Monday, June 30, 2014


Memory management in C and auto allocating sprintf() - asprintf()



Memory Management

Memory management in C is viewed by some to be quite tricky. One needs to work with pointers that can point anywhere in memory, and if misused, cause a program to misbehave, or worse.

The basic functions to allocate and deallocate memory in C are malloc() and free() respectively. The malloc() function takes a size in bytes of how much to allocate, and returns a pointer to the allocated memory to be used. Upon failure, a null pointer, which can be thought of as a pointer pointing to 0 is returned. The free() function takes the pointer returned by malloc(), and deallocates the memory, or frees up the memory it was once pointing to.

To work with malloc() in simple situations, typically, code along the following lines is used:
void *p = malloc(size);
if (p)
{
  ... work with p ...
  free(p);
}
else
{
  ... handle error scenario ...
}

Unfortunately many experienced programmers forget to handle the failure scenario. I've even heard some say they purposely don't, as they have no clue how to proceed, and just letting the program crash is good enough for them. If you meet someone who makes that argument, revoke their programming license. We don't need such near sighted idiots writing libraries.

In any case, even the above can lead to some misuse. After this block of code runs, what is p now pointing to?

After the above code runs, in the case that malloc() succeeded, p is now pointing to memory in middle of nowhere, and can't be used. This is known as a dangling pointer. Dangling pointers can be dangerous, as an if clause as above will think the pointer is valid, and may do something with it, or lead to the infamous use after free bug. This becomes more likely to occur as the situation becomes more complicated and there are loops involved, and how malloc() and free() interact can take multiple paths.

Pointers involved with memory management should always be pointing at 0 or at allocated memory. Anything else is just asking for trouble. Therefore, I deem any direct use of free() dangerous, as it doesn't set the pointer to 0.

So if free() is considered harmful, what should one use?

In C++, I recommend the following:

static inline void insane_free(void *&p)
{
  free(p);
  p = 0;
}

This insane_free() is now a drop in replacement for free(), and can be used instead. (Since C++ programs normally use new and delete/delete[] instead, I leave it as an exercise to the reader how to work with those.)

However, C doesn't support direct references. One can pass a pointer by a pointer to accomplish similar results, but that becomes clunky and is not a drop in replacement. So in C, I recommend the following:
#define insane_free(p) { free(p); p = 0; }
It makes use of the preprocessor, so some may consider it messy, but it can be used wherever free() currently is. One could also name the macro free in order to automatically replace existing code, but it's best not to program that way, as you begin to rely on these semantics. This in turn means someone copying your code may think a call to free() is the normal free() and not realize something special is occurring when they copy it elsewhere without the macro.

Correct usage in simple cases is then:
void *p = malloc(size);
if (p)
{
  ... work with p ...
  insane_free(p);
}
else
{
  ... handle error scenario ...
}
If you think using a wrapper macro or function is overkill, and just always manually assigning the pointer to 0 after freeing is the way to go, consider that it's unwieldy to constantly do so, and you may forget to. If the above technique was always used, all use after free bugs would never have occurred in the first place.

Something else to be aware of is that there's nothing wrong with calling free(0). However, calling free() upon a pointer which is not null and not pointing to allocated memory is forbidden and will crash your program. So stick to the advice here, and you may just find memory management became significantly easier.

If all this talk of pointers is beyond you, consider acquiring Understanding and Using C Pointers.

sprintf() and asprintf()

If you do a lot of C programming, at some point, you probably have used the sprintf() function, or its safer counterpart snprintf().

These two functions sprintf() and snprintf() act like printf(), but instead of printing to the standard output, they print to a fixed-length string buffer. Now a fixed-length string buffer is great and all, but what if you wanted something which automatically allocated the amount it needed?

Enter asprintf(), a function which acts like sprintf(), but is auto-allocating, and needs no buffer supplied. This function was invented ages ago by GLIBC, shortly thereafter copied to the modern BSDs, and found its way further still into all sorts of libraries, although is not yet ubiquitous.

