons (to keep one process from accessing potentially sensitive information that was used by another process).

answered Oct 25 '09 at 21:56

Robert Gamble

106,424
25
145
137

8

I should mention that nothing in the standard *prevents* malloc from zeroing its memory. For efficiency, it *usually* doesn't but this isn't mandated. – paxdiablo Oct 25 '09 at 22:26
20

Also note that while new memory from the OS may be zeroed, if your application recycles memory that it was using previously it's likely _not_ to be zeroed. So don't even think about relying on this :) – bdonlan Oct 25 '09 at 22:30
Absolutely right, bdonlan. To see this malloc X bytes, write some info into it, free it, then malloc X bytes again and read it. It'll probably be the same data. – Zan Lynx Mar 16 '11 at 18:00
In Debug mode malloc usually zeroes out memory. Make sure you're compiling in release mode. – Yochai Timmer Feb 05 '12 at 16:31
1

@YochaiTimmer: Good debug mallocs fill memory with a guard value, e.g. [VC++2005](http://msdn.microsoft.com/en-us/library/bebs9zyz(v=vs.80).aspx) uses 0xFD, 0xDD, and 0xCD. – tc. Jun 12 '12 at 18:32

score 11 · Answer 2 · answered Oct 25 '09 at 21:50

11

The malloc() function does not set the allocated memory to any specific value. If you want to make sure the memory is zero, use calloc() or equivalent. Otherwise, you get whatever what was there before (which might, in your case, be zero).

answered Oct 25 '09 at 21:50

Greg Hewgill

951,095
183
1,149
1,285

I would expect that, if it wasn't consistently 0. Why would I get a value that is consistently 0, over and over again? – endeavormac Oct 25 '09 at 21:53
2

You're running the same program in the same way repeatedly and expecting different results? Although `malloc()` itself is not guaranteed to zero out the memory, the OS is doing the same work to load your program and set it running. Your runtime library code is doing the same thing to set up the heap memory and begin running your code. As mentioned in another answer, the OS is likely to give you new memory pages initialised to some specific value, in order to isolate different processes from one another. – Greg Hewgill Oct 25 '09 at 22:07
Your program is requesting fresh memory from the OS. The OS will zeroout memory when it's first assigned to a process. Try filling in random values, free() the piece, and allocate another one. – nos Oct 25 '09 at 22:32

score 2 · Answer 3 · answered Oct 25 '09 at 22:03

2

The value in the allocated memory is officially undefined. C99 states: The malloc function allocates space for an object whose size is specified by size and whose value is indeterminate. malloc() can do whatever it wants, including zeroing it out. This may be deliberate, a side-effect of the implementation, or you might just have a lot of memory that happens to be 0.

FWIW on OS X with Apple's gcc 4.0.1 I can't make it come out not 0 even doing a lot of allocations:

for( idx = 0; idx < 100000; idx++ ) {
    i = (int *) malloc(sizeof(int));
    printf("%d\n", *i);
}

answered Oct 25 '09 at 22:03

Schwern

153,029
25
195
336

Try setting *i to nonzero, freeing i, then mallocing again and see what you get. – Stephen Canon Oct 25 '09 at 22:50
Any memory that is allocated to your process for the first time will be set to zero for security reasons, so that you cannot malloc memory and find out what information another process wrote to it. – gnasher729 Jan 21 '15 at 19:04
@gnasher729 This is may be what a particular C compiler does, but there's *no guarantee* this is the case and should not be relied upon. – Schwern Jan 21 '15 at 19:11

score 2 · Answer 4 · edited May 23 '17 at 12:08

2

Malloc does not have to fill memory. For performance reasons, the release versions often do nothing with memory. A "secure" library may have a malloc implementation which clears memory. It is up to the library implementer. There are some common patterns that are filled into memory by various compiler's debug libraries that are explained in this stackoverflow topic.

edited May 23 '17 at 12:08

Community

1
1

answered Oct 25 '09 at 22:28

Adisak

6,708
38
46

score 1 · Answer 5 · answered Oct 25 '09 at 21:51

1

You definitely can't depend on it being 0. malloc a larger chunk and dump it to see.

answered Oct 25 '09 at 21:51

pixelbeat

30,615
9
51
60

score -1 · Answer 6 · edited Jan 20 '19 at 20:37

Whether its int; int=0; or int=00000000; its going to take up the same space in memory. the printf will often catch the first 0 as a null terminator regardless of what else is in the string. If you are using string comparators and 0 is a placeholder I would recommend you use ANYTHING but 0 for that place holder as string based libraries really suck. Try F and then write the control in yourself inserting null term or newline as need be it will be way more portable.

malloc zeroing out memory?

6 Answers6

Linked