Académique Documents
Professionnel Documents
Culture Documents
Emery Berger
University of Massachusetts Amherst
Memory Management
Fast
Memory efficient
New issues:
realloc
Other fun
calloc memalign
Fragmentation
More fragmentation = worse utilization of memory Wasted space outside allocated objects Wasted space inside an object
External fragmentation
Internal fragmentation
Classical Algorithms
First-fit
Classical Algorithms
Best-fit
Classical Algorithms
Worst-fit
Reclaim space: coalesce free adjacent objects into one big object
Implementation Techniques
Freelists
Implementation Techniques
10
Implementation Techniques
11
Runtime Analysis
Key components
Cost of malloc (best, worst, average) Cost of free Cost of size lookup (for realloc & free)
12
Space Bounds
Considerations:
Performance Issues
Well talk about scalability later Reliability, too But: general-purpose allocator often seen as too slow
14
Apache, gcc, lcc, STL, database servers Language-level support in C++ Widely recommended
More code to maintain & debug Cant use memory debuggers Not modular or robust:
Fast
+
+
b
Simple
+ +
Possibly space-inefficient
17
char[MEMORY_LIMIT]
Fast
+
Pointer-bumping allocation
- Brittle
- Fixed memory size - Requires stack-like lifetimes
18
(III) Regions
Fast
+ +
- Risky
- Dangling references - Too much space
Convenient
+
Normalized Runtime
non-regions
17 5. vp r
19 7. pa rs er bo xe dsi m
ap ac he
cbr ee ze
17 6. gc c
ud lle
lc c
Not So Fast
Runtime - Custom Allocator Benchmarks
Custom 1.75 Win32 DLmalloc regions
Normalized Runtime
non-regions
he
dsi m
5. vp
rs e
ee z
6. gc
lc c
7. pa
cbr
17
19
bo
17
xe
ap
m ud
ac
lle
Highly-optimized fastpath
Space-efficient
22
DLmalloc
regions
Normalized Space
non-regions
he
dsim
6. gc c
5. vp
rs e
ee z
lc
7. pa
cbr
17
19
bo
17
xe
ap
m ud
ac
lle
23
Custom Allocators?
24
C, C++: pervasive apps, but langs. memory unsafe Numerous opportunities for security vulnerabilities, errors
Double free Invalid free Uninitialized reads Dangling pointers Buffer overflows (stack & heap)
UNIVERSITY OF MASSACHUSETTS AMHERST Department of Computer Science
No dangling pointers, invalid frees, double frees No buffer overflows, data overwrites
? Efficient implementation
Implementation Choices
obj
obj
obj
obj
pages
UNIVERSITY OF MASSACHUSETTS AMHERST Department of Computer Science
Prevents fragmentation
Randomized Allocation
00000001 size = 2i+3 1010 10 2i+4 2i+5
heap metadata
malloc(8):
compute size class = ceil(log2 sz) 3 randomly probe bitmap for zero-bit (free)
Randomized Allocation
00010001 size = 2i+3 1010 10 2i+4 2i+5
heap metadata
malloc(8):
compute size class = ceil(log2 sz) 3 randomly probe bitmap for zero-bit (free)
Randomized Deallocation
00010001 size = 2i+3 1010 10 2i+4 2i+5
heap metadata
free(ptr):
Ensure object valid aligned to right address Ensure allocated bit set Resets bit
Randomized Deallocation
00010001 size = 2i+3 1010 10 2i+4 2i+5
heap metadata
free(ptr):
Ensure object valid aligned to right address Ensure allocated bit set Resets bit
Randomized Deallocation
00000001 size = 2i+3 1010 10 2i+4 2i+5
heap metadata
free(ptr):
Ensure object valid aligned to right address Ensure allocated bit set Resets bit
5 4
seed1
input
replica1
output
seed2
replica2 vote
broadcast
seed3
replica3
(separate processes)
execute replicas
Replication-based fault-tolerance
DieHard Results
Empirical results
P(Overflow in all replicas) = ()3 = 1/8 P(No overflow in > 1 replica) = 1-()3 = 7/8
Injected faults:
glibc: crashes; DieHard: 9/10 correct glibc: crashes 9/10, inf loop; DieHard: 10/10 correct
Real faults:
The End
47