dynamic memory automatically zero'd

Ulrich Drepper drepper at redhat.com
Sat Aug 7 16:43:12 UTC 2010

Hash: SHA1

On 08/07/2010 06:59 AM, Robert Nichols wrote:
> Pages newly allocated by the kernel will be zeroed.  They begin life as
> a copy-on-write mmap() of /dev/zero.

Mostly true although /dev/zero hasn't played a role in this for many
years now.

Anonymous memory returned by mmap must be cleared.  Memory provided by
sbrk can be cleared and it is on Linux.

This is all rather problematic nowadays since it means many unnecessary
memory operations, in general.  There have been lots of talks about
relaxing the rules for sbrk and adding an mmap flag to avoid the
clearing.  This can easily be accommodated in the userlevel
implementation and lead to big improvements.

> Once you have used and freed
> memory from those pages, however, that memory will not be re-zeroed.

It's only guaranteed to be cleared upon reused, not directly after they
are freed.

> If a subsequent malloc() happens to grab that same memory you will see
> the old contents.  It will, however, be data written there by the
> current process.

Perhaps a bit strong: no memory freed with free() must be assumed to be
cleared.  Only when the memory is returned to the kernel will it before
the next use be cleared.  Everything else would be a big performance issue.

You can see it yourself by using MALLOC_PERTURB_.  It's really a
debugging tool to find call site which depend on malloc clearing memory
and use memory after fgreeing.  But it obviously it's also useful for
scrubbing memory.

- -- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖
Version: GnuPG v2.0.14 (GNU/Linux)


More information about the users mailing list