Let's compare the prototypes of the two:
int sprintf(char *buffer, const char *format, ...); 
int asprintf(char **ret, const char *format, ...);
The sanest approach would have been for a function like asprintf() to have the prototype of:
char *asprintf(const char *format, ...);
But its creators wanted to make it act like sprintf(), and its design can also be potentially more useful.

Instead of passing asprintf() a buffer, a pointer to a variable of type char * needs to be passed, like so:
char *buffer;
asprintf(&buffer, ...whatever...);
Now how asprintf() actually works is no big secret. The C99 standard specified that snprintf() upon failure should return the amount of characters that would be needed to contain its output. Which means that conceptually something along the following lines would be all that asprintf() needs to do:
char *buffer = malloc(snprintf(0, 0, format, data...)+1);
sprintf(buffer, format, data...);
Of course though, the above taken verbatim would be incorrect, because it mistakenly assumes that nothing can go wrong, such as the malloc() or snprintf() failing.

First let's better understand what the *printf() functions return. Upon success, they return the amount of characters written to the string (which does not include the trailing null byte). Or in other words, the return value is equivalent to calling strlen() on the data being output, which can save you needing to use a strlen() call with sprintf() or similar functions for certain scenarios. Upon failure, for whatever reason, the return is -1. Of course there's the above mentioned exception to this with snprintf(), where the amount of characters needed to contain the output would be returned instead. If during the output, the size overflows (exceeds INT_MAX), many implementations will return a large negative value (failure with snprintf(), or success with all the functions).

Like the other functions, asprintf() also returns an integer of the nature described above. Which means working with asprintf() should go something like this:
char *buffer;
if (asprintf(&buffer, ...whatever...) != -1)
{
  do_whatever(buffer);
  insane_free(buffer);
}
However, unlike the other functions, asprintf() has a second return value, its first argument, or what the function sees as *ret. To comply with the memory management discussion above, this should also be set to 0 upon failure. Unfortunately, many popular implementations, including those in GLIBC and MinGW fail to do so.

Since I develop with the above systems, and I'm using asprintf() in loops with multiple paths, it becomes unwieldy to need to pass around the buffer and the returned int, so I'd of course want saner semantics which don't leave dangling pointers in my program.

In order to correct such mistakes, I would need to take code from elsewhere, or whip up my own function. Now I find developing functions such as these to be relatively simple, but even so, I always go to check other implementations to see if there's any important points I'm missing before I go implement one. Maybe, I'll even find one which meets my standards with a decent license which I can just copy verbatim.

In researching this, to my shock and horror, I came across implementations which properly ensure that *ret is set to 0 upon failure, but the returned int may be undefined in certain cases. That some of the most popular implementations get one half wrong, and that some of the less popular get the other half wrong is just downright terrifying. This means that there isn't any necessarily portable way to check for failure with the different implementations. I certainly was not expecting that, but with the amount of horrible code out there, I guess I really shouldn't be surprised anymore.

Also in the course of research, besides finding many implementations taking a non-portable approach, many have problems in all sorts of edge cases. Such as mishandling overflow, or not realizing that two successive calls to a *printf() function with the same data may not necessarily yield the same results. Some try to calculate the length needed with some extra logic and only call sprintf() once, but this logic may not be portable, or always needs updating as new types are added to the format string as standards progress, or the C library decided to offer new features. Some of the mistakes I found seem to be due to expecting a certain implementation of underlying functions, and then later the underlying functions were altered, or the code was copied verbatim to another library, without noting the underlying functions acted differently.

So, once again, I'm finding myself needing to supply the world with more usable implementations.

Let's dive into how to implement asprinf().

Every one of these kind of functions actually has two variants, the regular which takes an unlimited amount of arguments, and the v variants which take a va_list (defined in stdarg.h) after the format argument instead. These va_lists are what ... gets turned into after use, and in fact, every non-v *printf() function is actually wrapped to a counterpart v*printf() function. This makes implementing asprintf() itself quite straight forward:



To fix the aforementioned return problems, one could also easily throw in here a check upon the correct return variable used in the underlying vasprintf() implementation and use it to set the other. However, that's not a very portable fix, and the underlying implementation of vasprintf() can have other issues as described above.

