Sigcse 18

Download as pdf or txt
Download as pdf or txt
You are on page 1of 6

Implementing Malloc: Students and Systems Programming

Brian P. Railing Randal E. Bryant


Carnegie Mellon University Carnegie Mellon University
Pittsburgh, PA Pittsburgh, PA
bpr@cs.cmu.edu randy.bryant@cs.cmu.edu

ABSTRACT work that we would have expected. Furthermore, when faced with
This work describes our experience in revising one of the major the daunting design space during their work, students would often
programming assignments for the second-year course Introduction resort to changing and tweaking what they had done so far in hopes
to Computer Systems, in which students implement a version of the of following some random walk to a su�ciently optimized solution
malloc memory allocator. The revisions involved fully supporting that would pass the assignment performance standards.
a 64-bit address space, promoting a more modern programming As a further shortcoming, students were encouraged to follow a
style, and creating a set of benchmarks and grading standards that programming style with extensive use of macros performing low-
provide an appropriate level of challenge. level address arithmetic. Many students struggled working with this
With this revised assignment, students were able to implement style of programming—the compiler did not generate meaningful
more sophisticated allocators than they had in the past, and they error messages, symbolic debugging tools could only provide a view
also achieved higher performance on the related questions on the into the post macro-expanded code, and it was very easy to make
�nal exam. mistakes in address computations. A small, but signi�cant number
of students failed to write allocators that could even pass all of
KEYWORDS the correctness tests. The ability of modern compilers to generate
e�cient code via inline substitution has made most macro-based
malloc, programming assignment, systems programming
programming obsolete.
ACM Reference Format: Previously, students would base their malloc on the code in The
Brian P. Railing and Randal E. Bryant. 2018. Implementing Malloc: Stu-
C Programming Language [6] and Computer Systems: A Program-
dents and Systems Programming. In SIGCSE ’18: SIGCSE ’18: The 49th
ACM Technical Symposium on ComputFS Science Education, February 21– mer’s Perspective [3]. From our review of student submissions,
24, 2018, Baltimore , MD, USA. ACM, New York, NY, USA, 6 pages. we concluded that there were several shortcomings in the assign-
https://doi.org/10.1145/3159450.3159597 ment and developed four areas for revision to the programming lab.
Listed here, these revisions will be discussed in greater detail later
1 INTRODUCTION in this work:
Teaching Introduction to Computer Systems, a course developed • Fully support a 64-bit address space. This required creating a
at Carnegie Mellon University [2] and widely adopted elsewhere, testing environment that allocated blocks of over 260 bytes,
exposes students to the basics of how the architecture, compiler, even though no existing system has access to that much
and operating system work together to support program execu- memory.
tion. The course makes use of seven programming assignments, • Promote a more modern programming style. Rather than writ-
termed labs, that explore di�erent aspects of the computer system. ing macros that performed low-level address calculations,
The most challenging lab for the course, distributed as part of the students were required to make best use of the abstractions
support materials for the Bryant-O’Hallaron textbook [3], requires provided by C, while still achieving high degrees of memory
students to implement a memory allocator based on malloc. Anec- utilization.
dotal reports by students, the instructors of more advanced systems • Use a set of carefully selected benchmark traces. These bench-
courses, and subsequent employers of the students indicate that this marks should challenge students to develop well-engineered
lab provides them an important experience in low-level program designs that achieve an appropriate balance between mem-
implementation, debugging, and tuning. ory utilization and throughput.
In re�ecting on the existing version of the malloc lab, we noted • Follow a revised time line and grading standards. We divided
that high scoring student submissions required identifying particu- the assignment into two phases to help students better man-
lar tricks and knowledge of the testing environment, all the while age their time.
not exploring the interesting design decisions and implementation
The rest of the paper is organized as follows: Section 2 provides
Permission to make digital or hard copies of all or part of this work for personal or the context of the course, Section 3 covers the overview of the mal-
classroom use is granted without fee provided that copies are not made or distributed
for pro�t or commercial advantage and that copies bear this notice and the full citation loc assignment, Section 4 explores the changes we made, Section 5
on the �rst page. Copyrights for components of this work owned by others than ACM presents our re�ections on the results, and Section 6 concludes
must be honored. Abstracting with credit is permitted. To copy otherwise, or republish,
to post on servers or to redistribute to lists, requires prior speci�c permission and/or a
this paper. Although the focus of this paper is on a speci�c assign-
fee. Request permissions from permissions@acm.org. ment for a speci�c purpose, we believe that many of the factors
SIGCSE ’18, February 21–24, 2018, Baltimore , MD, USA addressed are important considerations for any systems program-
© 2018 Association for Computing Machinery. ming assignment and that the approaches we devised have broader
ACM ISBN 978-1-4503-5103-4/18/02. . . $15.00
https://doi.org/10.1145/3159450.3159597 applications.
1.3
Header Payload Footer Allocated 1.2

Memory Used / Peak Data


Next Fit
1.2
First Fit
Header Next Previous Footer Free
1.1 Best Fit
1.1 Perfect Fit
Figure 1: Memory layout of minimum-sized allocated and Data Fit
1.0
free blocks for an explicit-list allocator Data
1.0
2 COURSE BACKGROUND 0.9
This course is normally taken by Computer Science and Electrical 0.9
and Computer Engineering majors in their second year, with a 0.8
signi�cant fraction of non-majors also enrolled, and about equal 0.3 0.35 0.4 0.45 0.5 0.55 0.6
percentages of each of the three groups. All students are expected Operation / Operation Count
to have previous experience with C programming. The course is Figure 2: Memory usage for a synthetically generated trace
required for those majors, and the non-majors are usually tak- for di�erent free-block selection strategies. Usage is scaled
ing the class to ful�ll secondary major or minor requirements. relative to peak data requirement, and operations are scaled
This course also serves as the prerequisite for upper-level systems relative to the total number of operations
courses in computer science and engineering, including architec-
ture, compilers, operating systems, and embedded systems. The
malloc programming assignment is sixth, and most demanding, of smaller requests. External fragmentation occurs when free blocks
seven assignments. are available, but none are large enough to satisfy a request. Each
fragmentation type is ameliorated by independent methods. Inter-
3 MALLOC PROGRAMMING LAB OVERVIEW nal fragmentation is reduced by minimizing the overhead to track
the allocated blocks, while external fragmentation is decreased by
Students are required to implement the functions malloc, realloc, better selection of which free block to reuse. The �xed nature of
calloc, and free, following the API set in the C standard for each pointers in C prevents any form of memory compaction, where
function. Their code is then linked into a driver that makes se- allocated blocks are moved into a single region to reduce external
quences of malloc and free calls. The driver populates allocated fragmentation.
blocks with random data and veri�es these bytes are preserved until Student implementations start from code using an implicit free
freeing the block. Other correctness checks are also performed. list, in which free blocks are located by traversing all allocated and
The lab exposes students to many aspects of systems program- unallocated blocks in memory order. Making the free list explicit
ming including: with pointers between blocks signi�cantly reduces the time to �nd
• Implementing library functionality given an API whether a unallocated block can be reused. Both implicit and explicit
• Exploring a design space with many choices in data struc- list implementations use boundary tags for coalescing [7], with the
tures and algorithms layout for a minimum-sized block shown in Figure 1. Students
• Understanding that heap memory is just an array of bytes can further improve the throughput of requests by segregating the
that can be partitioned, reused, and rede�ned as a program explicit list based on sizes.
executes The free lists are searched on subsequent malloc requests to �nd
• Debugging and tuning code that relies on low-level data if there are any blocks that satisfy the request. There are a variety
structure manipulation to meet targeted requirements of strategies, including: next �t that resumes searching where the
• Exploring possible trade o�s between the con�icting goals previous search �nished, �rst �t that selects the �rst block that
of high memory utilization and high throughput could satisfy the request, and best �t that checks every block and
The following is a brief discussion of the implementation con- selects the one closest to the requested size. Other design decisions
cerns present when working on this programming assignment. Wil- can include whether to manage the free block list(s) by a FIFO, LIFO,
son, et al. [10] has a detailed treatment of the design and evaluation address, or size ordering.
of memory allocators. Figure 2 shows the memory usage for di�erent free-block se-
Correct malloc implementations are measured with two per- lection strategies focused on the peak, as the peak fragmentation
formance metrics: throughput and utilization. Throughput is the characterizes the memory e�ciency of the allocator. In addition to
number of operations completed in a measured amount of time. the block-selection strategies, this �gure also includes two targets
Utilization compares the heap space allocated to the program at that serve as lower bounds for any allocator: perfect �t that as-
the end of execution (the heap never shrinks) compared to the peak sumes there is no external fragmentation, and data �t that assumes
data requirement. The excess space required by the implementation there is neither internal nor external fragmentation. In the �gure,
is termed fragmentation, of which there are two types. Internal the �t curves continue to increase after the allocation peak, as the
fragmentation occurs when the allocated block is larger than the di�erent strategies work to handle the churn of allocations and
payload, due to extra space required to manage the blocks and to frees. Eventually, a su�cient percentage of memory is free that any
satisfy alignment requirements. And as will be discussed later in new allocation in the trace can be satis�ed and there is no further
Section 4.3, internal fragmentation is greater proportionately with increase in memory usage.
