Where does malloc and global variable declaration allocates their variable to in C?

Question

In a simple C program, if I malloc a point that points to a variable or array, where is this part of memory allocated to in terms of memory map? I am very new to computer programming, so I am not sure how different variables are stored differently in the memory.

Also, where would a global variable (e.g. int x = 5) be stored to in the memory?

Lastly, is there any material that talks about how C language interacts with the low level hardware? What I found online are all related to C syntax, but I am too noob to read compiler books.

Please let me know if this is not clear.

Could you not Google any of this information. It's not hard to find ... — AntonH, Jun 19 '14 at 01:45
@AntonH I apologize for asking so-called basics, but I found way too much information than I need to understand this. Hope you understand. — return 0, Jun 19 '14 at 01:49
+1: The question is a little vague, but it is interesting anyway. — pablo1977, Jun 19 '14 at 03:14

Jonathon Reinhart · Accepted Answer · 2014-06-19T03:24:49.260

Consider this example:

int global_x = 5;
int global_y;

int main()
{
    int local_a;

    char* buf = malloc(100);
}

While the following descriptions are not always the case (particularly in tiny embedded implementations), a typical program on a modern platform will be layed out as follows:

global_x is an initialized global variable. It is typically stored in a .data section in the executable file, and when the program is loaded, it lives in read-write, non-executable section of memory along side your program text.
global_y is an uninitialized global variable. Space is reserved in the .bss section of the program, and takes up no space in the executable file. It lives in a simliar section as above when loaded.
local_a is a local (or "automatic") variable that lives in the call stack of main. Its lifetime is constrained to the duration of execution in that function. (i.e. Once the function returns, the variable does not exist anymore, and is trashed.)
buf points to a dynamically-allocated buffer of 100 bytes that is pulled from the heap. The heap is an area of memory that usually will expand as needed to accomodate the memory requirements of the application. When heap space is exhausted (as determined by malloc and supporting library functions), additional memory will be requested from the operating system (e.g. brk or mmap on Linux).

On Linux, you can look at /prod/[pid]/maps to see the memory mapping for the process [pid]. For example:

$ cat /proc/30009/maps
00400000-0040c000 r-xp 00000000 fd:01 268784                             /usr/bin/cat
0060b000-0060c000 r--p 0000b000 fd:01 268784                             /usr/bin/cat
0060c000-0060d000 rw-p 0000c000 fd:01 268784                             /usr/bin/cat
01a7a000-01a9b000 rw-p 00000000 00:00 0                                  [heap]
365ec00000-365ec20000 r-xp 00000000 fd:01 263066                         /usr/lib64/ld-2.18.so
365ee1f000-365ee20000 r--p 0001f000 fd:01 263066                         /usr/lib64/ld-2.18.so
365ee20000-365ee21000 rw-p 00020000 fd:01 263066                         /usr/lib64/ld-2.18.so
365ee21000-365ee22000 rw-p 00000000 00:00 0 
365f000000-365f1b4000 r-xp 00000000 fd:01 263128                         /usr/lib64/libc-2.18.so
365f1b4000-365f3b4000 ---p 001b4000 fd:01 263128                         /usr/lib64/libc-2.18.so
365f3b4000-365f3b8000 r--p 001b4000 fd:01 263128                         /usr/lib64/libc-2.18.so
365f3b8000-365f3ba000 rw-p 001b8000 fd:01 263128                         /usr/lib64/libc-2.18.so
365f3ba000-365f3bf000 rw-p 00000000 00:00 0 
7f685162b000-7f6857b54000 r--p 00000000 fd:01 302750                     /usr/lib/locale/locale-archive
7f6857b54000-7f6857b57000 rw-p 00000000 00:00 0 
7f6857b6c000-7f6857b6d000 rw-p 00000000 00:00 0 
7fffa6f09000-7fffa6f2a000 rw-p 00000000 00:00 0                          [stack]
7fffa6ffe000-7fffa7000000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

We see that there are three parts of /usr/bin/cat mapped in at 0x400000, 0x60b000, and 0x60c000.

By looking at the output of readelf -a /usr/bin/cat you can identify which sections correspond to the segments that are loaded at those addresses. This is left as an excercise to the reader :-)

Barmar · Answer 2 · 2014-06-19T01:52:57.910

0

Global variables and static variables are in the data segment.

Memory allocated with malloc() is in the heap.

Automatic variables in functions are are in the stack.

Here's a web site that explains process memory layout: http://duartes.org/gustavo/blog/post/anatomy-of-a-program-in-memory/

It's not specific to C, but it shows how these different memory areas are located in the process memory.

edited Jun 19 '14 at 01:52

answered Jun 19 '14 at 01:47

Barmar

741,623
53
500
612

What's automatic variable? – return 0 Jun 19 '14 at 01:50
Local variables in a function that aren't declared `static`. – Barmar Jun 19 '14 at 01:50
1

While "data segment" is particularly vague (on-disk? in-memory?) `malloc` does not pull from a `.data` section, or even the same area of the memory map. – Jonathon Reinhart Jun 19 '14 at 01:51

score -2 · Answer 3 · answered Jun 19 '14 at 01:46

-2

All "malloc"-ed variables/arrays are allocated memory in the heap space, while all other variables are allocated memory in the stack.

You should be able to find a lot of tutorials online.

answered Jun 19 '14 at 01:46

Alwin

465
3
5

1

static and global variables are allocated in BSS and not on the stack nor heap. – wallyk Jun 19 '14 at 01:51
1

Wrong. Only local variables are on the stack. – Jonathon Reinhart Jun 19 '14 at 01:51

Where does malloc and global variable declaration allocates their variable to in C?

3 Answers3