当你写出来的内存数组的边界会发生什么？ [英] What happens when you write to memory out of bounds of an array?

问题描述

在最近的测试问题，有人问我打印以下程序的输出。我得到了答案正确但这一计划引起了我显著的精神痛苦，因为我不知道写内存超出数组边界时的行为是什么。

On a recent test question I was asked to print the output of the following program. I got the answer correct however this program caused me significant mental anguish as I didn't know what the behavior would be when writing to memory that is out of bounds of an array.

下面是根据有关程序，意见是我的笔记：

Here is the program under question, the comments are my notes:

#include <stdio.h>

#define MAX 4

void RecordArgs(int x);

int main()
{
    RecordArgs(1);
    RecordArgs(7);
    RecordArgs(-11);
    return 0;
}

void RecordArgs(int x)
{
    static int i = 0;
    int call_count = 0;
    int arg_history[MAX] = {0};
    if (call_count == MAX)
    {
        # call_count is not static and is initialized to 0 on each call
        # as a result, under no circumstance can call_count == MAX and
        # this printf is never executed
        printf("Too many calls to RecordArgs\n");
    }
    else
    {
        # index out of bounds on second/third call (i + call_count will be 4??)  
        arg_history[i + call_count] = x;
        ++call_count;
        ++i;
        for (i = 0; i < MAX; ++i)
            printf("%d ", arg_history[i]);
        printf("\n");
    }
}

和预期的输出：

1 0 0 0
0 0 0 0
0 0 0 0

当RecordArgs称为哪里7和-11的值被写入在第二和第三次？我试着编译它根据不同的设置，看看我是否能得到它两个写的东西不应该但一切我试过导致了精确的输出W / O任何段错误。

When RecordArgs is called the second and third times where does the 7 and -11 values get written? I tried compiling it under different settings to see if I could get it two write to something it shouldn't but everything I've tried has resulted in that exact output w/o any segfaults.

推荐答案

拓展上Patashu的评论，<一个href=\"http://en.wikipedia.org/wiki/Segmentation_fault#Segmentation.2C_page_fault.2C_and_access_violation\"相对=nofollow> 当你从一个页面中的内存的权限页面相冲突的方式访问内存发生段故障。换句话说，当你访问一个内存页，你不许一个方式，他们发生。什么是可能在您的情况发生的是，你是哪个 arg_history 存储，对此你显然有权读取和写入同一页内还是内存访问。

Expanding on Patashu's comment, segmentation faults occur when you access memory from a page in a way which clashes with the page of memory's permissions. In other words, they occur when you access a page of memory in a way that you're not allowed to. What's possibly occurring in your situation is that you are accessing memory still within the same page on which arg_history is stored, for which you obviously have permission to read and write.

另一种可能的情况是，保存的页面之后你工作的人有允许相同的权限，您可以访问它以同样的方式。

Another possible scenario is that the page of memory right after the one you're working on has the same permissions which allow you to access it the same way.

在任何情况下，这是C.不确定的行为虽然你见证预期的结果，这不应该指示你该程序是正确的。其实，这是一种情况，其中一个超出边界错误可能被忽视，如果它不会导致分段错误。

In any case, this is undefined behavior in C. Although you witness "expected results," that should not indicate to you that the program is correct. In fact, this is a circumstance in which an out-of-bounds error could potentially go unnoticed, if it doesn't cause a segmentation fault.

这篇关于当你写出来的内存数组的边界会发生什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！