One common optimization is to remove the footer from allo- /* Basic constants and macros */
cated blocks to allow larger payloads within a block. Other schemes #define WSIZE 8 /* Word and header/footer size (bytes) */
can further improve utilization by special handling of smaller re- #define DSIZE 16 /* Double word size (bytes) */
quests, or by reducing the headers for small blocks. Together, these /* Pack a size and allocated bit into a word */
optimizations are focused on reducing the internal fragmentation. #define PACK(size, alloc) ((size) | (alloc))
/* Read and write a word at address p */
4 ASSIGNMENT REVISIONS #define GET(p) (*(unsigned long *)(p))
#define PUT(p, val) (*(unsigned long *)(p) = (val))
In the following section, we discuss our four revisions to the malloc /* Read the size field from address p. */
implementation programming assignment. #define GET_SIZE(p) (GET(p) & ~0x7L)
/* Given block ptr bp, compute address of
4.1 64-bit Address Space * its header and footer */
The previous version of the lab was derived from one based on a #define HDRP(bp) ((char *)(bp) - WSIZE)
32-bit address space. Students found they could exploit limitations #define FTRP(bp) ((char *)(bp) + GET_SIZE(HDRP(bp))
of the testing framework. For example, they would deduce that - DSIZE)
no trace required more than 100MB of memory, and could there- Figure 3: Old coding style based on macros (from textbook)
fore replace 64-bit pointers with 27-bit o�sets and similarly for
each block’s size �eld. While these are valuable optimizations in a
is possible for student code to detect whether it was being run
memory constrained environment, student submissions using this
with or without memory emulation, so the emulated tests are made
approach do not meet the programming lab objective of developing
using all of the native traces, and the memory utilization compared
a general purpose memory allocator.
against the native execution. This prevents students from using the
One possible solution would be to modify the traces to use larger
earlier optimizations during native runs and turning them o� in
request sizes; however, any such change would always have a
emulation. In addition to rerunning the native traces, additional
known upper bound. Furthermore, students commonly run their
“giant” traces were prepared that require the emulation support to
code on shared servers, to which signi�cant increases in memory
succeed.
demands could impact the shared platform. Indeed, there are no
Following the C standard [5], we use the implementation speci-
systems available that have access to the 1.8 ⇥ 1019 bytes that a true
�ed alignment for x86-64 [4] and require that student malloc im-
64-bit machine could address.
plementations align the allocations to 16-byte boundaries.
We also felt it was important to provide a testing environment
that would truly evaluate the ability of the student programs to
handle a 64-bit address space, rather than relying on manual in- 4.2 Modern Programming Style
spection by the students or the grading sta�. There are many ways Traditionally, C programming required using macros for common,
to inadvertently invoke 32-bit arithmetic in C, e.g., by using the low-level operations to avoid function call overhead. Also, the em-
expression 1 << n, rather than 1L << n, and so explicit testing is phasis on carefully packing data to minimize memory usage, and
important. the natural reuse of memory blocks in malloc implementations
To address both of these concerns, we developed an alternative resulted in a signi�cant usage of unstructured pointer arithmetic.
testing infrastructure that would not be limited to the existing This coding style is illustrated in Figure 3, showing excerpts from
memory availability and could then permit testing of request sizes the allocator code described in the textbook. Many students would
up to the maximum for the size_t parameter. struggle when extending this code to support the necessary com-
Using the LLVM compiler framework [8], a second, alternative plexity to pass the assignment.
