有选择地在内存覆盖上获取分段错误。 [英] Getting Segmentation Fault, selectively, on memory overwrite.
问题描述
大家好,
我看到一些我觉得奇怪的行为,我很想得到一个
的解释。我有以下程序。
#include< iostream>
#include< cstdlib>
using namespace std;
int main(int argc,char ** argv){
if(argc< 2){
返回-1;
}
int value = atoi(argv [1]);
char * arr = new char [value];
//除非下一个是数组,否则没有分段错误。
char * next = new char [value];
int i = 0;
for(i = 0; i< value; i ++){
arr [i] =''a'';
next [i] =''a'';
}
//注意:我在数组边界之外添加一个字符
arr [i] =''\ 0'';
next [i] =''\ 0'';
//这导致分段错误
delete [] arr;
}
我在Red Hat Linux上用3.2.2编译了这个英特尔i686上的9。当我运行
程序时,只有当数组大小为奇数
的4倍时,它才会给我一个分段错误。我的猜测是它与word有关对准。但是,
到底发生了什么?
感谢您的帮助,
Vishal Grover
开发商
Trilogy Software Inc.
Vishal Grover写道:
大家好,
我看到一些我觉得很奇怪的行为,我很想得到一个
解释。我有以下程序。
#include< iostream>
#include< cstdlib>
使用命名空间std;
int main(int argc,char ** argv){
if(argc< 2){
return -1;
}
int value = atoi(argv [1]);
char * arr = new char [value];
//除非next是数组否则不会出现分段错误。
char * next = new char [value];
int i = 0;
for(i = 0; i< value; i ++){
arr [i] =''a'';
next [i ] ='''';
}
//注意:我在数组边界之外添加一个字符
如果你知道这个,为什么你呢惊讶于程序没有表现好
好吗?
arr [i] =''\ 0'';
next [i] =' '\0'';
//导致分段错误
删除[] arr;
我在Red Hat上用3.2.2编译了这个英特尔i686上的Linux 9。当我运行
程序时,只有当数组大小为奇数的4倍时才会给出分段错误。
这是完全可以接受的具有未定义行为的程序的行为。
我的猜测是它与单词对齐有关。但是,究竟发生了什么呢?
未定义的行为。
感谢您的帮助,
Vishal Grover
开发人员
Trilogy Software Inc.
我正在考虑记下这家公司的名字,所以我可以肯定
永远不会从他们那里购买软件......你能解释一下*为什么*你是什么?b $ b故意在你的代码中溢出一个数组,以便恢复我对软件行业的一些信心?
-Kevin
-
我的电子邮件地址有效,但会定期更改。
要联系我,请使用最近发布的地址。
" Vishal Grover" < 6 *********** @ rediffmail.com>在留言中写道
新闻:a6 ************************** @ posting.google.c om ...大家好,
我看到一些我觉得很奇怪的行为,我很好奇
得到一个解释。我有以下程序。
#include< iostream>
#include< cstdlib>
使用命名空间std;
int main(int argc,char ** argv){
if(argc< 2){
return -1;
}
int value = atoi(argv [1]);
char * arr = new char [value];
//除非next是数组否则不会出现分段错误。
char * next = new char [value];
int i = 0;
for(i = 0; i< value; i ++){
arr [i] =''a'';
next [i ] ='''';
}
//注意:我在数组边界之外添加一个字符
但为什么?你还没有足够的空间来写另一个额外的
字符。
字符串以空字符结尾但是你需要为
$分配空间b $ b那个空字符
也。我希望你知道。
考虑到这一点 -
char * arr = new char [value + 1];
char * next = new char [value + 1];
应该会得到你想要的结果。
HTH,
J.Schafer
Kevin Goodsell
//注意:我在阵列边界之外添加了一个字符
如果你知道这个,你为什么对这个程序表现不好感到惊讶?
因为,这是我编写的用于调查错误的测试用例。我没有质疑程序表现不好的事实。
我的问题
是为什么每个输入值的行为不均匀。
我用3.2编译了这个.2在英特尔i686上的Red Hat Linux 9上。当我运行
程序时,只有当数组大小是4的奇数倍时,它才会给我一个分段错误。
这是完全可以接受的具有未定义行为的程序的行为。
我声称这种行为是不可接受的。我正在寻找
来解释这种行为。
我的猜测是它与字对齐有关。但是,
到底发生了什么?
未定义的行为。
没有机器或编译器,至少非量子的,具有非确定性的行为,给出完整的系统知识。如果你没有得到问题,我正在寻找一个洞察一个流行的
编译器如gcc如何处理未定义的行为。
我正在考虑记下这家公司的名字,所以我可以肯定
永远不会从他们那里购买软件......你能解释一下*为什么*你是故意溢出一个阵列在你的代码中,为了恢复我对软件行业的一些信心?
从什么时候开始做一个不好的做法,写一个测试案例来研究一个潜力
bug?根据我在这封邮件中给出的内容,您无权质疑我公司制作的软件的质量。如果你不能给b $ b提供一个体面的答案,或者即使这不是一个问问
问题的合适地方,你绝对没有权利粗鲁和做出这样的判断
陈述。
-Kevin
非常感谢Kevin,我不会发帖关于这个
列表的任何其他问题
Vishal
Hello Everyone,
I am seeing a certain behaviour which I find strange, and am curious to get an
explanation to it. I have the following program.
