malloc storing its metadata

Question

Surprisingly both the programs gave the difference between the two pointers same even though the data types were different.....

How exactly does malloc store its meta data was what i was trying to find out with this little experiment...

Program 1 :

int main ()
{
    char *i,*j;

    i=(char*)malloc (sizeof(char));
    j=(char*)malloc (sizeof(char));

    printf ("%x\n",i);

    printf ("%x\n",j);
return 0;
}

Output :

710010
710030

Program 2 :

int main ()
{
    int *i,*j;

    i=(int*)malloc (sizeof(int));
    j=(int*)malloc (sizeof(int));

    printf ("%x\n",i);

    printf ("%x\n",j);
return 0;
}

Output :

16b8010
16b8030

What i had in mind before this program :

| meta data of i | memory space of i | meta data of j | memory space of j |

but the results don't support the theory....

Answer 1

malloc "rounds up" allocations to a convenient size set at compile time for the library. This causes subsequent allocations and deallocations to fragment memory less than if allocations were created to exactly match requests.

Where malloc stores its metadata is not actually why the values for both are 0x20 "apart". But you can read up on one method of implementing malloc (and friends) here; see especially slides 16 and 28.

Imagine the case of a string manipulation program, where lots of different sized allocations were occurring in "random" order. Tiny "left over" chunks would quickly develop leaving totally useless bytes of memory spread out between the used chunks. malloc prevents this by satisfying all memory requests in multiples of some minimum size (apparently 0x20 in this case). (OK, technically is you request 0x1E bytes, there will be 2 bytes of "wasted" space left over and unused after your request. Since malloc allocates 0x20 bytes instead of 0x1E, BUT there will not ever be a 2-byte fragment left over. Which is really good because the metadate for malloc is definitely bigger than 2-bytes, so there would be no way to even keep track of those bytes.)

Answer 2

Rather than allocating from a compiled-in fixed-size array, malloc will request space from the operating system as needed. Since other activities in the program may also request space without calling this allocator, the space that malloc manages may not be contiguous. Thus its free storage is kept as a list of free blocks. Each block contains a size, a pointer to the next block, and the space itself. The blocks are kept in order of increasing storage address, and the last block (highest address) points to the first.

When a request is made, the free list is scanned until a big-enough block is found. This algorithm is called first fit, by contrast with best fit, which looks for the smallest block that will satisfy the request. If the block is exactly the size requested it is unlinked from the list and returned to the user. If the block is too big, it is split, and the proper amount is returned to the user while the residue remains on the free list. If no big-enough block is found, another large chunk is obtained by the operating system and linked into the free list.

Answer 3

malloc normally uses a pool of memory and "meta data" is held in the pool not "in between" the chunks of memory allocated.