binary malloc-emulate was built, where all of the memory opera- Modern C standards and compilers provide far greater support
tions (loads and stores) were modi�ed to instead call an emulation for types and performance, such that many of the motivations for
library. This layer would either emulate the access if it was being macro code are obviated. We rewrote the starter code emphasizing
made to the heap region or allow direct the access to system mem- two things: �rst, insofar as possible, operations should be made
ory for other memory regions. The emulator exploits the fact that, using explicit and appropriate type information, and second, inline
even when a very large block is stored on the heap, the allocator and optimization decisions should be left to the compiler. Figure 4
need only access the bytes at the very beginning or the very end of is taken from the revised starter code provided to all students. Each
the block (assuming no calls to calloc or realloc.) By emulating internal block in the malloc implementation is now an explicit type;
a very sparse address space, it can handle allocations of blocks con- however, the footer cannot be included given that its location is
taining 260 or more bytes. With the emulated version, student code dependent on the size of the payload. By compiling with optimiza-
can then be tested to support full 64-bit pointers (going beyond tion enabled, the function-based code has the same performance as
current x86 support for 48-bits) and thereby determine if student macro-based code, and it signi�cantly eases their debugging e�orts
code was robust against all access sizes or if it had been tuned to when the optimizations are disabled.
the smaller traces. When students make the �rst change to an explicit free list, they
When running the emulated version, student code has roughly use union and struct to describe the types and positions of the
a 9⇥ slowdown versus the native (non-emulated) implementation, required pointers. This contrasts with the earlier code where these
and so throughput measurements are run on the native binary. It �elds would be known just by their o�sets from the header, and
/* Basic declarations */ Category p :q Unit Maximum
typedef uint64_t word_t; Struct 70 : 30 8 256
static const size_t wsize = sizeof(word_t); String 60 : 40 1 256
typedef struct block { Array 95 : 05 4 min(218 , 109 /N )
/* Header contains size + allocation flag */ Giant array 60 : 40 4 260 /N
word_t header;
Figure 5: Power-law parameters for synthetic traces, when
/* Placeholder for payload */
generating trace with N allocation operations
char payload[0];
} block_t; (2) it must minimize external fragmentation, in which free blocks
/* Pack size and allocation bit into single word */ accumulate due to a poor block placement strategy; and (3) it must
static word_t pack(size_t size, bool alloc) { maximize throughput by minimizing the time required by each
return size | alloc; operation. A good set of benchmarks must stress all three of these
} aspects. No single benchmark can cover all of them, but hopefully a
/* Extract size from packed field */ collection of well-chosen and well-designed benchmarks will clearly
static size_t extract_size(word_t word) { demonstrate the relative merits of di�erent implementations.
return (word & ~(word_t) 0x7); We created a new set of benchmark traces that would stress the
} diversity of program allocation behaviors. We did not conduct a sys-
/* Get block size */ tematic study of real program behaviors, rather we selected several
static size_t get_size(block_t *block) { programs with diverse allocation behaviors and also constructed
return extract_size(block->header); additional synthetic traces to test speci�c categories of commonly
} allocated data.
/* Set fields in block header */ We started with a set of programs and used the compile-time
static void write_header(block_t *block, size_t size, interpositioning method described in [3] to extract the sequence
bool alloc) { of calls to malloc and free. We selected sets of input data to these
block->header = pack(size, alloc); programs to generate a total of 12 traces having between 2,874 and
} 63,956 allocation requests, with an average of 34,515. Among the
/* Set fields in block header */ largest traces, one requires that the allocator manage up to 44,465
static void write_footer(block_t *block, size_t size, blocks at its peak, while another requires a total of 31.3 MB of
bool alloc) { payload data at its peak.
word_t *footerp = (word_t *)((block->payload) In addition, we generated a set of synthetic data that attempted
+ get_size(block) - dsize); to capture heap-allocated data structures storing structs, strings,
*footerp = pack(size, alloc); and arrays:
} Structs: These are used to implement nodes in lists, trees, and
/* Locate start of block, given pointer to payload */ graphs. On 64-bit machines, their sizes will typically be mul-
static block_t *payload_to_header(void *bp) { tiples of eight to satisfy the alignment of embedded pointers
return (block_t *)(((char *)bp) - Strings: These will have no particular pattern of uniformity
offsetof(block_t, payload)); or size.
} Arrays: These will have widely varying sizes, but they will be
Figure 4: New coding style based on constants and functions multiples of 4 or 8.
