malloc(0)時(shí)程序會(huì)返回什么？

時(shí)間：2021-12-13 13:50:43

關(guān)鍵字： POINTER RETURN SPACE SYSTEMS

手機(jī)看文章

掃描二維碼
隨時(shí)隨地手機(jī)看文章

[導(dǎo)讀]來自：知乎，作者：Name1e5s鏈接：https://zhuanlan.zhihu.com/p/40490357故事要從前兩天交流群中一位同學(xué)提到的這個(gè)問題開始這個(gè)問題看起來十分刁鉆，不過稍有常識(shí)的人都知道，制定C標(biāo)準(zhǔn)的那幫語言律師也不是吃白飯的，對(duì)這種奇奇怪怪的問題一定會(huì)有定...

來自：知乎，作者：Name1e5s

鏈接：https://zhuanlan.zhihu.com/p/40490357

故事要從前兩天交流群中一位同學(xué)提到的這個(gè)問題開始這個(gè)問題看起來十分刁鉆，不過稍有常識(shí)的人都知道，制定 C 標(biāo)準(zhǔn)的那幫語言律師也不是吃白飯的，對(duì)這種奇奇怪怪的問題一定會(huì)有定義。翻閱C17 標(biāo)準(zhǔn) 草案 N2176，在?

7.22.3?節(jié)里，有如下說法：The order and contiguity of storage allocated by successive calls to the aligned_alloc, calloc, malloc, and realloc functions is unspecified. The pointer returned if the allocation succeeds is suitably aligned so that it may be assigned to a pointer to any type of object with a fundamental alignment requirement and then used to access such an object or an array of such objects in the space allocated (until the space is explicitly deallocated). The lifetime of an allocated object extends from the allocation until the deallocation. Each such allocation shall yield a pointer to an object disjoint from any other object. The pointer returned points to the start (lowest byte address) of the allocated space. If the space cannot be allocated, a null pointer is returned. If the size of the space requested is zero, the behavior is implementation-defined: either a null pointer is returned to indicate an error, or the behavior is as if the size were some nonzero value, except that the returned pointer shall not be used to access an object.在這里，標(biāo)準(zhǔn)委員會(huì)明確規(guī)定了：當(dāng)?

malloc?接到的參數(shù)為 0 時(shí)，其行為是由實(shí)現(xiàn)定義的（implementation-defined）。由實(shí)現(xiàn)定義的行為這個(gè)詞就提醒我們，在實(shí)際編程時(shí)如果要考慮到程序在多個(gè)運(yùn)行環(huán)境下進(jìn)行運(yùn)行時(shí)，不能對(duì)?

malloc?返回的數(shù)值進(jìn)行任何假設(shè)。換言之，沒事兒不要吃飽了撐的在實(shí)際編程中寫下?

malloc(0)?這種天怒人怨的代碼。但是，這個(gè)無意義的問題吸引了我的興趣。因此我開始查閱?

glibc?的源代碼，依此了解在?

glibc?下，

mallloc(0)?的行為。在?

glibc2.27/malloc/malloc.c?中，有如下注釋：/*
??malloc(size_t?n)
??Returns?a?pointer?to?a?newly?allocated?chunk?of?at?least?n?bytes,?or?null
??if?no?space?is?available.?Additionally,?on?failure,?errno?is
??set?to?ENOMEM?on?ANSI?C?systems.

??If?n?is?zero,?malloc?returns?a?minumum-sized?chunk.?(The?minimum
??size?is?16?bytes?on?most?32bit?systems,?and?24?or?32?bytes?on?64bit
??systems.)??On?most?systems,?size_t?is?an?unsigned?type,?so?calls
??with?negative?arguments?are?interpreted?as?requests?for?huge?amounts
??of?space,?which?will?often?fail.?The?maximum?supported?value?of?n
??differs?across?systems,?but?is?in?all?cases?less?than?the?maximum
??representable?value?of?a?size_t.
*/
注釋已經(jīng)說的很清楚了，當(dāng)我們執(zhí)行?

malloc(0)?時(shí)，我們實(shí)際會(huì)拿到一個(gè)指向一小塊內(nèi)存的指針，這個(gè)指針指向的（分配給我們的）內(nèi)存的大小是由機(jī)器決定的。細(xì)讀代碼，可以發(fā)現(xiàn)，將讀入的內(nèi)存大小進(jìn)行轉(zhuǎn)換是由宏?

checked_request2size?實(shí)現(xiàn)的。相關(guān)的宏定義如下：/*?pad?request?bytes?into?a?usable?size?--?internal?version?*/
#define?request2size(req)?????????????????????????????????????????\
??(((req)? ?SIZE_SZ? ?MALLOC_ALIGN_MASK?