A straight forward implementation of vasprintf() would be:



As long as you have a proper C99 implementation of stdarg.h and vsnprintf(), you should be good to go. However, some systems may have vsnprintf() but not va_copy(). The va_copy() macro is needed because a va_list may not just be a simple object, but have handles to elsewhere, and a deep copy is needed. Since vsnprintf() being passed the original va_list may modify its contents, a copy is needed because the function is called twice.

Microsoft Visual C++ (MSVC, or Microsoft Vs. C++ as I like to think of it) up until the latest versions has utterly lacked va_copy(). This and several other  systems that lack it though usually have simple va_lists that can be shallow copied. To gain compatibility with them, simply employ:


#ifndef va_copy 
#define va_copy(dest, src) dest = src 
#endif

Be warned though that if your system lacks va_copy(), and a deep copy is required, using the above is a recipe for disaster.

Once we're dealing with systems where shallow copy works though, the following works just as well, as vsnprintf() will be copying the va_list it receives and won't be modifying other data.



Before we go further, there's two points I'd like to make.
  • Some implementations of vsnprintf() are wrong, and always return -1 upon failure, not the size that would've been needed. On such systems, another approach will need to be taken to calculate the length required, and the implementations here of vasprintf() (and by extension asprintf()) will just always return -1 and *ret (or *strp) will be 0.
  • The code if ((r < 0) || (r > size)) could instead be if (r != size), more on that later.
Now on Windows, vsnprintf() always returns -1 upon failure, in violation of the C99 standard. However, in violation of Microsoft's own specifications, and undocumented, I found that vsnprintf() with the first two parameters being passed 0 as in the above code actually works correctly. It's only when you're passing data there that the Windows implementation violates the spec. But in any case, relying on undocumented behavior is never a good idea.

On certain versions of MinGW, if __USE_MINGW_ANSI_STDIO is defined before stdio.h is included, it'll cause the broken Windows *printf() functions to be replaced with C99 standards compliant ones.

In any case though, Windows actually provides a different function to retrieve the needed length, _vscprintf(). A simple implementation using it would be:



This however makes the mistake of assuming that vsnprintf() is implemented incorrectly as it currently is with MSVC. Meaning this will break if Microsoft ever fixes the function, or you're using MinGW with __USE_MINGW_ANSI_STDIO. So better to use:



Lastly, let me return to that second point from earlier. The vsnprintf() function call the second time may fail because the system ran out of memory to perform its activities once the call to malloc() succeeds, or something else happens on the system to cause it to fail. But also, in a multi-threaded program, the various arguments being passed could have their data change between the two calls.

Now if you're calling functions while another thread is modifying the same variables you're passing to said function, you're just asking for trouble. Personally, I think that all the final check should do is ensure that r is equal to size, and if not, something went wrong, free the data (with insane_free() of course), and set r to -1. However, any value between 0 and size (inclusive), even when not equal to size means the call succeeded for some definition of success, which the above implementations all allow for (except where not possible Microsoft). Based on this idea, several of the implementations I looked at constantly loop while vsnprintf() continues to indicate that the buffer needs to be larger. Therefore, I'll provide such an implementation as well:



Like the first implementation, if all you lacked was va_copy(), and shallow copy is fine, it's easy to get this to work on your platform as described above. But if vsnprintf() isn't implemented correctly (hello MSVC), this will always fail.

All the code here including the appropriate headers, along with notes and usage examples are all packed up and ready to use on my asprintf() implementation website. Between everything offered, you should hopefully find something that works well for you, and is better than what your platform provides, or alternative junk out there.

As always, I'm only human, so if you found any bugs, please inform me.

265 comments:

«Oldest   ‹Older   201 – 265 of 265
Carla said...

As Your Business Insurance Specialists, we are dedicated to providing you with reliable, professional service to meet all your needs. | www.isiwc.org

Please do visit as well as www.homeinsuranceboiseid.com | www.sacramentoemergencydental.net

TT said...

Having said that, it's the hottest game that won't stop in 2022. For this reason, we developed PGSLOT. pgslot

pgslot said...

So today, let's change the way we think about winning prizes. What are some misconceptions when spinning slots sexybacarat

winbig said...

Betting games like online slot games There are a variety of games to choose from. Each game has a different presentation. How fun is each game? Let's take a look. ambbet

Anonymous said...

capital can come in and earn from playing online slots as well Because our website has free credits บาคา

วุ้นเส้น said...

which must be said that the wild of this game will come out for us to see all the time pgslot

Onepiece said...

It can be said that playing any game is good. It's so frequent that it's shocking. Why is it easy to give away? pgslot

pacto said...

popular online games. The game with the fastest mobile phone popular online games. The game with the fastest mobile phone pgslot

mostafa said...

طرز تهیه خورش ملاقورمه

Onepiece said...

and being honest with all customers equally We select good quality games, more than 500 games. บาคา

frung said...

Playing Slotxo with good sites and above all else that must most important And playing with it is control, sanity, and there must be a good rhythm to play pgslot

Onepiece said...

To have such a large number of users It is another game camp that is very interesting and worth investing in. pgslot เว็บตรง

ambbetambbet said...

Free credit is another important technique for playing online slots games. But that you can win at online slots games. pgslot

ambbet said...

There will be a manual for us to study or start working in any field must understand the nature of that job. sexybacarat

Onepiece said...

A collection of slot games that can be played for real, new members, 100% direct web superslot

Onepiece said...

Shoot fish with direct web. Deposit - withdraw. No minimum. Starting from only 1 baht. สล็อตxo

Wind said...

In pork porridge, there is ginger that helps in metabolism. Spring onions help reduce fat, control sugar. pgslot เว็บตรง

ambbetambbet said...

Free credit is another important technique for playing online slots games. But that you can win at online slots games. pgslot เว็บตรง

ตุ๊กตา said...

PGSLOT web slots free credit 100 no need to share new web version developed in a better way than before, we added สมัครสมาชิกสล็อต pg

ตุ๊กตา said...

Get terrified in the stunning Shockventures theme park. Feel the thrill in warm weather. pgslot

pattap said...

Giving away tips and how to play slots games in a nutshell! People turn to playing online lott games jili slot

วุ้นเส้น said...

Let's have a look at today's recipe giveaway, there will be some recipes that we've seen before, or what recipes you've come across or have brought. pgslot เว็บตรง

Starting from our team that will have to undergo training before providing a good service. Able to solve immediate problems for customers as well The back-of-house team is ready to take care of develo said...

Just a few seconds is still considered direct web slot no pass agent 2021 and there are also popular slot superslot

Onepiece said...

Free roma slots game is a legendary game from slotxo and joker that everyone must know. superslot

Larry said...

Superb post! Interested in reading more of your posts. When cone cells, which are found in the retinal tissue in the rear of the eye, are destroyed or unable to function properly, color blindness results. Visit this blog about the color blind test to learn more. Thank you.

play said...

Ballnaja.com, watch live football, watch football online, gather information on hot new sports news, football news, latest football news ข่าวบอลวันนี้

shadepo said...

suggest, argue, argue, argue, argue, argue, argue Offer an argument with the best deal.

Panya is the 1st source website in Thailand. สล็อต

Noud said...

Done, then receive a free credit promotion 20, press to receive it yourself, confirm the number, use it to play fun slots, make profits from the first day that you apply for membership. สล็อต

Pg said...

everyone 24 hours a day, so there are gamblers from all over the world can play on our website. pgslot เว็บตรง

Pg said...

Introducing the hottest online slots website in asia now It is an online gambling website that is open for service with ambbet

Carla said...