The block sizes within each of these categories were generated
thereby reduces the chance that the student mixes the meanings of according to a power-law distribution, having a probability density
the o�sets. function of the form p(s) / s , for some  1. A power-law
Even in making these changes to the baseline code, we did not distribution can be characterized by a ratio of the form p : q, where
do away with all macros. For example, macros are still provided to 0 < p < 100 and q = 100 p, indicating that percentage p of the
support assertions, debugging prints, and de�nitions of constant pa- generated samples should be less than percentage q of the maximum
rameters. All student submissions were screened by a program that value. For example, the familiar 80 : 20 rule states that 80% of the
detects the use of function-like macros (those having arguments.) values are less than or equal to 20% of the maximum value. Each
class is also characterized by a unit u, de�ning both the minimum
4.3 New Traces value and a value for which all values must be multiples. Finally,
The selection of appropriate traces for the assignment can make a each class has a maximum value M.
signi�cant di�erence in establishing appropriate design decisions Figure 5 speci�es the parameters for the di�erent classes. Ob-
in the lab. For example, larger request sizes minimize the impact serve that both strings and structs have maximum sizes of 256 bytes,
of internal fragmentation on reported utilization but can cause but strings have u = 1, while structs have u = 8. This di�erence
greater external fragmentation. A good allocator must overcome has important implications for the internal fragmentation. Arrays
three challenges in achieving high utilization and throughput: (1) it have a maximum size of 262,144 (218 ) bytes, except when the trace
must minimize internal fragmentation by reducing the overhead of has so many allocations N , that there is a risk that it will require a
the data structures, especially in the �elds of the allocated blocks; heap size of more than 100MB. In such cases, the maximum array
length is set to 109 /N . Normal arrays have an extreme power-law Semester Version Assignment Score Exam Scores
distribution 95 : 5, giving it a very long-tailed distribution. Finally, Spring 2016 Old 78.0 78.0
a class of giant arrays can be generated for traces to test the ability Fall 2016 New 75.1 87.0
of the allocator to handle 64-bit sizes and pointers. These could Spring 2017 New 75.3 89.0
have sizes up to 260 /N (260 ⇡ 1.15 ⇥ 1018 ), and with a fairly uni- Figure 6: Malloc Assignment and �nal exam question scores
form 60 : 40 distribution. It should be noted that, although these (both with maximum values of 100), for the old and new ver-
parameters seem reasonable, we made no attempt to systematically sions of the assignments
evaluate the sizes of heap allocation requests in actual programs. traces using realloc are tested only for correctness and not any
We generated four benchmark traces, each containing 40,000 performance metrics.
allocation requests, for the regular benchmarks: one for each of the
three categories, and a fourth containing allocations chosen ran- 4.4 Grading Standards
domly from the classes struct, string, and array, with probabilities
Having established a set of benchmarks, existing norms for student
35%, 30%, and 35%, respectively. We also created a set of �ve “giant”
submissions no longer apply. Instead we performed an extensive
trace benchmarks, generated allocations that require almost the
benchmarking process, implementing a number of allocators trying
entire 64-bit address space. The largest allocated block in these has
di�erent strategies for reducing internal and external fragmentation.
a payload of 8.4 ⇥ 1016 (over 256 ) bytes.
We measured how each performed in terms of throughput and
The di�culty posed by a benchmark trace comes not just from
utilization, and then selected cuto� points based on the features
how blocks are allocated, but also how they are freed. For example,
we considered achievable by all students versus those of increasing
a trace that only allocates blocks and never frees them (or frees
di�culty and complexity. Students implementing segregated free
them at the very end) will have almost no external fragmentation
lists, removing footers, and an approximation of best �t would earn
and so the free lists will be very short. These require only reducing
a B (around 85%) for the assignment. These features take students
internal fragmentation to get good performance. Additionally, block
a self-reported average of 20–30 hours to complete, which �ts with
coalescing implies that a trace that frees most of the blocks at some
a multiweek assignment. Students completing those features faster
point will end up with a small number of large free blocks. Such
generally use additional time to make further improvements to
a con�guration will not pose much challenge for the subsequent
their submissions.
utilization or throughput.