#include <iostream>
#include <cstdlib>
using namespace std;
int main(int argc, char ** argv) {
if(argc<2) {
return -1;
}
int value = atoi(argv[1]);
char * arr = new char[value];
// No segmentation fault unless next is an array.
char * next = new char[value];
int i = 0;
for(i=0; i<value; i++) {
arr[i] = ''a'';
next[i] = ''a'';
}
// NOTE: I am adding a char beyond the array boundary
arr[i]=''\0'';
next[i]=''\0'';
// This causes a segmentation fault
delete [] arr;
}
I compiled this with 3.2.2 on Red Hat Linux 9 on an Intel i686. When I run the
program, it gives me a Segmentation fault only when the array size is an odd
multiple of 4. My guess is it has something to do with word alignment. But, what
exactly is happening here?
Thanks for your help,
Vishal Grover
Developer
Trilogy Software Inc.
Vishal Grover wrote:
Hello Everyone,
I am seeing a certain behaviour which I find strange, and am curious to get an
explanation to it. I have the following program.
#include <iostream>
#include <cstdlib>
using namespace std;
int main(int argc, char ** argv) {
if(argc<2) {
return -1;
}
int value = atoi(argv[1]);
char * arr = new char[value];
// No segmentation fault unless next is an array.
char * next = new char[value];
int i = 0;
for(i=0; i<value; i++) {
arr[i] = ''a'';
next[i] = ''a'';
}
// NOTE: I am adding a char beyond the array boundary
If you know this, why are you surprised that the program doesn''t behave
well?
arr[i]=''\0'';
next[i]=''\0'';
// This causes a segmentation fault
delete [] arr;
}
I compiled this with 3.2.2 on Red Hat Linux 9 on an Intel i686. When I run the
program, it gives me a Segmentation fault only when the array size is an odd
multiple of 4.
That''s perfectly acceptable behavior for a program with undefined behavior.
My guess is it has something to do with word alignment. But, what
exactly is happening here?
Undefined behavior.
Thanks for your help,
Vishal Grover
Developer
Trilogy Software Inc.
I''m considering making a note of this company''s name so I can be sure
never to buy software from them... Can you explain *why* you are
intentionally overflowing an array in your code, in order to restore
some of my confidence in the software industry?
-Kevin
--
My email address is valid, but changes periodically.
To contact me please use the address from a recent posting.
"Vishal Grover" <vi***********@rediffmail.com> wrote in message
news:a6**************************@posting.google.c om...Hello Everyone,
I am seeing a certain behaviour which I find strange, and am curious to get an explanation to it. I have the following program.
#include <iostream>
#include <cstdlib>
using namespace std;
int main(int argc, char ** argv) {
if(argc<2) {
return -1;
}
int value = atoi(argv[1]);
char * arr = new char[value];
// No segmentation fault unless next is an array.
char * next = new char[value];
int i = 0;
for(i=0; i<value; i++) {
arr[i] = ''a'';
next[i] = ''a'';
}
// NOTE: I am adding a char beyond the array boundary
But why? You haven''t allocated enough space to write another extra
character.
Strings do end with a null character but then you need to allocate space for
that null character
also. I hope you know that.
Taking that into consideration -
char * arr = new char[value + 1];
char * next = new char[value + 1];
should be what would get you the desired result.
HTH,
J.Schafer
Kevin Goodsell
// NOTE: I am adding a char beyond the array boundary
If you know this, why are you surprised that the program doesn''t behave
well?
Because, this is a test case which I had written to investigate a bug. I am
not questioning the fact that the program doesn''t behave well. My question
is why isn''t the behaviour not uniform for each input value.
I compiled this with 3.2.2 on Red Hat Linux 9 on an Intel i686. When I run the
program, it gives me a Segmentation fault only when the array size is an odd
multiple of 4.
That''s perfectly acceptable behavior for a program with undefined behavior.
Nowhere have I claimed that the behaviour is not acceptable. I am just looking
for an explanation for the behaviour.
My guess is it has something to do with word alignment. But, what
exactly is happening here?
Undefined behavior.
No machine or compiler, at least the non-quantum ones, has a non-deterministic
behaviour, given perfect knowledge about the system. In case you did not
get the question, I was looking for an insight on how does a popular
compiler like gcc handle undefined behaviour.
I''m considering making a note of this company''s name so I can be sure
never to buy software from them... Can you explain *why* you are
intentionally overflowing an array in your code, in order to restore
some of my confidence in the software industry?
Since when is it a bad practice, to write a test case to investigate a potential
bug? You have no right to question the quality of software that
my company makes, based on what I has been given in this mail. If you can''t
supply a decent answer, or even if this is not the right place to ask the
question, you have absolutely no right to be rude and make such judgemental
statements.
-Kevin
Thank you very much Kevin, I will not be posting any further questions on this
list
Vishal
这篇关于有选择地在内存覆盖上获取分段错误。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