Paul Vogel is insurance licensed in the state of Washington. You can request a free quote for your insurance needs. | Seattle Allstate Insurance Agents

Carla said...

Our dentists are guaranteed professionals and highly trained in their field. | Professional Dentists Boise

Please check out our friends at High-quality Denture Services Tulsa

ploy said...

Slots gambling games that are becoming very popular right now. with the style of the game that makes players more excited with slot reels pgslot

ambbet said...

it's enough to get a reward. It turned out to be not worth it. But if there is a technique to play slots, you will definitely get more profits than losses. slotxo

Onepiece said...

200 baht before you can withdraw. pgslot

Onepiece said...

with all safety measures And in the end they got into the loot. HEIST STAKES is 5 reels. pgslot

pgslot said...

great value Including a variety of ways to play, deposit and withdraw automatically สล็อต

Carla said...

Do you need life insurance? Contact our agent today and get your free quote! - Eric Jeglum Allstate Agent | Paul Vogel Allstate Agent Seattle

TT said...

each has its own differences. Different ways that you can apply and apply to the way you play as well. And winning online slots ดูบอลสด

Carla said...

With numerous options available, Medicare can be overwhelming! That is why we here at Boise Life & Health Insurance along with Chris Antrim your Medicare Broker are here to help you understand what you need to know. - Medicare Plans Boise

PPL said...

Slots, online games, slots on mobile, top-up-withdraw via automatic system
24 hours service, 100% safe and secure. pgslot

Onepiece said...

The best slots game will come in the theme of luxury restaurants. named Michelin restaurant pgslot เว็บตรง

ตุ๊กตา said...

will make you enter. from the bottle of the game without having to run out of capital with the spin of the slot game AMBKING

pgslot said...

Direct website joker, not through agents. Pay 100% sure, break often, stand 1
Direct website joker not agent pgslot

Anonymous said...

Which to get our Coins, you can get it very easily. Because pgslot

Onepiece said...

GUARDIANS OF ICE & FIRE Ice can freeze the whole world. The heavy snow will fall ผลบอลสด

Noud said...

The truth if it is borrowed from relatives or close friends. It was still enough to talk and find a way together. But if the money you use to play Is it money that comes from borrowing สล็อต

pgslot said...

Direct website, apply for free, lots of games, we have demos, slot games of every camp, every game. ฟุตบอลโลก 2022

Noud said...

Slots will have a free credit of 10,000 baht, plus if anyone wants to play but has no capital. Our camp also gives away free credit to go. ดูทีวีออนไลน์

Noudda said...

play is standard without words. that there is no crash because we have a team to take care of the system all the time and in AMBKING

waii said...

From normal, we will enter this period. We will have to keep spinning the slot. Until you get 3-4 scatters, ดูบอลออนไลน์

Carla said...

Insurance might take a lot before understanding, but we are here to help you.

Life Insurance Allstate Agent Boise
Commercial Auto Insurance Allstate Boise
Business Insurance Allstate Seattle

pp1 said...

Continuously before anyone else at Winbigslot, along with playing methods, win rates, and techniques for playing jackpot slots that are easy to break. ดูบอลสด

ตุ๊กตา said...

Once you've chosen a website, apply for membership, which generally takes a few minutes, and you'll be able to AMBKING

pp1 said...

También hace que los jugadores usen su dinero apostado en vano. y para evitar esos problemas a través de AMBBET pgslot

Stella Jones said...

Nice thought thanks for sharing with us. Are you struggling with your nursing assignments and looking for some expert help? If so, you're not alone. Nursing is a demanding field that requires a great deal of time, effort, and dedication. Assignments can be especially challenging, as they often involve complex concepts and require a high level of attention to detail.

Fortunately, there are nursing assignment expert available who can provide the assistance you need to succeed. These experts are highly trained and experienced in the field of nursing, and can help you with everything from research and writing to editing and proofreading.

hastenchemical said...