Furthermore, we found that splitting the assignment into two
We devised a simple scheme for inserting free operations into
parts by introducing a checkpoint also aided student learning and
a trace (both the ones extracted from actual programs, as well as
experience. Given the sequence of features to implement, transition-
the synthetic traces) that proved successful in stressing both the
ing the baseline code from implicit free lists to explicit, segregated
throughput and the ability to minimize external fragmentation.
free lists roughly corresponded to half of student time, as they built
Consider a trace containing N allocations that are never freed. At
up their understanding of the code and the approaches required to
each such allocation step i, we generate a free target t = 2i/N ,
debug their implementation. This transition only signi�cantly im-
indicating a target number of free operations to insert after the
pacts the throughput of the implementation, which allows students
allocation step. For t < 1, we �ip a weighted (by t) coin to determine
to focus on optimizing for a single constraint. The second part of
whether or not to insert a free operation. For t 1, we repeatedly
the assignment requires them to then improve utilization, mostly
insert free operations and decrement t until t < 1, and then �nish
by reducing internal fragmentation.
with a weighted-coin �ip. When inserting a free operation, one
of the existing blocks is selected at random to be freed. With this
5 REFLECTIONS
strategy, the program begins by allocating blocks, but freeing them
only sporadically. At a midpoint, it approaches an equilibrium, A major question in any update to course material is whether stu-
allocating and freeing blocks in roughly equal portions. Then it dent learning is improved. As we wrote new traces and grading
increases the rate of freeing so that the expected number of allocated standards for the assignment, we cannot easily compare before
blocks at the end should be nearly 0. We also free any allocated and after the revision on the assignment itself. However, one set of
blocks at the end to complete the trace. questions on the �nal exam test students’ knowledge of malloc. In
Figure 2 illustrates the performance of allocators following di�er- Figure 6, we compared the before (Spring 2016) scores with those
ent block placement policies near the peak for one of the synthetic after revising the lab (Fall 2016 and Spring 2017), as well as includ-
benchmarks. This is that point where external fragmentation is at ing the programming assignment scores for comparison.1 Using
its maximum, challenging both utilization and throughput. an independent samples t-test, we found no statistically signi�cant
We rejected constructing any adversarial traces that might un- di�erence in the assignment scores, yet a clear di�erence (p value
duly penalize speci�c design decisions, such as one that would force less than 0.01) in the related exam scores before and after the lab
the allocator’s search strategy to fully traverse a FIFO list. The only revision. However, the score distribution on the assignment is such
defense against such traces would be to implement an allocator with that only half of the students in each semester are earning a B.
strong worst-case performance guarantees, e.g., using balanced tree This assignment gave us considerable exposure to students’ ef-
data structure to implement the free list. Such a requirement was forts to debug their implementations. In particular, corruptions in
deemed beyond the scope of the course. We also worked to avoid the internal state of the implementation will not immediately crash
any benchmark trace that would target particular implementation 1 Dueto other course changes, we cannot make a broader comparison between
characteristics. Finally, in keeping with the previous lab assignment, semesters.
(*(void **)((*(void **)(bp)) + DSIZE)) = e�ort on the learning objectives for the assignment. And our prelim-
(*(void **)(bp + DSIZE)); inary analysis of student scores shows a signi�cant improvement,
Figure 7: Untyped malloc implementation indicating that students are learning the material better than before.
bp->prev->next = bp->next; There are several opportunities to continue the assignment rewrite.
Figure 8: Typed malloc implementation First, we can revisit the trace generation of Section 4.3 and compare
it against a more systematic study of allocation patterns. Second,
the allocator, but rather instead fail at some later point. Some fail- the throughput measurements can be sensitive to machine con�gu-
ures are crashes (segmentation faults or bus errors), but many others ration and load, so we are investigating how to maintain the time
are observed as overlapping allocated blocks or corruption of an component while minimizing the sources of variation. Finally, we
allocated block’s payload. We emphasize the use of gdb, speci�cally are continuing to update our guidance to students on both how to
using the two recitations during the assignment to work through improve their design and style, as well as exploring how to better
debugging techniques using several simple implementations of prepare students for debugging complex and optimized code.
malloc that have bugs commonly seen by students; however, as
observed by others [1] [9], many students will use other debugging ACKNOWLEDGMENTS
approaches. For example, we require students to write a function,
Matthew Salim, an undergraduate student at CMU, participated in
the heap checker, that will check appropriate invariants of their
many parts of the lab development. The CMU Eberly Center for
implementations. And �nally, many students debug their code by
Teaching Excellence has provided helpful guidance in how best to
manually tracing the state or introducing print statements to ob-
assess the e�ectiveness of the assignment in enhancing student
serve the state.
learning, as well as assisting with the collection and analysis of stu-
Given the design space described in Section 3, this assignment
dent scores. The National Science Foundation, under grant 1245735,
is often one of students’ �rst exposure to a problem with an open
has supported some of our e�orts in course material development.
