My custom malloc function crashes when the remaining memory surpasses certain size

Question

I tried to create my own malloc function in C, using array as the memory i'll be working with. But when the remaining memory size surpasses a certain number of bits, the program crashes saying " Exception thrown: write access violation."

I divide the memory to a blocks. Each block will have a little metadata block that preserves the size of the block and whether is it free or taken (at the beginning, the entire memory array is one big block). Then my malloc finds the first memory block with sufficient size and uses it (or part of it).

The problem is: If i initialize an array of size 20000 bytes for example, my malloc will only work if the remaining free bytes in array would be 17708 or more.

#include <stdio.h>

char memory[20000];             

struct block {                  
    unsigned int size;
    int free;
    struct block* next;
};

struct block* freeList = (void*)memory;

void initialize() {             /
    freeList->size = 20000 - sizeof(struct block);
    freeList->free = 1;
    freeList->next = NULL;
}

void split(struct block* fitting_slot, unsigned int size) {         
    struct block* new = (void*)(fitting_slot + size + sizeof(struct block));
    unsigned int temp = (fitting_slot->size) - size - sizeof(struct block);
    printf("Remaining memory size is %d\n", temp);

    new->size = temp;            // this is where program crashes
    new->free = 1;
    new->next = fitting_slot->next;
    fitting_slot->size = size;
    fitting_slot->free = 0;
    fitting_slot->next = new;
}


void* MyMalloc(unsigned int noOfBytes) {
    struct block* curr;
    void* result;
    if (!(freeList->size)) {
        initialize();
    }
    curr = freeList;

    while ((((curr->size) < (noOfBytes + sizeof(struct block))) || ((curr->free) == 0)) && (curr->next != NULL)) {          
        curr = curr->next;
    }
    printf("From the free memory of size : %d\n", curr->size);
    printf("We will occupy this size : %d\n", noOfBytes + sizeof(struct block));

    if ((curr->size) == (noOfBytes + sizeof(struct block))) {
        curr->free = 0;
        result = (void*)(++curr);
        printf("Exact fitting block allocated\n\n");
    }
    else if ((curr->size) > (noOfBytes + sizeof(struct block))) {
        split(curr, noOfBytes);
        result = (void*)(++curr);
        printf("Fitting block allocated with a split\n\n");
    }
    else {
        result = NULL;
        printf("Sorry. No sufficient memory to allocate\n\n");
    }
    return result;
}

int main(){
    unsigned int size = 2270 * sizeof(char);       
    char* k = (char)MyMalloc(size);
    printf("Success\n");
}

If the number of "size" is 2269 or lower, program works correctly.

If the number of "size" in main is 2270 or higher, program crashes on the line new->size = temp in function split() saying "Exception thrown: write access violation."

`char* k = (char)MyMalloc(size);` really? No warnings from compiler?! — Antti Haapala -- Слава Україні, Aug 23 '19 at 12:59
@AnttiHaapala I certainly got a warning from `gcc`, also an error on the `void initialise(){` line there is a stray `/`. Trying to debug the rest now... — Euan Smith, Aug 23 '19 at 13:08
I get a different threshold for the error - works for 2135, not for 2136. — Euan Smith, Aug 23 '19 at 13:14
when compiling, always enable the warnings, then fix those warnings. ( for `gcc`,at a minimum use: `-Wall -Wextra -Wconversion -pedantic -std=gnu11` ) Note: other compilers use different options to produce the same results — user3629249, Aug 24 '19 at 03:20

Euan Smith · Answer 1 · 2019-08-23T14:33:57.423

OK, so I think you are offsetting by the wrong amount. Pointers in C have an indication of the size of thing they are pointing to, so if you want a byte offset you need to cast the pointer to char*, ~~or I think void* should also work fine.~~ (see the edit below, this was mistaken)

I have not done a detailed debug, however changing line 20 from

struct block* new = (void*)(fitting_slot + size + sizeof(struct block));

to:

struct block* new = (void*)(fitting_slot) + size + sizeof(struct block);

seemed to at least stop the errors.

I can set size right up to 19968 (the max) and all seems well.

EDIT

So, as @R.. correctly pointed out below, arithmatic on void pointers is not allowed (although gcc and probably other compilers let you get away with it) - see this answer, for example, on the topic.

The most appropriate thing would seem to be casting to char*. Given that the fitting_slot variable is also already in units of the block size, rather than adding sizeof(struct block) it is simpler to just add 1 to that, then the size once case to char:

struct block* new = (void*)((char*)(fitting_slot+1) + size);

I've tested this and it seems to work the same in gcc as the previous edit, but legally now.

@R.. Ah OK, this is where I am a little rusty. So just looked it up and indeed while gcc lets you get away with it, you are not supposed to do so... I'll think how to refactor. — Euan Smith, Aug 23 '19 at 14:13
`(char *)` and cast back to `(void *)` after the arithmetic. — R.. GitHub STOP HELPING ICE, Aug 23 '19 at 14:22

g_bor · Accepted Answer · 2019-08-23T13:41:37.007

In the line where new is assigned pointer arithmetic is done on a struct block*. When you do pinter arithmetic on a typed pointer, c semantics assumes, that an array is being manipulated. For example ptr++ on a struct block* increases the value of the pointer by sizeof(struct block). You should cast your pointer to char* before performing arithmetic on it this way. I am not sure I got everything, but I hope this can get you started.

Tsakiroglou Fotis · Answer 3 · 2019-08-23T13:13:10.297

0

I used my debugger.I assume that you forgot a malloc in split function.

struct block* new = (void*)malloc(fitting_slot + size + sizeof(struct block));

If you use a debbuger you'll find out that new->size was unreachable address.

**this would be line 20, if the include is in line 1.

edited Aug 23 '19 at 13:13

answered Aug 23 '19 at 13:11

Tsakiroglou Fotis

953
8
24

1

I don't think so - he is trying to do his own alloc within the declared array, and fitting_slot is a pointer to the current slot, so this (should) just be offsetting within the array. However equally clearly here is where it is going wrong..... – Euan Smith Aug 23 '19 at 13:12
And where does he try to allocate the memory he wishes to use? – Tsakiroglou Fotis Aug 23 '19 at 13:17
line 3. `char memory[20000];` – Euan Smith Aug 23 '19 at 13:20

My custom malloc function crashes when the remaining memory surpasses certain size

3 Answers3