Lime Kiln Dust in Tampa offers a practical solution for soil stabilization, enabling durable and long-lasting infrastructure development in the region. With its rich calcium content, Lime Kiln Dust proves to be an effective and eco-friendly option for enhancing construction materials in Tampa.

Charbonnel said...

Discover pure cocoa bliss at the chocolate bar in Riyadh, where velvety confections and exquisite treats blend to create an irresistible symphony of flavors. Whether you seek classic favorites or daring innovations, Riyadh's chocolate bars are a haven for every chocolate enthusiast.




global cfs said...

Navigating memory management in C can be likened to precise tile installation. Just as the best tile leveling system ensures evenness, proper memory handling with pointers guarantees program stability. Mastering this intricate art can lead to efficient and error-free code, much like a flawlessly tiled surface.




leadingit said...

leadingit company in UAE is a pioneering technology solutions provider, specializing in innovative IT services and consulting. With a reputation for excellence, they empower businesses to navigate the digital landscape with confidence.




hastencatering said...

Corporate catering services in Houston Texas with exceptional catering services that blend culinary excellence and seamless professionalism. From executive meetings to large conferences, savor delectable dishes that leave a lasting impression on every palate.




CV Writing Services said...

Unlock your career potential with our professional CV writing services Ireland. Our skilled team of writers specializes in crafting tailored CVs that highlight your strengths, experience, and accomplishments. Whether you're a recent graduate or a seasoned professional, our CV writing services in Ireland will help you stand out in the competitive job market.

+1(866) 646-1414 Match support number said...

Match.com Phone Number - Safeguarding Your Privacy

In today’s digital age, Match.com Phone Number has become the new normal, offering countless opportunities to meet new people. However, with it comes the delicate process of deciding when and how to share your phone number. This small yet significant step can greatly impact your online dating experience. Here are key factors to consider before taking that leap.

1. Gauge Trust and Comfort

Before sharing your phone number, ensure you feel comfortable with the person you’re interacting with. Trust builds over time, and rushing into sharing personal details could lead to unwanted consequences. Before exchanging phone numbers, take time to get to know them through the dating app, messaging, and even video calls.

2. Observe Consistency

Consistency in communication is often a good indicator of someone's genuine interest. If their responses are timely and thoughtful, and they’ve made efforts to have meaningful conversations, it could be a sign they are serious. Still, watch out for red flags like sudden disappearing acts or inconsistent behavior before handing out your number.

3. Use Caution in Sharing Personal Information

While Match Com Phone Number may seem harmless, sharing your phone number too early can expose you to risks such as unwanted calls or texts. Protect yourself by sharing only when you feel confident about the other person’s intentions. If you want to ease into it, consider using apps that allow calling without revealing your phone number.

4. Establish Boundaries

Before exchanging numbers, discuss expectations. It can be helpful to establish boundaries about communication frequency and preferred times to talk. Clear communication from the start fosters respect and understanding, making the transition from app messaging to texting smoother.

5. Consider a Temporary or Alternate Number

If you are still unsure but feel ready to move beyond the app, using a temporary or alternate phone number is a great option. Services like Google Voice or other burner apps offer anonymity while allowing you to communicate directly.

6. Trust Your Instincts

Your intuition plays a big role in Match Phone Number. If something feels off, don’t ignore it. There’s no rush to share your number if you have any hesitations. It’s better to be cautious and take your time than to regret a hasty decision.

7. The Right Time Will Come

In the end, there is no set timeline for when to share your phone number. Every connection is unique, and what works for one person may not work for another. Listen to your instincts, trust the process, and share your phone number when it feels right for you.

Happy dating, and remember—safety first!

Visit Here: ⏬

Match.com phone number
Match.com phone number

Sacramento Interior Designer said...

Taylor Author Page

Lilly Author Page

Post Sitemap

Sacramento Interior Designer said...

Taylor Author Page

Lilly Author Page

Post Sitemap

«Oldest ‹Older   201 – 265 of 265   Newer› Newest»