design space. Regularly, students attempt to glean speci�c insights
from the instructional sta� such as “How many segregated free REFERENCES
lists should my implementation use?” or “Now that I have imple- [1] Basma S. Alqadi and Jonathan I. Maletic. 2017. An Empirical Study of Debugging
mented X, what should I do next?”. We emphasize the need to test Patterns Among Novices Programmers. In Proceedings of the 2017 ACM SIGCSE
and explore the options available in the potential design space, Technical Symposium on Computer Science Education (SIGCSE ’17). ACM, New
York, NY, USA, 15–20. https://doi.org/10.1145/3017680.3017761
while providing a basic set of possible features. They both enjoy [2] Randal E. Bryant and David R. O’Hallaron. 2001. Introducing Computer Systems
the ownership that comes from making these decisions, while also from a Programmer’s Perspective. In Proceedings of the Thirty-second SIGCSE
expressing frustration with the lack of speci�c guidance. The guid- Technical Symposium on Computer Science Education (SIGCSE ’01). ACM, New
York, NY, USA, 90–94. https://doi.org/10.1145/364447.364549
ance is improving as teaching assistants come through the course [3] Randal E. Bryant and David R. O’Hallaron. 2015. Computer Systems: A Program-
with the new lab. And for those TAs with experience across both mer’s Perspective (3rd ed.). Pearson.
[4] Intel Corporation, Santa Clara, CA 2017. Intel 64 and IA-32 Archi-
versions of the assignment, they report a greater satisfaction and tectures Software Developer Manuals. Intel Corporation, Santa Clara,
ease of helping students from this revision. CA. http://www.intel.com/content/www/us/en/processors/architectures-
From the grading and support side, it can be di�cult to under- software-developer-manuals.html.
[5] ISO/IEC 9899:2011 WG14 2011. Programming Languages - C (C11). ISO/IEC
stand the meaning of purely pointer-based code. Figure 7 provides 9899:2011 WG14. http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf
one extreme example of the minimal level of type information that [6] Brian W. Kernighan and Dennis M. Ritchie. 1988. The C Programming Language.
student code may use. When students ask for assistance debugging Prentice Hall Press, Upper Saddle River, NJ, USA.
[7] Donald E Knuth. 1973. Fundamental algorithms: the art of computer programming.
similar code, our common response has been to recommend a type- [8] Chris Lattner and Vikram Adve. 2004. LLVM: A Compilation Framework for
based rewrite, resulting in code similar to Figure 8. And for many, Lifelong Program Analysis & Transformation. In Proceedings of the International
Symposium on Code Generation and Optimization: Feedback-directed and Runtime
this rewrite is su�cient to �nd the cause of the bug and �x the Optimization (CGO ’04). IEEE Computer Society, Washington, DC, USA, 75–88.
original issue. http://dl.acm.org/citation.cfm?id=977395.977673
However, this typed code is not without cost. Those students ex- [9] Laurie Murphy, Gary Lewandowski, Renée McCauley, Beth Simon, Lynda
Thomas, and Carol Zander. 2008. Debugging: The Good, the Bad, and the Quirky
tending the baseline code with additional pointer casts can violate – a Qualitative Analysis of Novices’ Strategies. In Proceedings of the 39th SIGCSE
strict aliasing rules, such as by casting block_t* (see Figure 4) di- Technical Symposium on Computer Science Education (SIGCSE ’08). ACM, New
rectly to free_block_t* (or other alternative structure). This cast York, NY, USA, 163–167. https://doi.org/10.1145/1352135.1352191
[10] Paul R. Wilson, Mark S. Johnstone, Michael Neely, and David Boles. 1995. Dy-
can have unde�ned behavior in the C standard, whereas previously namic Storage Allocation: A Survey and Critical Review. In Proceedings of the
all pointers would be char* or void* and not have this behavior. International Workshop on Memory Management (IWMM ’95). Springer-Verlag,
London, UK, UK, 1–116. http://dl.acm.org/citation.cfm?id=645647.664690
Identifying unde�ned behavior that is causing failures is tricky
and students can be particularly frustrated that introducing print
statements to debug the failing behavior can disrupt the compiler’s
analysis and optimizations, such that this and other unde�ned be-
haviors are no longer failing. Finally, a small percentage of students
state a preference for the traditional, macro-based code.

6 CONCLUSION AND FUTURE WORK


This paper has shown our revisions to a demanding systems pro-
gramming assignment. These changes have helped refocus student

You might also like