RE: malloc(1/0) ?? - Andrej Hosna

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Andrej Hosna <hosna@ibl.sk>
To: "David Schwartz" <davids@webmaster.com>
Cc: linux-kernel@vger.kernel.org
Subject: RE: malloc(1/0) ??
Date: Tue, 7 Nov 2000 08:59:40 +0100	[thread overview]
Message-ID: <00110709373507.05397@adino> (raw)
In-Reply-To: <NCBBLIEPOCNJOAEKBEAKEEAJLMAA.davids@webmaster.com>
In-Reply-To: <NCBBLIEPOCNJOAEKBEAKEEAJLMAA.davids@webmaster.com>

Hello ,
> > why does this program works. when executed, it doesnt
> > give a segmentation fault. when the program requests
> > memory, is a standard chunk is allocated irrespective
> > of the what the user specifies. please explain.
> >
> > main()
> > {
> >    char *s;
> >    s = (char*)malloc(0);
> >    strcpy(s,"fffff");
> >    printf("%s\n",s);
> > }
> >
> > NOTE:
> >   i know its a 'C' problem. but i wanted to know how
> > this works

C problem? You would better say , library problem(but it's not a problem at
all).

> The program does not work. A program works if it does what it's supposed to
> do. If you want to argue that this program is supposed to print "ffffff"
> then explain to me why the 'malloc' contains a zero in parenthesis.
> 
> The program can't possibly work because it invokes undefined behavior. It
> is impossible to determine what a program that invokes undefined behavior is
> 'supposed to do'.

I dont think it's undefined behaviour ...

Text from malloc.c <glibc2.something>
<------snip-------->
Malloc Algorithm:
 
    The requested size is first converted into a usable form, `nb'.
    This currently means to add 4 bytes overhead plus possibly more to
    obtain 8-byte alignment and/or to obtain a size of at least
    MINSIZE (currently 16, 24, or 32 bytes), the smallest allocatable
    size.  (All fits are considered `exact' if they are within MINSIZE
    bytes.)
<----- snip --------->
So some area of MINSIZE is alloced , and you can write there... 
Problems will arrive with writing over this area, and overwriting next memory
chunk header. Write is not a problem ... in your code you have 4KB to spare,
but when you try to free() you'd probably get SIGSEG. 

Hope that you have idea how it works now. If not, read the malloc.c comments to
find about about how malloc realy works.

Adino
-- 
/* Andrej Hosna - http://people.ibl.sk/adino - +421 903 852 696  */
/* IBL Software Engineering - http://www.ibl.sk - +421 7 43427214 */
                                                                
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

next prev parent reply	other threads:[~2000-11-07  8:36 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2000-11-07  3:59 malloc(1/0) ?? RAJESH BALAN
2000-11-07  7:54 ` David Schwartz
2000-11-07  7:59   ` Andrej Hosna [this message]
2000-11-07  8:50     ` David Schwartz
2000-11-07  8:09   ` Lyle Coder
2000-11-07  8:46     ` Matti Aarnio
2000-11-08  0:29       ` Rogier Wolff
2000-11-08  0:36         ` David Schwartz
2000-11-08  0:54     ` Igmar Palsenberg
2000-11-08  0:50   ` Igmar Palsenberg
2000-11-08 22:11     ` H. Peter Anvin
2000-11-08 22:11       ` Rasmus Andersen
2000-11-09 16:03       ` Igmar Palsenberg
2000-11-08  0:41 ` Igmar Palsenberg
2000-11-07 23:58   ` Tim Waugh
2000-11-08 12:38     ` Igmar Palsenberg
  -- strict thread matches above, loose matches on Subject: below --
2000-11-07  6:45 Dan Kegel
2000-11-07  7:13 ` J. Dow
2000-11-07  7:52   ` David Schwartz
2000-11-08  0:47   ` Igmar Palsenberg
2000-11-07  9:26 malloc (1/0) ?? David Feuer
2000-11-07 16:12 malloc(1/0) ?? Jesse Pollard
2000-11-07 16:38 ` lost

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=00110709373507.05397@adino \
    --to=hosna@ibl.sk \
    --cc=davids@webmaster.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox