`malloc()` 刚刚分配的内存的内容是什么? [英] What are the contents of the memory just allocated by `malloc()`?

问题描述

我很好奇在 malloc() 用于分配内存空间之后，指针究竟是什么?手册页告诉我 calloc() 将分配的内存空间初始化为零.

<块引用>

malloc() 函数分配 size 字节并返回一个指向已分配内存的指针.内存未初始化.如果 size 为 0，则 malloc() 返回 NULL，或稍后可以成功传递给 free() 的唯一指针值.

和

<块引用>

calloc() 函数为每个大小字节的 nmemb 元素数组分配内存并返回一个指向分配内存的指针.内存设置为零.如果 nmemb 或size 为 0，然后 calloc() 返回 NULL 或稍后可以返回的唯一指针值成功传递给free().

我为自己创建了一个非常简短的 C 示例程序，用于 C(哈哈):

int main() {字符 *dynamic_chars;未签名金额；printf("你要分配多少字节?
");scanf("%d", &amount);dynamic_chars = (char*)malloc(amount*sizeof(char));printf("已分配:
%s
", dynamic_chars);免费(动态字符)；返回0；

}

但是，当执行此代码时，它什么也不输出.如果我自己初始化内存，例如使用循环使用 0xFFFF 初始化每个字节，那么程序会向我显示我所期望的.内存空间实际上是存在的，因为我不会收到声称我正在尝试访问未初始化的变量的错误消息.

由于内存空间通常不会被删除但被标记为可重写我想知道通过执行我的程序，我是否应该能够看到以前随机使用的内存字节?但是我什么都看不到，所以我真的很困惑 malloc() 究竟是如何工作的.

编辑1

关于 malloc() 的另一件事或者可能是一般的内存使用情况，这对我的程序很有趣:如果我使用 calloc() 来分配内存，我可以跟踪程序的实际内存使用情况，例如监控它.例如，如果我告诉我的程序，为每个 calloc() 分配 1.000.000.000 字节的内存，我将在我的系统监视器中看到以下内容:

时的内存消耗

正如您可能想象的那样，当使用 malloc() 时，我什么也看不到.我理解，仅仅通过分配内存，我当时并没有真正使用它，但我仍然对为什么我的操作系统(unix 衍生)不会识别它被使用感到困惑.由于 malloc() 就像 calloc() 一样将物理地址返回到我没有得到的内存位置，所以这个内存区域似乎实际上并没有被操作系统保留.否则我可以在系统监视器中看到它，对吗?如果我宁愿将此作为新问题发布，请告诉我.但我认为，由于问题仍然是关于 malloc() 的工作原理，它适合这里.

解决方案

不，malloc() 返回未初始化的内存，其内容是不确定的.因此，尝试使用该值调用 未定义行为.p>

引用C11，附件§J.2，未定义的行为

<块引用>

使用malloc函数分配的对象的值

在这种情况下，%s 需要一个以 null 结尾的 char 数组.但是，dynamic_chars 的内容是不确定的，因此很可能根本没有空终止符，这将导致超出范围的内存访问，进而调用 UB.

引用 C11，第 7.22.3.5 章，malloc 函数(强调我的):

<块引用>

malloc 函数为大小由 size 指定的对象分配空间，并且其值不确定.

也就是说，请参阅此讨论，了解为什么不强制转换 malloc() 的返回值和C 中的族..

I was curious about what exactly a pointer holds, after malloc() was used to allocate memory space? The manpage tells me that calloc() initializes the allocated memory space with zero.

The malloc() function allocates size bytes and returns a pointer to the allocated memory. The memory is not initialized. If size is 0, then malloc() returns either NULL, or a unique pointer value that can later be successfully passed to free().

and

The calloc() function allocates memory for an array of nmemb elements of size bytes each and returns a pointer to the allocated memory. The memory is set to zero. If nmemb or size is 0, then calloc() returns either NULL, or a unique pointer value that can later be successfully passed to free().

I created a really short example program in C, to C(haha) for myself:

int main() {
    char *dynamic_chars;
    unsigned amount;
    printf("how much bytes you want to allocate?
");
    scanf("%d", &amount);

    dynamic_chars = (char*)malloc(amount*sizeof(char));
    printf("allocated:
%s
", dynamic_chars);

    free(dynamic_chars);
    return 0;

}

However when executing this code, it just outputs nothing. If I initialize the memory my self for example initializing every single byte with 0xFFFF using a loop, then the program shows me exactly what I expect. The memory space actually exists, since I wont get an error claiming that I am trying to access uninitialized variables or so.

Since memory space is usually not deleted but marked as rewritable I wonder if by executing my program, shouldn't I be able to see random previously used Bytes of memory? But I wont see anything, so I am really confused about how exactly malloc() works.

EDIT1

Another thing about malloc() or maybe memory usage in general, that is interesting about my program: If I use calloc(), to allocate memory, I can trace the actual memory usage of my program, by e.g. monitoring it. For example, if I tell my program, to allocate 1.000.000.000 Bytes of memory per calloc() I will see the following in my System monitor:

As you can probably imagine, when using malloc(), I wont see nothing. I understand, that just by allocating memory, I am not really using it at that time, but I am still confused about why my operating system (unix derivate) won't recognize it as being used. Since malloc() just like calloc() returns a physical address to a memory location I don't get, how this memory area seems to be not actually reserved by the OS. Elsewise I could see it in the System Monitor right? If I should rather post this as a new question, please let me know. But I think since the question is still about how malloc() works it fits in here.

解决方案

No, malloc() returns uninitialized memory, the contents of which is indeterminate. So, attempt to use the value invokes undefined behavior.

Quoting C11, annex §J.2, Undefined behavior

The value of the object allocated by the malloc function is used

In this case, %s expects a null-terminated char array. However, the content of dynamic_chars is indeterminate, so there may very well be no null-terminator, at all, which will cause the out-of-bound memory access, which in turn invokes the UB.

Quoting C11, chapter §7.22.3.5, The malloc function (emphasis mine):

The malloc function allocates space for an object whose size is specified by size and whose value is indeterminate.

That said, please see this discussion on why not to cast the return value of malloc() and family in C..

这篇关于`malloc()` 刚刚分配的内存的内容是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！